Conversation
There was a problem hiding this comment.
Pull request overview
该 PR 在 StickerHub 的跨平台绑定体系中新增「飞书 Webhook」绑定模式,并在 Telegram /bind 流程中提供绑定方式选择,以支持不依赖飞书侧 /bind <code> 的直接绑定与转发。
Changes:
- 新增飞书目标抽象(bot / webhook)与对应的 sqlite 存储表,并提供 webhook 绑定/切换能力
- Telegram
/bind无参数时新增按钮选择绑定方式,并支持输入 webhook URL 完成绑定 - 飞书发送侧支持按目标模式发送(bot open_id / webhook URL),并同步更新转发与批次 marker 逻辑、文档与测试
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/test_telegram_source.py | 增加 bind mode callback_data 解析测试用例 |
| tests/test_binding_sqlite.py | 增加 sqlite 下 webhook 绑定与模式互切的集成测试 |
| src/stickerhub/services/relay.py | 转发时从 open_id 路由改为按 FeishuTarget(mode,target) 路由 |
| src/stickerhub/services/binding.py | 新增 FeishuTarget、webhook 绑定表与绑定/清理/查询逻辑,并提供 URL 归一化 |
| src/stickerhub/main.py | 批次 marker 与 Telegram 装配逻辑适配 bot/webhook 两种发送路径 |
| src/stickerhub/core/ports.py | TargetPlatformSender 发送接口改为接收 target_mode + target |
| src/stickerhub/adapters/telegram_source.py | Telegram /bind 增加绑定方式选择与 webhook 输入状态管理 |
| src/stickerhub/adapters/feishu_sender.py | 新增 webhook 文本/图片发送能力,并在 send() 中按 mode 分流 |
| README.md | 更新绑定流程说明与 webhook 模式互斥策略说明 |
| .github/copilot-instructions.md | 更新仓库级“不可破坏业务行为”,明确 Telegram /bind 双模式流程 |
Comment on lines
22
to
26
| logger.debug( | ||
| "准备发送图片到飞书: receive_id=%s file=%s mime=%s size=%s", | ||
| target_user_id, | ||
| "准备发送图片到飞书: mode=%s target=%s file=%s mime=%s size=%s", | ||
| target_mode, | ||
| target, | ||
| asset.file_name, |
There was a problem hiding this comment.
这里的 debug 日志会在 webhook 模式下把完整 webhook_url 打到日志里(target=%s)。Webhook URL 通常包含敏感 token,属于凭据泄露风险;建议对 webhook 目标做脱敏(如仅保留 host + 末尾几位),或在 webhook 模式下完全不要记录 target。
Comment on lines
+138
to
+141
| await update.message.reply_text( | ||
| "请选择飞书绑定方式:", | ||
| reply_markup=_build_bind_mode_keyboard(telegram_user_id), | ||
| ) |
There was a problem hiding this comment.
这里引入了 Telegram 侧“选择绑定方式 + 进入 webhook 输入模式”的新交互流程,但 tests/ 目前只覆盖 callback_data 解析与 BindingService,缺少对该交互/状态机的单测回归(如非 owner 点击拦截、进入 pending 后文本输入成功/失败、pending 超时清理等)。建议补充相应测试,避免后续改动破坏用户流程。
Contributor
Author
|
@copilot open a new pull request to apply changes based on the comments in this thread 额外要求: |
Contributor
…tection, memory leak, and type safety Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
…ogging, fix test naming Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
…uplication Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
… messages Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
…option to disable whitelist, use JSON format for env config Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
Co-authored-by: AkkiaS7 <68485070+AkkiaS7@users.noreply.github.com>
fix: address security review - SSRF protection, credential logging, memory leak, type safety
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces support for dual-mode Feishu binding in the Telegram bot, allowing users to bind their accounts either via the Feishu bot (existing magic string flow) or via a custom Feishu webhook. The changes update both the user-facing documentation and the backend logic to support this new workflow, including the necessary UI, command handling, and data storage for webhook bindings. The
/bindcommand now prompts users to choose a binding method, and webhook bindings are mutually exclusive with bot bindings.Key changes:
User Documentation & Instructions:
.github/copilot-instructions.mdandREADME.mdto describe the new dual-mode binding process, including step-by-step instructions and limitations. The documentation now clarifies that webhook binding is only available when the Feishu app is properly configured, and that the two binding modes are mutually exclusive. [1] [2] [3] [4]Telegram Bot Binding Workflow:
/bindcommand intelegram_source.pyto prompt users to select between "Feishu Bot" and "Feishu Webhook" binding modes, and implemented the related callback and message handling for both flows. Added support for pending webhook binding requests, including input validation and timeout cleanup. [1] [2] [3] [4] [5] [6] [7] [8] [9]Feishu Sender Enhancements:
FeishuSenderinterface and implementation to support sending both image and text messages via either the Feishu bot API or custom webhook URLs, with appropriate error handling and logging. [1] [2] [3] [4]Binding Service and Data Model:
FeishuTargetdata model to abstract over bot and webhook targets. Updated the binding service to provide the correct target for outbound messages based on the user's binding mode. [1] [2]Batch Messaging Support:
These changes enable more flexible and user-friendly Feishu integrations for Telegram users, while maintaining backward compatibility and clear separation between the two binding modes.