CN113742702A - Method, system, equipment and storage medium for safety access based on enterprise WeChat - Google Patents
Method, system, equipment and storage medium for safety access based on enterprise WeChat Download PDFInfo
- Publication number
- CN113742702A CN113742702A CN202110824463.XA CN202110824463A CN113742702A CN 113742702 A CN113742702 A CN 113742702A CN 202110824463 A CN202110824463 A CN 202110824463A CN 113742702 A CN113742702 A CN 113742702A
- Authority
- CN
- China
- Prior art keywords
- interface
- address
- enterprise wechat
- application
- end server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000013475 authorization Methods 0.000 claims abstract description 60
- 230000006870 function Effects 0.000 claims abstract description 31
- 238000012545 processing Methods 0.000 claims abstract description 17
- 238000012795 verification Methods 0.000 claims description 5
- 239000000463 material Substances 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 10
- 238000011161 development Methods 0.000 abstract description 8
- 230000003993 interaction Effects 0.000 abstract description 3
- 238000007726 management method Methods 0.000 description 8
- 230000018109 developmental process Effects 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 4
- 238000012827 research and development Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000008520 organization Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000004806 packaging method and process Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a method, a system, equipment and a storage medium for safety access based on enterprise WeChat, which comprises the following steps: receiving an operation instruction; the operation instruction comprises an application request instruction, a registration request instruction, a refreshing instruction and an address list request instruction; according to the operation instruction, at least one of the following is executed: inputting the analyzed authorization authentication parameter into an application authorization authentication interface, and displaying first data content; calling a preset session processing interface to refresh second data content of the current display page; calling a registration interface to register a corresponding function; and calling a preset address book interface to update the local address book database. The functions related to the security of the enterprise micro credit users in the interaction process are packaged into corresponding unified interfaces one by one, so that the security of the enterprise micro credit users in the access application process is ensured. Meanwhile, the interface has universality, so that the development requirement on developers can be reduced, and the efficiency of developing the corresponding application of the method is improved.
Description
Technical Field
The application belongs to the technical field of Internet application development, and particularly relates to a method, a system, equipment and a storage medium for secure access based on enterprise WeChat.
Background
The enterprise wechat is widely applied to the office field, generally, an implementation scheme of an application based on the enterprise wechat needs authorization authentication with an enterprise wechat background and a back-end server of the enterprise wechat application through an enterprise wechat client, and requests contents to be displayed based on the condition of the authorization authentication.
Disclosure of Invention
The present application is directed to solving at least one of the problems in the prior art. Therefore, the method, the system, the equipment and the storage medium for the secure access based on the enterprise WeChat are provided, so that the application corresponding to the method can be rapidly developed, the security is ensured, and the development efficiency is improved.
In a first aspect, the present application provides a method for secure access based on enterprise WeChat, applied to a front-end server, including:
receiving an operation instruction; the operation instruction comprises an application request instruction, a registration request instruction, a refreshing instruction and an address list request instruction;
according to the operation instruction, at least one of the following steps is executed:
according to the application request instruction, inputting an authorization authentication parameter obtained by analyzing the application request instruction into an application authorization authentication interface, and displaying first data content corresponding to a redirection address; wherein the redirection address is one of the parameters of the authorization authentication parameter;
calling a preset session processing interface to refresh second data content of the current display page according to the refresh command;
calling a registration interface to register a corresponding function according to the registration request instruction; the registration interface is used for acquiring authentication information and sending the authentication information to a back-end server to obtain signature information;
and calling a preset address book interface to update the local address book database according to the address book request instruction.
In a second aspect, the present application provides a system for secure access based on enterprise WeChat, comprising:
a front-end server for performing the method for enterprise wechat based secure access according to any of the first aspect;
the enterprise wechat background is used for providing a basic function interface, and a session processing interface, the application authorization authentication interface, the registration interface and the address book interface of the front-end server finish corresponding functions by calling the corresponding basic function interface;
and the back-end server is used for providing the first data content, the second data content, the local address book database and signature information so as to assist the front-end server to complete any one of the enterprise wechat-based security access methods in the first aspect.
In a third aspect, the present application provides an apparatus for secure access based on enterprise WeChat, comprising:
at least one processor and a memory communicatively coupled to the processor; the memory stores instructions executable by the at least one processor to enable the processor to perform a method of enterprise wechat based secure access as described in any of the first aspects.
