wechat 0.2.0

data/bin/wechat

@@ -0,0 +1,172 @@
+#!/usr/bin/env ruby
+
+lib = File.expand_path(File.dirname(__FILE__) + '/../lib')
+$LOAD_PATH.unshift(lib) if File.directory?(lib) && !$LOAD_PATH.include?(lib)
+
+require 'thor'
+require 'wechat'
+require 'json'
+require 'active_support/dependencies/autoload'
+require 'active_support/core_ext'
+require 'active_support/json'
+require 'fileutils'
+require 'yaml'
+
+class App < Thor
+  class Helper
+    def self.with(options)
+      config = loading_config
+
+      appid =  config['appid']
+      secret = config['secret']
+      corpid = config['corpid']
+      corpsecret = config['corpsecret']
+      token_file = options[:toke_file] || config['access_token'] || '/var/tmp/wechat_access_token'
+      agentid = config['agentid']
+
+      if appid.present? && secret.present? && token_file.present?
+        Wechat::Api.new(appid, secret, token_file)
+      elsif corpid.present? && corpsecret.present? && token_file.present?
+        Wechat::CorpApi.new(corpid, corpsecret, token_file, agentid)
+      else
+        puts <<-HELP
+Need create ~/.wechat.yml with wechat appid and secret
+or running at rails root folder so wechat can read config/wechat.yml
+HELP
+        exit 1
+      end
+    end
+
+    private
+
+    def self.loading_config
+      config = {}
+
+      rails_config_file = File.join(Dir.getwd, 'config/wechat.yml')
+      home_config_file = File.join(Dir.home, '.wechat.yml')
+
+      if File.exist?(rails_config_file)
+        config = YAML.load(ERB.new(File.new(rails_config_file).read).result)['default']
+        if config.present? && (config['appid'] || config['corpid'])
+          puts 'Using rails project config/wechat.yml default setting...'
+        else
+          config = {}
+        end
+      end
+
+      if config.blank? && File.exist?(home_config_file)
+        config = YAML.load ERB.new(File.read(home_config_file)).result
+      end
+      config
+    end
+  end
+
+  package_name 'Wechat'
+  option :toke_file, aliases: '-t', desc: 'File to store access token'
+
+  desc 'users', '关注者列表'
+  def users
+    puts Helper.with(options).users
+  end
+
+  desc 'user [OPEN_ID]', '查找关注者'
+  def user(open_id)
+    puts Helper.with(options).user(open_id)
+  end
+
+  desc 'menu', '当前菜单'
+  def menu
+    puts Helper.with(options).menu
+  end
+
+  desc 'menu_delete', '删除菜单'
+  def menu_delete
+    puts 'Menu deleted' if Helper.with(options).menu_delete
+  end
+
+  desc 'menu_create [MENU_YAML_PATH]', '创建菜单'
+  def menu_create(menu_yaml_path)
+    menu = YAML.load(File.new(menu_yaml_path).read)
+    puts 'Menu created' if Helper.with(options).menu_create(menu)
+  end
+
+  desc 'media [MEDIA_ID, PATH]', '媒体下载'
+  def media(media_id, path)
+    tmp_file = Helper.with(options).media(media_id)
+    FileUtils.mv(tmp_file.path, path)
+    puts 'File downloaded'
+  end
+
