shixian-weixin_authorize 1.6.2

data/lib/weixin_authorize/api/qrcode.rb

@@ -0,0 +1,57 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module Qrcode
+    # http://mp.weixin.qq.com/wiki/index.php?title=生成带参数的二维码
+
+      # 临时二维码
+      def create_qr_scene(scene_id, expire_seconds=1800)
+        post_url     = "#{qrcode_base_url}/create"
+        qrcode_infos = {action_name: "QR_SCENE", expire_seconds: expire_seconds}
+        qrcode_infos = qrcode_infos.merge(action_info(scene_id))
+        http_post(post_url, qrcode_infos)
+      end
+
+      # 永久二维码
+      # options: scene_id, scene_str
+      def create_qr_limit_scene(options)
+        scene_id = options[:scene_id]
+        scene_str = options[:scene_str]
+        post_url     = "#{qrcode_base_url}/create"
+        qrcode_infos = {action_name: "QR_LIMIT_SCENE"}
+        qrcode_infos = qrcode_infos.merge(action_info(scene_id))
+        http_post(post_url, qrcode_infos)
+      end
+
+      # 为永久的字符串参数值
+      # options: scene_str
+      def create_qr_limit_str_scene(options)
+        scene_str = options[:scene_str]
+        post_url     = "#{qrcode_base_url}/create"
+        qrcode_infos = {action_name: "QR_LIMIT_STR_SCENE"}
+        qrcode_infos = qrcode_infos.merge(action_info(nil, scene_str))
+        http_post(post_url, qrcode_infos)
+      end
+
+
+      # 通过ticket换取二维码, 直接访问即可显示！
+      def qr_code_url(ticket)
+        WeixinAuthorize.mp_endpoint("/showqrcode?ticket=#{ticket}")
+      end
+
+      private
+
+        def qrcode_base_url
+          "/qrcode"
+        end
+
+        def action_info(scene_id, scene_str=nil)
+          scene_info = {}
+          scene_info[:scene_id] = scene_id if !scene_id.nil?
+          scene_info[:scene_str] = scene_str if !scene_str.nil?
+          {action_info: {scene: scene_info}}
+        end
+
+    end
+  end
+end

data/lib/weixin_authorize/api/template.rb

@@ -0,0 +1,34 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module Template
+
+      # 设置所属行业
+      # 需要选择公众账号服务所处的2个行业，每月可更改1次所选行业；
+      # 初始化行业时，传入两个，每月更改时，传入一个即可。
+      def set_template_industry(industry_id1, industry_id2="")
+        industries = {industry_id1: industry_id1}
+        if industry_id2 != ""
+          industries.merge!({industry_id2: industry_id2})
+        end
+        http_post("/template/api_set_industry", industries)
+      end
+
+      # 获得模板ID
+      # code: 模板库中模板的编号，有“TM**”和“OPENTMTM**”等形式
+      def add_template(code)
+        http_post("/template/api_add_template", template_id_short: code)
+      end
+
+      # 发送模板消息
+      def send_template_msg(touser, template_id, url, topcolor, data)
+        msg = {
+          touser: touser, template_id: template_id,
+          url: url, topcolor: topcolor, data: data
+        }
+        http_post("/message/template/send", msg)
+      end
+
+    end
+  end
+end

data/lib/weixin_authorize/api/user.rb

@@ -0,0 +1,47 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module User
+
+      # 获取用户基本信息
+      # https://api.weixin.qq.com/cgi-bin/user/info?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN
+      # lang: zh_CN, zh_TW, en
+      def user(openid, lang="zh_CN")
+        user_info_url = "#{user_base_url}/info"
+        http_get(user_info_url, {openid: openid, lang: lang})
+      end
+
+      # 获取关注者列表
+      # https://api.weixin.qq.com/cgi-bin/user/get?access_token=ACCESS_TOKEN&next_openid=NEXT_OPENID
+      def followers(next_openid="")
+        followers_url = "#{user_base_url}/get"
+        http_get(followers_url, {next_openid: next_openid})
+      end
+
+      # 设置备注名
+      # http请求方式: POST（请使用https协议）
+      # https://api.weixin.qq.com/cgi-bin/user/info/updateremark?access_token=ACCESS_TOKEN
+      # POST数据格式：JSON
+      # POST数据例子：
+      # {
+      #   "openid":"oDF3iY9ffA-hqb2vVvbr7qxf6A0Q",
+      #   "remark":"pangzi"
+      # }
+      def update_remark(openid, remark)
+        update_url = "/user/info/updateremark"
+        payload = {
+          openid: openid,
+          remark: remark
+        }
+        http_post(update_url, payload)
+      end
+
+      private
+
+        def user_base_url
+          "/user"
+        end
+
+    end
+  end
+end

data/lib/weixin_authorize/api.rb

@@ -0,0 +1,3 @@
+Dir["#{File.dirname(__FILE__)}/api/*.rb"].each do |path|
+  require path
+end

data/lib/weixin_authorize/carrierwave/weixin_uploader.rb

@@ -0,0 +1,4 @@
+module WeixinAuthorize
+  class WeixinUploader < CarrierWave::Uploader::Base
+  end
+end

data/lib/weixin_authorize/client.rb

@@ -0,0 +1,86 @@
+# encoding: utf-8
+require "redis"
+require 'digest/md5'
+module WeixinAuthorize
+
+  class Client
+    include Api::User
+    include Api::Menu
+    include Api::Custom
+    include Api::Groups
+    include Api::Qrcode
+    include Api::Media
+    include Api::Mass
+    include Api::Oauth
+    include Api::Template
+
+    attr_accessor :app_id, :app_secret, :expired_at # Time.now + expires_in
+    attr_accessor :access_token, :redis_key
+    attr_accessor :jsticket, :jsticket_expired_at, :jsticket_redis_key
+
+    def initialize(app_id, app_secret, redis_key=nil)
+      @app_id     = app_id
+      @app_secret = app_secret
+      @jsticket_expired_at = @expired_at = Time.now.to_i
+      @redis_key  = security_redis_key(redis_key || "weixin_#{app_id}")
+      @jsticket_redis_key = security_redis_key("js_sdk_#{app_id}")
+    end
+
+    # return token
+    def get_access_token
+      token_store.access_token
+    end
+
+    # 检查appid和app_secret是否有效。
+    def is_valid?
+      token_store.valid?
+    end
+
+    def token_store
+      Token::Store.init_with(self)
+    end
+
+    def jsticket_store
+      JsTicket::Store.init_with(self)
+    end
+
+    def get_jsticket
+      jsticket_store.jsticket
+    end
+
+    # 获取js sdk 签名包
+    def get_jssign_package(url)
+      timestamp = Time.now.to_i
+      noncestr = SecureRandom.hex(16)
+      str = "jsapi_ticket=#{get_jsticket}&noncestr=#{noncestr}&timestamp=#{timestamp}&url=#{url}";
+      signature = Digest::SHA1.hexdigest(str)
+      {
+        "appId"     => app_id,    "nonceStr"  => noncestr,
+        "timestamp" => timestamp, "url"       => url,
+        "signature" => signature, "rawString" => str
+      }
+    end
+
+    # 暴露出：http_get,http_post两个方法，方便第三方开发者扩展未开发的微信API。
+    def http_get(url, headers={}, endpoint="plain")
+      headers = headers.merge(access_token_param)
+      WeixinAuthorize.http_get_without_token(url, headers, endpoint)
+    end
+
+    def http_post(url, payload={}, headers={}, endpoint="plain")
+      headers = access_token_param.merge(headers)
+      WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
+    end
+
+    private
+
+      def access_token_param
+        {access_token: get_access_token}
+      end
+
+      def security_redis_key(key)
+        Digest::MD5.hexdigest(key.to_s).upcase
+      end
+
+  end
+end

data/lib/weixin_authorize/config.rb

@@ -0,0 +1,29 @@
+module WeixinAuthorize
+
+  class << self
+
+    attr_accessor :config
+
+    def configure
+      yield self.config ||= Config.new
+    end
+
+    def weixin_redis
+      return nil if config.nil?
+      @redis ||= config.redis
+    end
+
+    # 可选配置: RestClient timeout, etc.
+    # key 必须是符号
+    def rest_client_options
+      if config.nil?
+        return {timeout: 5, open_timeout: 5, verify_ssl: true}
+      end
+      config.rest_client_options
+    end
+  end
+
+  class Config
+    attr_accessor :redis, :rest_client_options
+  end
+end

data/lib/weixin_authorize/handler/exceptions.rb

@@ -0,0 +1,7 @@
+# encoding: utf-8
+module WeixinAuthorize
+
+class ValidAccessTokenException < RuntimeError
+end
+
+end

data/lib/weixin_authorize/handler/global_code.rb

@@ -0,0 +1,89 @@
+# encoding: utf-8
+module WeixinAuthorize
+
+  GLOBAL_CODES = {
+    -1    => "系统繁忙",
+    0     => "请求成功",
+    40001 => "获取access_token时AppSecret错误，或者access_token无效",
+    40002 => "不合法的凭证类型",
+    40003 => "不合法的OpenID",
+    40004 => "不合法的媒体文件类型",
+    40005 => "不合法的文件类型",
+    40006 => "不合法的文件大小",
+    40007 => "不合法的媒体文件id",
+    40008 => "不合法的消息类型",
+    40009 => "不合法的图片文件大小",
+    40010 => "不合法的语音文件大小",
+    40011 => "不合法的视频文件大小",
+    40012 => "不合法的缩略图文件大小",
+    40013 => "不合法的APPID",
+    40014 => "不合法的access_token",
+    40015 => "不合法的菜单类型",
+    40016 => "不合法的按钮个数",
+    40017 => "不合法的按钮个数",
+    40018 => "不合法的按钮名字长度",
+    40019 => "不合法的按钮KEY长度",
+    40020 => "不合法的按钮URL长度",
+    40021 => "不合法的菜单版本号",
+    40022 => "不合法的子菜单级数",
+    40023 => "不合法的子菜单按钮个数",
+    40024 => "不合法的子菜单按钮类型",
+    40025 => "不合法的子菜单按钮名字长度",
+    40026 => "不合法的子菜单按钮KEY长度",
+    40027 => "不合法的子菜单按钮URL长度",
+    40028 => "不合法的自定义菜单使用用户",
+    40029 => "不合法的oauth_code",
+    40030 => "不合法的refresh_token",
+    40031 => "不合法的openid列表",
+    40032 => "不合法的openid列表长度",
+    40033 => "不合法的请求字符，不能包含xxxx格式的字符",
+    40035 => "不合法的参数",
+    40038 => "不合法的请求格式",
+    40039 => "不合法的URL长度",
+    40050 => "不合法的分组id",
+    40051 => "分组名字不合法",
+    41001 => "缺少access_token参数",
+    41002 => "缺少appid参数",
+    41003 => "缺少refresh_token参数",
+    41004 => "缺少secret参数",
+    41005 => "缺少多媒体文件数据",
+    41006 => "缺少media_id参数",
+    41007 => "缺少子菜单数据",
+    41008 => "缺少oauth code",
+    41009 => "缺少openid",
+    42001 => "access_token超时",
+    42002 => "refresh_token超时",
+    42003 => "oauth_code超时",
+    43001 => "需要GET请求",
+    43002 => "需要POST请求",
+    43003 => "需要HTTPS请求",
+    43004 => "需要接收者关注",
+    43005 => "需要好友关系",
+    44001 => "多媒体文件为空",
+    44002 => "POST的数据包为空",
+    44003 => "图文消息内容为空",
+    44004 => "文本消息内容为空",
+    45001 => "多媒体文件大小超过限制",
+    45002 => "消息内容超过限制",
+    45003 => "标题字段超过限制",
+    45004 => "描述字段超过限制",
+    45005 => "链接字段超过限制",
+    45006 => "图片链接字段超过限制",
+    45007 => "语音播放时间超过限制",
+    45008 => "图文消息超过限制",
+    45009 => "接口调用超过限制",
+    45010 => "创建菜单个数超过限制",
+    45015 => "回复时间超过限制",
+    45016 => "系统分组，不允许修改",
+    45017 => "分组名字过长",
+    45018 => "分组数量超过上限",
+    46001 => "不存在媒体数据",
+    46002 => "不存在的菜单版本",
+    46003 => "不存在的菜单数据",
+    46004 => "不存在的用户",
+    47001 => "解析JSON/XML内容错误",
+    48001 => "api功能未授权",
+    50001 => "用户未授权该api"
+  }unless defined?(GLOBAL_CODES)
+
+end

data/lib/weixin_authorize/handler/result_handler.rb

@@ -0,0 +1,52 @@
+# encoding: utf-8
+module WeixinAuthorize
+
+  class ResultHandler
+
+    attr_accessor :code, :cn_msg, :en_msg, :result
+
+    def initialize(code, en_msg, result={})
+      @code   = code   || OK_CODE
+      @en_msg = en_msg || OK_MSG
+      @cn_msg = GLOBAL_CODES[@code.to_i]
+      @result = package_result(result)
+    end
+
+    # This method is to valid the current request if is true or is false
+    def is_ok?
+      code == OK_CODE
+    end
+    alias_method :ok?, :is_ok?
+
+    # e.g.:
+    # 45009: api freq out of limit(接口调用超过限制)
+    def full_message
+      "#{code}: #{en_msg}(#{cn_msg})."
+    end
+    alias_method :full_messages, :full_message
+
+    def full_error_message
+      full_message if !is_ok?
+    end
+    alias_method :full_error_messages, :full_error_message
+    alias_method :errors, :full_error_message
+
+    private
+
+      # if define Rails constant
+      # result = WeixinAuthorize::ResultHandler.new("0", "success", {:ok => "true"})
+      # result.result["ok"] #=> true
+      # result.result[:ok] #=> true
+      # result.result['ok'] #=> true
+      def package_result(result)
+        return result if !result.is_a?(Hash)
+        if defined?(Rails)
+          ActiveSupport::HashWithIndifferentAccess.new(result)
+        else
+          result
+        end
+      end
+
+  end
+
+end

data/lib/weixin_authorize/handler.rb

@@ -0,0 +1,3 @@
+require "weixin_authorize/handler/global_code"
+require "weixin_authorize/handler/result_handler"
+require "weixin_authorize/handler/exceptions"

data/lib/weixin_authorize/js_ticket/object_store.rb

@@ -0,0 +1,21 @@
+module WeixinAuthorize
+  module JsTicket
+    class ObjectStore < Store
+
+      def jsticket_expired?
+        # 如果当前token过期时间小于现在的时间，则重新获取一次
+        client.jsticket_expired_at <= Time.now.to_i
+      end
+
+      def jsticket
+        super
+        client.jsticket
+      end
+
+      def refresh_jsticket
+        super
+      end
+
+    end
+  end
+end

data/lib/weixin_authorize/js_ticket/redis_store.rb

@@ -0,0 +1,41 @@
+module WeixinAuthorize
+  module JsTicket
+    class RedisStore < Store
+      JSTICKET = "jsticket"
+      EXPIRED_AT = "expired_at"
+
+      def jsticket_expired?
+        weixin_redis.hvals(client.jsticket_redis_key).empty?
+      end
+
+      def refresh_jsticket
+        super
+        weixin_redis.hmset(
+          client.jsticket_redis_key,
+          JSTICKET,
+          client.jsticket,
+          EXPIRED_AT,
+          client.jsticket_expired_at
+        )
+        weixin_redis.expireat(
+          client.jsticket_redis_key,
+          client.jsticket_expired_at.to_i
+        )
+      end
+
+      def jsticket
+        super
+        client.jsticket = weixin_redis.hget(client.jsticket_redis_key, JSTICKET)
+        client.jsticket_expired_at = weixin_redis.hget(
+          client.jsticket_redis_key,
+          EXPIRED_AT
+        )
+        client.jsticket
+      end
+
+      def weixin_redis
+        WeixinAuthorize.weixin_redis
+      end
+    end
+  end
+end

data/lib/weixin_authorize/js_ticket/store.rb

@@ -0,0 +1,40 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module JsTicket
+    class Store
+
+      attr_accessor :client
+
+      def initialize(client)
+        @client = client
+      end
+
+      def self.init_with(client)
+        if WeixinAuthorize.weixin_redis.nil?
+          ObjectStore.new(client)
+        else
+          RedisStore.new(client)
+        end
+      end
+
+      def jsticket_expired?
+        raise NotImplementedError, "Subclasses must implement a jsticket_expired? method"
+      end
+
+      def refresh_jsticket
+        set_jsticket
+      end
+
+      def jsticket
+        refresh_jsticket if jsticket_expired?
+      end
+
+      def set_jsticket
+        result = client.http_get("/ticket/getticket", {type: 1}).result
+        client.jsticket = result["ticket"]
+        client.jsticket_expired_at = result["expires_in"] + Time.now.to_i
+      end
+
+    end
+  end
+end

data/lib/weixin_authorize/token/object_store.rb

@@ -0,0 +1,25 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Token
+    class ObjectStore < Store
+
+      def valid?
+        super
+      end
+
+      def token_expired?
+        # 如果当前token过期时间小于现在的时间，则重新获取一次
+        client.expired_at <= Time.now.to_i
+      end
+
+      def refresh_token
+        super
+      end
+
+      def access_token
+        super
+        client.access_token
+      end
+    end
+  end
+end

data/lib/weixin_authorize/token/redis_store.rb

@@ -0,0 +1,35 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Token
+    class RedisStore < Store
+
+      def valid?
+       weixin_redis.del(client.redis_key)
+       super
+      end
+
+      def token_expired?
+        weixin_redis.hvals(client.redis_key).empty?
+      end
+
+      def refresh_token
+        super
+        weixin_redis.hmset(client.redis_key, "access_token", client.access_token,
+                                             "expired_at",   client.expired_at)
+        weixin_redis.expireat(client.redis_key, client.expired_at.to_i-10) # 提前10秒超时
+      end
+
+      def access_token
+        super
+        client.access_token = weixin_redis.hget(client.redis_key, "access_token")
+        client.expired_at   = weixin_redis.hget(client.redis_key, "expired_at")
+        client.access_token
+      end
+
+      def weixin_redis
+        WeixinAuthorize.weixin_redis
+      end
+    end
+  end
+
+end

data/lib/weixin_authorize/token/store.rb

@@ -0,0 +1,72 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Token
+    class Store
+
+      attr_accessor :client
+
+      def initialize(client)
+        @client = client
+      end
+
+      def self.init_with(client)
+        if WeixinAuthorize.weixin_redis.nil?
+          ObjectStore.new(client)
+        else
+          RedisStore.new(client)
+        end
+      end
+
+      def valid?
+        authenticate["valid"]
+      end
+
+      def authenticate
+        auth_result = http_get_access_token
+        auth = false
+        if auth_result.is_ok?
+          set_access_token(auth_result.result)
+          auth = true
+        end
+        {"valid" => auth, "handler" => auth_result}
+      end
+
+      def refresh_token
+        handle_valid_exception
+        set_access_token
+      end
+
+      def access_token
+        refresh_token if token_expired?
+      end
+
+      def token_expired?
+        raise NotImplementedError, "Subclasses must implement a token_expired? method"
+      end
+
+      def set_access_token(access_token_infos=nil)
+        token_infos = access_token_infos || http_get_access_token.result
+        client.access_token = token_infos["access_token"]
+        client.expired_at   = Time.now.to_i + token_infos["expires_in"].to_i
+      end
+
+      def http_get_access_token
+        WeixinAuthorize.http_get_without_token("/token", authenticate_headers)
+      end
+
+      def authenticate_headers
+        {grant_type: GRANT_TYPE, appid: client.app_id, secret: client.app_secret}
+      end
+
+      private
+
+        def handle_valid_exception
+          auth_result = authenticate
+          if !auth_result["valid"]
+            result_handler = auth_result["handler"]
+            raise ValidAccessTokenException, result_handler.full_error_message
+          end
+        end
+    end
+  end
+end

data/lib/weixin_authorize/version.rb

@@ -0,0 +1,3 @@
+module WeixinAuthorize
+  VERSION = "1.6.2"
+end