diff --git a/server/feishu-sync/internal/config/config.go b/server/feishu-sync/internal/config/config.go index 2c9df9ad..1224b8b8 100644 --- a/server/feishu-sync/internal/config/config.go +++ b/server/feishu-sync/internal/config/config.go @@ -10,4 +10,9 @@ type Config struct { SourceMysql string Auth types.Auth SourceRabbitMq string + FeiShu struct { + ApiHost string + EncryptKey string + VerificationToken string + } } diff --git a/server/feishu-sync/internal/logic/webhooklogic.go b/server/feishu-sync/internal/logic/webhooklogic.go index fc30ea90..1695dde3 100644 --- a/server/feishu-sync/internal/logic/webhooklogic.go +++ b/server/feishu-sync/internal/logic/webhooklogic.go @@ -61,9 +61,8 @@ func (l *WebhookLogic) Webhook(w http.ResponseWriter, r *http.Request) { //计算签名 timestamp := r.Header.Get("X-Lark-Request-Timestamp") nonce := r.Header.Get("X-Lark-Request-Nonce") - encryptKey := "DmiHQ2bHhKiR3KK4tIjLShbs13eErxKA" signature := r.Header.Get("X-Lark-Signature") - sign := l.CalculateFeiShuWebhookSignature(timestamp, nonce, encryptKey, bodyBytes) + sign := l.CalculateFeiShuWebhookSignature(timestamp, nonce, l.svcCtx.Config.FeiShu.EncryptKey, bodyBytes) if signature != sign { logx.Error("非法的消息,签名验证不通过", sign, "====", signature) return @@ -78,7 +77,7 @@ func (l *WebhookLogic) Webhook(w http.ResponseWriter, r *http.Request) { return } //解密 - realMsgBytes, err := l.DecryptFeiShuWebhookMsg(encryptMsg.Encrypt, encryptKey) + realMsgBytes, err := l.DecryptFeiShuWebhookMsg(encryptMsg.Encrypt, l.svcCtx.Config.FeiShu.EncryptKey) if err != nil { logx.Error(err) return @@ -144,8 +143,8 @@ func (l *WebhookLogic) CalculateFeiShuWebhookSignature(timestamp, nonce, encrypt } // 解密事件消息 -func (l *WebhookLogic) DecryptFeiShuWebhookMsg(encrypt string, encryptKey string) ([]byte, error) { - buf, err := base64.StdEncoding.DecodeString(encrypt) +func (l *WebhookLogic) DecryptFeiShuWebhookMsg(encryptData string, encryptKey string) ([]byte, error) { + buf, err := base64.StdEncoding.DecodeString(encryptData) if err != nil { return nil, fmt.Errorf("base64StdEncode Error[%v]", err) }