jingubang 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d97f5f5e21ca1c8fd3d37da31cec5382fbd35283
+  data.tar.gz: 61f236259c8ecc99c70d1acd2b1da475f459ae45
+SHA512:
+  metadata.gz: 6388a8f473b160c3ecd3bb5d94df76ab3883382c72e99fe2f3ccb39ef3f5d5a4c4e5685fe2c429f2d2c3448b31b1b84f35b1720eab4e0542b8ed09afa709d106
+  data.tar.gz: bddd4b97b4955bbf3cfdac58b4105db025e6efbade8ea5e7a92c4d95667178b3d1feac5c6597cebeb72d01e5e17a377f02659ff23d019b7fa0bee460bc6259a0

data/.gitignore

@@ -0,0 +1,2 @@
+tags
+

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,35 @@
+PATH
+  remote: .
+  specs:
+    jingubang (0.0.1)
+      rest-client
+      weixin_message_encryptor
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    domain_name (0.5.20170404)
+      unf (>= 0.0.5, < 1.0.0)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    netrc (0.11.0)
+    rest-client (2.0.2)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 4.0)
+      netrc (~> 0.8)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.5)
+    weixin_message_encryptor (0.1.0.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  jingubang!
+
+BUNDLED WITH
+   1.16.1

data/app/controllers/weixin/qiye/notifications_controller.rb

@@ -0,0 +1,75 @@
+module Weixin::Qiye
+  class NotificationsController < ActionController::Base
+
+    before_action :assign_payload, :verify_sign, :decrypt_payload, only: [:index, :create]
+    before_action :assign_message, only: [:create]
+
+    def index
+      if service_verify?
+        render plain: @payload
+      else
+        render nonthing: true, status: :bad_request
+      end
+    end
+
+    def create
+      Rails.logger.info "Weixin Qiye Message: #{@message['InfoType']}"
+      case @message['InfoType']
+        when 'suite_ticket'
+          process_ticket_message
+        # when 'authorized'
+        # when 'unauthorized'
+        # when 'updateauthorized'
+        when 'contact_sync'
+          process_contact_sync
+      end
+
+      render text: 'success'
+    end
+
+    private
+
+    def assign_payload
+      byebug
+      @encrypted_payload = service_verify? ? params[:echostr] : params[:xml][:Encrypt]
+    end
+
+    def verify_sign
+      render text: 'YOY', status: 401 unless params[:msg_signature] == calculated_sign
+    end
+
+    def calculated_sign
+      salt = [
+        @encrypted_payload,
+        Jingubang::Setting.qiye[:token],
+        params[:timestamp],
+        params[:nonce]
+      ].sort.join
+      Digest::SHA1.hexdigest salt
+    end
+
+    def decrypt_payload
+      key = Base64.decode64 Jingubang::Setting.qiye[:encoding_aes_key] + '='
+      aes_msg = Base64.decode64 @encrypted_payload
+      msg = AESCrypt.decrypt_data aes_msg, key, nil, 'AES-256-CBC'
+      @payload = msg[20..-19]
+    end
+
+    def assign_message
+      @message = Hash.from_xml(@payload)['xml']
+    end
+
+    def service_verify?
+      params[:echostr].present?
+    end
+
+    def process_ticket_message
+      Rails.logger.info "Weixin::Qiye save suite ticket: #{@message['SuiteTicket']}"
+    end
+
+    def process_contact_sync
+      Rails.logger.info "Weixin::Qiye process contact sync: #{@message['AuthCorpId']}"
+    end
+
+  end
+end

