synaptic-lark 0.4.0

Feishu/Lark integration for Synaptic: document loader, Bitable tool, message tool
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

use std::sync::Arc;
use std::time::{Duration, Instant};
use tokio::sync::Mutex;

use crate::LarkConfig;
use synaptic_core::SynapticError;

/// Cached tenant access token with automatic expiry tracking.
#[derive(Default)]
struct CachedToken {
    token: Option<String>,
    expires_at: Option<Instant>,
}

impl CachedToken {
    /// Returns `true` if the token is still valid (>300s remaining).
    fn is_valid(&self) -> bool {
        match (&self.token, &self.expires_at) {
            (Some(_), Some(exp)) => exp
                .checked_duration_since(Instant::now())
                .map(|remaining| remaining > Duration::from_secs(300))
                .unwrap_or(false),
            _ => false,
        }
    }
}

/// Thread-safe cache for a Lark tenant access token.
///
/// Automatically refreshes when fewer than 300 seconds remain before expiry.
pub struct TokenCache {
    config: Arc<LarkConfig>,
    inner: Arc<Mutex<CachedToken>>,
    client: reqwest::Client,
}

impl TokenCache {
    pub fn new(config: Arc<LarkConfig>) -> Self {
        Self {
            config,
            inner: Arc::new(Mutex::new(CachedToken::default())),
            client: reqwest::Client::new(),
        }
    }

    /// Return a valid access token, refreshing if necessary.
    pub async fn get_token(&self) -> Result<String, SynapticError> {
        let mut guard = self.inner.lock().await;
        if guard.is_valid() {
            return Ok(guard.token.clone().unwrap());
        }
        // Refresh
        let url = format!(
            "{}/auth/v3/tenant_access_token/internal",
            self.config.base_url
        );
        let body = serde_json::json!({
            "app_id": self.config.app_id,
            "app_secret": self.config.app_secret,
        });
        let resp = self
            .client
            .post(&url)
            .json(&body)
            .send()
            .await
            .map_err(|e| SynapticError::Config(format!("Lark token request failed: {e}")))?;

        let json: serde_json::Value = resp
            .json()
            .await
            .map_err(|e| SynapticError::Config(format!("Lark token parse failed: {e}")))?;

        if json["code"].as_i64().unwrap_or(-1) != 0 {
            return Err(SynapticError::Config(format!(
                "Lark auth error: {}",
                json["msg"].as_str().unwrap_or("unknown")
            )));
        }

        let token = json["tenant_access_token"]
            .as_str()
            .ok_or_else(|| SynapticError::Config("Lark: missing tenant_access_token".to_string()))?
            .to_string();
        let expire_secs = json["expire"].as_u64().unwrap_or(7200);
        guard.token = Some(token.clone());
        guard.expires_at = Some(Instant::now() + Duration::from_secs(expire_secs));

        tracing::debug!("Lark token refreshed, expires in {}s", expire_secs);
        Ok(token)
    }
}