1. OA Docking Process
1.1 Purchase Integration Platform OA Plug-in
Find the corresponding product, place an order for purchase, and the configuration entry will be automatically activated. The configuration entry is under Management->System Interconnection Management.
1.2 Account Binding
Enter the integration platform - OA agency -> account binding, you can bind Funshare employees with OA employees by creating or importing
1.3 Send Messages to OA Interface Configuration
Confirm the customer's interface calling method. The two different calling methods of webservice and restful are slightly different in configuration. The following configuration documents will clearly describe how to configure the differences;
2. Configuration Steps of OA Docking
2.1 General Parameter Settings
Enter the integration platform - OA agent -> initial setting -> general parameter configuration, which is divided into Headers parameter setting and result format setting:
(1) Headers parameter setting can be increased by itself according to customer needs. Click to add a line to enter the key and value, and click Save to add successfully;
(2) The key has been preset in the result format setting, and the value needs to be added according to the return result of the client interface call;
- codeName: Fill in the code field name in the returned result
- msgName: Fill in the field name of the message information in the returned result
- dataName: not filled in by default
- successCode: Fill in the code value of the successful call
- xmlJsonField: The webservice interface calling method is filled out by default, and the restful interface calling method is not filled in by default
Example: Return the result as shown in the figure below, fill in code for codeName, fill in message for msgName, and fill in 0 for successCode
2.2 Scene Parameter Settings
(1) Enter the integration platform - OA Agency -> Initial Settings -> Scene Parameter Settings, and the corresponding scene can be opened and configured according to customer needs. If it is turned on, it will push the corresponding agency message operation to the OA system, and if it is turned off, it will not;
(2) The following takes the new agent as an example to explain the configuration, click the [Settings] of the new agent to enter the new agent setting page
- Interface address setting: configure the interface calling address of the new agent in the OA system
- Interface type: configure the request method for calling the interface
- Body parameter setting: Configure the parameters that need to be passed through the calling interface. Fill in the parameter value to connect to the CRM agency field. Note that you need to fill in the placeholders starting with #. The CRM agency fields and placeholders can be searched on the right. Pay attention to the calling method of webservice interface, the Body parameter needs to be in xml format; the calling method of restful interface, the Body parameter needs to be in json format
- Edit agency, delete agency, change interface address, interface type, and Body parameter settings according to customer interface documents
(3) Added an example of agent configuration:
Suppose the following is the interface call document given by the customer
- Request method: POST
- Request URL: http://test.com.cn:909/rest/transmit/fxiaoke/create
- Request parameters:
According to the interface document given above, fill in the interface address setting: http://test.com.cn:909/rest/transmit/fxiaoke/ create, interface type select POST
Fill in the given Post content in the Body parameter (if the customer interface is a webservice call method, it needs to be converted to xml format), the left field remains unchanged, and the right value is filled in corresponding to the CRM field to be mapped - use a placeholder, then fill it out Then as shown in the figure below:
3. Verify OA Messages Push Interface
After adding, editing, and deleting proxy messages in the ShareCRM system, check the synchronization records, and check whether the proxy messages are pushed successfully in OA:
4. Login-free Docking
After the agency message of CRM is pushed to OA, the user can click on the message from OA to avoid logging in to CRM.
There are different operations according to different manufacturers:
4.1 Zhiyuan OA
Zhiyuan OA authentication method selection: application registration;
Product Registration:
Find the corresponding application in [Application Connection]:
Configure user bindings:
To do integration:
After completing the above operations, the customer is required to provide the application account password.
4.1.1 To-Do Message Push
Use the V5auth authentication method in Zhiyuan OA:
In the Zhiyuan OA system, you need to obtain the token of their system to push the to-do. Customers need to create a FunShare application on the Zhiyuan OA system and provide the corresponding account password. Every time the interface is called, the token needs to be spliced in the request header.
The OA platform has the function of generating URLs based on scripts, and scripts need to be written to obtain addresses with tokens.
