npm - bjx-auth - Versions diffs - 1.0.0 - Mend

bjx-auth 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/dist/bjx-auth-api.es.js +2 -0
package/dist/bjx-auth-api.umd.js +2 -0
package/package.json +35 -0
package/readme.md +69 -0
package/src/config.js +59 -0
package/src/logger.js +15 -0
package/src/request/axios.js +67 -0
package/src/request/index.js +12 -0
package/src/request/passportapi.js +216 -0
package/src/request/sign/encrypt/index.js +7 -0
package/src/request/sign/encrypt/node.js +31 -0
package/src/request/sign/encrypt/web.js +31 -0
package/src/request/sign/hash/index.js +7 -0
package/src/request/sign/hash/node.js +14 -0
package/src/request/sign/hash/web.js +18 -0
package/src/request/sign/index.js +59 -0
package/src/request/sign/publicPem.js +45 -0
package/src/request/sign/reqEncrypt.js +16 -0
package/src/request/sign/reqSginOld.js +89 -0
package/src/request/sign/reqSign.js +80 -0
package/src/request/userInfo.js +72 -0
package/src/strategy/handle.js +56 -0
package/src/strategy/handleDemo.js +49 -0
package/src/strategy/index.js +9 -0
package/src/strategy/strategy.js +186 -0
package/src/strategy/utils.js +265 -0

package/src/request/passportapi.js ADDED Viewed

@@ -0,0 +1,216 @@
+const { passportapi } = require('./axios')
+const { getReqBody } = require('./sign')
+//https://passportapi.bjx.com.cn/swagger/swagger-ui/index.html#/
+/**
+ * nodejs授权
+ */
+async function token(opts, signObj = {}) {
+  opts.data = await getReqBody(null, false, signObj)
+  return passportapi({
+    url: '/api/v1/token/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+async function tokenRefresh(opts, signObj = {}) {
+  opts.data = await getReqBody(null, false, signObj)
+  return passportapi({
+    url: '/api/v1/token/refresh/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+async function getToken(opts, signObj) {
+  if (opts.__isRefresh__) {
+    return tokenRefresh(opts, signObj)
+  } else {
+    return token(opts, signObj)
+  }
+}
+/**
+ * 其他接口
+ */
+// 短信登录
+async function loginSms(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/login/sms/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 密码登录
+async function loginPwd(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/login/pwd/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 短信注册
+async function registerSms(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/register/sms/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 账户登出 (set-cookie + 返回clear_cache回调地址)
+async function logout(opts, signObj = {}) {
+  opts.data = await getReqBody(null, false, signObj)
+  return passportapi({
+    url: '/api/v1/logout/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 快速登录/注册
+async function loginSmsQuick(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/login/sms/quick/web',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 设置用户身份
+async function userBusmold(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, false, signObj)
+  return passportapi({
+    url: '/api/v1/user/busmold/seekers/set',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 根据手机号判断用户是否存在
+async function userExist(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, false, signObj)
+  return passportapi({
+    url: '/api/v1/user/exist/phone',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 找回密码前验证码
+async function pwdResetVerify(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/user/pwd/reset/verify',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 找回密码
+async function pwdReset(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/user/pwd/reset',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 获取公众号二维码
+async function wxpubCode(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, false, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/wxpub/qrcode',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 公众号扫码登录
+async function wxpubScan(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, false, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/wxpub/scan/login',
+    method: 'POST',
+    ...opts,
+  })
+}
+// 公众号登录后绑定
+async function wxpubBindLogin(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/wxpub/scan/bindlogin',
+    method: 'POST',
+    ...opts,
+  })
+}
+async function wxpubH5Code(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, false, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/wxpub/h5/getcode',
+    method: 'POST',
+    ...opts,
+  })
+}
+async function wxpubH5BindLogin(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/wxpub/h5/bindlogin',
+    method: 'POST',
+    ...opts,
+  })
+}
+async function webappCode(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, false, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/webapp/code',
+    method: 'POST',
+    ...opts,
+  })
+}
+async function webappBindLogin(opts, signObj = {}) {
+  opts.data = await getReqBody(opts.data, true, signObj)
+  return passportapi({
+    url: '/api/v1/wechat/webapp/bindlogin',
+    method: 'POST',
+    ...opts,
+  })
+}
+exports = module.exports = {
+  getToken,
+  loginSms,
+  loginPwd,
+  registerSms,
+  logout,
+  loginSmsQuick,
+  userBusmold,
+  userExist,
+  pwdResetVerify,
+  pwdReset,
+  wxpubCode,
+  wxpubScan,
+  wxpubBindLogin,
+  wxpubH5Code,
+  wxpubH5BindLogin,
+  webappCode,
+  webappBindLogin,
+}

