/** * passport.js 支付宝登录插件 * * @author JiangFeng<jeff.jiang@yoho.cn> * @date 2016/06/21 */ 'use strict'; const util = require('util'); const _ = require('lodash'); const md5 = require('yoho-md5'); const passport = require('passport-strategy'); // 支付宝网关地址 const ALIPAY_URL = 'https://mapi.alipay.com/gateway.do'; const defaultOptions = { service: 'alipay.auth.authorize', _input_charset: 'utf-8', sign_type: 'MD5', target_service: 'user.auth.quick.login' }; /** * 将参数排序,拼接成 "参数=参数值" 的格式 * * @param {Object} params */ function paramsToRaw(params) { let keys = Object.keys(params); keys = keys.sort(); let string = ''; keys.forEach((key) => { string += '&' + key + '=' + params[key]; }); string = string.substr(1); return string; } function AlipayStrategy(options, verify) { if (typeof options === 'function') { verify = options; options = {}; } options = options || {}; passport.Strategy.call(this); this.name = 'alipay'; this._verify = verify; this._options = options; } util.inherits(AlipayStrategy, passport.Strategy); AlipayStrategy.prototype.authenticate = function(req, options) { if (req.query && req.query.is_success && req.query.sign && req.query.sign_type) { let query = req.query; let sign = query.sign; let signType = query.sign_type; delete query.sign_type; delete query.sign; let signString = paramsToRaw(query) + this._options.key; if (signType === 'MD5' && sign !== md5(signString)) { this.error('alipay callback sign check fail'); this.fail('alipay callback sign check fail'); } if (req.query.is_success === 'T') { let user = { userId: req.query.user_id, realName: req.query.real_name, email: req.query.email }; this.success(user, null); } else { this.error('alipay login fail'); this.fail(req.error_code); } } else { let params = _.assign(defaultOptions, this._options, options); let signType = params.sign_type; let key = params.key; delete params.sign_type; delete params.sign; delete params.key; let signString = paramsToRaw(params) + key; if (signType === 'MD5') { params.sign = md5(signString); params.sign_type = 'MD5'; } this.redirect(ALIPAY_URL + '?' + paramsToRaw(params)); } }; exports = module.exports = AlipayStrategy; exports.Strategy = AlipayStrategy;