飞书监听事件（事件订阅）

前言

飞书开发涉及到会议系统，会议需要在每个会议室的pad上进行展示，所以涉及到会议一些数据的监听，进行变更，飞书app机器人也涉及到监听用户@机器人事件来进行做出相应的动作

<1>飞书端配置

监听流程可见：官方文档
1.加密设置Encrypt Key
2.请求网址URL需要一个可以访问公网的地址（花生壳之类的映射）
3.飞书事件订阅，设置请求网址url

3.点击保存，会收到一个post请求，并且在1秒内需要返回如下结果

// 收到的请求
{
    "encrypt": "ds3da3sj32421lkkld4s5ao" // 加密字符串，解密方法请看下方的安全相关内容
}

其实返回这个结果也是可以的

// 收到的请求
{ 
    "challenge": "ajls384kdjx98XX", // 应用需要原样返回的值 
    "token": "xxxxxx",              // Token的使用可参考文档“通过Token验证事件来源”  
    "type": "url_verification"      // 表示这是一个验证请求 
}

<2>代码实现

1.接收请求代码，在springboot项目下写一个对应上面配置的path接口

import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;


@RestController
public class EventDataController {

    @RequestMapping("/123")
    private static JSONObject eventData(@RequestBody String s) {
        JSONObject jsonResponse = JSON.parseObject(s);
        JSONObject jsonObject = JSON.parseObject(NotifyDataDecrypter.decrypt("XwkFttsnRxMTXl0f93SwVcYvpVzf1jrm", jsonResponse.get("encrypt").toString()));
        return jsonObject;
    }

}

2.解密代码

/*
 * Copyright (c) 2019 Bytedance Inc.  All rights reserved.
 * Use of this source code is governed by a MIT style
 * license that can be found in the LICENSE file.
 */

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;

public class NotifyDataDecrypter {

    public static byte[] decrypterKey(String keyStr) {
        MessageDigest digest = null;
        try {
            digest = MessageDigest.getInstance("SHA-256");
        } catch (NoSuchAlgorithmException e) {
            // won't happen
        }
        return digest.digest(keyStr.getBytes(StandardCharsets.UTF_8));
    }


    /**
     *
     * @param key 飞书应用配置的 Encrypt Key
     * @param content 请求json encrypt的对应的值
     * @return
     */
    public static String decrypt(String key, String content)  {

        byte[] decode = Base64.getDecoder().decode(content);

        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance("AES/CBC/NOPADDING");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            e.printStackTrace();
        }

        byte[] iv = new byte[16];
        System.arraycopy(decode, 0, iv, 0, 16);

        byte[] data = new byte[decode.length - 16];
        System.arraycopy(decode, 16, data, 0, data.length);

        try {
            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decrypterKey(key), "AES"), new IvParameterSpec(iv));
        } catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
            e.printStackTrace();
        }

        byte[] r = new byte[0];
        try {
            r = cipher.doFinal(data);
        } catch (IllegalBlockSizeException | BadPaddingException e) {
            e.printStackTrace();
        }
        if (r.length > 0) {
            int p = r.length - 1;
            for (; p >= 0 && r[p] < 16; p--) {
            }

            if (p != r.length - 1) {
                byte[] rr = new byte[p + 1];
                System.arraycopy(r, 0, rr, 0, p + 1);
                r = rr;
            }
        }

        String str = new String(r, StandardCharsets.UTF_8);

        System.out.println(str);

        return new String(r, StandardCharsets.UTF_8);
    }


    public static void main(String[] args)  {

        decrypt("XwkFttsnRxMTXl0f93SwVcYvpVzf1jrm","feURdXsQDd+Wb/LeCc28Jetd/K0OsZVNvhirMQ2ICwLTzDFVeNb8cQAJ7/z8QDkHkvc9fB31nz9Hh9LJvvFR6J7osa3OlC+PAMuMoui4k2Xk9LKRy303JIccSP5fypZ5hyzvjeRRfsO8l7v3T42Uyl5SmHh9I9jeLBaHf3POG5vBcIN5Tqzaxg/op+lEdI+UUXmdntKrYoHH8CFtI2ibnV0PNSqsH+OCkBb75BaxEXYhKTcvf8wBZSYN5n85XS077httQdmnBdXhPQc7tOi3o3vYKgfTRBBQVV4shgeA9Y9VClhbbtI8iPlSMl71OHJqQ2FByDKHK46G6hISEU4lN686gTr1OfisX4OKlbNbfTe1cUoLothRRofoU2Smrdt8O32NHdAI/gGEZPgczU5bMTQVw9Bm3EBnBaH5mhGU4qFA+4F57BwW96QyAgZKe+8D0aq2kJ6Pcj5liCMyd5e22wjaePNK4nE2piTREsaCpHGzUUgj9/IeafHQ2G00gdlU");
    }
}

3.之后监听事件，是没有challenge，正常返回结果即可，例如监听非三方会议事件

先在事件订阅，添加事件，不添加就监听不到事件，我们可以添加会议相关的事件

添加完后，去飞书预约一个会议，即可获取如下数据

{
    "schema":"2.0",
    "header":{
        "event_id":"xxxxxxxxxxxxxxxxxxxxxxxxx",
        "token":"xxxxxxxxxxxxxxxxxxxxxxxxxxx",
        "create_time":"xxxxxxxxxxxxx",
        "event_type":"meeting_room.meeting_room.status_changed_v1",
        "tenant_key":"xxxxxxxxxxxx",
        "app_id":"cli_xxxxxxxxxxxxx"
    },
    "event":{
        "room_id":"omm_xxxxxxxxxxxxxxxxxxxxxxxxxx",
        "room_name":"温酒斩华雄"
    }
}

总结

1、非三方会议，能监听到的内容并不多
2、必须得1秒返回，事件比较多的话，对监听到的数据进行处理，就得异步了
3、监听的操作还是比较简单的