添加邮箱发送

OASystem/OASystem.Api/Controllers/AITestController.cs

@@ -1,7 +1,10 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
+using Microsoft.Identity.Client;
 using OASystem.API.OAMethodLib.DoubaoAPI;
 using OASystem.API.OAMethodLib.HotmailEmail;
 using OASystem.API.OAMethodLib.HunYuanAPI;
+using OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
 using OASystem.API.OAMethodLib.QiYeWeChatAPI;
 using OASystem.Domain.ViewModels.QiYeWeChat;
 using System.IO;
@@ -20,14 +23,25 @@ namespace OASystem.API.Controllers
         private readonly ILogger<AITestController> _logger;
         private readonly IQiYeWeChatApiService _qiYeWeChatApiService;
         private readonly IHotmailEmailService _hotmailEmailService;
-
-        public AITestController(IHunyuanService hunyuanService, IDoubaoService doubaoService, ILogger<AITestController> logger, IQiYeWeChatApiService qiYeWeChatApiService, IHotmailEmailService hotmailEmailService)
+        private readonly IMicrosoftGraphMailboxService _microsoftGraphMailboxService;
+        private readonly IOptionsMonitor<MicrosoftGraphMailboxOptions> _microsoftGraphMailboxOptions;
+
+        public AITestController(
+            IHunyuanService hunyuanService,
+            IDoubaoService doubaoService,
+            ILogger<AITestController> logger,
+            IQiYeWeChatApiService qiYeWeChatApiService,
+            IHotmailEmailService hotmailEmailService,
+            IMicrosoftGraphMailboxService microsoftGraphMailboxService,
+            IOptionsMonitor<MicrosoftGraphMailboxOptions> microsoftGraphMailboxOptions)
         {
             _hunyuanService = hunyuanService;
             _doubaoService = doubaoService;
             _logger = logger;
             _qiYeWeChatApiService = qiYeWeChatApiService;
             _hotmailEmailService = hotmailEmailService;
+            _microsoftGraphMailboxService = microsoftGraphMailboxService;
+            _microsoftGraphMailboxOptions = microsoftGraphMailboxOptions;
         }
 
         #region 企业微信发送邮件测试
@@ -352,5 +366,159 @@ namespace OASystem.API.Controllers
 
         #endregion
 
+        #region Microsoft Graph 邮箱测试（MSAL 公共客户端）
+
+        /// <summary>
+        /// 登录/令牌测试：获取 Graph 访问令牌（有缓存则静默；否则可能弹出浏览器完成交互式登录）。
+        /// </summary>
+        [HttpGet("graph-mail/token-test")]
+        public async Task<IActionResult> GraphMailTokenTest(CancellationToken cancellationToken = default)
+        {
+            var opt = _microsoftGraphMailboxOptions.CurrentValue;
+            if (string.IsNullOrWhiteSpace(opt.ClientId))
+                return BadRequest(new { message = "未配置 MicrosoftGraphMailbox:ClientId" });
+
+            try
+            {
+                var token = await _microsoftGraphMailboxService.GetAccessTokenAsync(cancellationToken);
+                var preview = token.Length <= 24
+                    ? "(过短，已隐藏)"
+                    : $"{token[..12]}…{token[^12..]}";
+                return Ok(new
+                {
+                    ok = true,
+                    message = "已获取访问令牌",
+                    tokenLength = token.Length,
+                    tokenPreview = preview,
+                    redirectUri = opt.RedirectUri,
+                    tenant = opt.Tenant
+                });
+            }
+            catch (MsalException ex)
+            {
+                _logger.LogWarning(ex, "Graph Mail token-test MSAL 失败");
+                return StatusCode(500, new { ok = false, message = "MSAL 认证失败", detail = ex.Message });
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "Graph Mail token-test 异常");
+                return StatusCode(500, new { ok = false, message = ex.Message });
+            }
+        }
+
+        /// <summary>
+        /// 查询当前登录用户：GET https://graph.microsoft.com/v1.0/me
+        /// </summary>
+        [HttpGet("graph-mail/me")]
+        public async Task<IActionResult> GraphMailMe(CancellationToken cancellationToken = default)
+        {
+            if (string.IsNullOrWhiteSpace(_microsoftGraphMailboxOptions.CurrentValue.ClientId))
+                return BadRequest(new { message = "未配置 MicrosoftGraphMailbox:ClientId" });
+
+            try
+            {
+                var json = await _microsoftGraphMailboxService.GetMeRawJsonAsync(cancellationToken);
+                if (string.IsNullOrEmpty(json))
+                    return StatusCode(502, new { message = "Graph 返回空正文" });
+
+                return Content(json, "application/json");
+            }
+            catch (MsalException ex)
+            {
+                return StatusCode(500, new { message = "MSAL 认证失败", detail = ex.Message });
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "Graph Mail /me 失败");
+                return StatusCode(500, new { message = ex.Message });
+            }
+        }
+
+        /// <summary>
+        /// 查询收件箱：receivedDateTime 大于等于 sinceUtc 的邮件（默认最近 24 小时，与 TopMessages 配置一致）。
+        /// </summary>
+        /// <param name="sinceUtc">起始时间（UTC），可传 ISO8601，如 2025-03-25T00:00:00Z</param>
+        /// <param name="cancellationToken">取消标记</param>
+        [HttpGet("graph-mail/inbox")]
+        public async Task<IActionResult> GraphMailInbox(
+            [FromQuery] DateTime? sinceUtc = null,
+            CancellationToken cancellationToken = default)
+        {
+            if (string.IsNullOrWhiteSpace(_microsoftGraphMailboxOptions.CurrentValue.ClientId))
+                return BadRequest(new { message = "未配置 MicrosoftGraphMailbox:ClientId" });
+
+            var since = sinceUtc ?? DateTime.UtcNow.AddHours(-24);
+
+            try
+            {
+                var json = await _microsoftGraphMailboxService.GetInboxMessagesJsonSinceAsync(since, cancellationToken);
+                if (string.IsNullOrEmpty(json))
+                    return StatusCode(502, new { message = "Graph 返回空正文" });
+
+                return Content(json, "application/json");
+            }
+            catch (MsalException ex)
+            {
+                return StatusCode(500, new { message = "MSAL 认证失败", detail = ex.Message });
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "Graph Mail inbox 失败");
+                return StatusCode(500, new { message = ex.Message });
+            }
+        }
+
+        /// <summary>
+        /// 通过 Graph sendMail 发送纯文本邮件（需 Mail.Send 权限）。
+        /// </summary>
+        [HttpPost("graph-mail/send")]
+        public async Task<IActionResult> GraphMailSend(
+            [FromBody] GraphMailSendTestRequest request,
+            CancellationToken cancellationToken = default)
+        {
+            if (request == null || string.IsNullOrWhiteSpace(request.ToEmail))
+                return BadRequest(new { message = "ToEmail 不能为空" });
+
+            if (string.IsNullOrWhiteSpace(_microsoftGraphMailboxOptions.CurrentValue.ClientId))
+                return BadRequest(new { message = "未配置 MicrosoftGraphMailbox:ClientId" });
+
+            var subject = string.IsNullOrWhiteSpace(request.Subject)
+                ? $"OASystem Graph 测试邮件 {DateTime.Now:yyyy-MM-dd HH:mm:ss}"
+                : request.Subject!;
+
+            var body = request.Body ?? string.Empty;
+
+            try
+            {
+                await _microsoftGraphMailboxService.SendMailAsync(request.ToEmail.Trim(), subject, body, cancellationToken);
+                return Ok(new { ok = true, message = "sendMail 已提交", to = request.ToEmail.Trim(), subject });
+            }
+            catch (MsalException ex)
+            {
+                return StatusCode(500, new { message = "MSAL 认证失败", detail = ex.Message });
+            }
+            catch (HttpRequestException ex)
+            {
+                return StatusCode(502, new { message = "Graph HTTP 错误", detail = ex.Message });
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "Graph Mail send 失败");
+                return StatusCode(500, new { message = ex.Message });
+            }
+        }
+
+        /// <summary>
+        /// Graph 发信测试请求体
+        /// </summary>
+        public class GraphMailSendTestRequest
+        {
+            public string ToEmail { get; set; } = string.Empty;
+            public string? Subject { get; set; }
+            public string? Body { get; set; }
+        }
+
+        #endregion
+
     }
 }

