阿里钉钉开发免登企业内部应用中踩到的那些儿坑

    先弄清楚钉钉企业内部应用开发接入需要用哪些参数

    CorpId:ding90f4b067a0adfd23456c2f4657eb87wkd   //获取地址 https://open-dev.dingtalk.com/#/index

    创建微应用 https://open-dev.dingtalk.com/#/appList   获取以下3个参数

    AgentId:258218550
    AppKey:dingbbikazkr7q2kh8s2
    AppSecret:G7L53vvywPA3wQh5WogD3brAwjoZaRs6v128dhGvhj-0hzNjWtugY6NFRRwkjhs_

    老版和新版本这里有区别,容易入坑

    老版CorpId对应新版AppKey

    老版CorpSecret对应AppSecret

    <?php
    //钉钉参数设置 封装
    //$access_token[access_token]获取函数
    function curl_http_request($href, $method = 0, $post_data = null, $cookie = null) {
    if (isset($post_data) && is_string($post_data) && strlen($post_data) > 0) $post_fields = $post_data;
    else if (isset($post_data) && is_array($post_data) && count($post_data) > 0) $post_fields = http_build_query($post_data, null, '&', PHP_QUERY_RFC3986);
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $href);
    curl_setopt($ch, CURLOPT_TIMEOUT, 10);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_POST, $method);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    if (isset($post_fields)) curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
    if (isset($cookie)) curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    $result = curl_exec($ch);
    $curl_info = curl_getinfo($ch);
    $info = $curl_info['url'] . '|' . $curl_info['http_code'] . '|' . $curl_info['total_time'];
    $header_size = $curl_info['header_size'];
    $header = substr($result, 0, $header_size);
    $body = substr($result, $header_size);
    $success = true;
    $uri = $_SERVER["REQUEST_URI"];
    if ($curl_info['http_code'] == 0 || $curl_info['http_code'] >= 400) {
    $success = false;
    }
    curl_close($ch);
    if ($success) {
    return $body;
    }
    return false;
    }
    //$access_token[access_token]获取函数

    $randnum = md5(rand(10000000,99999999));
    define("OAPI_HOST", "https://oapi.dingtalk.com");
    define("CORPID", "$corpid");
    define("APPKEY", "$appkey");
    define("SECRET", "$appsecret");
    define("AGENTID", "$agentid");//必填,在创建微应用的时候会分配
    define("ENCODING_AES_KEY", "$randnum"); //加解密需要用到的token,普通企业可以随机填写,例如:123456
    define("TOKEN", "DC9F1B98D6A0737735E81SKJDE726375"); //数据加密密钥。用于回调数据的加密,长度固定为43个字符,从a-z, A-Z, 0-9共62个字符中选取,您可以随机生成

    $urltoken = "https://oapi.dingtalk.com/gettoken?appkey=$appkey&appsecret=$appsecret";

    //echo curl_http_request($urltoken)."<br>";
    $access_token = json_decode(curl_http_request($urltoken), true); //获取 access_token
    $access_token = $access_token[access_token]; //获取 access_token

    //CURL GET方式传参
    function get_curl($url) {
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    $output=curl_exec($ch);
    //print_r($output);
    //echo "<br>";
    $out_array = json_decode($output,true);
    curl_close($ch);
    return $out_array;
    }
    //CURL GET方式传参

    //CURL JSON方式传参
    function json_curl($url,$post_data) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json; charset=utf-8'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);
    //$post_data = '{"name": "钉钉事业部","parentid": "1","order": "","createDeptGroup": "true","deptHiding" : "true","deptPerimits" : "","userPerimits" : "","outerDept" : "true","outerPermitDepts" : "","outerPermitUsers" : ""}';
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    $output = curl_exec($ch);
    print_r($output);
    //echo "<br>";
    $out_array = json_decode($output,true);
    curl_close($ch);
    //echo $output."<br><br>";
    return $out_array;
    }
    //CURL JSON方式传参

    //CURL JSON方式传参 无输出
    function json_curl_noecho($url,$post_data) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json; charset=utf-8'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    $output = curl_exec($ch);
    $out_array = json_decode($output,true);
    curl_close($ch);
    return $out_array;
    }
    //CURL JSON方式传参 无输出
    ?>

