GenarrativeAI/Genarrative
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: support mini program phone authorization binding

Browse Source
This commit is contained in:
kdletters
2026-05-12 22:30:24 +08:00
parent 26139f80d3
commit e36a562098
17 changed files with 657 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

207
server-rs/crates/platform-auth/src/lib.rs
View File

@@ -42,6 +42,10 @@ pub const DEFAULT_WECHAT_ACCESS_TOKEN_ENDPOINT: &str =
pub const DEFAULT_WECHAT_USER_INFO_ENDPOINT: &str = "https://api.weixin.qq.com/sns/userinfo";
pub const DEFAULT_WECHAT_JS_CODE_SESSION_ENDPOINT: &str =
"https://api.weixin.qq.com/sns/jscode2session";
pub const DEFAULT_WECHAT_STABLE_ACCESS_TOKEN_ENDPOINT: &str =
"https://api.weixin.qq.com/cgi-bin/stable_token";
pub const DEFAULT_WECHAT_PHONE_NUMBER_ENDPOINT: &str =
"https://api.weixin.qq.com/wxa/business/getuserphonenumber";
type HmacSha256 = Hmac<Sha256>;
@@ -184,6 +188,8 @@ pub struct WechatAuthConfig {
pub access_token_endpoint: String,
pub user_info_endpoint: String,
pub js_code_session_endpoint: String,
pub stable_access_token_endpoint: String,
pub phone_number_endpoint: String,
pub mock_user_id: String,
pub mock_union_id: Option<String>,
pub mock_display_name: String,
@@ -224,6 +230,15 @@ pub struct RealWechatProvider {
access_token_endpoint: String,
user_info_endpoint: String,
js_code_session_endpoint: String,
stable_access_token_endpoint: String,
phone_number_endpoint: String,
}
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct WechatPhoneNumberProfile {
pub phone_number: String,
pub pure_phone_number: Option<String>,
pub country_code: Option<String>,
}
#[derive(Clone, Debug)]
@@ -325,6 +340,31 @@ struct WechatJsCodeSessionResponse {
errmsg: Option<String>,
}
#[derive(Debug, Deserialize)]
struct WechatStableAccessTokenResponse {
access_token: Option<String>,
errcode: Option<i64>,
errmsg: Option<String>,
}
#[derive(Debug, Deserialize)]
struct WechatPhoneNumberResponse {
errcode: Option<i64>,
errmsg: Option<String>,
#[serde(default)]
phone_info: Option<WechatPhoneNumberInfo>,
}
#[derive(Debug, Deserialize)]
struct WechatPhoneNumberInfo {
#[serde(default)]
phone_number: Option<String>,
#[serde(default)]
pure_phone_number: Option<String>,
#[serde(default)]
country_code: Option<String>,
}
#[derive(Debug, Deserialize)]
struct AliyunSendSmsVerifyCodeResponse {
// 阿里云 RPC 原始 JSON 使用首字母大写字段名,这里必须显式映射,避免把成功响应误判成空值。
@@ -648,6 +688,8 @@ impl WechatAuthConfig {
access_token_endpoint: String,
user_info_endpoint: String,
js_code_session_endpoint: String,
stable_access_token_endpoint: String,
phone_number_endpoint: String,
mock_user_id: String,
mock_union_id: Option<String>,
mock_display_name: String,
@@ -664,6 +706,8 @@ impl WechatAuthConfig {
access_token_endpoint,
user_info_endpoint,
js_code_session_endpoint,
stable_access_token_endpoint,
phone_number_endpoint,
mock_user_id,
mock_union_id,
mock_display_name,
@@ -717,6 +761,8 @@ impl WechatProvider {
access_token_endpoint: config.access_token_endpoint,
user_info_endpoint: config.user_info_endpoint,
js_code_session_endpoint: config.js_code_session_endpoint,
stable_access_token_endpoint: config.stable_access_token_endpoint,
phone_number_endpoint: config.phone_number_endpoint,
})
}
@@ -755,6 +801,28 @@ impl WechatProvider {
Self::Real(provider) => provider.resolve_mini_program_login_profile(code).await,
}
}
pub async fn resolve_mini_program_phone_number(
&self,
code: Option<&str>,
) -> Result<WechatPhoneNumberProfile, WechatProviderError> {
match self {
Self::Disabled => Err(WechatProviderError::Disabled),
Self::Mock(_) => {
let phone_number = code
.map(str::trim)
.filter(|value| !value.is_empty())
.unwrap_or("13800138000")
.to_string();
Ok(WechatPhoneNumberProfile {
phone_number: phone_number.clone(),
pure_phone_number: Some(phone_number),
country_code: Some("86".to_string()),
})
}
Self::Real(provider) => provider.resolve_mini_program_phone_number(code).await,
}
}
}
impl MockWechatProvider {
@@ -990,6 +1058,141 @@ impl RealWechatProvider {
avatar_url: None,
})
}
async fn resolve_mini_program_phone_number(