data/jingubang.gemspec

@@ -0,0 +1,26 @@
+lib = File.expand_path('../lib/', __FILE__)
+$:.unshift lib unless $:.include?(lib)
+
+require 'jingubang/version'
+
+Gem::Specification.new do |s|
+  s.name        = 'jingubang'
+  s.version     = Jingubang::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ['Zhichao Feng']
+  s.email       = ['flankerfc@gmail.com']
+  s.homepage    = 'https://github.com/flanker'
+  s.summary     = 'All-in-on weixin integration for Rails'
+  s.description = 'All-in-on weixin integration for Rails'
+  s.license     = 'MIT'
+
+  s.required_ruby_version     = '>= 2.3'
+  s.required_rubygems_version = '>= 1.3.6'
+
+  s.files        = `git ls-files`.split("\n")
+  s.test_files   = `git ls-files -- test/*`.split("\n")
+  s.require_path = ['lib']
+
+  s.add_dependency 'weixin_message_encryptor'
+  s.add_dependency 'rest-client'
+end

data/lib/jingubang.rb

@@ -0,0 +1,7 @@
+require 'aescrypt'
+
+require 'jingubang/setting'
+require 'jingubang/logger'
+require 'jingubang/http_client'
+require 'jingubang/rails'
+require 'jingubang/weixin'

data/lib/jingubang/http_client.rb

@@ -0,0 +1,51 @@
+require 'rest_client'
+
+module Jingubang
+  module HttpClient
+
+    def self.included(host_class)
+      host_class.extend ClassMethods
+    end
+
+    module ClassMethods
+
+      # e.g. 'https://qyapi.weixin.qq.com'
+      def base_url url
+        @api_base_url = url
+      end
+
+      def api_base_url
+        @api_base_url
+      end
+
+      def log message
+        Jingubang.logger.info message
+      end
+
+      def fire_request path, params, base_url: nil
+        base_url = api_base_url unless base_url
+        url = "#{base_url}#{path}"
+
+        log "Jingubang sending request to: #{url}"
+        log "    with params: #{params}"
+
+        response = JSON.parse RestClient.post(
+          url,
+          params.to_json,
+          timeout: 60,
+          :content_type => :json,
+          :accept => :json
+        )
+
+        log "Jingubang response: #{response}"
+
+        response&.with_indifferent_access
+      end
+    end
+
+    def fire_request path, params
+      self.class.fire_request path, params, base_url: self.class.api_base_url
+    end
+
+  end
+end

data/lib/jingubang/logger.rb

@@ -0,0 +1,13 @@
+module Jingubang
+
+  @@logger = ::Logger.new(STDOUT)
+
+  def self.logger
+    @@logger
+  end
+
+  def self.logger= value
+    @@logger = value
+  end
+
+end

data/lib/jingubang/rails.rb

@@ -0,0 +1,7 @@
+require 'jingubang/rails/routes'
+
+module Jingubang
+  class Engine < ::Rails::Engine
+
+  end
+end

data/lib/jingubang/rails/routes.rb

@@ -0,0 +1,19 @@
+module ActionDispatch::Routing
+  class Mapper
+
+    def with_jingubang
+      jingubang_weixin_qiye
+    end
+
+    private
+
+    def jingubang_weixin_qiye
+      namespace 'weixin' do
+        namespace 'qiye' do
+          resources :notifications, only: [:index, :create]
+        end
+      end
+    end
+
+  end
+end

data/lib/jingubang/setting.rb

@@ -0,0 +1,9 @@
+module Jingubang
+  class Setting
+
+    def self.qiye
+      @qiye_setting ||= YAML.load_file('config/jingubang.yml').with_indifferent_access[:weixin_qiye_account]
+    end
+
+  end
+end

