Files
ragflow/api/channels/wecom/channel.py
Kevin Hu b5a426e6e0 Feat: chat channels — connect assistants to external messaging bots (#15850)
### What problem does this PR solve?

#15844

Adds a **Chat channels** capability so a RAGFlow assistant (Dialog) can
be exposed as a bot on external messaging platforms (Feishu/Lark,
Discord, Telegram, Slack, WeCom, LINE, etc.). An admin configures a bot
in the UI, connects it to an assistant, and inbound messages are
answered from that assistant's knowledge base — replies are delivered
back on the channel.

**Feishu/Lark is implemented and tested end-to-end.** Discord, Telegram,
LINE, and WeCom are scaffolded against the same interface; the remaining
listed channels are tracked as follow-ups.

### Design

**Backend**
- New `chat_channel` table (`tenant_id`, `name`, `channel`, `config`
JSON holding `{credential: {...}}`, `dialog_id`, `status`) +
`ChatChannelService` and RESTful CRUD under `/api/v1/chat_channels`.
- Channel framework under `api/channels/`: a `core` registry +
per-channel packages that self-register a builder and implement a common
`Channel` interface (`start`/`stop`/`send` + inbound normalization) over
`IncomingMessage`/`OutgoingMessage`.
- Embedded **reconcile loop** in `ragflow_server`
(`api/channels/bootstrap.py`): loads enabled bots, and
starts/stops/restarts them as rows change (no server restart needed).
Inbound messages run the connected dialog via the non-streaming
completion path, keeping per-end-user conversation history.
- Missing optional channel SDKs degrade gracefully (channel skipped with
a warning; others unaffected). Channel-level errors are logged, not
crashed.
- Feishu's WebSocket client runs in a dedicated thread with its own
event loop to avoid cross-loop/contextvars conflicts with the channel
runtime.

**Frontend**
- **Settings → Chat channels** panel: available-channels grid +
configured-bots list with add/edit/delete and a **Connect assistant**
popup that binds a bot to a dialog.
- Brand icons via simple-icons / reused shared data-source assets, with
colored fallbacks for brands not available.
- Route, sidebar entry, i18n (en/zh), and a top-nav segment-boundary fix
so the settings page no longer highlights the Chat tab.

### Type of change

- [x] New Feature (non-breaking change which adds functionality)

### Notes
- DB: new `chat_channel` table is auto-created; `chat_channel.dialog_id`
is also covered by a `migrate_db` `alter_db_add_column` for existing
installs.
- Channel SDKs (`lark-oapi`, `discord.py`, `python-telegram-bot`,
`line-bot-sdk`, `wechatpy`, `aiohttp`) added to dependencies.
- Screenshots / per-channel credential docs to follow.

<img width="1338" height="1290" alt="Image"
src="https://github.com/user-attachments/assets/042cb2f9-0dad-4e6a-bcf7-43ced4bbd704"
/>

<img width="1344" height="738" alt="Image"
src="https://github.com/user-attachments/assets/373cd08e-ec40-4c67-9c51-4d948b1ba617"
/>

<img width="672" height="887" alt="Image"
src="https://github.com/user-attachments/assets/5a34953f-a9a3-4c1e-869e-5eff0dc64c84"
/>

