登录接口调整

sso-server/src/main/java/com/uas/sso/controller/LoginController.java

@@ -2,28 +2,24 @@ package com.uas.sso.controller;
 
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
-import com.uas.sso.SSOConfig;
-import com.uas.sso.SSOHelper;
-import com.uas.sso.SSOToken;
+import com.uas.account.AccountConfig;
+import com.uas.sso.*;
 import com.uas.sso.common.util.HttpUtil;
 import com.uas.sso.core.Const;
 import com.uas.sso.entity.*;
-import com.uas.sso.service.AppService;
-import com.uas.sso.service.PersonalAccountService;
-import com.uas.sso.service.UserService;
-import com.uas.sso.service.UserAccountService;
+import com.uas.sso.entity.Token;
+import com.uas.sso.service.*;
 import com.uas.sso.util.AccountTypeUtils;
 import com.uas.sso.util.BeanUtil;
 import com.uas.sso.util.CaptchaUtil;
+import com.uas.sso.util.encry.HmacUtils;
 import com.uas.sso.web.waf.request.WafRequestWrapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.ui.ModelMap;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.ModelAndView;
 
 import java.io.IOException;
 import java.util.*;
@@ -64,6 +60,9 @@ public class LoginController extends BaseController {
     @Autowired
     private UserService userService;
 
+    @Autowired
+    private UserspaceService userspaceService;
+
     @Autowired
     private UserAccountService userAccountService;
 
@@ -180,6 +179,114 @@ public class LoginController extends BaseController {
         }
     }
 
+    /**
+     * 根据企业uu号和用户uu号获取登录token，有效期1分钟
+     * @param enUU 企业uu号
+     * @param userUU 用户uu号
+     * @param timestamp 请求时间，用于判断请求是否有效，有效期10秒
+     * @param signature 加密信息，使用企业私钥加密请求参数
+     * @return tokenId，token存入ModelMap对象，值为 {userUU：用户uu号，spaceUU：企业uu号}
+     */
+    @RequestMapping(value = "/getToken", method = RequestMethod.GET)
+    public ModelMap getToken(String enUU, String userUU, @RequestParam(name = "_timestamp") Long timestamp, @RequestParam(name = "_signature") String signature) {
+        ModelMap map = new ModelMap();
+
+        // 根据企业uu号找到企业信息
+        Userspace userspace = userspaceService.findOne(Long.valueOf(enUU));
+        if (userspace == null) {
+            return error("没有找到企业");
+        }
+        if (userspace.getAccessSecret() == null) {
+            return error("接口未授权");
+        }
+
+        // 请求时间不小于当前时间10秒，单位毫秒
+        long expires_request = 10 * 1000;
+        if (System.currentTimeMillis() - timestamp > expires_request || System.currentTimeMillis() < timestamp) {
+            return error("请求超时");
+        }
+
+        // 判断加密信息是否有误
+        String urlMessage = request.getRequestURL() + "?"
+                + request.getQueryString().substring(0, request.getQueryString().indexOf("_signature") - 1);
+        if (!signature.equals(HmacUtils.encode(urlMessage, userspace.getAccessSecret()))) {
+            return error("密钥错误");
+        }
+
+        // 将企业信息、企业管理员信息写入SystemSession
