import time import functools import base64 from json import * from odoo import http, fields from odoo.http import request from . import WXBizMsgCrypt from werkzeug.exceptions import abort import xml.etree.cElementTree as Et import requests as req import logging from lxml import etree _logger = logging.getLogger(__name__) def wechat_login(func): """ 用来根据userid取得合作伙伴的id :return: """ @functools.wraps(func) def wrapper(*args, **kw): # now_time = time.time() # request.session['session_time'] = time.time() # if 'session_time' not in request.session: # request.session['session_time'] = 1 # if now_time > request.session['session_time'] + 350: _logger.info(u"没进来之前的kw值为%s" % JSONEncoder().encode(kw)) # if not request.session['login'] or not request.session['login'] or request.session[ # 'login'] == "public": enterprise, agent_id = request.env['we.config'].sudo().get_odoo_wechat() if enterprise and agent_id: if 'code' in kw and 'state' in kw: # 检查是否取得了code if 'kw' in request.session.keys(): _logger.info('code:%s' % kw['code']) account = enterprise.oauth.get_user_info(code=kw['code']) _logger.info('account:%s' % account) if account: # 是否取得了微信企业号通讯录的账号 user_detail = enterprise.user.get_detail(account['user_ticket']) _logger.info('user_detail:%s' % user_detail) request.env['we.employee'].we_privacy_update(user_detail) user = request.env['res.users'].sudo().search( [('we_employee_id', '=', account['UserId'])]) _logger.info('user:%s' % user) if user: # 是否取得了用户 if 'state' in kw: state = base64.b64encode(kw['state'].encode('utf-8')).decode() kw['state'] = state uid = request.session.authenticate(request.session.db, user.login, account['UserId']) kw['user_id'] = uid request.session['session_time'] = time.time() request.session['login'] = user.login _logger.info(u"进来之后的kw值为%s" % kw) return func(*args, **kw) else: _logger.warning(u'用户不存在.') return request.render('sg_wechat_enterprise.wechat_warning', {'title': u'警告', 'content': u'该员工的未配置登录用户.'}) else: _logger.warning(u'微信企业号验证失败.') return request.render('sg_wechat_enterprise.wechat_warning', {'title': u'警告', 'content': u'微信企业号验证失败.'}) else: # 返回时候进入的地方 del kw['code'] del kw['state'] request.session['kw'] = base64.b64encode(JSONEncoder().encode(kw).encode('utf-8')).decode() if len(kw) == 0: base_url = request.httprequest.base_url else: base_url = request.httprequest.base_url + '?' for item, value in kw.items(): base_url += item + '=' + value + "&" base_url = base_url[: -1] url = enterprise.oauth.authorize_url(base_url, state=base64.b64encode( JSONEncoder().encode(kw).encode('utf-8')).decode(), agent_id=agent_id, scope='snsapi_privateinfo') _logger.warning(u"这是授权的url:" + url) value = {"url": url} return request.render("sg_wechat_enterprise.Transfer", value) else: # 开始微信企业号登录认证 request.session['kw'] = base64.b64encode(JSONEncoder().encode(kw).encode('utf-8')).decode() if len(kw) == 0: base_url = request.httprequest.base_url else: base_url = request.httprequest.base_url + '?' for item, value in kw.items(): base_url += item + '=' + value + "&" base_url = base_url[: -1] url = enterprise.oauth.authorize_url(base_url, state=base64.b64encode( JSONEncoder().encode(kw).encode('utf-8')).decode(), agent_id=agent_id, scope='snsapi_privateinfo' ) _logger.warning(u"这是授权的url:" + url) value = {"url": url} return request.render("sg_wechat_enterprise.Transfer", value) else: _logger.warning(u'微信企业号初始化失败.') return request.render('sg_wechat_enterprise.wechat_warning', {'title': u'警告', 'content': u'微信企业号初始化失败.'}) # return func(*args, **kw) return wrapper class WechatEnterprise(http.Controller): """ 用于接收微信发过来的任何消息,并转发给相应的业务类进行处理 """ __check_str = 'NDOEHNDSY#$_@$JFDK:Q{!' BASE_URL = '/we' @wechat_login @http.route(BASE_URL + '/auth', type='http', auth='none') def auth(self, *args, **kw): """ 企业微信免登认证 """ try: # user_id = (request.session['uid']) redirect1 = kw['redirect'] if 'redirect' in kw else None uid = kw['user_id'] if 'redirect' in kw else None _logger.info('user_id %s', uid) if uid is not False: request.params['login_success'] = True if not redirect1: redirect1 = '/web' redirect1 = redirect1.replace('-', '&').replace('?', '#') logging.info('url:%s' % redirect1) return request.redirect(redirect1) except Exception as ex: _logger.error('无有效的登录凭证.') _logger.warning('auth exceptions:%s' % ex) return request.render('sg_wechat_enterprise.wechat_warning', {'title': u'警告', 'content': u'无有效的登录凭证.'