From 20a8183e88c8ec249eb799fdc237bc2b9bfd41a4 Mon Sep 17 00:00:00 2001
From: markwang <617514823@qq.com>
Date: Tue, 27 Jan 2026 09:57:57 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E4=BC=81=E4=B8=9A=E5=BE=AE=E4=BF=A1-?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E4=BA=8C=E6=AC=A1=E9=AA=8C=E8=AF=81=20(#877)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 work/oauth/oauth.go | 58 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/work/oauth/oauth.go b/work/oauth/oauth.go
index add4b02..bf1a6cf 100644
--- a/work/oauth/oauth.go
+++ b/work/oauth/oauth.go
@@ -27,6 +27,10 @@ var (
 	getUserInfoURL = "https://qyapi.weixin.qq.com/cgi-bin/auth/getuserinfo?access_token=%s&code=%s"
 	// getUserDetailURL 获取访问用户敏感信息
 	getUserDetailURL = "https://qyapi.weixin.qq.com/cgi-bin/auth/getuserdetail?access_token=%s"
+	// getTfaInfoURL 获取用户二次验证信息
+	getTfaInfoURL = "https://qyapi.weixin.qq.com/cgi-bin/auth/get_tfa_info?access_token=%s"
+	// tfaSuccURL 使用二次验证
+	tfaSuccURL = "https://qyapi.weixin.qq.com/cgi-bin/user/tfa_succ?access_token=%s"
 )
 
 // NewOauth new init oauth
@@ -163,3 +167,57 @@ func (ctr *Oauth) GetUserDetail(req *GetUserDetailRequest) (*GetUserDetailRespon
 	err = util.DecodeWithError(response, result, "GetUserDetail")
 	return result, err
 }
+
+// GetTfaInfoRequest 获取用户二次验证信息请求
+type GetTfaInfoRequest struct {
+	Code string `json:"code"`
+}
+
+// GetTfaInfoResponse 获取用户二次验证信息响应
+type GetTfaInfoResponse struct {
+	util.CommonError
+	UserID  string `json:"userid"`
+	TfaCode string `json:"tfa_code"`
+}
+
+// GetTfaInfo 获取用户二次验证信息
+// @see https://developer.work.weixin.qq.com/document/path/99499
+func (ctr *Oauth) GetTfaInfo(req *GetTfaInfoRequest) (*GetTfaInfoResponse, error) {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = ctr.GetAccessToken(); err != nil {
+		return nil, err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(getTfaInfoURL, accessToken), req); err != nil {
+		return nil, err
+	}
+	result := &GetTfaInfoResponse{}
+	err = util.DecodeWithError(response, result, "GetTfaInfo")
+	return result, err
+}
+
+// TfaSuccRequest 使用二次验证请求
+type TfaSuccRequest struct {
+	UserID  string `json:"userid"`
+	TfaCode string `json:"tfa_code"`
+}
+
+// TfaSucc 使用二次验证
+// @see https://developer.work.weixin.qq.com/document/path/99500
+func (ctr *Oauth) TfaSucc(req *TfaSuccRequest) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = ctr.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(tfaSuccURL, accessToken), req); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "TfaSucc")
+}