1. 优化登录验证api，使之可以更灵活地支持多种验证方式

2. 增加上海市证书中心(uca)验证方式

1. 优化登录验证api，使之可以更灵活地支持多种验证方式
b1b0526e · vipcxj · e659321d · b1b0526e · b1b0526e · b1b0526e
--- a/package.json
+++ b/package.json
@@ -14,8 +14,10 @@
  },
  "dependencies": {
    "antd": "^2.13.0",
+    "axo": "0.0.2",
    "babel-plugin-import": "^1.2.1",
    "babel-runtime": "^6.9.2",
+    "bowser": "^1.8.1",
    "bundle-loader": "^0.5.5",
    "dva": "^1.2.1",
    "dva-loading": "^0.2.1",

--- a/src/models/login.js
+++ b/src/models/login.js
 import { routerRedux } from 'dva/router';
 import { login, userInfo } from '../services/login';
+import { validate } from '../services/login/password';
 import { fullPath } from '../utils/helper';
 import { setToken, setUser, setDomain, histories } from '../utils/auth';
 import { switchDomain, currentDomain } from '../services/domain';
@@ -15,12 +16,7 @@ export default {
      const loginRequest = {
        type: 'userName',
        data: payload.userName,
-        authRequest: {
-          type: 'password',
-          parameters: {
-            cipher: payload.password,
-          },
-        },
+        authRequest: yield call(validate, payload.password),
      };
      const result = yield call(login, loginRequest);
      const { tokenId, authResponse, remainedAuthRequirements } = result;

--- a/src/services/login.js
+++ b/src/services/login.js
 /* eslint-disable no-param-reassign */
 /** @module services/login */
-import { getDeviceId } from '../utils/device';
-import post from '../utils/post';
-import request from '../utils/request';
-import { encrypt } from '../utils/helper';
-import { getToken } from '../utils/auth';
-import config from '../utils/config';
+import { getDeviceId } from '../../utils/device';
+import post from '../../utils/post';
+import request from '../../utils/request';
+import { encrypt } from '../../utils/helper';
+import { getToken } from '../../utils/auth';
+import config from '../../utils/config';

 /**
 * @typedef {Object} TokenInfo

--- a/src/services/login/password.js
+++ b/src/services/login/password.js
+import { addToken } from './utils';
+
+export const validate = async (password, token) => {
+  const request = {
+    type: 'password',
+    parameters: {
+      cipher: password,
+    },
+  };
+  await addToken(request, token);
+  return request;
+};
--- a/src/services/login/uca.js
+++ b/src/services/login/uca.js
+import { addToken } from './utils';
+
+export const requestCode = async (token) => {
+  const request = {
+    type: 'uca',
+    parameters: {
+      action: 'request',
+    },
+  };
+  await addToken(request, token);
+  return request;
+};
+
+export const validate = async (signed, token) => {
+  const request = {
+    type: 'uca',
+    parameters: {
+      action: 'validate',
+      response: signed,
+    },
+  };
+  await addToken(request, token);
+  return request;
+};
+
--- a/src/services/login/utils.js
+++ b/src/services/login/utils.js
+import { getToken } from '../../utils/auth';
+
+export const addToken = async (request, token) => {
+  if (token) {
+    // eslint-disable-next-line no-param-reassign
+    request.tkId = token;
+  } else {
+    const localToken = await getToken();
+    if (localToken) {
+      // eslint-disable-next-line no-param-reassign
+      request.tkId = localToken;
+    }
+  }
+  return request;
+};
--- a/src/utils/uca.js
+++ b/src/utils/uca.js
+import AXO from 'axo';
+import bowser from 'bowser';
+
+/**
+ * 初始化
+ * @return {number} 0: success; 1: blocked by the browser; 2: driver not installed
+ */
+export const init = () => {
+  if (bowser.msie || bowser.msedge) {
+    try {
+      const se = new AXO('SafeEngineCOM.SafeEngineCtl');
+      if (se) {
+        return 0;
+      } else {
+        return 2;
+      }
+    } catch (err) {
+      return 1;
+    }
+  } else {
+    return 3;
+  }
+};
+
+/**
+ * 签名
+ * @param password usb的密钥
+ * @param data 需要签名的数据，从服务端获取
+ * @return {{deadTime: number, signed: string}}
+ */
+export const sign = (password, data) => {
+  if (bowser.msie || bowser.msedge) {
+    const safeEngine = new AXO('SafeEngineCOM.SafeEngineCtl');
+    if (!safeEngine) {
+      throw new Error('未安装USB证书驱动。');
+    }
+    safeEngine.SEH_InitialSession(27, 'com1', password, 100, 2, '', '');
+    if (safeEngine.ErrorCode !== 0) {
+      throw new Error('USB-KEY初始化失败，请确认USB-KEY是否插入或密码是否正确。');
+    }
+    try {
+      const cert = safeEngine.SEH_GetSelfCertificate(27, 'com1', '');
+      if (safeEngine.ErrorCode !== 0) {
+        throw new Error(`获取个人证书错误，错误代码为：${safeEngine.ErrorCode}。`);
+      }
+      const res = {};
+      const deadTime = safeEngine.SEH_GetCertValidDate(cert);
+      res.deadTime = parseInt(deadTime, 10);
+      const signed = safeEngine.SEH_SignData(data, 3);
+      if (safeEngine.ErrorCode !== 0) {
+        throw new Error(`数字签名失败，错误代码为：${safeEngine.ErrorCode}。`);
+      }
+      res.signed = signed;
+      return res;
+    } finally {
+      safeEngine.SEH_ClearSession();
+    }
+  } else {
+    throw new Error('当前浏览器不支持activeX控件，请切换ie或edge或带ie内核的360之类的浏览器。');
+  }
+};