OASystem/OASystem.Api/OAMethodLib/MicrosoftGraphMailbox/GraphMailSendDtos.cs

@@ -0,0 +1,45 @@
+using System.Text.Json.Serialization;
+
+namespace OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
+
+public class GraphSendMailRequest
+{
+    [JsonPropertyName("message")]
+    public GraphSendMailMessage Message { get; set; } = new();
+
+    [JsonPropertyName("saveToSentItems")]
+    public bool SaveToSentItems { get; set; } = true;
+}
+
+public class GraphSendMailMessage
+{
+    [JsonPropertyName("subject")]
+    public string Subject { get; set; } = string.Empty;
+
+    [JsonPropertyName("body")]
+    public GraphSendMailBody Body { get; set; } = new();
+
+    [JsonPropertyName("toRecipients")]
+    public List<GraphSendMailRecipient> ToRecipients { get; set; } = new();
+}
+
+public class GraphSendMailBody
+{
+    [JsonPropertyName("contentType")]
+    public string ContentType { get; set; } = "Text";
+
+    [JsonPropertyName("content")]
+    public string Content { get; set; } = string.Empty;
+}
+
+public class GraphSendMailRecipient
+{
+    [JsonPropertyName("emailAddress")]
+    public GraphSendMailEmail EmailAddress { get; set; } = new();
+}
+
+public class GraphSendMailEmail
+{
+    [JsonPropertyName("address")]
+    public string Address { get; set; } = string.Empty;
+}

OASystem/OASystem.Api/OAMethodLib/MicrosoftGraphMailbox/IMicrosoftGraphMailboxService.cs

@@ -0,0 +1,24 @@
+namespace OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
+
+public interface IMicrosoftGraphMailboxService
+{
+    /// <summary>
+    /// 获取 Graph 访问令牌（优先静默；失败则交互式浏览器登录）。
+    /// </summary>
+    Task<string> GetAccessTokenAsync(CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// GET /me 原始 JSON（用于诊断）。
+    /// </summary>
+    Task<string?> GetMeRawJsonAsync(CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 拉取收件箱中 receivedDateTime &gt;= startUtc 的邮件列表 JSON（与示例控制台相同查询）。
+    /// </summary>
+    Task<string?> GetInboxMessagesJsonSinceAsync(DateTime startUtc, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// POST /me/sendMail 发送纯文本邮件。
+    /// </summary>
+    Task SendMailAsync(string toEmail, string subject, string textBody, CancellationToken cancellationToken = default);
+}

OASystem/OASystem.Api/OAMethodLib/MicrosoftGraphMailbox/MicrosoftGraphInboxPollerHostedService.cs

@@ -0,0 +1,169 @@
+using System.Text.Json;
+using Microsoft.Extensions.Options;
+using Microsoft.Identity.Client;
+
+namespace OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
+
+/// <summary>
+/// 后台轮询收件箱：仅当 <see cref="MicrosoftGraphMailboxOptions.Enabled"/> 为 true 时才会登录并访问 Graph。
+/// 首次无缓存时会通过交互式浏览器完成授权（重定向 URI 与配置一致）。
+/// </summary>
+public sealed class MicrosoftGraphInboxPollerHostedService : BackgroundService
+{
+    private readonly IOptionsMonitor<MicrosoftGraphMailboxOptions> _optionsMonitor;
+    private readonly IMicrosoftGraphMailboxService _graphMailbox;
+    private readonly ILogger<MicrosoftGraphInboxPollerHostedService> _logger;
+
+    private readonly HashSet<string> _processedMessageIds = new(StringComparer.Ordinal);
+    private DateTime? _monitorStartUtc;
+    private bool _startupProfileLogged;
+
+    public MicrosoftGraphInboxPollerHostedService(
+        IOptionsMonitor<MicrosoftGraphMailboxOptions> optionsMonitor,
+        IMicrosoftGraphMailboxService graphMailbox,
+        ILogger<MicrosoftGraphInboxPollerHostedService> logger)
+    {
+        _optionsMonitor = optionsMonitor;
+        _graphMailbox = graphMailbox;
+        _logger = logger;
+    }
+
+    protected override async Task ExecuteAsync(CancellationToken stoppingToken)
+    {
+        while (!stoppingToken.IsCancellationRequested)
+        {
+            var options = _optionsMonitor.CurrentValue;
+
+            if (!options.Enabled)
+            {
+                await Task.Delay(TimeSpan.FromSeconds(5), stoppingToken).ConfigureAwait(false);
+                continue;
+            }
+
+            if (_monitorStartUtc == null)
+                _monitorStartUtc = DateTime.UtcNow;
+
+            try
+            {
+                if (!_startupProfileLogged && options.LogProfileOnStartup)
+                {
+                    var meJson = await _graphMailbox.GetMeRawJsonAsync(stoppingToken).ConfigureAwait(false);
+                    if (!string.IsNullOrEmpty(meJson))
+                        _logger.LogInformation("Graph 邮箱：当前用户 /me 响应（节选） {Snippet}",
+                            meJson.Length > 500 ? meJson[..500] + "…" : meJson);
+                    _startupProfileLogged = true;
+                }
+
+                await PollInboxAsync(stoppingToken).ConfigureAwait(false);
+            }
+            catch (MsalException ex)
+            {
+                _logger.LogError(ex, "Graph 邮箱 MSAL 认证失败");
+            }
+            catch (HttpRequestException ex)
+            {
+                _logger.LogError(ex, "Graph 邮箱 HTTP 请求失败");
+            }
+            catch (OperationCanceledException) when (stoppingToken.IsCancellationRequested)
+            {
+                throw;
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "Graph 邮箱轮询异常");
+            }
+
+            var interval = TimeSpan.FromSeconds(Math.Clamp(options.PollIntervalSeconds, 5, 3600));
+            await Task.Delay(interval, stoppingToken).ConfigureAwait(false);
+        }
+    }
+
+    private async Task PollInboxAsync(CancellationToken cancellationToken)
+    {
+        var options = _optionsMonitor.CurrentValue;
+        var startUtc = _monitorStartUtc ?? DateTime.UtcNow;
+
+        var json = await _graphMailbox.GetInboxMessagesJsonSinceAsync(startUtc, cancellationToken)
+            .ConfigureAwait(false);
+
+        if (string.IsNullOrEmpty(json))
+        {
+            _logger.LogWarning("Graph 邮箱：未收到响应正文。");
+            return;
+        }
+
+        using var doc = JsonDocument.Parse(json);
+        if (!doc.RootElement.TryGetProperty("value", out var messages) ||
+            messages.ValueKind != JsonValueKind.Array)
+        {
+            if (json.Contains("error", StringComparison.OrdinalIgnoreCase))
+                _logger.LogWarning("Graph 邮箱接口错误响应: {Json}", json);
+            else
+                _logger.LogWarning("Graph 邮箱：响应中无 value 数组。");
+            return;
+        }
+
+        var newCount = 0;
+
+        foreach (var mail in messages.EnumerateArray())
+        {
+            var id = GetString(mail, "id");
+            if (string.IsNullOrWhiteSpace(id))
+                continue;
+
+            if (!_processedMessageIds.Add(id))
+                continue;
+
+            newCount++;
+
+            var subject = GetString(mail, "subject");
+            var from = GetNestedString(mail, "from", "emailAddress", "address");
+            var receivedDateTime = GetString(mail, "receivedDateTime");
+            var bodyPreview = GetString(mail, "bodyPreview");
+            var conversationId = GetString(mail, "conversationId");
+
+            _logger.LogInformation(
+                "Graph 新邮件 Id={Id} From={From} Subject={Subject} Received={Received} ConversationId={Conv} Preview={Preview}",
+                id, from, subject, receivedDateTime, conversationId, bodyPreview);
+
+            if (!string.IsNullOrWhiteSpace(subject) &&
+                subject.StartsWith("Re:", StringComparison.OrdinalIgnoreCase))
+            {
+                _logger.LogInformation("Graph 新邮件检测到回复主题: {Subject}", subject);
+            }
+        }
+
+        if (newCount == 0 && options.LogEachPollWhenEmpty)
+            _logger.LogDebug("Graph 邮箱轮询：无新邮件（起点 UTC {Start:O}）", startUtc);
+    }
+
+    private static string GetString(JsonElement element, string propertyName)
+    {
+        if (element.TryGetProperty(propertyName, out var value))
+        {
+            return value.ValueKind switch
+            {
+                JsonValueKind.String => value.GetString() ?? string.Empty,
+                JsonValueKind.Null => string.Empty,
+                _ => value.ToString()
+            };
+        }
+
+        return string.Empty;
+    }
+
+    private static string GetNestedString(JsonElement element, params string[] propertyPath)
+    {
+        var current = element;
+
+        foreach (var property in propertyPath)
+        {
+            if (!current.TryGetProperty(property, out current))
+                return string.Empty;
+        }
+
+        return current.ValueKind == JsonValueKind.String
+            ? current.GetString() ?? string.Empty
+            : current.ToString();
+    }
+}

