fix: work js-api signature (#818)

* feat: enhance WorkAccessToken to include AgentID for improved token management

- Added AgentID field to WorkAccessToken struct.
- Updated NewWorkAccessToken function to accept AgentID as a parameter.
- Modified access token cache key to incorporate AgentID, ensuring unique cache entries per agent.

This change improves the handling of access tokens in a multi-agent environment.

* refactor: enhance WorkAccessToken to improve cache key handling

- Updated the AgentID field in WorkAccessToken struct to clarify its optional nature for distinguishing applications.
- Modified the access token cache key construction to support both new and legacy formats based on the presence of AgentID.
- Added comments for better understanding of the cache key logic and its compatibility with historical versions.

This change improves the flexibility and clarity of access token management in multi-agent scenarios.

* feat(work): add JsSdk method for JavaScript SDK integration

- Introduced a new JsSdk method in the Work struct to facilitate the creation of a Js instance.
- This addition enhances the functionality of the Work module by enabling JavaScript SDK support.

This change improves the integration capabilities for developers working with the WeChat Work API.

* fix gofmt

* refactor(jsapi): simplify signature generation in GetConfig and GetAgentConfig methods

- Replaced the use of strconv to format the signature string with fmt.Sprintf for improved readability.
- Updated the signature generation logic in both GetConfig and GetAgentConfig methods to use a single formatted string.

This change enhances code clarity and maintains functionality in the signature generation process.

* fix gofmt

* fix gofmt

* fix gofmt

* fix gofmt

* refactor(js): correct initialization of Config in GetConfig method

- Removed redundant initialization of the Config variable and ensured it is instantiated correctly before use.
- This change improves code clarity and maintains the intended functionality of the GetConfig method.

credential/access_token.go

@@ -7,6 +7,16 @@ type AccessTokenHandle interface {
 	GetAccessToken() (accessToken string, err error)
 }
 
+// AccessTokenCompatibleHandle 同时实现 AccessTokenHandle 和 AccessTokenContextHandle
+type AccessTokenCompatibleHandle struct {
+	AccessTokenHandle
+}
+
+// GetAccessTokenContext 获取access_token,先从cache中获取，没有则从服务端获取
+func (c AccessTokenCompatibleHandle) GetAccessTokenContext(_ context.Context) (accessToken string, err error) {
+	return c.GetAccessToken()
+}
+
 // AccessTokenContextHandle AccessToken 接口
 type AccessTokenContextHandle interface {
 	AccessTokenHandle

credential/default_access_token.go

@@ -101,10 +101,11 @@ func (ak *DefaultAccessToken) GetAccessTokenContext(ctx context.Context) (access
 // 不强制更新access_token,可用于不同环境不同服务而不需要分布式锁以及公用缓存，避免access_token争抢
 // https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/mp-access-token/getStableAccessToken.html
 type StableAccessToken struct {
-	appID          string
-	appSecret      string
-	cacheKeyPrefix string
-	cache          cache.Cache
+	appID           string
+	appSecret       string
+	cacheKeyPrefix  string
+	cache           cache.Cache
+	accessTokenLock *sync.Mutex
 }
 
 // NewStableAccessToken new StableAccessToken
@@ -113,10 +114,11 @@ func NewStableAccessToken(appID, appSecret, cacheKeyPrefix string, cache cache.C
 		panic("cache is need")
 	}
 	return &StableAccessToken{
-		appID:          appID,
-		appSecret:      appSecret,
-		cache:          cache,
-		cacheKeyPrefix: cacheKeyPrefix,
+		appID:           appID,
+		appSecret:       appSecret,
+		cache:           cache,
+		cacheKeyPrefix:  cacheKeyPrefix,
+		accessTokenLock: new(sync.Mutex),
 	}
 }
 
@@ -130,7 +132,20 @@ func (ak *StableAccessToken) GetAccessTokenContext(ctx context.Context) (accessT
 	// 先从cache中取
 	accessTokenCacheKey := fmt.Sprintf("%s_stable_access_token_%s", ak.cacheKeyPrefix, ak.appID)
 	if val := ak.cache.Get(accessTokenCacheKey); val != nil {
-		return val.(string), nil
+		if accessToken = val.(string); accessToken != "" {
+			return
+		}
+	}
+
+	// 加上lock，是为了防止在并发获取token时，cache刚好失效，导致从微信服务器上获取到不同token
+	ak.accessTokenLock.Lock()
+	defer ak.accessTokenLock.Unlock()
+
+	// 双检，防止重复从微信服务器获取
+	if val := ak.cache.Get(accessTokenCacheKey); val != nil {
+		if accessToken = val.(string); accessToken != "" {
+			return
+		}
 	}
 
 	// cache失效，从微信服务器获取
@@ -174,19 +189,27 @@ func (ak *StableAccessToken) GetAccessTokenDirectly(ctx context.Context, forceRe
 type WorkAccessToken struct {
 	CorpID          string
 	CorpSecret      string
+	AgentID         string // 可选，用于区分不同应用
 	cacheKeyPrefix  string
 	cache           cache.Cache
 	accessTokenLock *sync.Mutex
 }
 
