@dingxiang-me/openclaw-wechat 2.1.0 → 2.3.0

package/src/wecom/account-config-core.js

@@ -1,4 +1,5 @@
 import { buildDefaultAgentWebhookPath } from "./account-paths.js";
+import { resolveWecomApiBaseUrl } from "./network-config.js";
 
 export function asNumber(v, fallback = null) {
   if (v == null) return fallback;
@@ -31,6 +32,7 @@ export function normalizeAccountConfig({ raw, accountId, normalizeWecomWebhookTa
   const normalizedId = normalizeAccountId(accountId);
   if (!raw || typeof raw !== "object") return null;
   if (typeof normalizeWecomWebhookTargetMap !== "function") return null;
+  const networkConfig = raw.network && typeof raw.network === "object" ? raw.network : {};
 
   const legacyAgent = raw.agent && typeof raw.agent === "object" ? raw.agent : {};
   const hasLegacyAgentBlock = Object.keys(legacyAgent).length > 0;
@@ -53,7 +55,19 @@ export function normalizeAccountConfig({ raw, accountId, normalizeWecomWebhookTa
   const defaultWebhookPath = buildDefaultAgentWebhookPath(normalizedId);
   const webhookPath = String(raw.webhookPath ?? legacyAgent.webhookPath ?? defaultWebhookPath).trim() || defaultWebhookPath;
   const name = pickFirstNonEmptyString(raw.name, normalizedId);
-  const outboundProxy = String(raw.outboundProxy ?? raw.proxyUrl ?? raw.proxy ?? "").trim();
+  const outboundProxy = String(
+    raw.outboundProxy ??
+      raw.proxyUrl ??
+      raw.proxy ??
+      networkConfig.egressProxyUrl ??
+      networkConfig.proxyUrl ??
+      networkConfig.proxy ??
+      "",
+  ).trim();
+  const apiBaseUrl = resolveWecomApiBaseUrl({
+    accountConfig: raw,
+    accountId: normalizedId,
+  });
   const webhooks = normalizeWecomWebhookTargetMap(raw.webhooks);
   const allowFrom = raw.allowFrom ?? raw.dm?.allowFrom;
   const allowFromRejectMessage = String(raw.allowFromRejectMessage ?? raw.rejectUnauthorizedMessage ?? "").trim();
@@ -74,6 +88,7 @@ export function normalizeAccountConfig({ raw, accountId, normalizeWecomWebhookTa
     webhookPath,
     name,
     outboundProxy: outboundProxy || undefined,
+    apiBaseUrl: apiBaseUrl || undefined,
     webhooks: Object.keys(webhooks).length > 0 ? webhooks : undefined,
     allowFrom,
     allowFromRejectMessage: allowFromRejectMessage || undefined,
@@ -108,11 +123,21 @@ export function readAccountConfigFromEnv({
   const defaultWebhookPath = buildDefaultAgentWebhookPath(normalizedId);
   const webhookPath = String(readVar("WEBHOOK_PATH") ?? defaultWebhookPath).trim() || defaultWebhookPath;
   const outboundProxyRaw =
+    readVar("EGRESS_PROXY_URL") ??
     readVar("PROXY") ??
     (normalizedId === "default"
       ? requireEnv("HTTPS_PROXY")
       : envVars?.WECOM_PROXY ?? requireEnv("WECOM_PROXY") ?? requireEnv("HTTPS_PROXY"));
   const outboundProxy = String(outboundProxyRaw ?? "").trim();
+  const apiBaseUrl = resolveWecomApiBaseUrl({
+    envVars: {
+      ...envVars,
+      [`${prefix}_API_BASE_URL`]: readVar("API_BASE_URL"),
+      ...(normalizedId === "default" ? { WECOM_API_BASE_URL: readVar("API_BASE_URL") } : {}),
+    },
+    processEnv: {},
+    accountId: normalizedId,
+  });
   const webhooks = normalizeWecomWebhookTargetMap(readVar("WEBHOOK_TARGETS"), readVar("WEBHOOKS"));
   const allowFrom = readVar("ALLOW_FROM");
   const allowFromRejectMessage = String(readVar("ALLOW_FROM_REJECT_MESSAGE") ?? "").trim();
@@ -130,6 +155,7 @@ export function readAccountConfigFromEnv({
     callbackAesKey,
     webhookPath,
     outboundProxy: outboundProxy || undefined,
+    apiBaseUrl: apiBaseUrl || undefined,
     webhooks: Object.keys(webhooks).length > 0 ? webhooks : undefined,
     allowFrom,
     allowFromRejectMessage: allowFromRejectMessage || undefined,