OASystem/OASystem.Api/OAMethodLib/MicrosoftGraphMailbox/MicrosoftGraphMailboxOptions.cs

@@ -0,0 +1,59 @@
+namespace OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
+
+/// <summary>
+/// Microsoft Graph 邮箱轮询（公共客户端 MSAL + 交互式首次登录）配置。
+/// </summary>
+public class MicrosoftGraphMailboxOptions
+{
+    public const string SectionName = "MicrosoftGraphMailbox";
+
+    /// <summary>
+    /// 是否启用后台收件箱轮询。关闭时不初始化 MSAL、不弹浏览器。
+    /// </summary>
+    public bool Enabled { get; set; }
+
+    /// <summary>
+    /// Azure AD 应用程序（公共客户端）ID。
+    /// </summary>
+    public string ClientId { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 租户，例如 common、organizations 或具体租户 GUID。
+    /// </summary>
+    public string Tenant { get; set; } = "common";
+
+    /// <summary>
+    /// 须在 Azure 门户中注册的公共客户端重定向 URI（与交互式登录一致）。
+    /// </summary>
+    public string RedirectUri { get; set; } = "http://localhost:55649";
+
+    /// <summary>
+    /// 轮询间隔（秒）。
+    /// </summary>
+    public int PollIntervalSeconds { get; set; } = 30;
+
+    /// <summary>
+    /// 每次拉取的邮件条数上限。
+    /// </summary>
+    public int TopMessages { get; set; } = 50;
+
+    /// <summary>
+    /// MSAL 令牌缓存目录；为空则使用 %LocalAppData%\OASystem\MicrosoftGraphMailbox。
+    /// </summary>
+    public string? CacheDirectory { get; set; }
+
+    /// <summary>
+    /// 令牌缓存文件名。
+    /// </summary>
+    public string CacheFileName { get; set; } = "msal_graph_mailbox_cache.bin";
+
+    /// <summary>
+    /// 启动并成功取 token 后是否调用 /me 打一条日志（便于确认账号）。
+    /// </summary>
+    public bool LogProfileOnStartup { get; set; } = true;
+
+    /// <summary>
+    /// 无新邮件时是否仍输出轮询心跳日志。
+    /// </summary>
+    public bool LogEachPollWhenEmpty { get; set; }
+}

OASystem/OASystem.Api/OAMethodLib/MicrosoftGraphMailbox/MicrosoftGraphMailboxService.cs

