cso1z
diff --git a/‎.env.example‎
Lines changed: 10 additions & 1 deletion b/‎.env.example‎
Lines changed: 10 additions & 1 deletion
diff --git a/‎FEISHU_CONFIG.md‎
Lines changed: 20 additions & 7 deletions b/‎FEISHU_CONFIG.md‎
Lines changed: 20 additions & 7 deletions
diff --git a/‎README.md‎
Lines changed: 13 additions & 7 deletions b/‎README.md‎
Lines changed: 13 additions & 7 deletions
diff --git a/‎image/redirect_uri.png‎
50 KB b/‎image/redirect_uri.png‎
50 KB
diff --git a/‎package.json‎
Lines changed: 1 addition & 1 deletion b/‎package.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/mcp/tools/feishuFolderTools.ts‎
Lines changed: 35 additions & 28 deletions b/‎src/mcp/tools/feishuFolderTools.ts‎
Lines changed: 35 additions & 28 deletions
diff --git a/‎src/server.ts‎
Lines changed: 21 additions & 0 deletions b/‎src/server.ts‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎src/services/baseService.ts‎
Lines changed: 0 additions & 16 deletions b/‎src/services/baseService.ts‎
Lines changed: 0 additions & 16 deletions
diff --git a/‎src/services/callbackService.ts‎
Lines changed: 84 additions & 0 deletions b/‎src/services/callbackService.ts‎
Lines changed: 84 additions & 0 deletions
@@ -2,7 +2,16 @@
 FEISHU_APP_ID=your_feishu_app_id_here
 FEISHU_APP_SECRET=your_feishu_app_secret_here
 FEISHU_BASE_URL=https://open.feishu.cn/open-apis
-FEISHU_TOKEN_LIFETIME=7200
+
+# 认证凭证类型，支持 tenant（应用级，默认）或 user（用户级，需OAuth授权）注意：只有本地运行服务时支持user凭证，否则就需要配置FEISHU_TOKEN_ENDPOINT，自己实现获取token管理（可以参考 callbackService、feishuAuthService）
+FEISHU_AUTH_TYPE=tenant  # 可选值：tenant 或 user
+
+# 获取token的接口地址，默认 http://localhost:3333/getToken
+# 接口参数：client_id, client_secret, token_type（可选，tenant/user）
+# 返回参数：access_token, needAuth, url（需授权时） ,expires_in (单位:s)
+FEISHU_TOKEN_ENDPOINT=http://localhost:3333/getToken
+
+
 
 # 服务器配置
 PORT=3333
 
@@ -2,6 +2,7 @@
 ## 详细步骤
 ### 一、注册飞书应用
 * url:https://open.feishu.cn/app?lang=zh-CN
+
   ![注册飞书应用](image/register_application.png)
 ### 二、为应用添加权限
 创建飞书应用完成后，我们需要为该应用添加飞书文档相关的权限，让应用拥有访问创建文档相关的能力
@@ -14,6 +15,7 @@
 {
   "scopes": {
     "tenant": [
+      "docx:document.block:convert",
       "base:app:read",
       "bitable:app",
       "bitable:app:readonly",
@@ -37,22 +39,34 @@
       "wiki:wiki:readonly"
     ],
     "user": [
+      "docx:document.block:convert",
+      "base:app:read",
+      "bitable:app",
+      "bitable:app:readonly",
       "board:whiteboard:node:read",
+      "contact:user.employee_id:readonly",
       "docs:document.content:read",
       "docx:document",
       "docx:document:create",
       "docx:document:readonly",
       "drive:drive",
+      "drive:drive:readonly",
+      "drive:file",
       "drive:file:upload",
       "sheets:spreadsheet",
+      "sheets:spreadsheet:readonly",
+      "space:document:retrieve",
+      "space:folder:create",
+      "wiki:space:read",
       "wiki:space:retrieve",
       "wiki:wiki",
-      "wiki:wiki:readonly"
+      "wiki:wiki:readonly",
+      "offline_access"
     ]
   }
 }
 ```
-#### 3. 发布审批应用
+#### 3. 发布审批应用（注：**可用范围选择全部**）
 ![发布审批应用](image/release.png)
 #### 4. 等待管理员审批通过
 ![发布审批应用完成](image/complete_permissions.png)
@@ -88,12 +102,11 @@
 
 ![赋予编辑权限](image/add_edit_permission.png)
 
-### 四、查看应用app Id与app Secret 
-![应用详情](image/appid.png)
-
-
-### 五、使用[smithery平台](https://smithery.ai/server/@cso1z/feishu-mcp)快捷接入
+### 四、添加redirect_uri回调地址:http://localhost:3333/callback (3333为mcp server默认端口)
