Simon
117 lines
4.4 KiB
Python
117 lines
4.4 KiB
Python
"""企微设备管理API验证脚本
|
|
|
|
验证公司的企微是否启用了"设备管理"功能,以及IT服务台应用是否有权限调用。
|
|
"""
|
|
import httpx
|
|
import asyncio
|
|
import json
|
|
import os
|
|
from dotenv import load_dotenv
|
|
|
|
# 加载环境变量
|
|
load_dotenv(os.path.join(os.path.dirname(__file__), ".env"))
|
|
|
|
CORP_ID = os.getenv("WECOM_CORP_ID", "")
|
|
CORP_SECRET = os.getenv("WECOM_SECRET", "")
|
|
|
|
|
|
async def main():
|
|
print("=" * 60)
|
|
print("企微设备管理API验证")
|
|
print("=" * 60)
|
|
print(f"Corp ID: {CORP_ID[:10]}***")
|
|
print()
|
|
|
|
async with httpx.AsyncClient(timeout=15.0) as client:
|
|
# === 第1步:获取 access_token ===
|
|
print("[1/3] 获取 access_token ...")
|
|
resp = await client.get(
|
|
"https://qyapi.weixin.qq.com/cgi-bin/gettoken",
|
|
params={"corpid": CORP_ID, "corpsecret": CORP_SECRET},
|
|
)
|
|
result = resp.json()
|
|
errcode = result.get("errcode", -1)
|
|
errmsg = result.get("errmsg", "")
|
|
|
|
if errcode != 0:
|
|
print(f" ❌ 获取token失败: errcode={errcode}, errmsg={errmsg}")
|
|
return
|
|
|
|
token = result["access_token"]
|
|
expires_in = result.get("expires_in", "?")
|
|
print(f" ✅ 成功 (有效期 {expires_in}秒)")
|
|
print()
|
|
|
|
# === 第2步:试探 trustdevice/list ===
|
|
print("[2/3] 试探 trustdevice/list 接口 ...")
|
|
resp2 = await client.post(
|
|
"https://qyapi.weixin.qq.com/cgi-bin/security/trustdevice/list",
|
|
params={"access_token": token},
|
|
json={"type": 1, "offset": 0, "limit": 1},
|
|
)
|
|
r2 = resp2.json()
|
|
ec2 = r2.get("errcode", -1)
|
|
em2 = r2.get("errmsg", "")
|
|
data2 = r2.get("data", {})
|
|
|
|
if ec2 == 0:
|
|
total = data2.get("total", data2.get("count", "?"))
|
|
print(f" ✅ 设备管理已启用!API可正常调用")
|
|
print(f" 设备总数: {total}")
|
|
# 显示一条设备数据样例
|
|
devices = data2.get("devices", data2.get("data", []))
|
|
if devices:
|
|
sample = json.dumps(devices[0], ensure_ascii=False, indent=2)
|
|
print(f" 设备样例数据(第1条):")
|
|
print(f" {sample[:400]}")
|
|
elif ec2 == 600001:
|
|
print(f" ❌ 设备管理未启用 或 应用无权限")
|
|
print(f" errcode={ec2}, errmsg={em2}")
|
|
else:
|
|
print(f" ⚠️ 未知返回: errcode={ec2}, errmsg={em2}")
|
|
print()
|
|
|
|
# === 第3步:试探 trustdevice/get_by_user ===
|
|
print("[3/3] 试探 trustdevice/get_by_user 接口 ...")
|
|
resp3 = await client.post(
|
|
"https://qyapi.weixin.qq.com/cgi-bin/security/trustdevice/get_by_user",
|
|
params={"access_token": token},
|
|
json={"userid": "test_user_not_exist_12345", "offset": 0, "limit": 1},
|
|
)
|
|
r3 = resp3.json()
|
|
ec3 = r3.get("errcode", -1)
|
|
em3 = r3.get("errmsg", "")
|
|
|
|
if ec3 == 0:
|
|
print(f" ✅ get_by_user 接口可调用")
|
|
print(f" 返回数据: {json.dumps(r3.get('data', {}), ensure_ascii=False)[:200]}")
|
|
elif ec3 == 600001:
|
|
print(f" ❌ 应用无权限调用此接口")
|
|
print(f" errcode={ec3}, errmsg={em3}")
|
|
elif ec3 == 60101:
|
|
# userid不存在,但接口本身可用
|
|
print(f" ✅ 接口存在且可调用 (userid不存在是预期的)")
|
|
print(f" errcode=60101 表示用户不存在,接口本身可用")
|
|
else:
|
|
print(f" ⚠️ 返回: errcode={ec3}, errmsg={em3}")
|
|
print()
|
|
|
|
# === 结论 ===
|
|
print("=" * 60)
|
|
print("验证结论")
|
|
print("=" * 60)
|
|
if ec2 == 0:
|
|
print("🎉 企微设备管理已启用,可直接集成!")
|
|
print(" 下一步: 用真实userid调用get_by_user验证映射数据")
|
|
elif ec2 == 600001:
|
|
print("📋 设备管理功能未启用或应用未授权")
|
|
print(" 需要企微管理员操作:")
|
|
print(" 1. 登录管理后台 → 安全与管理 → 设备管理 → 开启功能")
|
|
print(" 2. 在设备管理设置中,将IT服务台应用添加到「可调用接口的应用」")
|
|
else:
|
|
print(f"🔍 结果不确定 (errcode={ec2}),需进一步排查")
|
|
|
|
|
|
if __name__ == "__main__":
|
|
asyncio.run(main())
|