@colinlu50/openclaw-lark-stream 2026.3.17

package/src/tools/oapi/wiki/space.js

@@ -0,0 +1,130 @@
+/**
+ * Copyright (c) 2026 ByteDance Ltd. and/or its affiliates
+ * SPDX-License-Identifier: MIT
+ *
+ * feishu_wiki_space tool -- Manage Feishu Wiki spaces.
+ *
+ * Actions: list, get, create
+ *
+ * Uses the Feishu Wiki API:
+ *   - list:   GET  /open-apis/wiki/v2/spaces
+ *   - get:    GET  /open-apis/wiki/v2/spaces/:space_id
+ *   - create: POST /open-apis/wiki/v2/spaces
+ */
+import { Type } from '@sinclair/typebox';
+import { json, createToolContext, assertLarkOk, handleInvokeErrorWithAutoAuth, registerTool, } from '../helpers';
+// ---------------------------------------------------------------------------
+// Schema
+// ---------------------------------------------------------------------------
+const FeishuWikiSpaceSchema = Type.Union([
+    // LIST SPACES
+    Type.Object({
+        action: Type.Literal('list'),
+        page_size: Type.Optional(Type.Integer({
+            description: '分页大小（默认 10，最大 50）',
+            minimum: 1,
+            maximum: 50,
+        })),
+        page_token: Type.Optional(Type.String({
+            description: '分页标记。首次请求无需填写',
+        })),
+    }),
+    // GET SPACE
+    Type.Object({
+        action: Type.Literal('get'),
+        space_id: Type.String({
+            description: '知识空间 ID（必填）',
+        }),
+    }),
+    // CREATE SPACE
+    Type.Object({
+        action: Type.Literal('create'),
+        name: Type.Optional(Type.String({
+            description: '知识空间名称',
+        })),
+        description: Type.Optional(Type.String({
+            description: '知识空间描述',
+        })),
+    }),
+]);
+// ---------------------------------------------------------------------------
+// Registration
+// ---------------------------------------------------------------------------
+export function registerFeishuWikiSpaceTool(api) {
+    if (!api.config)
+        return;
+    const cfg = api.config;
+    const { toolClient, log } = createToolContext(api, 'feishu_wiki_space');
+    registerTool(api, {
+        name: 'feishu_wiki_space',
+        label: 'Feishu Wiki Spaces',
+        description: '飞书知识空间管理工具。当用户要求查看知识库列表、获取知识库信息、创建知识库时使用。Actions: list（列出知识空间）, get（获取知识空间信息）, create（创建知识空间）。' +
+            '【重要】space_id 可以从浏览器 URL 中获取，或通过 list 接口获取。' +
+            '【重要】知识空间（Space）是知识库的基本组成单位，包含多个具有层级关系的文档节点。',
+        parameters: FeishuWikiSpaceSchema,
+        async execute(_toolCallId, params) {
+            const p = params;
+            try {
+                const client = toolClient();
+                switch (p.action) {
+                    // -----------------------------------------------------------------
+                    // LIST SPACES
+                    // -----------------------------------------------------------------
+                    case 'list': {
+                        log.info(`list: page_size=${p.page_size ?? 10}`);
+                        const res = await client.invoke('feishu_wiki_space.list', (sdk, opts) => sdk.wiki.space.list({
+                            params: {
+                                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                                page_size: p.page_size,
+                                page_token: p.page_token,
+                            },
+                        }, opts), { as: 'user' });
+                        assertLarkOk(res);
+                        const data = res.data;
+                        log.info(`list: returned ${data?.items?.length ?? 0} spaces`);
+                        return json({
+                            spaces: data?.items,
+                            has_more: data?.has_more,
+                            page_token: data?.page_token,
+                        });
