init

utils/wxcom/WXBizMsgCrypt3.py

@@ -0,0 +1,287 @@
+#!/usr/bin/env python
+# -*- encoding:utf-8 -*-
+
+"""对企业微信发送给企业后台的消息加解密示例代码.
+@copyright: Copyright (c) 1998-2014 Tencent Inc.
+
+"""
+
+import base64
+import hashlib
+
+# ------------------------------------------------------------------------
+import logging
+import random
+import socket
+import struct
+import time
+import xml.etree.cElementTree as ET
+
+from Crypto.Cipher import AES
+from uvicorn.server import logger
+
+from utils.wxcom import ierror
+
+"""
+Crypto.Cipher包已不再维护，开发者可以通过以下命令下载安装最新版的加解密工具包
+    pip install pycryptodome
+"""
+
+
+class FormatException(Exception):
+    pass
+
+
+def throw_exception(message, exception_class=FormatException):
+    """my define raise exception function"""
+    raise exception_class(message)
+
+
+class SHA1:
+    """计算企业微信的消息签名接口"""
+
+    def getSHA1(self, token, timestamp, nonce, encrypt):
+        """用SHA1算法生成安全签名
+        @param token:  票据
+        @param timestamp: 时间戳
+        @param encrypt: 密文
+        @param nonce: 随机字符串
+        @return: 安全签名
+        """
+        try:
+            sortlist = [token, timestamp, nonce, encrypt]
+            sortlist.sort()
+            sha = hashlib.sha1()
+            sha.update("".join(sortlist).encode())
+            return ierror.WXBizMsgCrypt_OK, sha.hexdigest()
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_ComputeSignature_Error, None
+
+
+class XMLParse:
+    """提供提取消息格式中的密文及生成回复消息格式的接口"""
+
+    # xml消息模板
+    AES_TEXT_RESPONSE_TEMPLATE = """<xml>
+<Encrypt><![CDATA[%(msg_encrypt)s]]></Encrypt>
+<MsgSignature><![CDATA[%(msg_signaturet)s]]></MsgSignature>
+<TimeStamp>%(timestamp)s</TimeStamp>
+<Nonce><![CDATA[%(nonce)s]]></Nonce>
+</xml>"""
+
+    def extract(self, xmltext):
+        """提取出xml数据包中的加密消息
+        @param xmltext: 待提取的xml字符串
+        @return: 提取出的加密消息字符串
+        """
+        try:
+            xml_tree = ET.fromstring(xmltext)
+            encrypt = xml_tree.find("Encrypt")
+            return ierror.WXBizMsgCrypt_OK, encrypt.text
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_ParseXml_Error, None
+
+    def generate(self, encrypt, signature, timestamp, nonce):
+        """生成xml消息
+        @param encrypt: 加密后的消息密文
+        @param signature: 安全签名
+        @param timestamp: 时间戳
+        @param nonce: 随机字符串
+        @return: 生成的xml字符串
+        """
+        resp_dict = {
+            "msg_encrypt": encrypt,
+            "msg_signaturet": signature,
+            "timestamp": timestamp,
+            "nonce": nonce,
+        }
+        resp_xml = self.AES_TEXT_RESPONSE_TEMPLATE % resp_dict
+        return resp_xml
+
+
+class PKCS7Encoder:
+    """提供基于PKCS7算法的加解密接口"""
+
+    block_size = 32
+
+    def encode(self, text):
+        """对需要加密的明文进行填充补位
+        @param text: 需要进行填充补位操作的明文
+        @return: 补齐明文字符串
+        """
+        text_length = len(text)
+        # 计算需要填充的位数
+        amount_to_pad = self.block_size - (text_length % self.block_size)
+        if amount_to_pad == 0:
+            amount_to_pad = self.block_size
+        # 获得补位所用的字符
+        pad = chr(amount_to_pad)
+        return text + (pad * amount_to_pad).encode()
+
+    def decode(self, decrypted):
+        """删除解密后明文的补位字符
+        @param decrypted: 解密后的明文
+        @return: 删除补位字符后的明文
+        """
+        pad = ord(decrypted[-1])
+        if pad < 1 or pad > 32:
+            pad = 0
+        return decrypted[:-pad]
+
+
+class Prpcrypt(object):
+    """提供接收和推送给企业微信消息的加解密接口"""
+
+    def __init__(self, key):
+        # self.key = base64.b64decode(key+"=")
+        self.key = key
+        # 设置加解密模式为AES的CBC模式
+        self.mode = AES.MODE_CBC
+
+    def encrypt(self, text, receiveid):
+        """对明文进行加密
+        @param text: 需要加密的明文
+        @return: 加密得到的字符串
+        """
+        # 16位随机字符串添加到明文开头
+        text = text.encode()
+        text = (
+            self.get_random_str()
+            + struct.pack("I", socket.htonl(len(text)))
+            + text
+            + receiveid.encode()
+        )
+
+        # 使用自定义的填充方式对明文进行补位填充
+        pkcs7 = PKCS7Encoder()
+        text = pkcs7.encode(text)
+        # 加密
+        cryptor = AES.new(self.key, self.mode, self.key[:16])
+        try:
+            ciphertext = cryptor.encrypt(text)
+            # 使用BASE64对加密后的字符串进行编码
+            return ierror.WXBizMsgCrypt_OK, base64.b64encode(ciphertext)
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_EncryptAES_Error, None
+
+    def decrypt(self, text, receiveid):
+        """对解密后的明文进行补位删除