@@ -0,0 +1,200 @@
+using System.Net.Http.Headers;
+using System.Text;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using Microsoft.Extensions.Options;
+using Microsoft.Identity.Client;
+using Microsoft.Identity.Client.Extensions.Msal;
+
+namespace OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
+
+public class MicrosoftGraphMailboxService : IMicrosoftGraphMailboxService
+{
+    private static readonly string[] Scopes =
+    {
+        "Mail.Read",
+        "User.Read",
+        "Mail.Send"
+    };
+
+    private readonly IHttpClientFactory _httpClientFactory;
+    private readonly IOptionsMonitor<MicrosoftGraphMailboxOptions> _options;
+    private readonly ILogger<MicrosoftGraphMailboxService> _logger;
+
+    private readonly SemaphoreSlim _initLock = new(1, 1);
+    private readonly SemaphoreSlim _tokenLock = new(1, 1);
+
+    private IPublicClientApplication? _pca;
+    private MsalCacheHelper? _cacheHelper;
+
+    private const string HttpClientName = "MicrosoftGraph";
+
+    public MicrosoftGraphMailboxService(
+        IHttpClientFactory httpClientFactory,
+        IOptionsMonitor<MicrosoftGraphMailboxOptions> options,
+        ILogger<MicrosoftGraphMailboxService> logger)
+    {
+        _httpClientFactory = httpClientFactory;
+        _options = options;
+        _logger = logger;
+    }
+
+    public async Task<string> GetAccessTokenAsync(CancellationToken cancellationToken = default)
+    {
+        await EnsureInitializedAsync(cancellationToken).ConfigureAwait(false);
+
+        await _tokenLock.WaitAsync(cancellationToken).ConfigureAwait(false);
+        try
+        {
+            var app = _pca ?? throw new InvalidOperationException("MSAL 未初始化。");
+            var accounts = await app.GetAccountsAsync().ConfigureAwait(false);
+            var account = accounts.FirstOrDefault();
+
+            try
+            {
+                var result = await app.AcquireTokenSilent(Scopes, account)
+                    .ExecuteAsync(cancellationToken)
+                    .ConfigureAwait(false);
+                return result.AccessToken;
+            }
+            catch (MsalUiRequiredException)
+            {
+                _logger.LogInformation("Graph 邮箱：需要交互式登录（将打开浏览器），重定向: {Redirect}",
+                    _options.CurrentValue.RedirectUri);
+
+                var result = await app.AcquireTokenInteractive(Scopes)
+                    .WithPrompt(Prompt.SelectAccount)
+                    .ExecuteAsync(cancellationToken)
+                    .ConfigureAwait(false);
+
+                return result.AccessToken;
+            }
+        }
+        finally
+        {
+            _tokenLock.Release();
+        }
+    }
+
+    public async Task<string?> GetMeRawJsonAsync(CancellationToken cancellationToken = default)
+    {
+        using var client = await CreateAuthenticatedClientAsync(cancellationToken).ConfigureAwait(false);
+        using var response = await client.GetAsync("me", cancellationToken).ConfigureAwait(false);
+        var body = await response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false);
+        if (!response.IsSuccessStatusCode)
+            _logger.LogWarning("Graph GET /me 失败: {Status} {Body}", (int)response.StatusCode, body);
+        return body;
+    }
+
+    public async Task<string?> GetInboxMessagesJsonSinceAsync(DateTime startUtc, CancellationToken cancellationToken = default)
+    {
+        var opt = _options.CurrentValue;
+        var startTime = startUtc.ToString("o");
+        var url =
+            "me/mailFolders/inbox/messages" +
+            "?$select=id,subject,from,receivedDateTime,bodyPreview,conversationId" +
+            $"&$filter=receivedDateTime ge {startTime}" +
+            "&$orderby=receivedDateTime desc" +
+            $"&$top={opt.TopMessages}";
+
+        using var client = await CreateAuthenticatedClientAsync(cancellationToken).ConfigureAwait(false);
+        using var response = await client.GetAsync(url, cancellationToken).ConfigureAwait(false);
+        var body = await response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false);
+        if (!response.IsSuccessStatusCode)
+            _logger.LogWarning("Graph 拉取收件箱失败: {Status} {Body}", (int)response.StatusCode, body);
+        return body;
+    }
+
+    public async Task SendMailAsync(string toEmail, string subject, string textBody, CancellationToken cancellationToken = default)
+    {
+        var payload = new GraphSendMailRequest
+        {
+            Message = new GraphSendMailMessage
+            {
+                Subject = subject,
+                Body = new GraphSendMailBody
+                {
+                    ContentType = "Text",
+                    Content = textBody
+                },
+                ToRecipients = new List<GraphSendMailRecipient>
+                {
+                    new()
+                    {
+                        EmailAddress = new GraphSendMailEmail { Address = toEmail }
+                    }
+                }
+            },
+            SaveToSentItems = true
+        };
+
+        var json = System.Text.Json.JsonSerializer.Serialize(payload, new JsonSerializerOptions
+        {
+            DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull
+        });
+
+        using var client = await CreateAuthenticatedClientAsync(cancellationToken).ConfigureAwait(false);
+        using var content = new StringContent(json, Encoding.UTF8, "application/json");
+        using var response = await client.PostAsync("me/sendMail", content, cancellationToken).ConfigureAwait(false);
+        var responseText = await response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false);
+
+        if (!response.IsSuccessStatusCode)
+        {
+            _logger.LogError("Graph sendMail 失败: {Status} {Body}", (int)response.StatusCode, responseText);
+            response.EnsureSuccessStatusCode();
+        }
+    }
+
+    private async Task<HttpClient> CreateAuthenticatedClientAsync(CancellationToken cancellationToken)
+    {
+        var token = await GetAccessTokenAsync(cancellationToken).ConfigureAwait(false);
+        var client = _httpClientFactory.CreateClient(HttpClientName);
+        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
+        return client;
+    }
+
+    private async Task EnsureInitializedAsync(CancellationToken cancellationToken)
+    {
+        if (_pca != null)
+            return;
+
+        await _initLock.WaitAsync(cancellationToken).ConfigureAwait(false);
+        try
+        {
+            if (_pca != null)
+                return;
+
+            var opt = _options.CurrentValue;
+            if (string.IsNullOrWhiteSpace(opt.ClientId))
+                throw new InvalidOperationException("MicrosoftGraphMailbox:ClientId 未配置。");
+
+            var cacheDir = string.IsNullOrWhiteSpace(opt.CacheDirectory)
+                ? Path.Combine(
+                    Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData),
+                    "OASystem",
+                    "MicrosoftGraphMailbox")
+                : opt.CacheDirectory;
+
+            Directory.CreateDirectory(cacheDir);
+
+            var storage = new StorageCreationPropertiesBuilder(opt.CacheFileName, cacheDir)
+                .Build();
+
+            _cacheHelper = await MsalCacheHelper.CreateAsync(storage).ConfigureAwait(false);
+
+            _pca = PublicClientApplicationBuilder
+                .Create(opt.ClientId)
+                .WithAuthority($"https://login.microsoftonline.com/{opt.Tenant}")
+                .WithRedirectUri(opt.RedirectUri)
+                .Build();
+
+            _cacheHelper.RegisterCache(_pca.UserTokenCache);
+
+            _logger.LogInformation("Graph 邮箱 MSAL 已初始化，缓存目录: {Dir}", cacheDir);
+        }
+        finally
+        {
+            _initLock.Release();
+        }
+    }
+}

OASystem/OASystem.Api/OASystem.API.csproj

@@ -58,6 +58,8 @@
     <PackageReference Include="Markdig" Version="0.33.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.11" />
     <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Identity.Client" Version="4.66.2" />
+    <PackageReference Include="Microsoft.Identity.Client.Extensions.Msal" Version="4.66.2" />
     <PackageReference Include="NodaTime" Version="3.2.0" />
     <PackageReference Include="NPOI" Version="2.7.1" />
     <PackageReference Include="PinYinConverterCore" Version="1.0.2" />

OASystem/OASystem.Api/Program.cs

@@ -29,12 +29,14 @@ using TencentCloud.Common;
 using TencentCloud.Common.Profile;
 using TencentCloud.Hunyuan.V20230901;
 using static OASystem.API.Middlewares.RateLimitMiddleware;
+using OASystem.API.OAMethodLib.MicrosoftGraphMailbox;
+using OASystem.API.OAMethodLib.HotmailEmail;
 
 Console.Title = $"FMGJ OASystem Server";
 var builder = WebApplication.CreateBuilder(args);
 var basePath = AppContext.BaseDirectory;
 
-//引入配置文件
+//寮曞叆閰嶇疆鏂囦欢
 var _config = new ConfigurationBuilder()
                  .SetBasePath(basePath)
                  .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
@@ -43,10 +45,10 @@ var _config = new ConfigurationBuilder()
                  .Build();
 builder.Services.AddSingleton(new AppSettingsHelper(_config));
 
-//设置请求参数可不填
+//设置请求参数可不填
 builder.Services.AddControllers(options => options.SuppressImplicitRequiredAttributeForNonNullableReferenceTypes = true);
 