+                    }
+                    // -----------------------------------------------------------------
+                    // GET SPACE
+                    // -----------------------------------------------------------------
+                    case 'get': {
+                        log.info(`get: space_id=${p.space_id}`);
+                        const res = await client.invoke('feishu_wiki_space.get', (sdk, opts) => sdk.wiki.space.get({
+                            path: { space_id: p.space_id },
+                        }, opts), { as: 'user' });
+                        assertLarkOk(res);
+                        log.info(`get: retrieved space ${p.space_id}`);
+                        return json({
+                            space: res.data?.space,
+                        });
+                    }
+                    // -----------------------------------------------------------------
+                    // CREATE SPACE
+                    // -----------------------------------------------------------------
+                    case 'create': {
+                        log.info(`create: name=${p.name ?? '(empty)'}, description=${p.description ?? '(empty)'}`);
+                        const res = await client.invoke('feishu_wiki_space.create', (sdk, opts) => sdk.wiki.space.create({
+                            data: {
+                                name: p.name,
+                                description: p.description,
+                            },
+                        }, opts), { as: 'user' });
+                        assertLarkOk(res);
+                        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                        log.info(`create: created space_id=${res.data?.space?.space_id}`);
+                        return json({
+                            space: res.data?.space,
+                        });
+                    }
+                }
+            }
+            catch (err) {
+                return await handleInvokeErrorWithAutoAuth(err, cfg);
+            }
+        },
+    }, { name: 'feishu_wiki_space' });
+}

package/src/tools/oauth-batch-auth.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Copyright (c) 2026 ByteDance Ltd. and/or its affiliates
+ * SPDX-License-Identifier: MIT
+ *
+ * feishu_oauth_batch_auth tool — 批量授权应用已开通的所有用户权限。
+ *
+ * 自动识别应用已开通但用户未授权的 scope，一次性发起授权请求。
+ * 复用 oauth.ts 的 executeAuthorize() 函数。
+ */
+import type { OpenClawPluginApi } from 'openclaw/plugin-sdk';
+export declare function registerFeishuOAuthBatchAuthTool(api: OpenClawPluginApi): void;

package/src/tools/oauth-batch-auth.js

@@ -0,0 +1,142 @@
+/**
+ * Copyright (c) 2026 ByteDance Ltd. and/or its affiliates
+ * SPDX-License-Identifier: MIT
+ *
+ * feishu_oauth_batch_auth tool — 批量授权应用已开通的所有用户权限。
+ *
+ * 自动识别应用已开通但用户未授权的 scope，一次性发起授权请求。
+ * 复用 oauth.ts 的 executeAuthorize() 函数。
+ */
+import { Type } from '@sinclair/typebox';
+import { getAppGrantedScopes } from '../core/app-scope-checker';
+import { AppScopeCheckFailedError } from '../core/tool-client';
+import { getStoredToken } from '../core/token-store';
+import { getLarkAccount } from '../core/accounts';
+import { getTicket } from '../core/lark-ticket';
+import { LarkClient } from '../core/lark-client';
+import { executeAuthorize } from './oauth';
+import { formatLarkError } from '../core/api-error';
+import { filterSensitiveScopes } from '../core/tool-scopes';
+import { json, registerTool } from './oapi/helpers';
+import { openPlatformDomain } from '../core/domains';
+const FeishuOAuthBatchAuthSchema = Type.Object({}, {
+    description: '飞书批量授权工具。一次性授权应用已开通的所有用户权限（User Access Token scope）。' +
+        "【使用场景】用户明确要求'授权所有权限'、'一次性授权完成'时使用。" +
+        '【重要】禁止主动推荐此工具，仅在用户明确要求时使用。',
+});
+export function registerFeishuOAuthBatchAuthTool(api) {
