jpsclient 2.2.0 → 2.3.0

data/lib/jpsclient/api/workflow.rb

@@ -14,16 +14,7 @@ module JPSClient
 
         path = config["url"]
 
-        response = @http_client.post(path, body: params)
-        result = JPSClient::Response.new(response)
-
-        if result.need_login?
-          do_login(force_login: true)
-          response = @http_client.post(path, body: params)
-          result = JPSClient::Response.new(response)
-        end
-
-        return result.to_h
+        return request_with_auth(:post, path, body: params)
       end
 
       # Create Sort
@@ -36,16 +27,7 @@ module JPSClient
 
         path = config["url"]
 
-        response = @http_client.post(path, body: params)
-        result = JPSClient::Response.new(response)
-
-        if result.need_login?
-          do_login(force_login: true)
-          response = @http_client.post(path, body: params)
-          result = JPSClient::Response.new(response)
-        end
-
-        return result.to_h
+        return request_with_auth(:post, path, body: params)
       end
 
       # Create Delete
@@ -58,16 +40,7 @@ module JPSClient
 
         path = config["url"]
 
-        response = @http_client.post(path, body: params)
-        result = JPSClient::Response.new(response)
-
-        if result.need_login?
-          do_login(force_login: true)
-          response = @http_client.post(path, body: params)
-          result = JPSClient::Response.new(response)
-        end
-
-        return result.to_h
+        return request_with_auth(:post, path, body: params)
       end
 
       # Create Create
@@ -80,16 +53,7 @@ module JPSClient
 
         path = config["url"]
 
-        response = @http_client.post(path, body: params)
-        result = JPSClient::Response.new(response)
-
-        if result.need_login?
-          do_login(force_login: true)
-          response = @http_client.post(path, body: params)
-          result = JPSClient::Response.new(response)
-        end
-
-        return result.to_h
+        return request_with_auth(:post, path, body: params)
       end
 
       # Get List
@@ -102,16 +66,7 @@ module JPSClient
 
         path = config["url"]
 
-        response = @http_client.get(path, params: params)
-        result = JPSClient::Response.new(response)
-
-        if result.need_login?
-          do_login(force_login: true)
-          response = @http_client.get(path, params: params)
-          result = JPSClient::Response.new(response)
-        end
-
-        return result.to_h
+        return request_with_auth(:get, path, params: params)
       end
 
       # 获取指定项目的工作流列表

data/lib/jpsclient/auth/auth.rb

@@ -18,8 +18,8 @@ module JPSClient
   # JPS 登录配置类
   class LoginConfig
     attr_accessor :client_id, :feishu_auth_url, :redirect_uri, :api_endpoint, :state, :server_port
-    attr_accessor :aes_key, :token_verify_endpoint
-    attr_accessor :token_dir, :token_file_name  # 新增 token 存储路径配置
+    attr_accessor :aes_key
+    attr_accessor :token_dir, :token_file_name
 
     def initialize
       # 所有配置必须从外部配置文件加载，不提供硬编码的默认值
@@ -30,7 +30,6 @@ module JPSClient
       @state = 'client_login'  # 仅此项可有默认值
       @server_port = 8898  # 仅此项可有默认值
       @aes_key = nil  # AES 加密密钥，必需配置
-      @token_verify_endpoint = nil  # Token 验证端点，必需配置
       @token_dir = nil  # Token 存储目录，可选配置
       @token_file_name = nil  # Token 文件名，可选配置
     end
@@ -49,7 +48,6 @@ module JPSClient
       config.api_endpoint = data['api_endpoint'] if data['api_endpoint']
       config.state = data['state'] if data['state']
       config.server_port = data['server_port'] if data['server_port']
-      config.token_verify_endpoint = data['token_verify_endpoint'] if data['token_verify_endpoint']
       config.aes_key = data['aes_key'] if data['aes_key']
       config.token_dir = data['token_dir'] if data['token_dir']  # 加载 token 目录配置
       config.token_file_name = data['token_file_name'] if data['token_file_name']  # 加载 token 文件名配置
@@ -65,7 +63,8 @@ module JPSClient
   end
 
   class Auth
-    attr_reader :access_token, :username, :expires_at
+    attr_reader :access_token, :username
+    attr_reader :user_id, :permissions, :lark_user_id, :tenant_manager
 
     def initialize(config = nil)
       # 只接受 LoginConfig 对象或默认配置
@@ -103,7 +102,10 @@ module JPSClient
 
       @access_token = nil
       @username = nil
-      @expires_at = nil
+      @user_id = nil
+      @permissions = nil
+      @lark_user_id = nil
+      @tenant_manager = false
 