-//设置请求参数错误默认返回格式
+//璁剧疆璇锋眰鍙傛暟閿欒�榛樿�杩斿洖鏍煎紡
 builder.Services.AddControllers()
     .ConfigureApiBehaviorOptions(options =>
     {
@@ -75,26 +77,26 @@ builder.Services.AddControllersWithViews();
 builder.Services.AddControllers()
     .AddJsonOptions(options =>
     {
-        //空字段不响应Response
+        //绌哄瓧娈典笉鍝嶅簲Response
         //options.JsonSerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull;
 
         options.JsonSerializerOptions.Converters.Add(new NullJsonConverter());
 
-        //时间格式化响应
+        //时间格式化响应
         options.JsonSerializerOptions.Converters.Add(new DateTimeJsonConverter("yyyy-MM-dd HH:mm:ss"));
 
-        //decimal 四位小数
-        //options.JsonSerializerOptions.Converters.Add(new DecimalConverter(_decimalPlaces)); // 将保留小数位数参数传递给自定义序列化器
+        //decimal 鍥涗綅灏忔暟
+        //options.JsonSerializerOptions.Converters.Add(new DecimalConverter(_decimalPlaces)); // 将保留小数位数参数传递给自定义序列化器
     });
 
 builder.Services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
 
-#region 添加限流中间件服务注册
+#region 添加限流中间件服务注册
 
-// 添加内存缓存（限流需要）
+// 娣诲姞鍐呭瓨缂撳瓨锛堥檺娴侀渶瑕侊級
 builder.Services.AddMemoryCache();
 
-// 配置限流设置
+// 閰嶇疆闄愭祦璁剧疆
 builder.Services.Configure<RateLimitConfig>(
     builder.Configuration.GetSection("RateLimiting"));
 #endregion
@@ -120,14 +122,14 @@ builder.Services.AddCors(options =>
     //policy.AddPolicy("Cors", opt => opt
     //        //.SetIsOriginAllowed(origin =>
     //        //{
-    //        //    // 定义允许的来源列表
+    //        //    // 定义允许的来源列表
     //        //    var allowedOrigins = new List<string>
     //        //        {
     //        //           "http://132.232.92.186:9002",
     //        //           "http://oa.pan-american-intl.com:4399"
     //        //        };
 
-    //        //    // 检查请求的来源是否在允许的列表中
+    //        //    // 检查请求的来源是否在允许的列表中
     //        //    return allowedOrigins.Contains(origin);
     //        //})
 
@@ -149,7 +151,7 @@ builder.Services.AddCors(options =>
 });
 #endregion
 
-#region 上传文件 
+#region 涓婁紶鏂囦欢 
 builder.Services.AddCors(policy =>
 {
     policy.AddPolicy("Cors", opt => opt
@@ -175,15 +177,15 @@ builder.Services.Configure<KestrelServerOptions>(options =>
 
 #endregion
 
-#region 接口分组
+#region 鎺ュ彛鍒嗙粍
 var groups = new List<Tuple<string, string>>
 {
-    //new Tuple<string, string>("Group1","分组一"),
-    //new Tuple<string, string>("Group2","分组二")
+    //new Tuple<string, string>("Group1","鍒嗙粍涓€"),
+    //new Tuple<string, string>("Group2","分组二")
 };
 #endregion
 
-#region 注入数据库
+#region 注入数据库
 
 #region old
 
@@ -206,38 +208,38 @@ builder.Services.AddScoped(options =>
     }
     , db =>
     {
-        // SQL执行完
+        // SQL执行完
         db.Aop.OnLogExecuted = (sql, pars) =>
         {
-            // 超过1秒
+            // 超过1秒
             if (db.Ado.SqlExecutionTime.TotalSeconds > 1)
             {
                 var FirstMethodName = db.Ado.SqlStackTrace.FirstMethodName;
-                //执行完了可以输出SQL执行时间 (OnLogExecutedDelegate) 
+                //鎵ц�瀹屼簡鍙�互杈撳嚭SQL鎵ц�鏃堕棿 (OnLogExecutedDelegate) 
                 Console.WriteLine("NowTime:" + DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss"));
                 Console.WriteLine("MethodName:" + FirstMethodName);
                 Console.WriteLine("ElapsedTime:" + db.Ado.SqlExecutionTime.ToString());
                 Console.WriteLine("ExecuteSQL:" + sql);
             }
         };
-        //SQL执行前
+        //SQL执行前
         db.Aop.OnLogExecuting = (sql, pars) =>
         {
         };
-        //SQL报错
+        //SQL鎶ラ敊
         db.Aop.OnError = (exp) =>
         {
-            //获取原生SQL推荐 5.1.4.63  性能OK
+            //鑾峰彇鍘熺敓SQL鎺ㄨ崘 5.1.4.63  鎬ц兘OK
             //UtilMethods.GetNativeSql(exp.Sql, exp.Parametres);
-            //获取无参数SQL对性能有影响，特别大的SQL参数多的，调试使用
+            //获取无参数SQL对性能有影响，特别大的SQL参数多的，调试使用
             //UtilMethods.GetSqlString(DbType.SqlServer, exp.sql, exp.parameters);
 
         };
-        //修改SQL和参数的值
+        //修改SQL和参数的值
         db.Aop.OnExecutingChangeSql = (sql, pars) =>
         {
             //sql=newsql
-            //foreach(var p in pars) //修改
+            //foreach(var p in pars) //淇�敼
             return new KeyValuePair<string, SugarParameter[]>(sql, pars);
         };
     }
@@ -248,27 +250,27 @@ builder.Services.AddScoped(options =>
 
 #endregion
 
-//#region Identity 配置
+//#region Identity 閰嶇疆
 //builder.Services.AddDataProtection();
-////不要用 AddIdentity ， AddIdentity 是于MVC框架中的
+////不要用 AddIdentity ， AddIdentity 是于MVC框架中的
 //builder.Services.AddIdentityCore<User>(opt =>
 //{
-//    opt.Password.RequireDigit = false; //数字
-//    opt.Password.RequireLowercase = false;//小写字母
-//    opt.Password.RequireNonAlphanumeric = false;//特殊符号 例如 ￥#@！ 
-//    opt.Password.RequireUppercase = false; //大写字母
-//    opt.Password.RequiredLength = 6;//密码长度 6 
-//    opt.Password.RequiredUniqueChars = 1;//相同字符可以出现几次
-//    opt.Lockout.MaxFailedAccessAttempts = 5; //允许最多输入五次用户名/密码错误
-//    opt.Lockout.DefaultLockoutTimeSpan = new TimeSpan(0, 5, 0);//锁定五分钟
-//    opt.Tokens.PasswordResetTokenProvider = TokenOptions.DefaultEmailProvider; // 修改密码使用邮件【验证码模式】
+//    opt.Password.RequireDigit = false; //鏁板瓧
+//    opt.Password.RequireLowercase = false;//灏忓啓瀛楁瘝
+//    opt.Password.RequireNonAlphanumeric = false;//特殊符号 例如 ￥#@！ 
+//    opt.Password.RequireUppercase = false; //澶у啓瀛楁瘝
+//    opt.Password.RequiredLength = 6;//瀵嗙爜闀垮害 6 
+//    opt.Password.RequiredUniqueChars = 1;//鐩稿悓瀛楃�鍙�互鍑虹幇鍑犳�
+//    opt.Lockout.MaxFailedAccessAttempts = 5; //鍏佽�鏈€澶氳緭鍏ヤ簲娆＄敤鎴峰悕/瀵嗙爜閿欒�
+//    opt.Lockout.DefaultLockoutTimeSpan = new TimeSpan(0, 5, 0);//锁定五分钟
+//    opt.Tokens.PasswordResetTokenProvider = TokenOptions.DefaultEmailProvider; // 修改密码使用邮件【验证码模式】
 //    opt.Tokens.EmailConfirmationTokenProvider = TokenOptions.DefaultEmailProvider;  //// 
 //});
 //var idBuilder = new IdentityBuilder(typeof(User), typeof(UserRole), services);
 //idBuilder.AddEntityFrameworkStores<swapDbContext>().AddDefaultTokenProviders().AddRoleManager<RoleManager<UserRole>>().AddUserManager<UserManager<User>>();
 //#endregion
 