package/src/request/sign/encrypt/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+let hashImpl
+if (process.env.USE_ENV === 'web') {
+  hashImpl = require('./web')
+} else {
+  hashImpl = require('./node')
+}
+module.exports = hashImpl

package/src/request/sign/encrypt/node.js ADDED Viewed

@@ -0,0 +1,31 @@
+const crypto = require('crypto')
+function encryptRSA(str, publicPem) {
+  if (!publicPem) throw new Error('publicPem is required')
+  const dataBuffer = Buffer.from(str, 'utf8')
+  const encrypted = crypto.publicEncrypt(
+    {
+      key: publicPem,
+      padding: crypto.constants.RSA_PKCS1_PADDING,
+    },
+    dataBuffer,
+  )
+  return encrypted.toString('base64')
+}
+function encryptAES(str) {
+  const iv = crypto.randomBytes(16) // 密匙和IV一致
+  const key = iv
+  const cipher = crypto.createCipheriv('aes-128-cbc', key, iv)
+  let encrypted = cipher.update(str, 'utf8', 'base64')
+  encrypted += cipher.final('base64')
+  return {
+    iv: iv.toString('hex'),
+    encrypted,
+  }
+}
+exports = module.exports = {
+  encryptRSA,
+  encryptAES,
+}

package/src/request/sign/encrypt/web.js ADDED Viewed

@@ -0,0 +1,31 @@
+const JSEncrypt = require('jsencrypt')
+const AES = require('crypto-js/aes')
+const WordArray = require('crypto-js/lib-typedarrays')
+const Pkcs7 = require('crypto-js/pad-pkcs7')
+const Hex = require('crypto-js/enc-hex')
+function encryptRSA(str, publicPem) {
+  if (!publicPem) throw new Error('publicPem is required')
+  const encryptor = new JSEncrypt()
+  encryptor.setPublicKey(publicPem)
+  const encrypted = encryptor.encrypt(str)
+  return encrypted
+}
+function encryptAES(str) {
+  const iv = WordArray.random(16) // 密匙和IV一致
+  const key = iv
+  const encrypted = AES.encrypt(str, key, {
+    iv,
+    padding: Pkcs7,
+  })
+  return {
+    iv: iv.toString(Hex),
+    encrypted: encrypted.toString(),
+  }
+}
+exports = module.exports = {
+  encryptRSA,
+  encryptAES,
+}

package/src/request/sign/hash/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+let hashImpl
+if (process.env.USE_ENV === 'web') {
+  hashImpl = require('./web')
+} else {
+  hashImpl = require('./node')
+}
+module.exports = hashImpl

package/src/request/sign/hash/node.js ADDED Viewed

@@ -0,0 +1,14 @@
+const crypto = require('crypto')
+function hashHS256(str, key) {
+  return crypto.createHmac('sha256', key).update(str).digest('base64')
+}
+function hashMD5(str) {
+  return crypto.createHash('md5').update(str).digest('hex').toUpperCase()
+}
+exports = module.exports = {
+  hashHS256,
+  hashMD5,
+}

package/src/request/sign/hash/web.js ADDED Viewed

@@ -0,0 +1,18 @@
+const HmacSHA256 = require('crypto-js/hmac-sha256')
+const Base64 = require('crypto-js/enc-base64')
+const MD5 = require('crypto-js/md5')
+const Hex = require('crypto-js/enc-hex')
+function hashHS256(str, key) {
+  return HmacSHA256(str, key).toString(Base64)
+}
+function hashMD5(str) {
+  return MD5(str).toString(Hex)
+}
+exports = module.exports = {
+  hashHS256,
+  hashMD5,
+}