+        User user = userService.findOne(Long.valueOf(userUU));
+        if (user == null) {
+            return error("没有找到用户");
+        }
+
+        if (!userspace.getUsers().contains(user)) {
+            return error("该用户不在当前企业");
+        }
+
+        map.put("spaceUU", enUU);
+        map.put("userUU", userUU);
+        // token有效期，单位秒
+        int expires_in = 1 * 60;
+        Token token = new Token(map, expires_in);
+        tokenService.save(token);
+        return success(token.getId());
+    }
+
+    /**
+     * token代理页面
+     * @return
+     */
+    @RequestMapping(value = "/proxy", method = RequestMethod.GET)
+    public ModelAndView loginProxyByToken() {
+        WafRequestWrapper wr = new WafRequestWrapper(request);
+        String returnUrl = wr.getParameter("returnURL");
+        String appId = wr.getParameter("appId");
+        String token = wr.getParameter("token");
+        String baseUrl = wr.getParameter("baseURL");
+        String isLoginAll = wr.getParameter("isLoginAll");
+        ModelMap data = new ModelMap();
+        data.put("returnUrl", returnUrl);
+        data.put("appId", appId);
+        data.put("token", token);
+        data.put("baseUrl", baseUrl);
+        data.put("isLoginAll", isLoginAll == null ? true : isLoginAll);
+        return new ModelAndView("/sso/proxyByToken", data);
+    }
+
+    /**
+     * erp和uu互联跳转
+     * 代理登录，根据tokenId拿到当前用户登录的用户uu号和企业uu号进行登录
+     *
+     * @param token tokenId
+     * @param appId 应用id
+     * @param returnUrl 跳转页面
+     * @param baseUrl 而外登录接口
+     * @param isLoginAll 是否登录默认应用
+     * @return
+     */
+    @RequestMapping(value = "/proxy", method = RequestMethod.POST)
+    public ModelMap loginProxyByToken(String token, String appId, String returnUrl, String baseUrl, @RequestParam(defaultValue = "true") boolean isLoginAll) {
+        Token tk = tokenService.findOne(token);
+        if (null != tk) {
+            JSONObject data = JSON.parseObject(JSON.toJSONString(tk.getBind()));
+            Long userUU = data.getLong("userUU");
+            Long spaceUU = data.getLong("spaceUU");
+            request.getSession().setAttribute("baseUrl", baseUrl);
+            App app = appService.findOne(appId);
+            if (app != null) {
+                app = StringUtils.isEmpty(app.getUserControl()) ? app : appService.findOne(app.getUserControl());
+            }
+
+            if (app == null) {
+                app = appService.findOne(AccountConfig.ACCOUNT_CENTER);
+            }
+
+            UserAccount userAccount = userAccountService.findOneByUserUU(app.getUid(), userUU, spaceUU);
+            return loginByUser(userAccount, returnUrl, null);
+        }
+        return error("验证信息已过期");
+    }
+
     /**
      * 密码输错处理
      *
@@ -266,10 +373,12 @@ public class LoginController extends BaseController {
         st.setData(JSON.toJSONString(userAccount));
         SSOHelper.setSSOCookie(request, response, st, true);
 