-#region 注入Swagger注释(启用)
+#region 娉ㄥ叆Swagger娉ㄩ噴(鍚�敤)
 
 if (AppSettingsHelper.Get("UseSwagger").ToBool())
 {
@@ -278,11 +280,11 @@ if (AppSettingsHelper.Get("UseSwagger").ToBool())
         {
             Version = "v1",
             Title = "Api",
-            Description = "Api接口文档"
+            Description = "Api鎺ュ彛鏂囨。"
         });
         foreach (var item in groups)
         {
-            a.SwaggerDoc(item.Item1, new OpenApiInfo { Version = item.Item1, Title = item.Item2, Description = $"{item.Item2}接口文档" });
+            a.SwaggerDoc(item.Item1, new OpenApiInfo { Version = item.Item1, Title = item.Item2, Description = $"{item.Item2}鎺ュ彛鏂囨。" });
         }
         a.DocumentFilter<SwaggerApi>();
         a.IncludeXmlComments(Path.Combine(basePath, "OASystem.Api.xml"), true);
@@ -311,7 +313,7 @@ if (AppSettingsHelper.Get("UseSwagger").ToBool())
 }
 #endregion
 
-#region 添加校验
+#region 娣诲姞鏍￠獙
 
 builder.Services.AddTransient<OASystemAuthentication>();
 builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
@@ -326,7 +328,7 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
             ValidAudience = "OASystem.com",
             ValidIssuer = "OASystem.com",
             IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["JwtSecurityKey"])),
-            ClockSkew = TimeSpan.FromSeconds(30), //过期时间容错值，解决服务器端时间不同步问题（秒）
+            ClockSkew = TimeSpan.FromSeconds(30), //杩囨湡鏃堕棿瀹归敊鍊硷紝瑙ｅ喅鏈嶅姟鍣ㄧ�鏃堕棿涓嶅悓姝ラ棶棰橈紙绉掞級
             RequireExpirationTime = true,
         };
         options.Events = new JwtBearerEvents
@@ -334,7 +336,7 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
             OnMessageReceived = context =>
             {
                 var path = context.HttpContext.Request.Path;
-                //如果是signalr请求，需要将token转存，否则JWT获取不到token。OPTIONS请求需要过滤到，因为OPTIONS请求获取不到Token，用NGINX过滤掉OPTION请求.
+                //濡傛灉鏄痵ignalr璇锋眰锛岄渶瑕佸皢token杞�瓨锛屽惁鍒橨WT鑾峰彇涓嶅埌token銆侽PTIONS璇锋眰闇€瑕佽繃婊ゅ埌锛屽洜涓篛PTIONS璇锋眰鑾峰彇涓嶅埌Token锛岀敤NGINX杩囨护鎺塐PTION璇锋眰.
                 if (path.StartsWithSegments("/ChatHub"))
                 {
                     string accessToken = context.Request.Query["access_token"].ToString();
@@ -351,10 +353,10 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
 
 #endregion
 
-#region 初始化日志
+#region 初始化日志
 var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
 Log.Logger = new LoggerConfiguration()
-        //不记录定时访问API
+        //涓嶈�褰曞畾鏃惰�闂瓵PI
         .Filter.ByIncludingOnly(logEvent =>
         {
             if (logEvent.Properties.TryGetValue("RequestPath", out var pathValue))
@@ -374,20 +376,20 @@ Log.Logger = new LoggerConfiguration()
 
 // 
 
-#region 出入境费用明细 专用记录器
+#region 出入境费用明细 专用记录器
 
-// 指定磁盘绝对路径（示例：D盘的AppLogs文件夹）
+// 鎸囧畾纾佺洏缁濆�璺�緞锛堢ず渚嬶細D鐩樼殑AppLogs鏂囦欢澶癸級
 var logDirectory = @"D:\OASystem\Logs\EnterExitCost";
 
-// 自动创建目录（如果不存在）
+// 自动创建目录（如果不存在）
 try
 {
     Directory.CreateDirectory(logDirectory);
-    Log.Information($"日志目录已创建/确认存在: {logDirectory}");
+    Log.Information($"日志目录已创建/确认存在: {logDirectory}");
 }
 catch (Exception ex)
 {
-    Log.Fatal($"无法创建日志目录 {logDirectory}: {ex.Message}");
+    Log.Fatal($"鏃犳硶鍒涘缓鏃ュ織鐩�綍 {logDirectory}: {ex.Message}");
     throw;
 }
 
@@ -398,20 +400,20 @@ var eec_TextLogger = new LoggerConfiguration()
 
 #endregion
 
-#region 团组步骤操作 专用记录器
+#region 团组步骤操作 专用记录器
 
-// 指定磁盘绝对路径（示例：D盘的AppLogs文件夹）
+// 鎸囧畾纾佺洏缁濆�璺�緞锛堢ず渚嬶細D鐩樼殑AppLogs鏂囦欢澶癸級
 var groupLogDir = @"D:\OASystem\Logs\GroupStepOP";
 
-// 自动创建目录（如果不存在）
+// 自动创建目录（如果不存在）
 try
 {
     Directory.CreateDirectory(groupLogDir);
-    Log.Information($"日志目录已创建/确认存在: {groupLogDir}");
+    Log.Information($"日志目录已创建/确认存在: {groupLogDir}");
 }
 catch (Exception ex)
 {
-    Log.Fatal($"无法创建日志目录 {groupLogDir}: {ex.Message}");
+    Log.Fatal($"鏃犳硶鍒涘缓鏃ュ織鐩�綍 {groupLogDir}: {ex.Message}");
     throw;
 }
 
@@ -422,20 +424,20 @@ var groupStepOP_TextLogger = new LoggerConfiguration()
 
 #endregion
 
-#region 任务分配操作 专用记录器
+#region 任务分配操作 专用记录器
 
-// 指定磁盘绝对路径（示例：D盘的AppLogs文件夹）
+// 鎸囧畾纾佺洏缁濆�璺�緞锛堢ず渚嬶細D鐩樼殑AppLogs鏂囦欢澶癸級
 var taskLogDir = @"D:\OASystem\Logs\TaskAllocation";
 
-// 自动创建目录（如果不存在）
+// 自动创建目录（如果不存在）
 try
 {
     Directory.CreateDirectory(taskLogDir);
-    Log.Information($"日志目录已创建/确认存在: {taskLogDir}");
+    Log.Information($"日志目录已创建/确认存在: {taskLogDir}");
 }
 catch (Exception ex)
 {
-    Log.Fatal($"无法创建日志目录 {taskLogDir}: {ex.Message}");
+    Log.Fatal($"鏃犳硶鍒涘缓鏃ュ織鐩�綍 {taskLogDir}: {ex.Message}");
     throw;
 }
 