-// NewWorkAccessToken new WorkAccessToken
-func NewWorkAccessToken(corpID, corpSecret, cacheKeyPrefix string, cache cache.Cache) AccessTokenContextHandle {
+// NewWorkAccessToken new WorkAccessToken (保持向后兼容)
+func NewWorkAccessToken(corpID, corpSecret, agentID, cacheKeyPrefix string, cache cache.Cache) AccessTokenContextHandle {
+	// 调用新方法，保持兼容性
+	return NewWorkAccessTokenWithAgentID(corpID, corpSecret, agentID, cacheKeyPrefix, cache)
+}
+
+// NewWorkAccessTokenWithAgentID new WorkAccessToken with agentID
+func NewWorkAccessTokenWithAgentID(corpID, corpSecret, agentID, cacheKeyPrefix string, cache cache.Cache) AccessTokenContextHandle {
 	if cache == nil {
-		panic("cache the not exist")
+		panic("cache is needed")
 	}
 	return &WorkAccessToken{
 		CorpID:          corpID,
 		CorpSecret:      corpSecret,
+		AgentID:         agentID,
 		cache:           cache,
 		cacheKeyPrefix:  cacheKeyPrefix,
 		accessTokenLock: new(sync.Mutex),
@@ -203,7 +226,18 @@ func (ak *WorkAccessToken) GetAccessTokenContext(ctx context.Context) (accessTok
 	// 加上lock，是为了防止在并发获取token时，cache刚好失效，导致从微信服务器上获取到不同token
 	ak.accessTokenLock.Lock()
 	defer ak.accessTokenLock.Unlock()
-	accessTokenCacheKey := fmt.Sprintf("%s_access_token_%s", ak.cacheKeyPrefix, ak.CorpID)
+
+	// 构建缓存key
+	var accessTokenCacheKey string
+
+	if ak.AgentID != "" {
+		// 如果设置了AgentID，使用新的key格式
+		accessTokenCacheKey = fmt.Sprintf("%s_access_token_%s_%s", ak.cacheKeyPrefix, ak.CorpID, ak.AgentID)
+	} else {
+		// 兼容历史版本的key格式
+		accessTokenCacheKey = fmt.Sprintf("%s_access_token_%s", ak.cacheKeyPrefix, ak.CorpID)
+	}
+
 	val := ak.cache.Get(accessTokenCacheKey)
 	if val != nil {
 		accessToken = val.(string)
@@ -219,6 +253,9 @@ func (ak *WorkAccessToken) GetAccessTokenContext(ctx context.Context) (accessTok
 
 	expires := resAccessToken.ExpiresIn - 1500
 	err = ak.cache.Set(accessTokenCacheKey, resAccessToken.AccessToken, time.Duration(expires)*time.Second)
+	if err != nil {
+		return
+	}
 
 	accessToken = resAccessToken.AccessToken
 	return

credential/work_js_ticket.go

@@ -0,0 +1,118 @@
+package credential
+
+import (
+	"encoding/json"
+	"fmt"
+	"sync"
+	"time"
+
+	"github.com/silenceper/wechat/v2/cache"
+	"github.com/silenceper/wechat/v2/util"
+)
+
+// TicketType ticket类型
+type TicketType int
+
+const (
+	// TicketTypeCorpJs 企业jsapi ticket
+	TicketTypeCorpJs TicketType = iota
+	// TicketTypeAgentJs 应用jsapi ticket
+	TicketTypeAgentJs
+)
+
+// 企业微信相关的 ticket URL
+const (
+	// 企业微信 jsapi ticket
+	getWorkJsTicketURL = "https://qyapi.weixin.qq.com/cgi-bin/get_jsapi_ticket?access_token=%s"
+	// 企业微信应用 jsapi ticket
+	getWorkAgentJsTicketURL = "https://qyapi.weixin.qq.com/cgi-bin/ticket/get?access_token=%s&type=agent_config"
+)
+
+// WorkJsTicket 企业微信js ticket获取
+type WorkJsTicket struct {
+	corpID          string
+	agentID         string
+	cacheKeyPrefix  string
+	cache           cache.Cache
+	jsAPITicketLock *sync.Mutex
+}
+
+// NewWorkJsTicket new WorkJsTicket
+func NewWorkJsTicket(corpID, agentID, cacheKeyPrefix string, cache cache.Cache) *WorkJsTicket {
+	return &WorkJsTicket{
+		corpID:          corpID,
+		agentID:         agentID,
+		cache:           cache,
+		cacheKeyPrefix:  cacheKeyPrefix,
+		jsAPITicketLock: new(sync.Mutex),
+	}
+}
+
+// GetTicket 根据类型获取相应的jsapi_ticket
+func (js *WorkJsTicket) GetTicket(accessToken string, ticketType TicketType) (ticketStr string, err error) {
+	var cacheKey string
+	switch ticketType {
+	case TicketTypeCorpJs:
+		cacheKey = fmt.Sprintf("%s_corp_jsapi_ticket_%s", js.cacheKeyPrefix, js.corpID)
+	case TicketTypeAgentJs:
+		if js.agentID == "" {
+			err = fmt.Errorf("agentID is empty")
+			return
+		}
+		cacheKey = fmt.Sprintf("%s_agent_jsapi_ticket_%s_%s", js.cacheKeyPrefix, js.corpID, js.agentID)
+	default:
+		err = fmt.Errorf("unsupported ticket type: %v", ticketType)
+		return
+	}
+
+	if val := js.cache.Get(cacheKey); val != nil {
+		return val.(string), nil
+	}
+
+	js.jsAPITicketLock.Lock()
+	defer js.jsAPITicketLock.Unlock()
+
+	// 双检，防止重复从微信服务器获取
+	if val := js.cache.Get(cacheKey); val != nil {
+		return val.(string), nil
+	}
+
+	var ticket ResTicket
+	ticket, err = js.getTicketFromServer(accessToken, ticketType)
+	if err != nil {
+		return
+	}
+	expires := ticket.ExpiresIn - 1500
+	err = js.cache.Set(cacheKey, ticket.Ticket, time.Duration(expires)*time.Second)
+	ticketStr = ticket.Ticket
+	return
+}
+
+// getTicketFromServer 从服务器中获取ticket
+func (js *WorkJsTicket) getTicketFromServer(accessToken string, ticketType TicketType) (ticket ResTicket, err error) {
+	var url string
+	switch ticketType {
+	case TicketTypeCorpJs:
+		url = fmt.Sprintf(getWorkJsTicketURL, accessToken)
+	case TicketTypeAgentJs:
+		url = fmt.Sprintf(getWorkAgentJsTicketURL, accessToken)
+	default:
+		err = fmt.Errorf("unsupported ticket type: %v", ticketType)
+		return
+	}
+
+	var response []byte
+	response, err = util.HTTPGet(url)
+	if err != nil {
+		return
+	}
+	err = json.Unmarshal(response, &ticket)
+	if err != nil {
+		return
+	}
+	if ticket.ErrCode != 0 {
+		err = fmt.Errorf("getTicket Error : errcode=%d , errmsg=%s", ticket.ErrCode, ticket.ErrMsg)
+		return
+	}
+	return
+}