package/src/request/sign/index.js ADDED Viewed

@@ -0,0 +1,59 @@
+const reqSign = require('./reqSign')
+const reqEncrypt = require('./reqEncrypt')
+const reqSginOld = require('./reqSginOld')
+async function getReqBody(data, isEncrypt, opts) {
+  let {
+    eqp = '',
+    os = '',
+    ba = '',
+    bp = '',
+    ver = '',
+    apiVersion = '',
+    signVersion = '',
+    clientId = '',
+    clientSecret = '',
+    ctx,
+  } = opts || {}
+  if (ctx) {
+    if (!eqp) {
+      eqp = ctx.uuid
+    }
+    if (!os) {
+      eqp = ctx.isMobi ? 2 : 1
+    }
+    if (!ba) {
+      ba = ctx.query.ba
+    }
+    if (!bp) {
+      bp = ctx.query.bp
+    }
+  }
+  const obj = {
+    eqp,
+    os,
+    ba,
+    bp,
+    ver,
+    apiVersion,
+    signVersion,
+    clientId,
+    clientSecret,
+  }
+  if (isEncrypt && data && Object.keys(data).length > 0) {
+    obj.data = await reqEncrypt(data)
+  } else {
+    obj.data = data || {}
+  }
+  return reqSign(obj)
+}
+exports = module.exports = {
+  reqSign,
+  reqEncrypt,
+  getReqBody,
+  ...reqSginOld,
+}

package/src/request/sign/publicPem.js ADDED Viewed

@@ -0,0 +1,45 @@
+const reqSign = require('./reqSign')
+const { passportapi } = require('../axios')
+const { errorLogger } = require('../../logger')
+// 获取公钥
+let publicPemCache = null
+async function getPublicPem() {
+  if (publicPemCache && publicPemCache.expiresAt > Date.now()) {
+    return publicPemCache.value
+  }
+  let body = reqSign()
+  try {
+    const { data } = await passportapi({
+      url: '/api/v1/common/config/security',
+      method: 'POST',
+      data: body,
+    })
+    if (data.isError === false) {
+      publicPemCache = {
+        value: `-----BEGIN PUBLIC KEY-----\n${data.data.rsaPubkey}\n-----END PUBLIC KEY-----`,
+        expiresAt: Date.now() + 8 * 3600 * 1000,
+      }
+      return publicPemCache.value
+    } else {
+      throw new Error(data.error)
+    }
+  } catch (error) {
+    errorLogger(error)
+  }
+}
+function clearPublicPemCache() {
+  publicPemCache = null
+}
+function hasPublicPemCache() {
+  return !!publicPemCache
+}
+exports = module.exports = {
+  getPublicPem,
+  clearPublicPemCache,
+  hasPublicPemCache,
+}

package/src/request/sign/reqEncrypt.js ADDED Viewed

@@ -0,0 +1,16 @@
+const { getPublicPem } = require('./publicPem')
+const { encryptRSA, encryptAES } = require('./encrypt')
+async function getReqEncrypt(data) {
+  if (!data) throw new Error('data is required')
+  const publicPem = await getPublicPem()
+  const dataStr = JSON.stringify(data)
+  const { encrypted, iv } = encryptAES(dataStr)
+  const encryptedIv = encryptRSA(iv, publicPem)
+  return {
+    akaParams: encrypted,
+    secretKey: encryptedIv,
+  }
+}
+exports = module.exports = getReqEncrypt