@@ -446,7 +448,7 @@ var task_TextLogger = new LoggerConfiguration()
 
 #endregion
 
-// 配置Serilog为Log;
+// 閰嶇疆Serilog涓篖og;
 builder.Host.UseSerilog();
 
 builder.Services.AddSingleton<ITextFileLogger>(new TextFileLogger(eec_TextLogger));
@@ -454,7 +456,7 @@ builder.Services.AddSingleton<IGroupTextFileLogger>(new GroupTextFileLogger(grou
 builder.Services.AddSingleton<ITaskTextFileLogger>(new TaskTextFileLogger(task_TextLogger));
 #endregion
 
-#region 引入注册Autofac Module
+#region 寮曞叆娉ㄥ唽Autofac Module
 builder.Host.UseServiceProviderFactory(new AutofacServiceProviderFactory());
 var hostBuilder = builder.Host.ConfigureContainer<ContainerBuilder>(builder =>
 {
@@ -480,29 +482,29 @@ builder.Services.AddScoped<IMapper, Mapper>();
 
 #endregion
 
-#region DeepSeek AI 服务
+#region DeepSeek AI 鏈嶅姟
 
-// 配置HTTP客户端（DeepSeek 长耗时调用，默认 10 分钟）
+// 配置HTTP客户端（DeepSeek 长耗时调用，默认 10 分钟）
 builder.Services.AddHttpClient<IDeepSeekService, DeepSeekService>(client =>
     client.Timeout = TimeSpan.FromMinutes(10));
 
 #endregion
 
-#region Doubao API 服务
+#region Doubao API 鏈嶅姟
 var doubaoSetting = builder.Configuration.GetSection("DouBao").Get<OASystem.API.OAMethodLib.DoubaoAPI.DoubaoSetting>();
 builder.Services.AddSingleton(doubaoSetting);
 builder.Services.AddHttpClient("Doubao", c => c.BaseAddress = new Uri(doubaoSetting.BaseAddress));
 builder.Services.AddScoped<OASystem.API.OAMethodLib.DoubaoAPI.IDoubaoService, OASystem.API.OAMethodLib.DoubaoAPI.DoubaoService>();
 #endregion
 
-#region 聚合API 服务
+#region 鑱氬悎API 鏈嶅姟
 builder.Services.AddControllersWithViews();
 builder.Services.AddSingleton<IJuHeApiService, JuHeApiService>();
 builder.Services.AddHttpClient("PublicJuHeApi", c => c.BaseAddress = new Uri("http://web.juhe.cn"));
 builder.Services.AddHttpClient("PublicJuHeTranslateApi", c => c.BaseAddress = new Uri("http://apis.juhe.cn"));
 #endregion
 
-#region 企业微信API 服务
+#region 浼佷笟寰�俊API 鏈嶅姟
 
 builder.Services.AddControllersWithViews();
 builder.Services.AddSingleton<IQiYeWeChatApiService, QiYeWeChatApiService>();
@@ -510,17 +512,17 @@ builder.Services.AddHttpClient("PublicQiYeWeChatApi", c => c.BaseAddress = new U
 
 #endregion
 
-#region 混元API
+#region 娣峰厓API
 
-// 从配置中读取腾讯云密钥信息（请确保appsettings.json中有对应配置）
+// 从配置中读取腾讯云密钥信息（请确保appsettings.json中有对应配置）
 var secretId = builder.Configuration["TencentCloud:SecretId"];
 var secretKey = builder.Configuration["TencentCloud:SecretKey"];
 var region = builder.Configuration["TencentCloud:Region"] ?? "ap-guangzhou";
 
-// 配置HttpClientFactory（SDK内部会用到）
+// 閰嶇疆HttpClientFactory锛圫DK鍐呴儴浼氱敤鍒帮級
 builder.Services.AddHttpClient();
 
-// 注册腾讯云Hunyuan Client为Singleton（推荐）
+// 娉ㄥ唽鑵捐�浜慔unyuan Client涓篠ingleton锛堟帹鑽愶級
 builder.Services.AddSingleton(provider =>
 {
     Credential cred = new Credential
@@ -533,17 +535,17 @@ builder.Services.AddSingleton(provider =>
     HttpProfile httpProfile = new HttpProfile
     {
         Endpoint = "hunyuan.tencentcloudapi.com",
-        Timeout = 60 * 10,  // 单位秒
+        Timeout = 60 * 10,  // 单位秒
     };
     clientProfile.HttpProfile = httpProfile;
 
     return new HunyuanClient(cred, region, clientProfile);
 });
 
-// 注册自定义服务接口及其实现为Scoped生命周期
+// 娉ㄥ唽鑷�畾涔夋湇鍔℃帴鍙ｅ強鍏跺疄鐜颁负Scoped鐢熷懡鍛ㄦ湡
 builder.Services.AddScoped<IHunyuanService, HunyuanService>();
 
-// 注册混元服务
+// 娉ㄥ唽娣峰厓鏈嶅姟
 //builder.Services.AddHttpClient<IHunyuanService, HunyuanService>(client =>
 //{
 //    client.BaseAddress = new Uri("https://hunyuan.ap-chengdu.tencentcloudapi.com/");
@@ -553,17 +555,17 @@ builder.Services.AddScoped<IHunyuanService, HunyuanService>();
 //builder.Services.Configure<HunyuanApiSettings>(builder.Configuration.GetSection("HunyuanApiSettings"));
 #endregion
 
-#region 有道API 服务
+#region 鏈夐亾API 鏈嶅姟
 //builder.Services.AddControllersWithViews();
 //builder.Services.AddSingleton<IYouDaoApiService, YouDaoApiService>();
 //builder.Services.AddHttpClient("PublicYouDaoApi", c => c.BaseAddress = new Uri("https://openapi.youdao.com"));
 #endregion
 
-#region 高德地图API 服务
+#region 楂樺痉鍦板浘API 鏈嶅姟
 builder.Services.AddHttpClient<GeocodeService>();
 #endregion
 
-#region 通用搜索服务
+#region 閫氱敤鎼滅储鏈嶅姟
 builder.Services.AddScoped(typeof(DynamicSearchService<>));
 
 #endregion
@@ -598,52 +600,67 @@ builder.Services.TryAddSingleton(typeof(CommonService));
 builder.Services.AddTransient<IHotmailEmailService, HotmailEmailService>();
 #endregion
 
+#region Microsoft Graph 閭��鏈嶅姟
+
+builder.Services.Configure<MicrosoftGraphMailboxOptions>(
+    builder.Configuration.GetSection(MicrosoftGraphMailboxOptions.SectionName));
+builder.Services.AddHttpClient("MicrosoftGraph", c =>
+{
+    c.BaseAddress = new Uri("https://graph.microsoft.com/v1.0/");
+    c.Timeout = TimeSpan.FromMinutes(2);
+});
+
+builder.Services.AddSingleton<IMicrosoftGraphMailboxService, MicrosoftGraphMailboxService>();
+builder.Services.AddHostedService<MicrosoftGraphInboxPollerHostedService>();
+
+#endregion
+
 var app = builder.Build();
 