data/lib/jingubang/test/test_helper.rb

@@ -0,0 +1,119 @@
+module Jingubang
+  module Test
+    module TestHelper
+
+      def build_qiye_weixin_test_notification echostr, encryptor
+        encrypted_payload, timestamp, nonce, signature = encryptor.encrypt_with_signature(echostr)
+
+        {
+          'echostr' => encrypted_payload,
+          'msg_signature' => signature,
+          'timestamp' => timestamp,
+          'nonce' => nonce
+        }
+      end
+
+      def build_qiye_weixin_notification message, encryptor
+        encrypted_payload, timestamp, nonce, signature = encryptor.encrypt_with_signature(message)
+
+        {
+          'xml' => {
+            'ToUserName' => 'testusername',
+            'Encrypt' => encrypted_payload
+          },
+          'msg_signature' => signature,
+          'timestamp' => timestamp,
+          'nonce' => nonce
+        }
+      end
+
+      class ApiResult
+
+        class << self
+
+          def build_weixin_qiye_login_info corpid: 'thecorpid', userid: 'theuserid', error_code: nil
+            return build_weixin_qiye_error_result(error_code) if error_code
+            {
+              usertype: 1,
+              user_info: {
+                userid:  userid,
+                name: 'User Name',
+                email: 'user@test.com',
+                avatar: 'http://p.qlogo.cn/bizmail/thelinktouseravatar/0'
+              },
+              corp_info: {
+                corpid: corpid
+              },
+              agent: [
+                {agentid: 1000010, auth_type: 1},
+                {agentid: 1000029, auth_type: 1}
+              ],
+              auth_info: {
+                department: [
+                  {id: 1, writable: true}
+                ]
+              }
+            }
+          end
+
+          def build_weixin_qiye_permanent_auth_data mobile: '13812345678', email: 'anna@frozen.com'
+            {
+              access_token: 'ACCESS_TOKEN',
+              expires_in: 7200,
+              permanent_code: 'PERMANENT_CODE',
+              auth_corp_info: {
+                corpid: 'WXCORPID',
+                corp_name: 'Frozen Tech',
+                corp_type: 'unverified',
+                corp_round_logo_url: 'http://mmbiz.qpic.cn/mmbiz/round_logo/0',
+                corp_square_logo_url: 'http://p.qpic.cn/qqmail_pic/4144698419/square_logo/0',
+                corp_user_max: 200,
+                corp_agent_max: 0,
+                corp_wxqrcode: 'http://shp.qpic.cn/bizmp/wxqrcode/',
+                corp_full_name: '',
+                subject_type: 1,
+                verified_end_time: 0
+              },
+              auth_info: {
+                agent: [{
+                  agentid: 1000005,
+                  name: '金数据DEV',
+                  square_logo_url: 'http://p.qlogo.cn/bizmail/agent_square_logo/0',
+                  appid: 1,
+                  privilege: {
+                    level: 2,
+                    allow_party: [1],
+                    allow_user: [],
+                    allow_tag: [],
+                    extra_party: [],
+                    extra_user: [],
+                    extra_tag: []
+                  }
+                }]
+              },
+              auth_user_info: {
+                userid: 'anna',
+                mobile: mobile,
+                email: email,
+                name: 'Anna',
+                avatar: 'http://p.qlogo.cn/bizmail/anna_avatar/0'
+              }
+            }.with_indifferent_access
+          end
+
+          private
+
+          def build_weixin_qiye_error_result error_code
+            {
+              errcode: error_code,
+              errmsg: 'invalid code, hint: [1519698145_8_22f41dcc18e2ca451dd57b93b129b35d], more info at https://open.work.weixin.qq.com/devtool/query?e=40029',
+              agent: []
+            }
+          end
+
+        end
+      end
+
+    end
+  end
+end

data/lib/jingubang/version.rb

@@ -0,0 +1,3 @@
+module Jingubang
+  VERSION = '0.0.1'
+end

data/lib/jingubang/weixin.rb

@@ -0,0 +1,6 @@
+module Jingubang
+  module Weixin
+  end
+end
+
+require 'jingubang/weixin/qiye'

data/lib/jingubang/weixin/qiye.rb

@@ -0,0 +1,9 @@
+module Jingubang::Weixin
+  module Qiye
+  end
+end
+
+require 'jingubang/weixin/qiye/api_client'
+require 'jingubang/weixin/qiye/url_helper'
+require 'jingubang/weixin/qiye/account'
+require 'jingubang/weixin/qiye/provider_app_account'