Script template:
import groovy.json.JsonSlurper
import [sun.net](http://sun.net/).www.protocol.https.DelegateHttpsURLConnection
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
public String getToken() {
String token = null;
String userName = \"****\"; // Fill in the account number provided by the customer
String password = \"**********************\"; // fill in the password provided by the customer
String requestUrl = \"http://**********/seeyon/rest/token/\" + userName + \"/\" + password; // modify request URL
HttpURLConnection connection = (HttpURLConnection) new URL(requestUrl).openConnection();
connection.setRequestMethod(\"GET\");
// Set the timeout for connecting to the host server: 15000 milliseconds
connection.setConnectTimeout(15000); connection.setUseCaches(false); connection.setRequestProperty(\"Content-Type\", \"text/xml; charset=UTF-8\");
// Set the time to read the data returned by the remote: 60000 milliseconds
connection.setReadTimeout(60000); connection.setDoOutput(true); connection.setDoInput(true); connection.connect(); int code = connection.getResponseCode();
if (code == 200) {
InputStream inputStream = connection. getInputStream();
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
String line;
StringBuffer buffer = new StringBuffer();
while ((line = bufferedReader. readLine()) != null) {
buffer.append(line);
}
String str = buffer. toString();
def jsonSlurper = new JsonSlurper()
Map map = jsonSlurper. parseText(str)
token = map. get(\"id\")
}
else {
throw new RuntimeException(\"Handshake exception (\" + connection.getResponseCode() + \")!\" + connection.getResponseMessage())
}
return url + \"?token=\" + token;
}
url = getToken();
return url;4.1.2 Single Sign-on
The single sign-on is authenticated by Zhiyuan OA's portal authentication mechanism. The OA platform opens Zhiyuan OA login free interface: /authorizeWeb/SeeYon/{apiName}/{dataId}/{ei}/{isApp}
On the OA side, click to do, or share the application. The token will be carried to the platform, and the platform will call the portal authentication interface of OA through the obtained token to obtain the current user. finally redirected to
This user does not need to log in to the page.
4.1.3 Zhiyuan OA to-do jumps to CRM to-do and jumps to CRM main page
After the single sign-on is successful, the corresponding user information can be obtained. Redirect to the corresponding page through the login-free interface of CRM.
Jump to the CRM to-do interface: /authorizeWeb/SeeYon/{apiName}/{dataId}/{ei}/{isApp}
Jump to the CRM main page interface: /authorizeWeb/SeeYon/login/{ei}/{isApp}
refer to:
{
"registerCode": "3004",
"taskId": "#F012",
"title": "#F054 #F056 #F053",
"senderName": "#F054",
"state": "0",
"thirdSenderId": "#F049",
"thirdReceiverId": "#F001",
"creationDate": "#F009",
"content": "",
"h5url": "[https://www.fxiaoke.com/erp/syncdata/open/oa/authorizeWeb/SeeYon/#F037/#F015/714439/true](https://www.fxiaoke.com/erp /syncdata/open/oa/authorizeWeb/SeeYon/#F037/#F015/714439/true)",
"url": "[https://www.fxiaoke.com/erp/syncdata/open/oa/authorizeWeb/SeeYon/#F037/#F015/714439/false](https://www.fxiaoke.com/erp /syncdata/open/oa/authorizeWeb/SeeYon/#F037/#F015/714439/false)",
"noneBindingSender": "",
"noneBindingReceiver":"#F001"
}4.2 Pan-micro OA
There are currently two ways to implement Pan-Wei OA:
4.2.1 Solution 1: OA side does free login through open api
1. Submit for approval, the approval content template is as follows:
#Open single sign-on interface#
Reason for application: Customer ** (eg: Panwei OA) is connected to Fanxiang, and the customer uses openApi to call the interface to develop a single sign-on
Customer:*** (customer name)
Enterprise account: *** (enterprise account)
Approvers: Liu Dengyue, Zhong Xing, Jiang XiaochuanHow to use FunShare openapi refer to this document: http://open.fxiaoke.com/wiki.html#artiId=215
2. Sequence diagram of free login and access to CRM agency link through FanShare openapi:
