目录
官网地址:
首先创建企业内部群,按照官方文档进行创建和安装,?自定义机器人的安全设置分为一下三种:
①自定义关键词
发送的消息中至少包含其中一个关键词才可以发送成功
②加签方式
加签方式是钉钉机器人和开发者双向进行安全认证,在群内@自定义机器人时,开发者的POST地址收到机器人消息携带的headers参数,其中包含timestamp和sign字段,开发者需要在自己服务内重新计算sign签名值,最后再调用自定义机器人发送消息接口时,携带开发者服务器内系统当前timestamp和重新计算的sign签名,以此来验证安全性。
③IP地址
设定后,只有来自IP地址范围内的请求才会被正常处理,支持两种设置方式:IP地址和IP地址段,暂不支持IPv6地址白名单
①引入依赖
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>alibaba-dingtalk-service-sdk</artifactId>
<version>2.0.0</version>
</dependency>
?②创建发送消息工具类
package com.kingagroot.info.common.tools.thirdparty;
import com.alibaba.nacos.api.config.annotation.NacosValue;
import com.dingtalk.api.DefaultDingTalkClient;
import com.dingtalk.api.DingTalkClient;
import com.dingtalk.api.request.OapiRobotSendRequest;
import com.kingagroot.info.common.tools.common.LogTool;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
/**
* @Author linaibo
* @Date 2023/11/21 9:45
* @Version 1.0
*/
@Component
public class DingDingTool {
private static LogTool logTool;
@Autowired
public void setLogTool(LogTool logTool) {
DingDingTool.logTool = logTool;
}
private static String secret;
private static String url;
@NacosValue(value = "${ding.secret}", autoRefreshed = true)
public void setSecret(String secret) {
DingDingTool.secret = secret;
}
@NacosValue(value = "${ding.url}", autoRefreshed = true)
public void setUrl(String url) {
DingDingTool.url = url;
}
/**
* 组装签名url
*
* @return url
*/
public static String getURL() throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException {
Long timestamp = System.currentTimeMillis();
String stringToSign = timestamp + "\n" + secret;
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
byte[] signData = mac.doFinal(stringToSign.getBytes(StandardCharsets.UTF_8));
String sign = URLEncoder.encode(new String(Base64.getEncoder().encode(signData)), "UTF-8");
String signResult = "×tamp=" + timestamp + "&sign=" + sign;
// 得到拼接后的 URL
return url + signResult;
}
/**
* 获取客户端
*
* @return
*/
public static DingTalkClient getClient() throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException {
return new DefaultDingTalkClient(getURL());
}
/**
* 发送钉钉消息
*
* @param msg
*/
public static void sendDingMsg(String msg) {
try {
DingTalkClient client = getClient();
OapiRobotSendRequest request = new OapiRobotSendRequest();
//设置发送消息类型
request.setMsgtype("text");
//设置消息内容
OapiRobotSendRequest.Text text = new OapiRobotSendRequest.Text();
text.setContent(msg);
request.setText(text);
//设置给谁发送消息
OapiRobotSendRequest.At at = new OapiRobotSendRequest.At();
// isAtAll类型如果不为Boolean,请升级至最新SDK,设置为true代表@群内的所有人
at.setIsAtAll(true);
//也可以指定接收人的手机号或者钉钉id,将消息发送给指定的人
// at.setAtMobiles(Arrays.asList("1392xxxxx","155xxxx"));
request.setAt(at);
client.execute(request);
} catch (Exception e) {
logTool.saveExceptionLog("", "", "sendDingMsg", e);
}
}
}
?url是创建自定义机器人是的webhook地址,secret是开启加签模式时的密钥。
使用加签方式调用自定义机器人发送消息时需要拼接当前的时间戳和签名。
签名生成方式:把timestamp+"\n"+密钥当做签名字符串,使用HmacSHA256算法计算签名,然后进行Base64 encode,最后再把签名参数再进行urlEncode,得到最终的签名。
发送消息时可以设置发送消息的类型及给谁发送
①部署到服务器后,一定要开通服务器访问钉钉的权限,否则会出现connect reset的错误
②注意对钉钉发送异常时的信息记录,可以存到日志表中或者是日志文件中
参照:SpringBoot集成钉钉自定义机器人群消息推送-CSDN博客
官方文档:
获取企业内部应用的access_token - 钉钉开放平台
首先要在钉钉的开发者后台创建应用,获取应用的AppKey、AppSecret及AgentId。获取企业内部应用的token,然后再调用发送消息接口进行消息的发送。
package com.kingagroot.info.common.tools.common;
import com.alibaba.fastjson.JSON;
import com.alibaba.nacos.api.config.annotation.NacosValue;
import com.dingtalk.api.DefaultDingTalkClient;
import com.dingtalk.api.DingTalkClient;
import com.dingtalk.api.request.OapiGettokenRequest;
import com.dingtalk.api.request.OapiMessageCorpconversationAsyncsendV2Request;
import com.dingtalk.api.response.OapiGettokenResponse;
import com.dingtalk.api.response.OapiMessageCorpconversationAsyncsendV2Response;