+  desc 'media_create [MEDIA_TYPE, PATH]', '媒体上传'
+  def media_create(type, path)
+    file = File.new(path)
+    puts Helper.with(options).media_create(type, file)
+  end
+
+  desc 'message_send [OPENID, TEXT_MESSAGE]', '发送文字消息(仅企业号)'
+  def message_send(openid, text_message)
+    puts Helper.with(options).message_send Wechat::Message.to(openid).text(text_message)
+  end
+
+  desc 'custom_text [OPENID, TEXT_MESSAGE]', '发送文字客服消息'
+  def custom_text(openid, text_message)
+    puts Helper.with(options).custom_message_send Wechat::Message.to(openid).text(text_message)
+  end
+
+  desc 'custom_image [OPENID, IMAGE_PATH]', '发送图片客服消息'
+  def custom_image(openid, image_path)
+    file = File.new(image_path)
+    api = Helper.with(options)
+
+    media_id = api.media_create('image', file)['media_id']
+    puts api.custom_message_send Wechat::Message.to(openid).image(media_id)
+  end
+
+  desc 'custom_voice [OPENID, VOICE_PATH]', '发送语音客服消息'
+  def custom_voice(openid, voice_path)
+    file = File.new(voice_path)
+    api = Helper.with(options)
+
+    media_id = api.media_create('voice', file)['media_id']
+    puts api.custom_message_send Wechat::Message.to(openid).voice(media_id)
+  end
+
+  desc 'custom_video [OPENID, VIDEO_PATH]', '发送视频客服消息'
+  method_option :title, aliases: '-h', desc: '视频标题'
+  method_option :description, aliases: '-d', desc: '视频描述'
+  def custom_video(openid, video_path)
+    file = File.new(video_path)
+    api = Helper.with(options)
+
+    api_opts = options.slice(:title, :description)
+    media_id = api.media_create('video', file)['media_id']
+    puts api.custom_message_send Wechat::Message.to(openid).video(media_id, api_opts)
+  end
+
+  desc 'custom_music [OPENID, THUMBNAIL_PATH, MUSIC_URL]', '发送音乐客服消息'
+  method_option :title, aliases: '-h', desc: '音乐标题'
+  method_option :description, aliases: '-d', desc: '音乐描述'
+  method_option :HQ_music_url, aliases: '-u', desc: '高质量音乐URL链接'
+  def custom_music(openid, thumbnail_path, music_url)
+    file = File.new(thumbnail_path)
+    api = Helper.with(options)
+
+    api_opts = options.slice(:title, :description, :HQ_music_url)
+    thumb_media_id = api.media_create('thumb', file)['thumb_media_id']
+    puts api.custom_message_send Wechat::Message.to(openid).music(thumb_media_id, music_url, api_opts)
+  end
+
+  desc 'custom_news [OPENID, NEWS_YAML_PATH]', '发送图文客服消息'
+  def custom_news(openid, news_yaml_path)
+    articles = YAML.load(File.new(news_yaml_path).read)
+    puts Helper.with(options).custom_message_send Wechat::Message.to(openid).news(articles['articles'])
+  end
+
+  desc 'template_message [OPENID, TEMPLATE_YAML_PATH]', '模板消息接口'
+  def template_message(openid, template_yaml_path)
+    template = YAML.load(File.new(template_yaml_path).read)
+    puts Helper.with(options).template_message_send Wechat::Message.to(openid).template(template['template'])
+  end
+end
+
+App.start

data/lib/wechat.rb

@@ -0,0 +1,104 @@
+require 'wechat/api'
+require 'wechat/corp_api'
+
+module Wechat
+  autoload :Message, 'wechat/message'
+  autoload :Responder, 'wechat/responder'
+  autoload :Cipher, 'wechat/cipher'
+
+  class AccessTokenExpiredError < StandardError; end
+  class ResponseError < StandardError
+    attr_reader :error_code
+    def initialize(errcode, errmsg)
+      @error_code = errcode
+      super "#{errmsg}(#{error_code})"
+    end
+  end
+
+  attr_reader :config
+
+  def self.config
+    @config ||= begin
+      if defined? Rails
+        config_file = Rails.root.join('config/wechat.yml')
+        config = YAML.load(ERB.new(File.new(config_file).read).result)[Rails.env] if File.exist?(config_file)
+      end
+
+      config ||= { appid: ENV['WECHAT_APPID'],
+                   secret: ENV['WECHAT_SECRET'],
+                   corpid: ENV['WECHAT_CORPID'],
+                   corpsecret: ENV['WECHAT_CORPSECRET'],
+                   agentid: ENV['WECHAT_AGENTID'],
+                   token: ENV['WECHAT_TOKEN'],
+                   access_token: ENV['WECHAT_ACCESS_TOKEN'],
+                   encrypt_mode: ENV['WECHAT_ENCRYPT_MODE'],
+                   encoding_aes_key: ENV['WECHAT_ENCODING_AES_KEY'] }
+      config.symbolize_keys!
+      config[:access_token] ||= Rails.root.join('tmp/access_token').to_s
+      config[:jsapi_ticket] ||= Rails.root.join('tmp/jsapi_ticket').to_s
+      OpenStruct.new(config)
+    end
+  end
+
+  def self.api
+    if config.corpid.present?
+      @api ||= Wechat::CorpApi.new(config.corpid, config.corpsecret, config.access_token, config.agentid)
+    else
+      @api ||= Wechat::Api.new(config.appid, config.secret, config.access_token, config.jsapi_ticket)
+    end
+  end
+end
+
+if defined? ActionController::Base
+  class ActionController::Base
+    def self.wechat_responder(opts = {})
+      send(:include, Wechat::Responder)
+      if opts.empty?
+        self.corpid = Wechat.config.corpid
+        self.wechat = Wechat.api
+        self.agentid = Wechat.config.agentid
+        self.token = Wechat.config.token
+        self.encrypt_mode = Wechat.config.encrypt_mode
+        self.encoding_aes_key = Wechat.config.encoding_aes_key
+      else
+        self.corpid = opts[:corpid]
+        if corpid.present?
+          self.wechat = Wechat::CorpApi.new(opts[:corpid], opts[:corpsecret], opts[:access_token], opts[:agentid])
+        else
+          self.wechat = Wechat::Api.new(opts[:appid], opts[:secret], opts[:access_token], opts[:jsapi_ticket])
+        end
+        self.agentid = opts[:agentid]
+        self.token = opts[:token]
+        self.encrypt_mode = opts[:encrypt_mode]
+        self.encoding_aes_key = opts[:encoding_aes_key]
+      end
+    end
+  end
+end
+
+if defined? ActionController::API
+  class ActionController::API
+    def self.wechat_responder(opts = {})
+      send(:include, Wechat::Responder)
+      if opts.empty?
+        self.corpid = Wechat.config.corpid
+        self.wechat = Wechat.api
+        self.agentid = Wechat.config.agentid
+        self.token = Wechat.config.token
+        self.encrypt_mode = Wechat.config.encrypt_mode
+        self.encoding_aes_key = Wechat.config.encoding_aes_key
+      else
+        self.corpid = opts[:corpid]
+        if corpid.present?
+          self.wechat = Wechat::CorpApi.new(opts[:corpid], opts[:corpsecret], opts[:access_token], opts[:agentid])
+        else
+          self.wechat = Wechat::Api.new(opts[:appid], opts[:secret], opts[:access_token], opts[:jsapi_ticket])
+        end
+        self.agentid = opts[:agentid]
+        self.token = opts[:token]
+        self.encrypt_mode = opts[:encrypt_mode]
+        self.encoding_aes_key = opts[:encoding_aes_key]
+      end
+    end
+  end
+end

data/lib/wechat/access_token.rb

@@ -0,0 +1,41 @@
+module Wechat
+  class AccessToken
+    attr_reader :client, :appid, :secret, :token_file, :token_data
+
+    def initialize(client, appid, secret, token_file)
+      @appid = appid
+      @secret = secret
+      @client = client
+      @token_file = token_file
+    end
+
+    def token
+      begin
+        @token_data ||= JSON.parse(File.read(token_file))
+        created_at = token_data['created_at'].to_i
+        expires_in = token_data['expires_in'].to_i
+        if Time.now.to_i - created_at >= expires_in - 3 * 60
+          raise 'token_data may be expired'
+        end
+      rescue
+        refresh
+      end
+      valid_token(@token_data)
+    end
+
+    def refresh
+      data = client.get('token', params: { grant_type: 'client_credential', appid: appid, secret: secret })
+      data.merge!(created_at: Time.now.to_i)
+      File.open(token_file, 'w') { |f| f.write(data.to_json) } if valid_token(data)
+      @token_data = data
+    end
+
+    private
+
+    def valid_token(token_data)
+      access_token = token_data['access_token']
+      raise "Response didn't have access_token" if access_token.blank?
+      access_token
+    end
+  end
+end

data/lib/wechat/api.rb

@@ -0,0 +1,85 @@
+require 'wechat/client'
+require 'wechat/access_token'
+require 'wechat/jsapi_ticket'
+
+class Wechat::Api
+  attr_reader :access_token, :client, :jsapi_ticket
+
+  API_BASE = 'https://api.weixin.qq.com/cgi-bin/'
+  FILE_BASE = 'http://file.api.weixin.qq.com/cgi-bin/'
+  OAUTH2_BASE = 'https://api.weixin.qq.com/sns/oauth2/'
+
+  def initialize(appid, secret, token_file, jsapi_ticket_file = '/var/tmp/wechat_jsapi_ticket')
+    @client = Wechat::Client.new(API_BASE)
+    @access_token = Wechat::AccessToken.new(@client, appid, secret, token_file)
+    @jsapi_ticket = Wechat::JsapiTicket.new(@client, @access_token, jsapi_ticket_file)
+  end
+
+  def users(nextid = nil)
+    params = { params: { next_openid: nextid } } if nextid.present?
+    get('user/get', params || {})
+  end
+
+  def user(openid)
+    get('user/info', params: { openid: openid })
+  end
+
+  def menu
+    get('menu/get')
+  end
+
+  def menu_delete
+    get('menu/delete')
+  end
+
+  def menu_create(menu)
+    # 微信不接受7bit escaped json(eg \uxxxx), 中文必须UTF-8编码, 这可能是个安全漏洞
+    post('menu/create', JSON.generate(menu))
+  end
+
+  def media(media_id)
+    get 'media/get', params: { media_id: media_id }, base: FILE_BASE, as: :file
+  end
+
+  def media_create(type, file)
+    post 'media/upload', { upload: { media: file } }, params: { type: type }, base: FILE_BASE
+  end
+
+  def custom_message_send(message)
+    post 'message/custom/send', message.to_json, content_type: :json
+  end
+
+  def template_message_send(message)
+    post 'message/template/send', message.to_json, content_type: :json
+  end
+
+  # http://mp.weixin.qq.com/wiki/17/c0f37d5704f0b64713d5d2c37b468d75.html
+  # 第二步：通过code换取网页授权access_token
+  def web_access_token(code)
+    params = {
+      appid: access_token.appid,
+      secret: access_token.secret,
+      code: code,
+      grant_type: 'authorization_code'
+    }
+    get 'access_token', params: params, base: OAUTH2_BASE
+  end
+
+  protected
+
+  def get(path, headers = {})
+    with_access_token(headers[:params]) { |params| client.get path, headers.merge(params: params) }
+  end
+
+  def post(path, payload, headers = {})
+    with_access_token(headers[:params]) { |params| client.post path, payload, headers.merge(params: params) }
+  end
+
+  def with_access_token(params = {}, tries = 2)
+    params ||= {}
+    yield(params.merge(access_token: access_token.token))
+  rescue Wechat::AccessTokenExpiredError
+    access_token.refresh
+    retry unless (tries -= 1).zero?
+  end
+end

data/lib/wechat/cipher.rb

@@ -0,0 +1,72 @@
+require 'openssl/cipher'
+require 'securerandom'
+require 'base64'
+
+module Wechat
+  module Cipher
+    extend ActiveSupport::Concern
+
+    BLOCK_SIZE = 32
+    CIPHER = 'AES-256-CBC'
+
+    def encrypt(plain, encoding_aes_key)
+      cipher = OpenSSL::Cipher.new(CIPHER)
+      cipher.encrypt
+
+      cipher.padding = 0
+      key_data = Base64.decode64(encoding_aes_key)
+      cipher.key = key_data
+      cipher.iv = key_data[0..16]
+
+      cipher.update(encode_padding(plain)) + cipher.final
+    end
+
+    def decrypt(msg, encoding_aes_key)
+      cipher = OpenSSL::Cipher.new(CIPHER)
+      cipher.decrypt
+
+      cipher.padding = 0
+      key_data = Base64.decode64(encoding_aes_key)
+      cipher.key = key_data
+      cipher.iv = key_data[0..16]
+
+      plain = cipher.update(msg) + cipher.final
+      decode_padding(plain)
+    end
+
+    # app_id or corp_id
+    def pack(content, app_id)
+      random = SecureRandom.hex(8)
+      text = content.force_encoding('ASCII-8BIT')
+      msg_len = [text.length].pack('N')
+
+      encode_padding("#{random}#{msg_len}#{text}#{app_id}")
+    end
+
+    def unpack(msg)
+      msg = decode_padding(msg)
+      msg_len = msg[16, 4].reverse.unpack('V')[0]
+      content = msg[20, msg_len]
+      app_id = msg[(20 + msg_len)..-1]
+
+      [content, app_id]
+    end
+
+    private
+
+    def encode_padding(data)
+      length = data.bytes.length
+      amount_to_pad = BLOCK_SIZE - (length % BLOCK_SIZE)
+      amount_to_pad = BLOCK_SIZE if amount_to_pad == 0
+      padding = ([amount_to_pad].pack('c') * amount_to_pad)
+      data + padding
+    end
+
+    def decode_padding(plain)
+      pad = plain.bytes[-1]
+      # no padding
+      pad = 0 if pad < 1 || pad > BLOCK_SIZE
+      plain[0...(plain.length - pad)]
+    end
+  end
+end