The jump link is spliced with openapi free login link + OA message jump link: e.g: https://www.fxiaoke.com/FHH/EM0HXUL/SSO/Login?token=b772184123ec43b6a1fd1351be6f418e&source=jump The url of the redirected page (see the example below, note that the redirected url needs to be processed by UrlEncode)
Example urls for redirected pages:
PCurl:https://www.fxiaoke.com/XV/Home/Index# crm/detail/=/#{object placeholder}/#{object placeholder id}
appUrl:https://www.fxiaoke.com/hcrm/ dingtalk#/crm/detail?id=#{object placeholder character id}&apiname=#{object placeholder}
3. Reference code example:
package com.fxiaoke.open.oasyncdata.example;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.TypeReference;
import com.fxiaoke.open.erpsyncdata.apiproxy.manager.ProxyHttpClient;
import com.google.common.base.Joiner;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import io.swagger.models.auth.In;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.Collections;
import java.util.List;
import java.util.Map;
/**
* @Author keny
* @Date 2021/11/10 14:50 Free login to the FunShare agency page through the open api
* @Version 1.0
*/
@Service
@Slf4j
public class SSOLoginOASerivce {
public static String domainUrl = "https://open.fxiaoke.com%s";
public static String GET_ACCESS_TOKEN_UTL = "/cgi/corpAccessToken/get/V2";
public static String SSO_LOGIN_URL = "/cgi/sso/loginurl/get";
public static String APP_ID = "FSAID_13147c8";
public static String APP_SECRET = "ea1fab3238484a918720680868657e5f";
public static String PERMANENT_CODE = "8865799413C5221F03E665401C466A0F";
//The above three parameters, refer to openapi to obtain the parameter link https://open.fxiaoke.com/wiki.html#artiId=1120
public static String NONCE = "MT1ZFIFlPVSDmiJH"; //custom, do not repeat within one minute
@Autowired
private ProxyHttpClient proxyHttpClient; //Replace the http components you use
/**
* It is recommended to cache expireTime=7200s
*
* @return
*/
public Map < String, String > getAccessToken() {
String finalAccessTokenUrl = String. format(domainUrl, GET_ACCESS_TOKEN_UTL);
Map < String, Object > paramsMap = Maps. newHashMap();
paramsMap.put("appId", APP_ID);
paramsMap.put("appSecret", APP_SECRET);
paramsMap.put("permanentCode", PERMANENT_CODE);
String result = proxyHttpClient.postUrl(finalAccessTokenUrl, paramsMap, Maps.newHashMap());
Map < String, String > resultMap = JSONObject. parseObject(result, new TypeReference < Map > () {});
return resultMap;
}
/**
* Obtain free login token through openapi
* @param account three ways of passing value
*account type, currently supports three types:
* 1 stands for mobile phone number
* 2 means FunShare login account
* 3 stands for OpenUserId
*/
public String skipLogin(String accessToken, String corpId, String account) {
String finalLoginUrl = String. format(domainUrl, SSO_LOGIN_URL);
Long timeStamp = System. currentTimeMillis();
Map < String, Object > paramsMap = Maps. newHashMap();
//Generate authentication
String signature = generateSignature(accessToken, corpId, timeStamp.toString(), NONCE, empId.toString(), String.valueOf(2), APP_SECRET);
paramsMap.put("corpAccessToken", accessToken);
paramsMap.put("corpId", corpId);
paramsMap.put("timestamp", timeStamp);
paramsMap. put("nonce", NONCE);
paramsMap. put("account", account);
paramsMap. put("type", 2);
paramsMap. put("signature", signature);
String result = proxyHttpClient.postUrl(finalLoginUrl, paramsMap, Maps.newHashMap());
Map < String, String > resultMap = JSONObject. parseObject(result, new TypeReference < Map > () {});
return resultMap.get("loginUrl");
}
/**
* generate signature
* Signature string, used to prevent tampering. The signature rules are:
* 1. First sort the corpAccessToken, corpId, timestamp, nonce, account, type field values and appSecret (can be viewed in self-built application-developer mode) in natural order according to the string value.
* 2. Concatenate the sorted strings.
* 3. Perform SHA1 calculation and hexadecimal encoding on the spliced string to obtain the signature.
