# 撤销用户授权事件
当用户 user_access_token 或 refresh_token 被撤销后,会触发此事件。
## 前提条件
你需要在应用中配置事件订阅,这样才可以在事件触发时接收到事件数据。了解事件订阅可参见[事件订阅概述](https://open.feishu.cn/document/ukTMukTMukTM/uUTNz4SN1MjL1UzM)。
## 事件
基本 |
---|---
事件类型 | auth.user_access_token.revoked_v4
支持的应用类型 | Custom App、Store App
权限要求
**订阅该事件所需的权限,开启其中任意一项权限即可订阅** | 获取 user_access_token 基本信息(auth:user_access_token:read)
字段权限要求 | **注意事项**:该接口返回体中存在下列敏感字段,仅当开启对应的权限后才会返回;如果无需获取这些字段,则不建议申请
获取用户 user ID(contact:user.employee_id:readonly)
推送方式 | [Webhook](https://open.feishu.cn/document/ukTMukTMukTM/uUTNz4SN1MjL1UzM)
### 事件体
名称 | 类型 | 描述
---|---|---
schema | string | 事件模式
header | event_header | 事件头
event_id | string | 事件 ID
event_type | string | 事件类型
create_time | string | 事件创建时间戳(单位:毫秒)
token | string | 事件 Token
app_id | string | 应用 ID
tenant_key | string | 租户 Key
event | revoke_token_event | \-
revoke_token_type | string | 撤销 token 的类型。可能值有:
- `user_access_token `:仅撤销 user_access_token
- `refresh_token `:仅撤销 refresh_token
- `user_access_token refresh_token`: user_access_token 和 refresh_token 都被撤销
**数据校验规则**:
- 长度范围:`0` ~ `10000` 字符
revoke_reason | string | 撤销 token 的原因。可能值有:
- `Revoked by unknown action.`:未知动作,缺省值
- `Revoked by user action.`:被用户撤销
- `Revoked by administrator action.`:被管理员撤销
- `Revoked by security and risk control action.`:因风控和安全被撤销
- `Revoked by restriction action.`:因限制动作被撤销,包括用户账号冻结、离职、应用不可用、用户对应用无权限等
**数据校验规则**:
- 长度范围:`0` ~ `10000` 字符
open_id | string | 用户 open_id
union_id | string | 用户 union_id
user_id | string | 租户内用户的唯一标识
**字段权限要求**:
获取用户 user ID(contact:user.employee_id:readonly)
### 事件体示例
```json
{
"schema": "2.0",
"header": {
"event_id": "5e3702a84e847582be8db7fb73283c02",
"event_type": "auth.user_access_token.revoked_v4",
"create_time": "1608725989000",
"token": "rvaYgkND1GOiu5MM0E1rncYC6PLtF7JV",
"app_id": "cli_9f5343c580712544",
"tenant_key": "2ca1d211f64f6438"
},
"event": {
"revoke_token_type": "user_access_token refresh_token",
"revoke_reason": "Revoked by security and risk control action.",
"open_id": "ou_c99c5f35d542efc7ee492afe11af19ef",
"union_id": "on_cad4860e7af114fb4ff6c5d496d1dd76",
"user_id": "gg895344"
}
}
```
### 事件订阅示例代码
事件订阅流程可参考:[事件订阅概述](https://open.feishu.cn/document/ukTMukTMukTM/uUTNz4SN1MjL1UzM),新手入门可参考:[教程](https://open.feishu.cn/document/uAjLw4CM/uMzNwEjLzcDMx4yM3ATM/develop-an-echo-bot/introduction)
**
package main
import (
"context"
"fmt"
larkcore "github.com/larksuite/oapi-sdk-go/v3/core"
larkevent "github.com/larksuite/oapi-sdk-go/v3/event"
"github.com/larksuite/oapi-sdk-go/v3/event/dispatcher"
"github.com/larksuite/oapi-sdk-go/v3/service/auth/v4"
larkws "github.com/larksuite/oapi-sdk-go/v3/ws"
)
// SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/golang-sdk-guide/preparations
func main() {
// 注册事件 Register event
eventHandler := dispatcher.NewEventDispatcher("", "").