&self,
code: Option<&str>,
) -> Result<WechatPhoneNumberProfile, WechatProviderError> {
let code = code
.map(str::trim)
.filter(|value| !value.is_empty())
.ok_or(WechatProviderError::MissingCode)?;
let app_id = self
.mini_program_app_id
.as_ref()
.or(self.app_id.as_ref())
.ok_or_else(|| {
WechatProviderError::InvalidConfig("微信小程序 AppID 未配置".to_string())
})?;
let app_secret = self
.mini_program_app_secret
.as_ref()
.or(self.app_secret.as_ref())
.ok_or_else(|| {
WechatProviderError::InvalidConfig("微信小程序 AppSecret 未配置".to_string())
})?;
let access_token = self
.request_mini_program_access_token(app_id, app_secret)
.await?;
let mut phone_number_url = Url::parse(&self.phone_number_endpoint).map_err(|error| {
WechatProviderError::InvalidConfig(format!("微信手机号接口地址非法:{error}"))
})?;
phone_number_url
.query_pairs_mut()
.append_pair("access_token", &access_token);
let payload = self
.client
.post(phone_number_url.as_str())
.json(&serde_json::json!({ "code": code }))
.send()
.await
.map_err(|error| {
warn!(error = %error, "微信小程序手机号请求失败");
WechatProviderError::RequestFailed("微信手机号授权失败:手机号请求失败".to_string())
})?
.json::<WechatPhoneNumberResponse>()
.await
.map_err(|error| {
warn!(error = %error, "微信小程序手机号响应解析失败");
WechatProviderError::DeserializeFailed(
"微信手机号授权失败:手机号响应非法".to_string(),
)
})?;
if let Some(errcode) = payload.errcode.filter(|value| *value != 0) {
return Err(WechatProviderError::Upstream(format!(
"微信手机号授权失败:{}",
payload
.errmsg
.unwrap_or_else(|| format!("getuserphonenumber 返回错误 {errcode}"))
)));
}
let phone_info = payload.phone_info.ok_or_else(|| {
WechatProviderError::MissingProfile("微信手机号授权失败:缺少手机号信息".to_string())
})?;
let phone_number = phone_info
.pure_phone_number
.clone()
.or(phone_info.phone_number.clone())
.filter(|value| !value.trim().is_empty())
.ok_or_else(|| {
WechatProviderError::MissingProfile("微信手机号授权失败:缺少手机号".to_string())
})?;
Ok(WechatPhoneNumberProfile {
phone_number,
pure_phone_number: phone_info.pure_phone_number,
country_code: phone_info.country_code,
})
}
async fn request_mini_program_access_token(
&self,
app_id: &str,
app_secret: &str,
) -> Result<String, WechatProviderError> {
let url = Url::parse(&self.stable_access_token_endpoint).map_err(|error| {
WechatProviderError::InvalidConfig(format!("微信 stable_token 地址非法:{error}"))
})?;
let payload = self
.client
.post(url.as_str())
.json(&serde_json::json!({
"grant_type": "client_credential",
"appid": app_id,
"secret": app_secret,
"force_refresh": false
}))
.send()
.await
.map_err(|error| {
warn!(error = %error, "微信小程序 stable_token 请求失败");
WechatProviderError::RequestFailed(
"微信手机号授权失败access_token 请求失败".to_string(),
)
})?
.json::<WechatStableAccessTokenResponse>()
.await
.map_err(|error| {
warn!(error = %error, "微信小程序 stable_token 响应解析失败");
WechatProviderError::DeserializeFailed(
"微信手机号授权失败access_token 响应非法".to_string(),
)
})?;
if let Some(errcode) = payload.errcode.filter(|value| *value != 0) {
return Err(WechatProviderError::Upstream(format!(
"微信手机号授权失败:{}",
payload
.errmsg
.unwrap_or_else(|| format!("stable_token 返回错误 {errcode}"))
)));
}
payload
.access_token
.filter(|value| !value.trim().is_empty())
.ok_or_else(|| {
WechatProviderError::Upstream(
payload
.errmsg
.unwrap_or_else(|| "微信手机号授权失败:缺少 access_token".to_string()),
)
})
}
}
fn build_mock_wechat_authorization_url(
@@ -1919,6 +2122,8 @@ mod tests {
DEFAULT_WECHAT_ACCESS_TOKEN_ENDPOINT.to_string(),
DEFAULT_WECHAT_USER_INFO_ENDPOINT.to_string(),
DEFAULT_WECHAT_JS_CODE_SESSION_ENDPOINT.to_string(),
DEFAULT_WECHAT_STABLE_ACCESS_TOKEN_ENDPOINT.to_string(),
DEFAULT_WECHAT_PHONE_NUMBER_ENDPOINT.to_string(),
"wx-user-001".to_string(),
Some("wx-union-001".to_string()),
"微信测试用户".to_string(),
@@ -1950,6 +2155,8 @@ mod tests {
DEFAULT_WECHAT_ACCESS_TOKEN_ENDPOINT.to_string(),
DEFAULT_WECHAT_USER_INFO_ENDPOINT.to_string(),
DEFAULT_WECHAT_JS_CODE_SESSION_ENDPOINT.to_string(),
DEFAULT_WECHAT_STABLE_ACCESS_TOKEN_ENDPOINT.to_string(),
DEFAULT_WECHAT_PHONE_NUMBER_ENDPOINT.to_string(),
"wx-user-001".to_string(),
Some("wx-union-001".to_string()),
"微信测试用户".to_string(),