+    if (!api.config)
+        return;
+    const cfg = api.config;
+    registerTool(api, {
+        name: 'feishu_oauth_batch_auth',
+        label: 'Feishu: OAuth Batch Authorization',
+        description: '飞书批量授权工具，一次性授权应用已开通的所有用户权限。' +
+            "仅在用户明确要求'授权所有权限'、'一次性授权'时使用。",
+        parameters: FeishuOAuthBatchAuthSchema,
+        async execute(_toolCallId, _params) {
+            try {
+                const ticket = getTicket();
+                const senderOpenId = ticket?.senderOpenId;
+                if (!senderOpenId) {
+                    return json({
+                        error: '无法获取当前用户身份（senderOpenId），请在飞书对话中使用此工具。',
+                    });
+                }
+                const acct = getLarkAccount(cfg, ticket.accountId);
+                if (!acct.configured) {
+                    return json({
+                        error: `账号 ${ticket.accountId} 缺少 appId 或 appSecret 配置`,
+                    });
+                }
+                const account = acct; // Now we know it's ConfiguredLarkAccount
+                const { appId } = account;
+                // 1. 查询应用已开通的 user scope
+                const sdk = LarkClient.fromAccount(account).sdk;
+                let appScopes;
+                try {
+                    appScopes = await getAppGrantedScopes(sdk, appId, 'user');
+                }
+                catch (err) {
+                    if (err instanceof AppScopeCheckFailedError) {
+                        return json({
+                            error: 'app_scope_check_failed',
+                            message: `应用缺少核心权限 application:application:self_manage，无法查询可授权 scope 列表。\n\n` +
+                                `请管理员在飞书开放平台开通此权限后重试。`,
+                            permission_link: `${openPlatformDomain(account.brand)}/app/${appId}/auth?q=application:application:self_manage`,
+                            app_id: appId,
+                        });
+                    }
+                    throw err;
+                }
+                // 2. 边界情况：应用无 user scope
+                if (appScopes.length === 0) {
+                    return json({
+                        success: false,
+                        message: '当前应用未开通任何用户级权限（User Access Token scope），' +
+                            '无法使用用户身份调用 API。\n\n' +
+                            '如需使用用户级功能，请联系管理员在开放平台开通相关权限。',
+                        total_app_scopes: 0,
+                        app_id: appId,
+                    });
+                }
+                // 3. 查询用户已授权的 scope
+                const existing = await getStoredToken(appId, senderOpenId);
+                const grantedScopes = new Set(existing?.scope?.split(/\s+/).filter(Boolean) ?? []);
+                // 4. 计算差集（应用已开通但用户未授权）
+                let missingScopes = appScopes.filter((s) => !grantedScopes.has(s));
+                missingScopes = filterSensitiveScopes(missingScopes);
+                // 5. 边界情况：用户已授权所有 scope
+                if (missingScopes.length === 0) {
+                    return json({
+                        success: true,
+                        message: `您已授权所有可用权限（共 ${appScopes.length} 个），无需重复授权。`,
+                        total_app_scopes: appScopes.length,
+                        already_granted: appScopes.length,
+                        missing: 0,
+                    });
+                }
+                // 6. 飞书限制：单次最多请求 100 个 scope
+                const MAX_SCOPES_PER_BATCH = 100;
+                let scopesToAuthorize = missingScopes;
+                let batchInfo = '';
+                if (missingScopes.length > MAX_SCOPES_PER_BATCH) {
+                    // 分批授权：取前 50 个
+                    scopesToAuthorize = missingScopes.slice(0, MAX_SCOPES_PER_BATCH);