    签名信息验证这里注意HTTP协议80端口和HPPTS协议443端口

    <!DOCTYPE html>
    <html>
    <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no">
    <title>获取钉钉用户信息</title>
    <script src="https://g.alicdn.com/dingding/open-develop/1.9.0/dingtalk.js" charset="utf-8"></script>
    <link rel="stylesheet" href="css/css-loader.css">
    </head>
    <body onLoad="dd.ready()">
    <div class="loader loader-double is-active"></div>
    <div align="center" style="width:100%; margin-top:30px; color:#66CC33; font-size:15px;">用户信息验证中,请稍后...</div>
    <?php
    function get_current_page_url() { //去除域名中的80和443端口号
    $pageURL = 'http';

    if (array_key_exists('HTTPS', $_SERVER) && $_SERVER["HTTPS"] == "on") {
    $pageURL .= "s";
    }
    $pageURL .= "://";

    if ($_SERVER["SERVER_PORT"] != "80"&&$_SERVER["SERVER_PORT"] != "443") {
    $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
    } else {
    $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
    }
    return $pageURL;
    }
    $href = get_current_page_url();

    require_once("ding_curl.php"); //封装文件

    $corpid = CORPID;
    $appsecret = SECRET;

    $urlticket = "https://oapi.dingtalk.com/get_jsapi_ticket?access_token=".$access_token;

    //echo curl_http_request($urlticket);
    $ticket = json_decode(curl_http_request($urlticket), true); //获取 ticket
    //print_r($ticket);
    $ticket = $ticket[ticket]; //获取 ticket
    //echo $ticket;
    //if($ticket!=''){echo "JSAPI_TOKEN获取成功<br>";}else{{echo "JSAPI_TOKEN获取失败<br>";}}
    $nonceStr = ENCODING_AES_KEY;
    $timeStamp = time();
    $agentId = AGENTID;

    function sign($ticket, $nonceStr, $timeStamp, $href){
    $plain = 'jsapi_ticket=' . $ticket .
    '&noncestr=' . $nonceStr .
    '&timestamp=' . $timeStamp .
    '&url=' . $href;
    return sha1($plain);
    }

    $url = urldecode($href);
    $corpAccessToken = $access_token;
    if (!$corpAccessToken)
    {
    Log::e("[getConfig] ERR: no corp access token");
    }
    $ticket = $ticket;
    $signature = sign($ticket, $nonceStr, $timeStamp, $url);
    ?>
    <center>
    <?php //echo $href; //注意https协议,域名中会被加入:443端口?>
    <form action="check.php" id="ddform" method="post">
    <input type="hidden" value="" id="dcode" name="dcode">
    <input type="hidden" value="<?php echo $_GET[jumpurl];?>" id="jumpurl" name="jumpurl">
    <input type="hidden" value="<?php echo $_GET[parameter];?>" id="parameter" name="parameter">
    <input type="hidden" value="<?php echo $access_token;?>" id="acctoken" name="acctoken">
    </form>
    </center>
    <script>
    dd.config({
    agentId: '<?php echo $agentId;?>',
    corpId: '<?php echo $corpid;?>',
    timeStamp: '<?php echo $timeStamp;?>',
    nonceStr: '<?php echo $nonceStr;?>',
    signature: '<?php echo $signature;?>',
    jsApiList: [
    'runtime.info'
    ]
    });
    //alert(location.href); //输出地址
    dd.ready(function() {
    dd.runtime.permission.requestAuthCode({
    corpId: "corpid",
    onSuccess: function(result) {
    document.getElementById("dcode").value=result.code;
    document.getElementById("ddform").submit();
    },
    onFail : function(err) {
    document.write('<center><div style=\"margin-top:20px; color:#FF0000;\">验证失败!</div></center>');
    }

    });
    });
    dd.error(function(err) {
    alert('dd error: ' + JSON.stringify(err));
    // 可以在报错的时候进行提示或其他操作
    });
    </script>
    </body>
    </html>

    1、官方开发文档
    https://open-doc.dingtalk.com/microapp/serverapi2

    2、官方服务端API调试
    https://debug.dingtalk.com

    3、常见问题查询
    https://open-doc.dingtalk.com/microapp/faquestions/cvbtph

    转载请注明:RAIN MAN » 阿里钉钉开发免登企业内部应用中踩到的那些儿坑

    喜欢 1

还没有人抢沙发呢~