Giter Club home page Giter Club logo

wesuitecred's Introduction

WeSuiteCred

Manage suite ticket and app authorizations from WeCom corporations by listening to messages from an MQTT broker published by WeTriage.

Features

  • Listen for and store latest suite_ticket.
  • Listen for and store app authorizations, including corp_id, corp_secret/permanent_code and permissions.
  • Search and list app credentials and permissions.

Usage

docker pull ghcr.io/imulab/wesuitecred:latest

# For a specific version, use the short commit SHA as the tag. For example:
#   docker pull ghcr.io/imulab/wesuitecred:117eb11f
#
# Note this is just an example, that's not the latest commit hash

Listener

The listener command is the default command of the image. It listens for messages from the MQTT broker and interact with the WeCom API to manage suite ticket and app authorizations.

The following flags are supported:

Flag Description Default Env
--debug Enable debug mode false WSC_DEBUG
--mqtt-url MQTT broker URL. See details below - WSC_MQTT_URL
--suite-id App template suite id - WSC_SUITE_ID
--suite-secret App template suite secret - WSC_SUITE_SECRET

The SQLite database is written at /var/WeSuiteCred inside the container. You may want to mount a volume to this directory.

Below shows an example of using the image.

docker run -d \
    -v /var/WeSuiteCred:/var/WeSuiteCred:rw \
    -e WSC_MQTT_URL=tcp://localhost:1883 \
    -e WSC_SUITE_ID=your_suite_id \
    -e WSC_SUITE_SECRET=your_suite_secret \
    ghcr.io/imulab/wesuitecred:latest

Show

The show command can be invoked by calling WeSuiteCred show in the image.

The following flags are supported:

Flag Description
--query, -q Query to match the corporation name or id

Below shows an example:

docker run \
    -v /var/WeSuiteCred:/var/WeSuiteCred:ro \
    ghcr.io/imulab/wesuitecred:latest \
    WeSuiteCred show -q acme_corp

Note that the database is mounted as read-only.

Simulate change_auth event

For some reason, WeCom does not seem to push the change_auth event to the registered callback endpoint under some circumstances. As a result, WeTriage will not post a message to notify the change. As a workaround, this image provides a utility to actively refresh app permissions for a corp authorization.

The following flags are supported:

Flag Description
--mqtt-url MQTT broker URL. See details below
--suite-id App template suite id
--corp-id Authorized corporation id

Below shows an example:

docker run \
    ghcr.io/imulab/wesuitecred:latest \
    WeSuiteCred utils simulate-change-auth \
    --mqtt-url=tcp://localhost:1883 \
    --suite-id=your_suite_id \
    --corp-id=your_corp_id

This will trigger a standard change_auth_info message being published to the MQTT broker, and a running listener will take care of refreshing the app permissions for the corporation.

wesuitecred's People

Contributors

imulab avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.