由于钉钉官方没有golang回调的demo 所以只能自己苦逼的写一个了 经过两天的痛苦终于搞定了~
钉钉回调url地址要外网可以访问的 钉钉有提供内网穿透工具 去钉钉最新文档 开发工具下载内网穿透工具
贴一下windows 使用方法
下载钉钉内网穿透工具 cmd 命令进入 windows_64 目录
然后使用命令 ding.exe -config=ding.cfg -subdomain=luochao 8080
luochao 可以自定义域名的头部 8080 改成你服务器的端口
成功以后访问 http://luochao.vaiwan.com/
贴一下代码
//钉钉回调注册
func DdCallback(access_token string){
data := `{
"url": "`+url+`",
"aes_key": "`+aeskey+`",
"token": "`+tokens+`",
"call_back_tag": [
"bpms_task_change",
"bpms_instance_change",
"user_add_org",
"org_dept_create"
]
}`
rolemember,err:=http.Post("https://oapi.dingtalk.com/call_back/register_call_back?access_token="+access_token,"application/json",strings.NewReader(data))
if err!=nil{
beego.Debug(err)
return
}
defer rolemember.Body.Close()
rolebody ,err:=ioutil.ReadAll(rolemember.Body)
if err!=nil{
beego.Debug(err)
return
}
rolejson,err :=simplejson.NewJson([]byte(rolebody))
if err!=nil{
beego.Debug(err)
return
}
fmt.Println(rolejson)
}
url 回调地址 钉钉会回调这个地址 来效验是否合法正确
aeskey 43位 随机字符 回调的时候会效验
tokens 随机字符串 回调时效验的字符串
call_back_tag 监听的事件注册 参考钉钉旧版回调文档
package bahuan
import(
"github.com/astaxie/beego"
"fmt"
_"net/http"
"sort"
"crypto/sha1"
_"strings"
"crypto/aes"
"errors"
"math/rand"
"time"
"bytes"
r "math/rand"
"encoding/binary"
"crypto/cipher"
"io/ioutil"
"github.com/bitly/go-simplejson"
"encoding/base64"
)
//我的回调
type MyCallback struct{
beego.Controller
}
// const tokens="123afdew"
func (this *MyCallback)GetDDCallBack(){
defer this.ServeJSON()
maps :=make(map[string]interface{})
fmt.Println("我被回调了")
signature:=this.GetString("signature")
timestamp:=this.GetString("timestamp")
nonce:=this.GetString("nonce")
// fmt.Println(signature)
// fmt.Println(timestamp)
// fmt.Println(nonce)
//获取 encrypt
boyds :=this.Ctx.Request.Body
msg ,err:=ioutil.ReadAll(boyds)
if err!=nil{
beego.Debug(err)
return
}
jsonset,err:=simplejson.NewJson([]byte(msg))
if err!=nil{
beego.Debug(err)
return
}
jsonmaps,_:=jsonset.Map()
// fmt.Println(jsonmaps["encrypt"])
singmap :=make(map[string]interface{})
singmap["token"]="123afdew"
singmap["signature"]=signature
singmap["timestamp"]=timestamp
singmap["nonce"]=nonce
singmap["success"]=jsonmaps["encrypt"]
// asbase64 ,err:=Ddbase64sign(aeskey+"=")
// if err!=nil{
// beego.Debug(err)
// return
// }
// fmt.Println(string(asbase64))
res := "success"
c :=NewCrypto(tokens,aeskey,corpid)
sucess,mymsg,err:=c.EncryptMsg(res,timestamp,nonce)
if err!=nil{
beego.Debug(err)
return
}
fmt.Println(mymsg)
fmt.Println(sucess)
maps["msg_signature"]=mymsg
maps["timeStamp"]=timestamp
maps["nonce"]=nonce
maps["encrypt"]=sucess
this.Data["json"]=maps
}
var DefaultDingtalkCrypto *Crypto
const (
AES_ENCODE_KEY_LENGTH = 43
)
//Base64解密
func Ddbase64sign(key string)(bt []byte,err error){
return base64.StdEncoding.DecodeString(key)
}
type Crypto struct {
Token string
AesKey string
SuiteKey string
block cipher.Block
bkey []byte
}
/*
token 随机串
aesKey
suiteKey 一般使用corpID
*/
func NewCrypto(token, aesKey, suiteKey string) (c *Crypto) {
c = &Crypto{
Token: token,
AesKey: aesKey,
SuiteKey: suiteKey,
}
if len(c.AesKey) != AES_ENCODE_KEY_LENGTH {
panic("不合法的aeskey")
}
var err error
c.bkey, err = base64.StdEncoding.DecodeString(aesKey + "=")
if err != nil {
panic(err.Error())
}
c.block, err = aes.NewCipher(c.bkey)
if err != nil {
panic(err.Error())
}
return c