+        @param text: 密文
+        @return: 删除填充补位后的明文
+        """
+        try:
+            cryptor = AES.new(self.key, self.mode, self.key[:16])
+            # 使用BASE64对密文进行解码，然后AES-CBC解密
+            plain_text = cryptor.decrypt(base64.b64decode(text))
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_DecryptAES_Error, None
+        try:
+            pad = plain_text[-1]
+            # 去掉补位字符串
+            # pkcs7 = PKCS7Encoder()
+            # plain_text = pkcs7.encode(plain_text)
+            # 去除16位随机字符串
+            content = plain_text[16:-pad]
+            xml_len = socket.ntohl(struct.unpack("I", content[:4])[0])
+            xml_content = content[4 : xml_len + 4]
+            from_receiveid = content[xml_len + 4 :]
+        except Exception as e:
+            logger = logging.getLogger()
+            logger.error(e)
+            return ierror.WXBizMsgCrypt_IllegalBuffer, None
+
+        if from_receiveid.decode("utf8") != receiveid:
+            return ierror.WXBizMsgCrypt_ValidateCorpid_Error, None
+        return 0, xml_content
+
+    def get_random_str(self):
+        """随机生成16位字符串
+        @return: 16位字符串
+        """
+        return str(random.randint(1000000000000000, 9999999999999999)).encode()
+
+
+class WXBizMsgCrypt(object):
+    # 构造函数
+    def __init__(self, sToken, sEncodingAESKey, sReceiveId):
+        try:
+            self.key = base64.b64decode(sEncodingAESKey + "=")
+            assert len(self.key) == 32
+        except Exception as e:
+            logger.error(f"EncodingAESKey unvalid ! Error: {e}")
+            throw_exception("[error]: EncodingAESKey unvalid !", FormatException)
+            # return ierror.WXBizMsgCrypt_IllegalAesKey,None
+        self.m_sToken = sToken
+        self.m_sReceiveId = sReceiveId
+
+        # 验证URL
+        # @param sMsgSignature: 签名串，对应URL参数的msg_signature
+        # @param sTimeStamp: 时间戳，对应URL参数的timestamp
+        # @param sNonce: 随机串，对应URL参数的nonce
+        # @param sEchoStr: 随机串，对应URL参数的echostr
+        # @param sReplyEchoStr: 解密之后的echostr，当return返回0时有效
+        # @return：成功0，失败返回对应的错误码
+
+    def VerifyURL(self, sMsgSignature, sTimeStamp, sNonce, sEchoStr):
+        sha1 = SHA1()
+        ret, signature = sha1.getSHA1(self.m_sToken, sTimeStamp, sNonce, sEchoStr)
+        if ret != 0:
+            return ret, None
+        if not signature == sMsgSignature:
+            return ierror.WXBizMsgCrypt_ValidateSignature_Error, None
+        pc = Prpcrypt(self.key)
+        ret, sReplyEchoStr = pc.decrypt(sEchoStr, self.m_sReceiveId)
+        return ret, sReplyEchoStr
+
+    def EncryptMsg(self, sReplyMsg, sNonce, timestamp=None):
+        # 将企业回复用户的消息加密打包
+        # @param sReplyMsg: 企业号待回复用户的消息，xml格式的字符串
+        # @param sTimeStamp: 时间戳，可以自己生成，也可以用URL参数的timestamp,如为None则自动用当前时间
+        # @param sNonce: 随机串，可以自己生成，也可以用URL参数的nonce
+        # sEncryptMsg: 加密后的可以直接回复用户的密文，包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
+        # return：成功0，sEncryptMsg,失败返回对应的错误码None
+        pc = Prpcrypt(self.key)
+        ret, encrypt = pc.encrypt(sReplyMsg, self.m_sReceiveId)
+        encrypt = encrypt.decode("utf8")
+        if ret != 0:
+            return ret, None
+        if timestamp is None:
+            timestamp = str(int(time.time()))
+        # 生成安全签名
+        sha1 = SHA1()
+        ret, signature = sha1.getSHA1(self.m_sToken, timestamp, sNonce, encrypt)
+        if ret != 0:
+            return ret, None
+        xmlParse = XMLParse()
+        return ret, xmlParse.generate(encrypt, signature, timestamp, sNonce)
+
+    def DecryptMsg(self, sPostData, sMsgSignature, sTimeStamp, sNonce):
+        # 检验消息的真实性，并且获取解密后的明文
+        # @param sMsgSignature: 签名串，对应URL参数的msg_signature
+        # @param sTimeStamp: 时间戳，对应URL参数的timestamp
+        # @param sNonce: 随机串，对应URL参数的nonce
+        # @param sPostData: 密文，对应POST请求的数据
+        #  xml_content: 解密后的原文，当return返回0时有效
+        # @return: 成功0，失败返回对应的错误码
+        # 验证安全签名
+        xmlParse = XMLParse()
+        ret, encrypt = xmlParse.extract(sPostData)
+        if ret != 0:
+            return ret, None
+        sha1 = SHA1()
+        ret, signature = sha1.getSHA1(self.m_sToken, sTimeStamp, sNonce, encrypt)
+        if ret != 0:
+            return ret, None
+        if not signature == sMsgSignature:
+            return ierror.WXBizMsgCrypt_ValidateSignature_Error, None
+        pc = Prpcrypt(self.key)
+        ret, xml_content = pc.decrypt(encrypt, self.m_sReceiveId)
+        return ret, xml_content