data/lib/jingubang/weixin/qiye/account.rb

@@ -0,0 +1,49 @@
+require 'jingubang/weixin/qiye/account/send_message'
+
+module Jingubang::Weixin::Qiye
+  module Account
+
+    # Required fields:
+    #   field :corpid, type: String
+    #   field :access_token, type: String
+    #   field :expired_at, type: Time
+    #   field :permanent_code, type: String
+    #   def refreshed_access_token
+
+    ROOT_DEPARTMENT_ID = 1
+
+    include Account::SendMessage
+
+    BASE_URL = 'https://qyapi.weixin.qq.com'
+
+    def self.included(host_class)
+      host_class.include Jingubang::HttpClient
+      host_class.base_url BASE_URL
+    end
+
+    # API methods:
+
+    def fetch_department_list
+      path = "/cgi-bin/department/list?access_token=#{refreshed_access_token}"
+      response = fire_request path, {}
+      response[:department] if response[:errcode]&.zero?
+    end
+
+    def fetch_user_list department_id, fetch_child: false
+      fetch_child_param = fetch_child ? 1 : 0
+      path = "/cgi-bin/user/list?access_token=#{refreshed_access_token}&department_id=#{department_id}&fetch_child=#{fetch_child_param}"
+      response = fire_request path, {}
+      response[:userlist] if response[:errcode]&.zero?
+    end
+
+    def fetch_all_user_list
+      fetch_user_list ROOT_DEPARTMENT_ID, fetch_child: true
+    end
+
+    def fetch_user userid
+      path = "/cgi-bin/user/get?access_token=#{refreshed_access_token}&userid=#{userid}"
+      response = fire_request path, {}
+    end
+
+  end
+end

data/lib/jingubang/weixin/qiye/account/send_message.rb

@@ -0,0 +1,62 @@
+module Jingubang::Weixin::Qiye::Account
+  module SendMessage
+
+    def send_text_message departmentids: [], userids: [], content: nil
+      path = "/cgi-bin/message/send?access_token=#{refreshed_access_token}"
+      body = {
+        touser: ids_param(userids),
+        toparty: ids_param(departmentids),
+        msgtype: 'text',
+        agentid: agentid,
+        text: {
+          content: content
+        }
+      }
+      response = fire_request path, body
+    end
+
+    def send_text_card_message departmentids: [], userids: [], title: nil, description: nil, url: nil, button_text: '详情'
+      path = "/cgi-bin/message/send?access_token=#{refreshed_access_token}"
+      body = {
+        touser: ids_param(userids),
+        toparty: ids_param(departmentids),
+        msgtype: 'textcard',
+        agentid: agentid,
+        textcard: {
+          title: title,
+          description: description,
+          url: url,
+          btntxt: button_text
+        }
+      }
+      response = fire_request path, body
+    end
+
+    def send_news_message departmentids: [], userids: [], title: nil, description: nil, url: nil, button_text: '详情', image_url: nil
+      path = "/cgi-bin/message/send?access_token=#{refreshed_access_token}"
+      body = {
+        touser: ids_param(userids),
+        toparty: ids_param(departmentids),
+        msgtype: 'news',
+        agentid: agentid,
+        news: {
+          articles: [{
+            title: title,
+            description: description,
+            url: url,
+            picurl: image_url,
+            btntxt: button_text
+          }]
+        }
+      }
+      response = fire_request path, body
+    end
+
+    private
+
+    def ids_param ids
+      ids.join('|') if ids
+    end
+
+  end
+end

data/lib/jingubang/weixin/qiye/api_client.rb

@@ -0,0 +1,38 @@
+require 'rest_client'
+
+module Jingubang::Weixin::Qiye
+  class ApiClient
+
+    GATEWAY_URL = 'https://qyapi.weixin.qq.com'
+
+    class << self
+
+      def get_login_info(access_token, auth_code)
+        path = "/cgi-bin/service/get_login_info?access_token=#{access_token}"
+        fire_request path, {auth_code: auth_code}
+      end
+
+      def get_register_code(access_token, template_id)
+        path = "/cgi-bin/service/get_register_code?provider_access_token=#{access_token}"
+        response = fire_request path, {template_id: template_id}
+        response['register_code']
+      end
+
+      private
+
+      def fire_request path, params
+        url = "#{GATEWAY_URL}#{path}"
+        response = JSON.parse RestClient.post(
+          url,
+          params.to_json,
+          timeout: 10,
+          content_type: :json,
+          accept: :json
+        )
+        response&.with_indifferent_access
+      end
+
+    end
+
+  end
+end

