企业微信 获取访客身份接口

src/Siger.WeComApi.Biz/service/SigerWeComThirdService.cs

@@ -14,6 +14,7 @@ using Newtonsoft.Json.Linq;
 using Newtonsoft.Json;
 using Siger.WeComApi.Core.Domain.Entity;
 using Siger.WeComApi.Core.Repository;
+using Siger.WeComApi.Core.Dto.Response;
 
 namespace Siger.WeComApi.Biz.service
 {
@@ -170,7 +171,6 @@ namespace Siger.WeComApi.Biz.service
                     }
 
                 }
-
                 //响应应答处理
                 return ReceiveResponse(decryptionParame, timestamp, signature, Token, EncodingAESKey, CorpID);
             }
@@ -180,43 +180,16 @@ namespace Siger.WeComApi.Biz.service
         public void GetPermentCode(string authCode)
         {
             //通过auth code获取公司信息及永久授权码
+            WeComThirdHelper weComThirdHelper = new WeComThirdHelper();
             JObject postJson = new JObject();
             postJson["auth_code"] = authCode;
-            string suitAccessToken = GetSuiteToken();
-            WeComThirdHelper weComThirdHelper = new WeComThirdHelper();
+            var suitAccessToken = weComThirdHelper.GetSuiteAccessToken();
             string pUrl = weComThirdHelper.GetPermanentCodeUrl() + suitAccessToken;
             string corpInfo = weComThirdHelper.post(pUrl + "", postJson);
             //将授权的客户企业存入数据库   补充报错的判断！！！
             InsertWeComCompany(corpInfo);
         }
 
-        private string GetSuiteToken()
-        {
-            WeComThirdHelper weComThirdHelper = new WeComThirdHelper();
-            JObject postJson = new JObject();
-            postJson["suite_id"] = SuiteID;
-            postJson["suite_secret"] = SuiteSecret;
-            postJson["suite_ticket"] = weComThirdHelper.GetTicket();
-            if (string.IsNullOrEmpty(postJson["suite_ticket"].ToString())) 
-            {
-                string errorMsg = "获取suite_ticket失败，请手动推送ticket，或等待10分钟系统自动推送";
-                _logger.Info(errorMsg);
-                throw new Exception(errorMsg);
-            }
-            var posdata = JsonConvert.SerializeObject(postJson);
-            string response = weComThirdHelper.post(weComThirdHelper.GetSuiteTokenUrl(), postJson);
-            JObject suiteJson = (JObject)JsonConvert.DeserializeObject(response);
-            if (suiteJson["errcode"] != null)
-            {
-                string errorMsg = string.Format("获取suite_access_token失败:errcode{0},errmsg{1}", suiteJson["errcode"], suiteJson["errmsg"]);
-                _logger.Info(errorMsg);
-                throw new Exception(errorMsg);
-            }
-            string suite_access_token = suiteJson["suite_access_token"].ToString();
-            weComThirdHelper.SetSuiteToken(suite_access_token);
-            return suite_access_token;
-        }
-
         #region 响应应答处理
         /// <summary>
         /// 响应应答处理
@@ -374,14 +347,12 @@ namespace Siger.WeComApi.Biz.service
             return replyMsg;
         }
 
-
         private string InsertWeComCompany(string corpInfo) 
         {
             JObject corpJson = (JObject)JsonConvert.DeserializeObject(corpInfo);
             if (corpJson["errcode"] != null)
             {
                 string errorMsg = string.Format("获取企业信息及永久授权码失败:errcode{0},errmsg{1}", corpJson["errcode"], corpJson["errmsg"]);
-                _logger.Info(errorMsg);
                 throw new Exception(errorMsg);
             }
             var authCorpInfo = corpJson["auth_corp_info"].ToString();
@@ -393,29 +364,40 @@ namespace Siger.WeComApi.Biz.service
 