utils/wxcom/__init__.py

@@ -0,0 +1,10 @@
+from .wx_com import wecom_service,wxcpt
+from .wx_utils import get_request_params,decrypt_message,extract_message_content
+
+__all__ = [
+    "wecom_service",
+    "wxcpt",
+    "get_request_params",
+    "decrypt_message",
+    "extract_message_content"
+]

utils/wxcom/ierror.py

@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#########################################################################
+# Author: jonyqin
+# Created Time: Thu 11 Sep 2014 01:53:58 PM CST
+# File Name: ierror.py
+# Description:定义错误码含义
+#########################################################################
+WXBizMsgCrypt_OK = 0
+WXBizMsgCrypt_ValidateSignature_Error = -40001
+WXBizMsgCrypt_ParseXml_Error = -40002
+WXBizMsgCrypt_ComputeSignature_Error = -40003
+WXBizMsgCrypt_IllegalAesKey = -40004
+WXBizMsgCrypt_ValidateCorpid_Error = -40005
+WXBizMsgCrypt_EncryptAES_Error = -40006
+WXBizMsgCrypt_DecryptAES_Error = -40007
+WXBizMsgCrypt_IllegalBuffer = -40008
+WXBizMsgCrypt_EncodeBase64_Error = -40009
+WXBizMsgCrypt_DecodeBase64_Error = -40010
+WXBizMsgCrypt_GenReturnXml_Error = -40011

utils/wxcom/modules/contact.py

@@ -0,0 +1,41 @@
+from wecom_sdk.exceptions.general import SDKException
+from wecom_sdk.modules.base import WecomBaseClient
+from wecom_sdk.utils.requests import HttpxRequest
+
+class WecomContactClient(WecomBaseClient):
+    
+    async def get_contact_list(self , userid: str):
+        """
+        获取联系人列表
+        @param userid: 用户id
+
+        @return: 联系人列表
+        """
+        url = self.BASE_URL + "/externalcontact/list"
+        params = {"access_token": await self.access_token , "userid": userid}
+        resp = await HttpxRequest.post(url=url, params=params)
+        
+        if resp.errcode == 0:
+            return resp.external_contact_list
+        else:
+            raise SDKException(resp.errcode, resp.errmsg)
+        
+    async def get_contact_detail(self , external_userid: str , cursor : None | str = None):
+        """
+        获取联系人详情
+        @param userid: 用户id
+        @param external_userid: 外部联系人id
+        @param cursor: 分页游标
+
+        @return: 联系人详情
+        """
+        url = self.BASE_URL + "/externalcontact/get"
+        params = {"access_token": await self.access_token , "external_userid": external_userid }
+        params.update({"cursor": cursor} if cursor else {})
+        
+        resp = await HttpxRequest.post(url=url, params=params)
+        
+        if resp.get("errcode") == 0:
+            return resp.get("external_contact" , {})
+        else:
+            raise SDKException(resp.errcode, resp.errmsg)

utils/wxcom/schemas/contact.py

@@ -0,0 +1,66 @@
+from wecom_sdk.schemas.base import BaseSchema
+from typing import List, Optional
+
+class TextAttr(BaseSchema):
+    value: str
+
+class WebAttr(BaseSchema):
+    url: str
+    title: str
+
+class MiniProgramAttr(BaseSchema):
+    appid: str
+    pagepath: str
+    title: str
+
+class ExternalAttr(BaseSchema):
+    type: int
+    name: str
+    text: Optional[TextAttr] = None
+    web: Optional[WebAttr] = None
+    miniprogram: Optional[MiniProgramAttr] = None
+
+class ExternalProfile(BaseSchema):
+    external_attr: List[ExternalAttr]
+
+class ExternalContact(BaseSchema):
+    external_userid: str
+    name: str
+    position: Optional[str] = None
+    avatar: Optional[str] = None
+    corp_name: Optional[str] = None
+    corp_full_name: Optional[str] = None
+    type: int
+    gender: int
+    unionid: Optional[str] = None
+    external_profile: Optional[ExternalProfile] = None
+
+class Tag(BaseSchema):
+    group_name: str
+    tag_name: str
+    tag_id: Optional[str] = None
+    type: int
+
+class WechatChannels(BaseSchema):
+    nickname: str
+    source: int
+
+class FollowUser(BaseSchema):
+    userid: str
+    remark: Optional[str] = None
+    description: Optional[str] = None
+    createtime: int
+    tags: Optional[List[Tag]] = None
+    remark_corp_name: Optional[str] = None
+    remark_mobiles: Optional[List[str]] = None
+    oper_userid: str
+    add_way: int
+    state: Optional[str] = None
+    wechat_channels: Optional[WechatChannels] = None
+
+class ContactResponse(BaseSchema):
+    errcode: int
+    errmsg: str
+    external_contact: ExternalContact
+    follow_user: List[FollowUser]
+    next_cursor: Optional[str] = None

utils/wxcom/wx_com.py

@@ -0,0 +1,65 @@
+from uvicorn.server import logger
+from wecom_sdk import Wecom
+from utils.wxcom.modules.contact import WecomContactClient
+
+from config import setting
+from .WXBizMsgCrypt3 import WXBizMsgCrypt
+
+
+class WecomPro(Wecom , WecomContactClient):
+    pass
+
+
+def get_wxcpt():
+    """
+    初始化并返回 WXBizMsgCrypt 实例
+
+    :param setting_env: 配置环境对象，包含企业微信相关配置
+    :return: WXBizMsgCrypt 实例
+    """
+    try:
+        # 验证企业微信配置是否完整
+        required_configs = [
+            setting.env.WECOM_APP_TOKEN,
+            setting.env.WECOM_APP_ENCODING_AES_KEY,
+            setting.env.WECOM_CORPID
+        ]
+        if not all(required_configs):
+            raise ValueError("企业微信配置不完整")
+        
+        return WXBizMsgCrypt(
+            setting.env.WECOM_APP_TOKEN,  # 设置的Token
+            setting.env.WECOM_APP_ENCODING_AES_KEY,  # 设置密钥
+            setting.env.WECOM_CORPID  # 企业ID
+        )
+    except Exception as e:
+        logger.error(f"初始化WXBizMsgCrypt失败: {str(e)}")
+        raise
+
+
+def get_wecom_service():
+    """
+    初始化并返回 Wecom 服务实例
+
+    :param setting_env: 配置环境对象，包含企业微信相关配置
+    :return: Wecom 服务实例
+    """
+    try:
+        # 验证企业微信配置是否完整
+        required_configs = [
+            setting.env.WECOM_CORPID,
+            setting.env.WECOM_CORPSECRET
+        ]
+        if not all(required_configs):
+            raise ValueError("企业微信配置不完整")
+        
+        return WecomPro(
+            corpid=setting.env.WECOM_CORPID,
+            corpsecret=setting.env.WECOM_CORPSECRET
+        )
+    except Exception as e:
+        logger.error(f"初始化Wecom服务失败: {str(e)}")
+        raise
+
+wecom_service = get_wecom_service()
+wxcpt = get_wxcpt()