miniprogram/business/phone_number.go

@@ -1,6 +1,7 @@
 package business
 
 import (
+	"context"
 	"fmt"
 
 	"github.com/silenceper/wechat/v2/util"
@@ -28,13 +29,18 @@ type PhoneInfo struct {
 
 // GetPhoneNumber code换取用户手机号。 每个code只能使用一次，code的有效期为5min
 func (business *Business) GetPhoneNumber(in *GetPhoneNumberRequest) (info PhoneInfo, err error) {
-	accessToken, err := business.GetAccessToken()
+	return business.GetPhoneNumberWithContext(context.Background(), in)
+}
+
+// GetPhoneNumberWithContext 利用context将code换取用户手机号。 每个code只能使用一次，code的有效期为5min
+func (business *Business) GetPhoneNumberWithContext(ctx context.Context, in *GetPhoneNumberRequest) (info PhoneInfo, err error) {
+	accessToken, err := business.GetAccessTokenContext(ctx)
 	if err != nil {
 		return
 	}
 
 	uri := fmt.Sprintf(getPhoneNumberURL, accessToken)
-	response, err := util.PostJSON(uri, in)
+	response, err := util.PostJSONContext(ctx, uri, in)
 	if err != nil {
 		return
 	}

miniprogram/config/config.go

@@ -14,4 +14,5 @@ type Config struct {
 	Token          string `json:"token"`            // token
 	EncodingAESKey string `json:"encoding_aes_key"` // EncodingAESKey
 	Cache          cache.Cache
+	UseStableAK    bool // use the stable access_token
 }

miniprogram/context/context.go

@@ -8,5 +8,5 @@ import (
 // Context struct
 type Context struct {
 	*config.Config
-	credential.AccessTokenHandle
+	credential.AccessTokenContextHandle
 }

miniprogram/miniprogram.go

@@ -34,17 +34,30 @@ type MiniProgram struct {
 
 // NewMiniProgram 实例化小程序 API
 func NewMiniProgram(cfg *config.Config) *MiniProgram {
-	defaultAkHandle := credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, credential.CacheKeyMiniProgramPrefix, cfg.Cache)
+	var defaultAkHandle credential.AccessTokenContextHandle
+	const cacheKeyPrefix = credential.CacheKeyMiniProgramPrefix
+	if cfg.UseStableAK {
+		defaultAkHandle = credential.NewStableAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	} else {
+		defaultAkHandle = credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	}
 	ctx := &context.Context{
-		Config:            cfg,
-		AccessTokenHandle: defaultAkHandle,
+		Config:                   cfg,
+		AccessTokenContextHandle: defaultAkHandle,
 	}
 	return &MiniProgram{ctx}
 }
 
 // SetAccessTokenHandle 自定义 access_token 获取方式
 func (miniProgram *MiniProgram) SetAccessTokenHandle(accessTokenHandle credential.AccessTokenHandle) {
-	miniProgram.ctx.AccessTokenHandle = accessTokenHandle
+	miniProgram.ctx.AccessTokenContextHandle = credential.AccessTokenCompatibleHandle{
+		AccessTokenHandle: accessTokenHandle,
+	}
+}
+
+// SetAccessTokenContextHandle 自定义 access_token 获取方式
+func (miniProgram *MiniProgram) SetAccessTokenContextHandle(accessTokenContextHandle credential.AccessTokenContextHandle) {
+	miniProgram.ctx.AccessTokenContextHandle = accessTokenContextHandle
 }
 
 // GetContext get Context

miniprogram/subscribe/subscribe.go

@@ -1,6 +1,7 @@
 package subscribe
 
 import (
+	"encoding/json"
 	"fmt"
 
 	"github.com/silenceper/wechat/v2/miniprogram/context"
@@ -70,6 +71,13 @@ type TemplateList struct {
 	Data []TemplateItem `json:"data"`
 }
 
+// resTemplateSend 发送获取 msg id
+type resTemplateSend struct {
+	util.CommonError
+
+	MsgID int64 `json:"msgid"`
+}
+
 // Send 发送订阅消息
 func (s *Subscribe) Send(msg *Message) (err error) {
 	var accessToken string
@@ -85,6 +93,33 @@ func (s *Subscribe) Send(msg *Message) (err error) {
 	return util.DecodeWithCommonError(response, "Send")
 }
 
