weixin_authorize 1.6.0 → 1.6.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6ae5accd2ca51dbfc3abbd41c541a8913493f554
-  data.tar.gz: a5fdabeca49c96650bdbadf256904dafb357b7be
+  metadata.gz: 7dcf07084b174215116839f53e3933a8360cd975
+  data.tar.gz: 7e92dc7924d59e62f8f3f84f22b29947e2468c28
 SHA512:
-  metadata.gz: 99ddcf2475e65599290e0413742f4214f666860b52e6b5ba4bdef7559e6170822e4c9803450c9b3096620a3044da2a3c21612ff2aaaf962bbe9754c3d465bc53
-  data.tar.gz: 8fea13921210dbc0e0d9b8741c6a3ab33de5177bc4ae076ec32b6c1f3b7374e9517e0b2fb2592f10286f3037e069a175cd9001d9f522021494925c72a6b65750
+  metadata.gz: b42caf728256adac156fabb2c4ebfe62b37a1b7b3d3916713164c6ec761d4d2de5863904e38c96d2d4c23b6698551c35849abd79007c0a9586a5dafddd0c914b
+  data.tar.gz: 96acbc6e7563d3a44bdea2b9063e3b9fd1f43a00219cfe0d6ad91577c734a82dac144cec11fbb257917e1ca63396c515a5aa2f783c8815d2c33b867f0a09f6af

data/.rspec

@@ -1 +1,2 @@
 --format documentation --color spec --drb
+--require spec_helper

data/Gemfile

@@ -1,16 +1,15 @@
 source 'https://rubygems.org'
 
 group :test, :development do
-  gem "rspec", "~> 3.0.0.beta1"
-  gem "redis-namespace", "~> 1.4.1"
-  gem "rake", "~> 0.9.6"
+  gem "rspec"
+  gem 'redis-namespace'
   gem 'simplecov', '~> 0.7.1', :require => false
   gem "codeclimate-test-reporter", require: nil
   gem 'coveralls', require: false
   # For debugger
-  gem "pry-rails", "~> 0.3.2"
+  gem "pry-rails"
 
-  gem "pry-debugger", "~> 0.2.2"
+  gem "pry-byebug"
 end
 
 # Specify your gem's dependencies in weixin_authorize.gemspec

data/README.md

@@ -7,24 +7,35 @@
 
 Support using [Redis](http://redis.io) to store `access_token`
 
-[查看Wiki](https://github.com/lanrion/weixin_authorize/wiki)
+[Wiki](https://github.com/lanrion/weixin_authorize/wiki)
 
 [Getting-Started](https://github.com/lanrion/weixin_authorize/wiki/Getting-Started)
 
+## V2.0开发中： 
+https://github.com/lanrion/weixin_authorize/milestones/v2.0-dev
+
+1. 重构API实现，调用方式
+2. 对token，ticket的管理，提供第三方开发灵活者自助化
+3. 尝试RestClient的弃用，选择更高效的HTTP client包
+4. 支持更多的异常处理机制
+
 注意：查看Wiki或者源代码时，请切换对应的版本来查看。Master处于不断更新完善分支。
 
 ## How to test
 
-Go to https://github.com/lanrion/weixin_authorize/issues/2, apply a weixin sandbox test account and follow this account, then add them to your `~/.bash_profile`
+Go to https://github.com/lanrion/weixin_authorize/issues/2, apply a weixin sandbox test account and follow this account
 
+https://github.com/lanrion/weixin_authorize/blob/master/spec/spec_helper.rb
+
+change your infos: 
+
+```ruby
+ENV["APPID"]="wxe371e0960de5426a"
+ENV["APPSECRET"]="572b93d3d20aea242692a804243a141b"
+ENV["OPENID"]="oEEoyuEasxionjR5HygmEOQGwRcw"
 ```
-export APPID="your test account weixin app_id"
-export APPSECRET="your test account weixin appsecret"
-export OPENID="your weixin openid"
-```
-Last, you have to **open a new terminal tag (Reload bash_profile)** , and run `rspec .`
 
-**微信API挺SB，客服消息API，如果出现45015（回复时间超过限制），那么需要取消关注测试账号，然后再重新关注一次即可。另外，创建用户分组API刚开始测试的时候是OK的，后来会出现-1（系统繁忙），然后一直是这样。**
+then run `rspec .`
 
 ## Contributing
 

data/lib/weixin_authorize.rb

@@ -1,10 +1,8 @@
 require "rest-client"
-
 require "carrierwave"
-require "weixin_authorize/carrierwave/weixin_uploader"
-
 require 'yajl/json_gem'
 
+require "weixin_authorize/carrierwave/weixin_uploader"
 require "weixin_authorize/config"
 require "weixin_authorize/handler"
 require "weixin_authorize/api"
@@ -12,26 +10,38 @@ require "weixin_authorize/client"
 
 module WeixinAuthorize
 
-  # Storage
-  autoload(:Storage,       "weixin_authorize/adapter/storage")
-  autoload(:ClientStorage, "weixin_authorize/adapter/client_storage")
-  autoload(:RedisStorage,  "weixin_authorize/adapter/redis_storage")
+  # token store
+  module Token
+    autoload(:Store,       "weixin_authorize/token/store")
+    autoload(:ObjectStore, "weixin_authorize/token/object_store")
+    autoload(:RedisStore,  "weixin_authorize/token/redis_store")
+  end
+
+  module JsTicket
+    autoload(:Store,       "weixin_authorize/js_ticket/store")
+    autoload(:ObjectStore, "weixin_authorize/js_ticket/object_store")
+    autoload(:RedisStore,  "weixin_authorize/js_ticket/redis_store")
+  end
 
-  OK_MSG     = "ok".freeze
-  OK_CODE    = 0.freeze
-  GRANT_TYPE = "client_credential".freeze
+  OK_MSG  = "ok"
+  OK_CODE = 0
+  GRANT_TYPE = "client_credential"
 
   class << self
 
     def http_get_without_token(url, headers={}, endpoint="plain")
       get_api_url = endpoint_url(endpoint, url)
-      load_json(RestClient.get(get_api_url, :params => headers))
+      load_json(resource(get_api_url).get(params: headers))
     end
 
     def http_post_without_token(url, payload={}, headers={}, endpoint="plain")
       post_api_url = endpoint_url(endpoint, url)
       payload = JSON.dump(payload) if endpoint == "plain" # to json if invoke "plain"
-      load_json(RestClient.post(post_api_url, payload, :params => headers))
+      load_json(resource(post_api_url).post(payload, params: headers))
+    end
+
+    def resource(url)
+      RestClient::Resource.new(url, rest_client_options)
     end
 
     # return hash
@@ -47,7 +57,11 @@ module WeixinAuthorize
     end
 
     def plain_endpoint
-      "https://api.weixin.qq.com/cgi-bin"
+      "#{api_endpoint}/cgi-bin"
+    end
+
+    def api_endpoint
+      "https://api.weixin.qq.com"
     end
 
     def file_endpoint
@@ -58,6 +72,10 @@ module WeixinAuthorize
       "https://mp.weixin.qq.com/cgi-bin#{url}"
     end
 
+    def open_endpoint(url)
+      "https://open.weixin.qq.com#{url}"
+    end
+
   end
 
 end

data/lib/weixin_authorize/api.rb

@@ -4,3 +4,6 @@ require "weixin_authorize/api/custom"
 require "weixin_authorize/api/groups"
 require "weixin_authorize/api/qrcode"
 require "weixin_authorize/api/media"
+require "weixin_authorize/api/mass"
+require "weixin_authorize/api/oauth"
+require "weixin_authorize/api/template"

data/lib/weixin_authorize/api/data_cube.rb

@@ -0,0 +1,8 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module DataCube
+
+    end
+  end
+end

data/lib/weixin_authorize/api/mass.rb

@@ -0,0 +1,78 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module Mass
+
+      MSG_TYPE = ["mpnews", "image", "text", "voice", "mpvideo"]
+
+      # media_info= {"media_id" media_id}
+      # https://api.weixin.qq.com/cgi-bin/message/mass/sendall?access_token=ACCESS_TOKEN
+      def mass_with_group(group_id, media_info, msgtype="mpnews")
+        group_option = {"filter" => {"group_id" => group_id.to_s}}
+        media = generate_media(msgtype, media_info, group_option)
+
+        mass_url = "#{mass_base_url}/sendall"
+        http_post(mass_url, media)
+      end
+
+      # https://api.weixin.qq.com/cgi-bin/message/mass/send?access_token=ACCESS_TOKEN
+      # if mpvideo,
+      # media_info= {"media_id" => media_id, "title" => "title", "description" => "description"}
+      def mass_with_openids(openids, media_info, msgtype="mpnews")
+        openid_option = {"touser" => openids}
+        media = generate_media(msgtype, media_info, openid_option)
+        mass_url = "#{mass_base_url}/send"
+        http_post(mass_url, media)
+      end
+
+      # 请注意，只有已经发送成功的消息才能删除删除消息只是将消息的图文详情页失效，已经收到的用户，还是能在其本地看到消息卡片。
+       # 另外，删除群发消息只能删除图文消息和视频消息，其他类型的消息一经发送，无法删除。
+      def mass_delete_with_msgid(msg_id)
+        mass_url = "#{mass_base_url}/delete"
+        http_post(mass_url, {"msg_id" => msg_id})
+      end
+
+      # 预览接口【订阅号与服务号认证后均可用】
+      def mass_preview(openid, media_info, msgtype="mpnews")
+        openid_option = {"touser" => openid}
+        media = generate_media(msgtype, media_info, openid_option)
+        mass_url = "#{mass_base_url}/preview"
+        http_post(mass_url, media)
+      end
+
+      # 查询群发消息发送状态【订阅号与服务号认证后均可用】
+      def mass_get_status(msg_id)
+        mass_url = "#{mass_base_url}/get"
+        http_post(mass_url, {"msg_id" => msg_id})
+      end
+
+      private
+
+        def mass_base_url
+          "/message/mass"
+        end
+
+        def generate_media(msgtype, media_info, option)
+          msgtype = msgtype.to_s
+          raise "#{msgtype} is a valid msgtype" if not MSG_TYPE.include?(msgtype)
+          {
+            msgtype   => convert_media_info(msgtype, media_info),
+            "msgtype" => msgtype
+          }.merge(option)
+        end
+
+        # 如果用户填写的media信息，是字符串，则转换来符合的数据结构，如果 是hash，则直接使用用户的结构。
+        def convert_media_info(msgtype, media_info)
+          if media_info.is_a?(String)
+            if msgtype == "text"
+              return {"content" => media_info}
+            else
+              return {"media_id" => media_info}
+            end
+          end
+          media_info
+        end
+
+    end
+  end
+end

data/lib/weixin_authorize/api/media.rb

@@ -22,8 +22,58 @@ module WeixinAuthorize
         download_media_url
       end
 
+      # 上传图文消息素材, 主要用于群发消息接口
+      # {
+      #    "articles": [
+      #      {
+      #        "thumb_media_id":"mwvBelOXCFZiq2OsIU-p",
+      #        "author":"xxx",
+      #        "title":"Happy Day",
+      #        "content_source_url":"www.qq.com",
+      #        "content":"content",
+      #        "digest":"digest"
+      #      },
+      #      {
+      #        "thumb_media_id":"mwvBelOXCFZiq2OsIU-p",
+      #        "author":"xxx",
+      #        "title":"Happy Day",
+      #        "content_source_url":"www.qq.com",
+      #        "content":"content",
+      #        "digest":"digest"
+      #      }
+      #    ]
+      # }
+      # Option: author, content_source_url
+      def upload_mass_news(news=[])
+        upload_news_url = "#{media_base_url}/uploadnews"
+        http_post(upload_news_url, {articles: news})
+      end
+
+      # media_id: 需通过基础支持中的上传下载多媒体文件来得到
+      # https://file.api.weixin.qq.com/cgi-bin/media/uploadvideo?access_token=ACCESS_TOKEN
+
+      # return:
+      # {
+      #   "type":"video",
+      #   "media_id":"IhdaAQXuvJtGzwwc0abfXnzeezfO0NgPK6AQYShD8RQYMTtfzbLdBIQkQziv2XJc",
+      #   "created_at":1398848981
+      # }
+      def upload_mass_video(media_id, title="", desc="")
+        video_msg = {
+          "media_id"    => media_id,
+          "title"       => title,
+          "description" => desc
+        }
+
+        http_post("#{media_base_url}/uploadvideo", video_msg)
+      end
+
       private
 
+        def media_base_url
+          "/media"
+        end
+
         def process_file(media)
           return media if media.is_a?(File) && jpep?(media)
 
@@ -41,10 +91,6 @@ module WeixinAuthorize
           file
         end
 
-        def media_base_url
-          "/media"
-        end
-
         def process_media(uploader)
           uploader = covert(uploader)
           uploader.file.to_file

data/lib/weixin_authorize/api/oauth.rb

@@ -0,0 +1,38 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module Oauth
+
+      # 应用授权作用域: scope
+      # snsapi_base （不弹出授权页面，直接跳转，只能获取用户openid），
+      # snsapi_userinfo （弹出授权页面，可通过openid拿到昵称、性别、所在地。并且，即使在未关注的情况下，只要用户授权，也能获取其信息）
+      # default is snsapi_base
+      # state 重定向后会带上state参数，开发者可以填写a-zA-Z0-9的参数值
+
+      # 如果用户点击同意授权，页面将跳转至 redirect_uri/?code=CODE&state=STATE。若用户禁止授权，则重定向后不会带上code参数，仅会带上state参数redirect_uri?state=STATE
+      def authorize_url(redirect_uri, scope="snsapi_base", state="weixin")
+        require "erb"
+        redirect_uri = ERB::Util.url_encode(redirect_uri)
+        WeixinAuthorize.open_endpoint("/connect/oauth2/authorize?appid=#{app_id}&redirect_uri=#{redirect_uri}&response_type=code&scope=#{scope}&state=#{state}#wechat_redirect")
+      end
+
+      # 首先请注意，这里通过code换取的网页授权access_token,与基础支持中的access_token不同。公众号可通过下述接口来获取网页授权access_token。如果网页授权的作用域为snsapi_base，则本步骤中获取到网页授权access_token的同时，也获取到了openid，snsapi_base式的网页授权流程即到此为止。
+
+      # 微信通过请求 #authorize_url 方法后，会返回一个code到redirect_uri中
+      def get_oauth_access_token(code)
+        WeixinAuthorize.http_get_without_token("/sns/oauth2/access_token?appid=#{app_id}&secret=#{app_secret}&code=#{code}&grant_type=authorization_code", {}, "api")
+      end
+
+      # refresh_token: 填写通过access_token获取到的refresh_token参数
+      def refresh_oauth2_token(refresh_token)
+        WeixinAuthorize.http_get_without_token("/sns/oauth2/refresh_token?appid=#{app_id}&grant_type=refresh_token&refresh_token=#{refresh_token}", {}, "api")
+      end
+
+      # 如果网页授权作用域为snsapi_userinfo，则此时开发者可以通过access_token和openid拉取用户信息了。
+      def get_oauth_userinfo(openid, oauth_token, lang="zh_CN")
+        WeixinAuthorize.http_get_without_token("/sns/userinfo?access_token=#{oauth_token}&openid=#{openid}&lang=#{lang}", {}, "api")
+      end
+
+    end
+  end
+end

data/lib/weixin_authorize/api/template.rb

@@ -0,0 +1,34 @@
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module Template
+
+      # 设置所属行业
+      # 需要选择公众账号服务所处的2个行业，每月可更改1次所选行业；
+      # 初始化行业时，传入两个，每月更改时，传入一个即可。
+      def set_template_industry(industry_id1, industry_id2="")
+        industries = {industry_id1: industry_id1}
+        if industry_id2 != ""
+          industries.merge!({industry_id2: industry_id2})
+        end
+        http_post("/template/api_set_industry", industries)
+      end
+
+      # 获得模板ID
+      # code: 模板库中模板的编号，有“TM**”和“OPENTMTM**”等形式
+      def add_template(code)
+        http_post("/template/api_add_template", template_id_short: code)
+      end
+
+      # 发送模板消息
+      def send_template_msg(touser, template_id, url, topcolor, data)
+        msg = {
+          touser: touser, template_id: template_id,
+          url: url, topcolor: topcolor, data: data
+        }
+        http_post("/message/template/send", msg)
+      end
+
+    end
+  end
+end

data/lib/weixin_authorize/api/user.rb

@@ -18,6 +18,24 @@ module WeixinAuthorize
         http_get(followers_url, {next_openid: next_openid})
       end
 
+      # 设置备注名
+      # http请求方式: POST（请使用https协议）
+      # https://api.weixin.qq.com/cgi-bin/user/info/updateremark?access_token=ACCESS_TOKEN
+      # POST数据格式：JSON
+      # POST数据例子：
+      # {
+      #   "openid":"oDF3iY9ffA-hqb2vVvbr7qxf6A0Q",
+      #   "remark":"pangzi"
+      # }
+      def update_remark(openid, remark)
+        update_url = "/user/info/updateremark"
+        payload = {
+          openid: openid,
+          remark: remark
+        }
+        http_post(update_url, payload)
+      end
+
       private
 
         def user_base_url

data/lib/weixin_authorize/client.rb

@@ -10,27 +10,66 @@ module WeixinAuthorize
     include Api::Groups
     include Api::Qrcode
     include Api::Media
+    include Api::Mass
+    include Api::Oauth
+    include Api::Template
 
     attr_accessor :app_id, :app_secret, :expired_at # Time.now + expires_in
     attr_accessor :access_token, :redis_key
-    attr_accessor :storage
+    attr_accessor :jsticket, :jsticket_expired_at, :jsticket_redis_key
 
     def initialize(app_id, app_secret, redis_key=nil)
       @app_id     = app_id
       @app_secret = app_secret
-      @expired_at = Time.now.to_i
-      @redis_key  = security_redis_key((redis_key || "weixin_" + app_id))
-      @storage    = Storage.init_with(self)
+      @jsticket_expired_at = @expired_at = Time.now.to_i
+      @redis_key  = security_redis_key(redis_key || "weixin_#{app_id}")
+      @jsticket_redis_key = security_redis_key("js_sdk_#{app_id}")
     end
 
     # return token
     def get_access_token
-      @storage.access_token
+      token_store.access_token
     end
 
     # 检查appid和app_secret是否有效。
     def is_valid?
-      @storage.valid?
+      token_store.valid?
+    end
+
+    def token_store
+      Token::Store.init_with(self)
+    end
+
+    def jsticket_store
+      JsTicket::Store.init_with(self)
+    end
+
+    def get_jsticket
+      jsticket_store.jsticket
+    end
+
+    # 获取js sdk 签名包
+    def get_jssign_package(url)
+      timestamp = Time.now.to_i
+      noncestr = SecureRandom.hex(16)
+      str = "jsapi_ticket=#{get_jsticket}&noncestr=#{noncestr}&timestamp=#{timestamp}&url=#{url}";
+      signature = Digest::SHA1.hexdigest(str)
+      {
+        "appId"     => app_id,    "nonceStr"  => noncestr,
+        "timestamp" => timestamp, "url"       => url,
+        "signature" => signature, "rawString" => str
+      }
+    end
+
+    # 暴露出：http_get,http_post两个方法，方便第三方开发者扩展未开发的微信API。
+    def http_get(url, headers={}, endpoint="plain")
+      headers = headers.merge(access_token_param)
+      WeixinAuthorize.http_get_without_token(url, headers, endpoint)
+    end
+
+    def http_post(url, payload={}, headers={}, endpoint="plain")
+      headers = access_token_param.merge(headers)
+      WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
     end
 
     private
@@ -39,16 +78,6 @@ module WeixinAuthorize
         {access_token: get_access_token}
       end
 
-      def http_get(url, headers={}, endpoint="plain")
-        headers = headers.merge(access_token_param)
-        WeixinAuthorize.http_get_without_token(url, headers, endpoint)
-      end
-
-      def http_post(url, payload={}, headers={}, endpoint="plain")
-        headers = access_token_param.merge(headers)
-        WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
-      end
-
       def security_redis_key(key)
         Digest::MD5.hexdigest(key.to_s).upcase
       end