package/src/request/sign/reqSginOld.js ADDED Viewed

@@ -0,0 +1,89 @@
+const { hashMD5 } = require('./hash')
+const config = require('../../config')
+function getReqSign(params, ...moreParams) {
+  if (typeof params === 'string') {
+    params = {
+      EQP: params || '',
+      OS: moreParams[0] || '',
+      BA: moreParams[1] || '',
+      BP: moreParams[2] || '',
+    }
+  }
+  let { EQP, OS, BA, BP, Ver, ctx } = params || {}
+  if (ctx) {
+    if (!EQP) {
+      EQP = ctx.uuid
+    }
+    if (!OS) {
+      OS = ctx.isMobi ? 2 : 1
+    }
+    if (!BA) {
+      BA = ctx.query.ba
+    }
+    if (!BP) {
+      BP = ctx.query.bp
+    }
+  }
+  const obj = {
+    EQP: EQP || config.eqp || '',
+    OS: OS || config.os * 1 || 1,
+    BA: BA || config.ba || '',
+    BP: BP || config.bp || '',
+    Ver: Ver || config.ver || '1.0.0',
+    TS: Date.now(),
+  }
+  const secret = 'bjxstat2019'
+  const signStr = `EQP=${obj.EQP}&OS=${obj.OS}&BA=${obj.BA}&BP=${obj.BP}&Ver=${obj.Ver}&TS=${obj.TS}+${secret}`
+  const Sign = hashMD5(signStr).toUpperCase()
+  return Object.assign(obj, { Sign })
+}
+function getReqSign2(params, ...moreParams) {
+  if (typeof params === 'string') {
+    params = {
+      EQP: params || '',
+      OS: moreParams[0] || '',
+      BA: moreParams[1] || '',
+      BP: moreParams[2] || '',
+      XAppId: moreParams[3] || '',
+    }
+  }
+  let { EQP, OS, BA, BP, Ver, XAppId, ctx } = params || {}
+  if (ctx) {
+    if (!EQP) {
+      EQP = ctx.uuid
+    }
+    if (!OS) {
+      OS = ctx.isMobi ? 2 : 1
+    }
+    if (!BA) {
+      BA = ctx.query.ba
+    }
+    if (!BP) {
+      BP = ctx.query.bp
+    }
+  }
+  const obj = {
+    EQP: EQP || config.eqp || '',
+    OS: OS || config.os * 1 || 1,
+    BA: BA || config.ba || '',
+    BP: BP || config.bp || '',
+    Ver: Ver || config.ver || '1.0.0',
+    TS: Date.now(),
+    XAppId: XAppId || config.clientId || '',
+  }
+  const secret = '%SiGn2021!@#'
+  const signStr = `EQP=${obj.EQP}&OS=${obj.OS}&BA=${obj.BA}&BP=${obj.BP}&Ver=${obj.Ver}&TS=${obj.TS}&XAppId=${obj.XAppId}+${secret}`
+  const Sign = hashMD5(signStr).toUpperCase()
+  return Object.assign(obj, { Sign })
+}
+exports = module.exports = {
+  getReqSign,
+  getReqSign2,
+}

package/src/request/sign/reqSign.js ADDED Viewed

@@ -0,0 +1,80 @@
+const { hashHS256 } = require('./hash')
+const config = require('../../config')
+// 请求签名相关
+function sortData(data) {
+  if (Object.prototype.toString.call(data) === '[object Object]') {
+    return Object.keys(data)
+      .sort() // 默认情况下 sort 会按字典顺序（ASCII 顺序）进行排序
+      .reduce((newObj, key) => {
+        newObj[key] = sortData(data[key])
+        return newObj
+      }, {})
+  } else if (Object.prototype.toString.call(data) === '[object Array]') {
+    return data.map((item) => sortData(item))
+  } else {
+    return data
+  }
+}
+function objToStr(data) {
+  let dataArr = []
+  Object.entries(data).map(([key, value]) => {
+    if (value === undefined || value === '' || value === null) {
+    } else {
+      if (
+        Object.prototype.toString.call(value) === '[object Array]' ||
+        Object.prototype.toString.call(value) === '[object Object]'
+      ) {
+        dataArr.push(`${key}=${encodeURIComponent(JSON.stringify(value))}`)
+      } else {
+        dataArr.push(`${key}=${encodeURIComponent(value)}`)
+      }
+    }
+  })
+  return dataArr.join('&')
+}
+function signFn(data, signKey) {
+  const sorted = sortData(data)
+  const dataStr = objToStr(sorted)
+  const sign = hashHS256(dataStr, signKey)
+  return {
+    ...data,
+    sign,
+  }
+}
+function getReqSign(params, signKey) {
+  const {
+    eqp,
+    os,
+    ba,
+    bp,
+    ver,
+    apiVersion,
+    signVersion,
+    clientId,
+    clientSecret,
+    data = {},
+  } = params || {}
+  const obj = {
+    eqp: eqp || config.eqp || '',
+    os: os * 1 || config.os * 1 || 1,
+    ba: ba || config.ba || '',
+    bp: bp || config.bp || '',
+    ver: ver || config.ver || '1.0.0',
+    ts: Date.now(),
+    apiVersion: apiVersion || config.apiVersion || '1.0.0',
+    signVersion: signVersion || config.signVersion || 'V1',
+    clientId: clientId || config.clientId || '',
+    clientSecret: clientSecret || config.clientSecret || '',
+    data,
+  }
+  signKey = signKey || config.signKey
+  const res = signFn(obj, signKey)
+  return res
+}
+exports = module.exports = getReqSign

