完善企业微信API

work/server/error.go

@@ -0,0 +1,66 @@
+package server
+
+import (
+	"reflect"
+	"strings"
+)
+
+// Error 错误
+type Error string
+
+const (
+	SDKValidateSignatureError Error = "签名验证错误"         //-40001
+	SDKParseJsonError         Error = "xml/json解析失败"   //-40002
+	SDKComputeSignatureError  Error = "sha加密生成签名失败"    //-40003
+	SDKIllegalAesKey          Error = "AESKey 非法"      //-40004
+	SDKValidateCorpidError    Error = "ReceiveId 校验错误" //-40005
+	SDKEncryptAESError        Error = "AES 加密失败"       //-40006
+	SDKDecryptAESError        Error = "AES 解密失败"       //-40007
+	SDKIllegalBuffer          Error = "解密后得到的buffer非法" //-40008
+	SDKEncodeBase64Error      Error = "base64加密失败"     //-40009
+	SDKDecodeBase64Error      Error = "base64解密失败"     //-40010
+	SDKGenJsonError           Error = "生成xml/json失败"   //-40011
+	SDKIllegalProtocolType    Error = "协议类型非法"         //-40012
+	SDKUnknownError           Error = "未知错误"
+)
+
+//Error 输出错误信息
+func (r Error) Error() string {
+	return reflect.ValueOf(r).String()
+}
+
+// NewSDKErr 初始化SDK实例错误信息
+func NewSDKErr(code int64, msgList ...string) Error {
+	switch code {
+	case 40001:
+		return SDKValidateSignatureError
+	case 40002:
+		return SDKParseJsonError
+	case 40003:
+		return SDKComputeSignatureError
+	case 40004:
+		return SDKIllegalAesKey
+	case 40005:
+		return SDKValidateCorpidError
+	case 40006:
+		return SDKEncryptAESError
+	case 40007:
+		return SDKDecryptAESError
+	case 40008:
+		return SDKIllegalBuffer
+	case 40009:
+		return SDKEncodeBase64Error
+	case 40010:
+		return SDKDecodeBase64Error
+	case 40011:
+		return SDKGenJsonError
+	case 40012:
+		return SDKIllegalProtocolType
+	default:
+		//返回未知的自定义错误
+		if len(msgList) > 0 {
+			return Error(strings.Join(msgList, ","))
+		}
+		return SDKUnknownError
+	}
+}