-        // 设置登录时间，并将密码输错次数设为0
-        userRecord.setLastLoginTime(System.currentTimeMillis());
-        userRecord.setPwdErrorCount(0);
-        userService.save(userRecord);
+        // 设置登录时间，并将密码输错次数设为0，为空则不设置
+        if (userRecord != null) {
+            userRecord.setLastLoginTime(System.currentTimeMillis());
+            userRecord.setPwdErrorCount(0);
+            userService.save(userRecord);
+        }
 
         // 设置返回值，通知各个应用用户已经登录
         ModelMap data = new ModelMap();
@@ -366,8 +475,8 @@ public class LoginController extends BaseController {
      * 退出接口，测试接口
      * @return
      */
-    @RequestMapping(value = "/logout", method = RequestMethod.GET)
-    public ModelMap logout() {
+    @RequestMapping(value = "/logoutAccount", method = RequestMethod.GET)
+    public ModelMap logoutAccount() {
         SSOHelper.clearLogin(request, response);
         return success();
     }
@@ -395,4 +504,117 @@ public class LoginController extends BaseController {
         BeanUtil.copyProperties(pageStyle, defaultApp.getPageStyle(), true);
         return success(defaultApp.getPageStyle());
     }
+
+
+    /**
+     * 跨域询问，回复子系统是否登录
+     *
+     * @throws IOException
+     */
+    @RequestMapping("/login/ask")
+    @ResponseBody
+    public void replyAsk() throws IOException {
+        String callback = request.getParameter("callback");
+        SSOToken token = SSOHelper.getToken(request);
+        if (token != null) {
+            String askData = request.getParameter("askData");
+            if (!StringUtils.isEmpty(askData)) {
+                // 下面开始验证票据，签名新的票据每一步都必须有。
+                AuthToken at = SSOHelper.replyCiphertext(request, askData);
+                if (at != null) {
+                    App app = appService.findOne(at.getApp());
+                    if (app != null && StringUtils.isEmpty(app.getPublicKey()) && !StringUtils.isEmpty(app.getUserControl())) {
+                        app = appService.findOne(app.getUserControl());
+                    }
+                    if (app == null) {
+                        printJsonP(callback, error("403", "非法签名"));
+                        return;
+                    }
+                    // 对应系统公钥验证签名
+                    at = at.verify(app.getPublicKey());
+                    if (at != null) {
+                        at.setUid(token.getUid());// 设置绑定用户ID
+                        at.setTime(token.getTime());// 设置登录时间
+                        // 更安全的做法是使用at.getUuid() 作为 key 设置 authToken
+                        // 至分布式缓存中，然后 这里根据UUID验证和赋值
+                        at.setData(token.getData());
+
+                        // 2、SSO 的私钥签名
+                        at.sign(SSOConfig.getInstance().getCenterPrivateKey());
+
+                        // 3、生成回复密文票据
+                        printJsonP(callback, success(at.encryptAuthToken()));
+                    } else {
+                        // 非法签名, 可以重定向至无权限界面，App自己处理
+                        printJsonP(callback, error("403", "非法签名"));
+                    }
+                } else {
+                    // 非法签名, 可以重定向至无权限界面，App自己处理
+                    printJsonP(callback, error("403", "非法签名"));
+                }
+            }
+        } else {
+            // 未登录
+            printJsonP(callback, error("404", "未登录"));
+        }
+    }
+
+    /**
+     * 跨域询问，随子系统一起退出
+     *
+     * @throws IOException
+     */
+    @RequestMapping(value = "/logout/ask", method = RequestMethod.GET)
+    @ResponseBody
+    public void replyAskOut() throws IOException {
+        String callback = request.getParameter("callback");
+        SSOToken token = SSOHelper.getToken(request);
+        if (token != null) {
+            // 已登录
+            printJsonP(callback, error("404", "已登录"));
+        } else {
+            printJsonP(callback, success());
+        }
+    }
+
+    /**
+     * 随子系统一起退出
+     *
+     * @throws IOException
+     */
+    @RequestMapping(value = "/logout", method = RequestMethod.GET)
+    @ResponseBody
+    public ModelMap logout() throws IOException {
+        System.err.print(request.getContextPath());
+        System.err.print(request.getHeaderNames().toString());
+        System.err.print(request.getCookies());
+        String callback = request.getParameter("callback");
+        String returnURL = request.getParameter("returnURL") == null ? HOME_PAGE : request.getParameter("returnURL");
+        String baseUrl = request.getParameter("baseUrl");
+        String appId = request.getParameter("appId") == null ? "sso" : request.getParameter("appId");
+        SSOToken token = SSOHelper.getToken(request);
+        ModelMap modelMap = new ModelMap();
+        modelMap.addAttribute("callback", callback);
+        modelMap.addAttribute("returnURL", HttpUtil.decodeURL(returnURL));
+        modelMap.addAttribute("appId", appId);
+        modelMap.addAttribute("logoutUrls", getOtherLogoutUrls(baseUrl));
+
+        if (token != null) {
+            SSOHelper.clearLogin(request, response);
+        }
+        return success(modelMap);
+    }
+
+    private Set<String> getOtherLogoutUrls(String baseUrl) {
+        List<App> apps = appService.findAll();
+        Set<String> logoutUrls = new HashSet<>();
+        for (App app : apps) {
+            if (!StringUtils.isEmpty(app.getLogoutUrl())) {
+                logoutUrls.add(app.getLogoutUrl());
+            }
+        }
+        logoutUrls.add(baseUrl);
+        return logoutUrls;
+    }
+
 }