         }
 
-        public string GetUserInfo(string code)
+        public ResponseWeComUser GetUserInfo(string code)
         {
+            //获取访客身份
             WeComThirdHelper weComThirdHelper = new WeComThirdHelper();
             JObject postJson = new JObject();
-            postJson["suite_access_token"] = GetSuiteToken();
-            postJson["code"] = code;
-            if (string.IsNullOrEmpty(postJson["suite_access_token"].ToString()))
+            var suite_access_token = weComThirdHelper.GetSuiteAccessToken();
+            var userinfo3rdUrl = weComThirdHelper.GetUserinfo3rdUrl() + "?suite_access_token=" + suite_access_token + "&js_code=" + code + "&grant_type=" + "authorization_code";
+            string response = weComThirdHelper.post(userinfo3rdUrl, null);
+            JObject userInfoJson = (JObject)JsonConvert.DeserializeObject(response);
+            if (userInfoJson["errcode"].ToString() != "0")
             {
-                string errorMsg = "获取suite_access_token失败";
-                _logger.Info(errorMsg);
+                string errorMsg = string.Format("获取访客身份失败,errcode: {0},errmsg: {1}", userInfoJson["errcode"], userInfoJson["errmsg"]);
                 throw new Exception(errorMsg);
             }
-            var posdata = JsonConvert.SerializeObject(postJson);
-            var userinfo3rdUrl = weComThirdHelper.GetUserinfo3rdUrl() + "?suite_access_token=" + GetSuiteToken() + "&code=" + code;
-            string response = weComThirdHelper.post(userinfo3rdUrl, null);
-            JObject userInfoJson = (JObject)JsonConvert.DeserializeObject(response);
-            if (userInfoJson["errcode"] != null)
+
+            //获取当前用户所属公司的永久授权码
+            siger_wecom_company curCompany = _sigerWeComCompanyRepository.GetSigerWeComCompany("", userInfoJson["corpid"].ToString());
+            if (curCompany == null) 
             {
-                string errorMsg = string.Format("获取访客身份失败:errcode{0},errmsg{1}", userInfoJson["errcode"], userInfoJson["errmsg"]);
-                _logger.Info(errorMsg);
+                string errorMsg = string.Format("获取访客身份失败,errcode: {0},errmsg: {1}", "", "数据库中未找到当前授权公司");
                 throw new Exception(errorMsg);
             }
-            return JsonConvert.SerializeObject(userInfoJson);
+
+            //获取客户企业凭证
+            string accessToken = weComThirdHelper.GetCorpAccessToken(curCompany.corpid, curCompany.permanent_code);
+
+            //获取访客敏感信息
+            var userAllInfo = weComThirdHelper.GetUserAllInfo(accessToken, userInfoJson["userid"].ToString());
+            JObject userAllInfoJson = (JObject)JsonConvert.DeserializeObject(userAllInfo);
+            ResponseWeComUser company = JsonConvert.DeserializeObject<ResponseWeComUser>(userAllInfoJson.ToString());
+            company.corpid = curCompany.corpid;
+            company.corpname = curCompany.corp_name;
+
+            return company;
         }
 
     }

src/Siger.WeComApi.Common/Cache/CacheUtility.cs

@@ -221,6 +221,32 @@ namespace Siger.WeComApi.Common.cache
         /// <param name="value"></param>
         /// <param name="overtime">单位-秒</param>
         /// <returns></returns>
+        public bool Set(string key, string value, int overtime = -1)
+        {
+            if (Client == null)
+            {
+                return false;
+            }
+            try
+            {
+                byte[] temparr = SerializeObject(value);
+                return Client.Set(key, temparr, overtime);
+            }
+            catch (Exception ex)
+            {
+                logger.Error(ex, new { key, value, overtime }, key);
+            }
+            return false;
+        }
+
+        /// <summary>
+        /// 设置缓存
+        /// </summary>
+        /// <typeparam name="T"></typeparam>
+        /// <param name="key"></param>
+        /// <param name="value"></param>
+        /// <param name="overtime">单位-秒</param>
+        /// <returns></returns>
         public async Task<bool> SetAsync<T>(string key, T value, int overtime = -1)
         {
             if (Client == null)
@@ -313,6 +339,24 @@ namespace Siger.WeComApi.Common.cache
             return false;
         }
 
+        public long Del(params string[] key)
+        {
+            if (Client == null)
+            {
+                return 0;
+            }
+            try
+            {
+                return Client.Del(key);
+            }
+            catch (Exception ex)
+            {
+                logger.Error(ex, new { key });
+            }
+            return 0;
+        }
+
+
         public long DeleteHost(string HostHash, string key)
         {
             if (Client == null)

src/Siger.WeComApi.Common/Helpers/WeComThirdHelper.cs

@@ -3,9 +3,11 @@ using System.Collections.Generic;
 using System.IO;
 using System.Net;
 using System.Text;
+using System.Threading.Tasks;
 using System.Timers;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
+using Siger.WeComApi.Common.cache;
 
 namespace Siger.ApiTPM.Utilities
 {
@@ -18,6 +20,7 @@ namespace Siger.ApiTPM.Utilities
         private readonly string Token = "VA7Ua2huaUKmjhaxakxCO2iYQYKCa6";
         private readonly string CorpID = "ww99ade71da501313d";
         private readonly string EncodingAESKey = "M1s6eo7BEBmxNw2Tj8TeQPKKT6zqKOyYRWkpuN8kmnn";
+        private readonly string ProviderSecret = "YfzQU3nKNSLAPM9-c4kHtP5hCTFG2p3xbJlFtsIlsxCPgs15079tYNL94Xb5Rf0s";
         //企微应用关联的小程序信息
         private readonly string SuiteID = "wwb172cebe81bae0af";
         private readonly string SuiteSecret = "aHB2yPhKX8AsRp-c_8UBrhOju7ahxu8Rq3LLuRVrRo8";
@@ -39,13 +42,18 @@ namespace Siger.ApiTPM.Utilities
         private string ssoAuthUrl = "https://open.work.weixin.qq.com/wwopen/sso/3rd_qrConnect?appid=%s&redirect_uri=%s&state=%s&usertype=%s";
         private string loginInfoUrl = serviceUrl + "get_login_info?access_token=%s";
         //第三方应用身份验证
-        private string getuserinfo3rdUrl = serviceUrl + "getuserinfo3rd";
+        private string getuserinfo3rdUrl = serviceUrl + "miniprogram/jscode2session";
+        private static string userUrl = baseUrl + "user/";
+        private string getUserAllInfo = userUrl + "get";
+        //加密coprid
+        private string corpIDToOpenCorpIDUrl = serviceUrl + "corpid_to_opencorpid";
+
         //通讯录转译
         private string contactUploadUrl = serviceUrl + "media/upload?provider_access_token=%s&type=%s";
         private string contactTransUrl = serviceUrl + "contact/id_translate?provider_access_token=%s";
         private string transResultUrl = serviceUrl + "batch/getresult?provider_access_token=%s&jobid=%s";
         //公司相关
-        private string corpTokenUrl = serviceUrl + "get_corp_token?suite_access_token=%s";
+        private string corpTokenUrl = serviceUrl + "get_corp_token?suite_access_token=";
         private string departmentUrl = baseUrl + "department/list?access_token=%s";
         private string userSimplelistUrl = baseUrl + "user/simplelist?access_token=%s&department_id=%s&fetch_child=%s";
         private string userDetailUrl = baseUrl + "user/get?access_token={access_token}&userid={user_id}";
@@ -133,11 +141,135 @@ namespace Siger.ApiTPM.Utilities
             return suiteTokenUrl;
         }
 
+        /// <summary>
+        /// 获取客户企业凭证
+        /// </summary>
+        /// <returns></returns>
+        public string GetCorpAccessToken(string corpid,string permanentCode)
+        {
+            string preAccessToken = corpid + "AccessToken";
+            string accessToken = CacheUtility.Instance.GetString(preAccessToken);
+            if (string.IsNullOrEmpty(accessToken))
+            {
+                JObject postJson = new JObject();
+                postJson["auth_corpid"] = corpid;
+                postJson["permanent_code"] = permanentCode;
+                string url = corpTokenUrl + GetSuiteAccessToken();
+                string response = post(url, postJson);
+                JObject accessTokenJson = (JObject)JsonConvert.DeserializeObject(response);
+                if (accessTokenJson["errcode"] != null)
+                {
+                    string errorMsg = string.Format("获取企业{0}应用凭证失败,errcode: {1},errmsg: {2}", corpid, accessTokenJson["errcode"], accessTokenJson["errmsg"]);
+                    throw new Exception(errorMsg);
+                }
+                accessToken = accessTokenJson["access_token"].ToString();
+                CacheUtility.Instance.Set(preAccessToken, accessToken, 7150); //2小时过期的token，此处提前50秒清空
+            }
+            return accessToken;
+        }
+
+        /// <summary>
+        /// 第三方应用 获取访客身份url（简单信息）
+        /// </summary>
+        /// <returns></returns>
         public string GetUserinfo3rdUrl()
         {
             return getuserinfo3rdUrl;
         }
 
+        /// <summary>
+        /// 第三方应用 获取访客身份（敏感信息）
+        /// </summary>
+        /// <returns></returns>
+        public string GetUserAllInfo(string accessToken,string userid)
+        {
+            JObject postJson = new JObject();
+            var url = getUserAllInfo + "?access_token=" + accessToken + "&userid=" + userid;
+            string response = post(url, null);
+            return response;
+        }
+
+        /// <summary>
+        /// 获取第三方应用凭证
+        /// </summary>
+        /// <returns></returns>
+        public string GetSuiteAccessToken()
+        {
+            var suiteAccessToken = CacheUtility.Instance.GetString("SuiteAccessToken");
+            if (string.IsNullOrEmpty(suiteAccessToken))
+            {
+                JObject postJson = new JObject();
+                postJson["suite_id"] = SuiteID;
+                postJson["suite_secret"] = SuiteSecret;
+                postJson["suite_ticket"] = GetTicket();
+                if (string.IsNullOrEmpty(postJson["suite_ticket"].ToString()))
+                {
+                    string errorMsg = "获取suite_ticket失败，请手动推送ticket，或等待10分钟系统自动推送";
+                    throw new Exception(errorMsg);
+                }
+                string response = post(suiteTokenUrl, postJson);
+                JObject suiteAccessTokenJson = (JObject)JsonConvert.DeserializeObject(response);
+                if (suiteAccessTokenJson["errcode"] != null)
+                {
+                    string errorMsg = string.Format("获取第三方应用凭证失败,errcode: {0},errmsg: {1}", suiteAccessTokenJson["errcode"], suiteAccessTokenJson["errmsg"]);
+                    throw new Exception(errorMsg);
+                }
+                suiteAccessToken = suiteAccessTokenJson["suite_access_token"].ToString();
+                CacheUtility.Instance.Set("SuiteAccessToken", suiteAccessToken, 7150); //2小时过期的token，此处提前50秒清零
+            }
+            return suiteAccessToken;
+        }
+
+        /// <summary>
+        /// 获取供应商token(西格的AccessToken)
+        /// </summary>
+        /// <returns></returns>
+        public string GetProviderAccessToken()
+        {
+            var providerToken = CacheUtility.Instance.GetString("ProvideAccessToken");
+            if (string.IsNullOrEmpty(providerToken)) 
+            {
+                JObject postJson = new JObject();
+                postJson["corpid"] = CorpID;
+                postJson["provider_secret"] = ProviderSecret;
+                var response = post(providerTokenUlr, postJson);
+                JObject providerTokenJson = (JObject)JsonConvert.DeserializeObject(response);
+                if (providerTokenJson["errcode"] != null)
+                {
+                    string errorMsg = string.Format("获取服务商凭证失败,errcode: {0},errmsg: {1}", providerTokenJson["errcode"], providerTokenJson["errmsg"]);
+                    throw new Exception(errorMsg);
+                }
+                providerToken = providerTokenJson["provider_access_token"].ToString();
+                CacheUtility.Instance.Set("ProvideAccessToken", providerToken, 7150); //2小时过期的token，此处提前50秒清零
+            }
+            return providerToken;
+        }
+
+        /// <summary>
+        /// 转化为加密后的corpid
+        /// </summary>
+        /// <returns></returns>
+        public string ToOpenCorpid(string corpID)
+        {
+            string provideAccessToken = GetProviderAccessToken();
+            string url = corpIDToOpenCorpIDUrl + "?provider_access_token=" + provideAccessToken;
+            JObject postJson = new JObject();
+            postJson["corpid"] = corpID;
+            string response = post(url, postJson);
+            JObject openCorpIDJson = (JObject)JsonConvert.DeserializeObject(response);
+            if (openCorpIDJson["errcode"] != null)
+            {
+                string errorMsg = string.Format("openCorpID,errcode: {0},errmsg: {1}", openCorpIDJson["errcode"], openCorpIDJson["errmsg"]);
+                throw new Exception(errorMsg);
+            }
+            
+            return openCorpIDJson.ToString();
+        }
+
+        /// <summary>
+        /// post请求方法
+        /// </summary>
+        /// <returns></returns>
         public string post(string posturl, JObject json)
         {
             var posdata = JsonConvert.SerializeObject(json);