-//// 1. 异常处理器应该在最早的位置（除了日志等）
+//// 1. 异常处理器应该在最早的位置（除了日志等）
 //app.UseExceptionHandler(new ExceptionHandlerOptions
 //{
 //    ExceptionHandlingPath = "/Home/Error", 
 //    AllowStatusCode404Response = true
 //});
 
-//自定义异常中间件
+//鑷�畾涔夊紓甯镐腑闂翠欢
 //app.UseMiddleware<ExceptionHandlingMiddleware>();
 
-//serilog日志 请求中间管道
+//serilog鏃ュ織 璇锋眰涓�棿绠￠亾
 app.UseSerilogRequestLogging(options =>
 {
     //options.MessageTemplate = "HTTP {RequestMethod} {RequestPath} from {ClientIP} (UA: {UserAgent}, Referer: {Referer}) - {StatusCode} in {Elapsed} ms";
 
     options.MessageTemplate = "HTTP {RequestMethod} {RequestPath} from {ClientIP} (UA: {UserAgent}) - {StatusCode} in {Elapsed} ms";
 
-    // 自定义日志级别
+    // 自定义日志级别
     options.GetLevel = (httpContext, elapsed, ex) =>
     {
         if (ex != null) return LogEventLevel.Error;
         if (httpContext.Response.StatusCode > 499) return LogEventLevel.Error;
 
-        // 对健康检查等端点使用更低级别
+        // 瀵瑰仴搴锋�鏌ョ瓑绔�偣浣跨敤鏇翠綆绾у埆
         if (httpContext.Request.Path.StartsWithSegments("/health"))
             return LogEventLevel.Debug;
 
         return LogEventLevel.Information;
     };
 
-    // 丰富日志上下文
+    // 丰富日志上下文
     options.EnrichDiagnosticContext = (diagnosticContext, httpContext) =>
     {
-        // 获取客户端IP（处理代理情况）
+        // 鑾峰彇瀹㈡埛绔疘P锛堝�鐞嗕唬鐞嗘儏鍐碉級
         var ipAddress = CommonFun.GetClientIpAddress(httpContext);
         var userAgent = CommonFun.DetectOS(httpContext.Request.Headers.UserAgent.ToString());
 
-        // 添加IP和其他有用信息到日志上下文
+        // 添加IP和其他有用信息到日志上下文
         diagnosticContext.Set("ClientIP", ipAddress);
         diagnosticContext.Set("RequestHost", httpContext.Request.Host.Value);
         diagnosticContext.Set("UserAgent", userAgent);
         diagnosticContext.Set("Referer", httpContext.Request.Headers.Referer.ToString());
 
-        // 对于API请求添加额外信息
+        // 瀵逛簬API璇锋眰娣诲姞棰濆�淇℃伅
         if (httpContext.Request.Path.StartsWithSegments("/api"))
         {
             diagnosticContext.Set("RequestContentType", httpContext.Request.ContentType);
@@ -669,28 +686,28 @@ app.UseCors("Cors");  //Cors
 
 //app.UseMiddleware<FixedPromptMiddleware>();
 
-// 定义允许API的访问时间段
+// 瀹氫箟鍏佽�API鐨勮�闂�椂闂存�
 //var startTime = DateTime.Parse(_config["ApiAccessTime:StartTime"]);
 //var endTime = DateTime.Parse(_config["ApiAccessTime:EndTime"]);
 //app.UseMiddleware<TimeRestrictionMiddleware>(startTime, endTime);
 
-//指定API操作记录信息
+//鎸囧畾API鎿嶄綔璁板綍淇℃伅
 app.UseMiddleware<RecordAPIOperationMiddleware>();
 
-app.UseAuthentication(); // 认证
+app.UseAuthentication(); // 璁よ瘉
 
 app.UseMiddleware<RateLimitMiddleware>();
 
-app.UseAuthorization();  // 授权
+app.UseAuthorization();  // 鎺堟潈
 
 app.UseWhen(context =>
     context.Request.Path.StartsWithSegments("/api/MarketCustomerResources/QueryNewClientData"),
     branch => branch.UseResponseCompression());
 
-// 授权路径
+// 鎺堟潈璺�緞
 //app.MapGet("generatetoken", c => c.Response.WriteAsync(JWTBearer.GenerateToken(c)));
 
-#region 启用swaggerUI
+#region 鍚�敤swaggerUI
 if (AppSettingsHelper.Get("UseSwagger").ToBool())
 {
     app.UseSwagger();
@@ -705,15 +722,15 @@ if (AppSettingsHelper.Get("UseSwagger").ToBool())
         c.DocExpansion(Swashbuckle.AspNetCore.SwaggerUI.DocExpansion.None);
         c.DefaultModelsExpandDepth(-1);
 
-        //c.EnableFilter();// 添加搜索功能
-        //c.EnableDeepLinking(); // 启用深度链接
+        //c.EnableFilter();// 娣诲姞鎼滅储鍔熻兘
+        //c.EnableDeepLinking(); // 鍚�敤娣卞害閾炬帴
     });
 }
 #endregion
 
 #region Quartz
 
-//获取容器中的QuartzFactory
+//鑾峰彇瀹瑰櫒涓�殑QuartzFactory
 var quartz = app.Services.GetRequiredService<QuartzFactory>();
 app.Lifetime.ApplicationStarted.Register(async () =>
 {
@@ -722,7 +739,7 @@ app.Lifetime.ApplicationStarted.Register(async () =>
 
 app.Lifetime.ApplicationStopped.Register(() =>
 {
-    //Quzrtz关闭方法
+    //Quzrtz鍏抽棴鏂规硶
     //quartz.Stop();
 });
 

OASystem/OASystem.Api/appsettings.json

@@ -605,5 +605,26 @@
     //"SenderEmail": "Roy.Lei.Atom@hotmail.com",
     "SenderName": "Roy Lei",
     "AppPassword": "pqqrwkszdodzhift"
+  },
+  // Microsoft Graph 邮箱：MSAL 公共客户端 + 收件箱轮询（首次登录会弹浏览器；须在 Azure 注册 RedirectUri）
+  "MicrosoftGraphMailbox": {
+    // 是否启用后台轮询；false 时不初始化 MSAL、不弹浏览器
+    "Enabled": false,
+    // Azure AD 应用注册中的应用程序(客户端)ID（公共客户端）
+    "ClientId": "0dfaa938-d3f8-4b57-b723-d84709543892",
+    // 登录颁发机构租户：common / organizations / 或租户 GUID
+    "Tenant": "common",
+    // 公共客户端重定向 URI，须与 Azure 门户「身份验证」中配置完全一致（交互式登录回调）
+    "RedirectUri": "http://localhost:55649",
+    // 拉取收件箱的轮询间隔（秒），建议不小于 5
+    "PollIntervalSeconds": 30,
+    // 单次 Graph 请求返回的邮件条数上限（$top）
+    "TopMessages": 50,
+    // MSAL 令牌缓存文件名（目录为空时默认 %LocalAppData%\OASystem\MicrosoftGraphMailbox）
+    "CacheFileName": "msal_graph_mailbox_cache.bin",
+    // 首次成功取 token 后是否请求 /me 并写日志（便于确认登录账号）
+    "LogProfileOnStartup": true,
+    // 当本轮无新邮件时是否输出 Debug 级别心跳日志
+    "LogEachPollWhenEmpty": false
   }
 }