data/lib/jingubang/weixin/qiye/provider_app_account.rb

@@ -0,0 +1,33 @@
+module Jingubang::Weixin::Qiye
+  module ProviderAppAccount
+
+    # Required fields:
+    #   field :access_token, type: String
+    #   field :expired_at, type: Time
+    #   field :permanent_code, type: String
+    #   def refreshed_access_token
+
+    BASE_URL = 'https://qyapi.weixin.qq.com'
+
+    def self.included(host_class)
+      host_class.include Jingubang::HttpClient
+      host_class.base_url BASE_URL
+      host_class.extend ClassMethods
+    end
+
+    module ClassMethods
+
+      def get_permanent_code auth_code
+        path = "/cgi-bin/service/get_permanent_code?suite_access_token=#{refreshed_access_token}"
+        fire_request path, {auth_code: auth_code}
+      end
+
+      def get_auth_info corpid, permanent_code
+        path = "/cgi-bin/service/get_auth_info?suite_access_token=#{refreshed_access_token}"
+        fire_request path, {auth_corpid: corpid, permanent_code: permanent_code}
+      end
+
+    end
+
+  end
+end

data/lib/jingubang/weixin/qiye/url_helper.rb

@@ -0,0 +1,26 @@
+require 'rest_client'
+
+module Jingubang::Weixin::Qiye
+  class UrlHelper
+
+    class << self
+
+      def user_oauth_path(redirect_uri, corpid: nil, agentid: nil, state: '')
+        "https://open.weixin.qq.com/connect/oauth2/authorize?appid=#{corpid}&redirect_uri=#{redirect_uri}&response_type=code&scope=snsapi_base&agentid=#{agentid}&state=#{state}#wechat_redirect"
+      end
+
+      def third_party_user_oauth_path(redirect_uri, agentid: nil, state: '', user_type: 'member')
+        "https://open.work.weixin.qq.com/wwopen/sso/3rd_qrConnect?appid=#{agentid}&redirect_uri=#{redirect_uri}&state=#{state}&usertype=#{user_type}"
+      end
+
+      def third_party_install_path(redirect_uri, pre_auth_code: nil, agentid: nil, state: '')
+        "https://open.work.weixin.qq.com/3rdapp/install?suite_id=#{agentid}&pre_auth_code=#{pre_auth_code}&redirect_uri=#{redirect_uri}&state=#{state}"
+      end
+
+      def custom_registration_path(register_code)
+        "https://open.work.weixin.qq.com/3rdservice/wework/register?register_code=#{register_code}"
+      end
+
+    end
+  end
+end

metadata

@@ -0,0 +1,92 @@
+--- !ruby/object:Gem::Specification
+name: jingubang
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Zhichao Feng
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-10-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: weixin_message_encryptor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: All-in-on weixin integration for Rails
+email:
+- flankerfc@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- app/controllers/weixin/qiye/notifications_controller.rb
+- jingubang.gemspec
+- lib/jingubang.rb
+- lib/jingubang/http_client.rb
+- lib/jingubang/logger.rb
+- lib/jingubang/rails.rb
+- lib/jingubang/rails/routes.rb
+- lib/jingubang/setting.rb
+- lib/jingubang/test/test_helper.rb
+- lib/jingubang/version.rb
+- lib/jingubang/weixin.rb
+- lib/jingubang/weixin/qiye.rb
+- lib/jingubang/weixin/qiye/account.rb
+- lib/jingubang/weixin/qiye/account/send_message.rb
+- lib/jingubang/weixin/qiye/api_client.rb
+- lib/jingubang/weixin/qiye/provider_app_account.rb
+- lib/jingubang/weixin/qiye/url_helper.rb
+homepage: https://github.com/flanker
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.3'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.3.6
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.14
+signing_key: 
+specification_version: 4
+summary: All-in-on weixin integration for Rails
+test_files: []