src/Siger.WeComApi.Core/Biz/ISigerWeComThirdService.cs

@@ -13,7 +13,7 @@ namespace Siger.WeComApi.Core.Biz
 
         string InstructCallback(HttpRequest request);
 
-        string GetUserInfo(string code);
+        ResponseWeComUser GetUserInfo(string code);
 
     }
 }

src/Siger.WeComApi.Core/Repository/ISigerWeComCompanyRepository.cs

@@ -5,6 +5,7 @@ namespace Siger.WeComApi.Core.Repository
 {
     public interface ISigerWeComCompanyRepository : IRepositoryBase<siger_wecom_company>
     {
+        siger_wecom_company GetSigerWeComCompany(string id, string corpid);
         string AddSigerWeComCompany(siger_wecom_company siger_wecom_company);
 
     }

src/Siger.WeComApi.WebApi/Controllers/UserController.cs

@@ -8,6 +8,7 @@ using Siger.WeComApi.Core.Biz;
 using Siger.WeComApi.Common.Filter;
 using Siger.WeComApi.Common.CommonModels;
 using Siger.WeComApi.Common.Enums;
+using Siger.WeComApi.Core.Dto.Response;
 
 namespace Siger.ApiTPM.Controllers
 {
@@ -32,12 +33,13 @@ namespace Siger.ApiTPM.Controllers
             string result = "success";
             try
             {
-                string userInfo = _sigerWeComThirdService.GetUserInfo(code);
+                ResponseWeComUser userInfo = _sigerWeComThirdService.GetUserInfo(code);
                 return new ResponseBase(1, 1, userInfo);
             }
             catch (Exception ex)
             {
                 result = "企微回调异常：" + ex.Message;
+                _logger.Info(result);
                 return new ResponseBase(1, 1, result);
             }
         }

src/Siger.WeComApi.WebApi/Program.cs

@@ -20,7 +20,7 @@ namespace Siger.WeComApi.WebApi
                 .ConfigureWebHostDefaults(webBuilder =>
                 {
                     webBuilder.UseStartup<Startup>();
-                    webBuilder.UseUrls(args.Length > 1 ? $"http://*:{args[1]}" : "http://*:7008");
+                    webBuilder.UseUrls(args.Length > 1 ? $"http://*:{args[1]}" : "http://*:8105");
                 }).ConfigureAppConfiguration((hostingContext, config) =>
                 {
                     var env = hostingContext.HostingEnvironment;