+// SendGetMsgID 发送订阅消息返回 msgid
+func (s *Subscribe) SendGetMsgID(msg *Message) (msgID int64, err error) {
+	var accessToken string
+	accessToken, err = s.GetAccessToken()
+	if err != nil {
+		return
+	}
+	uri := fmt.Sprintf("%s?access_token=%s", subscribeSendURL, accessToken)
+	response, err := util.PostJSON(uri, msg)
+	if err != nil {
+		return
+	}
+
+	var result resTemplateSend
+	if err = json.Unmarshal(response, &result); err != nil {
+		return
+	}
+	if result.ErrCode != 0 {
+		err = fmt.Errorf("template msg send error : errcode=%v , errmsg=%v", result.ErrCode, result.ErrMsg)
+		return
+	}
+
+	msgID = result.MsgID
+
+	return
+}
+
 // ListTemplates 获取当前帐号下的个人模板列表
 // https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/subscribe-message/subscribeMessage.getTemplateList.html
 func (s *Subscribe) ListTemplates() (*TemplateList, error) {

miniprogram/urlscheme/urlscheme.go

@@ -54,6 +54,7 @@ type USParams struct {
 	ExpireType     TExpireType `json:"expire_type"`
 	ExpireTime     int64       `json:"expire_time"`
 	ExpireInterval int         `json:"expire_interval"`
+	IsExpire       bool        `json:"is_expire,omitempty"`
 }
 
 // USResult 返回的结果

officialaccount/config/config.go

@@ -11,4 +11,5 @@ type Config struct {
 	Token          string `json:"token"`            // token
 	EncodingAESKey string `json:"encoding_aes_key"` // EncodingAESKey
 	Cache          cache.Cache
+	UseStableAK    bool // use the stable access_token
 }

officialaccount/js/js.go

@@ -39,7 +39,6 @@ func (js *Js) SetJsTicketHandle(ticketHandle credential.JsTicketHandle) {
 // GetConfig 获取jssdk需要的配置参数
 // uri 为当前网页地址
 func (js *Js) GetConfig(uri string) (config *Config, err error) {
-	config = new(Config)
 	var accessToken string
 	accessToken, err = js.GetAccessToken()
 	if err != nil {
@@ -50,12 +49,11 @@ func (js *Js) GetConfig(uri string) (config *Config, err error) {
 	if err != nil {
 		return
 	}
-
 	nonceStr := util.RandomStr(16)
 	timestamp := util.GetCurrTS()
 	str := fmt.Sprintf("jsapi_ticket=%s&noncestr=%s&timestamp=%d&url=%s", ticketStr, nonceStr, timestamp, uri)
 	sigStr := util.Signature(str)
-
+	config = new(Config)
 	config.AppID = js.AppID
 	config.NonceStr = nonceStr
 	config.Timestamp = timestamp

officialaccount/officialaccount.go

@@ -49,7 +49,13 @@ type OfficialAccount struct {
 
 // NewOfficialAccount 实例化公众号API
 func NewOfficialAccount(cfg *config.Config) *OfficialAccount {
-	defaultAkHandle := credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, credential.CacheKeyOfficialAccountPrefix, cfg.Cache)
+	var defaultAkHandle credential.AccessTokenContextHandle
+	const cacheKeyPrefix = credential.CacheKeyOfficialAccountPrefix
+	if cfg.UseStableAK {
+		defaultAkHandle = credential.NewStableAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	} else {
+		defaultAkHandle = credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	}
 	ctx := &context.Context{
 		Config:            cfg,
 		AccessTokenHandle: defaultAkHandle,

openplatform/miniprogram/miniprogram.go

@@ -1,6 +1,7 @@
 package miniprogram
 
 import (
+	originalContext "context"
 	"fmt"
 
 	"github.com/silenceper/wechat/v2/credential"
@@ -37,6 +38,22 @@ func (miniProgram *MiniProgram) GetAccessToken() (string, error) {
 	return akRes.AccessToken, nil
 }
 
+// GetAccessTokenContext 利用ctx获取ak
+func (miniProgram *MiniProgram) GetAccessTokenContext(ctx originalContext.Context) (string, error) {
+	ak, akErr := miniProgram.openContext.GetAuthrAccessTokenContext(ctx, miniProgram.AppID)
+	if akErr == nil {
+		return ak, nil
+	}
+	if miniProgram.authorizerRefreshToken == "" {
+		return "", fmt.Errorf("please set the authorizer_refresh_token first")
+	}
+	akRes, akResErr := miniProgram.GetComponent().RefreshAuthrTokenContext(ctx, miniProgram.AppID, miniProgram.authorizerRefreshToken)
+	if akResErr != nil {
+		return "", akResErr
+	}
+	return akRes.AccessToken, nil
+}
+
 // SetAuthorizerRefreshToken 设置代执操作业务授权账号authorizer_refresh_token
 func (miniProgram *MiniProgram) SetAuthorizerRefreshToken(authorizerRefreshToken string) *MiniProgram {
 	miniProgram.authorizerRefreshToken = authorizerRefreshToken
@@ -68,7 +85,7 @@ func (miniProgram *MiniProgram) GetBasic() *basic.Basic {
 // GetURLLink 小程序URL Link接口 调用前需确认已调用 SetAuthorizerRefreshToken 避免由于缓存中 authorizer_access_token 过期执行中断
 func (miniProgram *MiniProgram) GetURLLink() *urllink.URLLink {
 	return urllink.NewURLLink(&miniContext.Context{
-		AccessTokenHandle: miniProgram,
+		AccessTokenContextHandle: miniProgram,
 	})
 }
 