package/src/wecom/account-config.js

@@ -6,10 +6,14 @@ import {
   readAccountConfigFromEnv,
 } from "./account-config-core.js";
 import { normalizePluginHttpPath } from "./http-path.js";
+import { resolveWecomApiBaseUrl } from "./network-config.js";
 
-const LEGACY_INLINE_ACCOUNT_RESERVED_KEYS = new Set([
+export const LEGACY_INLINE_ACCOUNT_RESERVED_KEYS = new Set([
   "name",
   "enabled",
+  "botId",
+  "botid",
+  "secret",
   "corpId",
   "corpSecret",
   "agentId",
@@ -21,9 +25,14 @@ const LEGACY_INLINE_ACCOUNT_RESERVED_KEYS = new Set([
   "outboundProxy",
   "proxyUrl",
   "proxy",
+  "network",
+  "apiBaseUrl",
   "webhooks",
   "allowFrom",
   "allowFromRejectMessage",
+  "groupPolicy",
+  "groupAllowFrom",
+  "groupAllowFromRejectMessage",
   "rejectUnauthorizedMessage",
   "adminUsers",
   "commandAllowlist",
@@ -31,6 +40,7 @@ const LEGACY_INLINE_ACCOUNT_RESERVED_KEYS = new Set([
   "commands",
   "workspaceTemplate",
   "groupChat",
+  "groups",
   "dynamicAgent",
   "dynamicAgents",
   "dm",
@@ -48,7 +58,7 @@ const LEGACY_INLINE_ACCOUNT_RESERVED_KEYS = new Set([
   "agent",
 ]);
 
-function listLegacyInlineAccountEntries(channelConfig) {
+export function listLegacyInlineAccountEntries(channelConfig) {
   if (!channelConfig || typeof channelConfig !== "object") return [];
   const entries = [];
   for (const [rawKey, value] of Object.entries(channelConfig)) {
@@ -137,6 +147,13 @@ export function createWecomAccountRegistry({
         processEnv,
         accountId,
       });
+      config.apiBaseUrl = resolveWecomApiBaseUrl({
+        channelConfig,
+        accountConfig: config,
+        envVars,
+        processEnv,
+        accountId,
+      });
     }
 
     wecomAccounts.clear();

package/src/wecom/agent-dispatch-executor.js

@@ -29,6 +29,7 @@ export async function executeWecomAgentDispatchFlow({
   corpSecret,
   agentId,
   proxyUrl = "",
+  apiBaseUrl = "",
   tempPathsToCleanup = [],
   resolveWecomReplyStreamingPolicy,
   asNumber,
@@ -37,6 +38,7 @@ export async function executeWecomAgentDispatchFlow({
   markdownToWecomText,
   autoSendWorkspaceFilesFromReplyText,
   sendWecomOutboundMediaBatch,
+  resolveWecomReasoningPolicy,
   withTimeout,
   isDispatchTimeoutError,
   isAgentFailureText,
@@ -44,6 +46,7 @@ export async function executeWecomAgentDispatchFlow({
   ensureLateReplyWatcherRunner,
   ACTIVE_LATE_REPLY_WATCHERS,
   sendTextToUser,
+  deliverAgentReply,
   clearSessionStoreEntry,
 } = {}) {
   assertFunction("resolveWecomReplyStreamingPolicy", resolveWecomReplyStreamingPolicy);
@@ -92,9 +95,12 @@ export async function executeWecomAgentDispatchFlow({
     lateReplyWatchMs,
     lateReplyPollMs,
     sendTextToUser,
+    deliverAgentReply,
     ensureLateReplyWatcherRunner,
     activeWatchers: ACTIVE_LATE_REPLY_WATCHERS,
     clearSessionStoreEntry,
+    api,
+    fromUser,
     logger: api?.logger,
   });
   const sendProgressNotice = lateReplyRuntime.sendProgressNotice;
@@ -115,21 +121,26 @@ export async function executeWecomAgentDispatchFlow({
       api,
       state: dispatchState,
       streamingEnabled,
+      sessionId,
+      runtimeAccountId,
       fromUser,
       routedAgentId,
       corpId,
       corpSecret,
       agentId,
       proxyUrl,
+      apiBaseUrl,
       flushStreamingBuffer,
       sendFailureFallback,
       sendTextToUser,
+      deliverAgentReply,
       markdownToWecomText,
       isAgentFailureText,
       computeStreamingTailText,
       autoSendWorkspaceFilesFromReplyText,
       buildWorkspaceAutoSendHints,
       sendWecomOutboundMediaBatch,
+      reasoningPolicy: resolveWecomReasoningPolicy?.(api) ?? {},
     });
     const dispatchResult = await withTimeout(
       runtime.channel.reply.dispatchReplyWithBufferedBlockDispatcher({

