fix: 飞书自定义机器人密钥签名

lenye · Apr 5, 2024 · 2955bf9 · 2955bf9
1 parent bbe3d42
commit 2955bf9
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 21 deletions.
diff --git a/cmd/feishu/feishu_bot.go b/cmd/feishu/feishu_bot.go
@@ -57,7 +57,7 @@ var botCmd = &cobra.Command{
 }
 
 func init() {
-	botCmd.Flags().StringVarP(&variable.AccessToken, flags.AccessToken, "t", "", "feishu bot access token (required)")
+	botCmd.Flags().StringVarP(&variable.AccessToken, flags.AccessToken, "t", "", "feishu bot token (required) , token 为 webhook 地址中 xxx 部分 https://open.feishu.cn/open-apis/bot/v2/hook/xxx")
 	_ = botCmd.MarkFlagRequired(flags.AccessToken)
 
 	botCmd.Flags().StringVarP(&variable.Secret, flags.Secret, "s", "", "sign Secret")

diff --git a/docs/feishu/bot_message.md b/docs/feishu/bot_message.md
@@ -7,7 +7,8 @@ $ pmsg feishu bot -h
 
 -a, --user_agent string     http user agent
 
--t, --access_token string   飞书自定义机器人 access token (必填)
+-t, --access_token string   飞书自定义机器人 token (必填), 
+                             token 为 webhook 地址中 xxx 部分 https://open.feishu.cn/open-apis/bot/v2/hook/xxx
 -s, --secret string         签名密钥
 -m, --msg_type string       消息类型 (必填)，text(文本消息)、post(富文本)、image(图片)、
                                            share_chat(分享群名片)、interactive(消息卡片)
@@ -104,4 +105,4 @@ $ pmsg feishu bot -t access_token -m text 'HelloWorld'
 ok
 ```
 
-官方开发文档 [推送飞书自定义机器人消息](https://open.feishu.cn/document/ukTMukTMukTM/ucTM5YjL3ETO24yNxkjN)
+官方开发文档 [推送飞书自定义机器人消息](https://open.feishu.cn/document/client-docs/bot-v3/add-custom-bot)
diff --git a/internal/im/feishu/bot/message_cmd.go b/internal/im/feishu/bot/message_cmd.go
@@ -54,12 +54,8 @@ func CmdSend(arg *CmdSendParams) error {
 	}
 
 	if arg.Secret != "" {
-		timestamp := strconv.FormatInt(time.Now().Unix(), 10)
-		sign, err := feishu.Sign(timestamp, arg.Secret)
-		if err != nil {
-			return fmt.Errorf("sign failed: %w", err)
-		}
-		msg.TimeStamp = timestamp
+		msg.TimeStamp = strconv.FormatInt(time.Now().Unix(), 10)
+		sign := feishu.Sign(msg.TimeStamp, arg.Secret)
 		msg.Sign = sign
 	}
 

diff --git a/internal/im/feishu/sign.go b/internal/im/feishu/sign.go
@@ -19,7 +19,6 @@ import (
 	"crypto/sha256"
 	"encoding/base64"
 	"fmt"
-	"io"
 	"math"
 	"strconv"
 	"time"
@@ -39,19 +38,13 @@ func Validate(signStr, timestamp, secret string) (bool, error) {
 		return false, fmt.Errorf("specified timestamp is expired")
 	}
 
-	ourSign, err := Sign(timestamp, secret)
-	if err != nil {
-		return false, err
-	}
+	ourSign := Sign(timestamp, secret)
 	return ourSign == signStr, nil
 }
 
 // Sign 签名
-func Sign(timestamp string, secret string) (string, error) {
-	stringToSign := fmt.Sprintf("%s\n%s", timestamp, secret)
-	h := hmac.New(sha256.New, []byte(secret))
-	if _, err := io.WriteString(h, stringToSign); err != nil {
-		return "", err
-	}
-	return base64.StdEncoding.EncodeToString(h.Sum(nil)), nil
+func Sign(timestamp string, secret string) string {
+	stringToSign := timestamp + "\n" + secret
+	h := hmac.New(sha256.New, []byte(stringToSign))
+	return base64.StdEncoding.EncodeToString(h.Sum(nil))
 }