work/addresslist/department.go

@@ -9,12 +9,16 @@ import (
 const (
 	// departmentCreateURL 创建部门
 	departmentCreateURL = "https://qyapi.weixin.qq.com/cgi-bin/department/create?access_token=%s"
+	// departmentUpdateURL 更新部门
+	departmentUpdateURL = "https://qyapi.weixin.qq.com/cgi-bin/department/update?access_token=%s"
+	// departmentDeleteURL 删除部门
+	departmentDeleteURL = "https://qyapi.weixin.qq.com/cgi-bin/department/delete?access_token=%s&id=%d"
 	// departmentSimpleListURL 获取子部门ID列表
 	departmentSimpleListURL = "https://qyapi.weixin.qq.com/cgi-bin/department/simplelist?access_token=%s&id=%d"
 	// departmentListURL 获取部门列表
 	departmentListURL     = "https://qyapi.weixin.qq.com/cgi-bin/department/list?access_token=%s"
 	departmentListByIDURL = "https://qyapi.weixin.qq.com/cgi-bin/department/list?access_token=%s&id=%d"
-	// departmentGetURL 获取单个部门详情 https://qyapi.weixin.qq.com/cgi-bin/department/get?access_token=ACCESS_TOKEN&id=ID
+	// departmentGetURL 获取单个部门详情
 	departmentGetURL = "https://qyapi.weixin.qq.com/cgi-bin/department/get?access_token=%s&id=%d"
 )
 
@@ -85,6 +89,49 @@ func (r *Client) DepartmentCreate(req *DepartmentCreateRequest) (*DepartmentCrea
 	return result, err
 }
 
+// DepartmentUpdateRequest 更新部门请求
+type DepartmentUpdateRequest struct {
+	ID       int    `json:"id"`
+	Name     string `json:"name,omitempty"`
+	NameEn   string `json:"name_en,omitempty"`
+	ParentID int    `json:"parentid,omitempty"`
+	Order    int    `json:"order,omitempty"`
+}
+
+// DepartmentUpdate 更新部门
+// see https://developer.work.weixin.qq.com/document/path/90206
+func (r *Client) DepartmentUpdate(req *DepartmentUpdateRequest) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(departmentUpdateURL, accessToken), req); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "DepartmentUpdate")
+}
+
+// DepartmentDelete 删除部门
+// @see https://developer.work.weixin.qq.com/document/path/90207
+func (r *Client) DepartmentDelete(departmentID int) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.HTTPGet(fmt.Sprintf(departmentDeleteURL, accessToken, departmentID)); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "DepartmentDelete")
+}
+
 // DepartmentSimpleList 获取子部门ID列表
 // see https://developer.work.weixin.qq.com/document/path/95350
 func (r *Client) DepartmentSimpleList(departmentID int) ([]*DepartmentID, error) {

work/addresslist/user.go

@@ -12,6 +12,8 @@ const (
 	userSimpleListURL = "https://qyapi.weixin.qq.com/cgi-bin/user/simplelist"
 	// userCreateURL 创建成员
 	userCreateURL = "https://qyapi.weixin.qq.com/cgi-bin/user/create?access_token=%s"
+	// userUpdateURL 更新成员
+	userUpdateURL = "https://qyapi.weixin.qq.com/cgi-bin/user/update?access_token=%s"
 	// userGetURL 读取成员
 	userGetURL = "https://qyapi.weixin.qq.com/cgi-bin/user/get"
 	// userDeleteURL 删除成员
@@ -154,6 +156,51 @@ func (r *Client) UserCreate(req *UserCreateRequest) (*UserCreateResponse, error)
 	return result, err
 }
 
+// UserUpdateRequest 更新成员请求
+type UserUpdateRequest struct {
+	UserID         string   `json:"userid"`
+	NewUserID      string   `json:"new_userid"`
+	Name           string   `json:"name"`
+	Alias          string   `json:"alias"`
+	Mobile         string   `json:"mobile"`
+	Department     []int    `json:"department"`
+	Order          []int    `json:"order"`
+	Position       string   `json:"position"`
+	Gender         int      `json:"gender"`
+	Email          string   `json:"email"`
+	BizMail        string   `json:"biz_mail"`
+	IsLeaderInDept []int    `json:"is_leader_in_dept"`
+	DirectLeader   []string `json:"direct_leader"`
+	Enable         int      `json:"enable"`
+	AvatarMediaid  string   `json:"avatar_mediaid"`
+	Telephone      string   `json:"telephone"`
+	Address        string   `json:"address"`
+	MainDepartment int      `json:"main_department"`
+	Extattr        struct {
+		Attrs []ExtraAttr `json:"attrs"`
+	} `json:"extattr"`
+	ToInvite         bool            `json:"to_invite"`
+	ExternalPosition string          `json:"external_position"`
+	ExternalProfile  ExternalProfile `json:"external_profile"`
+}
+
+// UserUpdate 更新成员
+// see https://developer.work.weixin.qq.com/document/path/90197
+func (r *Client) UserUpdate(req *UserUpdateRequest) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(userUpdateURL, accessToken), req); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "UserUpdate")
+}
+
 // UserGetResponse 获取部门成员响应
 type UserGetResponse struct {
 	util.CommonError

work/config/config.go

@@ -7,12 +7,11 @@ import (
 
 // Config for 企业微信
 type Config struct {
-	CorpID        string `json:"corp_id"`     // corp_id
-	CorpSecret    string `json:"corp_secret"` // corp_secret,如果需要获取会话存档实例，当前参数请填写聊天内容存档的Secret，可以在企业微信管理端--管理工具--聊天内容存档查看
-	AgentID       string `json:"agent_id"`    // agent_id
-	Cache         cache.Cache
-	RasPrivateKey string // 消息加密私钥，可以在企业微信管理端--管理工具--消息加密公钥查看对用公钥，私钥一般由自己保存
-
+	CorpID         string `json:"corp_id"`     // corp_id
+	CorpSecret     string `json:"corp_secret"` // corp_secret,如果需要获取会话存档实例，当前参数请填写聊天内容存档的Secret，可以在企业微信管理端--管理工具--聊天内容存档查看
+	AgentID        string `json:"agent_id"`    // agent_id
+	Cache          cache.Cache
+	RasPrivateKey  string // 消息加密私钥，可以在企业微信管理端--管理工具--消息加密公钥查看对用公钥，私钥一般由自己保存
 	Token          string `json:"token"`            // 微信客服回调配置，用于生成签名校验回调请求的合法性
 	EncodingAESKey string `json:"encoding_aes_key"` // 微信客服回调p配置，用于解密回调消息内容对应的密文
 }

work/jsapi/jsapi.go

@@ -0,0 +1,75 @@
+package jsapi
+
+import (
+	"fmt"
+
+	"github.com/silenceper/wechat/v2/credential"
+	"github.com/silenceper/wechat/v2/util"
+	"github.com/silenceper/wechat/v2/work/context"
+)
+
+// Js struct
+type Js struct {
+	*context.Context
+	jsTicket *credential.WorkJsTicket
+}
+
+// NewJs init
+func NewJs(context *context.Context) *Js {
+	js := new(Js)
+	js.Context = context
+	js.jsTicket = credential.NewWorkJsTicket(
+		context.Config.CorpID,
+		context.Config.AgentID,
+		credential.CacheKeyWorkPrefix,
+		context.Cache,
+	)
+	return js
+}
+
+// Config 返回给用户使用的配置
+type Config struct {
+	Timestamp int64  `json:"timestamp"`
+	NonceStr  string `json:"nonce_str"`
+	Signature string `json:"signature"`
+}
+
+// GetConfig 获取企业微信JS配置 https://developer.work.weixin.qq.com/document/path/90514
+func (js *Js) GetConfig(uri string) (config *Config, err error) {
+	config = new(Config)
+	var accessToken string
+	accessToken, err = js.GetAccessToken()
+	if err != nil {
+		return
+	}
+	var ticketStr string
+	ticketStr, err = js.jsTicket.GetTicket(accessToken, credential.TicketTypeCorpJs)
+	if err != nil {
+		return
+	}
+	config.NonceStr = util.RandomStr(16)
+	config.Timestamp = util.GetCurrTS()
+	str := fmt.Sprintf("jsapi_ticket=%s&noncestr=%s&timestamp=%d&url=%s", ticketStr, config.NonceStr, config.Timestamp, uri)
+	config.Signature = util.Signature(str)
+	return
+}
+
+// GetAgentConfig 获取企业微信应用JS配置 https://developer.work.weixin.qq.com/document/path/94313
+func (js *Js) GetAgentConfig(uri string) (config *Config, err error) {
+	config = new(Config)
+	var accessToken string
+	accessToken, err = js.GetAccessToken()
+	if err != nil {
+		return
+	}
+	var ticketStr string
+	ticketStr, err = js.jsTicket.GetTicket(accessToken, credential.TicketTypeAgentJs)
+	if err != nil {
+		return
+	}
+	config.NonceStr = util.RandomStr(16)
+	config.Timestamp = util.GetCurrTS()
+	str := fmt.Sprintf("jsapi_ticket=%s&noncestr=%s&timestamp=%d&url=%s", ticketStr, config.NonceStr, config.Timestamp, uri)
+	config.Signature = util.Signature(str)
+	return
+}

work/kf/account.go

@@ -33,6 +33,7 @@ type AccountAddSchema struct {
 }
 
 // AccountAdd 添加客服账号
+// see https://developer.work.weixin.qq.com/document/path/94662
 func (r *Client) AccountAdd(options AccountAddOptions) (info AccountAddSchema, err error) {
 	var (
 		accessToken string
@@ -59,6 +60,7 @@ type AccountDelOptions struct {
 }
 
 // AccountDel 删除客服账号
+// see https://developer.work.weixin.qq.com/document/path/94663
 func (r *Client) AccountDel(options AccountDelOptions) (info util.CommonError, err error) {
 	var (
 		accessToken string
@@ -86,7 +88,8 @@ type AccountUpdateOptions struct {
 	MediaID  string `json:"media_id"`  // 客服头像临时素材。可以调用上传临时素材接口获取, 不多于128个字节
 }
 
-// AccountUpdate 修复客服账号
+// AccountUpdate 修改客服账号
+// see https://developer.work.weixin.qq.com/document/path/94664
 func (r *Client) AccountUpdate(options AccountUpdateOptions) (info util.CommonError, err error) {
 	var (
 		accessToken string
@@ -109,9 +112,10 @@ func (r *Client) AccountUpdate(options AccountUpdateOptions) (info util.CommonEr
 
 // AccountInfoSchema 客服详情
 type AccountInfoSchema struct {
-	OpenKFID string `json:"open_kfid"` // 客服帐号ID
-	Name     string `json:"name"`      // 客服帐号名称
-	Avatar   string `json:"avatar"`    // 客服头像URL
+	OpenKFID        string `json:"open_kfid"`        // 客服帐号ID
+	Name            string `json:"name"`             // 客服帐号名称
+	Avatar          string `json:"avatar"`           // 客服头像URL
+	ManagePrivilege bool   `json:"manage_privilege"` // 当前调用接口的应用身份，是否有该客服账号的管理权限（编辑客服账号信息、分配会话和收发消息）
 }
 
 // AccountListSchema 获取客服账号列表响应内容
@@ -141,6 +145,31 @@ func (r *Client) AccountList() (info AccountListSchema, err error) {
 	return info, nil
 }
 
+// AccountPagingRequest 分页获取客服账号列表请求
+type AccountPagingRequest struct {
+	Offset int `json:"offset"`
+	Limit  int `json:"limit"`
+}
+
+// AccountPaging 分页获取客服账号列表
+// see https://developer.work.weixin.qq.com/document/path/94661
+func (r *Client) AccountPaging(req *AccountPagingRequest) (*AccountListSchema, error) {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.ctx.GetAccessToken(); err != nil {
+		return nil, err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(accountListAddr, accessToken), req); err != nil {
+		return nil, err
+	}
+	result := &AccountListSchema{}
+	err = util.DecodeWithError(response, result, "AccountPaging")
+	return result, err
+}
+
 // AddContactWayOptions 获取客服账号链接
 // 1.若scene非空，返回的客服链接开发者可拼接scene_param=SCENE_PARAM参数使用，用户进入会话事件会将SCENE_PARAM原样返回。其中SCENE_PARAM需要urlencode，且长度不能超过128字节。
 // 如 https://work.weixin.qq.com/kf/kfcbf8f8d07ac7215f?enc_scene=ENCGFSDF567DF&scene_param=a%3D1%26b%3D2
@@ -158,6 +187,7 @@ type AddContactWaySchema struct {
 }
 
 // AddContactWay 获取客服账号链接
+// see https://developer.work.weixin.qq.com/document/path/94665
 func (r *Client) AddContactWay(options AddContactWayOptions) (info AddContactWaySchema, err error) {
 	var (
 		accessToken string

work/kf/client.go

@@ -24,7 +24,7 @@ func NewClient(cfg *config.Config) (client *Client, err error) {
 	}
 
 	// 初始化 AccessToken Handle
-	defaultAkHandle := credential.NewWorkAccessToken(cfg.CorpID, cfg.CorpSecret, credential.CacheKeyWorkPrefix, cfg.Cache)
+	defaultAkHandle := credential.NewWorkAccessToken(cfg.CorpID, cfg.CorpSecret, cfg.AgentID, credential.CacheKeyWorkPrefix, cfg.Cache)
 	ctx := &context.Context{
 		Config:            cfg,
 		AccessTokenHandle: defaultAkHandle,

work/kf/servicer.go

@@ -18,20 +18,23 @@ const (
 
 // ReceptionistOptions 添加接待人员请求参数
 type ReceptionistOptions struct {
-	OpenKFID   string   `json:"open_kfid"`   // 客服帐号ID
-	UserIDList []string `json:"userid_list"` // 接待人员userid列表。第三方应用填密文userid，即open_userid 可填充个数：1 ~ 100。超过100个需分批调用。
+	OpenKFID         string   `json:"open_kfid"`          // 客服帐号ID
+	UserIDList       []string `json:"userid_list"`        // 接待人员userid列表。第三方应用填密文userid，即open_userid 可填充个数：1 ~ 100。超过100个需分批调用。
+	DepartmentIDList []int    `json:"department_id_list"` // 接待人员部门id列表 可填充个数：0 ~ 100。超过100个需分批调用。
 }
 
 // ReceptionistSchema 添加接待人员响应内容
 type ReceptionistSchema struct {
 	util.CommonError
 	ResultList []struct {
-		UserID string `json:"userid"`
+		UserID       string `json:"userid"`
+		DepartmentID int    `json:"department_id"`
 		util.CommonError
 	} `json:"result_list"`
 }
 
 // ReceptionistAdd 添加接待人员
+// @see https://developer.work.weixin.qq.com/document/path/94646
 func (r *Client) ReceptionistAdd(options ReceptionistOptions) (info ReceptionistSchema, err error) {
 	var (
 		accessToken string
@@ -49,10 +52,11 @@ func (r *Client) ReceptionistAdd(options ReceptionistOptions) (info Receptionist
 	if info.ErrCode != 0 {
 		return info, NewSDKErr(info.ErrCode, info.ErrMsg)
 	}
-	return info, nil
+	return
 }
 
 // ReceptionistDel 删除接待人员
+// @see https://developer.work.weixin.qq.com/document/path/94647
 func (r *Client) ReceptionistDel(options ReceptionistOptions) (info ReceptionistSchema, err error) {
 	var (
 		accessToken string
@@ -72,19 +76,22 @@ func (r *Client) ReceptionistDel(options ReceptionistOptions) (info Receptionist
 	if info.ErrCode != 0 {
 		return info, NewSDKErr(info.ErrCode, info.ErrMsg)
 	}
-	return info, nil
+	return
 }
 