OnP2UserAccessTokenRevokedV4(func(ctx context.Context, event *larkauth.P2UserAccessTokenRevokedV4) error {
fmt.Printf("[ OnP2UserAccessTokenRevokedV4 access ], data: %s\n", larkcore.Prettify(event))
return nil
})
// 构建 client Build client
cli := larkws.NewClient("YOUR_APP_ID", "YOUR_APP_SECRET",
larkws.WithEventHandler(eventHandler),
larkws.WithLogLevel(larkcore.LogLevelDebug),
)
// 建立长连接 Establish persistent connection
err := cli.Start(context.Background())
if err != nil {
panic(err)
}
}
# SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/python--sdk/preparations-before-development
import lark_oapi as lark
def do_p2_auth_user_access_token_revoked_v4(data: lark.auth.v4.P2AuthUserAccessTokenRevokedV4) -> None:
print(f'[ do_p2_auth_user_access_token_revoked_v4 access ], data: {lark.JSON.marshal(data, indent=4)}')
# 注册事件 Register event
event_handler = lark.EventDispatcherHandler.builder("", "") \
.register_p2_auth_user_access_token_revoked_v4(do_p2_auth_user_access_token_revoked_v4) \
.build()
def main():
# 构建 client Build client
cli = lark.ws.Client("APP_ID", "APP_SECRET",
event_handler=event_handler, log_level=lark.LogLevel.DEBUG)
# 建立长连接 Establish persistent connection
cli.start()
if __name__ == "__main__":
main()
package com.example.sample;
import com.lark.oapi.core.utils.Jsons;
import com.lark.oapi.service.auth.AuthService;
import com.lark.oapi.service.auth.v4.model.P2UserAccessTokenRevokedV4;
import com.lark.oapi.event.EventDispatcher;
import com.lark.oapi.ws.Client;
// SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/java-sdk-guide/preparations
public class Sample {
// 注册事件 Register event
private static final EventDispatcher EVENT_HANDLER = EventDispatcher.newBuilder("", "")
.onP2UserAccessTokenRevokedV4(new AuthService.P2UserAccessTokenRevokedV4Handler() {
@Override
public void handle(P2UserAccessTokenRevokedV4 event) throws Exception {
System.out.printf("[ onP2UserAccessTokenRevokedV4 access ], data: %s\n", Jsons.DEFAULT.toJson(event.getEvent()));
}
})
.build();
public static void main(String[] args) {
// 构建 client Build client
Client client = new Client.Builder("APP_ID", "APP_SECRET")
.eventHandler(EVENT_HANDLER)
.build();
// 建立长连接 Establish persistent connection
client.start();
}
}
// SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/nodejs-sdk/preparation-before-development
import * as Lark from '@larksuiteoapi/node-sdk';
const baseConfig = {
appId: 'APP_ID',
appSecret: 'APP_SECRET'
}
// 构建 client Build client
const wsClient = new Lark.WSClient(baseConfig);
// 建立长连接 Establish persistent connection
wsClient.start({
// 注册事件 Register event
eventDispatcher: new Lark.EventDispatcher({}).register({
'auth.user_access_token.revoked_v4': async (data) => {
console.log(data);
}
})
});
package main
import (
"context"
"fmt"
"net/http"
larkcore "github.com/larksuite/oapi-sdk-go/v3/core"
"github.com/larksuite/oapi-sdk-go/v3/core/httpserverext"
larkevent "github.com/larksuite/oapi-sdk-go/v3/event"
"github.com/larksuite/oapi-sdk-go/v3/event/dispatcher"
"github.com/larksuite/oapi-sdk-go/v3/service/auth/v4"
)
// SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/golang-sdk-guide/preparations
func main() {
// 注册事件 Register event
eventHandler := dispatcher.NewEventDispatcher("", "").
OnP2UserAccessTokenRevokedV4(func(ctx context.Context, event *larkauth.P2UserAccessTokenRevokedV4) error {
fmt.Printf("[ OnP2UserAccessTokenRevokedV4 access ], data: %s\n", larkcore.Prettify(event))
return nil
})
// 创建路由处理器 Create route handler
http.HandleFunc("/webhook/event", httpserverext.NewEventHandlerFunc(handler, larkevent.WithLogLevel(larkcore.LogLevelDebug)))
err := http.ListenAndServe(":7777", nil)
if err != nil {
panic(err)
}
}
# SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/python--sdk/preparations-before-development
from flask import Flask
from lark_oapi.adapter.flask import *
import lark_oapi as lark
app = Flask(__name__)
def do_p2_auth_user_access_token_revoked_v4(data: lark.auth.v4.P2AuthUserAccessTokenRevokedV4) -> None:
print(f'[ do_p2_auth_user_access_token_revoked_v4 access ], data: {lark.JSON.marshal(data, indent=4)}')
# 注册事件 Register event
event_handler = lark.EventDispatcherHandler.builder("", "") \
.register_p2_auth_user_access_token_revoked_v4(do_p2_auth_user_access_token_revoked_v4) \
.build()
# 创建路由处理器 Create route handler
@app.route("/webhook/event", methods=["POST"])
def event():
resp = event_handler.do(parse_req())
return parse_resp(resp)
if __name__ == "__main__":
app.run(port=7777)
package com.lark.oapi.sample.event;
import com.lark.oapi.core.utils.Jsons;
import com.lark.oapi.service.auth.AuthService;
import com.lark.oapi.service.auth.v4.model.P2UserAccessTokenRevokedV4;
import com.lark.oapi.sdk.servlet.ext.ServletAdapter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
// SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/java-sdk-guide/preparations
@RestController
public class EventController {
// 注册事件 Register event
private static final EventDispatcher EVENT_HANDLER = EventDispatcher.newBuilder("verificationToken", "encryptKey")
.onP2UserAccessTokenRevokedV4(new AuthService.P2UserAccessTokenRevokedV4Handler() {
@Override
public void handle(P2UserAccessTokenRevokedV4 event) throws Exception {
System.out.printf("[ onP2UserAccessTokenRevokedV4 access ], data: %s\n", Jsons.DEFAULT.toJson(event.getEvent()));
}
})
.build();
// 注入 ServletAdapter 实例 Inject ServletAdapter instance
@Autowired
private ServletAdapter servletAdapter;
// 创建路由处理器 Create route handler
@RequestMapping("/webhook/event")
public void event(HttpServletRequest request, HttpServletResponse response)
throws Throwable {
// 回调扩展包提供的事件回调处理器 Callback handler provided by the extension package
servletAdapter.handleEvent(request, response, EVENT_DISPATCHER);
}
}
// SDK 使用说明 SDK user guide:https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/server-side-sdk/nodejs-sdk/preparation-before-development
import http from 'http';
import * as lark from '@larksuiteoapi/node-sdk';
// 注册事件 Register event
const eventDispatcher = new lark.EventDispatcher({
encryptKey: '',
verificationToken: '',
}).register({
'auth.user_access_token.revoked_v4': async (data) => {
console.log(data);
return 'success';
},
});
const server = http.createServer();
// 创建路由处理器 Create route handler
server.on('request', lark.adaptDefault('/webhook/event', eventDispatcher));
server.listen(3000);