+                    const remainingCount = missingScopes.length - MAX_SCOPES_PER_BATCH;
+                    batchInfo =
+                        `\n\n由于飞书限制（单次最多 ${MAX_SCOPES_PER_BATCH} 个 scope），` +
+                            `本次将授权前 ${MAX_SCOPES_PER_BATCH} 个权限。\n` +
+                            `授权完成后，还需授权剩余 ${remainingCount} 个权限`;
+                }
+                // 7. 调用共享的 executeAuthorize() 函数（复用 oauth.ts 逻辑）
+                const scope = scopesToAuthorize.join(' ');
+                const result = await executeAuthorize({
+                    account,
+                    senderOpenId,
+                    scope,
+                    isBatchAuth: true,
+                    totalAppScopes: appScopes.length,
+                    alreadyGranted: grantedScopes.size,
+                    batchInfo,
+                    cfg,
+                    ticket,
+                });
+                // 8. 如果是分批授权，在返回结果中添加提示
+                if (batchInfo && result.details) {
+                    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                    const details = result.details;
+                    if (details.message) {
+                        details.message = details.message + batchInfo;
+                    }
+                }
+                return result;
+            }
+            catch (err) {
+                api.logger.error?.(`feishu_oauth_batch_auth: ${err}`);
+                return json({ error: formatLarkError(err) });
+            }
+        },
+    }, { name: 'feishu_oauth_batch_auth' });
+    api.logger.info?.('feishu_oauth_batch_auth: Registered feishu_oauth_batch_auth tool');
+}

package/src/tools/oauth-cards.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Copyright (c) 2026 ByteDance Ltd. and/or its affiliates
+ * SPDX-License-Identifier: MIT
+ *
+ * oauth-cards.ts — OAuth 授权卡片构建函数。
+ *
+ * 从 oauth.ts 提取的纯 UI 函数，与 OAuth 业务流程解耦。
+ * 卡片使用 v2 JSON 结构 + i18n_content 支持多语言。
+ */
+import type { LarkBrand } from '../core/types';
+type Locale = 'zh_cn' | 'en_us';
+export declare function buildAuthCard(params: {
+    verificationUriComplete: string;
+    expiresMin: number;
+    scope?: string;
+    isBatchAuth?: boolean;
+    totalAppScopes?: number;
+    alreadyGranted?: number;
+    batchInfo?: string;
+    filteredScopes?: string[];
+    appId?: string;
+    showBatchAuthHint?: boolean;
+    brand?: LarkBrand;
+}): Record<string, unknown>;
+/** scope 字符串 → 可读描述（支持多语言） */
+export declare function formatScopeDescription(locale: Locale, params: {
+    scope?: string;
+    isBatchAuth?: boolean;
+    totalAppScopes?: number;
+    alreadyGranted?: number;
+    batchInfo?: string;
+    filteredScopes?: string[];
+    appId?: string;
+}): string;
+export declare function toInAppWebUrl(targetUrl: string, brand?: LarkBrand): string;
+export declare function buildAuthSuccessCard(brand?: LarkBrand): Record<string, unknown>;
+export declare function buildAuthFailedCard(_reason: string): Record<string, unknown>;
+export declare function buildAuthIdentityMismatchCard(brand?: LarkBrand): Record<string, unknown>;
+export {};

package/src/tools/oauth-cards.js

@@ -0,0 +1,315 @@
+/**
+ * Copyright (c) 2026 ByteDance Ltd. and/or its affiliates
+ * SPDX-License-Identifier: MIT
+ *
+ * oauth-cards.ts — OAuth 授权卡片构建函数。
+ *
+ * 从 oauth.ts 提取的纯 UI 函数，与 OAuth 业务流程解耦。
+ * 卡片使用 v2 JSON 结构 + i18n_content 支持多语言。
+ */
+import { applinkDomain } from '../core/domains';
+/** v2 卡片 i18n 配置，注入到 config 中 */
+const I18N_CONFIG = {
+    update_multi: true,
+    locales: ['zh_cn', 'en_us'],
+};
+// ---------------------------------------------------------------------------
+// i18n texts
+// ---------------------------------------------------------------------------
+const CARD_TEXTS = {
+    zh_cn: {
+        authRequired: '请授权以继续当前操作',
+        goAuth: '前往授权',
+        expiresHint: (min) => `<font color='grey'>授权链接将在 ${min} 分钟后失效，届时需重新发起</font>`,
+        batchAuthHint: "<font color='grey'>💡如果你希望一次性授予所有插件所需要的权限，可以告诉我「授予所有用户权限」，我会协助你完成。</font>",
+        batchScopeMsg: (count, total, granted) => `应用需要授权 **${count}** 个用户权限（共 ${total} 个，已授权 ${granted} 个）。`,
+        scopePreviewLabel: '**将要授权的权限**',
+        scopeListLabel: '**将要授权的权限列表**',
+        scopeDesc: '授权后，应用将能够以你的身份执行相关操作。',
+        requiredScopes: '所需权限：',
+        authSuccess: '授权成功',
+        authSuccessBody: (brandName) => `你的${brandName}账号已成功授权，正在为你继续执行操作。\n\n` +
+            "<font color='grey'>如需撤销授权，可随时告诉我。</font>",
+        authIncomplete: '授权未完成',
+        authExpiredBody: '授权链接已过期，请重新发起授权。',
+        authMismatchTitle: '授权失败，操作账号与发起账号不一致',
+        authMismatchBody: (brandName) => `检测到当前进行授权操作的${brandName}账号与发起授权请求的账号不一致。为保障数据安全，本次授权已被拒绝。\n\n` +
+            "<font color='grey'>请授权请求的发起人使用其账号，点击授权链接完成授权。</font>",
+    },
+    en_us: {
+        authRequired: 'Authorize to continue',
+        goAuth: 'Authorize Now',
+        expiresHint: (min) => `<font color='grey'>This link will time out in ${min} minutes, so you'll need a new one if it expires.</font>`,
+        batchAuthHint: "<font color='grey'>💡 If you'd like to grant all permissions at once, just say \"Authorize all\", and I'll take care of it.</font>",
+        batchScopeMsg: (count, total, granted) => `The app requires ${count} additional user token permissions (${granted} of ${total} granted).`,
+        scopePreviewLabel: '**Permissions to authorize**',
+        scopeListLabel: '**Permissions to authorize**',
+        scopeDesc: 'Once authorized, the app can perform actions on your behalf.',
+        requiredScopes: 'Required permissions:',
+        authSuccess: 'Authorized',
+        authSuccessBody: (brandName) => `${brandName} account authorized. Continuing with your request.\n\n` +
+            "<font color='grey'>Let me know if you ever need to revoke the permissions.</font>",
+        authIncomplete: 'Authorization incomplete',
+        authExpiredBody: 'The link is no longer active. Please restart the process.',
+        authMismatchTitle: 'Authorization failed: Account mismatch',
+        authMismatchBody: (brandName) => `The ${brandName} account used for authorization does not match the account that initiated the request. To protect your data, this request has been denied.\n\n` +
+            "<font color='grey'>Only the person who started this request can authorize it using their account.</font>",
+    },
+};
+/** 构造 i18n_content 对象（双语） */
+function i18nContent(zh, en) {
+    return { zh_cn: zh, en_us: en };
+}
+/** 构造带 i18n_content 的 plain_text（默认语言为英文） */
+function i18nPlainText(zh, en) {
+    return { tag: 'plain_text', content: en, i18n_content: i18nContent(zh, en) };
+}
+// ---------------------------------------------------------------------------
+// Card builders
+// ---------------------------------------------------------------------------
+export function buildAuthCard(params) {
+    const { verificationUriComplete, expiresMin, scope, isBatchAuth, totalAppScopes, alreadyGranted, batchInfo, filteredScopes, appId, showBatchAuthHint, brand, } = params;
+    const inAppUrl = toInAppWebUrl(verificationUriComplete, brand);
+    const multiUrl = {
+        url: inAppUrl,
+        pc_url: inAppUrl,
+        android_url: inAppUrl,
+        ios_url: inAppUrl,
+    };
+    const scopeParams = { scope, isBatchAuth, totalAppScopes, alreadyGranted, batchInfo, filteredScopes, appId };
+    const scopeDescZh = formatScopeDescription('zh_cn', scopeParams);
+    const scopeDescEn = formatScopeDescription('en_us', scopeParams);
+    const zhT = CARD_TEXTS.zh_cn;
+    const enT = CARD_TEXTS.en_us;
+    const elements = [
+        // 授权说明
+        {
+            tag: 'markdown',
+            content: scopeDescEn,
+            i18n_content: i18nContent(scopeDescZh, scopeDescEn),
+            text_size: 'normal',
+        },
+        // 授权按钮（small，靠右）
+        {
+            tag: 'column_set',
+            flex_mode: 'none',
+            horizontal_align: 'right',
+            columns: [
+                {
+                    tag: 'column',
+                    width: 'auto',
+                    elements: [
+                        {
+                            tag: 'button',
+                            text: i18nPlainText(zhT.goAuth, enT.goAuth),
+                            type: 'primary',
+                            size: 'medium',
+                            multi_url: multiUrl,
+                        },
+                    ],
+                },
+            ],
+        },
+        // 失效时间提醒
+        {
+            tag: 'markdown',
+            content: enT.expiresHint(expiresMin),
+            i18n_content: i18nContent(zhT.expiresHint(expiresMin), enT.expiresHint(expiresMin)),
+            text_size: 'notation',
+        },
+        // 批量授权提示（仅 auto-auth 流程展示）
+        ...(showBatchAuthHint
+            ? [
+                {
+                    tag: 'markdown',
+                    content: enT.batchAuthHint,
+                    i18n_content: i18nContent(zhT.batchAuthHint, enT.batchAuthHint),
+                    text_size: 'notation',
+                },
+            ]
+            : []),
+    ];
+    return {
+        schema: '2.0',
+        config: {
+            wide_screen_mode: false,
+            ...I18N_CONFIG,
+            style: {
+                color: {
+                    'light-yellow-bg': {
+                        light_mode: 'rgba(255, 214, 102, 0.12)',
+                        dark_mode: 'rgba(255, 214, 102, 0.08)',
+                    },
+                },
+            },
+        },
+        header: {
+            title: i18nPlainText(zhT.authRequired, enT.authRequired),
+            subtitle: {
+                tag: 'plain_text',
+                content: '',
+            },
+            template: 'blue',
+            padding: '12px 12px 12px 12px',
+            icon: {
+                tag: 'standard_icon',
+                token: 'lock-chat_filled',
+            },
+        },
+        body: { elements },
+    };
+}
+/** scope 字符串 → 可读描述（支持多语言） */
+export function formatScopeDescription(locale, params) {
+    const { scope, isBatchAuth, totalAppScopes, alreadyGranted, batchInfo } = params;
+    const t = CARD_TEXTS[locale];
+    const scopes = scope?.split(/\s+/).filter(Boolean);
+    if (isBatchAuth && scopes && scopes.length > 0) {
+        let message = t.batchScopeMsg(scopes.length, totalAppScopes ?? 0, alreadyGranted ?? 0);
+        if (scopes.length > 5) {
+            const previewScopes = scopes.slice(0, 3).join('\n');
+            message += `\n\n${t.scopePreviewLabel}：\n${previewScopes}\n...\n`;
+        }
+        else {
+            const scopeList = scopes.map((s, idx) => `${idx + 1}. ${s}`).join('\n');
+            message += `\n\n${t.scopeListLabel}：\n${scopeList}\n`;
+        }
+        if (batchInfo) {
+            message += `\n\n${batchInfo}`;
+        }
+        return message;
+    }
+    if (!scopes?.length)
+        return t.scopeDesc;
+    return t.scopeDesc + '\n\n' + t.requiredScopes + '\n' + scopes.map((s) => `- ${s}`).join('\n');
+}
+export function toInAppWebUrl(targetUrl, brand) {
+    const encoded = encodeURIComponent(targetUrl);
+    const lkMeta = encodeURIComponent(JSON.stringify({
+        'page-meta': {
+            showNavBar: 'false',
+            showBottomNavBar: 'false',
+        },
+    }));
+    return (`${applinkDomain(brand)}/client/web_url/open` +
+        `?mode=sidebar-semi&max_width=800&reload=false&url=${encoded}&lk_meta=${lkMeta}`);
+}
+export function buildAuthSuccessCard(brand) {
+    const zhT = CARD_TEXTS.zh_cn;
+    const enT = CARD_TEXTS.en_us;
+    const brandZh = brand === 'lark' ? 'Lark' : '飞书';
+    const brandEn = brand === 'lark' ? 'Lark' : 'Feishu';
+    return {
+        schema: '2.0',
+        config: {
+            wide_screen_mode: false,
+            ...I18N_CONFIG,
+            style: {
+                color: {
+                    'light-green-bg': {
+                        light_mode: 'rgba(52, 199, 89, 0.12)',
+                        dark_mode: 'rgba(52, 199, 89, 0.08)',
+                    },
+                },
+            },
+        },
+        header: {
+            title: i18nPlainText(zhT.authSuccess, enT.authSuccess),
+            subtitle: {
+                tag: 'plain_text',
+                content: '',
+            },
+            template: 'green',
+            padding: '12px 12px 12px 12px',
+            icon: {
+                tag: 'standard_icon',
+                token: 'yes_filled',
+            },
+        },
+        body: {
+            elements: [
+                {
+                    tag: 'markdown',
+                    content: enT.authSuccessBody(brandEn),
+                    i18n_content: i18nContent(zhT.authSuccessBody(brandZh), enT.authSuccessBody(brandEn)),
+                },
+            ],
+        },
+    };
+}
+export function buildAuthFailedCard(_reason) {
+    const zhT = CARD_TEXTS.zh_cn;
+    const enT = CARD_TEXTS.en_us;
+    return {
+        schema: '2.0',
+        config: {
+            wide_screen_mode: false,
+            ...I18N_CONFIG,
+            style: {
+                color: {
+                    'light-grey-bg': {
+                        light_mode: 'rgba(142, 142, 147, 0.12)',
+                        dark_mode: 'rgba(142, 142, 147, 0.08)',
+                    },
+                },
+            },
+        },
+        header: {
+            title: i18nPlainText(zhT.authIncomplete, enT.authIncomplete),
+            subtitle: {
+                tag: 'plain_text',
+                content: '',
+            },
+            template: 'yellow',
+            padding: '12px 12px 12px 12px',
+            icon: {
+                tag: 'standard_icon',
+                token: 'warning_filled',
+            },
+        },
+        body: {
+            elements: [
+                {
+                    tag: 'markdown',
+                    content: enT.authExpiredBody,
+                    i18n_content: i18nContent(zhT.authExpiredBody, enT.authExpiredBody),
+                },
+            ],
+        },
+    };
+}
+export function buildAuthIdentityMismatchCard(brand) {
+    const zhT = CARD_TEXTS.zh_cn;
+    const enT = CARD_TEXTS.en_us;
+    const brandZh = brand === 'lark' ? 'Lark' : '飞书';
+    const brandEn = brand === 'lark' ? 'Lark' : 'Feishu';
+    return {
+        schema: '2.0',
+        config: {
+            wide_screen_mode: false,
+            ...I18N_CONFIG,
+        },
+        header: {
+            title: i18nPlainText(zhT.authMismatchTitle, enT.authMismatchTitle),
+            subtitle: {
+                tag: 'plain_text',
+                content: '',
+            },
+            template: 'red',
+            padding: '12px 12px 12px 12px',
+            icon: {
+                tag: 'standard_icon',
+                token: 'close_filled',
+            },
+        },
+        body: {
+            elements: [
+                {
+                    tag: 'markdown',
+                    content: enT.authMismatchBody(brandEn),
+                    i18n_content: i18nContent(zhT.authMismatchBody(brandZh), enT.authMismatchBody(brandEn)),
+                },
+            ],
+        },
+    };
+}