fix: 从静默授权记录取 sealId 拉图，避免印章列表查看权限

Co-authored-by: Cursor <cursoragent@cursor.com>

auth.go

@@ -1,6 +1,7 @@
 package qiyuesuosdk
 
 import (
+	"strconv"
 	"time"
 
 	v2auth_request "git.sxidc.com/student-physical-examination/contract_lock_sdk/model/v2auth/request"
@@ -164,10 +165,70 @@ func (c *Client) CompanySealAuthURLFor(company CompanyLocateParams, adminMobile
 	return resp.Result.Url, nil
 }
 
+// AuthorizedCompanySeal 静默授权记录中的印章摘要（与签章权限一致，不依赖印章列表查看权限）。
+type AuthorizedCompanySeal struct {
+	ID            string
+	Name          string
+	Type          string
+	SealAttribute string
+}
+
+// ListAuthorizedCompanySeals 查询法人单位静默授权中的印章；status 传 EFFECT 查生效授权。
+func (c *Client) ListAuthorizedCompanySeals(company CompanyLocateParams, status string) ([]AuthorizedCompanySeal, error) {
+	companyReq, err := company.toCompanyRequest()
+	if err != nil {
+		return nil, err
+	}
+	req := v2auth_request.V2AuthSignsilentCompanyRecordRequest{
+		AuthCompany: companyReq,
+		Status:      status,
+	}
+	var resp companyAuthRecordResp
+	if err := c.postJSON("/v2/auth/signsilent/company/record", req, &resp); err != nil {
+		return nil, err
+	}
+	if err := resp.err(); err != nil {
+		return nil, err
+	}
+	out := make([]AuthorizedCompanySeal, 0, len(resp.Result))
+	for _, item := range resp.Result {
+		seal := authorizedSealFromRecord(item)
+		if seal.ID == "" {
+			continue
+		}
+		out = append(out, seal)
+	}
+	return out, nil
+}
+
+func authorizedSealFromRecord(item common.AuthorizedSealRecordBean) AuthorizedCompanySeal {
+	seal := AuthorizedCompanySeal{}
+	if item.AuthorizedSealRecord != nil {
+		seal.ID = item.AuthorizedSealRecord.SealId
+	}
+	if item.SealBean != nil {
+		if seal.ID == "" && item.SealBean.Id != nil {
+			seal.ID = strconv.FormatInt(*item.SealBean.Id, 10)
+		}
+		seal.Name = item.SealBean.Name
+		seal.Type = item.SealBean.Type_
+		seal.SealAttribute = item.SealBean.SealAttribute
+	}
+	return seal
+}
+
 // QueryCompanySealAuthRecords 查询机构静默授权记录；status 传 "EFFECT" 查有效授权。
 func (c *Client) QueryCompanySealAuthRecords(openCompanyID, status string) ([]AuthRecord, error) {
+	return c.queryCompanySealAuthRecordsFor(CompanyLocateParams{OpenCompanyID: openCompanyID}, status)
+}
+
+func (c *Client) queryCompanySealAuthRecordsFor(company CompanyLocateParams, status string) ([]AuthRecord, error) {
+	companyReq, err := company.toCompanyRequest()
+	if err != nil {
+		return nil, err
+	}
 	req := v2auth_request.V2AuthSignsilentCompanyRecordRequest{
-		AuthCompany: &common.CompanyRequest{OpenCompanyId: openCompanyID},
+		AuthCompany: companyReq,
 		Status:      status,
 	}
 	var resp companyAuthRecordResp
@@ -179,6 +240,9 @@ func (c *Client) QueryCompanySealAuthRecords(openCompanyID, status string) ([]Au
 	}
 	out := make([]AuthRecord, 0, len(resp.Result))
 	for _, item := range resp.Result {
+		if item.AuthorizedSealRecord == nil {
+			continue
+		}
 		out = append(out, AuthRecord{
 			Status:    item.AuthorizedSealRecord.Status,
 			StartTime: item.AuthorizedSealRecord.StartTime,

seal.go

@@ -145,32 +145,81 @@ func pickCompanySeal(seals []CompanySealSummary, preferredName string) (*Company
 	return &seals[0], nil
 }
 
+func pickAuthorizedCompanySeal(seals []AuthorizedCompanySeal, preferredName string) (*AuthorizedCompanySeal, error) {
+	if len(seals) == 0 {
+		return nil, ErrSealNotFound
+	}
+	preferredName = strings.TrimSpace(preferredName)
+	if preferredName != "" {
+		for i := range seals {
+			if seals[i].Name == preferredName {
+				return &seals[i], nil
+			}
+		}
+	}
+	for i := range seals {
+		if seals[i].Type == "COMPANY" {
+			return &seals[i], nil
+		}
+	}
+	return &seals[0], nil
+}
+
 // SealImageByID 按印章 id 下载电子章图片。
-func (c *Client) SealImageByID(sealID string) ([]byte, string, error) {
+func (c *Client) SealImageByID(company CompanyLocateParams, sealID, sealName string) ([]byte, string, error) {
 	sealID = strings.TrimSpace(sealID)
 	if sealID == "" {
 		return nil, "", ErrInvalidParams
 	}
-	return c.postForImageBytes("/seal/customparam/image", map[string]any{
+	body := map[string]any{
 		"sealId":        sealID,
 		"sealAttribute": "ELECTRONIC",
 		"sealImageFormatRequest": map[string]any{
 			"imageFormat": "png",
 		},
-	})
+	}
+	if sealName != "" {
+		body["sealName"] = sealName
+	}
+	if company.ID != "" {
+		body["companyId"] = company.ID
+	}
+	if company.Name != "" {
+		body["companyName"] = company.Name
+	}
+	if company.RegisterNo != "" {
+		body["registerNo"] = company.RegisterNo
+	}
+	return c.postForImageBytes("/seal/customparam/image", body)
 }
 
-// ResolveCompanySealImageBase64 先列出法人单位电子章，再按 sealId 拉图（避免印章名不一致）。
+// ResolveCompanySealImageBase64 从静默授权记录取已授权印章，再按 sealId 拉图。
 func (c *Client) ResolveCompanySealImageBase64(company CompanyLocateParams, preferredSealName string) (string, string, string, error) {
-	seals, err := c.ListCompanyElectronicSeals(company)
+	seals, err := c.ListAuthorizedCompanySeals(company, "EFFECT")
 	if err != nil {
 		return "", "", "", err
 	}
-	seal, err := pickCompanySeal(seals, preferredSealName)
+	seal, err := pickAuthorizedCompanySeal(seals, preferredSealName)
 	if err != nil {
-		return "", "", "", err
+		// 授权记录未返回印章详情时，再尝试印章列表（部分环境已分配查看权限）。
+		certSeals, listErr := c.ListCompanyElectronicSeals(company)
+		if listErr != nil {
+			return "", "", "", err
+		}
+		certSeal, pickErr := pickCompanySeal(certSeals, preferredSealName)
+		if pickErr != nil {
+			return "", "", "", err
+		}
+		seal = &AuthorizedCompanySeal{
+			ID:   certSeal.ID,
+			Name: certSeal.Name,
+			Type: certSeal.Type,
+		}
+	}
+	data, contentType, err := c.SealImageByID(company, seal.ID, seal.Name)
+	if err != nil && seal.Name != "" {
+		data, contentType, err = c.CompanySealImage(company, seal.Name)
 	}
-	data, contentType, err := c.SealImageByID(seal.ID)
 	if err != nil {
 		return "", "", "", err
 	}