       # 调试模式，通过环境变量控制
       @verbose = ENV['PINDO_DEBUG'] == 'true'
@@ -137,7 +139,10 @@ module JPSClient
       {
         'token' => @access_token,
         'username' => @username,
-        'expires_at' => @expires_at
+        'user_id' => @user_id,
+        'permissions' => @permissions,
+        'lark_user_id' => @lark_user_id,
+        'tenant_manager' => @tenant_manager
       }
     end
 
@@ -251,26 +256,6 @@ module JPSClient
       end
     end
 
-    # 检查 token 是否有效
-    def validate_token(token = nil)
-      token_to_check = token || @access_token
-      return false unless token_to_check
-
-      # 检查过期时间
-      if @expires_at && Time.now.to_i > @expires_at
-        puts "Token 已过期，需要重新登录"
-        return false
-      end
-
-      # 简单验证（实际项目中可以调用 API 验证）
-      return true
-    end
-
-    # 验证Pgyer令牌（保留兼容性）
-    def validate_pgyer_token(token = nil, expires_at = nil)
-      validate_token(token)
-    end
-
     # 使用授权码换取 token
     def exchange_code_for_token(code)
       begin
@@ -312,10 +297,13 @@ module JPSClient
 
           if result['meta'] && result['meta']['code'] == 0 && result['data']
             data = result['data']
+            # 兼容 snake_case 和 camelCase 两种响应格式
             @access_token = data['token'] if data['token']
             @username = data['username'] if data['username']
-            # 设置过期时间为 6 天后
-            @expires_at = Time.now.to_i + 6 * 24 * 60 * 60
+            @user_id = data['user_id'] || data['userId']
+            @permissions = data['permissions']
+            @lark_user_id = data['lark_user_id'] || data['larkUserId']
+            @tenant_manager = data['tenant_manager'] || data['tenantManager'] || false
 
             return true if @access_token
           else
@@ -452,8 +440,8 @@ module JPSClient
         end
       end
 
-      # 捕获 Ctrl+C
-      trap('INT') { server.shutdown }
+      # 捕获 Ctrl+C，结束后恢复默认行为
+      previous_trap = trap('INT') { server.shutdown }
 
       # 在线程中运行服务器，最多等待 3 分钟
       thread = Thread.new { server.start }
@@ -462,6 +450,8 @@ module JPSClient
       rescue => e
         puts "服务器等待超时"
         server.shutdown
+      ensure
+        trap('INT', previous_trap || 'DEFAULT')
       end
 
       code

data/lib/jpsclient/auth/token.rb

@@ -2,17 +2,17 @@
 
 require 'json'
 require 'fileutils'
-require 'net/http'
-require 'uri'
 require 'jpsclient/utils/aes'
-require 'jpsclient/base/exception'
 require 'jpsclient/utils/logger'
 
 module JPSClient
 
   # Token 管理类
+  # 负责 token 的本地存储、加载和清除
+  # token 有效性由服务端 401 响应判断，本地不做过期检查
   class Token
-    attr_reader :token, :username, :expires_at
+    attr_reader :token, :username
+    attr_reader :user_id, :permissions, :lark_user_id, :tenant_manager
 
     def initialize(config)
       @config = config
@@ -35,8 +35,10 @@ module JPSClient
       # token 数据
       @token = nil
       @username = nil
-      @expires_at = nil
-      @created_at = nil
+      @user_id = nil
+      @permissions = nil
+      @lark_user_id = nil
+      @tenant_manager = false
 
       # 调试模式
       @verbose = ENV['PINDO_DEBUG'] == 'true'
@@ -66,10 +68,19 @@ module JPSClient
 
         @token = token_data['token']
         @username = token_data['username']
-        @expires_at = token_data['expires_at'].to_i if token_data['expires_at']
-        @created_at = token_data['created_at'].to_i if token_data['created_at']
+        @user_id = token_data['user_id']
+        @permissions = token_data['permissions']
+        @lark_user_id = token_data['lark_user_id']
+        @tenant_manager = token_data.key?('tenant_manager') ? token_data['tenant_manager'] : false
+
+        # 旧版 token 文件缺少 user_id，视为无效，需重新登录获取完整字段
+        unless @token && @user_id
+          puts "Token 文件缺少必要字段，需要重新登录" if @verbose
+          clear
+          return false
+        end
 
-        return true if @token
+        return true
       rescue => e
         puts "读取 token 失败: #{e.message}" if @verbose
         clear_corrupted_file
@@ -79,30 +90,35 @@ module JPSClient
     end
 
     # 保存 token
-    def save(token, username, expires_at)
-      return false unless token
+    # 传入完整数据 Hash
+    def save(token_data)
+      return false unless token_data.is_a?(Hash) && token_data['token']
 
-      @token = token
-      @username = username
-      @expires_at = expires_at.to_i
-      @created_at = Time.now.to_i
+      @token = token_data['token']
+      @username = token_data['username']
+      @user_id = token_data['user_id']
+      @permissions = token_data['permissions']
+      @lark_user_id = token_data['lark_user_id']
+      @tenant_manager = token_data.key?('tenant_manager') ? token_data['tenant_manager'] : false
 
       # 确保目录存在
       FileUtils.mkdir_p(@token_dir) unless Dir.exist?(@token_dir)
 
-      token_data = {
+      save_data = {
         'token' => @token,
         'username' => @username,
-        'expires_at' => @expires_at,
-        'created_at' => @created_at
+        'user_id' => @user_id,
+        'permissions' => @permissions,
+        'lark_user_id' => @lark_user_id,
+        'tenant_manager' => @tenant_manager
       }
 
       # 根据是否有 AES 密钥决定加密方式
       content = if @aes_key
         aes = AES.new(@aes_key)
-        aes.encrypt(token_data.to_json)
+        aes.encrypt(save_data.to_json)
       else
-        token_data.to_json
+        save_data.to_json
       end
 
       File.write(@token_file, content)
@@ -114,106 +130,44 @@ module JPSClient
       false
     end
 
-    # 验证 token 有效性
-    def valid?
-      return false unless @token
-
-      # 1. 检查本地时间过期
-      if expired?
-        puts "Token 已过期 (本地时间检查)" if @verbose
-        return false
-      end
-
-      # 2. 可选：API 验证
-      # 为了避免频繁调用，只在接近过期时验证
-      if should_verify_with_api?
-        return verify_with_api
-      end
-
-      true
-    end
-
-    # 检查是否过期
-    def expired?
-      return true unless @expires_at
-      Time.now.to_i > @expires_at
-    end
-
-    # API 验证 token
-    def verify_with_api
-      return false unless @token && @config
-
-      begin
-        # 使用配置中的验证端点
-        base_url = @config.api_endpoint.split('/api/')[0]  # 获取基础 URL
-        verify_endpoint = @config.respond_to?(:token_verify_endpoint) ? @config.token_verify_endpoint : '/api/user/profile'
-        uri = URI("#{base_url}#{verify_endpoint}")
-
-        request = Net::HTTP::Get.new(uri)
-        request['Authorization'] = "Bearer #{@token}"
-
-        response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') do |http|
-          http.request(request)
-        end
-
-        if response.code == '200'
-          puts "Token API 验证成功" if @verbose
-          return true
-        else
-          puts "Token API 验证失败: #{response.code}" if @verbose
-          return false
-        end
-      rescue => e
-        puts "Token API 验证出错: #{e.message}" if @verbose
-        # API 验证失败时，回退到本地验证
-        return !expired?
-      end
+    # token 是否已加载
+    def loaded?
+      !@token.nil? && !@token.empty?
     end
 
     # 清除 token
     def clear
       @token = nil
       @username = nil
-      @expires_at = nil
-      @created_at = nil
+      @user_id = nil
+      @permissions = nil
+      @lark_user_id = nil
+      @tenant_manager = false
 
       FileUtils.rm_f(@token_file) if File.exist?(@token_file)
       puts "✓ Token 已清除" if @verbose
     end
 
-    # 转换为 Hash（兼容旧代码）
+    # 转换为 Hash
     def to_h
       return nil unless @token
 
       {
         'token' => @token,
         'username' => @username,
-        'expires_at' => @expires_at
+        'user_id' => @user_id,
+        'permissions' => @permissions,
+        'lark_user_id' => @lark_user_id,
+        'tenant_manager' => @tenant_manager
       }
     end
 
-    # 从 Auth 实例更新 token
-    def update_from_auth(auth)
-      return false unless auth.access_token
-
-      save(auth.access_token, auth.username, auth.expires_at)
-    end
-
     private
 
-    # 是否应该通过 API 验证
-    def should_verify_with_api?
-      return false unless @expires_at
-
-      # 策略：最后 24 小时内进行 API 验证
-      remaining_time = @expires_at - Time.now.to_i
-      remaining_time > 0 && remaining_time < 24 * 60 * 60
-    end
-
     # 清除损坏的文件
     def clear_corrupted_file
       FileUtils.rm_f(@token_file) if File.exist?(@token_file)
       puts "已清除损坏的 token 文件" if @verbose
     end
   end
-end
+end

data/lib/jpsclient/base/client.rb

@@ -226,7 +226,7 @@ module JPSClient
         @token_manager = Token.new(@jps_config)
 
