Merge d3d35387b7 into 3bd886d7f2

* feat(media): add getTempFile api

add getTempFile api

* feat(media): handle error in GetTempFile

handle error in GetTempFile

* feat(media): add UploadImgFromReader api

add UploadImgFromReader api

* fix(media): fixed not return common error

fixed not return common error

cache/redis.go

@@ -2,9 +2,13 @@ package cache
 
 import (
 	"context"
+	"fmt"
+	"net"
+	"os"
 	"time"
 
 	"github.com/go-redis/redis/v8"
+	"golang.org/x/crypto/ssh"
 )
 
 // Redis .redis cache
@@ -22,6 +26,7 @@ type RedisOpts struct {
 	MaxIdle     int    `yml:"max_idle" json:"max_idle"`
 	MaxActive   int    `yml:"max_active" json:"max_active"`
 	IdleTimeout int    `yml:"idle_timeout" json:"idle_timeout"` // second
+	Dialer      func(ctx context.Context, network, addr string) (net.Conn, error)
 }
 
 // NewRedis 实例化
@@ -33,6 +38,20 @@ func NewRedis(ctx context.Context, opts *RedisOpts) *Redis {
 		Password:     opts.Password,
 		IdleTimeout:  time.Second * time.Duration(opts.IdleTimeout),
 		MinIdleConns: opts.MaxIdle,
+		Dialer:       opts.Dialer,
+	})
+	return &Redis{ctx: ctx, conn: conn}
+}
+
+// NewRedisOverSSH 实例化（通过 SSH 代理连接 Redis ）
+func NewRedisOverSSH(ctx context.Context, opts *RedisOpts, overSSH *OverSSH) *Redis {
+	conn := redis.NewUniversalClient(&redis.UniversalOptions{
+		Addrs:        []string{opts.Host},
+		DB:           opts.Database,
+		Password:     opts.Password,
+		IdleTimeout:  time.Second * time.Duration(opts.IdleTimeout),
+		MinIdleConns: opts.MaxIdle,
+		Dialer:       overSSH.MakeDialer(),
 	})
 	return &Redis{ctx: ctx, conn: conn}
 }
@@ -92,3 +111,80 @@ func (r *Redis) Delete(key string) error {
 func (r *Redis) DeleteContext(ctx context.Context, key string) error {
 	return r.conn.Del(ctx, key).Err()
 }
+
+// SSHAuthMethod SSH认证方式
+type SSHAuthMethod uint8
+
+const (
+	// PubKeyAuth SSH公钥方式认证
+	PubKeyAuth SSHAuthMethod = 1
+	// PwdAuth SSH密码方式认证
+	PwdAuth SSHAuthMethod = 2
+)
+
+// OverSSH SSH 代理配置
+type OverSSH struct {
+	Host       string        `yml:"host" json:"host"`
+	Port       int           `yml:"port" json:"port"`
+	AuthMethod SSHAuthMethod `yml:"auth_method" json:"auth_method"`
+	Username   string        `yml:"username" json:"username"`
+	Password   string        `yml:"password" json:"password"`
+	KeyFile    string        `yml:"key_file" json:"key_file"`
+}
+
+// DialWithPassword 返回密码方式认证的 SSH 客户端
+func (s *OverSSH) DialWithPassword() (*ssh.Client, error) {
+	return ssh.Dial(
+		"tcp",
+		fmt.Sprintf("%s:%d", s.Host, s.Port),
+		&ssh.ClientConfig{
+			User: s.Username,
+			Auth: []ssh.AuthMethod{
+				ssh.Password(s.Password),
+			},
+			HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+		},
+	)
+}
+
+// DialWithKeyFile 返回公钥方式认证的 SSH 客户端
+func (s *OverSSH) DialWithKeyFile() (*ssh.Client, error) {
+	k, err := os.ReadFile(s.KeyFile)
+	if err != nil {
+		return nil, err
+	}
+	signer, err := ssh.ParsePrivateKey(k)
+	if err != nil {
+		return nil, err
+	}
+
+	return ssh.Dial(
+		"tcp",
+		fmt.Sprintf("%s:%d", s.Host, s.Port),
+		&ssh.ClientConfig{
+			User: s.Username,
+			Auth: []ssh.AuthMethod{
+				ssh.PublicKeys(signer),
+			},
+			HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+		},
+	)
+}
+
+// MakeDialer 创建 SSH 代理拨号器
+func (s *OverSSH) MakeDialer() func(ctx context.Context, network, addr string) (net.Conn, error) {
+	return func(ctx context.Context, network, addr string) (net.Conn, error) {
+		var err error
+		var sshclient *ssh.Client
+		switch s.AuthMethod {
+		case PwdAuth:
+			sshclient, err = s.DialWithPassword()
+		case PubKeyAuth:
+			sshclient, err = s.DialWithKeyFile()
+		}
+		if err != nil {
+			return nil, err
+		}
+		return sshclient.Dial(network, addr)
+	}
+}

