钉钉扫码二维码登录OA系统
1.创建企业内部微应用
2.二维码前端实现及code获取
1).在页面中先引入如下js
<script src="https://g.alicdn.com/dingding/dinglogin/0.0.5/ddLogin.js"></script>
2).在需要使用钉钉登录的地方实例以下JS对象
/* * 解释一下goto参数,参考以下例子:
* var url = encodeURIComponent('http://localhost.me/index.php?test=1&aa=2');
* var goto = encodeURIComponent('https://oapi.dingtalk.com/connect/oauth2/sns_authorize?
*appid=appid&response_type=code&scope=snsapi_login&state=STATE&redirect_uri='+url)
*/
var obj = DDLogin({
id:"login_container",//这里需要你在自己的页面定义一个HTML标签并设置id,例如<div id="login_container"></div>或<span id="login_container"></span>
goto: "", //请参考注释里的方式
style: "border:none;",
width : "365",
height: "400" }); //width和height不代表二维码的大小,二维码的大小是固定的
3).判断是否来自钉钉扫码事件,获取loginTmoCode跳转到2)中goto的redirect_uri,并且会向redirect_uri后最近code和state两个参数
var handleMessage = function (event) {
var origin = event.origin; console.log("origin", event.origin);
if( origin == "https://login.dingtalk.com" ) {//判断是否来自ddLogin扫码事件。
var loginTmpCode = event.data; //拿到loginTmpCode后就可以在这里构造跳转链接进行跳转了
console.log("loginTmpCode", loginTmpCode);
}
};
if (typeof window.addEventListener != 'undefined') {
window.addEventListener('message', handleMessage, false);
} else if (typeof window.attachEvent != 'undefined') {
window.attachEvent('onmessage', handleMessage);
}
3.通过临时授权码(code)获取授权的个人信息
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.setTmpAuthCode("4a2c5695b78738d495f47b5fee9160cd");
OapiSnsGetuserinfoBycodeResponse response = client.execute(req,"yourAppId","yourAppSecret"); //yourAppId和yourAppSecret是创建扫码授权的appid和appsecret
返回结果{
"errcode": 0,
"errmsg": "ok",
"user_info": {
"nick": "张三",
"openid": "liSii8KCxxxxx",
"unionid": "7Huu46kk"
}
}
4.通过创建好微应用的appKey、appSecret获取access_token
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/gettoken");
OapiGettokenRequest request = new OapiGettokenRequest();
request.setAppkey("appkey"); //appkey和appsecret是企业内部创建微应用的appkey和appsecret
request.setAppsecret("appsecret");
request.setHttpMethod("GET");
OapiGettokenResponse response = client.execute(request);
返回结果:{
"errcode": 0,
"errmsg": "ok",
"access_token":
"fw8ef8we8f76e6f7s8df8s"
}
5.通过3步获取到的unionid和4步获取到的access_token获取userid
DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/user/getUseridByUnionid");
OapiUserGetUseridByUnionidRequest request = new OapiUserGetUseridByUnionidRequest();
request.setUnionid("M9Ar4MVQA4vk4iPRwIJdTXAiEiE");
request.setHttpMethod("GET");
OapiUserGetUseridByUnionidResponse response = client.execute(request, accessToken);
返回结果:{
"errcode": 0,
"errmsg": "ok",
"contactType": 0,
"userid": "userid1"
}
6.获取用户详情
DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/user/get");
OapiUserGetRequest request = new OapiUserGetRequest();
request.setUserid("zhangsan"); //第五步获取到的userid
request.setHttpMethod("GET");
OapiUserGetResponse response = client.execute(request, accessToken); //4步获取到的access_token
返回结果:{
"errcode": 0,
"unionid": "PiiiPyQqBNBii0HnCJ3zljcuAiEiE",
"remark": "remark",
"userid": "zhangsan",
"isLeaderInDepts": "{1:false}",
"isBoss": false,
"hiredDate": 1520265600000,
"isSenior": false,
"tel": "xxx-xxxxxxxx",
"department": [1,2],
"workPlace": "place",
"email": "test@xxx.com",
"orderInDepts": "{1:71738366882504}",
"mobile": "1xxxxxxxxxx",
"errmsg": "ok",
"active": false,
"avatar": "xxx",
"isAdmin": false,
"isHide": false,
"jobnumber": "001",
"name": "张三",
"extattr": {},
"stateCode": "86",
"position": "manager",
"roles": [
{
"id": 149507744,
"name": "总监",
"groupName": "职务"
}
]
}
这边需要对创建的应用进行授权才能获取到用户详情