🎨 #3186 【企业微信】增加获取用户登录身份和获取用户二次验证信息的接口

2025-06-28 13:16:19 +08:00 · 2023-12-15 17:50:59 +08:00 · 2023-12-15 17:50:59 +08:00 · a5a375eaf0
commit a5a375eaf0
parent e6923cd2cc
4 changed files with 94 additions and 0 deletions
--- a/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOAuth2Service.java
+++ b/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOAuth2Service.java
@ -3,6 +3,7 @@ package me.chanjar.weixin.cp.api;
 import me.chanjar.weixin.common.error.WxErrorException;
 import me.chanjar.weixin.cp.bean.WxCpOauth2UserInfo;
 import me.chanjar.weixin.cp.bean.WxCpUserDetail;
+import me.chanjar.weixin.cp.bean.workbench.WxCpSecondVerificatioInformation;

 /**
 * <pre>
@ -116,4 +117,38 @@ public interface WxCpOAuth2Service {
   * @throws WxErrorException 异常
   */
  WxCpUserDetail getUserDetail(String userTicket) throws WxErrorException;
+
+  /**
+   * <pre>
+   * 获取用户登录身份
+   * https://qyapi.weixin.qq.com/cgi-bin/auth/getuserinfo?access_token=ACCESS_TOKEN&code=CODE
+   * 该接口可使用用户登录成功颁发的code来获取成员信息，适用于自建应用与代开发应用
+   *
+   * 注意: 旧的/user/getuserinfo 接口的url已变更为auth/getuserinfo，不过旧接口依旧可以使用，建议是关注新接口即可
+   *
+   * 适用范围：身份验证中网页授权开发和企业微信Web登录的获取用户登录身份
+   * </pre>
+   *
+   * @param code 通过成员授权获取到的code，最大为512字节。每次成员授权带上的code将不一样，code只能使用一次，5分钟未被使用自动过期。
+   * @return WxCpOauth2UserInfo user info
+   * @throws WxErrorException 异常
+   * @see #getUserInfo(Integer, String) #getUserInfo(Integer, String)
+   */
+  WxCpOauth2UserInfo getAuthUserInfo(String code) throws WxErrorException;
+
+  /**
+   * 获取用户二次验证信息
+   *
+   * https://qyapi.weixin.qq.com/cgi-bin/auth/get_tfa_info?access_token=ACCESS_TOKEN
+   *
+   * @author Hugo
+   * @date 2023/12/14 10:29
+   * @param code 用户进入二次验证页面时，企业微信颁发的code,每次成员授权带上的code将不一样，code只能使用一次，5分钟未被使用自动过期
+   * @return me.chanjar.weixin.cp.bean.workbench.WxCpSecondVerificatioInformation 二次验证授权码，开发者可以调用通过二次验证接口，解锁企业微信终端.tfa_code有效期五分钟，且只能使用一次。
+   *
+   * 权限说明：仅『通讯录同步』或者自建应用可调用，如用自建应用调用，用户需要在二次验证范围和应用可见范围内。
+   *
+   * 并发限制：20
+   */
+  WxCpSecondVerificatioInformation get_tfa_info(String code) throws WxErrorException;
 }
--- a/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/impl/WxCpOAuth2ServiceImpl.java
+++ b/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/impl/WxCpOAuth2ServiceImpl.java
@ -10,6 +10,7 @@ import me.chanjar.weixin.cp.api.WxCpOAuth2Service;
 import me.chanjar.weixin.cp.api.WxCpService;
 import me.chanjar.weixin.cp.bean.WxCpOauth2UserInfo;
 import me.chanjar.weixin.cp.bean.WxCpUserDetail;
+import me.chanjar.weixin.cp.bean.workbench.WxCpSecondVerificatioInformation;
 import me.chanjar.weixin.cp.util.json.WxCpGsonBuilder;

 import static me.chanjar.weixin.common.api.WxConsts.OAuth2Scope.*;
@ -106,4 +107,27 @@ public class WxCpOAuth2ServiceImpl implements WxCpOAuth2Service {
      param.toString());
    return WxCpGsonBuilder.create().fromJson(responseText, WxCpUserDetail.class);
  }
+
+  @Override
+  public WxCpOauth2UserInfo getAuthUserInfo(String code) throws WxErrorException {
+    String responseText =
+      this.mainService.get(String.format(this.mainService.getWxCpConfigStorage().getApiUrl(GET_USER_AUTH_INFO), code), null);
+    JsonObject jo = GsonParser.parse(responseText);
+
+    return WxCpOauth2UserInfo.builder()
+      .userId(GsonHelper.getString(jo, "UserId"))
+      .openId(GsonHelper.getString(jo, "OpenId"))
+      .userTicket(GsonHelper.getString(jo, "user_ticket"))
+      .externalUserId(GsonHelper.getString(jo, "external_userid"))
+      .build();
+  }
+
+  @Override
+  public WxCpSecondVerificatioInformation get_tfa_info(String code) throws WxErrorException {
+    JsonObject param = new JsonObject();
+    param.addProperty("code", code);
+    String responseText = this.mainService.post(this.mainService.getWxCpConfigStorage().getApiUrl(GET_TFA_INFO),
+      param.toString());
+    return WxCpGsonBuilder.create().fromJson(responseText, WxCpSecondVerificatioInformation.class);
+  }
 }
--- a/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/bean/workbench/WxCpSecondVerificatioInformation.java
+++ b/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/bean/workbench/WxCpSecondVerificatioInformation.java
@ -0,0 +1,27 @@
+package me.chanjar.weixin.cp.bean.workbench;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.experimental.Accessors;
+
+/**
+ * @author Hugo
+ * <pre>
+ *  获取用户二次验证信息的结果类
+ * </pre>
+ * <p>
+ * 文档1：https://developer.work.weixin.qq.com/document/path/99499
+ */
+@Data
+@Accessors(chain = true)
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class WxCpSecondVerificatioInformation {
+  private static final long serialVersionUID = -4301564507150486556L;
+
+  private String userId;
+  private String tfa_code;
+}
--- a/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/constant/WxCpApiPathConsts.java
+++ b/weixin-java-cp/src/main/java/me/chanjar/weixin/cp/constant/WxCpApiPathConsts.java
@ -148,6 +148,14 @@ public interface WxCpApiPathConsts {
     * The constant URL_OAUTH2_AUTHORIZE.
     */
    String URL_OAUTH2_AUTHORIZE = "https://open.weixin.qq.com/connect/oauth2/authorize";
+    /**
+     * The constant GET_USER_INFO without agentId.
+     */
+    String GET_USER_AUTH_INFO = "/cgi-bin/auth/getuserinfo?code=%s";
+    /**
+     * The constant GET_TFA_INFO.
+     */
+    String GET_TFA_INFO = "/cgi-bin/auth/get_tfa_info";
  }

  /**