credential/default_access_token.go

@@ -101,10 +101,11 @@ func (ak *DefaultAccessToken) GetAccessTokenContext(ctx context.Context) (access
 // 不强制更新access_token,可用于不同环境不同服务而不需要分布式锁以及公用缓存，避免access_token争抢
 // https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/mp-access-token/getStableAccessToken.html
 type StableAccessToken struct {
-	appID          string
+	appID           string
-	appSecret      string
+	appSecret       string
-	cacheKeyPrefix string
+	cacheKeyPrefix  string
-	cache          cache.Cache
+	cache           cache.Cache
+	accessTokenLock *sync.Mutex
 }
 
 // NewStableAccessToken new StableAccessToken
@@ -113,10 +114,11 @@ func NewStableAccessToken(appID, appSecret, cacheKeyPrefix string, cache cache.C
 		panic("cache is need")
 	}
 	return &StableAccessToken{
-		appID:          appID,
+		appID:           appID,
-		appSecret:      appSecret,
+		appSecret:       appSecret,
-		cache:          cache,
+		cache:           cache,
-		cacheKeyPrefix: cacheKeyPrefix,
+		cacheKeyPrefix:  cacheKeyPrefix,
+		accessTokenLock: new(sync.Mutex),
 	}
 }
 
@@ -130,7 +132,20 @@ func (ak *StableAccessToken) GetAccessTokenContext(ctx context.Context) (accessT
 	// 先从cache中取
 	accessTokenCacheKey := fmt.Sprintf("%s_stable_access_token_%s", ak.cacheKeyPrefix, ak.appID)
 	if val := ak.cache.Get(accessTokenCacheKey); val != nil {
-		return val.(string), nil
+		if accessToken = val.(string); accessToken != "" {
+			return
+		}
+	}
+
+	// 加上lock，是为了防止在并发获取token时，cache刚好失效，导致从微信服务器上获取到不同token
+	ak.accessTokenLock.Lock()
+	defer ak.accessTokenLock.Unlock()
+
+	// 双检，防止重复从微信服务器获取
+	if val := ak.cache.Get(accessTokenCacheKey); val != nil {
+		if accessToken = val.(string); accessToken != "" {
+			return
+		}
 	}
 
 	// cache失效，从微信服务器获取

go.sum

@@ -111,6 +111,7 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=

miniprogram/config/config.go

@@ -14,4 +14,5 @@ type Config struct {
 	Token          string `json:"token"`            // token
 	EncodingAESKey string `json:"encoding_aes_key"` // EncodingAESKey
 	Cache          cache.Cache
+	UseStableAK    bool // use the stable access_token
 }