---------
2026-06-12 18:21:30 +08:00

291 lines
10 KiB
Python

from __future__ import annotations
import asyncio
import logging
import time
from dataclasses import dataclass
from typing import Dict, Optional, Tuple
import aiohttp
from aiohttp import web
from wechatpy.enterprise import parse_message
from wechatpy.enterprise.crypto import WeChatCrypto
from wechatpy.exceptions import InvalidSignatureException
from ..core.base import Channel, IncomingMessage, OutgoingMessage
from ..core.registry import register_channel
LOGGER = logging.getLogger(__name__)
WECOM_API_BASE = "https://qyapi.weixin.qq.com/cgi-bin"
@dataclass
class WeComAccount:
account_id: str
corp_id: str
agent_id: int
secret: str
token: str
aes_key: str
webhook_host: str = "0.0.0.0"
webhook_port: int = 3002
class _SharedWebhookServer:
"""Single aiohttp server shared by all WeComChannel instances."""
def __init__(self, host: str, port: int) -> None:
self.host = host
self.port = port
self.app = web.Application()
self.app.router.add_get("/wecom/{account_id}/callback", self._handle_request)
self.app.router.add_post("/wecom/{account_id}/callback", self._handle_request)
self.runner: Optional[web.AppRunner] = None
self.site: Optional[web.TCPSite] = None
self.channels: Dict[str, "WeComChannel"] = {}
async def start(self) -> None:
if self.runner is not None:
return
self.runner = web.AppRunner(self.app)
await self.runner.setup()
self.site = web.TCPSite(self.runner, self.host, self.port)
await self.site.start()
LOGGER.info(
"[wecom] webhook listening on http://%s:%s/wecom/<account_id>/callback",
self.host,
self.port,
)
async def stop(self) -> None:
if self.site is not None:
await self.site.stop()
if self.runner is not None:
await self.runner.cleanup()
self.runner = None
self.site = None
async def _handle_request(self, request: web.Request) -> web.Response:
account_id = request.match_info.get("account_id", "")
try:
channel = self.channels.get(account_id)
if channel is None:
return web.Response(status=404, text="unknown account")
signature = request.query.get("msg_signature", "")
timestamp = request.query.get("timestamp", "")
nonce = request.query.get("nonce", "")
# GET = URL verification on first save in the WeCom admin console.
if request.method == "GET":
echo_str = request.query.get("echostr", "")
try:
decrypted = channel.crypto.check_signature(
signature, timestamp, nonce, echo_str
)
return web.Response(text=decrypted)
except InvalidSignatureException:
return web.Response(status=403, text="bad signature")
# POST = encrypted inbound event.
body = await request.text()
try:
xml = channel.crypto.decrypt_message(body, signature, timestamp, nonce)
except InvalidSignatureException:
return web.Response(status=403, text="bad signature")
try:
msg = parse_message(xml)
except Exception:
LOGGER.error("[wecom:%s] parse error", account_id, exc_info=True)
return web.Response(text="")
try:
await channel.handle_decrypted_message(msg)
except Exception:
LOGGER.error("[wecom:%s] handler error", account_id, exc_info=True)
except Exception:
LOGGER.error("[wecom:%s] inbound request handling error", account_id, exc_info=True)
# Empty 200 OK tells WeCom we accepted the event.
return web.Response(text="")
_servers: Dict[Tuple[str, int], _SharedWebhookServer] = {}
_active_per_server: Dict[Tuple[str, int], int] = {}
async def _acquire_server(host: str, port: int) -> _SharedWebhookServer:
key = (host, port)
server = _servers.get(key)
if server is None:
server = _SharedWebhookServer(host, port)
_servers[key] = server
await server.start()
_active_per_server[key] = _active_per_server.get(key, 0) + 1
return server
async def _release_server(host: str, port: int) -> None:
key = (host, port)
remaining = _active_per_server.get(key, 0) - 1
_active_per_server[key] = remaining
if remaining <= 0:
server = _servers.pop(key, None)
_active_per_server.pop(key, None)
if server is not None:
await server.stop()
class WeComChannel(Channel):
channel_id = "wecom"
def __init__(self, account: WeComAccount) -> None:
super().__init__()
self.account = account
self.account_id = account.account_id
self.crypto = WeChatCrypto(
account.token, account.aes_key, account.corp_id
)