+![安全设置](image/redirect_uri.png)
 
+### 五、查看应用app Id与app Secret 
+![应用详情](image/appid.png)
 
 ### 六、注
 1. 具体可参见[官方云文档常见问题](https://open.feishu.cn/document/server-docs/docs/faq)
 
@@ -21,7 +21,7 @@
 
 你可以通过以下视频了解 MCP 的实际使用效果和操作流程：
 
-<a href="https://www.bilibili.com/video/BV18z3gzdE1w/?spm_id_from=333.337.search-card.all.click&vd_source=94c14da5a71aeb01f665f159dd3d89c8">
+<a href="https://www.bilibili.com/video/BV1z7MdzoEfu/?vd_source=94c14da5a71aeb01f665f159dd3d89c8">
   <img src="image/demo.png" alt="飞书 MCP 使用演示" width="800"/>
 </a>
 
@@ -70,7 +70,7 @@
 - ~~**优化描述**：7000+ tokens → 3000+ tokens，简化提示，节省请求token~~ 0.0.15 ✅
 - ~~**批量增强**：新增批量更新、批量图片上传，单次操作效率提升50%~~ 0.0.15 ✅
 - **流程优化**：减少多步调用，实现一键完成复杂任务
-- **支持多种凭证类型**：包括 tenant_access_token、app_access_token 和 user_access_token，满足不同场景下的认证需求。
+- ~~**支持多种凭证类型**：包括 tenant_access_token和 user_access_token，满足不同场景下的认证需求~~  (飞书应用配置发生变更) 0.0.16 ✅。
 
 ---
 
@@ -152,11 +152,17 @@ npx feishu-mcp@latest --feishu-app-id=<你的飞书应用ID> --feishu-app-secret
 
 ### 环境变量配置
 
-| 变量名 | 必需 | 描述 | 默认值 |
-|--------|------|------|-------|
-| `FEISHU_APP_ID` | ✅ | 飞书应用 ID | - |
-| `FEISHU_APP_SECRET` | ✅ | 飞书应用密钥 | - |
-| `PORT` | ❌ | 服务器端口 | `3333` |
+| 变量名 | 必需 | 描述                                            | 默认值 |
+|--------|------|-----------------------------------------------|-------|
+| `FEISHU_APP_ID` | ✅ | 飞书应用 ID                                       | - |
+| `FEISHU_APP_SECRET` | ✅ | 飞书应用密钥                                        | - |
+| `PORT` | ❌ | 服务器端口                                         | `3333` |
+| `FEISHU_AUTH_TYPE` | ❌ | 认证凭证类型，建议本地运行时使用 `user`（用户级，需OAuth授权），云端/生产环境使用 `tenant`（应用级，默认） | `tenant` |
+| `FEISHU_TOKEN_ENDPOINT` | ❌ | 获取 token 的接口地址，仅当自定义 token 管理时需要              | `http://localhost:3333/getToken` |
+
+> **注意：**
+> - 只有本地运行服务时支持 `user` 凭证，否则需配置 `FEISHU_TOKEN_ENDPOINT`，自行实现 token 获取与管理（可参考 `callbackService`、`feishuAuthService`）。
+> - `FEISHU_TOKEN_ENDPOINT` 接口参数：`client_id`, `client_secret`, `token_type`（可选，tenant/user）；返回参数：`access_token`, `needAuth`, `url`（需授权时）, `expires_in`（单位:s）。
 
 ### 命令行参数
 
 
@@ -1,6 +1,6 @@
 {
   "name": "feishu-mcp",
-  "version": "0.0.15",
+  "version": "0.0.16",
   "description": "Model Context Protocol server for Feishu integration",
   "type": "module",
   "main": "dist/index.js",
 
@@ -6,42 +6,49 @@ import {
   FolderTokenSchema,
   FolderNameSchema,
 } from '../../types/feishuSchema.js';
+import { Config } from '../../utils/config';
 
 /**
  * 注册飞书文件夹相关的MCP工具
  * @param server MCP服务器实例
  * @param feishuService 飞书API服务实例
  */
 export function registerFeishuFolderTools(server: McpServer, feishuService: FeishuApiService | null): void {
+
+  const config = Config.getInstance();
+
   // 添加获取根文件夹信息工具
-  // server.tool(
-  //   'get_feishu_root_folder_info',
-  //   'Retrieves basic information about the root folder in Feishu Drive. Returns the token, ID and user ID of the root folder, which can be used for subsequent folder operations.',
-  //   {},
-  //   async () => {
-  //     try {
-  //       if (!feishuService) {
-  //         return {
-  //           content: [{ type: 'text', text: '飞书服务未初始化，请检查配置' }],
-  //         };
-  //       }
-  //
-  //       Logger.info(`开始获取飞书根文件夹信息`);
-  //       const folderInfo = await feishuService.getRootFolderInfo();
-  //       Logger.info(`飞书根文件夹信息获取成功，token: ${folderInfo.token}`);
-  //
-  //       return {
-  //         content: [{ type: 'text', text: JSON.stringify(folderInfo, null, 2) }],