package/src/wecom/agent-dispatch-handlers.js

@@ -1,3 +1,7 @@
+import { applyWecomReasoningPolicy } from "./reasoning-visibility.js";
+import { extractWecomReplyDirectives } from "./reply-output-policy.js";
+import { parseThinkingContent } from "./thinking-parser.js";
+
 function assertFunction(name, value) {
   if (typeof value !== "function") {
     throw new Error(`createWecomAgentDispatchHandlers: ${name} is required`);
@@ -16,21 +20,26 @@ export function createWecomAgentDispatchHandlers({
   api,
   state,
   streamingEnabled = false,
+  sessionId = "",
+  runtimeAccountId = "default",
   fromUser,
   routedAgentId = "",
   corpId = "",
   corpSecret = "",
   agentId = "",
   proxyUrl = "",
+  apiBaseUrl = "",
   flushStreamingBuffer,
   sendFailureFallback,
   sendTextToUser,
+  deliverAgentReply = null,
   markdownToWecomText,
   isAgentFailureText,
   computeStreamingTailText,
   autoSendWorkspaceFilesFromReplyText,
   buildWorkspaceAutoSendHints,
   sendWecomOutboundMediaBatch,
+  reasoningPolicy = {},
 } = {}) {
   if (!state || typeof state !== "object") {
     throw new Error("createWecomAgentDispatchHandlers: state is required");
@@ -67,9 +76,13 @@ export function createWecomAgentDispatchHandlers({
       }
       if (info.kind === "block") {
         if (payload.text) {
-          state.blockTextFallback = appendWecomAgentBlockFallback(state.blockTextFallback, payload.text);
+          const blockParsed = parseThinkingContent(payload.text);
+          const blockVisibleText = extractWecomReplyDirectives(markdownToWecomText(blockParsed.visibleContent).trim()).text;
+          if (blockVisibleText) {
+            state.blockTextFallback = appendWecomAgentBlockFallback(state.blockTextFallback, blockVisibleText);
+          }
           if (streamingEnabled) {
-            state.streamChunkBuffer += payload.text;
+            state.streamChunkBuffer += blockVisibleText || "";
             await flushStreamingBuffer({ force: false, reason: "block" });
           }
         }
@@ -85,12 +98,31 @@ export function createWecomAgentDispatchHandlers({
           return;
         }
 
+        const parsedFinal = parseThinkingContent(payload.text);
+        const parsedRawFinal = parseThinkingContent(String(payload.rawText ?? payload.text ?? ""));
+        const reasoningPayload = applyWecomReasoningPolicy({
+          text: markdownToWecomText(parsedFinal.visibleContent).trim(),
+          thinkingContent: markdownToWecomText(parsedFinal.thinkingContent).trim(),
+          policy: reasoningPolicy,
+          transport: "agent",
+          phase: "final",
+        });
+        const rawReasoningPayload = applyWecomReasoningPolicy({
+          text: String(parsedRawFinal.visibleContent ?? "").trim(),
+          thinkingContent: String(payload.rawThinkingContent ?? parsedRawFinal.thinkingContent ?? "").trim(),
+          policy: reasoningPolicy,
+          transport: "agent",
+          phase: "final",
+        });
+        const effectiveFinalText = extractWecomReplyDirectives(String(reasoningPayload.text ?? "").trim()).text;
+        const richFinalText = extractWecomReplyDirectives(String(rawReasoningPayload.text ?? "").trim()).text;
+
         logger?.info?.(`wecom: delivering ${info.kind} reply, length=${payload.text.length}`);
         if (streamingEnabled) {
           await flushStreamingBuffer({ force: true, reason: "final" });
           await state.streamChunkSendChain;
           if (state.streamChunkSentCount > 0) {
-            const finalText = markdownToWecomText(payload.text).trim();
+            const finalText = effectiveFinalText;
             const streamedText = markdownToWecomText(state.blockTextFallback).trim();
             const tailText = computeStreamingTailText({ finalText, streamedText });
             if (tailText) {
@@ -105,9 +137,9 @@ export function createWecomAgentDispatchHandlers({
         }
 