utils/wxcom/wx_utils.py

@@ -0,0 +1,94 @@
+import time
+from typing import Dict, Tuple, Union
+
+import xmltodict
+from fastapi import HTTPException, Request
+from uvicorn.server import logger
+from .wx_com import wxcpt
+
+
+async def get_request_params(request: Request) -> Tuple[bytes, str, str, str]:
+    """获取请求参数并验证"""
+    body = await request.body()
+    msg_signature = request.query_params.get("msg_signature")
+    timestamp = request.query_params.get("timestamp")
+    nonce = request.query_params.get("nonce")
+
+    if not all([msg_signature, timestamp, nonce]):
+        raise HTTPException(status_code=400, detail="缺少必要的参数")
+
+    # logger.info(
+    #     f"收到消息推送: msg_signature={msg_signature}, timestamp={timestamp}, nonce={nonce}"
+    # )
+
+    return body, msg_signature, timestamp, nonce
+
+def decrypt_message(body: bytes, msg_signature: str, timestamp: str, nonce: str) -> dict:
+    """解密消息"""
+    ret, sMsg = wxcpt.DecryptMsg(body, msg_signature, timestamp, nonce)
+    if ret != 0:
+        logger.error(f"消息解密失败，错误码: {ret}")
+        raise HTTPException(status_code=400, detail="消息解密失败")
+
+    xml_dict = xmltodict.parse(sMsg)
+    # logger.info(f"解密后的消息内容: {xml_dict}")
+
+    return xml_dict
+
+def extract_message_content(
+    xml_dict: Dict,
+) -> Tuple[str, str, str, str, Union[Dict[str, Union[str, None]], str, None], str, str]:
+    """提取消息内容，支持多种消息类型"""
+    xml_content = xml_dict["xml"]
+    to_user_name = xml_content.get("ToUserName")
+    from_user_name = xml_content.get("FromUserName")
+    create_time = xml_content.get("CreateTime")
+    msg_type = xml_content.get("MsgType")
+    msg_id = xml_content.get("MsgId")
+    agent_id = xml_content.get("AgentID")
+
+    message_data = {}
+    if msg_type == "text":
+        message_data["Content"] = xml_content.get("Content")
+        logger.info(f"收到文本消息: {message_data['Content']}")
+    elif msg_type == "image":
+        message_data["PicUrl"] = xml_content.get("PicUrl")
+        message_data["MediaId"] = xml_content.get("MediaId")
+        logger.info(f"收到图片消息，媒体ID: {message_data['MediaId']}")
+    elif msg_type == "voice":
+        message_data["MediaId"] = xml_content.get("MediaId")
+        message_data["Format"] = xml_content.get("Format")
+        logger.info(f"收到语音消息，媒体ID: {message_data['MediaId']}")
+    elif msg_type == "video":
+        message_data["MediaId"] = xml_content.get("MediaId")
+        message_data["ThumbMediaId"] = xml_content.get("ThumbMediaId")
+        logger.info(f"收到视频消息，媒体ID: {message_data['MediaId']}")
+    elif msg_type == "location":
+        message_data["Location_X"] = xml_content.get("Location_X")
+        message_data["Location_Y"] = xml_content.get("Location_Y")
+        message_data["Scale"] = xml_content.get("Scale")
+        message_data["Label"] = xml_content.get("Label")
+        message_data["AppType"] = xml_content.get("AppType")
+        logger.info(
+            f"收到位置消息，位置: {message_data['Location_X']}, {message_data['Location_Y']}"
+        )
+    elif msg_type == "link":
+        message_data["Title"] = xml_content.get("Title")
+        message_data["Description"] = xml_content.get("Description")
+        message_data["Url"] = xml_content.get("Url")
+        message_data["PicUrl"] = xml_content.get("PicUrl")
+        logger.info(f"收到链接消息，标题: {message_data['Title']}")
+    else:
+        message_data = xml_content.get("Content")
+        logger.info(f"收到未知类型消息: {message_data}")
+
+
+    return {
+        "ToUserName": to_user_name,
+        "FromUserName": from_user_name,
+        "CreateTime": create_time,
+        "MsgType": msg_type,
+        "MsgId": msg_id,
+        "AgentID": agent_id,
+        **message_data,
+    }