-  //       };
-  //     } catch (error) {
-  //       Logger.error(`获取飞书根文件夹信息失败:`, error);
-  //       const errorMessage = formatErrorMessage(error, '获取飞书根文件夹信息失败');
-  //       return {
-  //         content: [{ type: 'text', text: errorMessage }],
-  //       };
-  //     }
-  //   },
-  // );
+  if (config.feishu.authType === 'user') {
+    server.tool(
+      'get_feishu_root_folder_info',
+      'Retrieves basic information about the root folder in Feishu Drive. Returns the token, ID and user ID of the root folder, which can be used for subsequent folder operations.',
+      {},
+      async () => {
+        try {
+          if (!feishuService) {
+            return {
+              content: [{ type: 'text', text: '飞书服务未初始化，请检查配置' }],
+            };
+          }
+
+          Logger.info(`开始获取飞书根文件夹信息`);
+          const folderInfo = await feishuService.getRootFolderInfo();
+          Logger.info(`飞书根文件夹信息获取成功，token: ${folderInfo.token}`);
+
+          return {
+            content: [{ type: 'text', text: JSON.stringify(folderInfo, null, 2) }],
+          };
+        } catch (error) {
+          Logger.error(`获取飞书根文件夹信息失败:`, error);
+          const errorMessage = formatErrorMessage(error, '获取飞书根文件夹信息失败');
+          return {
+            content: [{ type: 'text', text: errorMessage }],
+          };
+        }
+      },
+    );
+  }
+
 
   // 添加获取文件夹中的文件清单工具
   server.tool(
 
@@ -4,6 +4,7 @@ import { Transport } from '@modelcontextprotocol/sdk/shared/transport.js';
 import { Logger } from './utils/logger.js';
 import { SSEConnectionManager } from './manager/sseConnectionManager.js';
 import { FeishuMcp } from './mcp/feishuMcp.js';
+import { callback, getTokenByParams } from './services/callbackService.js';
 
 export class FeishuMcpServer {
   private connectionManager: SSEConnectionManager;
@@ -69,6 +70,26 @@ export class FeishuMcpServer {
       await transport.handlePostMessage(req, res);
     });
 
+    app.get('/callback', callback);
+
+    app.get('/getToken', async (req: Request, res: Response) => {
+      const { client_id, client_secret, token_type } = req.query;
+      if (!client_id || !client_secret) {
+        res.status(400).json({ code: 400, msg: '缺少 client_id 或 client_secret' });
+        return;
+      }
+      try {
+        const tokenResult = await getTokenByParams({
+          client_id: client_id as string,
+          client_secret: client_secret as string,
+          token_type: token_type as string
+        });
+        res.json({ code: 0, msg: 'success', data: tokenResult });
+      } catch (e: any) {
+        res.status(500).json({ code: 500, msg: e.message || '获取token失败' });
+      }
+    });
+
     app.listen(port, () => {
       Logger.info(`HTTP server listening on port ${port}`);
       Logger.info(`SSE endpoint available at http://localhost:${port}/sse`);
 
@@ -37,22 +37,6 @@ export abstract class BaseApiService {
    */
   protected abstract getBaseUrl(): string;
 
-  /**
-   * 获取API认证端点
-   * @returns 认证端点URL
-   */
-  protected abstract getAuthEndpoint(): string;
-  
-  /**
-   * 检查访问令牌是否过期
-   * @returns 是否过期
-   */
-  protected isTokenExpired(): boolean {
-    if (!this.accessToken || !this.tokenExpireTime) return true;
-    // 预留5分钟的缓冲时间
-    return Date.now() >= (this.tokenExpireTime - 5 * 60 * 1000);
-  }
-  
   /**
    * 获取访问令牌
    * @returns 访问令牌
 
@@ -0,0 +1,84 @@