         if (!deliveredFinalText) {
-          const formattedReply = markdownToWecomText(payload.text);
+          const formattedReply = effectiveFinalText;
           const workspaceAutoMedia = await autoSendWorkspaceFilesFromReplyText({
-            text: formattedReply,
+            text: String(payload.rawText ?? payload.text ?? formattedReply),
             routeAgentId: routedAgentId,
             corpId,
             corpSecret,
@@ -115,12 +147,32 @@ export function createWecomAgentDispatchHandlers({
             toUser: fromUser,
             logger,
             proxyUrl,
+            apiBaseUrl,
           });
           const workspaceHints = buildWorkspaceAutoSendHints(workspaceAutoMedia);
           const finalReplyText = [formattedReply, ...workspaceHints].filter(Boolean).join("\n\n");
-          await sendTextToUser(finalReplyText);
-          state.hasDeliveredReply = true;
-          deliveredFinalText = true;
+          if (typeof deliverAgentReply === "function") {
+            const result = await deliverAgentReply({
+              api,
+              fromUser,
+              accountId: runtimeAccountId,
+              sessionId,
+              text: finalReplyText,
+              rawText: [richFinalText, ...workspaceHints].filter(Boolean).join("\n\n"),
+              rawThinkingContent: String(rawReasoningPayload.thinkingContent ?? "").trim(),
+              routeAgentId: routedAgentId,
+              reason: "final-reply",
+            });
+            state.hasDeliveredReply = true;
+            deliveredFinalText = result?.ok === true;
+            if (!result?.ok) {
+              logger?.warn?.(`wecom: final agent reply deferred to pending delivery session=${sessionId || "n/a"}`);
+            }
+          } else {
+            await sendTextToUser(finalReplyText);
+            state.hasDeliveredReply = true;
+            deliveredFinalText = true;
+          }
           logger?.info?.(`wecom: sent AI reply to ${fromUser}: ${finalReplyText.slice(0, 50)}...`);
         }
       }
@@ -136,6 +188,7 @@ export function createWecomAgentDispatchHandlers({
           mediaType: payload.mediaType,
           logger,
           proxyUrl,
+          apiBaseUrl,
         });
         if (mediaResult.sentCount > 0) {
           state.hasDeliveredReply = true;

package/src/wecom/agent-inbound-guards.js

@@ -70,6 +70,30 @@ export async function applyWecomAgentInboundGuards({
   const dmPolicy = resolveWecomDmPolicy(api, resolvedAccountId, config);
   const allowFromPolicy = resolveWecomAllowFromPolicy(api, resolvedAccountId, config);
 
+  if (isGroupChat) {
+    const groupPolicyMode = String(groupChatPolicy?.policyMode ?? (groupChatPolicy?.enabled === false ? "deny" : "open"))
+      .trim()
+      .toLowerCase();
+    const groupSenderAllowed =
+      isAdminUser ||
+      groupPolicyMode === "open" ||
+      (groupPolicyMode !== "deny" &&
+        (groupChatPolicy.allowFrom.includes("*") ||
+          isWecomSenderAllowed({
+            senderId: normalizedFromUser,
+            allowFrom: groupChatPolicy.allowFrom,
+          })));
+    if (!groupSenderAllowed) {
+      api?.logger?.warn?.(
+        `wecom: sender blocked by group policy account=${resolvedAccountId} chatId=${chatId || "unknown"} user=${normalizedFromUser} mode=${groupPolicyMode || "open"}`,
+      );
+      if (groupChatPolicy?.rejectMessage) {
+        await sendTextToUser(groupChatPolicy.rejectMessage);
+      }
+      return { ok: false, commandBody: nextCommandBody, isAdminUser };
+    }
+  }
+
   if (!isGroupChat) {
     const dmAccess = await resolveWecomDirectMessageAccess({
       api,