}) @http.route('/WechatEnterprise//api', type='http', auth="public", methods=["GET", "POST"], csrf=False) def process(self, code, **kwargs): """ 处理从微信服务器发送过来的请求 :param code: 自定义代码 :param kwargs: 包含 (msg_signature, timestamp, nonce, echostr) 等参数 :return: """ _logger.info(u'处理从微信服务器发送过来的请求code: %s, kwargs: %s' % (code, kwargs)) app_id = request.env['we.app'].sudo().search([('code', '=', code)], limit=1) if not app_id: _logger.warning(u'Can not find wechat app by code: {code}') abort(403) corp_id = app_id.enterprise_id we_chat_cpt = WXBizMsgCrypt.WXBizMsgCrypt(app_id.Token, app_id.EncodingAESKey, corp_id.corp_id) signature, timestamp, nonce = kwargs['msg_signature'], kwargs['timestamp'], kwargs['nonce'] if kwargs.get('echostr'): echo_string = kwargs['echostr'] sort_list = [app_id.Token, timestamp, nonce, echo_string] if request.env['we.tools'].sudo(). \ check_message_signature(message_list=sort_list, msg_signature=signature): ret, signature_echo_string = we_chat_cpt.VerifyURL(signature, timestamp, nonce, echo_string) if ret == 0: return str(signature_echo_string, encoding="utf8") body_text = request.httprequest.data ret, signature_message = we_chat_cpt.DecryptMsg(body_text, signature, timestamp, nonce) xml_tree = Et.fromstring(signature_message) if len(xml_tree.findall("SuiteId")) > 0: return "success" if len(xml_tree.find("ApprovalInfo")) > 0: xmlstr = etree.fromstring(signature_message) # data = xml2json_from_elementtree(xmlstr) return request.env['we.receive.message'].sudo().sys_approval_change(xml_tree.find("ApprovalInfo")) data = { 'MsgType': xml_tree.find("MsgType").text, # 'AgentID': xml_tree.find("AgentID").text, 'ToUserName': xml_tree.find("ToUserName").text, 'FromUserName': xml_tree.find("FromUserName").text, 'CreateTime': xml_tree.find("CreateTime").text } if xml_tree.find("AgentID") != None: data['AgentID'] = xml_tree.find("AgentID").text if data["MsgType"] == "text": data["Content"] = xml_tree.find("Content").text data["MsgId"] = xml_tree.find("MsgId").text if data["MsgType"] == "image": data["PicUrl"] = xml_tree.find("PicUrl").text data["MediaId"] = xml_tree.find("MediaId").text data["MsgId"] = xml_tree.find("MsgId").text if data["MsgType"] == "voice": data["MediaId"] = xml_tree.find("MediaId").text data["Format"] = xml_tree.find("Format").text data["MsgId"] = xml_tree.find("MsgId").text if data["MsgType"] == "video" or data["MsgType"] == "shortvideo": data["MediaId"] = xml_tree.find("MediaId").text data["ThumbMediaId"] = xml_tree.find("ThumbMediaId").text data["MsgId"] = xml_tree.find("MsgId").text if data["MsgType"] == "location": data["Location_X"] = xml_tree.find("Location_X").text data["Location_Y"] = xml_tree.find("Location_Y").text data["Scale"] = xml_tree.find("Scale").text data["Label"] = xml_tree.find("Label").text data["MsgId"] = xml_tree.find("MsgId").text if data["MsgType"] == "link": data["Title"] = xml_tree.find("Title").text data["Description"] = xml_tree.find("Description").text data["PicUrl"] = xml_tree.find("PicUrl").text data["MsgId"] = xml_tree.find("MsgId").text if data["MsgType"] == "event": if xml_tree.find("Event") == "subscribe" or xml_tree.find("Event") == "unsubscribe": data["Event"] = xml_tree.find("Event").text else: ret, signature_message = we_chat_cpt.EncryptMsg(signature_message, nonce, timestamp) return signature_message request.env['we.receive.message'].sudo().process_message(data) return '' @http.route('/WechatEnterprise/transfer', type='http', auth="public", methods=["POST", "GET"], csrf=False) def transfer(self, url): value = {"url": url} return request.render('sg_wechat_enterprise.Transfer', value)