+import { Request, Response } from 'express';
+import { AuthService } from './feishuAuthService.js';
+import { Config } from '../utils/config.js';
+import { CacheManager } from '../utils/cache.js';
+import { renderFeishuAuthResultHtml } from '../utils/document.js';
+
+// 通用响应码
+const CODE = {
+  SUCCESS: 0,
+  PARAM_ERROR: 400,
+  CUSTOM: 500,
+};
+
+// 封装响应方法
+function sendSuccess(res: Response, data: any) {
+  const html = renderFeishuAuthResultHtml(data);
+  res.setHeader('Content-Type', 'text/html; charset=utf-8');
+  res.status(200).send(html);
+}
+function sendFail(res: Response, msg: string, code: number = CODE.CUSTOM) {
+  const html = renderFeishuAuthResultHtml({ error: msg, code });
+  res.setHeader('Content-Type', 'text/html; charset=utf-8');
+  res.status(200).send(html);
+}
+
+const authService = new AuthService();
+const config = Config.getInstance();
+
+export async function callback(req: Request, res: Response) {
+  const code = req.query.code as string;
+  const state = req.query.state as string;
+  console.log(`[callback] query:`, req.query);
+  if (!code) {
+    console.log('[callback] 缺少code参数');
+    return sendFail(res, '缺少code参数', CODE.PARAM_ERROR);
+  }
+  // 校验state（clientKey）
+  const client_id = config.feishu.appId;
+  const client_secret = config.feishu.appSecret;
+  const expectedClientKey = await CacheManager.getClientKey(client_id, client_secret);
+  if (state !== expectedClientKey) {
+    console.log('[callback] state(clientKey)不匹配');
+    return sendFail(res, 'state(clientKey)不匹配', CODE.PARAM_ERROR);
+  }
+
+  const redirect_uri = `http://localhost:${config.server.port}/callback`;
+  const session = (req as any).session;
+  const code_verifier = session?.code_verifier || undefined;
+
+  try {
+    // 获取 user_access_token
+    const tokenResp = await authService.getUserTokenByCode({
+      client_id,
+      client_secret,
+      code,
+      redirect_uri,
+      code_verifier
+    });
+    const data = (tokenResp && typeof tokenResp === 'object') ? tokenResp : undefined;
+    console.log('[callback] feishu response:', data);
+    if (!data || data.code !== 0 || !data.access_token) {
+      return sendFail(res, `获取 access_token 失败，飞书返回: ${JSON.stringify(tokenResp)}`, CODE.CUSTOM);
+    }
+    // 获取用户信息
+    const access_token = data.access_token;
+    let userInfo = null;
+    if (access_token) {
+      userInfo = await authService.getUserInfo(access_token);
+      console.log('[callback] feishu userInfo:', userInfo);
+    }
+    return sendSuccess(res, { ...data, userInfo });
+  } catch (e) {
+    console.error('[callback] 请求飞书token或用户信息失败:', e);
+    return sendFail(res, `请求飞书token或用户信息失败: ${e}`, CODE.CUSTOM);
+  }
+}
+
+export async function getTokenByParams({ client_id, client_secret, token_type }: { client_id: string, client_secret: string, token_type?: string }) {
+  const authService = new AuthService();
+  if (client_id) authService.config.feishu.appId = client_id;
+  if (client_secret) authService.config.feishu.appSecret = client_secret;
+  if (token_type) authService.config.feishu.authType = token_type === 'user' ? 'user' : 'tenant';
+  return await authService.getToken();
+}
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "feishu-mcp",`
`3`		`- "version": "0.0.15",`
	`3`	`+ "version": "0.0.16",`
`4`	`4`	`"description": "Model Context Protocol server for Feishu integration",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"main": "dist/index.js",`