 // ReceptionistListSchema 获取接待人员列表响应内容
 type ReceptionistListSchema struct {
 	util.CommonError
 	ReceptionistList []struct {
-		UserID string `json:"userid"` // 接待人员的userid。第三方应用获取到的为密文userid，即open_userid
-		Status int    `json:"status"` // 接待人员的接待状态。0:接待中,1:停止接待。第三方应用需具有“管理帐号、分配会话和收发消息”权限才可获取
+		UserID       string `json:"userid"`        // 接待人员的userid。第三方应用获取到的为密文userid，即open_userid
+		Status       int    `json:"status"`        // 接待人员的接待状态。0:接待中,1:停止接待。第三方应用需具有“管理帐号、分配会话和收发消息”权限才可获取
+		DepartmentID int    `json:"department_id"` // 接待人员部门的id
+		StopType     int    `json:"stop_type"`     // 接待人员的接待状态为「停止接待」的子类型。0:停止接待,1:暂时挂起
 	} `json:"servicer_list"`
 }
 
 // ReceptionistList 获取接待人员列表
+// @see https://developer.work.weixin.qq.com/document/path/94645
 func (r *Client) ReceptionistList(kfID string) (info ReceptionistListSchema, err error) {
 	var (
 		accessToken string
@@ -104,5 +111,5 @@ func (r *Client) ReceptionistList(kfID string) (info ReceptionistListSchema, err
 	if info.ErrCode != 0 {
 		return info, NewSDKErr(info.ErrCode, info.ErrMsg)
 	}
-	return info, nil
+	return
 }

work/material/media.go

@@ -14,6 +14,8 @@ const (
 	uploadTempFile = "https://qyapi.weixin.qq.com/cgi-bin/media/upload?access_token=%s&type=%s"
 	// uploadAttachment 上传附件资源
 	uploadAttachment = "https://qyapi.weixin.qq.com/cgi-bin/media/upload_attachment?access_token=%s&media_type=%s&attachment_type=%d"
+	// getTempFile 获取临时素材
+	getTempFile = "https://qyapi.weixin.qq.com/cgi-bin/media/get?access_token=%s&media_id=%s"
 )
 
 // UploadImgResponse 上传图片响应
@@ -57,6 +59,30 @@ func (r *Client) UploadImg(filename string) (*UploadImgResponse, error) {
 	return result, err
 }
 
+// UploadImgFromReader 从 io.Reader 上传图片
+// @see https://developer.work.weixin.qq.com/document/path/90256
+func (r *Client) UploadImgFromReader(filename string, reader io.Reader) (*UploadImgResponse, error) {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return nil, err
+	}
+	var byteData []byte
+	byteData, err = io.ReadAll(reader)
+	if err != nil {
+		return nil, err
+	}
+	var response []byte
+	if response, err = util.PostFileByStream("media", filename, fmt.Sprintf(uploadImgURL, accessToken), byteData); err != nil {
+		return nil, err
+	}
+	result := &UploadImgResponse{}
+	err = util.DecodeWithError(response, result, "UploadImg")
+	return result, err
+}
+
 // UploadTempFile 上传临时素材
 // @see https://developer.work.weixin.qq.com/document/path/90253
 // @mediaType 媒体文件类型，分别有图片（image）、语音（voice）、视频（video），普通文件（file）
@@ -148,3 +174,29 @@ func (r *Client) UploadAttachmentFromReader(filename, mediaType string, reader i
 	err = util.DecodeWithError(response, result, "UploadAttachment")
 	return result, err
 }
+
+// GetTempFile 获取临时素材
+// @see https://developer.work.weixin.qq.com/document/path/90254
+func (r *Client) GetTempFile(mediaID string) ([]byte, error) {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return nil, err
+	}
+	url := fmt.Sprintf(getTempFile, accessToken, mediaID)
+	response, err := util.HTTPGet(url)
+	if err != nil {
+		return nil, err
+	}
+
+	// 检查响应是否为错误信息
+	err = util.DecodeWithCommonError(response, "GetTempFile")
+	if err != nil {
+		return nil, err
+	}
+
+	// 如果不是错误响应，则返回原始数据
+	return response, nil
+}

work/work.go

@@ -9,6 +9,7 @@ import (
 	"github.com/silenceper/wechat/v2/work/context"
 	"github.com/silenceper/wechat/v2/work/externalcontact"
 	"github.com/silenceper/wechat/v2/work/invoice"
+	"github.com/silenceper/wechat/v2/work/jsapi"
 	"github.com/silenceper/wechat/v2/work/kf"
 	"github.com/silenceper/wechat/v2/work/material"
 	"github.com/silenceper/wechat/v2/work/message"
@@ -24,7 +25,7 @@ type Work struct {
 
 // NewWork init work
 func NewWork(cfg *config.Config) *Work {
-	defaultAkHandle := credential.NewWorkAccessToken(cfg.CorpID, cfg.CorpSecret, credential.CacheKeyWorkPrefix, cfg.Cache)
+	defaultAkHandle := credential.NewWorkAccessToken(cfg.CorpID, cfg.CorpSecret, cfg.AgentID, credential.CacheKeyWorkPrefix, cfg.Cache)
 	ctx := &context.Context{
 		Config:            cfg,
 		AccessTokenHandle: defaultAkHandle,
@@ -52,6 +53,11 @@ func (wk *Work) GetKF() (*kf.Client, error) {
 	return kf.NewClient(wk.ctx.Config)
 }
 
+// JsSdk get JsSdk
+func (wk *Work) JsSdk() *jsapi.Js {
+	return jsapi.NewJs(wk.ctx)
+}
+
 // GetExternalContact get external_contact
 func (wk *Work) GetExternalContact() *externalcontact.Client {
 	return externalcontact.NewClient(wk.ctx)