In a fourth aspect, the present application provides a storage medium storing computer-executable instructions for causing a computer to perform the method for enterprise wechat based secure access as described in any of the first aspects.
According to the above embodiments of the present application, at least the following advantages are provided: the functions related to the security of the enterprise micro credit user in the interaction process are packaged into an application authorization authentication interface, a session processing interface, a registration interface and an address book interface one by one, so that the process is safe when the enterprise micro credit user respectively performs application access, page refreshing, function registration and address book access. Meanwhile, a unified packaging interface is provided, a unified framework is provided for developers, and the developers only need to pay attention to specific service functions, so that the efficiency of developing the corresponding application of the method can be improved. Therefore, the research and development efficiency of research and development personnel can be saved by applying the method, and the access security of the enterprise micro credit user can be ensured. Similarly, the system, the device and the storage medium bearing the application method have the same technical effects as the method.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
The above and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a flowchart of a method for secure access based on enterprise wechat according to an embodiment of the present application.
Fig. 2 is a flowchart illustrating steps executed by the application authorization and authentication interface according to another embodiment of the present application.
Fig. 3 is a flowchart illustrating steps executed by the session processing interface according to another embodiment of the present application.
Fig. 4 is a flowchart illustrating steps executed by the address book interface according to another embodiment of the present disclosure.
Fig. 5 is a schematic structural diagram of a system for secure access based on enterprise WeChat according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
In the description of the present application, it is to be understood that the positional descriptions, such as the directions of up, down, front, back, outer, inner, etc., referred to herein are based on the directions or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, and do not indicate or imply that the device or element referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be considered as limiting the present application.
In the description of the present application, the meaning of a plurality is one or more, the meaning of a plurality is two or more, and larger, smaller, larger, etc. are understood as excluding the present number, and larger, smaller, inner, etc. are understood as including the present number. If the first and second are described for the purpose of distinguishing technical features, they are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
In the description of the present application, unless otherwise expressly limited, terms such as set, mounted, connected and the like should be construed broadly, and those skilled in the art can reasonably determine the specific meaning of the terms in the present application by combining the detailed contents of the technical solutions.
In order to more clearly understand the technical features, objects and effects of the present application, embodiments of the present application will be described in detail with reference to the accompanying drawings.
The enterprise wechat is widely applied in the office field, so that there are many H5 application implementation schemes based on the enterprise wechat, and the exposed front-end API and server API for the enterprise wechat are different, for example, jssdk signature, identity authentication method, address book and user information, etc. In actual application development, developers need to know functions of various API interfaces and know calling relationships and application scenes of the API interfaces, and certain threshold requirements are required for the developers. At this time, for some developments of similar function applications, such as code scanning, ordering, pocket supermarket and other enterprise applications of the same type, it may take a lot of time to research the function of the API to ensure the security of the access application process.
Therefore, the application provides a security access method based on enterprise WeChat, which is applied to a front-end server. As shown in fig. 1, the method includes:
step S100, receiving an operation instruction; the operation instruction comprises an application request instruction, a registration request instruction, a refresh instruction and an address list request instruction.
According to the operation instruction, at least one of the following steps is executed:
step S210, according to the application request instruction, inputting the authorization authentication parameter obtained by analyzing the application request instruction into an application authorization authentication interface, and displaying the first data content corresponding to the redirection address; wherein the redirection address is one of the parameters of the authorization authentication parameter.
It should be noted that, for any html5 page newly accessed through enterprise wechat, the address accessed by the page needs to be authorized, so that a uniform authentication interface, namely an application authorization authentication interface, is provided, and the whole process of authorizing and authenticating the access address is realized in the application authorization authentication interface, so that a callee does not need to care about a specific authentication process, and only needs to pay attention to a specific application function.
Step S220, according to the refresh command, a preset session processing interface is called to refresh the second data content of the current display page.
It should be noted that, when the displayed enterprise wechat html5 page is refreshed, since the current page has an expiration, the authorization authentication in step S121 or the session is resumed; otherwise, in a refreshing scene, the security problem is introduced due to the existence of a vulnerability in the security authentication mechanism. Therefore, by setting the session processing interface, the security mechanism is realized in the session processing interface, so that a development user does not need to care about a refreshing operation process, and the development efficiency of the interface can be improved.
Step S230, calling a registration interface to register a corresponding function according to the registration request instruction; the registration interface is configured to obtain authentication information, and send the authentication information to the backend server 200 to obtain signature information.
It should be noted that the registration interface encapsulates the registration of the application module in the enterprise wechat, and if the address book module needs to be set in the enterprise wechat, the address book module can be loaded through the registration interface, so that the address book can be accessed subsequently. The authentication information includes an 8-bit random string randomly generated by the front-end server 100, a timestamp, and a signature authentication URL. After receiving the authentication message, the back-end server 200 calls the wechat interface jsapi _ ticket to acquire the temporary ticket, and at this time, the authentication message and the temporary ticket are signed by the sha1 algorithm to obtain a signature character string and stored. And acquires a pre-stored enterprise application ID (i.e., an identification number of the application registered on the WeChat), and feeds back the enterprise application ID and the signature string as signature information to the front-end server 100. At this time, the front-end server 100 may perform registration of the function module based on the signature information.
Step S240, according to the address book request command, calling a preset address book interface to update the local address book database.
It should be noted that the enterprise wechat has a limitation on the access times of the user information in the enterprise wechat, and therefore, a local address book database is created. At the moment, the user information in the local address book database is synchronized with the user information in the enterprise WeChat, so that the user information can be managed more conveniently. And the user information is read through the communication interface of the enterprise WeChat for synchronization, the access security mechanism of the enterprise WeChat needs to be known, otherwise, the security problem is easily introduced, therefore, a uniform address book interface is provided, the security mechanism is packaged in the address book interface, and the update of the preset local address book database can be responded to each time of calling.
Therefore, the functions which need to ensure the safety of the enterprise micro credit user in the interaction process are encapsulated into the application authorization authentication interface, the session processing interface, the registration interface and the address list interface one by one, so that the process is safe when the enterprise micro credit user respectively performs application access, page refreshing, function registration and address list access. Meanwhile, a uniform side packaging interface is provided, a uniform framework is provided for developers, and the developers only need to pay attention to specific service functions, so that the efficiency of developing the corresponding application of the method can be improved. Therefore, the research and development efficiency of research and development personnel can be saved by applying the method, and the orientation safety of the enterprise micro credit user can be ensured.
It is understood that the application authorization authentication interface is provided with a default parameter list. As shown in fig. 2, the application authorization and authentication interface in step S210 performs the following steps according to the input authorization and authentication parameters:
step S211, requesting OAuth2 link from the backend server 200 according to the authorization authentication parameter and the default parameter list.
Step S212, the OAuth2 link is sent to the enterprise wechat background 300 for validity check, and first verification data are obtained; wherein the first verification data comprises a redirection address, an authorization code, and the authorization code is stored in the remote dictionary server.
It should be noted that the OAuth2 link is returned in the http302 manner, at this time, when the front-end server 100 skips according to the content after the http302 is returned, at this time, the OAuth2 link is intercepted by the enterprise webvew itself, the link is subjected to data security check on the enterprise webvew background 300, after the check is successful, the link is returned to the front-end server 100 in the 302 manner with an authorization code, the address of the link is one of the parameters REDIRECT _ URL linked to the OAuth2 in step S1211, that is, the first verification data includes code and REDIRECT address REDIRECT _ URL.
Step S213, obtaining authorization authentication data and a front-end address; wherein the authorization authentication data is generated by the redirection address according to the authorization code, and the front-end address is provided by the redirection address.
It should be noted that, according to the redirection address in 302 of step S1212, a jump is made to the redirection address corresponding to the backend server 200, a token or a cockie is generated according to the authorization code, and the token or the cockie is returned in the 302 mode, and at this time, authorization authentication data (token or cockie) and the address (front-end address) carried in 302 may be obtained.
And step S214, requesting to redirect the first data content corresponding to the address according to the front-end address.
Step S215, storing the authorization authentication data and outputting the first data content.
It should be noted that the first data content is a content displayed on the interface, and if the application authorization authentication interface requests a description of a certain dish, the first data content may include information such as a dish picture, a component description, and an evaluation, and is displayed in the form of a page.
It is noted that, in some embodiments, the authorization authentication parameters are as follows:
ELINK _ CORP _ ID (enterprise WeChat enterprise ID);
ELINK _ AGENT _ ID (enterprise WeChat application ID);
ELINK _ AGENT _ search (enterprise WeChat application Security code);
ELINK REDIRECT URI (REDIRECT address after successful authorization).
The parameters in the default parameter list are as follows:
ELINK _ BASE _ DOMAIN (enterprise wechat interface request DOMAIN name);
ELINK _ QR _ CODE _ URL (enterprise WeChat CODE scanning authorization address);
ELINK _ APP _ OAUTH _ URL (enterprise trusted OAUTH authorization address);
ELINK _ SYN _ TYPE is 0(ELINK synchronization means is 0 by default, where 0 indicates that all the organization users are acquired from the root organization at a time, and 1 indicates that all the organization user data is acquired from the secondary department).
It should be noted that the authorization authentication data can be used for obtaining authorization information when the same page is accessed next time, when the authorization authentication data is not expired, the first data content can be directly obtained through the authorization authentication data, otherwise, the authorization authentication data needs to be obtained through re-authentication.
It is understood that, as shown in fig. 3, the session processing interface preset in step S220 performs the following steps according to the refresh command:
step S221, sending the address to be displayed corresponding to the second data content in the refresh instruction to the back-end server 200.
Step S222, determining whether the second data content is session-overdue according to the response data of the backend server 200.
Step S223, if the second data content has a session expiration, determining whether the second data content can be session-extended.
And step S224, if the second data content can not be session-renewed, re-authorizing and authenticating the address to be displayed, and outputting the second data content corresponding to the authorized address to be displayed.
It should be noted that, for the enterprise WeChat, the authentication flow of the individual session renewal and the individual session expiration is fixed, and therefore, detailed description thereof is omitted here.
It can be understood that, as shown in fig. 4, the address book interface in step S240 performs the following steps:
and step S241, obtaining the authorization authentication data.
And step S242, calling the enterprise wechat background 300 to acquire the user information according to the authorization authentication data.
Step S243, sending the user information to the back-end server 200, so that the back-end server 200 stores the user information in the local address book database.
It can be understood that, as shown in fig. 4, the address book interface in step S240 further performs the following steps:
and step S244, updating the display data of the display interface of the database.
It is understood that in some embodiments, at least the following steps are also performed in accordance with the operational instructions:
and calling a corresponding functional interface according to the application request, wherein the functional interface comprises enterprise WeChat picture management, file uploading management, material management, message pushing, application management and data synchronization.
It should be noted that enterprise wechat picture management, file upload management, material management, message push, application management, and data synchronization are commonly used functions in enterprise applications, and each commonly used function is packaged with security authentication, so that it can be more efficient when multiple applications with similar functions are developed, and at the same time, the requirement on developers who subsequently develop similar applications is lower.
It can be understood that the session processing interface, the application authorization authentication interface, the registration interface, and the address book interface are all loaded through a preset template of the front-end server 100; the local address book database is created by a preset back-end server 200 template.
It should be noted that, by setting the front-end server template and the back-end server template, it is easier for a person unfamiliar with system erection to build a complete application. Therefore, the development efficiency of the method is improved. The front-end server template is deployed at the wechat client, and is used for receiving the request of the enterprise user, forwarding the request to the back-end server 200, and displaying the feedback result of the back-end server 200. The backend server 200 is deployed on a server preset by a user, and is used for providing implementation of specific functions.
It is understood that, as shown in fig. 5, the present application further provides a system for secure access based on enterprise WeChat, comprising:
a front-end server 100, the front-end server 100 being configured to perform the method for enterprise wechat based secure access according to any of the first aspect;
the enterprise wechat background 300, the enterprise wechat background 300 is used for providing a basic function interface, and the session processing interface, the application authorization authentication interface, the registration interface and the address list interface of the front-end server 100 complete corresponding functions by calling corresponding basic function interfaces;
the back-end server 200, the back-end server 200 is configured to provide the first data content, the second data content, the local address book database, and the signature information, so as to assist the front-end server 100 to complete the method for secure access based on enterprise WeChat as any one of the first aspect.
It is understood that the present application also provides an apparatus for secure access based on enterprise WeChat, comprising:
at least one processor and a memory communicatively coupled to the processor; the memory stores instructions executable by the at least one processor to enable the processor to perform a method of enterprise wechat-based secure access as in any of the first aspects.
It should be noted that the memory, as a non-transitory storage medium, may be used to store a non-transitory software program and a non-transitory computer-executable program, such as program instructions corresponding to the method for secure access based on enterprise wechat in the embodiments of the present application. The processor implements the above-described method of enterprise wechat-based secure access by running non-transitory software programs and instructions stored in memory.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area can store the related data of the method for the security access based on the enterprise WeChat, and the like. Further, the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located from the processor, and the remote memory may be connected to the enterprise wechat-based application security authentication device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
It is appreciated that the present application also provides a readable storage medium storing computer executable instructions for causing a computer to perform a method of enterprise wechat based secure access as in any of the first aspects.
