回调通知

验证来源合法

腾讯乐享回调请求的数据格式为 JSON 结构，如推送 suite_ticket 的回调请求数据如下：

{
    "nonce":"3072f432-bfc5-4e79-a24d-8fe4741da471",
    "timestamp":1540368608,
    "sign":"7b3d8492887e6c79b16cab7f093102d6dae5de5b",
    "action":"service/suite_ticket",
    "attributes":{
        "suite_id":"SUITE_ID",
        "suite_ticket":"SUITE_TICKET"
    }
}

每个回调请求都会带上 nonce, timestamp, sign 三个参数用于验证消息来源是否合法。结合callback_secret，可使用以下方法验证：

判断 sign == sha1(nonce . callback_secret . timestamp)，若返回 true 则消息来源合法。

开启应用

事件类型：service/create_auth

{
    "nonce":"8491c2e5-b7a5-4903-8771-b3d42349afea",
    "sign":"dee45bb51240f9cb8d87b40ba00fbaf3c5fbd0cf",
    "timestamp":1609897586,
    "action":"service/create_auth",
    "attributes":{
        "suite_id":"SUITE_ID",
        "auth_code":"AUTH_CODE"
    }
}

auth_code 为企业临时授权码，用于获取企业永久授权码接口

应用服务商需要在5s内完成http状态码200响应,并返回“success”

关闭应用

事件类型：service/cancel_auth

{
    "nonce":"8491c2e5-b7a5-4903-8771-b3d42349afea",
    "sign":"dee45bb51240f9cb8d87b40ba00fbaf3c5fbd0cf",
    "timestamp":1609897586,
    "action":"service/cancel_auth",
    "attributes":{
        "suite_id":"SUITE_ID",
        "company_id":"COMPANY_ID"
    }
}

推送 suite_ticket

事件类型：service/suite_ticket

回调示例

{
    "nonce":"3072f432-bfc5-4e79-a24d-8fe4741da471",
    "timestamp":1540368608,
    "sign":"7b3d8492887e6c79b16cab7f093102d6dae5de5b",
    "action":"service/suite_ticket",
    "attributes":{
        "suite_id":"SUITE_ID",
        "suite_ticket":"SUITE_TICKET"
    }
}

suite_ticket 用于获取第三方应用凭证接口