         # 尝试加载已保存的 token
-        if @token_manager.load && @token_manager.valid?
+        if @token_manager.load && @token_manager.loaded?
           @token = @token_manager.to_h
         end
 
@@ -258,50 +258,55 @@ module JPSClient
     end
 
     # 核心登录功能
-    def do_login(force_login:false)
-      # 使用 token 管理器统一处理
+    # token 有效性由服务端 401 响应判断，本地不做过期检查
+    def do_login(force_login: false)
       if force_login
-        # 强制重新登录
-        @token_manager.clear  # 清除旧 token
-        auth = Auth.new(@jps_config)
-        result = auth.login
-
-        if result == :user_cancelled
-          Logger.instance.fancyinfo_error("用户取消了登录操作")
-          return false
-        elsif result == true
-          # 保存新 token
-          @token_manager.save(auth.access_token, auth.username, auth.expires_at)
-          update_token_everywhere()
+        @token_manager.clear
+      else
+        # 本地存在 token，直接使用
+        if @token_manager.load && @token_manager.loaded?
+          update_token_everywhere
           return true
-        else
-          Logger.instance.fancyinfo_error("登录失败，未能获取有效token")
-          return false
         end
+      end
+
+      # 需要重新登录
+      auth = Auth.new(@jps_config)
+      result = auth.login
+
+      if result == :user_cancelled
+        Logger.instance.fancyinfo_error("用户取消了登录操作")
+        return false
+      elsif result == true
+        unless @token_manager.save(auth.get_token_data)
+          Logger.instance.fancyinfo_error("Token 保存失败，下次启动需要重新登录")
+        end
+        update_token_everywhere
+        return true
       else
-        # 尝试加载并验证现有 token
-        if @token_manager.load && @token_manager.valid?
-          update_token_everywhere()
-          return true
-        else
-          # Token 无效或不存在，需要重新登录
-          auth = Auth.new(@jps_config)
-          result = auth.login
+        Logger.instance.fancyinfo_error("登录失败，未能获取有效token")
+        return false
+      end
+    end
+
+    # 带 401 重试的统一请求方法
+    # 所有 API 模块应使用此方法发送请求
+    # @param method [Symbol] HTTP 方法 (:get, :post, :put, :delete)
+    # @param path [String] 请求路径
+    # @param opts [Hash] 传递给 http_client 的参数 (params:, body:, timeout: 等)
+    # @return [Hash] 响应数据
+    def request_with_auth(method, path, **opts)
+      response = @http_client.send(method, path, **opts)
+      result = JPSClient::Response.new(response)
 
-          if result == :user_cancelled
-            Logger.instance.fancyinfo_error("用户取消了登录操作")
-            return false
-          elsif result == true
-            # 保存新 token
-            @token_manager.save(auth.access_token, auth.username, auth.expires_at)
-            update_token_everywhere()
-            return true
-          else
-            Logger.instance.fancyinfo_error("登录失败，未能获取有效token")
-            return false
-          end
+      if result.need_login?
+        if do_login(force_login: true)
+          response = @http_client.send(method, path, **opts)
+          result = JPSClient::Response.new(response)
         end
       end
+
+      result.to_h
     end
 
     private

data/lib/jpsclient/http/http_client.rb

@@ -101,6 +101,16 @@ module JPSClient
       request(:post, path, body: body, timeout: timeout)
     end
 
+    # PUT 请求
+    def put(path, body: nil, timeout: nil)
+      request(:put, path, body: body, timeout: timeout)
+    end
+
+    # DELETE 请求
+    def delete(path, params: nil, timeout: nil)
+      request(:delete, path, params: params, timeout: timeout)
+    end
+
     # 更新 token
     def update_token(new_token)
       @token = new_token
@@ -128,7 +138,7 @@ module JPSClient
           req.headers['Content-Type'] = 'application/json'
           req.headers['token'] = @token if @token
           req.params = params if params
-          req.body = body.to_json if body && method == :post
+          req.body = body.to_json if body && [:post, :put, :patch].include?(method)
           req.options.timeout = actual_timeout if actual_timeout
         end
 
@@ -243,8 +253,14 @@ module JPSClient
       @success && (@code.to_s == '0' || @code.to_s == '200')
     end
 
+    # 20001: 登录token失效
     def need_login?
-      @need_login || @code.to_s == '401'
+      @need_login || @code.to_s == '20001'
+    end
+
+    # 20011: 没有权限访问项目
+    def no_permission?
+      @code.to_s == '20011'
     end
 
     def to_h

data/lib/jpsclient/version.rb

@@ -1,3 +1,3 @@
 module JPSClient
-  VERSION = '2.2.0'
+  VERSION = '2.3.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: jpsclient
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors:
 - Your Name
@@ -79,6 +79,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement