CN110011950A - A kind of method for authenticating and device of video flowing address - Google Patents

A kind of method for authenticating and device of video flowing address Download PDF

Info

Publication number
CN110011950A
CN110011950A CN201810008106.4A CN201810008106A CN110011950A CN 110011950 A CN110011950 A CN 110011950A CN 201810008106 A CN201810008106 A CN 201810008106A CN 110011950 A CN110011950 A CN 110011950A
Authority
CN
China
Prior art keywords
authentication
information
server
client
video flowing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810008106.4A
Other languages
Chinese (zh)
Other versions
CN110011950B (en
Inventor
周志刚
张文明
陈少杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Douyu Network Technology Co Ltd
Original Assignee
Wuhan Douyu Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Douyu Network Technology Co Ltd filed Critical Wuhan Douyu Network Technology Co Ltd
Priority to CN201810008106.4A priority Critical patent/CN110011950B/en
Publication of CN110011950A publication Critical patent/CN110011950A/en
Application granted granted Critical
Publication of CN110011950B publication Critical patent/CN110011950B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/60Network streaming of media packets
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Multimedia (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The embodiment of the invention provides the method for authenticating and device of a kind of video flowing address, method therein includes: to send log-on message to first server and second server;Receive the second information for being used for authentication and the user authentication information that the first server is sent;According to for authentication the first information and the user authentication information determine the first authentication values, be based on user authentication information and first authentication values, obtain video flowing address request information;Video flowing address request information is sent to first server, after determining the second authentication values by the first information and the user authentication information that are used for authentication again, judge whether first authentication values match with second authentication values, if it does, then client is authenticated by video flowing address.Method of the invention solves the technical problem lower there are safety due to the easy acquisition video flowing address information of hacker in the prior art.

Description

A kind of method for authenticating and device of video flowing address
Technical field
The present invention relates to field of computer technology more particularly to a kind of method for authenticating and device of video flowing address.
Background technique
With the development of HTML technology, HTML5 has become next-generation HTML standard, and major part browser can be supported at present HTML5, to be applied in web program more and more based on the new features of HTML5, such as the broadcasting of live video Deng.
In the prior art, video playing is also based on HTML5 technology, when the video flowing that server receives client is asked After asking, video flowing address corresponding with video flowing request can be sent to client by server, so that it is above-mentioned to be based on client Video flowing address plays corresponding video.However due in the video render based on HTML5 technology, video flowing address information is It is indicated using JavaScript language, since JavaScript is a kind of explanatory scripting language, so that client Video flowing address information in browser is presented in the form of source code, and such third-party platform or hacker are easy acquisition Then video flowing address information cracks code logic therein, thus with can obtaining video flowing without any authorization The corresponding video content in location, thus the illegal risk for obtaining video is increased, safety is lower.
Therefore, in the prior art due to third-party platform or hacker are easy to obtain video flowing address information and there are safeties Lower technical problem.
Summary of the invention
The embodiment of the invention provides the method for authenticating and device of a kind of video flowing address, to solve in the prior art by It is easy to obtain video flowing address information and the technical problem lower there are safety in third-party platform or hacker.
First aspect present invention provides a kind of method for authenticating of video flowing address, comprising: sends log-on message to first Server and second server so that the first server according to the log-on message generate for authentication the first information and User authentication information, and generate after being encrypted using the first information described in predetermined encryption key pair for authentication for authenticating The second information, and make the second server be based on the log-on message to the client send it is close with the predetermined encryption The corresponding decruption key of key, wherein the decruption key is generation of the second server according to the predetermined encryption key Logic obtains;
Second information for authentication and the user authentication information that the first server is sent are received, and is led to It crosses the decruption key second information for authentication is decrypted, obtains the first information for authentication;
The first authentication values are determined according to the first information for authentication and the user authentication information, and are based on institute User authentication information and first authentication values are stated, video flowing address request information is obtained;
The video flowing address request information is sent to first server, so that the first server passes through the view Frequency stream address request information obtains first authentication values, then passes through the first information and the user authentication for authentication After information determines the second authentication values, judge whether first authentication values match with second authentication values, wherein when described When first authentication values are matched with second authentication values, client is authenticated by video flowing address.
Based on same inventive concept, second aspect of the present invention provides a kind of method for authenticating of video flowing address, comprising:
The log-on message of client is received, and is generated according to the log-on message and is recognized for the first information of authentication and user Information is demonstrate,proved, the first information described in predetermined encryption key pair for authentication is recycled to be encrypted, generates second for authentication Information;
Second information and user authentication information for authentication is sent to the client, so that the client is logical It crosses decruption key second information for authentication is decrypted, obtains the first information for authentication, wherein institute Stating decruption key is to send out after second server is obtained according to the generation logic of the predetermined encryption key, based on the log-on message It send to the client;
Receive the video flowing address request information that the client is sent, wherein the video flowing address request information is The client the first authentication values are determined according to the first information for authentication and the user authentication information after, again will It is obtained after the user authentication information and first authentication values combination;
First authentication values are obtained according to the video flowing address request information, and according to first for authentication Information and the user authentication information determine the second authentication values;
Judge whether first authentication values match with second authentication values, when first authentication values and described second When authentication values match, authenticate the client by video flowing address.
Optionally, pass through the client when first authentication values are matched with second authentication values described After the authentication of video flowing address, the method also includes:
Video flowing address corresponding with the video flowing address request information is sent to the client.
Optionally, the predetermined encryption key is what first server was generated according to current time stamp.
Based on same inventive concept, third aspect present invention provides a kind of method for authenticating of video flowing address, comprising:
Receive the log-on message of client;
Decruption key is sent to the client based on the log-on message, so that the client is close by the decryption Key the second information for authentication is decrypted the first information obtained for authentication, and according to first for authentication Information and user authentication information determine the first authentication values, will obtain after the user authentication information and first authentication values combination Video flowing address request information is obtained, and the video flowing address request information is sent to first server, and make described first Server obtains first authentication values according to the video flowing address request information, according to the first information for authentication After determining the second authentication values with the user authentication information, judge first authentication values and second authentication values whether Match, when first authentication values are matched with second authentication values, authenticates the client by video flowing address;Its In, second information for authentication is that the first server generates the first letter for being used for authentication according to the log-on message It ceases and is obtained after being encrypted using the predetermined encryption key, the user authentication information is first server reception The client is sent to after the log-on message, the decruption key is second server according to the predetermined encryption key Generation logic obtain.
Based on same inventive concept, fourth aspect present invention provides a kind of authentication device of video flowing address, described Device is client, comprising:
First sending module, for sending log-on message to first server and second server, so that first clothes Business device generates the first information and user authentication information for authentication according to the log-on message, and utilizes predetermined encryption key pair The first information for authentication generates the second information for authentication after being encrypted, and is based on the second server The log-on message sends decruption key corresponding with the predetermined encryption key to the client, wherein the decryption is close Key is that the second server is obtained according to the generation logic of the predetermined encryption key;
Receiving module, for receiving the second information and the user described in the first server transmission for authentication Authentication information, and second information for authentication is decrypted by the decruption key, it obtains described for authenticating The first information;
Determining module, for determining the first mirror according to the first information for authentication and the user authentication information Weight, and the user authentication information and first authentication values are based on, obtain video flowing address request information;
Second sending module, for the video flowing address request information to be sent to first server, so that described One server obtains first authentication values by the video flowing address request information, then passes through first for authentication After information and the user authentication information determine the second authentication values, judge that first authentication values are with second authentication values No matching, wherein when first authentication values are matched with second authentication values, client is authenticated by video flowing address.
Based on same inventive concept, fifth aspect present invention provides a kind of authentication device of video flowing address, described Device is first server, comprising:
First receiving module is generated for receiving the log-on message of client, and according to the log-on message for authenticating The first information and user authentication information, recycle predetermined encryption key pair described in for authentication the first information encrypted, Generate the second information for authentication;
Sending module, for sending second information and user authentication information for authentication to the client, with The client is decrypted to second information for authentication by decruption key, obtains for authentication One information, wherein the decruption key is after second server is obtained according to the generation logic of the predetermined encryption key, is based on The log-on message is sent to the client;
Second receiving module, the video flowing address request information sent for receiving the client, wherein the video Stream address request information is that the client is determined according to the first information for authentication and the user authentication information It is obtained after being combined after first authentication values, again by the user authentication information and first authentication values;
Determining module, for obtaining first authentication values according to the video flowing address request information, and according to described The second authentication values are determined for the first information of authentication and the user authentication information;
Authentication module, for judging whether first authentication values match with second authentication values, when first mirror When weight is matched with second authentication values, authenticate the client by video flowing address.
Based on same inventive concept, sixth aspect present invention provides a kind of authentication device of video flowing address, described Device is second server, comprising:
Receiving module, for receiving the log-on message of client;
Sending module, for sending decruption key to the client based on the log-on message, so that the client The first information obtained for authentication is decrypted to the second information for authentication by the decruption key, and according to described The first information and user authentication information for authentication determine the first authentication values, by the user authentication information and described first Video flowing address request information is obtained after authentication values combination, and the video flowing address request information is sent to first service Device, and the first server is made to obtain first authentication values according to the video flowing address request information, according to the use After the first information of authentication and the user authentication information determine the second authentication values, judge first authentication values with it is described Whether the second authentication values match, and when first authentication values are matched with second authentication values, the client are made to pass through view Frequency stream address authentication;Wherein, second information for authentication is that the first server is generated according to the log-on message For authentication the first information and obtain after being encrypted using the predetermined encryption key, the user authentication information is institute State first server and receive and be sent to the client after the log-on message, the decruption key be second server according to What the generation logic of the predetermined encryption key obtained.
Based on same inventive concept, seventh aspect present invention provides a kind of computer readable storage medium, deposits thereon Computer program is contained, the method that first aspect present invention provides is realized when which is executed by processor.
Based on same inventive concept, eighth aspect present invention provides a kind of computer equipment, including memory, processing On a memory and the computer program that can run on a processor, when processor execution described program, is realized for device and storage The method that first aspect present invention provides.
Said one or multiple technical solutions in the embodiment of the present application at least have following one or more technology effects Fruit:
In method provided by the invention, on the one hand, client needs the first information and user by being used for authentication to recognize After demonstrate,proving the first authentication values of information acquisition, video flowing address request information just can be generated, be rather than directly to first server hair Video flowing address request information is sent, and calculated first authentication values of client will be with first server according to same method When calculated second authentication values match, client just passes through authentication, and then just can receive corresponding video flowing address, this Sample client before sending video flowing address, first server can video flowing address request information to client carry out legitimacy Examination and judgement, compared to client directly to server send video flowing address request information for, video flowing can be improved The safety of address request information.On the other hand, the second information for authentication that client receives is by predetermined encryption The encrypted information of key, thus client need sent according to second server it is corresponding with predetermined encryption key decrypt it is close Key can just obtain the first information for authentication after recycling decruption key that the second information for authentication is decrypted, The difficulty for obtaining the first information for authentication, also, received the second information for authentication of client are increased in this way What one server was sent, and the decruption key for being used to decrypt the second information for authentication is that second server is sent, two Server is independent from each other, and is to be sent by different network channels, therefore can reinforce to decruption key Protection, and then the acquisition difficulty of decruption key is increased, further increase decruption key cracks difficulty, so further mention High acquisition video flowing address safety.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention, And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root Other attached drawings are obtained according to these attached drawings.
Fig. 1 is a kind of flow chart of the method for authenticating of video flowing address in the embodiment of the present invention;
Fig. 2 is the flow chart of the method for authenticating of another video flowing address in the embodiment of the present invention;
Fig. 3 is the flow chart of the method for authenticating of another video flowing address in the embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of the authentication device of video flowing address in the embodiment of the present invention;
Fig. 5 is the structural schematic diagram of the authentication device of another video flowing address in the embodiment of the present invention;
Fig. 6 is the structural schematic diagram of the authentication device of another video flowing address in the embodiment of the present invention;
Fig. 7 is a kind of structural schematic diagram of computer readable storage medium in the embodiment of the present invention;
Fig. 8 is a kind of structural schematic diagram of computer equipment in the embodiment of the present invention.
Specific embodiment
The embodiment of the present application by providing the method for authenticating and device of a kind of video flowing address, solve in the prior art by It is easy to obtain video flowing address information and the technical problem lower there are safety in hacker, realizes and improve video flowing address and ask Seek the technical effect of the safety and reliability of information.
Technical solution in the embodiment of the present application, general thought are as follows: client is sending video flowing to first server Before address request information, need to obtain the first information and user authentication information for authentication for calculating the first authentication values, and it is objective Family end it is received for authentication the second information be utilize predetermined encryption key pair for authentication the first information encrypt after generate , the first information for needing to utilize decruption key corresponding with predetermined encryption key that could obtain for authentication increases in this way The difficulty of the first information for authentication is obtained, and then increases the difficulty of hack, also, the decryption that client obtains is close Key is that second server is sent, i.e., in the information that client needs, the second information and user authentication information for authentication are From first server, and the decruption key for being used to decrypt the second information for authentication comes from second server, And first server is independent from each other with second server, to further increase the difficulty that client obtains decruption key Degree, so further improve the safety of video flowing address acquisition.
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Embodiment one
It should be noted that method provided in this embodiment is applied to client, the client and the server are logical It crosses network to be attached, to realize communication;In the specific implementation process, the client can be applied to mobile terminal device (such as mobile phone, tablet computer) also can be applied to fixed terminal equipment (such as desktop computer), herein also with no restriction.
The present embodiment provides a kind of method for authenticating of video flowing address, the method is applied to client, as shown in Figure 1, This method comprises:
Step S101: sending log-on message to first server and second server so that the first server according to The log-on message generates the first information and user authentication information for authentication, and is used for using described in predetermined encryption key pair The first information of authentication generates the second information for authentication after being encrypted, and the second server is made to be based on the login Information sends decruption key corresponding with the predetermined encryption key to the client, wherein the decruption key is described Second server is obtained according to the generation logic of the predetermined encryption key.
Specifically, above-mentioned log-on message includes user name, password etc., preferably, in the embodiment of the present invention, the first clothes Business device is PHP (Hypertext Preprocessor) server, and second server is C++ server, to pass through the first clothes Business device sends HTML (HyperText Markup Language) file, JavaScript file etc. that the page needs, Ke Yichong Divide the short link properties using PHP server, and C++ server can then be carried out using Websocket agreement and client Long connection, so that the transmission of data is safer and maintains secrecy.
When client logs in, log-on message can be sent to first server and second server, first server receives The first information and user authentication information for authentication are generated according to the log-on message of client after to log-on message.It is specific next It says, user authentication information may include token information, the unique identification of client device, the unique identification of user account, furthermore It can also include the environmental information, such as system time, room number etc. that client logs in.And the first information for being used to authenticate, it can To be indicated by JavaScript scripted code, becomes complexity to be used in the first information of authentication, can pass through MD5 algorithm is realized, by taking user authentication information and environmental information as an example, the first information specific implementation code for authentication is such as Under:
function CreateMd5Key(UID,Token,DID,TimeStamp,RoomId)
{
Above-mentioned function name be CreateMd5Key, wherein the parameter needed include UID, Token, DID, TimeStamp, RoomId。
After generating the first information for authentication, first server it can be added using predetermined encryption key pair Algorithm close, that the method for encryption can be made an appointment using server and client, such as can be des encryption algorithm, AES pairs Claim Encryption Algorithm, RSA cryptographic algorithms etc..Then added using the above-mentioned first information for authentication of predetermined encryption key pair Close, encrypted second information is one section of character string.Predetermined encryption key can be generated using different logics, below with several It is described in detail for generation method.
The first, can generate predetermined encryption key by calling Md5.Create.
Second, a fixed initial value is taken, then carries out different geometric operations every time, generates predetermined encryption key.
The third, generates predetermined encryption key according to the current time stamp that first server obtains.
4th kind, predetermined encryption key can be generated with second of implementation in conjunction with the first.
First below in a manner of the first predetermined encryption key for prescribed server to the first information for authentication into The process of row encryption, firstly generates predetermined encryption key KEY value, and wherein KEY value can be realized by calling Md5.Create, The difficulty of predetermined encryption key in order to further increase can also add random number R andData, then predetermined encryption key KEY =Md5.Create (Token+UID+RandData), i.e. server use Token, UID and the service for being handed down to client Device generate random number R andData calculate KEY value obtained from a MD5 together, then to the first information for authentication into Row encryption.
After describing using the method for Md5.Create and generating predetermined encryption key, the present invention can also pass through One server generates the predetermined encryption key according to current time stamp, can guarantee predetermined encryption key and decruption key in this way There is different values at different times, increase decruption key cracks difficulty, as long as it is default to generate first server Encryption key is identical with the decruption key that second server generates.
In order to further ensure accuracy, it is contemplated that the calculating of predetermined encryption key is participated in using current timestamp, And the current time stamp that the current time stamp and second server due to first server acquisition obtain there may be small difference It is different, thus it is for example possible to one is 1: 59 minute, and the other is 2 points 0 minute, it is also possible to one be 2 points 0 minute, the other is 1 Point 59 minutes etc., so that the server time stamp on both sides is inconsistent, it is close so as to cause the predetermined encryption being finally calculated Key and decruption key are inconsistent.The application can be obtained by the timestamp and second server that are obtained to first server when Between stab and be normalized so that the timestamp value that first server and second server are used to computation key is consistent. Preferably, can try to realize by a kind of time-triggered protocol mode of compatibility, concrete implementation process is as described below:
Assuming that predetermined encryption key is realized using the 4th kind of mode, i.e., by way of combining MD5 and timestamp It realizes, the calculation of predetermined encryption key JSKEY is JSKEY=md5.create (Initial_Key+Time), certainly It can also include the UID etc. in other information, such as user authentication information, be not particularly limited herein.Initial_Key is The initial key that one server and second server all have, the initial key can be a fixed character string.The The difference for the timestamp that one server and second server obtain is usually no more than 1 minute, and the present invention can choose 3 minutes, 4 points Clock, 5 minutes or 10 minutes are interval, at the current time stamp obtained respectively to first server and second server Reason.It is that the method that first server calculates predetermined encryption key JSKEY is removed after first server obtains current time stamp first With time interval 5 minutes, is then calculated together with Initial_Key and finally obtain predetermined encryption key, concrete implementation process Are as follows:
Step a1: calling system function getLocalTime so that obtain current time in system stamp time Long time= getLocalTime()。
Step a2: taking quotient at current time stamp with time interval after five minutes, the timestamp finally calculated, Time =time% (60*5).
Step a3: MD5 function is calculated together to obtain to Initial_Key and obtained quotient using HASH function MD5 To predetermined encryption key, JSKEY=md5.create (Initial_Key+Time).
In order to allow second server that decruption key identical with the predetermined encryption key of first server is calculated, The embodiment of the present invention subtracts the current time stamp that second server obtains after time interval again divided by time interval, obtains one Quotient Time1;Current time stamp obtains another quotient Time divided by time interval;After current time stamp adds time interval Again divided by time interval, another quotient Time2 is obtained, is implemented as follows:
Step b1: calling system function getLocalTime so that obtain current time in system stamp time Long time= getLocalTime();
Step b2: respectively being handled the timestamp time of acquisition, Time=time% (60*5), Time1=(time + 60*5) % (60*5);Time2=(time-60*5) % (60*5)
Step b3: Initial_Key and obtained Time, Time1 and Time2 are counted together using HASH function MD5 MD5 function is calculated to obtain three decruption keys.
JSKEY=md5.create (Initial_Key+Time);
JSKEY1=md5.create (Initial_Key+Time1);
JSKEY2=md5.create (Initial_Key+Time2).
By the processing method of the above-mentioned timestamp for calculating second server decruption key, it is recognised that second service In device three obtained decruption key, must there is that a value is identical as the predetermined encryption key value in first server, thus can So that second server obtains decruption key identical with predetermined encryption key.
More specifically, for example, first server obtain current time be 1 point 59 minutes, second server obtain it is current Time be 2 points 0 minute, time interval is 5 minutes, then by after getLocalTime, respectively 7140 and 7200, for the first clothes Be engaged in for device, 7140 divided by after 300 quotient be 23,7200 quotient obtained divided by 300 be 24,7200 subtract 300 after again divided by 300 It plus the quotient obtained again divided by 300 after 300 is 25 that obtained quotient, which is 23,7200, then therein 23 obtain with first server Quotient it is identical.
After first server generates predetermined encryption key, then system function ReadFile can be called to read one from memory A js file, file name are urlrequst.js, are read in variable buff, and reading length is nLength, ReadFile (" urlrequst.js ", char*buff, int&nLength) next then calls the Encryption Algorithm made an appointment to come to reading The JavaScript code taken is encrypted, Aes.Encrypt (buff, nLength, KEY).
It is encrypted authentication information since client is obtained from first server, client needs to obtain decryption close Encrypted authentication information could be decrypted in key, and decruption key is after client logs in second server, by the second clothes It is engaged in what device was sent, thus decruption key is that second server is obtained according to the generation logic of the predetermined encryption key, also It is to say, the logic that the logical AND first server that second server calculates decruption key calculates encryption key is identical, to guarantee Client can obtain the first information for authentication by decruption key.In above scheme, due to first server and the second clothes Business device is mutually independent, and sends the second information for authentication by a network channel, another network channel sends solution Key increases the acquisition difficulty of decruption key so as to reinforce the protection to decruption key.
Due to first server be used to encryption key that the first information for authentication is encrypted be it is diversified, To increase the diversity of decruption key corresponding with encryption key, to further improve the first letter for authentication The acquisition difficulty of breath.And the present processes are based on HTML5 technology, because without having Flash file, and the present invention The programming language being related to is then JavaScript scripting language, and the first information for authentication is also using JavaScript code It writes.
Step S102: second information for authentication and the user authentication that the first server is sent are received Information, and second information for authentication being decrypted by the decruption key obtains for authentication One information.
It, can be then in client's end memory to for authentication after client obtains the decruption key that second server is sent Two information are decrypted, and then obtain the first information for authentication.It specifically, is according to timestamp with predetermined encryption key Information calculates MD5 come for obtaining, since second server can generate three decruption keys, then client receive also can be Three decruption keys.Client can be utilized respectively each decruption key to be decrypted to for authenticating the second information, then look into See whether obtain normal JavaScript code, if decruption key and the predetermined encryption key of first server are inconsistent, The meeting then obtained is messy code or is not inconsistent logical JavaScript code.In the specific implementation process, client utilizes The decrypting process of decruption key is as follows: be JSKEY first, client can execute Aes.Decrypt (buff, nLength, JSKEY), illustrate that decruption key is JSKEY if the JavaScript code of JSKEY decryption is correctly, otherwise use JSKEY1 is decrypted;Then Aes.Decrypt (buff, nLength, JSKEY1) is executed;If JSKEY1 decryption JavaScript code is correctly then to illustrate that code key is JSKEY1, is otherwise decrypted using JSKEY2, Aes.Decrypt (buff,nLength,JSKEY2)。
Since above-mentioned decrypting process is executed in the memory of client, because without specific corresponding JavaScript file, it is therefore provided that the method for the present embodiment is safer and hidden.And in existing method, in webpage HTML, JavaScript file, CSS file, picture file etc. can all be downloaded from server, and above-mentioned file is one at this time A independent file, therefore hacker is easy to obtain above-mentioned associated documents from client browser.
Step S103: the first authentication is determined according to the first information for authentication and the user authentication information Value, and the user authentication information and first authentication values are based on, obtain video flowing address request information.
Specifically, client needs to generate video flowing address request information, and first choice needs to be used to reflect according to what is decrypted The first information of power and the user authentication information determine the first authentication values, in the specific implementation process, the first authentication values Can be obtained by following methods: using user authentication information as parameter, then being executed according to above-mentioned parameter includes the use In the JavaScript code of the first information of authentication, implementing result is obtained, the implementing result is first authentication values.
Specifically client can according to first server generate for authentication the first information method, i.e., by UID, Then these information such as Token, DID, TimeStamp, Roomid are stitched together together calls MD5 algorithm to obtain a view Frequency flows the request MD5KEY value of address, i.e. the first authentication values.
After calculating the first authentication values, client by authentication information that first server before is sent and can calculate the One authentication values are combined to generate video flowing address request information, specifically, can be by using the POST method of HTTP To request video flowing address from server:
Post
/ live/room_id? ClientType=H5Web&TimeStamp=1505487520&Did= Abdef1258ewfefefsw3&Auth=MD5KEY
Wherein, the interface of Post server is /live/room_id, and the parameter that when request carries includes the type of client ClientType, the time TimeStamp of system, the unique ID of the equipment of UID client and the first authentication values MD5KEY.
Step S104: the video flowing address request information is sent to first server, so that the first server First authentication values are obtained by the video flowing address request information, then pass through the first information for authentication and institute It states after user authentication information determines the second authentication values, judges whether first authentication values match with second authentication values, Wherein, when first authentication values are matched with second authentication values, client is authenticated by video flowing address.
Specifically, client can send video flowing address request information after generating video flowing address request information To first server, first server can extract the first authentication values from video flowing address request information first at this time, because objective When video flowing address is requested at family end, relevant parameter, such as DID, Token, RoomId, TimeStamp etc. can be carried.Server And same method is understood to calculate the second authentication values, i.e. MD5KEY=MD5.Create (UID+Token+DID+TimeStamp +RoomId);Calling the encryption library function MD5 of JavaScript to carry out splicing to above- mentioned information, to calculate its corresponding MD5KEY value.Next, server can match oneself calculated second authentication values with the first authentication values, that is, judge two Whether person is identical, if identical, shows that client is legal, authenticates the client by video flowing address.
Based on the same inventive concept, present invention also provides the method for authenticating of another video flowing address, are applied to first Server, detailed in Example two.
It should be noted that method provided in this embodiment is applied to server, the server and the client are logical It crosses network to be attached, to realize communication;In the specific implementation process, the client can be applied to mobile terminal device (such as mobile phone, tablet computer) also can be applied to fixed terminal equipment (such as desktop computer), herein also with no restriction.It is described Server is the server for handling video information, can be individual server, or multiple server compositions Server group.
Embodiment two
A kind of method for authenticating of video flowing address is present embodiments provided, first server is applied to, as shown in Fig. 2, should Method includes:
Step S201: the log-on message of client is received, and the first letter for authentication is generated according to the log-on message Breath and user authentication information recycle the first information described in predetermined encryption key pair for authentication to be encrypted, and generation is used for Second information of authentication;
First server has been described in detail in example 1 to be generated according to the log-on message of client for authenticating The first information and user authentication information, and using predetermined encryption key pair to it is described for authentication the first information add It is close, the detailed process of the second information for authentication is generated, therefore details are not described herein.
S202: Xiang Suoshu client of step sends second information and user authentication information for authentication, so that institute It states client and second information for authentication is decrypted by decruption key, obtain first letter for authentication Breath, wherein the decruption key is after second server is obtained according to the generation logic of the predetermined encryption key, based on described Log-on message is sent to the client;
Describe the detailed process for the first information that client is obtained for authentication in embodiment one in detail, therefore herein It repeats no more.
Step S203: the video flowing address request information that the client is sent is received, wherein the video flowing address asks Seeking information is that the client determines the first authentication for the first information of authentication and the user authentication information according to It is obtained after being combined after value, again by the user authentication information and first authentication values.
Step S204: first authentication values are obtained according to the video flowing address request information, and are used for according to described The first information of authentication and the user authentication information determine the second authentication values;
Step S205: judging whether first authentication values match with second authentication values, when first authentication values When matching with second authentication values, authenticate the client by video flowing address.
Step S204: the first authentication is determined according to the first information for authentication and the user authentication information Value, and the user authentication information and first authentication values are combined, obtain video flowing address request information.
Step S205: being sent to server for the video flowing address request information, so that the server is described in Video flowing address request information obtains first authentication values, then is recognized by the first information for authentication and the user After card information determines the second authentication values, judge whether first authentication values match with second authentication values, wherein work as institute When stating the first authentication values and matching with second authentication values, client is authenticated by video flowing address.
First server has been described in detail in example 1 according to the first information and the user for being used for authentication Authentication information determines the method for the second authentication values and the method for authentication, therefore details are not described herein.
In method provided in this embodiment, described when first authentication values are matched with second authentication values, make After the client is authenticated by video flowing address, the method also includes:
Video flowing address corresponding with the video flowing address request information is sent to the client.
In method provided in this embodiment, when the first authentication values and the second authentication values mismatch, refuse to send out to client Send video flowing address.Specifically, if client is the client forged, the method for calculating the first authentication values due to it It is not identical as the method for server, then the second authentication values that the first authentication values obtained can also be obtained with first server are not Together, first server will not send video flowing address to the client at this time.
Specifically, using user authentication as token information, the unique identification of client device, the unique identification of user account For, the calculation method of the second authentication values is MD5KEY=MD5.Create (UID+Token+DID), further, in order to increase Add the complexity of authentication, environmental information can also be further increased and authenticated, MD5KEY=MD5.Create (UID+Token+ DID+TimeStamp+RoomId),
In method provided in this embodiment, the predetermined encryption key is that first server is generated according to current time stamp 's.
The generating process of predetermined encryption key is described in detail in example 1, therefore details are not described herein.
Method described in the method and embodiment one introduced by the embodiment of the present invention two belongs to same invention structure Think, should be recognized that the implementation steps and principle of two providing method of embodiment based on one those skilled in the art of embodiment, so This is repeated no more.
Based on the same inventive concept, present invention also provides a kind of and video flowing address method for authenticating, are applied to third Server, detailed in Example three.
Embodiment three
The present embodiment provides a kind of method for authenticating of video flowing address, as shown in Figure 3, which comprises
Step S301: the log-on message of client is received;
Step S302: decruption key is sent to the client based on the log-on message, so that the client passes through The decruption key the second information for authentication is decrypted the first information obtained for authentication, and is used for according to described The first information and user authentication information of authentication determine the first authentication values, by the user authentication information and first authentication Video flowing address request information is obtained after value combination, and the video flowing address request information is sent to first server, and The first server is set to obtain first authentication values according to the video flowing address request information, according to described for authenticating The first information and after the user authentication information determines the second authentication values, judge first authentication values and second mirror Whether weight matches, and when first authentication values are matched with second authentication values, makes the client by video flowing Location authentication;Wherein, second information for authentication is that the first server is generated according to the log-on message for reflecting The first information of power is simultaneously obtained after being encrypted using the predetermined encryption key, and the user authentication information is described first Server is sent to the client after receiving the log-on message, and the decruption key is second server according to described pre- What if the generation logic of encryption key obtained.
Based on the same inventive concept, present invention also provides a kind of dresses corresponding with the method for authenticating of video flowing address It sets, applications client, detailed in Example four.
Example IV
The present embodiment provides a kind of authentication devices of video flowing address, as shown in figure 4, described device is client, comprising:
First sending module 401, for sending log-on message to first server and second server, so that described first Server generates the first information and user authentication information for authentication according to the log-on message, and utilizes predetermined encryption key The second information for authentication is generated after encrypting to the first information for authentication, and makes the second server base Decruption key corresponding with the predetermined encryption key is sent to the client in the log-on message, wherein the decryption Key is that the second server is obtained according to the generation logic of the predetermined encryption key;
Receiving module 402, for receive the first server send described in for the second information of authentication and described User authentication information, and second information for authentication is decrypted by the decruption key, it is used for described in acquisition The first information of authentication;
Module 403 is obtained, for determining the according to the first information for authentication and the user authentication information One authentication values, and the user authentication information and first authentication values are based on, obtain video flowing address request information;
Second sending module 404, for the video flowing address request information to be sent to first server, so that described First server obtains first authentication values by the video flowing address request information, then passes through for authentication After one information and the user authentication information determine the second authentication values, first authentication values and second authentication values are judged Whether match, wherein when first authentication values are matched with second authentication values, client is reflected by video flowing address Power.
By the device that the embodiment of the present invention four is introduced, for the authentication of the video flowing address of the implementation embodiment of the present invention one Device used by method, so based on the method that the embodiment of the present invention one is introduced, the affiliated personnel in this field can understand this The specific structure of device and deformation, so details are not described herein.Device used by the method for all embodiment of the present invention one is all Belong to the range of the invention to be protected.
Based on the same inventive concept, present invention also provides corresponding with the method for authenticating of video flowing address in embodiment two Device, detailed in Example five.
Embodiment five
The present embodiment provides a kind of authentication device of video flowing address, described device is first server, as shown in figure 5, Above-mentioned apparatus includes:
First receiving module 501 is generated for receiving the log-on message of client, and according to the log-on message for reflecting The first information and user authentication information of power recycle the first information described in predetermined encryption key pair for authentication to be added It is close, generate the second information for authentication;
First sending module 502, for sending second information and user authentication for authentication to the client Information is used for described in acquisition so that the client is decrypted second information for authentication by decruption key The first information of authentication, wherein the decruption key is that second server is obtained according to the generation logic of the predetermined encryption key The client is sent to after obtaining, based on the log-on message;
Second receiving module 503, the video flowing address request information sent for receiving the client, wherein described Video flowing address request information is that the client is true according to the first information for authentication and the user authentication information After making the first authentication values, again it will obtain after the user authentication information and first authentication values combination;
Determining module 504, for obtaining first authentication values according to the video flowing address request information, and according to institute It states and determines the second authentication values for the first information of authentication and the user authentication information;
Authentication module 505, for judging whether first authentication values match with second authentication values, when described first When authentication values are matched with second authentication values, authenticate the client by video flowing address.
Optionally, described device further includes the second sending module, for described when first authentication values and described the When two authentication values match, after authenticating the client by video flowing address:
Video flowing address corresponding with the video flowing address request information is sent to the client.
Optionally, the predetermined encryption key is what first server was generated according to current time stamp.
By the device that the embodiment of the present invention five is introduced, for the authentication of the video flowing address of the implementation embodiment of the present invention two Device used by method, so based on the method that the embodiment of the present invention two is introduced, the affiliated personnel in this field can understand this The specific structure of device and deformation, so details are not described herein.Device used by the method for all embodiment of the present invention two is all Belong to the range of the invention to be protected.
Embodiment six
The present embodiment provides a kind of authentication device of video flowing address, described device is second server, as shown in fig. 6, Above-mentioned apparatus includes:
Receiving module 601, for receiving the log-on message of client;
Sending module 602, for sending decruption key to the client based on the log-on message, so that the client The first information obtained for authentication is decrypted to the second information for authentication by the decruption key in end, and according to institute It states and determines the first authentication values for the first information and user authentication information of authentication, by the user authentication information and described Video flowing address request information is obtained after the combination of one authentication values, and the video flowing address request information is sent to first service Device, and the first server is made to obtain first authentication values according to the video flowing address request information, according to the use After the first information of authentication and the user authentication information determine the second authentication values, judge first authentication values with it is described Whether the second authentication values match, and when first authentication values are matched with second authentication values, the client are made to pass through view Frequency stream address authentication;Wherein, second information for authentication is that the first server is generated according to the log-on message For authentication the first information and obtain after being encrypted using the predetermined encryption key, the user authentication information is institute State first server and receive and be sent to the client after the log-on message, the decruption key be second server according to What the generation logic of the predetermined encryption key obtained.
By the device that the embodiment of the present invention six is introduced, for the authentication of the video flowing address of the implementation embodiment of the present invention three Device used by method, so based on the method that the embodiment of the present invention three is introduced, the affiliated personnel in this field can understand this The specific structure of device and deformation, so details are not described herein.Device used by the method for all embodiment of the present invention three is all Belong to the range of the invention to be protected.
Embodiment seven
Based on the same inventive concept, present invention also provides a kind of computer readable storage medium 700, it is stored thereon with meter Calculation machine program 711 realizes the method in the embodiment of the present invention one when the program is executed by processor.
Embodiment eight
Based on the same inventive concept, present invention also provides a kind of computer equipment, Fig. 8 is referred to, including storage 801, Processor 802 and storage on a memory and the computer program 803 that can run on a processor, the execution of processor 802 The method in the embodiment of the present invention one is realized when described program.
For ease of description, only parts related to embodiments of the present invention are shown, disclosed by specific technical details, asks Referring to present invention method part.Memory 801 can be used for storing computer program 803, and above-mentioned computer program includes Software program, module and data, processor 802 execute the computer program 803 for being stored in memory 801 by running, thus Execute the various function application and data processing of electronic equipment.
In the specific implementation process, memory 801 can be used for storing software program and module, and processor 802 passes through Operation is stored in the software program and module of memory 801, thereby executing the various function application and data of electronic equipment Processing.Memory 801 can mainly include storing program area and storage data area, wherein storing program area can storage program area, Application program needed at least one function etc.;Storage data area, which can be stored, uses created data according to electronic equipment Deng.In addition, memory 801 may include high-speed random access memory, it can also include nonvolatile memory, for example, at least One disk memory, flush memory device or other volatile solid-state parts.Processor 802 is the control of electronic equipment Center is stored in memory by running or executing using the various pieces of various interfaces and the entire electronic equipment of connection Software program and/or module in 801, and the data being stored in memory 801 are called, execute the various function of electronic equipment Data can and be handled, to carry out integral monitoring to electronic equipment.Optionally, processor 802 may include one or more processing Unit;Preferably, processor 802 can integrate application processor, wherein the main processing operation system of application processor, Yong Hujie Face and application program etc..
It should be noted that computer corresponding with present invention implementation two and three kinds of video flowing address method for authenticating of implementation The implementation with method described in implementation two and three kinds of embodiment respectively of the embodiment of readable storage medium storing program for executing and computer equipment Mode is identical, and details are not described herein.
Said one or multiple technical solutions in the embodiment of the present application at least have following one or more technology effects Fruit:
In method provided by the invention, on the one hand, client needs the first information and user by being used for authentication to recognize After demonstrate,proving the first authentication values of information acquisition, video flowing address request information just can be generated, be rather than directly to first server hair Video flowing address request information is sent, and calculated first authentication values of client will be with first server according to same method When calculated second authentication values match, client just passes through authentication, and then just can receive corresponding video flowing address, this Sample client before sending video flowing address, first server can video flowing address request information to client carry out legitimacy Examination and judgement, compared to client directly to server send video flowing address request information for, video flowing can be improved The safety of address request information.On the other hand, the second information for authentication that client receives is by predetermined encryption The encrypted information of key, thus client need sent according to second server it is corresponding with predetermined encryption key decrypt it is close Key can just obtain the first information for authentication after recycling decruption key that the second information for authentication is decrypted, The difficulty for obtaining the first information for authentication, also, received the second information for authentication of client are increased in this way What one server was sent, and the decruption key for being used to decrypt the second information for authentication is that second server is sent, two Server is independent from each other, and is to be sent by different network channels, therefore can reinforce to decruption key Protection, and then the acquisition difficulty of decruption key is increased, further increase decruption key cracks difficulty, so further mention High acquisition video flowing address safety.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.

Claims (10)

1. a kind of method for authenticating of video flowing address characterized by comprising
Log-on message is sent to first server and second server, so that the first server is raw according to the log-on message At the first information and user authentication information for authentication, and utilize the first information described in predetermined encryption key pair for authentication The second information for authentication is generated after being encrypted, and the second server is made to be based on the log-on message to the client End sends corresponding with predetermined encryption key decruption key, wherein the decruption key for the second server according to The generation logic of the predetermined encryption key obtains;
Second information for authentication and the user authentication information that the first server is sent are received, and passes through institute It states decruption key second information for authentication is decrypted, obtains the first information for authentication;
The first authentication values are determined according to the first information for authentication and the user authentication information, and are based on the use Family authentication information and first authentication values obtain video flowing address request information;
The video flowing address request information is sent to first server, so that the first server passes through the video flowing Address request information obtains first authentication values, then passes through the first information and the user authentication information for authentication After determining the second authentication values, judge whether first authentication values match with second authentication values, wherein when described first When authentication values are matched with second authentication values, client is authenticated by video flowing address.
2. a kind of method for authenticating of video flowing address characterized by comprising
The log-on message of client is received, and is generated according to the log-on message and is believed for the first information and user authentication of authentication Breath recycles the first information described in predetermined encryption key pair for authentication to be encrypted, and generates the second information for authentication;
Second information and user authentication information for authentication is sent to the client, so that the client passes through solution The second information described in close key pair for authentication is decrypted, and obtains the first information for authentication, wherein the solution Key is to be sent to after second server is obtained according to the generation logic of the predetermined encryption key, based on the log-on message The client;
Receive the video flowing address request information that the client is sent, wherein the video flowing address request information is described Client the first authentication values are determined according to the first information for authentication and the user authentication information after, again will be described It is obtained after user authentication information and first authentication values combination;
First authentication values are obtained according to the video flowing address request information, and according to the first information for authentication The second authentication values are determined with the user authentication information;
Judge whether first authentication values match with second authentication values, when first authentication values and second authentication When value matching, authenticate the client by video flowing address.
3. method according to claim 2, which is characterized in that work as first authentication values and second authentication values described When matching, after authenticating the client by video flowing address, the method also includes:
Video flowing address corresponding with the video flowing address request information is sent to the client.
4. method according to claim 2, which is characterized in that the predetermined encryption key be first server according to it is current when Between stab generate.
5. a kind of method for authenticating of video flowing address characterized by comprising
Receive the log-on message of client;
Decruption key is sent to the client based on the log-on message, so that the client passes through the decruption key pair The first information obtained for authentication is decrypted in the second information for authentication, and according to the first information for authentication The first authentication values are determined with user authentication information, will be regarded after the user authentication information and first authentication values combination Frequency stream address request information, and the video flowing address request information is sent to first server, and make the first service Device obtains first authentication values according to the video flowing address request information, according to the first information for authentication and institute It states after user authentication information determines the second authentication values, judges whether first authentication values match with second authentication values, When first authentication values are matched with second authentication values, authenticate the client by video flowing address;Wherein, institute Stating for the second information of authentication is that the first server generates according to the log-on message first information, simultaneously for authentication It is obtained after being encrypted using the predetermined encryption key, the user authentication information is to step on described in the first server receives The client is sent to after record information, the decruption key is generation of the second server according to the predetermined encryption key What logic obtained.
6. a kind of authentication device of video flowing address, which is characterized in that described device is client, comprising:
First sending module, for sending log-on message to first server and second server, so that the first server The first information and user authentication information for authentication are generated according to the log-on message, and using described in predetermined encryption key pair The first information for authentication generates the second information for authentication after being encrypted, and it is described to be based on the second server Log-on message sends corresponding with predetermined encryption key decruption key to the client, wherein the decruption key is The second server is obtained according to the generation logic of the predetermined encryption key;
Receiving module, for receiving the second information and the user authentication described in the first server transmission for authentication Information, and second information for authentication being decrypted by the decruption key obtains for authentication One information;
Determining module, for determining the first authentication according to the first information for authentication and the user authentication information Value, and the user authentication information and first authentication values are based on, obtain video flowing address request information;
Second sending module, for the video flowing address request information to be sent to first server, so that first clothes Device be engaged in by video flowing address request information acquisition first authentication values, then passes through the first information for authentication After determining the second authentication values with the user authentication information, judge first authentication values and second authentication values whether Match, wherein when first authentication values are matched with second authentication values, client is authenticated by video flowing address.
7. a kind of authentication device of video flowing address, which is characterized in that described device is first server, comprising:
First receiving module generates for authentication for receiving the log-on message of client, and according to the log-on message One information and user authentication information recycle the first information described in predetermined encryption key pair for authentication to be encrypted, and generate The second information for authentication;
Sending module, for sending second information and user authentication information for authentication to the client, so that institute It states client and second information for authentication is decrypted by decruption key, obtain first letter for authentication Breath, wherein the decruption key is after second server is obtained according to the generation logic of the predetermined encryption key, based on described Log-on message is sent to the client;
Second receiving module, the video flowing address request information sent for receiving the client, wherein the video flowing Location solicited message is that the client determines first for the first information of authentication and the user authentication information according to It is obtained after being combined after authentication values, again by the user authentication information and first authentication values;
Determining module for obtaining first authentication values according to the video flowing address request information, and is used for according to described The first information of authentication and the user authentication information determine the second authentication values;
Authentication module, for judging whether first authentication values match with second authentication values, when first authentication values When matching with second authentication values, authenticate the client by video flowing address.
8. a kind of authentication device of video flowing address, which is characterized in that described device is second server, comprising:
Receiving module, for receiving the log-on message of client;
Sending module, for sending decruption key to the client based on the log-on message, so that the client passes through The decruption key the second information for authentication is decrypted the first information obtained for authentication, and is used for according to described The first information and user authentication information of authentication determine the first authentication values, by the user authentication information and first authentication Video flowing address request information is obtained after value combination, and the video flowing address request information is sent to first server, and The first server is set to obtain first authentication values according to the video flowing address request information, according to described for authenticating The first information and after the user authentication information determines the second authentication values, judge first authentication values and second mirror Whether weight matches, and when first authentication values are matched with second authentication values, makes the client by video flowing Location authentication;Wherein, second information for authentication is that the first server is generated according to the log-on message for reflecting The first information of power is simultaneously obtained after being encrypted using the predetermined encryption key, and the user authentication information is described first Server is sent to the client after receiving the log-on message, and the decruption key is second server according to described pre- What if the generation logic of encryption key obtained.
9. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is held by processor The method as described in claim 1 is realized when row.
10. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor Calculation machine program, which is characterized in that the processor realizes the method as described in claim 1 when executing described program.
CN201810008106.4A 2018-01-04 2018-01-04 Authentication method and device for video stream address Active CN110011950B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810008106.4A CN110011950B (en) 2018-01-04 2018-01-04 Authentication method and device for video stream address

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810008106.4A CN110011950B (en) 2018-01-04 2018-01-04 Authentication method and device for video stream address

Publications (2)

Publication Number Publication Date
CN110011950A true CN110011950A (en) 2019-07-12
CN110011950B CN110011950B (en) 2021-11-09

Family

ID=67164327

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810008106.4A Active CN110011950B (en) 2018-01-04 2018-01-04 Authentication method and device for video stream address

Country Status (1)

Country Link
CN (1) CN110011950B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931159A (en) * 2020-08-11 2020-11-13 福建天晴在线互动科技有限公司 Method and system for verifying validity of webpage data interface
CN112953724A (en) * 2021-02-22 2021-06-11 广州虎牙科技有限公司 Authentication method of anti-theft chain, and related device and equipment
WO2022041806A1 (en) * 2020-08-31 2022-03-03 北京市商汤科技开发有限公司 Authentication method, apparatus and device, and computer-readable storage medium
CN114760138A (en) * 2022-04-20 2022-07-15 深圳市昊洋智能有限公司 Video conference system security method and device based on cloud architecture
CN115002089A (en) * 2022-06-30 2022-09-02 兰州乐智教育科技有限责任公司 Streaming media transmission method and device, electronic equipment and storage medium
CN115297346A (en) * 2022-06-30 2022-11-04 贵阳朗玛视讯科技有限公司 Multi-application authentication method and device based on EPG system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100253847A1 (en) * 2009-04-01 2010-10-07 Rgb Networks, Inc. Two-stage digital program insertion system
CN105657474A (en) * 2016-02-19 2016-06-08 微鲸科技有限公司 Anti-stealing link method and system using identity-based signature in video application
CN105897746A (en) * 2016-05-26 2016-08-24 深圳市金立通信设备有限公司 Cross-website login method, terminal and website server
CN105959728A (en) * 2016-06-27 2016-09-21 武汉斗鱼网络科技有限公司 System and method for counting number of online users of live platform
CN107094261A (en) * 2017-03-17 2017-08-25 武汉斗鱼网络科技有限公司 The authorization check method and device of video playback
CN107135408A (en) * 2017-03-31 2017-09-05 武汉斗鱼网络科技有限公司 A kind of method for authenticating and device of video flowing address
CN107483987A (en) * 2017-06-30 2017-12-15 武汉斗鱼网络科技有限公司 A kind of method for authenticating and device of video flowing address

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100253847A1 (en) * 2009-04-01 2010-10-07 Rgb Networks, Inc. Two-stage digital program insertion system
CN105657474A (en) * 2016-02-19 2016-06-08 微鲸科技有限公司 Anti-stealing link method and system using identity-based signature in video application
CN105897746A (en) * 2016-05-26 2016-08-24 深圳市金立通信设备有限公司 Cross-website login method, terminal and website server
CN105959728A (en) * 2016-06-27 2016-09-21 武汉斗鱼网络科技有限公司 System and method for counting number of online users of live platform
CN107094261A (en) * 2017-03-17 2017-08-25 武汉斗鱼网络科技有限公司 The authorization check method and device of video playback
CN107135408A (en) * 2017-03-31 2017-09-05 武汉斗鱼网络科技有限公司 A kind of method for authenticating and device of video flowing address
CN107483987A (en) * 2017-06-30 2017-12-15 武汉斗鱼网络科技有限公司 A kind of method for authenticating and device of video flowing address

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张玉清等: ""HTML5新特性安全研究综述"", 《计算机研究与发展》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931159A (en) * 2020-08-11 2020-11-13 福建天晴在线互动科技有限公司 Method and system for verifying validity of webpage data interface
CN111931159B (en) * 2020-08-11 2023-04-07 福建天晴在线互动科技有限公司 Method and system for verifying validity of webpage data interface
WO2022041806A1 (en) * 2020-08-31 2022-03-03 北京市商汤科技开发有限公司 Authentication method, apparatus and device, and computer-readable storage medium
CN112953724A (en) * 2021-02-22 2021-06-11 广州虎牙科技有限公司 Authentication method of anti-theft chain, and related device and equipment
CN114760138A (en) * 2022-04-20 2022-07-15 深圳市昊洋智能有限公司 Video conference system security method and device based on cloud architecture
CN114760138B (en) * 2022-04-20 2024-02-13 深圳市昊洋智能有限公司 Video conference system safety method and device based on cloud architecture
CN115002089A (en) * 2022-06-30 2022-09-02 兰州乐智教育科技有限责任公司 Streaming media transmission method and device, electronic equipment and storage medium
CN115297346A (en) * 2022-06-30 2022-11-04 贵阳朗玛视讯科技有限公司 Multi-application authentication method and device based on EPG system
CN115297346B (en) * 2022-06-30 2023-08-25 贵阳朗玛视讯科技有限公司 EPG system-based multi-application authentication method and device
CN115002089B (en) * 2022-06-30 2023-09-19 兰州乐智教育科技有限责任公司 Streaming media transmission method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN110011950B (en) 2021-11-09

Similar Documents

Publication Publication Date Title
CN106850699B (en) A kind of mobile terminal login authentication method and system
CN110011950A (en) A kind of method for authenticating and device of video flowing address
CN108197891B (en) Electronic signing device and method based on block chain
CN111708991A (en) Service authorization method, service authorization device, computer equipment and storage medium
CN106302606B (en) Across the application access method and device of one kind
CN108322416B (en) Security authentication implementation method, device and system
CN111541542B (en) Request sending and verifying method, device and equipment
CN109040079A (en) The establishment of live streaming chained address and verification method and related device
CN111753014B (en) Identity authentication method and device based on block chain
CN107483987A (en) A kind of method for authenticating and device of video flowing address
CN111460400A (en) Data processing method and device and computer readable storage medium
CN109040134A (en) A kind of design method and relevant apparatus of information encryption
CN108259183B (en) Attention method, attention device, attention electronic equipment and attention medium
CN112004201A (en) Short message sending method and device and computer system
CN108235067B (en) Authentication method and device for video stream address
CN114553590A (en) Data transmission method and related equipment
CN109740319B (en) Digital identity verification method and server
CN108200450B (en) A kind of determination method, apparatus, electronic equipment and medium for paying close attention to legitimacy
CN117240625B (en) Tamper-resistant data processing method and device and electronic equipment
CN109711178A (en) A kind of storage method of key-value pair, device, equipment and storage medium
CN111147471B (en) Terminal network access authentication method, device, system and storage medium
CN108292997B (en) Authentication control system and method, server device, client device, authentication method, and recording medium
CN106529216B (en) Software authorization system and software authorization method based on public storage platform
CN110139163A (en) A kind of method and relevant apparatus obtaining barrage
CN113869901B (en) Key generation method, key generation device, computer-readable storage medium and computer equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant