@ddn/egg-wechat 1.0.25 → 1.0.28

package/README.md

@@ -63,6 +63,27 @@ exports.wechat = {
   componentAppSecret: '',
   componentToken: '',
   componentEncodingAESKey: '',
+
+  // ===== 可选：动态注入/覆盖配置（覆盖所有模块） =====
+  // 场景：配置存储在数据库/远程配置中心，不希望只靠环境变量。
+  // init 支持同步/异步，返回的对象会合并进 wechat 配置。
+  init: async (app) => {
+    // 例：从你自己的配置系统拉取（伪代码）
+    // const ctx = app.createAnonymousContext();
+    // const componentAppId = await ctx.service.config.get('wechat.component.appid');
+    // const componentAppSecret = await ctx.service.config.get('wechat.component.secret');
+    // return { componentAppId, componentAppSecret };
+    return {};
+  },
+  // 或者用静态 override（无需异步）
+  // override: { componentAppId: 'wx...', componentAppSecret: '...' },
+
+  // ===== 可选：运行时从统一配置读取（无需把密钥写进 config.wechat） =====
+  // 若宿主项目存在 ctx.service.config.unifiedConfig.get(key)（例如 ddn-hub），
+  // 插件可在运行时读取 wechat_platform.* 并周期刷新到内存。
+  // 注意：这是“读取方式”的开关，不要求你在 config.wechat 里填 appid/secret。
+  useUnifiedConfig: true,
+  unifiedConfigRefreshIntervalMs: 30000,
 };
 ```
 

package/app/service/wechat/component.js

@@ -21,6 +21,12 @@ class ComponentService extends Service {
     return Boolean(this.wechatConfig.authUrlReturnObject);
   }
 
+  get mockMode() {
+    const v = this.wechatConfig.mockMode;
+    if (typeof v === 'string') return v === '1' || v.toLowerCase() === 'true';
+    return Boolean(v);
+  }
+
   _assertComponentConfig() {
     const { componentAppId, componentAppSecret } = this.wechatConfig;
     if (!componentAppId || !componentAppSecret) {
@@ -53,13 +59,39 @@ class ComponentService extends Service {
     const { componentAppId } = this.wechatConfig;
     this._assertComponentConfig();
 
+    const logger = app.logger || app.coreLogger;
+
     const primaryKey = this._getKeyComponentVerifyTicket(componentAppId);
     const ticket = await app.redis.get(primaryKey);
-    if (ticket) return ticket;
+    if (ticket) {
+      if (logger && logger.info) logger.info('[egg-wechat] component_verify_ticket hit', {
+        redisKeyStrategy: this.redisKeyStrategy,
+        componentAppId,
+        key: primaryKey,
+        ticketLength: String(ticket).length,
+        ticketPrefix: String(ticket).slice(0, 8) + '***',
+      });
+      return ticket;
+    }
 
     // 兼容旧 key（历史项目可能写入该 key）
     const legacyCompat = await app.redis.get('wechat:component:ticket');
-    if (legacyCompat) return legacyCompat;
+    if (legacyCompat) {
+      if (logger && logger.info) logger.info('[egg-wechat] component_verify_ticket hit (legacy compat)', {
+        redisKeyStrategy: this.redisKeyStrategy,
+        componentAppId,
+        key: 'wechat:component:ticket',
+        ticketLength: String(legacyCompat).length,
+        ticketPrefix: String(legacyCompat).slice(0, 8) + '***',
+      });
+      return legacyCompat;
+    }
+
+    if (logger && logger.info) logger.info('[egg-wechat] component_verify_ticket miss', {
+      redisKeyStrategy: this.redisKeyStrategy,
+      componentAppId,
+      triedKeys: [ primaryKey, 'wechat:component:ticket' ],
+    });
 
     throw new Error('未收到微信推送的 Component Verify Ticket，请等待微信服务器推送');
   }
@@ -74,6 +106,8 @@ class ComponentService extends Service {
 
     this._assertComponentConfig();
 
+    const logger = app.logger || app.coreLogger;
+
     const cacheKey = this._getKeyComponentAccessToken(componentAppId);
     let token = await app.redis.get(cacheKey);
 
@@ -89,8 +123,51 @@ class ComponentService extends Service {
       return token;
     }
 
+    // 纯本地伪联调：不请求真实微信接口，直接返回 mock token 并缓存
+    if (this.mockMode) {
+      token = `mock_component_access_token_${componentAppId}_${Date.now()}`;
+      const ttl = 7200;
+      await app.redis.set(cacheKey, token, 'EX', ttl);
+      if (this.redisKeyStrategy === 'legacy') {
+        await app.redis.set(`wechat:component_access_token:${componentAppId}`, token, 'EX', ttl);
+      } else {
+        await app.redis.set('wechat:component:access_token', token, 'EX', ttl);
+      }
+      if (logger && logger.info) {
+        logger.info('[egg-wechat] mockMode enabled: return mocked component_access_token', {
+          componentAppId,
+          redisKeyStrategy: this.redisKeyStrategy,
+          ttl,
+        });
+      }
+      return token;
+    }
+
     const ticket = await this.getComponentVerifyTicket();
 
+    // 本地伪联调常用 mock ticket，但微信开放平台会直接判无效（errcode=61006）。
+    // 非 mockMode 时提前失败，提示如何拿到真实 ticket。
+    if (!this.mockMode && typeof ticket === 'string' && ticket.startsWith('mock_')) {
+      if (logger && logger.warn) {
+        logger.warn('[egg-wechat] component_verify_ticket looks like mock, abort calling wechat api', {
+          componentAppId,
+          ticketLength: ticket.length,
+          ticketPrefix: ticket.slice(0, 8) + '***',
+        });
+      }
+      throw new Error(
+        '当前使用 mock component_verify_ticket，无法向微信开放平台换取 component_access_token。' +
+        '请配置开放平台“授权事件接收 URL”可被微信公网访问，并等待微信推送真实 ticket 后再试。'
+      );
+    }
+
+    if (logger && logger.info) logger.info('[egg-wechat] component_access_token refreshing', {
+      redisKeyStrategy: this.redisKeyStrategy,
+      componentAppId,
+      ticketLength: String(ticket).length,
+      ticketPrefix: String(ticket).slice(0, 8) + '***',
+    });
+
     // 请求微信接口获取 Token
     const url = 'https://api.weixin.qq.com/cgi-bin/component/api_component_token';
     const result = await ctx.curl(url, {
@@ -105,6 +182,11 @@ class ComponentService extends Service {
     });
 
     if (result.data.errcode) {
+      if (logger && logger.warn) logger.warn('[egg-wechat] api_component_token failed', {
+        componentAppId,
+        errcode: result.data.errcode,
+        errmsg: result.data.errmsg,
+      });
       throw new Error(`获取 Component Access Token 失败: ${result.data.errmsg}`);
     }
 
@@ -271,6 +353,25 @@ class ComponentService extends Service {
     const { ctx, app } = this;
     const { componentAppId } = app.config.wechat;
 
+    if (this.mockMode) {
+      const logger = app.logger || app.coreLogger;
+      const authorizationInfo = {
+        authorizer_appid: 'mock_authorizer_appid',
+        authorizer_access_token: `mock_authorizer_access_token_${Date.now()}`,
+        expires_in: 7200,
+        authorizer_refresh_token: `mock_authorizer_refresh_token_${Date.now()}`,
+        func_info: [],
+      };
+      if (logger && logger.info) {
+        logger.info('[egg-wechat] mockMode enabled: return mocked authorization_info', {
+          componentAppId,
+          authCodeMasked: authCode ? String(authCode).slice(0, 8) + '***' : '',
+          authorizerAppid: authorizationInfo.authorizer_appid,
+        });
+      }
+      return authorizationInfo;
+    }
+
     const token = await this.getComponentAccessToken();
     const url = `https://api.weixin.qq.com/cgi-bin/component/api_query_auth?component_access_token=${token}`;
 
@@ -299,6 +400,35 @@ class ComponentService extends Service {
     const { ctx, app } = this;
     const { componentAppId } = app.config.wechat;
 
+    if (this.mockMode) {
+      const logger = app.logger || app.coreLogger;
+      const data = {
+        authorizer_info: {
+          nick_name: 'Mock公众号',
+          head_img: '',
+          service_type_info: { id: 2 },
+          verify_type_info: { id: 0 },
+          user_name: 'gh_mock',
+          principal_name: 'Mock Principal',
+          alias: 'mock',
+          signature: 'mock signature',
+          business_info: {},
+        },
+        qrcode_url: '',
+        authorization_info: {
+          authorizer_appid: authorizerAppId,
+          func_info: [],
+        },
+      };
+      if (logger && logger.info) {
+        logger.info('[egg-wechat] mockMode enabled: return mocked authorizer_info', {
+          componentAppId,
+          authorizerAppId,
+        });
+      }
+      return data;
+    }
+
     const token = await this.getComponentAccessToken();
     const url = `https://api.weixin.qq.com/cgi-bin/component/api_get_authorizer_info?component_access_token=${token}`;
 
@@ -366,9 +496,26 @@ class ComponentService extends Service {
    */
   async getAuthUrl(redirectUri, authType = 3) {
     const { componentAppId } = this.wechatConfig;
-    const preAuthCode = await this.getPreAuthCode();
     const encodedRedirectUri = encodeURIComponent(redirectUri);
 
+    // 纯本地伪联调：返回本地 mock 授权页，打开后会重定向回 redirectUri 并携带 auth_code
+    if (this.mockMode) {
+      let base = String(this.wechatConfig.publicBaseUrl || '').trim();
+      try {
+        if (!base) base = new URL(String(redirectUri)).origin;
+      } catch (e) {
+        // ignore
+      }
+      if (!base) base = 'http://localhost:7001';
+      if (!/^https?:\/\//i.test(base)) base = `https://${base}`;
+      base = base.replace(/\/$/, '');
+
+      const url = `${base}/api/v1/wechat/component/mock_authorize?redirect_uri=${encodedRedirectUri}&auth_type=${encodeURIComponent(String(authType))}`;
+      if (this.authUrlReturnObject) return { pc: url, mobile: url };
+      return url;
+    }
+
+    const preAuthCode = await this.getPreAuthCode();
     const url = `https://mp.weixin.qq.com/cgi-bin/componentloginpage?component_appid=${componentAppId}&pre_auth_code=${preAuthCode}&redirect_uri=${encodedRedirectUri}&auth_type=${authType}`;
     if (this.authUrlReturnObject) {
       return { pc: url, mobile: url };

package/app/service/wechat/platform_http.js

@@ -0,0 +1,821 @@
+'use strict';
+
+const Service = require('egg').Service;
+const crypto = require('crypto');
+const WXBizMsgCrypt = require('wechat-crypto');
+
+function sha1(input) {
+  return crypto.createHash('sha1').update(String(input)).digest('hex');
+}
+
+function calcPlainSignature(token, timestamp, nonce) {
+  const list = [ String(token || ''), String(timestamp || ''), String(nonce || '') ].sort();
+  return sha1(list.join(''));
+}
+
+function getRawXmlBody(ctx) {
+  const body = ctx.request && ctx.request.body;
+  if (typeof body === 'string') return body;
+  if (Buffer.isBuffer(body)) return body.toString('utf8');
+
+  const rawBody = ctx.request && ctx.request.rawBody;
+  if (typeof rawBody === 'string') return rawBody;
+  if (Buffer.isBuffer(rawBody)) return rawBody.toString('utf8');
+
+  return '';
+}
+
+function safeSlice(input, n = 180) {
+  const v = String(input || '');
+  return v.length > n ? v.slice(0, n) : v;
+}
+
+class WechatPlatformHttpService extends Service {
+  get wechatConfig() {
+    return this.app.config.wechat || {};
+  }
+
+  // ===== 多租户参数名收敛（可配置） =====
+  // 背景：宿主不一定使用 daoId 作为租户标识参数名（可能叫 tenantId/orgId/spaceId 等）。
+  // 约定：
+  // - wechat.tenantIdParamName: 生成 redirect_uri/callbackUrl 时使用的参数名（默认 daoId）
+  // - wechat.tenantIdQueryKeys: 读取请求时允许的参数名列表（默认包含 tenantIdParamName + daoId + dao_id）
+  _getTenantIdParamName() {
+    const configured = this.wechatConfig.tenantIdParamName;
+    const v = String(configured || '').trim();
+    return v || 'daoId';
+  }
+
+  _getTenantIdQueryKeys() {
+    const configured = this.wechatConfig.tenantIdQueryKeys;
+    const keys = [];
+
+    const push = (k) => {
+      const v = String(k || '').trim();
+      if (!v) return;
+      if (!keys.includes(v)) keys.push(v);
+    };
+
+    if (Array.isArray(configured)) {
+      configured.forEach(push);
+    } else if (typeof configured === 'string') {
+      configured.split(',').map(s => s.trim()).forEach(push);
+    }
+
+    // 默认兼容：daoId/dao_id
+    push(this._getTenantIdParamName());
+    push('daoId');
+    push('dao_id');
+
+    return keys;
+  }
+
+  _resolveTenantIdFromRequest() {
+    const { ctx } = this;
+
+    // 1) 优先从 query 中按配置 key 读取
+    const query = ctx && ctx.query ? ctx.query : {};
+    const keys = this._getTenantIdQueryKeys();
+    for (const k of keys) {
+      const val = query && Object.prototype.hasOwnProperty.call(query, k) ? query[k] : undefined;
+      const v = String(val || '').trim();
+      if (v) return v;
+    }
+
+    // 2) 兜底：如果宿主有域名/多租户中间件，可能挂在 ctx.daoContext/ctx.dao
+    const ctxDaoId = ctx?.daoContext?.daoId || ctx?.dao?.id;
+    const ctxDaoIdStr = String(ctxDaoId || '').trim();
+    if (ctxDaoIdStr) return ctxDaoIdStr;
+
+    return '';
+  }
+
+  get mockMode() {
+    const v = this.wechatConfig.mockMode;
+    if (typeof v === 'string') return v === '1' || v.toLowerCase() === 'true';
+    return Boolean(v);
+  }
+
+  logStep(step, expected, actual, extra = {}) {
+    this.ctx.logger.debug('WECHAT_DEBUG_STEP', {
+      step,
+      expected,
+      actual,
+      ...extra,
+    });
+  }
+
+  async _ensureComponentCryptoConfig() {
+    const { app } = this;
+
+    const hasEnough = () => {
+      const c = app.config.wechat || {};
+      return Boolean(String(c.componentToken || '').trim())
+        && Boolean(String(c.componentEncodingAESKey || '').trim())
+        && Boolean(String(c.componentAppId || '').trim());
+    };
+
+    if (hasEnough()) return;
+
+    if (typeof app.wechatRefreshProviderConfig === 'function') {
+      await app.wechatRefreshProviderConfig();
+      if (hasEnough()) return;
+    }
+
+    if (typeof app.wechatRefreshUnifiedConfig === 'function') {
+      await app.wechatRefreshUnifiedConfig();
+      if (hasEnough()) return;
+    }
+
+    // 最后兜底：当宿主有 unifiedConfig service 时直接读一次
+    try {
+      const ctx = app.createAnonymousContext();
+      const unified = ctx?.service?.config?.unifiedConfig;
+      if (unified && typeof unified.get === 'function') {
+        const [ token, aesKey, appId ] = await Promise.all([
+          unified.get('wechat_platform.component.token'),
+          unified.get('wechat_platform.component.encoding_aes_key'),
+          unified.get('wechat_platform.component.app_id'),
+        ]);
+        app.config.wechat = Object.assign({}, app.config.wechat || {}, {
+          componentToken: typeof token === 'string' ? token.trim() : token,
+          componentEncodingAESKey: typeof aesKey === 'string' ? aesKey.trim() : aesKey,
+          componentAppId: typeof appId === 'string' ? appId.trim() : appId,
+        });
+      }
+    } catch (e) {
+      // ignore
+    }
+  }
+
+  _parseXml(xml) {
+    if (!xml || typeof xml !== 'string') return null;
+    try {
+      // 依赖插件扩展的 helper.xml2json
+      if (this.ctx.helper && typeof this.ctx.helper.xml2json === 'function') {
+        return this.ctx.helper.xml2json(xml);
+      }
+    } catch (e) {
+      // ignore
+    }
+
+    return null;
+  }
+
+  _getEncryptFromBody() {
+    const { ctx } = this;
+    const body = ctx.request && ctx.request.body;
+    if (body && typeof body === 'object') {
+      return body.Encrypt || body.encrypt || body?.xml?.Encrypt || body?.xml?.encrypt || null;
+    }
+    return null;
+  }
+
+  async notify() {
+    const { ctx } = this;
+
+    await this._ensureComponentCryptoConfig();
+
+    const componentToken = String(this.wechatConfig.componentToken || '').trim();
+    const componentEncodingAESKey = String(this.wechatConfig.componentEncodingAESKey || '').trim();
+    const componentAppId = String(this.wechatConfig.componentAppId || '').trim();
+
+    try {
+      const { msg_signature, timestamp, nonce } = ctx.query;
+
+      this.logStep(
+        'COMPONENT_NOTIFY_1_CONFIG',
+        { tokenPresent: true, encodingAesKeyPresent: true, componentAppIdPresent: true },
+        {
+          tokenPresent: Boolean(componentToken),
+          encodingAesKeyPresent: Boolean(componentEncodingAESKey),
+          componentAppIdPresent: Boolean(componentAppId),
+          componentAppId,
+        }
+      );
+
+      this.logStep(
+        'COMPONENT_NOTIFY_2_QUERY',
+        { hasSignatureParams: true },
+        {
+          hasMsgSignature: Boolean(msg_signature),
+          hasTimestamp: Boolean(timestamp),
+          hasNonce: Boolean(nonce),
+        }
+      );
+
+      const xml = getRawXmlBody(ctx);
+      if (!xml && (!ctx.request.body || typeof ctx.request.body !== 'object')) {
+        this.logStep(
+          'COMPONENT_NOTIFY_3_BODY',
+          { bodyNotEmpty: true },
+          { bodyNotEmpty: false, contentType: ctx.get('Content-Type') }
+        );
+        ctx.body = 'success';
+        return;
+      }
+
+      const cryptor = new WXBizMsgCrypt(componentToken, componentEncodingAESKey, componentAppId);
+
+      let encrypt = this._getEncryptFromBody();
+      if (!encrypt) {
+        const parsed = this._parseXml(xml);
+        encrypt = parsed?.Encrypt;
+      }
+
+      if (!encrypt) {
+        this.logStep(
+          'COMPONENT_NOTIFY_4_ENCRYPT',
+          { encryptPresent: true },
+          { encryptPresent: false, bodyType: typeof ctx.request.body }
+        );
+        ctx.body = 'success';
+        return;
+      }
+
+      this.logStep(
+        'COMPONENT_NOTIFY_4_ENCRYPT',
+        { encryptPresent: true },
+        { encryptPresent: true }
+      );
+
+      if (msg_signature && timestamp && nonce) {
+        const expected = cryptor.getSignature(timestamp, nonce, encrypt);
+        if (expected !== msg_signature) {
+          this.logStep(
+            'COMPONENT_NOTIFY_5_SIGNATURE',
+            { signatureMatches: true },
+            { signatureMatches: false }
+          );
+          ctx.body = 'success';
+          return;
+        }
+      }
+
+      this.logStep(
+        'COMPONENT_NOTIFY_5_SIGNATURE',
+        { signatureMatches: true },
+        { signatureMatches: true }
+      );
+
+      const decrypted = cryptor.decrypt(encrypt);
+      const message = decrypted && decrypted.message;
+      const info = this._parseXml(message);
+
+      this.logStep(
+        'COMPONENT_NOTIFY_6_DECRYPTED',
+        { infoTypePresent: true },
+        {
+          infoTypePresent: Boolean(info?.InfoType),
+          infoType: info?.InfoType,
+          hasTicket: Boolean(info?.ComponentVerifyTicket),
+          ticketSample: info?.ComponentVerifyTicket ? String(info.ComponentVerifyTicket).slice(0, 12) + '***' : undefined,
+        }
+      );
+
+      if (info && info.InfoType === 'component_verify_ticket') {
+        this.logStep(
+          'COMPONENT_NOTIFY_7_SAVE_TICKET',
+          { willSaveTicket: true },
+          { willSaveTicket: true, ticketPresent: Boolean(info.ComponentVerifyTicket) }
+        );
+
+        const ticket = info.ComponentVerifyTicket;
+
+        // 优先走宿主的业务 service（ddn-hub 会做更多记录/兼容）
+        if (ctx.service?.third?.wechatPlatform && typeof ctx.service.third.wechatPlatform.saveComponentVerifyTicket === 'function') {
+          await ctx.service.third.wechatPlatform.saveComponentVerifyTicket(ticket);
+        } else {
+          await ctx.service.wechat.component.saveComponentVerifyTicket(ticket);
+        }
+      }
+
+      ctx.body = 'success';
+    } catch (err) {
+      this.logStep(
+        'COMPONENT_NOTIFY_999_ERROR',
+        { ok: true },
+        { ok: false, message: err?.message }
+      );
+      ctx.body = 'success';
+    }
+  }
+
+  async getAuthUrl() {
+    const { ctx } = this;
+    const tenantId = this._resolveTenantIdFromRequest();
+    const tenantKey = this._getTenantIdParamName();
+
+    if (!tenantId) {
+      ctx.throw(400, `Missing tenant id (${tenantKey})`);
+    }
+
+    this.logStep(
+      'COMPONENT_AUTH_URL_1_INPUT',
+      { daoIdPresent: true },
+      { daoIdPresent: true, daoId: tenantId, tenantKey }
+    );
+
+    // 规则：授权入口页域名与回调页域名必须一致，并且与第三方平台配置的“登录授权的发起页域名”一致。
+    // mockMode 下优先使用配置域名，避免本地端口 origin 干扰。
+    const normalizePublicBaseUrl = (raw) => {
+      let v = String(raw || '').trim();
+      if (!v) return '';
+      if (!/^https?:\/\//i.test(v)) v = `https://${v}`;
+      try {
+        const u = new URL(v);
+        return u.origin;
+      } catch (e) {
+        return v.replace(/\/$/, '');
+      }
+    };
+
+    const publicBaseUrlConfig = normalizePublicBaseUrl(this.wechatConfig.publicBaseUrl);
+    const requestOrigin = normalizePublicBaseUrl(ctx.origin);
+
+    const publicBaseUrl = this.mockMode
+      ? (publicBaseUrlConfig || requestOrigin)
+      : (requestOrigin || publicBaseUrlConfig);
+
+    this.logStep(
+      'COMPONENT_AUTH_URL_2_BASE_URL',
+      { publicBaseUrlResolved: true },
+      {
+        requestOrigin,
+        configPublicBaseUrl: publicBaseUrlConfig,
+        isMockMode: this.mockMode,
+        publicBaseUrl,
+      }
+    );
+
+    if (!publicBaseUrl) {
+      ctx.throw(500, 'Failed to determine publicBaseUrl (wechat.publicBaseUrl / request origin)');
+    }
+
+    const callbackUrl = `${publicBaseUrl}/api/v1/wechat/component/auth_callback?${encodeURIComponent(tenantKey)}=${encodeURIComponent(tenantId)}`;
+
+    this.logStep(
+      'COMPONENT_AUTH_URL_3_CALLBACK',
+      { callbackUrlNonEmpty: true },
+      { callbackUrlSample: safeSlice(callbackUrl, 180) }
+    );
+
+    const urls = await ctx.service.wechat.component.getAuthUrl(callbackUrl, 3);
+
+    const pcUrl = typeof urls === 'string' ? urls : (urls?.pc || urls?.url);
+    const mobileUrl = typeof urls === 'string' ? undefined : (urls?.mobile || urls?.mobileUrl);
+    const finalUrl = pcUrl || mobileUrl;
+
+    this.logStep(
+      'COMPONENT_AUTH_URL_4_RESULT',
+      { finalUrlNonEmpty: true, shouldContainOpenWeixin: true },
+      {
+        finalUrlNonEmpty: Boolean(finalUrl),
+        containsOpenWeixin: finalUrl ? String(finalUrl).includes('open.weixin.qq.com') : false,
+        finalUrlMasked: finalUrl ? String(finalUrl).replace(/([?&]pre_auth_code=)([^&]+)/, '$1***') : '',
+        urlsType: typeof urls,
+      }
+    );
+
+    if (!finalUrl) {
+      ctx.throw(500, 'Failed to generate auth url: empty url');
+    }
+
+    return { url: finalUrl, mobileUrl };
+  }
+
+  async authCallback() {
+    const { ctx } = this;
+    const { auth_code } = ctx.query;
+    const tenantId = this._resolveTenantIdFromRequest();
+    const tenantKey = this._getTenantIdParamName();
+
+    if (!auth_code || !tenantId) {
+      ctx.throw(400, `Missing auth_code or ${tenantKey}`);
+    }
+
+    this.logStep(
+      'COMPONENT_AUTH_CALLBACK_1_INPUT',
+      { authCodePresent: true, daoIdPresent: true },
+      {
+        authCodePresent: Boolean(auth_code),
+        daoIdPresent: Boolean(tenantId),
+        daoId: tenantId,
+        tenantKey,
+        authCodeMasked: auth_code ? String(auth_code).slice(0, 8) + '***' : '',
+      }
+    );
+
+    try {
+      if (ctx.service?.third?.wechatPlatform && typeof ctx.service.third.wechatPlatform.handleAuthCallback === 'function') {
+        await ctx.service.third.wechatPlatform.handleAuthCallback(auth_code, tenantId);
+      } else {
+        ctx.throw(500, 'Missing host handler: ctx.service.third.wechatPlatform.handleAuthCallback');
+      }
+
+      this.logStep(
+        'COMPONENT_AUTH_CALLBACK_2_HANDLE',
+        { handleSuccess: true },
+        { handleSuccess: true }
+      );
+
+      ctx.set('Content-Type', 'text/html; charset=utf-8');
+      ctx.body = `<!doctype html>
+<html lang="zh-CN">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>微信授权成功</title>
+  <style>
+    body{font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica,Arial,sans-serif;margin:0;padding:24px;background:#f7f8fa;}
+    .card{max-width:520px;margin:48px auto;background:#fff;border-radius:12px;padding:24px;box-shadow:0 4px 14px rgba(0,0,0,.06);}
+    h1{font-size:18px;margin:0 0 12px;}
+    p{margin:0;color:#666;line-height:1.6;}
+    .ok{color:#1a7f37;font-weight:600;}
+  </style>
+</head>
+<body>
+  <div class="card">
+    <h1 class="ok">授权成功</h1>
+    <p>你可以关闭本页面，返回管理后台继续操作。</p>
+  </div>
+  <script>
+    try {
+      window.opener && window.opener.postMessage('wechat_auth_success', '*');
+    } catch (e) {}
+    try {
+      window.parent && window.parent.postMessage('wechat_auth_success', '*');
+    } catch (e) {}
+    setTimeout(function(){ try{ window.close(); } catch(e){} }, 200);
+  </script>
+</body>
+</html>`;
+    } catch (err) {
+      this.logStep(
+        'COMPONENT_AUTH_CALLBACK_999_ERROR',
+        { ok: true },
+        { ok: false, message: err?.message }
+      );
+
+      ctx.set('Content-Type', 'text/html; charset=utf-8');
+      const msg = String(err?.message || '授权失败');
+      ctx.body = `<!doctype html>
+<html lang="zh-CN">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>微信授权失败</title>
+</head>
+<body>
+  <p>授权失败：${msg.replace(/</g, '&lt;')}</p>
+</body>
+</html>`;
+    }
+  }
+
+  async mockAuthorize() {
+    const { ctx } = this;
+
+    if (!this.mockMode) {
+      ctx.throw(404);
+    }
+
+    const { redirect_uri, auth_type } = ctx.query;
+
+    this.logStep(
+      'COMPONENT_MOCK_AUTHORIZE_1_INPUT',
+      { redirectUriPresent: true },
+      {
+        redirectUriPresent: Boolean(redirect_uri),
+        redirectUriSample: redirect_uri ? safeSlice(redirect_uri, 180) : undefined,
+        authType: auth_type,
+      }
+    );
+
+    if (!redirect_uri) {
+      ctx.throw(400, 'Missing redirect_uri');
+    }
+
+    let target = null;
+    try {
+      const u = new URL(String(redirect_uri));
+      const allowedHostsRaw = this.wechatConfig.mockAuthorizeAllowedHosts;
+      const allowedHosts = new Set(
+        String(allowedHostsRaw || '')
+          .split(',')
+          .map(s => s.trim().toLowerCase())
+          .filter(Boolean)
+      );
+
+      if (allowedHosts.size === 0) {
+        // 默认：仅允许当前 Host（更安全）
+        const host = String(ctx.host || '').trim().toLowerCase();
+        if (host) allowedHosts.add(host);
+      }
+
+      const redirectHost = String(u.hostname || '').trim().toLowerCase();
+      if (!allowedHosts.has(redirectHost)) {
+        ctx.throw(400, 'Invalid redirect_uri_host');
+      }
+
+      if (![ 'http:', 'https:' ].includes(String(u.protocol || '').toLowerCase())) {
+        ctx.throw(400, 'Invalid redirect_uri_protocol');
+      }
+
+      if (u.pathname !== '/api/v1/wechat/component/auth_callback') {
+        ctx.throw(400, 'Invalid redirect_uri path');
+      }
+
+      const authCode = `mock_auth_code_${Date.now()}`;
+      u.searchParams.set('auth_code', authCode);
+      u.searchParams.set('expires_in', '3600');
+      if (auth_type) u.searchParams.set('auth_type', auth_type);
+
+      // 使用相对路径重定向，避免 egg-security safe_redirect 拦截绝对 URL
+      target = `${u.pathname}?${u.searchParams.toString()}`;
+
+      this.logStep(
+        'COMPONENT_MOCK_AUTHORIZE_2_REDIRECT',
+        { ok: true },
+        { ok: true, targetSample: safeSlice(target, 180), authCodeMasked: authCode.slice(0, 8) + '***' }
+      );
+    } catch (e) {
+      ctx.throw(400, 'Invalid redirect_uri');
+    }
+
+    ctx.redirect(target);
+  }
+
+  async callback() {
+    const { ctx } = this;
+
+    await this._ensureComponentCryptoConfig();
+
+    const componentToken = String(this.wechatConfig.componentToken || '').trim();
+    const componentEncodingAESKey = String(this.wechatConfig.componentEncodingAESKey || '').trim();
+    const componentAppId = String(this.wechatConfig.componentAppId || '').trim();
+
+    const { appid } = ctx.params;
+    const { msg_signature, signature, timestamp, nonce, echostr } = ctx.query;
+    let encryptType = String(ctx.query.encrypt_type || '').toLowerCase();
+
+    if (ctx.method === 'GET') {
+      try {
+        if (!echostr) {
+          ctx.body = '';
+          return;
+        }
+
+        const isEncrypted = encryptType === 'aes' || !!msg_signature;
+        if (isEncrypted) {
+          const cryptor = new WXBizMsgCrypt(componentToken, componentEncodingAESKey, componentAppId);
+          if (msg_signature && timestamp && nonce) {
+            const expected = cryptor.getSignature(timestamp, nonce, echostr);
+            if (expected !== msg_signature) {
+              ctx.logger.error('WeChat Callback VerifyURL signature mismatch (aes mode)', { appid, expected, msg_signature });
+              ctx.status = 403;
+              ctx.body = '';
+              return;
+            }
+          }
+
+          const decrypted = cryptor.decrypt(echostr);
+          ctx.body = decrypted.message;
+          return;
+        }
+
+        if (signature && timestamp && nonce) {
+          const expected = calcPlainSignature(componentToken, timestamp, nonce);
+          if (expected !== signature) {
+            ctx.logger.error('WeChat Callback VerifyURL signature mismatch (raw mode)', { appid, expected, signature });
+            ctx.status = 403;
+            ctx.body = '';
+            return;
+          }
+        }
+
+        ctx.body = echostr;
+        return;
+      } catch (err) {
+        ctx.logger.error(`WeChat Callback VerifyURL Error for ${appid}`, err);
+        ctx.status = 500;
+        ctx.body = '';
+        return;
+      }
+    }
+
+    // ===== POST：消息/事件回调 =====
+
+    const xml = getRawXmlBody(ctx);
+
+    try {
+      const cryptor = new WXBizMsgCrypt(componentToken, componentEncodingAESKey, componentAppId);
+
+      const sendReplyXml = replyXml => {
+        ctx.set('Content-Type', 'application/xml');
+        ctx.body = replyXml;
+      };
+
+      const sendEncryptedReply = replyXml => {
+        const ts = String(Math.floor(Date.now() / 1000));
+        const nonceToSend = crypto.randomBytes(8).toString('hex');
+        const encrypted = cryptor.encrypt(replyXml);
+        const signatureToSend = cryptor.getSignature(ts, nonceToSend, encrypted);
+
+        const wrappedXml = `<xml>
+<Encrypt><![CDATA[${encrypted}]]></Encrypt>
+<MsgSignature><![CDATA[${signatureToSend}]]></MsgSignature>
+<TimeStamp>${ts}</TimeStamp>
+<Nonce><![CDATA[${nonceToSend}]]></Nonce>
+</xml>`;
+
+        sendReplyXml(wrappedXml.trim());
+      };
+
+      const parseIncomingPlainMessage = async () => {
+        if (ctx.request.body && typeof ctx.request.body === 'object') {
+          const maybeXml = ctx.request.body.xml || ctx.request.body;
+          if (maybeXml && (maybeXml.MsgType || maybeXml.ToUserName || maybeXml.FromUserName)) return maybeXml;
+        }
+        return this._parseXml(xml);
+      };
+
+      let encrypt = this._getEncryptFromBody();
+      if (!encrypt) {
+        const parsed = this._parseXml(xml);
+        encrypt = parsed?.Encrypt;
+      }
+
+      if (!encryptType && encrypt) encryptType = 'aes';
+      const isEncrypted = encryptType === 'aes';
+
+      let msg = null;
+      if (isEncrypted) {
+        if (!encrypt) {
+          ctx.logger.error('WeChat Callback missing Encrypt field (aes mode)', {
+            appid,
+            contentType: ctx.get('Content-Type'),
+            query: ctx.query,
+            bodyType: typeof ctx.request.body,
+          });
+          ctx.status = 400;
+          ctx.body = '';
+          return;
+        }
+
+        if (msg_signature && timestamp && nonce) {
+          const expected = cryptor.getSignature(timestamp, nonce, encrypt);
+          if (expected !== msg_signature) {
+            ctx.logger.error('WeChat Callback signature mismatch (aes mode)', { appid, expected, msg_signature });
+            ctx.status = 403;
+            ctx.body = '';
+            return;
+          }
+        }
+
+        const decrypted = cryptor.decrypt(encrypt);
+        msg = this._parseXml(decrypted.message);
+      } else {
+        if (signature && timestamp && nonce) {
+          const expected = calcPlainSignature(componentToken, timestamp, nonce);
+          if (expected !== signature) {
+            ctx.logger.error('WeChat Callback signature mismatch (raw mode)', { appid, expected, signature });
+            ctx.status = 403;
+            ctx.body = '';
+            return;
+          }
+        }
+
+        msg = await parseIncomingPlainMessage();
+      }
+
+      ctx.logger.info(`Received Callback for ${appid}:`, msg);
+
+      if (!msg) {
+        ctx.body = 'success';
+        return;
+      }
+
+      // 可选：宿主的媒体安全检测回调
+      if (
+        msg.MsgType === 'event' &&
+        String(msg.Event || '').toLowerCase() === 'wxa_media_check' &&
+        ctx.service?.ai?.review &&
+        typeof ctx.service.ai.review.handleWechatMediaCheckCallback === 'function'
+      ) {
+        await ctx.service.ai.review.handleWechatMediaCheckCallback(appid, msg);
+        ctx.body = 'success';
+        return;
+      }
+
+      const buildReplyXml = (reply, incoming) => {
+        if (!reply || !incoming) return null;
+
+        const toUser = incoming.FromUserName;
+        const fromUser = incoming.ToUserName;
+        const createTime = Math.floor(Date.now() / 1000);
+
+        if (reply.type === 'text') {
+          return `<xml>
+<ToUserName><![CDATA[${toUser}]]></ToUserName>
+<FromUserName><![CDATA[${fromUser}]]></FromUserName>
+<CreateTime>${createTime}</CreateTime>
+<MsgType><![CDATA[text]]></MsgType>
+<Content><![CDATA[${reply.content || ''}]]></Content>
+</xml>`;
+        }
+
+        if (reply.type === 'image') {
+          return `<xml>
+<ToUserName><![CDATA[${toUser}]]></ToUserName>
+<FromUserName><![CDATA[${fromUser}]]></FromUserName>
+<CreateTime>${createTime}</CreateTime>
+<MsgType><![CDATA[image]]></MsgType>
+<Image><MediaId><![CDATA[${reply.mediaId || ''}]]></MediaId></Image>
+</xml>`;
+        }
+
+        if (reply.type === 'news') {
+          const articles = Array.isArray(reply.content) ? reply.content : [];
+          const itemsXml = articles.map(a => `<item>
+<Title><![CDATA[${a.title || ''}]]></Title>
+<Description><![CDATA[${a.description || ''}]]></Description>
+<PicUrl><![CDATA[${a.picUrl || ''}]]></PicUrl>
+<Url><![CDATA[${a.url || ''}]]></Url>
+</item>`).join('\n');
+
+          return `<xml>
+<ToUserName><![CDATA[${toUser}]]></ToUserName>
+<FromUserName><![CDATA[${fromUser}]]></FromUserName>
+<CreateTime>${createTime}</CreateTime>
+<MsgType><![CDATA[news]]></MsgType>
+<ArticleCount>${articles.length}</ArticleCount>
+<Articles>
+${itemsXml}
+</Articles>
+</xml>`;
+        }
+
+        return null;
+      };
+
+      // 全网发布自动化测试专用逻辑
+      if (msg.MsgType === 'text') {
+        if (msg.Content === 'TESTCOMPONENT_MSG_TYPE_TEXT') {
+          const replyContent = 'TESTCOMPONENT_MSG_TYPE_TEXT_callback';
+          const replyXml = `<xml>
+<ToUserName><![CDATA[${msg.FromUserName}]]></ToUserName>
+<FromUserName><![CDATA[${msg.ToUserName}]]></FromUserName>
+<CreateTime>${Math.floor(Date.now() / 1000)}</CreateTime>
+<MsgType><![CDATA[text]]></MsgType>
+<Content><![CDATA[${replyContent}]]></Content>
+</xml>`;
+
+          if (isEncrypted) {
+            sendEncryptedReply(replyXml);
+          } else {
+            sendReplyXml(replyXml);
+          }
+          return;
+        }
+
+        if (typeof msg.Content === 'string' && msg.Content.startsWith('QUERY_AUTH_CODE:')) {
+          const queryAuthCode = msg.Content.replace('QUERY_AUTH_CODE:', '');
+          ctx.body = '';
+
+          ctx.runInBackground(async () => {
+            try {
+              if (ctx.service?.third?.wechatPlatform && typeof ctx.service.third.wechatPlatform.handleTestAuthCode === 'function') {
+                await ctx.service.third.wechatPlatform.handleTestAuthCode(queryAuthCode, msg.FromUserName);
+              }
+            } catch (e) {
+              ctx.logger.error('Handle Test Auth Code Error:', e);
+            }
+          });
+          return;
+        }
+      }
+
+      // 非全网发布测试消息：交给宿主的消息处理 service（若不存在则直接 success）
+      if (ctx.service?.third?.wechatMessage && typeof ctx.service.third.wechatMessage.handleMessage === 'function') {
+        const reply = await ctx.service.third.wechatMessage.handleMessage(appid, msg);
+        const replyXml = buildReplyXml(reply, msg);
+        if (replyXml) {
+          if (isEncrypted) {
+            sendEncryptedReply(replyXml);
+          } else {
+            sendReplyXml(replyXml);
+          }
+          return;
+        }
+      }
+
+      ctx.body = 'success';
+    } catch (err) {
+      ctx.logger.error('Callback Error:', err);
+      ctx.body = 'success';
+    }
+  }
+}
+
+module.exports = WechatPlatformHttpService;

package/app.js

@@ -0,0 +1,198 @@
+'use strict';
+
+/**
+ * 插件初始化入口：用于在应用启动前，动态覆盖 wechat 配置。
+ *
+ * 用法：在宿主项目的 config/config.*.js 中提供：
+ *
+ * exports.wechat = {
+ *   // ...原有配置
+ *   // init 可同步或异步，返回要覆盖/补充的配置对象
+ *   init: async (app) => ({ componentAppId: 'wx...', componentAppSecret: '...' }),
+ * };
+ *
+ * @param {import('egg').Application} app Egg Application
+ */
+module.exports = app => {
+  app.beforeStart(async () => {
+    const baseConfig = app.config.wechat || {};
+
+    const normalizeRuntimeCfg = (cfg) => {
+      if (!cfg || typeof cfg !== 'object') return null;
+      const next = Object.assign({}, cfg);
+      Object.keys(next).forEach(k => {
+        const v = next[k];
+        if (typeof v === 'string') next[k] = v.trim();
+        if (next[k] === undefined || next[k] === null || String(next[k]).trim() === '') {
+          delete next[k];
+        }
+      });
+      return Object.keys(next).length > 0 ? next : null;
+    };
+
+    const override = baseConfig.override && typeof baseConfig.override === 'object'
+      ? baseConfig.override
+      : null;
+
+    const init = baseConfig.init;
+
+    let initResult = null;
+    if (typeof init === 'function') {
+      try {
+        initResult = await init(app);
+      } catch (err) {
+        app.logger && app.logger.error && app.logger.error('[egg-wechat] wechat.init failed', err);
+      }
+    }
+
+    const finalOverride = initResult && typeof initResult === 'object' ? initResult : override;
+    if (finalOverride) {
+      // 就地合并，保证所有 service 都能读到更新后的值
+      Object.assign(baseConfig, finalOverride);
+      app.config.wechat = baseConfig;
+    }
+
+    const shouldEnableProvider = typeof baseConfig.getConfig === 'function';
+
+    const loadFromProvider = async () => {
+      if (!shouldEnableProvider) return null;
+
+      const ctx = app.createAnonymousContext();
+      try {
+        const cfg = await baseConfig.getConfig(ctx);
+        return normalizeRuntimeCfg(cfg);
+      } catch (err) {
+        app.logger && app.logger.warn && app.logger.warn('[egg-wechat] wechat.getConfig(ctx) failed', err);
+        return null;
+      }
+    };
+
+    const shouldEnableUnifiedConfig = (() => {
+      if (baseConfig.useUnifiedConfig === true) return true;
+      if (String(baseConfig.configSource || '').toLowerCase() === 'unified') return true;
+      // 自动兜底：当 component 配置缺失时尝试从统一配置读取（避免宿主必须写死 secret）
+      const hasStaticComponent = Boolean(baseConfig.componentAppId) && Boolean(baseConfig.componentAppSecret);
+      return !hasStaticComponent;
+    })();
+
+    const refreshIntervalMsRaw = baseConfig.unifiedConfigRefreshIntervalMs;
+    const refreshIntervalMs = Number.isFinite(Number(refreshIntervalMsRaw))
+      ? Math.max(Number(refreshIntervalMsRaw), 1000)
+      : 30 * 1000;
+
+    const loadFromUnifiedConfig = async () => {
+      // 在宿主没有 unifiedConfig service 时，静默跳过
+      const ctx = app.createAnonymousContext();
+      const unified = ctx?.service?.config?.unifiedConfig;
+      if (!unified || typeof unified.get !== 'function') return null;
+
+      // 统一配置键（以 ddn-hub 的 wechat_platform.* 为准）
+      const keys = {
+        appId: 'wechat_platform.app_id',
+        appSecret: 'wechat_platform.app_secret',
+        componentAppId: 'wechat_platform.component.app_id',
+        componentAppSecret: 'wechat_platform.component.app_secret',
+        componentToken: 'wechat_platform.component.token',
+        componentEncodingAESKey: 'wechat_platform.component.encoding_aes_key',
+        publicBaseUrl: 'wechat_platform.public_base_url',
+      };
+
+      const entries = await Promise.all(
+        Object.entries(keys).map(async ([k, key]) => {
+          try {
+            const v = await unified.get(key);
+            return [k, typeof v === 'string' ? v.trim() : v];
+          } catch (e) {
+            return [k, undefined];
+          }
+        })
+      );
+
+      const cfg = Object.fromEntries(entries);
+
+      return normalizeRuntimeCfg(cfg);
+    };
+
+    const applyRuntimeWechatConfig = (runtimeCfg) => {
+      if (!runtimeCfg || typeof runtimeCfg !== 'object') return;
+
+      // 仅在内存中合并：同时写到 app.wechatRuntimeConfig 与 app.config.wechat
+      // 目的：
+      // - service 读取 app.config.wechat 的代码无需大改
+      // - 运行时刷新能覆盖所有模块
+      app.wechatRuntimeConfig = Object.assign({}, app.wechatRuntimeConfig || {}, runtimeCfg);
+      app.config.wechat = Object.assign({}, app.config.wechat || {}, app.wechatRuntimeConfig);
+    };
+
+    // 对宿主/测试暴露一个手动刷新入口，避免等待定时器
+    app.wechatRefreshProviderConfig = async () => {
+      if (!shouldEnableProvider) return { enabled: false };
+      const cfg = await loadFromProvider();
+      if (cfg) applyRuntimeWechatConfig(cfg);
+      return { enabled: true, applied: Boolean(cfg) };
+    };
+
+    app.wechatRefreshUnifiedConfig = async () => {
+      if (!shouldEnableUnifiedConfig) return { enabled: false };
+      const cfg = await loadFromUnifiedConfig();
+      if (cfg) applyRuntimeWechatConfig(cfg);
+      return { enabled: true, applied: Boolean(cfg) };
+    };
+
+    if (shouldEnableProvider) {
+      try {
+        const cfg = await loadFromProvider();
+        if (cfg) applyRuntimeWechatConfig(cfg);
+      } catch (err) {
+        app.logger && app.logger.warn && app.logger.warn('[egg-wechat] provider initial load failed', err);
+      }
+
+      // 周期刷新 provider：避免进程长期持有过期配置
+      setInterval(async () => {
+        try {
+          const cfg = await loadFromProvider();
+          if (cfg) applyRuntimeWechatConfig(cfg);
+        } catch (err) {
+          app.logger && app.logger.warn && app.logger.warn('[egg-wechat] provider refresh failed', err);
+        }
+      }, refreshIntervalMs).unref();
+    }
+
+    if (shouldEnableUnifiedConfig) {
+      try {
+        const cfg = await loadFromUnifiedConfig();
+        if (cfg) applyRuntimeWechatConfig(cfg);
+      } catch (err) {
+        app.logger && app.logger.warn && app.logger.warn('[egg-wechat] unifiedConfig initial load failed', err);
+      }
+
+      // 周期刷新：在不重启进程的情况下感知统一配置变更
+      // 若宿主不需要，可显式设置 useUnifiedConfig=false 并提供静态配置
+      setInterval(async () => {
+        try {
+          const cfg = await loadFromUnifiedConfig();
+          if (cfg) applyRuntimeWechatConfig(cfg);
+        } catch (err) {
+          app.logger && app.logger.warn && app.logger.warn('[egg-wechat] unifiedConfig refresh failed', err);
+        }
+      }, refreshIntervalMs).unref();
+    }
+
+    // 仅输出字段存在性，避免泄露敏感值
+    const finalConfig = app.config.wechat || {};
+    if (app.logger && app.logger.info) {
+      app.logger.info('[egg-wechat] wechat config initialized', {
+        providerEnabled: Boolean(shouldEnableProvider),
+        useUnifiedConfig: Boolean(shouldEnableUnifiedConfig),
+        unifiedConfigRefreshIntervalMs: refreshIntervalMs,
+        appIdPresent: Boolean(finalConfig.appId),
+        appSecretPresent: Boolean(finalConfig.appSecret),
+        componentAppIdPresent: Boolean(finalConfig.componentAppId),
+        componentAppSecretPresent: Boolean(finalConfig.componentAppSecret),
+        componentTokenPresent: Boolean(finalConfig.componentToken),
+        componentEncodingAESKeyPresent: Boolean(finalConfig.componentEncodingAESKey),
+        publicBaseUrlPresent: Boolean(finalConfig.publicBaseUrl),
+      });
+    }
+  });
+};

package/config/config.default.js

@@ -20,4 +20,12 @@ exports.wechat = {
   componentAppSecret: '',
   componentToken: '',
   componentEncodingAESKey: '',
+
+  // 可选：动态注入/覆盖配置（覆盖所有模块）
+  // init: async (app) => ({ componentAppId: 'wx...', componentAppSecret: '...' }),
+  // override: { componentAppId: 'wx...', componentAppSecret: '...' },
+
+  // 可选：运行时从统一配置读取并周期刷新（需要宿主提供 ctx.service.config.unifiedConfig.get）
+  // useUnifiedConfig: true,
+  // unifiedConfigRefreshIntervalMs: 30000,
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ddn/egg-wechat",
-  "version": "1.0.25",
+  "version": "1.0.28",
   "description": "Eggjs plugin for wechat",
   "types": "./index.d.ts",
   "eggPlugin": {
@@ -16,6 +16,7 @@
     "wxapp"
   ],
   "dependencies": {
+    "wechat-crypto": "^0.0.2",
     "xml-js": "^1.6.11"
   },
   "peerDependencies": {
@@ -47,6 +48,7 @@
   "files": [
     "app",
     "config",
+    "app.js",
     "index.d.ts"
   ],
   "ci": {