package/src/wecom/agent-inbound-processor.js

@@ -31,12 +31,14 @@ export function createWecomAgentInboundProcessor(deps = {}) {
     resolveWecomAgentRoute,
     seedDynamicAgentWorkspace,
     resolveWecomReplyStreamingPolicy,
+    resolveWecomReasoningPolicy,
     asNumber,
     requireEnv,
     getByteLength,
     markdownToWecomText,
     autoSendWorkspaceFilesFromReplyText,
     sendWecomOutboundMediaBatch,
+    deliverAgentReply,
     sleep,
     resolveSessionTranscriptFilePath,
     readTranscriptAppendedChunk,
@@ -50,6 +52,8 @@ export function createWecomAgentInboundProcessor(deps = {}) {
     ACTIVE_LATE_REPLY_WATCHERS,
     resetWecomConversationSession,
     clearSessionStoreEntry,
+    markWecomReliableInboundActivity = () => null,
+    flushWecomSessionPendingReplies = async () => {},
   } = deps;
 
   let lateReplyWatcherRunner = null;
@@ -94,7 +98,7 @@ export function createWecomAgentInboundProcessor(deps = {}) {
 
     const cfg = api.config;
     const runtime = api.runtime;
-    const { corpId, corpSecret, agentId, outboundProxy: proxyUrl } = config;
+    const { corpId, corpSecret, agentId, outboundProxy: proxyUrl, apiBaseUrl } = config;
     const sendTextToUser = createWecomAgentTextSender({
       sendWecomText,
       corpId,
@@ -103,17 +107,29 @@ export function createWecomAgentInboundProcessor(deps = {}) {
       toUser: fromUser,
       logger: api.logger,
       proxyUrl,
+      apiBaseUrl,
     });
 
     try {
       const baseSessionId = buildWecomSessionId(fromUser, config.accountId || accountId || "default");
+      markWecomReliableInboundActivity({
+        mode: "agent",
+        accountId: config.accountId || accountId || "default",
+        sessionId: baseSessionId,
+        fromUser,
+      });
       let sessionId = baseSessionId;
       let routedAgentId = "";
       const normalizedFromUser = String(fromUser ?? "").trim().toLowerCase();
       const fromAddress = `wecom:${normalizedFromUser}`;
       const originalContent = content || "";
       let commandBody = originalContent;
-      const groupChatPolicy = resolveWecomGroupChatPolicy(api);
+      const groupChatPolicy = resolveWecomGroupChatPolicy(
+        api,
+        config.accountId || accountId || "default",
+        config,
+        isGroupChat ? chatId : "",
+      );
       const dynamicAgentPolicy = resolveWecomDynamicAgentPolicy(api);
       api.logger.info?.(`wecom: processing ${msgType} message for session ${sessionId}${isGroupChat ? " (group)" : ""}`);
 
@@ -146,6 +162,7 @@ export function createWecomAgentInboundProcessor(deps = {}) {
           agentId,
           accountId: config.accountId || "default",
           proxyUrl,
+          apiBaseUrl,
           chatId,
           isGroupChat,
         },
@@ -206,6 +223,7 @@ export function createWecomAgentInboundProcessor(deps = {}) {
         corpSecret,
         agentId,
         proxyUrl,
+        apiBaseUrl,
         fromUser,
         msgType,
         baseText: msgType === "text" ? commandBody : originalContent,
@@ -255,6 +273,17 @@ export function createWecomAgentInboundProcessor(deps = {}) {
       const storePath = runtimeContext.storePath;
       const ctxPayload = runtimeContext.ctxPayload;
       const runtimeAccountId = runtimeContext.accountId;
+      markWecomReliableInboundActivity({
+        mode: "agent",
+        accountId: runtimeAccountId,
+        sessionId,
+        fromUser,
+      });
+      await flushWecomSessionPendingReplies({
+        mode: "agent",
+        accountId: runtimeAccountId,
+        sessionId,
+      });
 
       api.logger.info?.(`wecom: dispatching message via agent runtime for session ${sessionId}`);
       await executeWecomAgentDispatchFlow({
@@ -272,14 +301,17 @@ export function createWecomAgentInboundProcessor(deps = {}) {
         corpSecret,
         agentId,
         proxyUrl,
+        apiBaseUrl,
         tempPathsToCleanup,
         resolveWecomReplyStreamingPolicy,
+        resolveWecomReasoningPolicy,
         asNumber,
         requireEnv,
         getByteLength,
         markdownToWecomText,
         autoSendWorkspaceFilesFromReplyText,
         sendWecomOutboundMediaBatch,
+        deliverAgentReply,
         withTimeout,
         isDispatchTimeoutError,
         isAgentFailureText,

package/src/wecom/agent-late-reply-runtime.js

@@ -13,6 +13,8 @@ function isTimeoutLikeReason(reason) {
 
 export function createWecomAgentLateReplyRuntime({
   dispatchState,
+  api,
+  fromUser,
   sessionId,
   msgId = "",
   transcriptSessionId = "",
@@ -21,6 +23,7 @@ export function createWecomAgentLateReplyRuntime({
   lateReplyWatchMs,
   lateReplyPollMs,
   sendTextToUser,
+  deliverAgentReply = null,
   ensureLateReplyWatcherRunner,
   activeWatchers,
   clearSessionStoreEntry = null,
@@ -72,7 +75,19 @@ export function createWecomAgentLateReplyRuntime({
     dispatchState.hasDeliveredReply = true;
     const reasonText = String(reason ?? "unknown").slice(0, 160);
     try {
-      await sendTextToUser(`抱歉，当前模型请求超时或网络不稳定，请稍后重试。\n故障信息: ${reasonText}`);
+      const fallbackText = `抱歉，当前模型请求超时或网络不稳定，请稍后重试。\n故障信息: ${reasonText}`;
+      if (typeof deliverAgentReply === "function") {
+        await deliverAgentReply({
+          api,
+          fromUser,
+          accountId,
+          sessionId,
+          text: fallbackText,
+          reason: "late-timeout-fallback",
+        });
+      } else {
+        await sendTextToUser(fallbackText);
+      }
     } finally {
       await autoResetTimedOutSession(reasonText);
     }
@@ -100,7 +115,20 @@ export function createWecomAgentLateReplyRuntime({
       markDelivered: () => {
         dispatchState.hasDeliveredReply = true;
       },
-      sendText: async (text) => sendTextToUser(text),
+      sendText: async (text) => {
+        if (typeof deliverAgentReply === "function") {
+          await deliverAgentReply({
+            api,
+            fromUser,
+            accountId,
+            sessionId,
+            text,
+            reason: "late-reply",
+          });
+          return;
+        }
+        await sendTextToUser(text);
+      },
       onFailureFallback: async (err) => sendFailureFallback(err),
     }).finally(() => {
       lateReplyWatcherPromise = null;

package/src/wecom/agent-text-sender.js

@@ -12,6 +12,7 @@ export function createWecomAgentTextSender({
   toUser,
   logger,
   proxyUrl,
+  apiBaseUrl,
 } = {}) {
   assertFunction("sendWecomText", sendWecomText);
 
@@ -24,6 +25,7 @@ export function createWecomAgentTextSender({
       text,
       logger,
       proxyUrl,
+      apiBaseUrl,
     });
   };
 }

package/src/wecom/api-client-core.js

@@ -1,3 +1,5 @@
+import { buildWecomApiUrl, isWecomApiUrl, normalizeWecomApiBaseUrl } from "./network-config.js";
+
 export function createWecomApiClientCore({
   fetchImpl = fetch,
   proxyAgentCtor,
@@ -11,17 +13,6 @@ export function createWecomApiClientCore({
   const proxyDispatcherCache = new Map();
   const invalidProxyCache = new Set();
 
-  function isWecomApiUrl(url) {
-    const raw = typeof url === "string" ? url : String(url ?? "");
-    if (!raw) return false;
-    try {
-      const parsed = new URL(raw);
-      return parsed.hostname === "qyapi.weixin.qq.com";
-    } catch {
-      return raw.includes("qyapi.weixin.qq.com");
-    }
-  }
-
   function isLikelyHttpProxyUrl(proxyUrl) {
     return /^https?:\/\/\S+$/i.test(proxyUrl);
   }
@@ -73,11 +64,11 @@ export function createWecomApiClientCore({
 
   function attachWecomProxyDispatcher(url, options = {}, { proxyUrl, logger } = {}) {
     const shouldForceProxy = options?.forceProxy === true;
-    if (!isWecomApiUrl(url) && !shouldForceProxy) return options;
+    if (!isWecomApiUrl(url, { apiBaseUrl: options?.apiBaseUrl }) && !shouldForceProxy) return options;
     if (options?.dispatcher) return options;
     const dispatcher = resolveWecomProxyDispatcher(proxyUrl, logger);
     if (!dispatcher) return options;
-    const { forceProxy, ...restOptions } = options || {};
+    const { forceProxy, apiBaseUrl, ...restOptions } = options || {};
     return {
       ...restOptions,
       dispatcher,
@@ -120,8 +111,9 @@ export function createWecomApiClientCore({
     throw lastError || new Error(`Fetch failed after ${maxRetries} retries`);
   }
 
-  async function getWecomAccessToken({ corpId, corpSecret, proxyUrl, logger }) {
-    const cacheKey = `${corpId}:${corpSecret}`;
+  async function getWecomAccessToken({ corpId, corpSecret, proxyUrl, logger, apiBaseUrl }) {
+    const normalizedApiBaseUrl = normalizeWecomApiBaseUrl(apiBaseUrl);
+    const cacheKey = `${corpId}:${corpSecret}:${normalizedApiBaseUrl}`;
     let cache = accessTokenCaches.get(cacheKey);
 
     if (!cache) {
@@ -140,8 +132,17 @@ export function createWecomApiClientCore({
 
     cache.refreshPromise = (async () => {
       try {
-        const tokenUrl = `https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=${encodeURIComponent(corpId)}&corpsecret=${encodeURIComponent(corpSecret)}`;
-        const tokenRes = await fetchWithRetry(tokenUrl, {}, 3, 1000, { proxyUrl, logger });
+        const tokenUrl = buildWecomApiUrl(
+          `/cgi-bin/gettoken?corpid=${encodeURIComponent(corpId)}&corpsecret=${encodeURIComponent(corpSecret)}`,
+          { apiBaseUrl: normalizedApiBaseUrl },
+        );
+        const tokenRes = await fetchWithRetry(
+          tokenUrl,
+          { apiBaseUrl: normalizedApiBaseUrl },
+          3,
+          1000,
+          { proxyUrl, logger },
+        );
         const tokenJson = await tokenRes.json();
         if (!tokenJson?.access_token) {
           throw new Error(`WeCom gettoken failed: ${JSON.stringify(tokenJson)}`);
@@ -166,6 +167,7 @@ export function createWecomApiClientCore({
     chatId,
     msgType,
     payload,
+    apiBaseUrl,
   }) {
     const isAppChat = Boolean(chatId);
     if (!isAppChat && !toUser && !toParty && !toTag) {
@@ -173,7 +175,10 @@ export function createWecomApiClientCore({
     }
     if (isAppChat) {
       return {
-        sendUrl: `https://qyapi.weixin.qq.com/cgi-bin/appchat/send?access_token=${encodeURIComponent(accessToken)}`,
+        sendUrl: buildWecomApiUrl(
+          `/cgi-bin/appchat/send?access_token=${encodeURIComponent(accessToken)}`,
+          { apiBaseUrl },
+        ),
         body: {
           chatid: chatId,
           msgtype: msgType,
@@ -184,7 +189,10 @@ export function createWecomApiClientCore({
       };
     }
     return {
-      sendUrl: `https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=${encodeURIComponent(accessToken)}`,
+      sendUrl: buildWecomApiUrl(
+        `/cgi-bin/message/send?access_token=${encodeURIComponent(accessToken)}`,
+        { apiBaseUrl },
+      ),
       body: {
         touser: toUser,
         toparty: toParty,