miniprogram/miniprogram.go

@@ -34,7 +34,13 @@ type MiniProgram struct {
 
 // NewMiniProgram 实例化小程序 API
 func NewMiniProgram(cfg *config.Config) *MiniProgram {
-	defaultAkHandle := credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, credential.CacheKeyMiniProgramPrefix, cfg.Cache)
+	var defaultAkHandle credential.AccessTokenContextHandle
+	const cacheKeyPrefix = credential.CacheKeyMiniProgramPrefix
+	if cfg.UseStableAK {
+		defaultAkHandle = credential.NewStableAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	} else {
+		defaultAkHandle = credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	}
 	ctx := &context.Context{
 		Config:            cfg,
 		AccessTokenHandle: defaultAkHandle,

miniprogram/subscribe/subscribe.go

@@ -1,6 +1,7 @@
 package subscribe
 
 import (
+	"encoding/json"
 	"fmt"
 
 	"github.com/silenceper/wechat/v2/miniprogram/context"
@@ -70,6 +71,13 @@ type TemplateList struct {
 	Data []TemplateItem `json:"data"`
 }
 
+// resTemplateSend 发送获取 msg id
+type resTemplateSend struct {
+	util.CommonError
+
+	MsgID int64 `json:"msgid"`
+}
+
 // Send 发送订阅消息
 func (s *Subscribe) Send(msg *Message) (err error) {
 	var accessToken string
@@ -85,6 +93,33 @@ func (s *Subscribe) Send(msg *Message) (err error) {
 	return util.DecodeWithCommonError(response, "Send")
 }
 
+// SendGetMsgID 发送订阅消息返回 msgid
+func (s *Subscribe) SendGetMsgID(msg *Message) (msgID int64, err error) {
+	var accessToken string
+	accessToken, err = s.GetAccessToken()
+	if err != nil {
+		return
+	}
+	uri := fmt.Sprintf("%s?access_token=%s", subscribeSendURL, accessToken)
+	response, err := util.PostJSON(uri, msg)
+	if err != nil {
+		return
+	}
+
+	var result resTemplateSend
+	if err = json.Unmarshal(response, &result); err != nil {
+		return
+	}
+	if result.ErrCode != 0 {
+		err = fmt.Errorf("template msg send error : errcode=%v , errmsg=%v", result.ErrCode, result.ErrMsg)
+		return
+	}
+
+	msgID = result.MsgID
+
+	return
+}
+
 // ListTemplates 获取当前帐号下的个人模板列表
 // https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/subscribe-message/subscribeMessage.getTemplateList.html
 func (s *Subscribe) ListTemplates() (*TemplateList, error) {

officialaccount/config/config.go

@@ -11,4 +11,5 @@ type Config struct {
 	Token          string `json:"token"`            // token
 	EncodingAESKey string `json:"encoding_aes_key"` // EncodingAESKey
 	Cache          cache.Cache
+	UseStableAK    bool // use the stable access_token
 }

officialaccount/officialaccount.go

@@ -49,7 +49,13 @@ type OfficialAccount struct {
 
 // NewOfficialAccount 实例化公众号API
 func NewOfficialAccount(cfg *config.Config) *OfficialAccount {
-	defaultAkHandle := credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, credential.CacheKeyOfficialAccountPrefix, cfg.Cache)
+	var defaultAkHandle credential.AccessTokenContextHandle
+	const cacheKeyPrefix = credential.CacheKeyOfficialAccountPrefix
+	if cfg.UseStableAK {
+		defaultAkHandle = credential.NewStableAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	} else {
+		defaultAkHandle = credential.NewDefaultAccessToken(cfg.AppID, cfg.AppSecret, cacheKeyPrefix, cfg.Cache)
+	}
 	ctx := &context.Context{
 		Config:            cfg,
 		AccessTokenHandle: defaultAkHandle,

work/addresslist/department.go

@@ -9,12 +9,16 @@ import (
 const (
 	// departmentCreateURL 创建部门
 	departmentCreateURL = "https://qyapi.weixin.qq.com/cgi-bin/department/create?access_token=%s"
+	// departmentUpdateURL 更新部门
+	departmentUpdateURL = "https://qyapi.weixin.qq.com/cgi-bin/department/update?access_token=%s"
+	// departmentDeleteURL 删除部门
+	departmentDeleteURL = "https://qyapi.weixin.qq.com/cgi-bin/department/delete?access_token=%s&id=%d"
 	// departmentSimpleListURL 获取子部门ID列表
 	departmentSimpleListURL = "https://qyapi.weixin.qq.com/cgi-bin/department/simplelist?access_token=%s&id=%d"
 	// departmentListURL 获取部门列表
 	departmentListURL     = "https://qyapi.weixin.qq.com/cgi-bin/department/list?access_token=%s"
 	departmentListByIDURL = "https://qyapi.weixin.qq.com/cgi-bin/department/list?access_token=%s&id=%d"
-	// departmentGetURL 获取单个部门详情 https://qyapi.weixin.qq.com/cgi-bin/department/get?access_token=ACCESS_TOKEN&id=ID
+	// departmentGetURL 获取单个部门详情
 	departmentGetURL = "https://qyapi.weixin.qq.com/cgi-bin/department/get?access_token=%s&id=%d"
 )
 
@@ -85,6 +89,49 @@ func (r *Client) DepartmentCreate(req *DepartmentCreateRequest) (*DepartmentCrea
 	return result, err
 }
 
+// DepartmentUpdateRequest 更新部门请求
+type DepartmentUpdateRequest struct {
+	ID       int    `json:"id"`
+	Name     string `json:"name,omitempty"`
+	NameEn   string `json:"name_en,omitempty"`
+	ParentID int    `json:"parentid,omitempty"`
+	Order    int    `json:"order,omitempty"`
+}
+
+// DepartmentUpdate 更新部门
+// see https://developer.work.weixin.qq.com/document/path/90206
+func (r *Client) DepartmentUpdate(req *DepartmentUpdateRequest) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(departmentUpdateURL, accessToken), req); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "DepartmentUpdate")
+}
+
+// DepartmentDelete 删除部门
+// @see https://developer.work.weixin.qq.com/document/path/90207
+func (r *Client) DepartmentDelete(departmentID int) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.HTTPGet(fmt.Sprintf(departmentDeleteURL, accessToken, departmentID)); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "DepartmentDelete")
+}
+
 // DepartmentSimpleList 获取子部门ID列表
 // see https://developer.work.weixin.qq.com/document/path/95350
 func (r *Client) DepartmentSimpleList(departmentID int) ([]*DepartmentID, error) {

work/addresslist/user.go

@@ -12,6 +12,8 @@ const (
 	userSimpleListURL = "https://qyapi.weixin.qq.com/cgi-bin/user/simplelist"
 	// userCreateURL 创建成员
 	userCreateURL = "https://qyapi.weixin.qq.com/cgi-bin/user/create?access_token=%s"
+	// userUpdateURL 更新成员
+	userUpdateURL = "https://qyapi.weixin.qq.com/cgi-bin/user/update?access_token=%s"
 	// userGetURL 读取成员
 	userGetURL = "https://qyapi.weixin.qq.com/cgi-bin/user/get"
 	// userDeleteURL 删除成员
@@ -154,6 +156,51 @@ func (r *Client) UserCreate(req *UserCreateRequest) (*UserCreateResponse, error)
 	return result, err
 }
 
+// UserUpdateRequest 更新成员请求
+type UserUpdateRequest struct {
+	UserID         string   `json:"userid"`
+	NewUserID      string   `json:"new_userid"`
+	Name           string   `json:"name"`
+	Alias          string   `json:"alias"`
+	Mobile         string   `json:"mobile"`
+	Department     []int    `json:"department"`
+	Order          []int    `json:"order"`
+	Position       string   `json:"position"`
+	Gender         int      `json:"gender"`
+	Email          string   `json:"email"`
+	BizMail        string   `json:"biz_mail"`
+	IsLeaderInDept []int    `json:"is_leader_in_dept"`
+	DirectLeader   []string `json:"direct_leader"`
+	Enable         int      `json:"enable"`
+	AvatarMediaid  string   `json:"avatar_mediaid"`
+	Telephone      string   `json:"telephone"`
+	Address        string   `json:"address"`
+	MainDepartment int      `json:"main_department"`
+	Extattr        struct {
+		Attrs []ExtraAttr `json:"attrs"`
+	} `json:"extattr"`
+	ToInvite         bool            `json:"to_invite"`
+	ExternalPosition string          `json:"external_position"`
+	ExternalProfile  ExternalProfile `json:"external_profile"`
+}
+
+// UserUpdate 更新成员
+// see https://developer.work.weixin.qq.com/document/path/90197
+func (r *Client) UserUpdate(req *UserUpdateRequest) error {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return err
+	}
+	var response []byte
+	if response, err = util.PostJSON(fmt.Sprintf(userUpdateURL, accessToken), req); err != nil {
+		return err
+	}
+	return util.DecodeWithCommonError(response, "UserUpdate")
+}
+
 // UserGetResponse 获取部门成员响应
 type UserGetResponse struct {
 	util.CommonError

work/kf/servicer.go

@@ -18,20 +18,23 @@ const (
 
 // ReceptionistOptions 添加接待人员请求参数
 type ReceptionistOptions struct {
-	OpenKFID   string   `json:"open_kfid"`   // 客服帐号ID
+	OpenKFID         string   `json:"open_kfid"`          // 客服帐号ID
-	UserIDList []string `json:"userid_list"` // 接待人员userid列表。第三方应用填密文userid，即open_userid 可填充个数：1 ~ 100。超过100个需分批调用。
+	UserIDList       []string `json:"userid_list"`        // 接待人员userid列表。第三方应用填密文userid，即open_userid 可填充个数：1 ~ 100。超过100个需分批调用。
+	DepartmentIDList []int    `json:"department_id_list"` // 接待人员部门id列表 可填充个数：0 ~ 100。超过100个需分批调用。
 }
 
 // ReceptionistSchema 添加接待人员响应内容
 type ReceptionistSchema struct {
 	util.CommonError
 	ResultList []struct {
-		UserID string `json:"userid"`
+		UserID       string `json:"userid"`
+		DepartmentID int    `json:"department_id"`
 		util.CommonError
 	} `json:"result_list"`
 }
 
 // ReceptionistAdd 添加接待人员
+// @see https://developer.work.weixin.qq.com/document/path/94646
 func (r *Client) ReceptionistAdd(options ReceptionistOptions) (info ReceptionistSchema, err error) {
 	var (
 		accessToken string
@@ -49,10 +52,11 @@ func (r *Client) ReceptionistAdd(options ReceptionistOptions) (info Receptionist
 	if info.ErrCode != 0 {
 		return info, NewSDKErr(info.ErrCode, info.ErrMsg)
 	}
-	return info, nil
+	return
 }
 
 // ReceptionistDel 删除接待人员
+// @see https://developer.work.weixin.qq.com/document/path/94647
 func (r *Client) ReceptionistDel(options ReceptionistOptions) (info ReceptionistSchema, err error) {
 	var (
 		accessToken string
@@ -72,19 +76,22 @@ func (r *Client) ReceptionistDel(options ReceptionistOptions) (info Receptionist
 	if info.ErrCode != 0 {
 		return info, NewSDKErr(info.ErrCode, info.ErrMsg)
 	}
-	return info, nil
+	return
 }
 
 // ReceptionistListSchema 获取接待人员列表响应内容
 type ReceptionistListSchema struct {
 	util.CommonError
 	ReceptionistList []struct {
-		UserID string `json:"userid"` // 接待人员的userid。第三方应用获取到的为密文userid，即open_userid
+		UserID       string `json:"userid"`        // 接待人员的userid。第三方应用获取到的为密文userid，即open_userid
-		Status int    `json:"status"` // 接待人员的接待状态。0:接待中,1:停止接待。第三方应用需具有“管理帐号、分配会话和收发消息”权限才可获取
+		Status       int    `json:"status"`        // 接待人员的接待状态。0:接待中,1:停止接待。第三方应用需具有“管理帐号、分配会话和收发消息”权限才可获取
+		DepartmentID int    `json:"department_id"` // 接待人员部门的id
+		StopType     int    `json:"stop_type"`     // 接待人员的接待状态为「停止接待」的子类型。0:停止接待,1:暂时挂起
 	} `json:"servicer_list"`
 }
 
 // ReceptionistList 获取接待人员列表
+// @see https://developer.work.weixin.qq.com/document/path/94645
 func (r *Client) ReceptionistList(kfID string) (info ReceptionistListSchema, err error) {
 	var (
 		accessToken string
@@ -104,5 +111,5 @@ func (r *Client) ReceptionistList(kfID string) (info ReceptionistListSchema, err
 	if info.ErrCode != 0 {
 		return info, NewSDKErr(info.ErrCode, info.ErrMsg)
 	}
-	return info, nil
+	return
 }

work/material/media.go

@@ -14,6 +14,8 @@ const (
 	uploadTempFile = "https://qyapi.weixin.qq.com/cgi-bin/media/upload?access_token=%s&type=%s"
 	// uploadAttachment 上传附件资源
 	uploadAttachment = "https://qyapi.weixin.qq.com/cgi-bin/media/upload_attachment?access_token=%s&media_type=%s&attachment_type=%d"
+	// getTempFile 获取临时素材
+	getTempFile = "https://qyapi.weixin.qq.com/cgi-bin/media/get?access_token=%s&media_id=%s"
 )
 
 // UploadImgResponse 上传图片响应
@@ -57,6 +59,30 @@ func (r *Client) UploadImg(filename string) (*UploadImgResponse, error) {
 	return result, err
 }
 
+// UploadImgFromReader 从 io.Reader 上传图片
+// @see https://developer.work.weixin.qq.com/document/path/90256
+func (r *Client) UploadImgFromReader(filename string, reader io.Reader) (*UploadImgResponse, error) {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return nil, err
+	}
+	var byteData []byte
+	byteData, err = io.ReadAll(reader)
+	if err != nil {
+		return nil, err
+	}
+	var response []byte
+	if response, err = util.PostFileByStream("media", filename, fmt.Sprintf(uploadImgURL, accessToken), byteData); err != nil {
+		return nil, err
+	}
+	result := &UploadImgResponse{}
+	err = util.DecodeWithError(response, result, "UploadImg")
+	return result, err
+}
+
 // UploadTempFile 上传临时素材
 // @see https://developer.work.weixin.qq.com/document/path/90253
 // @mediaType 媒体文件类型，分别有图片（image）、语音（voice）、视频（video），普通文件（file）
@@ -148,3 +174,29 @@ func (r *Client) UploadAttachmentFromReader(filename, mediaType string, reader i
 	err = util.DecodeWithError(response, result, "UploadAttachment")
 	return result, err
 }
+
+// GetTempFile 获取临时素材
+// @see https://developer.work.weixin.qq.com/document/path/90254
+func (r *Client) GetTempFile(mediaID string) ([]byte, error) {
+	var (
+		accessToken string
+		err         error
+	)
+	if accessToken, err = r.GetAccessToken(); err != nil {
+		return nil, err
+	}
+	url := fmt.Sprintf(getTempFile, accessToken, mediaID)
+	response, err := util.HTTPGet(url)
+	if err != nil {
+		return nil, err
+	}
+
+	// 检查响应是否为错误信息
+	err = util.DecodeWithCommonError(response, "GetTempFile")
+	if err != nil {
+		return nil, err
+	}
+
+	// 如果不是错误响应，则返回原始数据
+	return response, nil
+}