self._server: Optional[_SharedWebhookServer] = None
self._access_token: Optional[str] = None
self._access_token_expires_at: float = 0.0
self._access_token_lock = asyncio.Lock()
async def start(self) -> None:
self._server = await _acquire_server(
self.account.webhook_host, self.account.webhook_port
)
self._server.channels[self.account_id] = self
LOGGER.info(
"[wecom:%s] registered at path /wecom/%s/callback (agent_id=%s)",
self.account_id,
self.account_id,
self.account.agent_id,
)
async def stop(self) -> None:
if self._server is not None:
self._server.channels.pop(self.account_id, None)
await _release_server(
self.account.webhook_host, self.account.webhook_port
)
self._server = None
async def handle_decrypted_message(self, msg) -> None:
try:
# Only handle plain text events; ignore image/voice/event etc.
if getattr(msg, "type", "") != "text":
return
user_id = str(getattr(msg, "source", "") or "")
if not user_id:
return
incoming = IncomingMessage(
channel=self.channel_id,
account_id=self.account_id,
chat_id=user_id,
chat_type="p2p",
message_id=str(getattr(msg, "id", "") or ""),
sender_id=user_id,
text=getattr(msg, "content", "") or "",
raw=msg,
)
await self._dispatch(incoming)
except Exception:
LOGGER.error("[wecom:%s] inbound message handling error", self.account_id, exc_info=True)
async def _get_access_token(self) -> str:
async with self._access_token_lock:
now = time.time()
if self._access_token and now < self._access_token_expires_at:
return self._access_token
params = {
"corpid": self.account.corp_id,
"corpsecret": self.account.secret,
}
async with aiohttp.ClientSession() as session:
async with session.get(
f"{WECOM_API_BASE}/gettoken", params=params
) as resp:
data = await resp.json(content_type=None)
if data.get("errcode", 0) != 0 or "access_token" not in data:
raise RuntimeError(f"wecom gettoken failed: {data}")
self._access_token = data["access_token"]
# 60s safety margin against clock skew / in-flight calls.
self._access_token_expires_at = (
now + int(data.get("expires_in", 7200)) - 60
)
return self._access_token
async def send(self, message: OutgoingMessage) -> None:
if not message.chat_id:
LOGGER.error("[wecom:%s] missing chat_id; cannot send", self.account_id)
return
try:
token = await self._get_access_token()
except Exception:
LOGGER.error("[wecom:%s] access_token error", self.account_id, exc_info=True)
return
payload = {
"touser": message.chat_id,
"msgtype": "text",
"agentid": int(self.account.agent_id),
"text": {"content": message.text},
"safe": 0,
}
try:
async with aiohttp.ClientSession() as session:
async with session.post(
f"{WECOM_API_BASE}/message/send",
params={"access_token": token},
json=payload,
) as resp:
data = await resp.json(content_type=None)
except Exception:
LOGGER.error("[wecom:%s] send transport error", self.account_id, exc_info=True)
return
if data.get("errcode", 0) != 0:
# 40014 / 42001 = access_token expired or invalid; drop cache.
if data.get("errcode") in (40014, 42001):
self._access_token = None
self._access_token_expires_at = 0.0
LOGGER.error("[wecom:%s] send failed: %s", self.account_id, data)
def _build(account_id: str, cfg: dict) -> Channel:
required = ("corp_id", "agent_id", "secret", "token", "aes_key")
missing = [k for k in required if not cfg.get(k)]
if missing:
raise ValueError(
f"wecom account '{account_id}' missing required fields: {missing}"
)
try:
agent_id = int(cfg["agent_id"])
except (TypeError, ValueError) as err:
raise ValueError(
f"wecom account '{account_id}' agent_id must be int: {err}"
) from err
# WeCom EncodingAESKey is always 43 characters; reject placeholders early so
# the failure is a clear message instead of a base64 "Incorrect padding" error.
aes_key = str(cfg["aes_key"])
if len(aes_key) != 43:
raise ValueError(
f"wecom account '{account_id}' aes_key (EncodingAESKey) must be 43 characters, got {len(aes_key)}"
)
return WeComChannel(
WeComAccount(
account_id=account_id,
corp_id=str(cfg["corp_id"]),
agent_id=agent_id,
secret=str(cfg["secret"]),
token=str(cfg["token"]),
aes_key=str(cfg["aes_key"]),
webhook_host=str(cfg.get("webhook_host", "0.0.0.0")),
webhook_port=int(cfg.get("webhook_port", 3002)),
)
)
register_channel("wecom", _build)