sso-server/src/main/java/com/uas/sso/util/encry/HmacEncoder.java

@@ -0,0 +1,99 @@
+package com.uas.sso.util.encry;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * Hash-based message authentication code，利用哈希算法，以一个密钥和一个消息为输入，生成一个消息摘要作为输出
+ *
+ * @author yingp
+ *
+ */
+public class HmacEncoder {
+
+	private final String algorithm;
+
+	public HmacEncoder(String algorithm) {
+		this.algorithm = algorithm;
+	}
+
+	/**
+	 * 根据给定密钥生成算法创建密钥
+	 *
+	 * @param algorithm
+	 *            密钥算法
+	 * @return 密钥
+	 * @throws RuntimeException
+	 *             当 {@link NoSuchAlgorithmException} 发生时
+	 */
+	public byte[] getKey() {
+		// 初始化KeyGenerator
+		KeyGenerator keyGenerator = null;
+		try {
+			keyGenerator = KeyGenerator.getInstance(algorithm);
+		} catch (NoSuchAlgorithmException e) {
+			throw new RuntimeException(e.getMessage());
+		}
+		// 产生密钥
+		SecretKey secretKey = keyGenerator.generateKey();
+		// 获得密钥
+		return secretKey.getEncoded();
+	}
+
+	/**
+	 * 转换密钥
+	 *
+	 * @param key
+	 *            二进制密钥
+	 * @param algorithm
+	 *            密钥算法
+	 * @return 密钥
+	 */
+	private static Key toKey(byte[] key, String algorithm) {
+		// 生成密钥
+		return new SecretKeySpec(key, algorithm);
+	}
+
+	/**
+	 * 使用指定消息摘要算法计算消息摘要
+	 *
+	 * @param data
+	 *            做消息摘要的数据
+	 * @param key
+	 *            密钥
+	 * @return 消息摘要（长度为16的字节数组）
+	 */
+	public byte[] encode(byte[] data, Key key) {
+		Mac mac = null;
+		try {
+			mac = Mac.getInstance(algorithm);
+			mac.init(key);
+		} catch (NoSuchAlgorithmException e) {
+			e.printStackTrace();
+			return new byte[0];
+		} catch (InvalidKeyException e) {
+			e.printStackTrace();
+			return new byte[0];
+		}
+		return mac.doFinal(data);
+	}
+
+	/**
+	 * 使用指定消息摘要算法计算消息摘要
+	 *
+	 * @param data
+	 *            做消息摘要的数据
+	 * @param key
+	 *            密钥
+	 * @return 消息摘要（长度为16的字节数组）
+	 */
+	public byte[] encode(byte[] data, byte[] key) {
+		return encode(data, toKey(key, algorithm));
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/HmacMD5Encoder.java

@@ -0,0 +1,9 @@
+package com.uas.sso.util.encry;
+
+public class HmacMD5Encoder extends HmacEncoder {
+
+	public HmacMD5Encoder() {
+		super("HmacMD5");
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/HmacSHA1Encoder.java

@@ -0,0 +1,9 @@
+package com.uas.sso.util.encry;
+
+public class HmacSHA1Encoder extends HmacEncoder {
+
+	public HmacSHA1Encoder() {
+		super("HmacSHA1");
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/HmacSHA256Encoder.java

@@ -0,0 +1,9 @@
+package com.uas.sso.util.encry;
+
+public class HmacSHA256Encoder extends HmacEncoder {
+
+	public HmacSHA256Encoder() {
+		super("HmacSHA256");
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/HmacSHA384Encoder.java

@@ -0,0 +1,9 @@
+package com.uas.sso.util.encry;
+
+public class HmacSHA384Encoder extends HmacEncoder {
+
+	public HmacSHA384Encoder() {
+		super("HmacSHA384");
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/HmacSHA512Encoder.java

@@ -0,0 +1,9 @@
+package com.uas.sso.util.encry;
+
+public class HmacSHA512Encoder extends HmacEncoder {
+
+	public HmacSHA512Encoder() {
+		super("HmacSHA512");
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/HmacUtils.java

@@ -0,0 +1,47 @@
+package com.uas.sso.util.encry;
+
+import org.springframework.security.crypto.codec.Hex;
+
+/**
+ * Hmac加密工具
+ *
+ * @author yingp
+ *
+ */
+public class HmacUtils {
+
+	private static HmacEncoder hmacEncoder;
+
+	// 默认约定密钥
+	private final static byte[] key = { 104, 116, 116, 112, 58, 47, 47, 119, 119, 119, 46, 117, 98, 116, 111, 98, 46, 99, 111, 109, 47,
+			101, 114, 112, 47, 115, 97, 108, 101, 47, 111, 114, 100, 101, 114, 115, 63, 115, 111, 109, 101, 116, 104, 105, 110, 103 };
+
+	static {
+		// default algorithm: HmacSHA256
+		hmacEncoder = new HmacSHA256Encoder();
+	}
+
+	/**
+	 *
+	 * @param message
+	 * @return 16进制密文
+	 */
+	public static String encode(Object message) {
+		byte[] encodeData = hmacEncoder.encode(String.valueOf(message).getBytes(), key);
+		return new String(Hex.encode(encodeData));
+	}
+
+	/**
+	 *
+	 * @param message
+	 *            明文
+	 * @param key
+	 *            密钥
+	 * @return 16进制密文
+	 */
+	public static String encode(Object message, String key) {
+		byte[] encodeData = hmacEncoder.encode(String.valueOf(message).getBytes(), key.getBytes());
+		return new String(Hex.encode(encodeData));
+	}
+
+}

sso-server/src/main/java/com/uas/sso/util/encry/Md5Utils.java

@@ -0,0 +1,44 @@
+/*CopyRright (c)2014: <www.usoftchina.com>
+ */
+package com.uas.sso.util.encry;
+
+import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
+
+/**
+ * <p>
+ * 使用MD5算法.
+ * </p>
+ *
+ * @see Md5PasswordEncoder
+ * @author yingp
+ */
+public class Md5Utils {
+
+	private static Md5PasswordEncoder md5PasswordEncoder;
+
+	static {
+		md5PasswordEncoder = new Md5PasswordEncoder();
+	}
+
+	/**
+	 * 将rawPass进行加密处理
+	 * <p>
+	 * 如果rawPass为空，将视作空字符串""
+	 * </p>
+	 * <p>
+	 * 如果salt不为空，在加密前将会与rawPass合并加密，合并方式为rawPass{salt}
+	 * </p>
+	 *
+	 * @param rawPass
+	 *            明文
+	 * @param salt
+	 *            盐值
+	 * @return 十六进制的密文
+	 */
+	public static String encode(Object rawPass, Object salt) {
+		String pass = rawPass == null ? null : String.valueOf(rawPass);
+		salt = salt == null ? "" : salt.toString();
+		return md5PasswordEncoder.encodePassword(pass, salt);
+	}
+
+}

sso-server/src/main/webapp/WEB-INF/views/sso/proxyByToken.jsp

@@ -0,0 +1,54 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8"
+	pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%
+	String path = request.getContextPath();
+	// nginx proxy: proxy_set_header 	X-Scheme 	$scheme;
+	String scheme = request.getHeader("X-Scheme");
+	if (scheme == null) {
+		scheme = request.getScheme();
+	}
+	int port = request.getServerPort();
+	String basePath = scheme + "://" + request.getServerName() + ((port == 80 || port == 443) ? "" : (":" + port)) + path + "/";
+%>
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+<meta charset="utf-8" />
+<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+<meta name="renderer" content="webkit">
+<title>账户中心 - 优软云</title>
+<meta name="description" content="" />
+<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+<base href="<%=basePath%>">
+<link rel="shortcut icon" href="static/img/icon.png">
+	<link rel="stylesheet" type="text/css" href="static/lib/css/toastr.min.css">
+<meta name="referrer" content="origin" />
+<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+<script type="text/javascript" src="static/lib/js/jquery.min.js"></script>
+</head>
+<body>
+<script type="text/javascript">
+// TODO 自动将参数传递进行验证
+
+// TODO 验证成功后跳转到对应的页面
+
+// TODO 验证失败提示失败原因
+
+</script>
+<input type="hidden" name="returnUrl" value="${returnUrl}">
+<input type="hidden" name="appId" value="${appId}">
+<input type="hidden" name="token" value="${token}">
+<input type="hidden" name="baseUrl" value="${baseUrl}">
+<input type="hidden" name="spaceUU" value="${spaceUU}">
+<input type="hidden" name="isLoginAll" value="${isLoginAll}">
+<div id="body"></div>
+<div align="center" style="margin-top: 180px;">
+	<img src="static/img/loading.gif">
+	<p style="color: #888">正在验证，请稍候……</p>
+	<div id = "toaster"></div>
+</div>
+	<script src="static/lib/js/toastr.min.js"></script>
+	<script src="static/js/proxyByToken.js"></script>
+</body>
+</html>

sso-server/src/main/webapp/resources/js/proxyByToken.js

@@ -0,0 +1,162 @@
+/**
+ * Created by wangmh on 2017/6/28.
+ */
+var app = {
+    loading : function(is, position) {
+        app.isLoading = is;
+        toastr.clear();
+        $('#loading').css('display', is ? 'block' : 'none');
+        is && position && ($('#loading').addClass(position));
+    },
+    init : function () {
+        // var data = app.getParams(location.href)
+        // app.checkParams(data);
+        app.checkParams();
+    },
+    getParams : function(href){
+        var args = href.split("?");
+        if(args[0] == href){
+            error("没有参数");
+            return null;
+        }
+        var str = args[1];
+        args = str.split("&");
+        var data = {appId:"", t:-1, p:"", u:null, returnURL:"http://www.ubtob.com", baseURL:null};
+        for(var i=0; i<args.length; i++){
+            str = args[i];
+            if(str.length <= 1) continue;
+            var arg = str.split("=");
+            data[arg[0]] = arg[1];
+        }
+        return data;
+    },
+    error : function(message, title, position) {
+        toastr.clear();
+        toastr.error(message, title, {
+            positionClass : 'toast-' + (position || 'top-center')
+        });
+        window.location.href="http://www.ubtob.com";
+    },
+    returnHref: function () {
+        var url = $('#body').val();
+        window.location.href = url;
+    },
+    noticeOther: function (data) {
+        for (var i=0;i<data.loginUrls.length;i++) {
+            var loginUrl = data.loginUrls[i];
+            $.ajax({
+                type:"post",
+                url:loginUrl,
+                dataType:'jsonp',
+                crossDomain: true,
+                jsonp:'callback',
+                jsonpCallback:"successCallback",
+                data:data.data,
+                success:function(json) {
+                    console.log(loginUrl);
+                    app.addCount(data.count);
+                },
+                error: function (json) {
+                    console.log(loginUrl);
+                    app.addCount(data.count);
+                },
+            });
+        }
+        var head = document.head || $('head')[0] || document.documentElement;
+        var script = $('head').find('script')[0];
+        script.onerror = function(evt) {
+            app.addCount(a.count);
+        }
+    },
+    addCount: function (count) {
+        app.returnCount++;
+        if (app.returnCount == app.count) {
+            app.returnHref();
+        }
+    },
+    loginOther: function (formdata, loginUrl) {
+        app.loginMall(formdata, loginUrl);
+    },
+    loginUuzc: function (formdata, loginUrl) {
+        $('#J_commenting').attr("action", loginUrl);
+        $('#_username').val(formdata.username);
+        $('#_password').val(formdata.password);
+        $('#email').val(formdata.email);
+        $('#mobile').val(formdata.mobile);
+        $('#uid').val(formdata.uid);
+        $('#salt').val(formdata.salt);
+        console.log($('input[name="username"]').val());
+        $('#J_commenting').submit();
+        app.addCount(formdata.count);
+    },
+    loginMall: function (formdata, loginUrl) {
+        var uid = formdata.uid;
+        var time = formdata.time;
+        var data = formdata.mallData;
+        $.ajax({
+            type:"post",
+            url:loginUrl,
+            dataType:'jsonp',
+            jsonp:'callback',
+            jsonpCallback:"successCallback",
+            data:{
+                uid: uid,
+                time: time,
+                data: data
+            },
+            success:function(json) {
+                console.log("...");
+                app.addCount(formdata.count);
+            },
+            error: function (json) {
+                console.log(json);
+                app.addCount(formdata.count);
+            },
+        });
+
+    },
+    checkParams : function(){
+        app.loading(true);
+        $.ajax('sso/login/proxy', {
+            data: {
+                appId:$('input[name="appId"]').val(),
+                returnUrl:$('input[name="returnUrl"]').val(),
+                token:$('input[name="token"]').val(),
+                baseUrl:$('input[name="baseUrl"]').val(),
+                spaceUU:$('input[name="spaceUU"]').val(),
+                isLoginAll:$('input[name="isLoginAll"]').val()
+            },
+            dataType: 'json',
+            type: 'POST',
+            success: function (msg) {
+                app.loading(false);
+                if(msg.success) {
+                    $('#body').val(msg.content.returnUrl || 'http://www.ubtob.com') ;
+                    // // 为了使众创登陆成功，加了一个延迟
+                    app.returnCount = 0;
+                    app.count = msg.content.count;
+                    app.loading(true);
+                    app.noticeOther(msg.content);
+                    setTimeout("app.returnHref()", 2000);
+                } else if (msg.errMsg) {
+                    if ($('input[name="returnUrl"]').val() == "http://www.usoftmall.com/login/proxy"){
+                        $('input[name="returnUrl"]').val("http://www.usoftmall.com/logout/proxy");
+                    }
+                    window.location.href = $('input[name="returnUrl"]').val() || 'http://www.ubtob.com';
+                    // app.error(msg.errMsg);
+                }
+            },
+            error: function (res) {
+                if (formData.returnURL == "http://www.usoftmall.com/login/proxy"){
+                    formData.returnURL = "http://www.usoftmall.com/logout/proxy";
+                }
+                window.location.href = formData.returnURL || 'http://www.ubtob.com';
+                app.loading(false);
+                // app.error(res);
+            }
+        });
+    }
+};
+$(document).ready(function() {
+    app.init();
+});