企业微信：增加收到企业微信服务商服务器消息解密的方法

weixin-java-cp/src/main/java/me/chanjar/weixin/cp/bean/message/WxCpTpXmlMessage.java

@@ -9,6 +9,8 @@
 import me.chanjar.weixin.common.util.xml.IntegerArrayConverter;
 import me.chanjar.weixin.common.util.xml.StringArrayConverter;
 import me.chanjar.weixin.common.util.xml.XStreamCDataConverter;
+import me.chanjar.weixin.cp.config.WxCpTpConfigStorage;
+import me.chanjar.weixin.cp.util.crypto.WxCpTpCryptUtil;
 import me.chanjar.weixin.cp.util.xml.XStreamTransformer;
 
 import java.io.Serializable;
@@ -774,4 +776,20 @@ public static WxCpTpXmlMessage fromXml(String xml) {
     return xmlPackage;
   }
 
+  /**
+   *
+   * @param encryptedXml         the encrypted xml
+   * @param wxCpTpConfigStorage  the wx cp config storage
+   * @param timestamp            the timestamp
+   * @param nonce                the nonce
+   * @param msgSignature         the msg signature
+   * @return                     the wx cp tp xml message
+   */
+  public static WxCpTpXmlMessage fromEncryptedXml(String encryptedXml, WxCpTpConfigStorage wxCpTpConfigStorage,
+                                                  String timestamp, String nonce, String msgSignature) {
+    WxCpTpCryptUtil cryptUtil = new WxCpTpCryptUtil(wxCpTpConfigStorage);
+    String plainText = cryptUtil.decrypt(msgSignature, timestamp, nonce, encryptedXml);
+    log.debug("解密后的原始xml消息内容：{}", plainText);
+    return fromXml(plainText);
+  }
 }

weixin-java-cp/src/main/java/me/chanjar/weixin/cp/tp/service/WxCpTpOAuth2Service.java

@@ -0,0 +1,34 @@
+package me.chanjar.weixin.cp.tp.service;
+
+/**
+ * <pre>
+ *   构造第三方应用oauth2链接
+ *   Created by feidian108 on 2023/3/24.
+ * </pre>
+ * <p>
+ * <a href="https://developer.work.weixin.qq.com/document/path/91120">企业微信服务商文档</a>
+ */
+public interface WxCpTpOAuth2Service {
+
+  /**
+   * <pre>
+   *   构造第三方应用oauth2链接(静默授权)
+   * </pre>
+   * @param redirectUri  授权后重定向的回调链接地址
+   * @param state        重定向后state参数
+   * @return             url string
+   */
+  String buildAuthorizeUrl(String redirectUri, String state);
+
+
+  /**
+   * <pre>
+   *   构造第三方应用oauth2链接
+   * </pre>
+   * @param redirectUri   授权后重定向的回调链接地址
+   * @param state         重定向后state参数
+   * @param scope         应用授权作用域,snsapi_base：静默授权,snsapi_privateinfo：手动授权
+   * @return              url string
+   */
+  String buildAuthorizeUrl(String redirectUri, String state, String scope);
+}

weixin-java-cp/src/main/java/me/chanjar/weixin/cp/tp/service/WxCpTpService.java

@@ -631,4 +631,11 @@ public interface WxCpTpService {
 
   void setWxCpTpIdConverService(WxCpTpIdConvertService wxCpTpIdConvertService);
 
+  /**
+   * 构造第三方应用oauth2链接
+   */
+  WxCpTpOAuth2Service getWxCpTpOAuth2Service();
+
+  void setWxCpTpOAuth2Service(WxCpTpOAuth2Service wxCpTpOAuth2Service);
+
 }

weixin-java-cp/src/main/java/me/chanjar/weixin/cp/tp/service/impl/BaseWxCpTpServiceImpl.java

@@ -56,7 +56,7 @@ public abstract class BaseWxCpTpServiceImpl<H, P> implements WxCpTpService, Requ
   private WxCpTpEditionService wxCpTpEditionService = new WxCpTpEditionServiceImpl(this);
   private WxCpTpLicenseService wxCpTpLicenseService = new WxCpTpLicenseServiceImpl(this);
   private WxCpTpIdConvertService wxCpTpIdConvertService = new WxCpTpIdConvertServiceImpl(this);
-
+  private WxCpTpOAuth2Service wxCpTpOAuth2Service = new WxCpTpOAuth2ServiceImpl(this);
   /**
    * 全局的是否正在刷新access token的锁.
    */
@@ -753,5 +753,13 @@ public void setWxCpTpIdConverService(WxCpTpIdConvertService wxCpTpIdConvertServi
   }
 
 
+  @Override
+  public WxCpTpOAuth2Service getWxCpTpOAuth2Service() {
+    return wxCpTpOAuth2Service;
+  }
 
+  @Override
+  public void setWxCpTpOAuth2Service(WxCpTpOAuth2Service wxCpTpOAuth2Service) {
+    this.wxCpTpOAuth2Service = wxCpTpOAuth2Service;
+  }
 }

weixin-java-cp/src/main/java/me/chanjar/weixin/cp/tp/service/impl/WxCpTpOAuth2ServiceImpl.java

@@ -0,0 +1,35 @@
+package me.chanjar.weixin.cp.tp.service.impl;
+
+import lombok.RequiredArgsConstructor;
+import me.chanjar.weixin.common.util.http.URIUtil;
+import me.chanjar.weixin.cp.tp.service.WxCpTpOAuth2Service;
+import me.chanjar.weixin.cp.tp.service.WxCpTpService;
+
+import static me.chanjar.weixin.common.api.WxConsts.OAuth2Scope.SNSAPI_BASE;
+import static me.chanjar.weixin.cp.constant.WxCpApiPathConsts.OAuth2.URL_OAUTH2_AUTHORIZE;
+
+@RequiredArgsConstructor
+public class WxCpTpOAuth2ServiceImpl implements WxCpTpOAuth2Service {
+
+  private final WxCpTpService mainService;
+
+
+  @Override
+  public String buildAuthorizeUrl(String redirectUri, String state) {
+    return this.buildAuthorizeUrl(redirectUri, state, SNSAPI_BASE);
+  }
+
+  @Override
+  public String buildAuthorizeUrl(String redirectUri, String state, String scope) {
+    StringBuilder url = new StringBuilder(URL_OAUTH2_AUTHORIZE);
+    url.append("?appid=").append(this.mainService.getWxCpTpConfigStorage().getSuiteId());
+    url.append("&redirect_uri=").append(URIUtil.encodeURIComponent(redirectUri));
+    url.append("&response_type=code");
+    url.append("&scope=").append(scope);
+    if (state != null) {
+      url.append("&state=").append(state);
+    }
+    url.append("#wechat_redirect");
+    return url.toString();
+  }
+}