One of ordinary skill in the art will appreciate that all or some of the steps, systems, and methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.
The embodiments of the present application have been described in detail with reference to the drawings, but the present application is not limited to the embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present application.
Claims (10)
1. A method for secure access based on enterprise WeChat is applied to a front-end server and comprises the following steps:
receiving an operation instruction; the operation instruction comprises an application request instruction, a registration request instruction, a refreshing instruction and an address list request instruction;
according to the operation instruction, at least one of the following steps is executed:
according to the application request instruction, inputting an authorization authentication parameter obtained by analyzing the application request instruction into an application authorization authentication interface, and displaying first data content corresponding to a redirection address; wherein the redirection address is one of the parameters of the authorization authentication parameter;
calling a preset session processing interface to refresh second data content of the current display page according to the refresh command;
calling a registration interface to register a corresponding function according to the registration request instruction; the registration interface is used for acquiring authentication information and sending the authentication information to a back-end server to obtain signature information;
and calling a preset address book interface to update the local address book database according to the address book request instruction.
2. The method for enterprise wechat based secure access in claim 1,
the application authorization authentication interface is provided with a default parameter list, and executes the following steps according to the input authorization authentication parameters:
requesting OAuth2 linkage from the back-end server according to the authorization authentication parameter and the default parameter list;
sending the OAuth2 link to an enterprise wechat background for validity check to obtain first verification data; wherein the first verification data comprises the redirection address, an authorization code, the authorization code being stored at a remote dictionary server;
obtaining authorization authentication data and a front-end address; wherein the authorization authentication data is generated by the redirect address according to the authorization code, and the front-end address is provided by the redirect address;
according to the front-end address, first data content corresponding to the redirection address is requested;
and storing the authorization authentication data and outputting the first data content.
3. The method for enterprise wechat based secure access in claim 1,
the preset session processing interface executes the following steps according to the refresh command:
sending an address to be displayed corresponding to second data content in the refreshing instruction to the back-end server;
judging whether the second data content is session-overdue or not according to the response data of the back-end server;
if the second data content has a session expiration, judging whether the second data content can be session-renewed;
and if the second data content cannot be session-renewed, re-authorizing and authenticating the address to be displayed, and outputting the second data content corresponding to the authorized address to be displayed.
4. The method for enterprise wechat based secure access in claim 1,
the address book interface executes the following steps:
obtaining authorization authentication data;
calling an enterprise WeChat background to acquire user information according to the authorization authentication data;
and sending the user information to the back-end server so that the back-end server stores the user information in a local address book database.
5. The method for enterprise wechat based secure access in claim 4,
the address book interface further executes the following steps:
and updating the display data of the database display interface.
6. The method for enterprise wechat based secure access in claim 1,
the execution according to the operation instruction at least comprises the following steps:
and calling a corresponding functional interface according to the application request, wherein the functional interface comprises enterprise WeChat picture management, file uploading management, material management, message pushing, application management and data synchronization.
7. The method for enterprise trusted based secure access according to any of claims 1-6,
the session processing interface, the application authorization authentication interface, the registration interface and the address list interface are loaded through a preset front-end server template; and the local address book database is created through a preset back-end server template.
8. A system for secure access based on enterprise WeChat, comprising:
a front-end server for performing the method for enterprise wechat based secure access of any of claims 1 to 7;
the enterprise wechat background is used for providing a basic function interface, and a session processing interface, the application authorization authentication interface, the registration interface and the address book interface of the front-end server finish corresponding functions by calling the corresponding basic function interface;
a back-end server, configured to provide the first data content, the second data content, the local address book database, and signature information, so as to assist the front-end server in performing the method for secure access based on enterprise WeChat according to any one of claims 1 to 7.
9. An apparatus for secure access based on enterprise WeChat, comprising:
at least one processor and a memory communicatively coupled to the processor; the memory stores instructions executable by the at least one processor to enable the processor to perform a method for enterprise wechat-based secure access as recited in any of claims 1-7.
10. A storage medium storing computer-executable instructions for causing a computer to perform the method for enterprise wechat based secure access of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110824463.XA CN113742702B (en) | 2021-07-21 | 2021-07-21 | Method, system, equipment and storage medium for secure access based on enterprise WeChat |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110824463.XA CN113742702B (en) | 2021-07-21 | 2021-07-21 | Method, system, equipment and storage medium for secure access based on enterprise WeChat |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113742702A true CN113742702A (en) | 2021-12-03 |
| CN113742702B CN113742702B (en) | 2023-11-03 |
Family
ID=78728898
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110824463.XA Active CN113742702B (en) | 2021-07-21 | 2021-07-21 | Method, system, equipment and storage medium for secure access based on enterprise WeChat |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113742702B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338580A (en) * | 2021-12-30 | 2022-04-12 | 苏州金羲智慧科技有限公司 | Public account project development method, device and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108319847A (en) * | 2018-03-08 | 2018-07-24 | 广东电网有限责任公司佛山供电局 | A kind of user authority management system and method based on wechat platform |
-
2021
- 2021-07-21 CN CN202110824463.XA patent/CN113742702B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108319847A (en) * | 2018-03-08 | 2018-07-24 | 广东电网有限责任公司佛山供电局 | A kind of user authority management system and method based on wechat platform |
Non-Patent Citations (4)
| Title |
|---|
| CODINGPIONEER: "C#实现微信企业号API服务端调用封装", HTTPS://BLOG.CSDN.NET/ZLBDMM/ARTICLE/DETAILS/105786196 * |
| 宋小飞 等: "微信企业号在高校仪器共享平台管理中的实践与探索", 《实验技术与管理》 * |
| 赵璇: "基于企业微信的高校网上家长会平台研究与设计", 《现代信息科技》 * |
| 郑一鸣: "基于微信企业号与IPPBX 的企业融合通信系统的研究与设计", 《信息记录材料》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338580A (en) * | 2021-12-30 | 2022-04-12 | 苏州金羲智慧科技有限公司 | Public account project development method, device and storage medium |
| CN114338580B (en) * | 2021-12-30 | 2023-08-01 | 苏州金羲智慧科技有限公司 | Public number project development method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113742702B (en) | 2023-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109587133B (en) | Single sign-on system and method | |
| US11063767B2 (en) | Apparatus and method to perform secure data sharing in a distributed network by using a blockchain | |
| CN108200050B (en) | Single sign-on server, method and computer readable storage medium | |
| US10057251B2 (en) | Provisioning account credentials via a trusted channel | |
| CN112019493B (en) | Identity authentication method, identity authentication device, computer equipment and medium | |
| WO2017129016A1 (en) | Resource access method, apparatus and system | |
| CN108306877A (en) | Verification method, device and the storage medium of subscriber identity information based on NODE JS | |
| US9544288B2 (en) | Messaging gateway | |
| US9294479B1 (en) | Client-side authentication | |
| US20130318581A1 (en) | Multi-factor authentication using a unique identification header (uidh) | |
| US20100077467A1 (en) | Authentication service for seamless application operation | |
| US20200236105A1 (en) | Rich communication services security authentication system | |
| US9270666B2 (en) | Verification of user communication addresses | |
| BR112019003569A2 (en) | METHOD IMPLEMENTED BY COMPUTER, LEGIBLE NON-TRANSITIONAL MEDIA BY COMPUTER AND SYSTEM IMPLEMENTED BY COMPUTER | |
| CN112286898B (en) | File configuration method and device based on distributed file edge nodes | |
| CN109510799B (en) | Page display method, browser client, equipment and storage medium | |
| CN108809969B (en) | Authentication method, system and device | |
| CN107203576A (en) | Information synchronization method and device | |
| CN115102744A (en) | Data access method and device | |
| CN111698196A (en) | Authentication method and micro-service system | |
| CN113742702A (en) | Method, system, equipment and storage medium for safety access based on enterprise WeChat | |
| CN114338033A (en) | Request processing method, device, equipment and storage medium | |
| CN107026828A (en) | A kind of anti-stealing link method cached based on internet and internet caching | |
| CN110301127A (en) | Device and method for predictive token authentication | |
| US10542569B2 (en) | Community-based communication network services |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 518000, 3rd Floor, Building 40, Baotian Industrial Zone, Chentian Community, Xixiang Street, Bao'an District, Shenzhen City, Guangdong Province Applicant after: China Southern Power Grid Digital Platform Technology (Guangdong) Co.,Ltd. Address before: 510000 501, 502, 601 and 602, building D, wisdom Plaza, Qiaoxiang Road, Gaofa community, Shahe street, Nanshan District, Shenzhen, Guangdong Applicant before: China Southern Power Grid Shenzhen Digital Power Grid Research Institute Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |