wework-next 1.2.6

data/lib/wework/global_code.rb

@@ -0,0 +1,327 @@
+module Wework
+  GLOBAL_CODES = {
+    -1    => "系统繁忙",
+    0     => "请求成功",
+    40001 => "获取access_token时Secret错误，或者access_token无效",
+    40002 => "不合法的凭证类型",
+    40003 => "不合法的UserID",
+    40004 => "不合法的媒体文件类型",
+    40005 => "不合法的文件类型",
+    40006 => "不合法的文件大小",
+    40007 => "不合法的媒体文件id",
+    40008 => "不合法的消息类型",
+    40013 => "不合法的corpid",
+    40014 => "不合法的access_token",
+    40015 => "不合法的菜单类型",
+    40016 => "不合法的按钮个数",
+    40017 => "不合法的按钮类型",
+    40018 => "不合法的按钮名字长度",
+    40019 => "不合法的按钮KEY长度",
+    40020 => "不合法的按钮URL长度",
+    40021 => "不合法的菜单版本号",
+    40022 => "不合法的子菜单级数",
+    40023 => "不合法的子菜单按钮个数",
+    40024 => "不合法的子菜单按钮类型",
+    40025 => "不合法的子菜单按钮名字长度",
+    40026 => "不合法的子菜单按钮KEY长度",
+    40027 => "不合法的子菜单按钮URL长度",
+    40028 => "不合法的自定义菜单使用成员",
+    40029 => "不合法的oauth_code",
+    40031 => "不合法的UserID列表",
+    40032 => "不合法的UserID列表长度",
+    40033 => "不合法的请求字符，不能包含\\uxxxx格式的字符",
+    40035 => "不合法的参数",
+    40038 => "不合法的请求格式",
+    40039 => "不合法的URL长度",
+    40040 => "不合法的插件token",
+    40041 => "不合法的插件id",
+    40042 => "不合法的插件会话",
+    40048 => "url中包含不合法domain",
+    40054 => "不合法的子菜单url域名",
+    40055 => "不合法的按钮url域名",
+    40056 => "不合法的agentid",
+    40057 => "不合法的callbackurl或者callbackurl验证失败",
+    40058 => "不合法的红包参数",
+    40059 => "不合法的上报地理位置标志位",
+    40060 => "设置上报地理位置标志位时没有设置callbackurl",
+    40061 => "设置应用头像失败",
+    40062 => "不合法的应用模式",
+    40063 => "参数为空",
+    40064 => "管理组名字已存在",
+    40065 => "不合法的管理组名字长度",
+    40066 => "不合法的部门列表",
+    40067 => "标题长度不合法",
+    40068 => "不合法的标签ID",
+    40069 => "不合法的标签ID列表",
+    40070 => "列表中所有标签（成员）ID都不合法",
+    40071 => "不合法的标签名字，标签名字已经存在",
+    40072 => "不合法的标签名字长度",
+    40073 => "不合法的openid",
+    40074 => "news消息不支持指定为高保密消息",
+    40077 => "不合法的预授权码",
+    40078 => "不合法的临时授权码",
+    40079 => "不合法的授权信息",
+    40080 => "不合法的suitesecret",
+    40082 => "不合法的suitetoken",
+    40083 => "不合法的suiteid",
+    40084 => "不合法的永久授权码",
+    40085 => "不合法的suiteticket",
+    40086 => "不合法的第三方应用appid",
+    40092 => "导入文件存在不合法的内容",
+    40093 => "不合法的跳转target",
+    40094 => "不合法的URL",
+    40095 => "修改失败，并发冲突",
+    40155 => "请勿添加其他公众号的主页链接",
+    41001 => "缺少access_token参数",
+    41002 => "缺少corpid参数",
+    41003 => "缺少refresh_token参数",
+    41004 => "缺少secret参数",
+    41005 => "缺少多媒体文件数据",
+    41006 => "缺少media_id参数",
+    41007 => "缺少子菜单数据",
+    41008 => "缺少oauth code",
+    41009 => "缺少UserID",
+    41010 => "缺少url",
+    41011 => "缺少agentid",
+    41012 => "缺少应用头像mediaid",
+    41013 => "缺少应用名字",
+    41014 => "缺少应用描述",
+    41015 => "缺少Content",
+    41016 => "缺少标题",
+    41017 => "缺少标签ID",
+    41018 => "缺少标签名字",
+    41021 => "缺少suiteid",
+    41022 => "缺少suitetoken",
+    41023 => "缺少suiteticket",
+    41024 => "缺少suitesecret",
+    41025 => "缺少永久授权码",
+    41034 => "缺少login_ticket",
+    41035 => "缺少跳转target",
+    42001 => "access_token过期",
+    42002 => "refresh_token过期",
+    42003 => "oauth_code过期",
+    42004 => "插件token过期",
+    42007 => "预授权码失效",
+    42008 => "临时授权码失效",
+    42009 => "suitetoken失效",
+    43001 => "需要GET请求",
+    43002 => "需要POST请求",
+    43003 => "需要HTTPS",
+    43004 => "需要成员已关注",
+    43005 => "需要好友关系",
+    43006 => "需要订阅",
+    43007 => "需要授权",
+    43008 => "需要支付授权",
+    43010 => "需要处于回调模式",
+    43011 => "需要企业授权",
+    43013 => "应用对成员不可见",
+    44001 => "多媒体文件为空",
+    44002 => "POST的数据包为空",
+    44003 => "图文消息内容为空",
+    44004 => "文本消息内容为空",
+    45001 => "多媒体文件大小超过限制",
+    45002 => "消息内容大小超过限制",
+    45003 => "标题大小超过限制",
+    45004 => "描述大小超过限制",
+    45005 => "链接长度超过限制",
+    45006 => "图片链接长度超过限制",
+    45007 => "语音播放时间超过限制",
+    45008 => "图文消息的文章数量不能超过10条",
+    45009 => "接口调用超过限制",
+    45010 => "创建菜单个数超过限制",
+    45015 => "回复时间超过限制",
+    45016 => "系统分组，不允许修改",
+    45017 => "分组名字过长",
+    45018 => "分组数量超过上限",
+    45022 => "应用名字长度不合法，合法长度为2-16个字",
+    45024 => "帐号数量超过上限",
+    45025 => "同一个成员每周只能邀请一次",
+    45026 => "触发删除用户数的保护",
+    45027 => "mpnews每天只能发送100次",
+    45028 => "素材数量超过上限",
+    45029 => "media_id对该应用不可见",
+    45032 => "作者名字长度超过限制",
+    46001 => "不存在媒体数据",
+    46002 => "不存在的菜单版本",
+    46003 => "不存在的菜单数据",
+    46004 => "不存在的成员",
+    47001 => "解析JSON/XML内容错误",
+    48001 => "Api未授权",
+    48002 => "Api禁用(一般是管理组类型与Api不匹配，例如普通管理组调用会话服务的Api)",
+    48003 => "suitetoken无效",
+    48004 => "授权关系无效",
+    48005 => "Api已废弃",
+    50001 => "redirect_uri未授权",
+    50002 => "成员不在权限范围",
+    50003 => "应用已停用",
+    50004 => "成员状态不正确，需要成员为企业验证中状态",
+    50005 => "企业已禁用",
+    60001 => "部门长度不符合限制",
+    60002 => "部门层级深度超过限制",
+    60003 => "部门不存在",
+    60004 => "父部门不存在",
+    60005 => "不允许删除有成员的部门",
+    60006 => "不允许删除有子部门的部门",
+    60007 => "不允许删除根部门",
+    60008 => "部门ID或者部门名称已存在",
+    60009 => "部门名称含有非法字符",
+    60010 => "部门存在循环关系",
+    60011 => "权限不足，user/department/agent无权限(1.只有通迅录同步助手才有通迅录写权限。2.自定义的应用，需要确定可见范围是否有此人)",
+    60012 => "不允许删除默认应用",
+    60013 => "不允许关闭应用",
+    60014 => "不允许开启应用",
+    60015 => "不允许修改默认应用可见范围",
+    60016 => "不允许删除存在成员的标签",
+    60017 => "不允许设置企业",
+    60019 => "不允许设置应用地理位置上报开关",
+    60020 => "访问ip不在白名单之中",
+    60023 => "已授权的应用不允许企业管理组调用接口修改菜单",
+    60025 => "主页型应用不支持的消息类型",
+    60027 => "不支持第三方修改主页型应用字段",
+    60028 => "应用已授权予第三方，不允许通过接口修改主页url",
+    60029 => "应用已授权予第三方，不允许通过接口修改可信域名",
+    60031 => "未设置管理组的登录授权域名",
+    60102 => "UserID已存在",
+    60103 => "手机号码不合法",
+    60104 => "手机号码已存在",
+    60105 => "邮箱不合法",
+    60106 => "邮箱已存在",
+    60107 => "微信号不合法",
+    60108 => "微信号已存在",
+    60109 => "QQ号已存在",
+    60110 => "用户同时归属部门超过20个",
+    60111 => "UserID不存在",
+    60112 => "成员姓名不合法",
+    60113 => "身份认证信息（微信号/手机/邮箱）不能同时为空",
+    60114 => "性别不合法",
+    60115 => "已关注成员微信不能修改",
+    60116 => "扩展属性已存在",
+    60118 => "成员无有效邀请字段，详情参考(邀请成员关注)的接口说明",
+    60119 => "成员已关注",
+    60120 => "成员已禁用",
+    60121 => "找不到该成员",
+    60122 => "邮箱已被外部管理员使用",
+    60123 => "无效的部门id",
+    60124 => "无效的父部门id",
+    60125 => "非法部门名字，长度超过限制、重名等，重名包括与csv文件中同级部门重名或者与旧组织架构包含成员的同级部门重名",
+    60126 => "创建部门失败",
+    60127 => "缺少部门id",
+    60128 => "字段不合法，可能存在主键冲突或者格式错误",
+    60129 => "用户设置了拒绝邀请",
+    60131 => "不合法的职位长度",
+    80001 => "可信域名不匹配，或者可信域名没有IPC备案（后续将不能在该域名下正常使用jssdk）",
+    81003 => "邀请额度已用完",
+    81004 => "部门数量超过上限",
+    82001 => "发送消息或者邀请的参数全部为空或者全部不合法",
+    82002 => "不合法的PartyID列表长度",
+    82003 => "不合法的TagID列表长度",
+    82004 => "微信版本号过低",
+    85002 => "包含不合法的词语",
+    86001 => "不合法的会话ID",
+    86003 => "不存在的会话ID",
+    86004 => "不合法的会话名",
+    86005 => "不合法的会话管理员",
+    86006 => "不合法的成员列表大小",
+    86007 => "不存在的成员",
+    86101 => "需要会话管理员权限",
+    86201 => "缺少会话ID",
+    86202 => "缺少会话名",
+    86203 => "缺少会话管理员",
+    86204 => "缺少成员",
+    86205 => "非法的会话ID长度",
+    86206 => "非法的会话ID数值",
+    86207 => "会话管理员不在用户列表中",
+    86208 => "消息服务未开启",
+    86209 => "缺少操作者",
+    86210 => "缺少会话参数",
+    86211 => "缺少会话类型（单聊或者群聊）",
+    86213 => "缺少发件人",
+    86214 => "非法的会话类型",
+    86215 => "会话已存在",
+    86216 => "非法会话成员",
+    86217 => "会话操作者不在成员列表中",
+    86218 => "非法会话发件人",
+    86219 => "非法会话收件人",
+    86220 => "非法会话操作者",
+    86221 => "单聊模式下，发件人与收件人不能为同一人",
+    86222 => "不允许消息服务访问的API",
+    86304 => "不合法的消息类型",
+    86305 => "客服服务未启用",
+    86306 => "缺少发送人",
+    86307 => "缺少发送人类型",
+    86308 => "缺少发送人id",
+    86309 => "缺少接收人",
+    86310 => "缺少接收人类型",
+    86311 => "缺少接收人id",
+    86312 => "缺少消息类型",
+    86313 => "缺少客服，发送人或接收人类型，必须有一个为kf",
+    86314 => "客服不唯一，发送人或接收人类型，必须只有一个为kf",
+    86315 => "不合法的发送人类型",
+    86316 => "不合法的发送人id。Userid不存在、openid不存在、kf不存在",
+    86317 => "不合法的接收人类型",
+    86318 => "不合法的接收人id。Userid不存在、openid不存在、kf不存在",
+    86319 => "不合法的客服，kf不在客服列表中",
+    86320 => "不合法的客服类型",
+    88001 => "缺少seq参数",
+    88002 => "缺少offset参数",
+    88003 => "非法seq",
+    90001 => "未认证摇一摇周边",
+    90002 => "缺少摇一摇周边ticket参数",
+    90003 => "摇一摇周边ticket参数不合法",
+    90004 => "摇一摇周边ticket过期",
+    90005 => "未开启摇一摇周边服务",
+    91004 => "卡券已被核销",
+    91011 => "无效的code",
+    91014 => "缺少卡券详情",
+    91015 => "代金券缺少least_cost或者reduce_cost参数",
+    91016 => "折扣券缺少discount参数",
+    91017 => "礼品券缺少gift参数",
+    91019 => "缺少卡券sku参数",
+    91020 => "缺少卡券有效期",
+    91021 => "缺少卡券有效期类型",
+    91022 => "缺少卡券logo_url",
+    91023 => "缺少卡券code类型",
+    91025 => "缺少卡券title",
+    91026 => "缺少卡券color",
+    91027 => "缺少offset参数",
+    91028 => "缺少count参数",
+    91029 => "缺少card_id",
+    91030 => "缺少卡券code",
+    91031 => "缺少卡券notice",
+    91032 => "缺少卡券description",
+    91033 => "缺少ticket类型",
+    91036 => "不合法的有效期",
+    91038 => "变更库存值不合法",
+    91039 => "不合法的卡券id",
+    91040 => "不合法的ticket type",
+    91041 => "没有创建，上传卡券logo，以及核销卡券的权限",
+    91042 => "没有该卡券投放权限",
+    91043 => "没有修改或者删除该卡券的权限",
+    91044 => "不合法的卡券参数",
+    91045 => "缺少团购券groupon结构",
+    91046 => "缺少现金券cash结构",
+    91047 => "缺少折扣券discount结构",
+    91048 => "缺少礼品券gift结构",
+    91049 => "缺少优惠券coupon结构",
+    91050 => "缺少卡券必填字段",
+    91051 => "商户名称超过12个汉字",
+    91052 => "卡券标题超过9个汉字",
+    91053 => "卡券提醒超过16个汉字",
+    91054 => "卡券描述超过1024个汉字",
+    91055 => "卡券副标题长度超过18个汉字",
+    301001 => "应用id已存在",
+    301002 => "accesstoken不允许操作其它应用。",
+    301004 => "不允许删除超级管理员",
+    301005 => "消息型应用不允许做此操作",
+    301006 => "不允许禁用超级管理员",
+    301008 => "主页型应用不允许做此操作",
+    301009 => "应用发送消息没有接收主体",
+    301010 => "部门名已存在",
+    301013 => "座机不合法",
+    301014 => "英文名称不合法",
+    302001 => "批量同步成员存在userid为空的用户",
+    302002 => "管理员userid不存在",
+    302003 => "存在重复的userid",
+    302004 => "组织架构不合法"
+  } unless defined?(GLOBAL_CODES)
+end

data/lib/wework/mock_api.rb

@@ -0,0 +1,34 @@
+require 'json'
+require 'sinatra/base'
+
+module Wework
+  class MockApi < Sinatra::Base
+    get '/cgi-bin/media/get' do
+      send_file mock_file_path('files/zhiren.png'), :type => :jpg
+    end
+
+    get '/cgi-bin/*' do |api|
+      json_response "#{api}.json"
+    end
+
+    %i(get post).each do |http_method|
+      send http_method, '/cgi-bin/*/*' do |category, api|
+        json_response "#{category}/#{api}.json"
+      end
+    end
+
+    private
+
+    def json_response file_name
+      content_type :json
+      status 200
+      file_path = mock_file_path(file_name)
+      file_path = mock_file_path('success.json') unless File.exist?(file_path)
+      File.open(file_path, 'rb').read
+    end
+
+    def mock_file_path path
+      File.join(File.expand_path('../../../mock_responses/', __FILE__), path)
+    end
+  end
+end

data/lib/wework/request.rb

@@ -0,0 +1,117 @@
+# Reference this: https://github.com/Eric-Guo/wechat/blob/master/lib/wechat/http_client.rb
+require 'http'
+require 'wework/global_code'
+
+module Wework
+  class Request
+    attr_reader :base, :ssl_context, :httprb
+
+    def initialize(base, skip_verify_ssl)
+      @base = base
+      @httprb = HTTP.timeout(**Wework.http_timeout_options)
+      @ssl_context = OpenSSL::SSL::SSLContext.new
+      @ssl_context.ssl_version = :TLSv1_2
+      @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE if skip_verify_ssl
+    end
+
+    def get(path, get_header = {})
+      request(path, get_header) do |url, header|
+        params = header.delete(:params)
+        puts "header:#{header.to_json}"
+        puts "params:#{params.to_json}"
+        puts "url:#{url}"
+        RestClient.get url,{params:params}
+        #httprb.headers(header).get(url, params: params, ssl_context: ssl_context)
+      end
+    end
+
+
+
+    def post(path, post_body, post_header = {})
+      request(path, post_header) do |url, header|
+        params = header.delete(:params)
+        RestClient.post url, post_body, {params:params}
+        #httprb.headers(header).post(url, params: params, json: post_body, ssl_context: ssl_context)
+      end
+    end
+
+    def post_file(path, file, post_header = {})
+      request(path, post_header) do |url, header|
+        params = header.delete(:params)
+        httprb.headers(header)
+          .post(url, params: params,
+                     form: { media: HTTP::FormData::File.new(file),
+                             hack: 'X' }, # Existing here for http-form_data 1.0.1 handle single param improperly
+                     ssl_context: ssl_context)
+      end
+    end
+
+    private
+
+    def request(path, header = {}, &_block)
+      url_base = header.delete(:base) || base
+      as = header.delete(:as)
+      header['Accept'] = 'application/json'
+      dup_header = header.dup
+      response = yield("#{url_base}#{path}", header)
+      raise ResponseError.new(response.code) unless HTTP_OK_STATUS.include?(response.code)
+
+      parse_response(response, as || :json) do |parse_as, data|
+        break data unless parse_as == :json
+        result = Wework::Result.new(data)
+        if defined?(Rails.logger) && Rails.logger
+          Rails.logger.debug "[WEWORK] request path(#{url_base}#{path}); request params: #{dup_header.inspect}; response: #{result.inspect}"
+        end
+        raise AccessTokenExpiredError if result.token_expired?
+        result
+      end
+    end
+
+    def parse_response(response, as)
+      content_type = response.headers[:content_type]
+      parse_as = {
+        %r{^application\/json} => :json,
+        %r{^image\/.*} => :file
+      }.each_with_object([]) { |match, memo| memo << match[1] if content_type =~ match[0] }.first || as || :text
+
+      case parse_as
+      when :file
+        file = Tempfile.new('tmp')
+        file.binmode
+        file.write(response.body)
+        file.close
+        data = file
+
+      when :json
+        data = JSON.parse response.body.to_s
+      else
+        data = response.body
+      end
+
+      yield(parse_as, data)
+    end
+  end
+
+  class Result < OpenStruct
+    def initialize(data)
+      data['message'] = GLOBAL_CODES[data['errcode'].to_i]
+      data['full_message'] = "#{data['errcode']}：#{data['errmsg']}（#{data['message']}）"
+      super data
+    end
+
+    def token_expired?
+      # 42001: access_token timeout
+      # 40014: invalid access_token
+      # 40001, invalid credential, access_token is invalid or not latest hint
+      [42001, 40014, 40001].include?(errcode)
+    end
+
+    def throw_error
+      raise ResultErrorException.new(full_message) unless success?
+    end
+
+    def success?
+      errcode == SUCCESS_CODE
+    end
+  end
+end

data/lib/wework/token/app_token.rb

@@ -0,0 +1,21 @@
+require 'wework/token/base'
+
+module Wework
+  module Token
+    class AppToken < Base
+
+      def redis_key
+        @redis_key ||= Digest::MD5.hexdigest "WX_APP_TOKEN_#{client.corp_id}_#{client.secret}"
+      end
+
+      def token_key
+        'access_token'
+      end
+
+      def refresh_token
+        client.request.get 'gettoken', params: {corpid: client.corp_id, corpsecret: client.secret}
+      end
+
+    end
+  end
+end

data/lib/wework/token/base.rb

@@ -0,0 +1,59 @@
+module Wework
+  module Token
+    class Base
+      attr_accessor :client
+
+      def initialize(client)
+        @client = client
+        raise RedisNotConfigException if redis.nil?
+      end
+
+      def token
+        update_token if expired?
+        redis.hget(redis_key, token_key)
+      end
+
+      def update_token
+        result = refresh_token
+        value = result.send(token_key)
+        if value.nil?
+          puts "#{self.class.name} refresh token error: #{result.inspect}"
+        else
+          expires_at = Time.now.to_i + result.expires_in.to_i - Wework.expired_shift_seconds
+
+          redis.hmset(
+            redis_key,
+            token_key, value,
+            "expires_at", expires_at
+          )
+
+          redis.expireat(redis_key, expires_at)
+        end
+
+        value
+      end
+
+      private
+
+      def redis
+        Wework.redis
+      end
+
+      def redis_key
+        raise NotImplementedError
+      end
+
+      def token_key
+        raise NotImplementedError
+      end
+
+      def refresh_token
+        raise NotImplementedError
+      end
+
+      def expired?
+        redis.hvals(redis_key).empty? || redis.hget(redis_key, 'expires_at').to_i <= Time.now.to_i
+      end
+    end
+  end
+end

data/lib/wework/token/corp_token.rb

@@ -0,0 +1,20 @@
+require 'wework/token/base'
+
+module Wework
+  module Token
+    class CorpToken < Base
+
+      def redis_key
+        @redis_key ||= Digest::MD5.hexdigest "WX_CORP_TOKEN_#{client.corp_id}_#{client.permanent_code}"
+      end
+
+      def token_key
+        'access_token'
+      end
+
+      def refresh_token
+        client.suite.get_corp_token(client.corp_id, client.permanent_code)
+      end
+    end
+  end
+end

data/lib/wework/token/js_agent_ticket.rb

@@ -0,0 +1,23 @@
+require 'wework/token/base'
+
+module Wework
+  module Token
+    class JsAgentTicket < Base
+
+      alias_method :ticket, :token
+
+      def redis_key
+        @redis_key ||= Digest::MD5.hexdigest "WX_JS_AGENT_TICKET_#{client.corp_id}_#{client.agent_id}"
+      end
+
+      def token_key
+        'ticket'
+      end
+
+      def refresh_token
+        client.get 'ticket/get', params: { type: 'agent_config' }
+      end
+
+    end
+  end
+end

data/lib/wework/token/js_ticket.rb

@@ -0,0 +1,23 @@
+require 'wework/token/base'
+
+module Wework
+  module Token
+    class JsTicket < Base
+
+      alias_method :ticket, :token
+
+      def redis_key
+        @redis_key ||= Digest::MD5.hexdigest "WX_JS_TICKET_#{client.corp_id}_#{client.agent_id}"
+      end
+
+      def token_key
+        'ticket'
+      end
+
+      def refresh_token
+        client.get 'get_jsapi_ticket'
+      end
+
+    end
+  end
+end

data/lib/wework/token/provider_token.rb

@@ -0,0 +1,21 @@
+require 'wework/token/base'
+
+module Wework
+  module Token
+    class ProviderToken < Base
+
+      def redis_key
+        @redis_key ||= Digest::MD5.hexdigest "WX_PROVIDER_TOKEN_#{client.corp_id}_#{client.secret}"
+      end
+
+      def token_key
+        'provider_access_token'
+      end
+
+      def refresh_token
+        client.request.post 'service/get_provider_token', {corpid: client.corp_id, provider_secret: client.secret}
+      end
+
+    end
+  end
+end

data/lib/wework/token/suite_token.rb

@@ -0,0 +1,21 @@
+require 'wework/token/base'
+
+module Wework
+  module Token
+    class SuiteToken < Base
+
+      def redis_key
+        @redis_key ||= Digest::MD5.hexdigest "WX_SUITE_TOKEN_#{client.suite_id}_#{client.suite_secret}_#{client.suite_token}"
+      end
+
+      def token_key
+        'suite_access_token'
+      end
+
+      def refresh_token
+        client.request.post 'service/get_suite_token', {suite_id: client.suite_id, suite_secret: client.suite_secret, suite_ticket: client.suite_ticket}
+      end
+
+    end
+  end
+end

data/lib/wework/version.rb

@@ -0,0 +1,3 @@
+module Wework
+  VERSION = '1.2.6'.freeze
+end