* @param account needs the OA system to transmit the mobile phone number of the currently clicked user in FunShare
*/
public String generateSignature(String corpAccessToken, String corpId, String timestamp, String nonce, String account, String type, String appSecret) {
List < String > params = Lists.newArrayList(corpAccessToken, corpId, timestamp, nonce, account, type, appSecret);
//
Collections. sort(params);
String result = DigestUtils.shaHex(Joiner.on(StringUtils.EMPTY).join(params));
return result;
}
/**
* Free registration address for splicing details
*/
public String concatDetailUrl(String tokenUrl, String crmDetailUrl) {
StringBuilder redirectUrl = null;
try {
redirectUrl = new StringBuilder().append(tokenUrl).append("&source=").append(URLEncoder.encode(crmDetailUrl, "UTF-8"));
return redirectUrl.toString();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return StringUtils. EMPTY;
}
}
Single test code:
@Test
public void createSSOurl() {
Map < String, String > getToken = ssoLoginOA.getAccessToken();
String login = ssoLoginOA.skipLogin(getToken.get("corpAccessToken"), getToken.get("corpId"), "15816853xx1");
String concatDetailUrl = ssoLoginOA.concatDetailUrl(login, "https://www.ceshi112.com/XV/Home/Index#crm/list/=/AccountObj"); //Final jump address
}4.2.2 Solution 2: The OA side provides an identity verification interface, and crm is used for free login
When the customer clicks the link of the agency in the OA system, the url carries additional corresponding parameters, and Fanxiang performs the corresponding authentication. If the authentication passes, it is free to log in and enter the corresponding detail page
| extra parameters | Parameter Description | Remark |
| loginid | OA employee ID | |
| stamp | timestamp | |
| token | sha encrypted result | Encryption method parameter following code |
| secret | The key agreed upon by both parties | Provided by FunShare Development |
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class Sha1Util {
public static String getSha1(byte[] input) throws NoSuchAlgorithmException {
MessageDigest mDigest = MessageDigest. getInstance("SHA1");
byte[] result = mDigest.digest(input);
StringBuffer sb = new StringBuffer();
for (int i = 0; i < result. length; i++) {
sb.append(Integer.toString((result[i] & 0xff) + 0x100, 16).substring(1));
}
return sb.toString();
}
/**
* Example encryption process
* @param args
*/
public static void main(String[] args) {
String secret = "d73ec6289574d272c9cc2df5ff70488b";
String loginid = "0001";
String stamp = "1634128095994";
String encryptValue = secret + loginid + stamp;
try {
String getData = Sha1Util.getSha1(encryptValue.getBytes());
System.out.println(getData);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
}4.3 Lanling OA
Contact the technical consultant to communicate and obtain the identity interface;
4.4 Cloud House OA
Relying on the openapi interface of Cloud House, erp-oa can uniformly perform non-logging operations for Cloud House customers:
1. The customer needs to provide the corresponding cloud home appid and appsecret to the development (Ke Nanying) configuration, see https://open.yunzhijia.com/opendocs/docs.html#/guide/lightapp/create
2. Configuration page:
API settings page:
https://www.yunzhijia.com/gateway/newtodo/open/generatetodo.json?accessToken=
{
"content": "Submitter: #F054",
"title": "#F055",
"itemtitle": "#F056",
"headImg": "https://yunzhijia.com/space/c/photo/load?id=5a2f7ad750f8dd7810e79981",
"appId": "500723908",
"senderId": "#F049",
"params":[
{
"openId":"#F001"
}
],
"url": "https://www.fxiaoke.com/erp/syncdata/open/oa/authorizeWeb/webhook/#F037/#F015/#F028",
"sourceId": "#F015",
"sync": true
}2. After the customer completes the configuration according to the OA manual, he needs to provide approval for the development to push to the gray level of the enterprise
3. In Push Cloud Home, you need to fill in the parameters of the url: you can refer to:
https://www.fxiaoke.com/erp/syncdata /open/oa/authorizeWeb/webhook/ {Placeholder: process apiname}/{Placeholder: Initiate process data ID}/{Placeholder tenantId}
4.5 Other OAs
Contact the technical consultant to communicate and obtain the identity interface;