work/server/server.go

@@ -0,0 +1,269 @@
+package server
+
+import (
+	"encoding/xml"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"reflect"
+	"runtime/debug"
+	"strconv"
+
+	"github.com/silenceper/wechat/v2/work/context"
+	"github.com/silenceper/wechat/v2/work/message"
+	log "github.com/sirupsen/logrus"
+
+	"github.com/silenceper/wechat/v2/util"
+)
+
+//Server struct
+type Server struct {
+	*context.Context
+	Writer  http.ResponseWriter
+	Request *http.Request
+
+	skipValidate bool
+
+	openID string
+
+	messageHandler func(*message.MixMessage) *message.Reply
+
+	RequestRawXMLMsg  []byte
+	RequestMsg        *message.MixMessage
+	ResponseRawXMLMsg []byte
+	ResponseMsg       interface{}
+
+	isSafeMode bool
+	random     []byte
+	nonce      string
+	timestamp  int64
+}
+
+//NewServer init
+func NewServer(context *context.Context) *Server {
+	srv := new(Server)
+	srv.Context = context
+	return srv
+}
+
+func (srv *Server) VerifyURL() (string, error) {
+	timestamp := srv.Query("timestamp")
+	nonce := srv.Query("nonce")
+	signature := srv.Query("msg_signature")
+	echoStr := srv.Query("echostr")
+	log.Info("Signature----", util.CalSignature(srv.Token, timestamp, nonce))
+	log.Info("Signature----", util.Signature(srv.Token, timestamp, nonce, echoStr))
+	log.Info("srv.Token---", srv.Token)
+	if signature != util.Signature(srv.Token, timestamp, nonce, echoStr) {
+		return "", NewSDKErr(40001)
+	}
+	_, bData, err := util.DecryptMsg(srv.CorpID, echoStr, srv.EncodingAESKey)
+	if err != nil {
+		return "", NewSDKErr(40002)
+	}
+
+	return string(bData), nil
+}
+
+// SkipValidate set skip validate
+func (srv *Server) SkipValidate(skip bool) {
+	srv.skipValidate = skip
+}
+
+//Serve 处理微信的请求消息
+func (srv *Server) Serve() error {
+	if !srv.Validate() {
+		log.Error("Validate Signature Failed.")
+		return fmt.Errorf("请求校验失败")
+	}
+
+	echostr, exists := srv.GetQuery("echostr")
+	if exists {
+		srv.String(echostr)
+		return nil
+	}
+
+	response, err := srv.handleRequest()
+	if err != nil {
+		return err
+	}
+
+	//debug print request msg
+	log.Debugf("request msg =%s", string(srv.RequestRawXMLMsg))
+
+	return srv.buildResponse(response)
+}
+
+//Validate 校验请求是否合法
+func (srv *Server) Validate() bool {
+	if srv.skipValidate {
+		return true
+	}
+	timestamp := srv.Query("timestamp")
+	nonce := srv.Query("nonce")
+	signature := srv.Query("msg_signature")
+	log.Debugf("validate signature, timestamp=%s, nonce=%s", timestamp, nonce)
+	return signature == util.Signature(srv.Token, timestamp, nonce)
+}
+
+//HandleRequest 处理微信的请求
+func (srv *Server) handleRequest() (reply *message.Reply, err error) {
+	//set isSafeMode
+	srv.isSafeMode = false
+	encryptType := srv.Query("encrypt_type")
+	if encryptType == "aes" {
+		srv.isSafeMode = true
+	}
+
+	//set openID
+	srv.openID = srv.Query("openid")
+
+	var msg interface{}
+	msg, err = srv.getMessage()
+	if err != nil {
+		return
+	}
+	mixMessage, success := msg.(*message.MixMessage)
+	if !success {
+		err = errors.New("消息类型转换失败")
+	}
+	srv.RequestMsg = mixMessage
+	reply = srv.messageHandler(mixMessage)
+	return
+}
+
+//GetOpenID return openID
+func (srv *Server) GetOpenID() string {
+	return srv.openID
+}
+
+//getMessage 解析微信返回的消息
+func (srv *Server) getMessage() (interface{}, error) {
+	var rawXMLMsgBytes []byte
+	var err error
+	if srv.isSafeMode {
+		var encryptedXMLMsg message.EncryptedXMLMsg
+		if err := xml.NewDecoder(srv.Request.Body).Decode(&encryptedXMLMsg); err != nil {
+			return nil, fmt.Errorf("从body中解析xml失败,err=%v", err)
+		}
+
+		//验证消息签名
+		timestamp := srv.Query("timestamp")
+		srv.timestamp, err = strconv.ParseInt(timestamp, 10, 32)
+		if err != nil {
+			return nil, err
+		}
+		nonce := srv.Query("nonce")
+		srv.nonce = nonce
+		msgSignature := srv.Query("msg_signature")
+		msgSignatureGen := util.Signature(srv.Token, timestamp, nonce, encryptedXMLMsg.EncryptedMsg)
+		if msgSignature != msgSignatureGen {
+			return nil, fmt.Errorf("消息不合法，验证签名失败")
+		}
+
+		//解密
+		srv.random, rawXMLMsgBytes, err = util.DecryptMsg(srv.CorpID, encryptedXMLMsg.EncryptedMsg, srv.EncodingAESKey)
+		if err != nil {
+			return nil, fmt.Errorf("消息解密失败, err=%v", err)
+		}
+	} else {
+		rawXMLMsgBytes, err = ioutil.ReadAll(srv.Request.Body)
+		if err != nil {
+			return nil, fmt.Errorf("从body中解析xml失败, err=%v", err)
+		}
+	}
+
+	srv.RequestRawXMLMsg = rawXMLMsgBytes
+
+	return srv.parseRequestMessage(rawXMLMsgBytes)
+}
+
+func (srv *Server) parseRequestMessage(rawXMLMsgBytes []byte) (msg *message.MixMessage, err error) {
+	msg = &message.MixMessage{}
+	err = xml.Unmarshal(rawXMLMsgBytes, msg)
+	return
+}
+
+//SetMessageHandler 设置用户自定义的回调方法
+func (srv *Server) SetMessageHandler(handler func(*message.MixMessage) *message.Reply) {
+	srv.messageHandler = handler
+}
+
+func (srv *Server) buildResponse(reply *message.Reply) (err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = fmt.Errorf("panic error: %v\n%s", e, debug.Stack())
+		}
+	}()
+	if reply == nil {
+		//do nothing
+		return nil
+	}
+	msgType := reply.MsgType
+	switch msgType {
+	case message.MsgTypeText:
+	case message.MsgTypeImage:
+	case message.MsgTypeVoice:
+	case message.MsgTypeVideo:
+	case message.MsgTypeMusic:
+	case message.MsgTypeNews:
+	case message.MsgTypeTransfer:
+	default:
+		err = message.ErrUnsupportReply
+		return
+	}
+
+	msgData := reply.MsgData
+	value := reflect.ValueOf(msgData)
+	//msgData must be a ptr
+	kind := value.Kind().String()
+	if kind != "ptr" {
+		return message.ErrUnsupportReply
+	}
+
+	params := make([]reflect.Value, 1)
+	params[0] = reflect.ValueOf(srv.RequestMsg.FromUserName)
+	value.MethodByName("SetToUserName").Call(params)
+
+	params[0] = reflect.ValueOf(srv.RequestMsg.ToUserName)
+	value.MethodByName("SetFromUserName").Call(params)
+
+	params[0] = reflect.ValueOf(msgType)
+	value.MethodByName("SetMsgType").Call(params)
+
+	params[0] = reflect.ValueOf(util.GetCurrTS())
+	value.MethodByName("SetCreateTime").Call(params)
+
+	srv.ResponseMsg = msgData
+	srv.ResponseRawXMLMsg, err = xml.Marshal(msgData)
+	return
+}
+
+//Send 将自定义的消息发送
+func (srv *Server) Send() (err error) {
+	replyMsg := srv.ResponseMsg
+	log.Debugf("response msg =%+v", replyMsg)
+	if srv.isSafeMode {
+		//安全模式下对消息进行加密
+		var encryptedMsg []byte
+		encryptedMsg, err = util.EncryptMsg(srv.random, srv.ResponseRawXMLMsg, srv.CorpID, srv.EncodingAESKey)
+		if err != nil {
+			return
+		}
+		//TODO 如果获取不到timestamp nonce 则自己生成
+		timestamp := srv.timestamp
+		timestampStr := strconv.FormatInt(timestamp, 10)
+		msgSignature := util.Signature(srv.Token, timestampStr, srv.nonce, string(encryptedMsg))
+		replyMsg = message.ResponseEncryptedXMLMsg{
+			EncryptedMsg: string(encryptedMsg),
+			MsgSignature: msgSignature,
+			Timestamp:    timestamp,
+			Nonce:        srv.nonce,
+		}
+	}
+	if replyMsg != nil {
+		srv.XML(replyMsg)
+	}
+	return
+}

work/server/util.go

@@ -0,0 +1,58 @@
+package server
+
+import (
+	"encoding/xml"
+	"net/http"
+)
+
+var xmlContentType = []string{"application/xml; charset=utf-8"}
+var plainContentType = []string{"text/plain; charset=utf-8"}
+
+func writeContextType(w http.ResponseWriter, value []string) {
+	header := w.Header()
+	if val := header["Content-Type"]; len(val) == 0 {
+		header["Content-Type"] = value
+	}
+}
+
+//Render render from bytes
+func (srv *Server) Render(bytes []byte) {
+	//debug
+	//fmt.Println("response msg = ", string(bytes))
+	srv.Writer.WriteHeader(200)
+	_, err := srv.Writer.Write(bytes)
+	if err != nil {
+		panic(err)
+	}
+}
+
+//String render from string
+func (srv *Server) String(str string) {
+	writeContextType(srv.Writer, plainContentType)
+	srv.Render([]byte(str))
+}
+
+//XML render to xml
+func (srv *Server) XML(obj interface{}) {
+	writeContextType(srv.Writer, xmlContentType)
+	bytes, err := xml.Marshal(obj)
+	if err != nil {
+		panic(err)
+	}
+	srv.Render(bytes)
+}
+
+// Query returns the keyed url query value if it exists
+func (srv *Server) Query(key string) string {
+	value, _ := srv.GetQuery(key)
+	return value
+}
+
+// GetQuery is like Query(), it returns the keyed url query value
+func (srv *Server) GetQuery(key string) (string, bool) {
+	req := srv.Request
+	if values, ok := req.URL.Query()[key]; ok && len(values) > 0 {
+		return values[0], true
+	}
+	return "", false
+}