1

ruoyi-admin/src/main/java/com/ruoyi/web/controller/jarvis/WeComInboundController.java

@@ -0,0 +1,41 @@
+package com.ruoyi.web.controller.jarvis;
+
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.jarvis.domain.dto.WeComInboundRequest;
+import com.ruoyi.jarvis.service.IWeComInboundService;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.*;
+
+import javax.annotation.Resource;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * wxSend 企微回调桥接：HTTPS + 共享密钥，无登录态
+ */
+@RestController
+@RequestMapping("/jarvis/wecom")
+public class WeComInboundController {
+
+    public static final String HEADER_SECRET = "X-Jarvis-WeCom-Secret";
+
+    @Value("${jarvis.wecom.inbound-secret:}")
+    private String inboundSecret;
+
+    @Resource
+    private IWeComInboundService weComInboundService;
+
+    @PostMapping("/inbound")
+    public AjaxResult inbound(
+            @RequestHeader(value = HEADER_SECRET, required = false) String secret,
+            @RequestBody WeComInboundRequest body) {
+        if (!StringUtils.hasText(inboundSecret) || !inboundSecret.equals(secret)) {
+            return AjaxResult.error("拒绝访问");
+        }
+        String reply = weComInboundService.handleInbound(body != null ? body : new WeComInboundRequest());
+        Map<String, Object> data = new HashMap<>(2);
+        data.put("reply", reply != null ? reply : "");
+        return AjaxResult.success(data);
+    }
+}