}
/*
signature: 签名字符串
timeStamp: 时间戳
nonce: 随机字符串
secretStr: 密文
返回: 解密后的明文
*/
func (c *Crypto) DecryptMsg(signature, timeStamp, nonce, secretStr string) (string, error) {
if !c.VerifySignature(c.Token, timeStamp, nonce, secretStr, signature) {
return "", errors.New("签名不匹配")
}
decode, err := base64.StdEncoding.DecodeString(secretStr)
if err != nil {
return "", err
}
if len(decode) < aes.BlockSize {
return "", errors.New("密文太短啦")
}
blockMode := cipher.NewCBCDecrypter(c.block, c.bkey[:c.block.BlockSize()])
plantText := make([]byte, len(decode))
blockMode.CryptBlocks(plantText, decode)
plantText = PKCS7UnPadding(plantText)
size := binary.BigEndian.Uint32(plantText[16 : 16+4])
plantText = plantText[16+4:]
cropid := plantText[size:]
if string(cropid) != c.SuiteKey {
return "", errors.New("CropID不正确")
}
return string(plantText[:size]), nil
}
func PKCS7UnPadding(plantText []byte) []byte {
length := len(plantText)
unpadding := int(plantText[length-1])
return plantText[:(length - unpadding)]
}
/*
replyMsg: 明文字符串
timeStamp: 时间戳
nonce: 随机字符串
返回: 密文,签名字符串
*/
func (c *Crypto) EncryptMsg(replyMsg, timeStamp, nonce string) (string, string, error) {
//原生消息体长度
size := make([]byte, 4)
binary.BigEndian.PutUint32(size, uint32(len(replyMsg)))
replyMsg = c.RandomString(16) + string(size) + replyMsg + c.SuiteKey
plantText := PKCS7Padding([]byte(replyMsg), c.block.BlockSize())
if len(plantText)%aes.BlockSize != 0 {
return "", "", errors.New("消息体大小不为16的倍数")
}
blockMode := cipher.NewCBCEncrypter(c.block, c.bkey[:c.block.BlockSize()])
ciphertext := make([]byte, len(plantText))
blockMode.CryptBlocks(ciphertext, plantText)
outStr := base64.StdEncoding.EncodeToString(ciphertext)
sigStr := c.GenerateSignature(c.Token, timeStamp, nonce, string(outStr))
return string(outStr), sigStr, nil
}
func PKCS7Padding(ciphertext []byte, blockSize int) []byte {
padding := blockSize - len(ciphertext)%blockSize
padtext := bytes.Repeat([]byte{byte(padding)}, padding)
return append(ciphertext, padtext...)
}
// 数据签名
func (c *Crypto) GenerateSignature(token, timeStamp, nonce, secretStr string) string {
// 先将参数值进行排序
params := make([]string, 0)
params = append(params, token)
params = append(params, secretStr)
params = append(params, timeStamp)
params = append(params, nonce)
sort.Strings(params)
return sha1Sign(params[0] + params[1] + params[2] + params[3])
}
// 校验数据签名
func (c *Crypto) VerifySignature(token, timeStamp, nonce, secretStr, sigture string) bool {
return c.GenerateSignature(token, timeStamp, nonce, secretStr) == sigture
}
func (c *Crypto) RandomString(n int, alphabets ...byte) string {
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
var bytes = make([]byte, n)
var randby bool
if num, err := rand.Read(bytes); num != n || err != nil {
r.Seed(time.Now().UnixNano())
randby = true
}
for i, b := range bytes {
if len(alphabets) == 0 {
if randby {
bytes[i] = alphanum[r.Intn(len(alphanum))]
} else {
bytes[i] = alphanum[b%byte(len(alphanum))]
}
} else {
if randby {
bytes[i] = alphabets[r.Intn(len(alphabets))]
} else {
bytes[i] = alphabets[b%byte(len(alphabets))]
}
}
}
return string(bytes)
}
func sha1Sign(s string) string {
h := sha1.New()
h.Write([]byte(s))
bs := h.Sum(nil)
return fmt.Sprintf("%x", bs)
}
然后就完成了 钉钉回调事件注册
注:
回调地址类型 要post 钉钉那边是post访问你的回调接口 这个坑了我一晚上