package/src/request/userInfo.js ADDED Viewed

@@ -0,0 +1,72 @@
+const { auth, enterpriseapi } = require('./axios')
+const { getReqSign } = require('./sign')
+/**
+ * nodejs授权
+ */
+async function baseInfo(opts, signObj = {}) {
+  opts.data = { ...opts.data, ...getReqSign(signObj) }
+  return auth({
+    url: '/api/User/' + opts.__type__,
+    method: 'POST',
+    ...opts,
+  })
+}
+async function userInfo(opts, signObj = {}) {
+  opts.data = { ...opts.data, ...getReqSign(signObj) }
+  return enterpriseapi({
+    url: '/enterprise/user/userInfo',
+    method: 'POST',
+    ...opts,
+  }).then((res) => {
+    const { data: rsp_obj } = res
+    res.data = {
+      HttpStatusCode: rsp_obj.code,
+      Error: rsp_obj.errMsg,
+      IsError: !rsp_obj.success,
+      Data:
+        rsp_obj.data && Object.keys(rsp_obj.data).length
+          ? {
+              HasCompany: rsp_obj.data.hasCompanyState > 0, // BaseInfoV1和BaseInfo的差别
+              Id: rsp_obj.data.id || '',
+              UId: rsp_obj.data.userId || 0,
+              UserName: rsp_obj.data.userName || '',
+              NickName: rsp_obj.data.nickName || '',
+              Email: rsp_obj.data.userEmail || '',
+              EmailIsCheck: rsp_obj.data.emailCheckState > 0,
+              RegionCode: rsp_obj.data.regionCode || '',
+              Phone: rsp_obj.data.userPhone || '',
+              PhoneIsCheck: rsp_obj.data.phoneCheckState > 0,
+              HeadUrl: rsp_obj.data.headUrl || '',
+              BackImage: rsp_obj.data.backImage || '',
+              BriefIntro: rsp_obj.data.briefIntro || '',
+              Industry: rsp_obj.data.industryId || 0,
+              Source: rsp_obj.data.registerSource || 0,
+              ShowName: rsp_obj.data.showName || '',
+              HeadIsDef: rsp_obj.data.headDefState > 0,
+              Nick: rsp_obj.data.nick || '',
+              NickShowName: rsp_obj.data.nickShowName || '',
+              RegDate: rsp_obj.data.registerDate || '',
+            }
+          : {},
+    }
+    return res
+  })
+}
+async function getUserInfo(opts, signArr) {
+  const typeArr = ['BaseInfo', 'BaseInfoV1', 'ExtendInfo', 'userInfo']
+  if (!typeArr.includes(opts.__type__)) {
+    opts.__type__ = typeArr[0]
+  }
+  if (opts.__type__ === 'userInfo') {
+    return userInfo(opts, signArr)
+  } else {
+    return baseInfo(opts, signArr)
+  }
+}
+exports = module.exports = {
+  getUserInfo,
+}