package logic import ( "context" "encoding/json" "fusenapi/model/gmodel" "fusenapi/server/feishu-sync/internal/svc" "fusenapi/utils/feishu" "github.com/zeromicro/go-zero/core/logx" "io" "net/http" "strconv" "time" ) type WebhookLogic struct { logx.Logger ctx context.Context svcCtx *svc.ServiceContext } func NewWebhookLogic(ctx context.Context, svcCtx *svc.ServiceContext) *WebhookLogic { return &WebhookLogic{ Logger: logx.WithContext(ctx), ctx: ctx, svcCtx: svcCtx, } } type EncryptWebhookMsg struct { Encrypt string `json:"encrypt"` //加密的消息 } type WebhookMsg struct { Type string `json:"type"` Challenge string `json:"challenge"` Header map[string]interface{} `json:"header"` } // webhook消息事件header(body参数)基础信息 type BaseWebhookMsgHeaderType struct { EventId string `json:"event_id"` //事件id(可作为消息唯一性确认) EventType string `json:"event_type"` //事件类型 CreateTime string `json:"create_time"` //创建时间 Token string `json:"token"` //事件token AppId string `json:"app_id"` //app id TenantKey string `json:"tenant_key"` //租户key } func (l *WebhookLogic) Webhook(w http.ResponseWriter, r *http.Request) { bodyBytes, err := io.ReadAll(r.Body) if err != nil { logx.Error("读取请求body失败", err) return } defer r.Body.Close() //计算签名 timestamp := r.Header.Get("X-Lark-Request-Timestamp") nonce := r.Header.Get("X-Lark-Request-Nonce") signature := r.Header.Get("X-Lark-Signature") sign := feishu.CalculateFeiShuWebhookSignature(timestamp, nonce, l.svcCtx.Config.FeiShu.EncryptKey, bodyBytes) if signature != sign { logx.Error("非法的消息,签名验证不通过", sign, "====", signature) return } var encryptMsg EncryptWebhookMsg if err = json.Unmarshal(bodyBytes, &encryptMsg); err != nil { logx.Error("反序列化body失败", err, "body数据:", string(bodyBytes)) return } if encryptMsg.Encrypt == "" { logx.Error("消息加密信息是空的") return } //解密 realMsgBytes, err := feishu.DecryptFeiShuWebhookMsg(encryptMsg.Encrypt, l.svcCtx.Config.FeiShu.EncryptKey) if err != nil { logx.Error(err) return } //如果只是验证http连接的消息 var webhookMsg WebhookMsg if err = json.Unmarshal(realMsgBytes, &webhookMsg); err != nil { logx.Error("反序列化请求body失败", err, "解密数据:", string(realMsgBytes)) return } //验证连接(直接返回) if webhookMsg.Type == "url_verification" { challengeRsp := map[string]string{ "challenge": webhookMsg.Challenge, } b, _ := json.Marshal(challengeRsp) w.Write(b) return } bodyHeaderByte, err := json.Marshal(webhookMsg.Header) if err != nil { logx.Error("序列化请求体header失败:", err) return } var msgHeader BaseWebhookMsgHeaderType if err = json.Unmarshal(bodyHeaderByte, &msgHeader); err != nil { logx.Error("反序列化请求体中的header失败", err) return } httpHeaderBytes, _ := json.Marshal(r.Header) httpHeaderStr := string(httpHeaderBytes) //解密后的数据 decryptMsgStr := string(realMsgBytes) feiShuMsgCreateTimeInt64, err := strconv.ParseInt(msgHeader.CreateTime, 10, 64) if err != nil { logx.Error("解析消息时间错误:", err) return } feiShuMsgCreateTime := time.UnixMilli(feiShuMsgCreateTimeInt64) now := time.Now().UTC() //把事件加入日志 err = l.svcCtx.AllModels.FsFeishuWebhookLog.Create(l.ctx, &gmodel.FsFeishuWebhookLog{ AppId: &msgHeader.AppId, EventId: &msgHeader.EventId, EventType: &msgHeader.EventType, HttpHeader: &httpHeaderStr, Data: &encryptMsg.Encrypt, DecryptData: &decryptMsgStr, MsgCtime: &feiShuMsgCreateTime, Ctime: &now, }) if err != nil { logx.Error("保存webhook消息日志失败:", err) } switch msgHeader.EventType { case "contact.department.created_v3": //部门新建 case "contact.department.deleted_v3": //部门删除 case "contact.department.updated_v3": //部门信息变化 case "contact.employee_type_enum.actived_v3": //启动人员类型事件 case "contact.employee_type_enum.created_v3": //新建人员类型事件 case "contact.employee_type_enum.deactivated_v3": //停用人员类型事件 case "contact.employee_type_enum.deleted_v3": //删除人员类型事件 case "contact.employee_type_enum.updated_v3": //修改人员类型名称事件 case "contact.user.created_v3": //员工入职 err = l.OnUserChange(realMsgBytes) case "contact.user.deleted_v3": //员工离职 err = l.OnUserChange(realMsgBytes) case "contact.user.updated_v3": //员工信息变化 err = l.OnUserChange(realMsgBytes) } if err != nil { logx.Error("处理事件错误:", err) } return }