import com.kingagroot.info.common.tools.thirdparty.DingDingTool;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
/**
* @Author linaibo
* @Date 2024/1/6 16:18
* @Version 1.0
*/
@Component
public class DingTool {
private static LogTool logTool;
@Autowired
public void setLogTool(LogTool logTool) {
DingTool.logTool = logTool;
}
// 权限用户名
private static String accessKey;
// 权限密码
private static String secret;
// agent_id
private static Long agentId;
// tokenUrl
private static String tokenUrl;
// 发送消息url
private static String sendMsgUrl;
// 系统url
private static String sysUrl;
@NacosValue(value = "${dingding.appkey}", autoRefreshed = true)
public void setAccessKey(String accessKey) {
DingTool.accessKey = accessKey;
}
@NacosValue(value = "${dingding.appsecret}", autoRefreshed = true)
public void setSecret(String secret) {
DingTool.secret = secret;
}
@NacosValue(value = "${dingding.agentId}", autoRefreshed = true)
public void setAgentId(Long agentId) {
DingTool.agentId = agentId;
}
@NacosValue(value = "${dingding.gettoken}", autoRefreshed = true)
public void setTokenUrl(String tokenUrl) {
DingTool.tokenUrl = tokenUrl;
}
@NacosValue(value = "${dingding.sendMsg}", autoRefreshed = true)
public void setSendMsgUrl(String sendMsgUrl) {
DingTool.sendMsgUrl = sendMsgUrl;
}
@NacosValue(value = "${sys.url}", autoRefreshed = true)
public void setSysUrl(String sysUrl) {
DingTool.sysUrl = sysUrl;
}
/**
* 获取钉钉token
*
* @return
*/
public static String getDingToken() {
DingTalkClient client = new DefaultDingTalkClient(tokenUrl);
OapiGettokenRequest request = new OapiGettokenRequest();
request.setAppkey(accessKey);
request.setAppsecret(secret);
request.setHttpMethod("GET");
try {
OapiGettokenResponse response = client.execute(request);
if (response.isSuccess()) {
// 调用成功返回token信息
return response.getAccessToken();
}
// 调用接口异常,输出异常信息,发送钉钉通知
logTool.saveExceptionLog("", "DingUtils", "getDingToken", JSON.toJSONString(response));
DingDingTool.sendDingMsg("获取钉钉token失败," + response.getErrcode() + response.getErrmsg());
} catch (Exception e) {
// 调用接口异常,输出异常信息
logTool.saveExceptionLog("", "DingUtils", "getDingToken", e);
}
return null;
}
/**
* 发送钉钉通知
*
* @param token
* @param pwd
* @param userCode
*/
public static boolean sendMsg(String token, String pwd, String userCode) {
DingTalkClient client = new DefaultDingTalkClient(sendMsgUrl);
OapiMessageCorpconversationAsyncsendV2Request request = new OapiMessageCorpconversationAsyncsendV2Request();
request.setAgentId(agentId);
request.setUseridList(userCode);
request.setToAllUser(false);
OapiMessageCorpconversationAsyncsendV2Request.Msg msg = new OapiMessageCorpconversationAsyncsendV2Request.Msg();
msg.setMsgtype("text");
msg.setText(new OapiMessageCorpconversationAsyncsendV2Request.Text());
StringBuilder content = new StringBuilder();
content.append("系统地址: ");
content.append(sysUrl);
content.append(" ");
content.append("密码: ");
content.append(pwd);
msg.getText().setContent(content.toString());
request.setMsg(msg);
try {
OapiMessageCorpconversationAsyncsendV2Response result = client.execute(request, token);
if (result.isSuccess()) {
return true;
}
// 调用接口异常,输出异常信息
logTool.saveExceptionLog("", "DingUtils", "sendMsg", JSON.toJSONString(result));
} catch (Exception e) {
// 调用接口异常,输出异常信息
logTool.saveExceptionLog("", "DingUtils", "sendMsg", e);
}
return false;
}
}
①获取的token有效期为2个小时,有效期内重复获取会返回相同结果并自动续期,过期后获取会返回新的access_token。开发者需要缓存access_token,用于后续接口的调用。因为每个应用的access_token是彼此独立的,所以进行缓存时需要区分应用来进行存储。不能频繁调用gettoken接口,否则会受到频率拦截。
②发送消息接口为异步发送消息,接口返回成功并不表示用户一定会收到消息,需要通过获取工作通知消息的发送结果接口查询是否给用户发送成功。
③如果获取工作通知发送结果接口返回成功但用户还是没有接收到消息,需要确认一下,此用户是否在此钉钉关联的组织结构内。
④可以给全部员工发送,也可以给某个部门的人发送,也可以给某几个人(通过指定接收人的钉钉id)发送消息。
⑤注意对异常的捕捉,并对消息进行记录。
?