CN108243172A - A kind of method and system for sending verification information - Google Patents
A kind of method and system for sending verification information Download PDFInfo
- Publication number
- CN108243172A CN108243172A CN201611228347.7A CN201611228347A CN108243172A CN 108243172 A CN108243172 A CN 108243172A CN 201611228347 A CN201611228347 A CN 201611228347A CN 108243172 A CN108243172 A CN 108243172A
- Authority
- CN
- China
- Prior art keywords
- request information
- network request
- network
- interface parameter
- solicited message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention provides a kind of method and system for sending verification information, method includes:Client obtains first network solicited message;Second network request information and first interface parameter are generated according to first network solicited message;Second network request information and first interface parameter are subjected to splicing generation third network request information;Third network request information is sent to server, server is enabled to be based on third network request information and calculates second interface parameter, and judge whether first interface parameter is consistent with second interface parameter, if it is determined that when second interface parameter and consistent first interface parameter, the verification information is sent to the client;So, even if user is captured or is replaced the telephone number in first network solicited message using script software, can not frequently or aggressively verification information be sent to the telephone number, reduce the probability that malice retransmits verification information, and the identifying code for being difficult to recognize without input is verified, and then improve the operating efficiency of user.
Description
Technical field
The invention belongs to field of communication technology more particularly to a kind of method and system for sending verification information.
Background technology
The APP of many terminals is registered or is logged in cell-phone number in the market, generally in the verification for obtaining mobile phone reception
Before information, need first to input several numbers or the identifying code of symbol is registered or logged in.
And in order to avoid identifying code by frequent or aggressive is sent, the prior art designs identifying code increasingly complex
Change, the word on identifying code it is crooked even be difficult to recognize, when input by user may input error, to logging in or noting
Volume APP causes certain obstacle, so as to reduce the operating efficiency of user.
Invention content
In view of the problems of the existing technology, an embodiment of the present invention provides it is a kind of send verification information method and be
System, for solve in the prior art log in or register APP when, identifying code is avoided by frequent or aggressive to send, is caused
The technical issues of user's operation efficiency reduces.
The present invention provides a kind of method for sending verification information, the method includes:
Client obtains first network solicited message;
Second network request information and first interface parameter are generated according to the first network solicited message;By described second
Network request information and the first interface parameter carry out splicing generation third network request information;
The third network request information is sent to server so that the server can be based on the third network please
Information is asked to calculate second interface parameter, and judges whether the first interface parameter and the second interface parameter are consistent, if really
When the fixed second interface parameter and the consistent first interface parameter, the verification information is sent to the client;Wherein,
The first network solicited message, the second network request information are positioned with the third network request information for unified resource
Symbol, and the first network solicited message, the second network request information and the third network request information are different;It is described
First interface parameter is token value with the second interface parameter.
It is described that second network request information and first interface are generated according to the first network solicited message in said program
Parameter, including:
The time parameter character string in the first network solicited message is obtained from dictionary;
The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;
The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;
The key assignments array is converted to the word of the numerical value using the mapping relations between the key assignments and the numerical value
Symbol string;
The character string of the numerical value and server address are subjected to splicing and obtain the second network request information;
The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
In said program, the utilization symmetric encipherment algorithm obtains described first from the second network request information and connects
Mouth parameter, including:
The second network request information is parsed, obtains server address and the first inquiry string;
Parameter in first inquiry string according to preset second ordering rule is ranked up, forms described the
Two inquiry strings;
4th network request information is generated according to second inquiry string;
The 4th network request information, which is based on, using symmetry algorithm generates summary info;
The summary info is encrypted;
Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface ginseng
Number.
The present invention also provides it is a kind of send verification information method, the method includes:
Client obtains first network solicited message;
Second network request information and first interface parameter are generated according to the first network solicited message;By described second
Network request information and the first interface parameter carry out splicing generation third network request information, and please by the third network
Information is asked to be sent to server;
Server be based on the third network request information calculate second interface parameter, judge the first interface parameter with
Whether the second interface parameter is consistent, however, it is determined that when the first interface parameter and the consistent second interface parameter, to institute
It states client and sends the verification information;Wherein, the first network solicited message, the second network request information with it is described
Third network request information is uniform resource locator, and the first network solicited message, the second network request information
And the third network request information is different;The first interface parameter is token value with the second interface parameter.
In said program, when the server is to the client transmission verification information, according to preset transmission time
Number is sent.
The present invention also provides a kind of client, the client includes:
Acquiring unit, for obtaining first network solicited message;
First generation unit, for being connect according to the first network solicited message the second network request information of generation and first
Mouth parameter;Second generation unit, for generating third net according to the second network request information and the first interface parameter
Network solicited message;
Transmitting element, for the third network request information to be sent to server so that the server can be based on
The third network request information calculates second interface parameter, and when the determining second interface parameter and first interface ginseng
When number is consistent, the verification information is sent to the client;Wherein, the first network solicited message, second network
Solicited message and the third network request information are uniform resource locator, and the first network solicited message, described the
Two network request information and the third network request information are different;The first interface parameter is with the second interface parameter
Token value.
In said program, first generation unit includes:
First obtains subelement, for obtaining the time parameter character in the first network solicited message from dictionary
String;
The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;
The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;
Conversion subunit, for being converted the key assignments array using the mapping relations between the key assignments and the numerical value
Character string for the numerical value;
Splice subelement, second network is obtained for the character string of the numerical value and server address to be carried out splicing
Solicited message;
Second obtains subelement, for obtaining described the from the second network request information using symmetric encipherment algorithm
One interface parameters.
In said program, the second acquisition subelement is obtained using MD5 algorithms from the second network request information
The first interface parameter, including:
The second network request information is parsed, obtains server address and the first inquiry string;
Parameter in first inquiry string according to preset second ordering rule is ranked up, forms described the
Two inquiry strings;
4th network request information is generated according to second inquiry string;
The 4th network request information, which is based on, using symmetry algorithm generates summary info;
The summary info is encrypted;
Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface ginseng
Number.
The present invention also provides it is a kind of send verification information system, the system comprises:
Client, for obtaining first network solicited message;Second network is generated according to the first network solicited message
Solicited message and first interface parameter;The second network request information and the first interface parameter are subjected to splicing generation the
Three network request information, and the third network request information is sent to server;Server, for being based on the third net
Network solicited message calculates second interface parameter, judges whether the first interface parameter and the second interface parameter are consistent, if
When determining the first interface parameter and the consistent second interface parameter, the verification information is sent to the client;Its
In, the first network solicited message, the second network request information and the third network request information are unified resource
Finger URL, and the first network solicited message, the second network request information and the third network request information are different;
The first interface parameter is token value with the second interface parameter.
In said program, when the server is to the client transmission verification information, according to preset transmission time
Number is sent.
The present invention provides it is a kind of send verification information method and system, the method includes:Client obtains first
Network request information;Second network request information and first interface parameter are generated according to the first network solicited message;By institute
It states the second network request information and the first interface parameter carries out splicing generation third network request information;By the third net
Network solicited message is sent to server so that the server can be based on the third network request information and calculate second interface ginseng
Number, and judges whether the first interface parameter and the second interface parameter consistent, however, it is determined that the second interface parameter and
When the first interface parameter is consistent, the verification information is sent to the client;Wherein, the first network request letter
Breath, the second network request information and the third network request information are uniform resource locator, and the first network
Solicited message, the second network request information and the third network request information are different;The first interface parameter and institute
Second interface parameter is stated as token value;In this way, even if user is captured using script software or replaced in first network solicited message
Telephone number, frequently or aggressively verification information can not be sent to the telephone number, because also needing to get correctly
Token value could send verification information, this reduces the probability that malice retransmits verification information, and be difficult to without input
The identifying code of identification is verified, and then improves the operating efficiency of user.
Description of the drawings
Fig. 1 is the overall structure diagram of the system provided in an embodiment of the present invention for sending verification information;
Fig. 2 is the method flow schematic diagram provided in an embodiment of the present invention for sending verification information;
Fig. 3 is the another method flow schematic diagram for sending verification information provided in an embodiment of the present invention
Fig. 4 is the overall structure diagram of client provided in an embodiment of the present invention;
Fig. 5 provides the overall structure diagram of the first generation unit for the embodiment of the present invention.
Specific embodiment
In order to when logging in or registering APP, be verified, and testing using reception without inputting the identifying code for being difficult to recognize
When card information is verified, the probability that malice retransmits verification information is reduced, improves the operating efficiency of user, the present invention provides
A kind of method and system for sending verification information, the method includes:Client obtains first network solicited message;According to described
First network solicited message generates the second network request information and first interface parameter;By the second network request information and institute
It states first interface parameter and carries out splicing generation third network request information;The third network request information is sent to service
Device so that the server can be based on the third network request information and calculate second interface parameter, and judge that described first connects
Whether mouth parameter and the second interface parameter are consistent, however, it is determined that the second interface parameter and the first interface parameter are consistent
When, send the verification information to the client;Wherein, the first network solicited message, second network request letter
Breath and the third network request information are uniform resource locator, and the first network solicited message, second network
Solicited message and the third network request information are different;The first interface parameter is token with the second interface parameter
Value;
Technical scheme of the present invention is described in further detail below by drawings and the specific embodiments.
Before the embodiment of the method for introducing the present invention, first introduce and system architecture is verified in the embodiment of the present invention, such as Fig. 1 institutes
Show, which includes:Client 101 and server 102.Server 102 with N number of client 101 as shown in Figure 1, can realize logical
Letter connection, N is natural number, wherein, the communication mode between client 101, server 102 can be wire communication, can also
It is wireless communication, the client 101 can be specifically smart mobile phone or tablet computer, can also be intelligent wearing
Equipment etc., the application are not construed as limiting this.
As shown in Fig. 2, the data exchange process between the client 101 and the server 102 is as follows:
S1, client obtain first network solicited message;Generating the second network according to the first network solicited message please
Ask information and first interface parameter;It please according to the second network request information and first interface parameter generation third network
Information is sought, the third network request information is sent to server by client.
In this step, client obtains first network solicited message, after getting first network solicited message, according to described
First network solicited message generates the second network request information and first interface parameter, specifically includes:
Because first network solicited message is in dictionary dict, client obtains time parameter from dictionary dict first
Character string, for example, the character string of the time parameter can be e=14696&method=get-code&mobile=
1355408****;Wherein, e, method, mobile are the key assignments key of a dictionary dict;1469, get-code,
1355408**** is the numerical value value of dictionary dict.Wherein, the first network solicited message is uniform resource locator
URL。
After all key assignments key for getting time parameter character string, according to preset first ordering rule to described
Key assignments key is ranked up, and obtains key assignments array;First ordering rule can utilize
OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods
A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order
Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, using the mapping relations between the key assignments and the numerical value by the key assignments array
The character string of the numerical value is converted to, the character string of the numerical value and server address are carried out splicing obtains second network
Solicited message;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
Specifically, first key assignments key1 in key assignments array is taken out using objectAtIndex methods, is closed using mapping
System takes out first numerical value value1 by first key assignments key1 from dictionary dict, then by first key assignments key1
A new character string dictvaluestr1 is spliced into first numerical value value1;The rest may be inferred, and all key assignments are all turned
The character string of dictvaluestr types is turned to, finally splices the character string of all dictvaluestr types, is formed
The character string of the numerical value.
Then the path of the character string of numerical value and server address parts are carried out being spliced to form the second network request information
Sorturl;Wherein, the second network request information is also a URL in fact, but in the first network solicited message not
Together;The server address includes:Path parts and inquiry string query_string parts.It for example, will
The character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and form second
Network request information Sorturl.It is describedhttp:// server address/apiThe path parts of as described server address.
After getting the second network request information Sorturl, believed using symmetric encipherment algorithm from second network request
The first interface parameter is obtained in breath.Wherein, the symmetric encipherment algorithm can be the getNewToken letters in MD5 algorithms
Number.The first interface parameter is the token token values that client is calculated.
Specifically, the second network request information Sorturl is parsed, obtains server address first half path parts
And the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule
Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order
State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized
The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2,
And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network
Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information
String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest
KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated
Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract
Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will
Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced
Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled
Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng
Number.
After first interface parameter is generated, according to the second network request information Sorturl and the first interface
Parameter generates third network request information;First interface parameter Token splicings specifically are worth second network request to believe
After ceasing Sorturl, that is, form the third network request information TokenUrl, and by the third network request information
TokenUrl is sent to server.Wherein, the third network request information is uniform resource locator, and the first network
Solicited message, the second network request information and the third network request information are different.
For example, the third network request information TokenUrl=http:// server address/apiE=14696&
Method=get-code&mobile=1355408****%%%%%&token=********** * * * * * * * * * *
S2, server are based on the third network request information and calculate second interface parameter, judge the first interface ginseng
Whether number is consistent with the second interface parameter, however, it is determined that when the first interface parameter and the consistent second interface parameter,
The verification information is sent to the client.
In this step, after the server receives third network request information TokenUrl, pass through Token keywords
The third network request information TokenUrl is parsed, is obtained in third network request information TokenUrl after Token
Value, utilized based on the value after the Token and client obtain the same method of first interface parameter and obtains second interface and joins
Number, and judges whether the first interface parameter and the second interface parameter consistent, however, it is determined that the first interface parameter and
When the second interface parameter is consistent, the verification information is sent to the client.Here, the second interface parameter is clothes
The token token values that business device calculates, because server obtains the mistake of second interface parameter and client acquisition first interface parameter
Journey is the same, and details are not described herein.
Also, when sending verification information to the client, in order to avoid frequently malice is sent, need according to preset
Transmission times is sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment
Transmission times is 10 times.
Embodiment two
The present embodiment provides a kind of methods for sending verification information, and the method is based on client-side, as shown in figure 3, institute
The method of stating includes:
S301, client obtain first network solicited message;Second network is generated according to the first network solicited message
Solicited message and first interface parameter.
In this step, client obtains first network solicited message, after getting first network solicited message, according to described
First network solicited message generates the second network request information and first interface parameter, specifically includes:
Because first network solicited message is in dictionary dict, client obtains time parameter from dictionary dict first
Character string, for example, the character string of the time parameter can be e=14696&method=get-code&mobile=
1355408****;Wherein, e, method, mobile are the key assignments key of a dictionary dict;1469, get-code,
1355408**** is the numerical value value of dictionary dict.Wherein, the first network solicited message is uniform resource locator
URL。
After all key assignments key for getting time parameter character string, according to preset first ordering rule to described
Key assignments key is ranked up, and obtains key assignments array;First ordering rule can utilize
OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods
A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order
Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, using the mapping relations between the key assignments and the numerical value by the key assignments array
The character string of the numerical value is converted to, the character string of the numerical value and server address are carried out splicing obtains second network
Solicited message;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
Specifically, first key assignments key1 in key assignments array is taken out using objectAtIndex methods, is closed using mapping
System takes out first numerical value value1 by first key assignments key1 from dictionary dict, then by first key assignments key1
A new character string dictvaluestr1 is spliced into first numerical value value1;The rest may be inferred, and all key assignments are all turned
The character string of dictvaluestr types is turned to, finally splices the character string of all dictvaluestr types, is formed
The character string of the numerical value.
Then the path of the character string of numerical value and server address parts are carried out being spliced to form the second network request information
Sorturl;Wherein, the second network request information is also a URL in fact, but in the first network solicited message not
Together;The server address includes:Path parts and inquiry string query_string parts.It for example, will
The character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and form second
Network request information Sorturl.It is describedhttp:// server address/apiThe path parts of as described server address.
After getting the second network request information Sorturl, believed using symmetric encipherment algorithm from second network request
The first interface parameter is obtained in breath.Wherein, the symmetric encipherment algorithm can be the getNewToken letters in MD5 algorithms
Number.The first interface parameter is the token token values that client is calculated.
Specifically, the second network request information Sorturl is parsed, obtains server address first half path parts
And the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule
Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order
State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized
The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2,
And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network
Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information
String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest
KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated
Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract
Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will
Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced
Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled
Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng
Number.
S302 generates third network request information according to the second network request information and the first interface parameter.
In this step, after first interface parameter is generated, according to the second network request information Sorturl and described
First interface parameter generates third network request information;The splicing of first interface parameter is specifically worth second network request
After information Sorturl, that is, the third network request information TokenUrl is formed, for example, the third network request information
TokenUrl=http:// server address/apiE=14696&method=get-code&mobile=
1355408****%%%%%&token=********************;Wherein, the third network request information is
Uniform resource locator, and the first network solicited message, the second network request information and the third network request
Information is different.
The third network request information is sent to server by S303.
In this step, after client generates third network request information, and by the third network request information
TokenUrl is sent to server.
After the server receives third network request information TokenUrl, by Token keywords to described
Three network request information TokenUrl are parsed, and are obtained the value after Token in third network request information TokenUrl, are based on
Value after the Token is utilized obtains the same method acquisition second interface parameters of first interface parameter Token with client, and
Judge whether the first interface parameter and the second interface parameter are consistent, however, it is determined that the first interface parameter and described
When two interface parameters are consistent, the verification information is sent to the client.Here, the second interface parameter is server meter
The token token values of calculating, because server obtains second interface parameter as the process that client obtains first interface parameter,
Details are not described herein.
Also, when sending verification information to the client, in order to avoid frequently malice is sent, need according to preset
Transmission times is sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment
Transmission times is 10 times.
Embodiment three
Corresponding to embodiment one, a kind of system for sending verification information, referring to Fig. 1, the system are present embodiments provided
Including:Client 101 and server 102;When sending verification information, it is implemented as follows:
The client 101 obtains first network solicited message, after getting first network solicited message, according to described the
One network request information generates the second network request information and first interface parameter, specifically includes:
Because first network solicited message URL is in dictionary dict, when client 101 is obtained from dictionary dict first
Between parameter character string, for example, the character string of the time parameter can be e=14696&method=get-code&
Mobile=1355408****;Wherein, e, method, mobile are the key assignments key of a dictionary dict;1469, get-
Code, 1355408**** are the numerical value value of dictionary dict.Wherein, the first network solicited message is unified resource positioning
Accord with URL.
After all key assignments key for getting time parameter character string, according to preset first ordering rule to described
Key assignments key is ranked up, and obtains key assignments array;First ordering rule can utilize
OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods
A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order
Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, using the mapping relations between the key assignments and the numerical value by the key assignments array
The character string of the numerical value is converted to, the character string of the numerical value and server address are carried out splicing obtains second network
Solicited message;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
Specifically, first key assignments key1 in key assignments array is taken out using objectAtIndex methods, is closed using mapping
System takes out first numerical value value1 by first key assignments key1 from dictionary dict, then by first key assignments key1
A new character string dictvaluestr1 is spliced into first numerical value value1;The rest may be inferred, and all key assignments are all turned
The character string of dictvaluestr types is turned to, finally splices the character string of all dictvaluestr types, is formed
The character string of the numerical value.
Then the path of the character string of numerical value and server address parts are carried out being spliced to form the second network request information
Sorturl;Wherein, the second network request information is also a URL in fact, but in the first network solicited message not
Together;The server address includes:Path parts and inquiry string query_string parts.It for example, will
The character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and form second
Network request information Sorturl.It is describedhttp:// server address/apiThe path parts of as described server address.
After getting the second network request information Sorturl, believed using symmetric encipherment algorithm from second network request
The first interface parameter is obtained in breath.Wherein, the symmetric encipherment algorithm can be the getNewToken letters in MD5 algorithms
Number.The first interface parameter is the token token values that client is calculated.
Specifically, the second network request information Sorturl is parsed, obtains server address first half path parts
And the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule
Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order
State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized
The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2,
And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network
Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information
String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest
KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated
Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract
Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will
Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced
Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled
Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng
Number.
After first interface parameter is generated, according to the second network request information Sorturl and the first interface
Parameter generates third network request information;The splicing of first interface parameter is specifically worth the second network request information
After Sorturl, that is, form the third network request information TokenUrl, and by the third network request information
TokenUrl is sent to server.Wherein, the third network request information is uniform resource locator, and the first network
Solicited message, the second network request information and the third network request information are different.
For example, the third network request information TokenUrl=http:// server address/apiE=14696&
Method=get-code&mobile=1355408****%%%%%&token=********** * * * * * * * * * *
After the server 102 receives third network request information TokenUrl, by Token keywords to described
Third network request information TokenUrl is parsed, and obtains the value after Token, base in third network request information TokenUrl
Value after the Token is utilized obtains the same method acquisition second interface parameter of first interface parameter, and sentence with client
Whether the first interface parameter of breaking and the second interface parameter are consistent, however, it is determined that the first interface parameter and described second
When interface parameters is consistent, the verification information is sent to the client 101.Here, the second interface parameter is server
The token token values calculated obtain first interface parameter because server 102 obtains second interface parameter with client 101
Process is the same, and details are not described herein.
Also, when sending verification information to the client 101, in order to avoid frequently malice is sent, need according to pre-
If transmission times sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment
The transmission times put is 10 times.
Example IV
Corresponding to embodiment two, the present embodiment also provides a kind of client, as shown in figure 4, the client includes:It obtains
Unit 41, the first generation unit 42, the second generation unit 43, transmitting element 44;Wherein,
The acquiring unit 41 is used to obtain first network solicited message;Because first network solicited message is in dictionary dict
In, client obtains the character string of time parameter first from dictionary dict, for example, the character string of the time parameter can be with
For e=14696&method=get-code&mobile=1355408****;Wherein, e, method, mobile are a words
The key assignments key of allusion quotation dict;1469, get-code, 1355408**** are the numerical value value of dictionary dict.Wherein, described first
Network request information is uniform resource position mark URL.
After the acquiring unit 41 gets first network solicited message, the first generation unit 42 is used for according to described the
One network request information generates the second network request information and first interface parameter.
Specifically, referring to Fig. 5, first generation unit 42 includes:First obtain subelement 51, conversion subunit 52,
Splice subelement 53 and second and obtain subelement 54;Wherein,
After the first acquisition subelement 51 gets all key assignments key of time parameter character string, according to preset the
One ordering rule is ranked up the key assignments key, obtains key assignments array;First ordering rule can utilize
OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods
A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order
Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, the conversion subunit 52 is closed using the mapping between the key assignments and the numerical value
The key assignments array is converted to the character string of the numerical value by system, and the splicing subelement 53 is used for the character string of the numerical value
Splicing, which is carried out, with server address obtains the second network request information;Described second, which obtains subelement 54, utilizes symmetric cryptography
Algorithm obtains the first interface parameter from the second network request information.
Specifically, the conversion subunit 52 takes out first key in key assignments array using objectAtIndex methods
Value key1 takes out first numerical value value1, so by first key assignments key1 using mapping relations from dictionary dict
First key assignments key1 and first numerical value value1 are spliced into a new character string dictvaluestr1 afterwards;Class according to this
It pushes away, all key assignments is converted to the character string of dictvaluestr types, finally by all dictvaluestr types
Character string is spliced, and forms the character string of the numerical value.
Then the path of the character string of numerical value and server address parts are spliced to form by the splicing subelement 53
Second network request information Sorturl;Wherein, the second network request information is also a URL in fact, but in described first
Network request information is different;The server address includes:Path parts and inquiry string query_string parts.Example
Such as, by the character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and formed
Second network request information Sorturl.It is describedhttp:// server address/apiThe path portions of as described server address
Point.
After the described second acquisition subelement 54 gets the second network request information Sorturl, calculated using symmetric cryptography
Method obtains the first interface parameter Token from the second network request information.Wherein, the symmetric encipherment algorithm can be with
It is the getNewToken functions in MD5 algorithms.The first interface parameter is the token token values that client is calculated.
Here, after the second acquisition subelement 54 gets the second network request information Sorturl, symmetric cryptography is utilized
Algorithm obtains the first interface parameter Token from the second network request information and specifically includes:
The second acquisition subelement 54 parses the second network request information Sorturl, before obtaining server address
Half part path parts and the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule
Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order
State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized
The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2,
And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network
Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information
String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest
KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated
Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract
Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will
Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced
Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled
Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng
Number.
After first generation unit 42 generates first interface parameter, the second generation unit 43 is used for according to described second
Network request information and first interface parameter generation third network request information;Specifically by first interface parameter
Token splicings are worth after the second network request information Sorturl, that is, form the third network request information
TokenUrl, wherein, the third network request information is uniform resource locator, and the first network solicited message, institute
It states the second network request information and the third network request information is different.
For example, the third network request information TokenUrl=http:// server address/apiE=14696&
Method=get-code&mobile=1355408****%%%%%&token=********** * * * * * * * * * *
The transmitting element 44 is used to the third network request information being sent to server so that the server energy
Second interface parameter is calculated, and when the determining second interface parameter and described first connect based on the third network request information
When mouth parameter is consistent, the verification information is sent to the client.
After the server receives third network request information TokenUrl, by Token keywords to described
Three network request information TokenUrl are parsed, and are obtained the value after Token in third network request information TokenUrl, are based on
Value after the Token is utilized obtains the same method acquisition second interface parameters of first interface parameter Token with client, and
Judge whether the first interface parameter and the second interface parameter are consistent, however, it is determined that the first interface parameter and described
When two interface parameters are consistent, the verification information is sent to the client.Here, the second interface parameter is server meter
The token token values of calculating obtain first interface parameter Token because server obtains second interface parameter Token1 with client
Process it is the same, details are not described herein.
Also, when sending verification information to the client, in order to avoid frequently malice is sent, need according to preset
Transmission times is sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment
Transmission times is 10 times.
The advantageous effect brought of one or more embodiment provided by the invention is:
The present invention provides it is a kind of send verification information method and system, the method includes:Client obtains first
Network request information;Second network request information and first interface parameter are generated according to the first network solicited message;It is described
First network solicited message and the second network request information are uniform resource locator, and the first network solicited message
It is different from the second network request information;The second network request information and the first interface parameter are subjected to splicing life
Into third network request information;The third network request information is sent to server so that the server can be based on institute
It states third network request information and calculates second interface parameter, and judge that the first interface parameter is with the second interface parameter
It is no consistent, however, it is determined that when the second interface parameter and the consistent first interface parameter, to be tested to described in client transmission
Demonstrate,prove information;The first interface parameter is token value with the second interface parameter;In this way, even if user is grabbed using script software
It takes and replaces the telephone number in first network solicited message, frequently or aggressively can not send verification to the telephone number
Information, also, due to the number for being preset with transmission, even if user at will makes up an effective phone number, ceaselessly carry out
Verification information is received, but as long as be more than preset transmission times, will be ignored by server, this reduces malice to retransmit
The probability of verification information, and the identifying code for being difficult to recognize without input is verified, and then improves the operation effect of user
Rate.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention, it is all
All any modification, equivalent and improvement made within the spirit and principles in the present invention etc. should be included in the protection of the present invention
Within the scope of.
Claims (10)
- A kind of 1. method for sending verification information, which is characterized in that the method includes:Client obtains first network solicited message;Second network request information and first interface parameter are generated according to the first network solicited message;The second network request information and the first interface parameter are subjected to splicing generation third network request information;The third network request information is sent to server so that the server, which can be based on the third network request, to be believed Breath calculates second interface parameter, and judges whether the first interface parameter and the second interface parameter are consistent, however, it is determined that institute When stating second interface parameter and the consistent first interface parameter, the verification information is sent to the client;Wherein, it is described First network solicited message, the second network request information and the third network request information are uniform resource locator, And the first network solicited message, the second network request information and the third network request information are different;Described One interface parameters is token value with the second interface parameter.
- 2. the method as described in claim 1, which is characterized in that described that second net is generated according to the first network solicited message Network solicited message and first interface parameter, including:The time parameter character string in the first network solicited message is obtained from dictionary;The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;The key assignments array is converted to the character string of the numerical value using the mapping relations between the key assignments and the numerical value;The character string of the numerical value and server address are subjected to splicing and obtain the second network request information;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
- 3. method as claimed in claim 2, which is characterized in that described to utilize symmetric encipherment algorithm from second network request The first interface parameter is obtained in information, including:The second network request information is parsed, obtains server address and the first inquiry string;Parameter in first inquiry string according to preset second ordering rule is ranked up, described second is formed and looks into Ask character string;4th network request information is generated according to second inquiry string;The 4th network request information, which is based on, using symmetry algorithm generates summary info;The summary info is encrypted;Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface parameter.
- A kind of 4. method for sending verification information, which is characterized in that the method includes:Client obtains first network solicited message;Second network request information and first interface parameter are generated according to the first network solicited message;By second network Solicited message and the first interface parameter carry out splicing generation third network request information, and the third network request is believed Breath is sent to server;Server be based on the third network request information calculate second interface parameter, judge the first interface parameter with it is described Whether second interface parameter is consistent, however, it is determined that when the first interface parameter and the consistent second interface parameter, to the visitor Family end sends the verification information;Wherein,The first network solicited message, the second network request information and the third network request information are unified resource Finger URL, and the first network solicited message, the second network request information and the third network request information are different; The first interface parameter is token value with the second interface parameter.
- 5. method as claimed in claim 4, which is characterized in that the server sends the verification information to the client When, it is sent according to preset transmission times.
- 6. a kind of client, which is characterized in that the client includes:Acquiring unit, for obtaining first network solicited message;First generation unit, for generating the second network request information and first interface ginseng according to the first network solicited message Number;Second generation unit, for being asked according to the second network request information and first interface parameter generation third network Seek information;Transmitting element, for the third network request information to be sent to server so that the server can be based on described Third network request information calculates second interface parameter, and when the determining second interface parameter and the first interface parameter one During cause, the verification information is sent to the client;Wherein, the first network solicited message, second network request Information and the third network request information are uniform resource locator, and the first network solicited message, second net Network solicited message and the third network request information are different;The first interface parameter is token with the second interface parameter Value.
- 7. client as claimed in claim 6, which is characterized in that first generation unit includes:First obtains subelement, for obtaining the time parameter character string in the first network solicited message from dictionary;The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;Conversion subunit, for the key assignments array to be converted to institute using the mapping relations between the key assignments and the numerical value State the character string of numerical value;Splice subelement, second network request is obtained for the character string of the numerical value and server address to be carried out splicing Information;Second obtains subelement, is connect for obtaining described first from the second network request information using symmetric encipherment algorithm Mouth parameter.
- 8. client as claimed in claim 7, which is characterized in that described second obtains subelement using MD5 algorithms from described The first interface parameter is obtained in second network request information, including:The second network request information is parsed, obtains server address and the first inquiry string;Parameter in first inquiry string according to preset second ordering rule is ranked up, described second is formed and looks into Ask character string;4th network request information is generated according to second inquiry string;The 4th network request information, which is based on, using symmetry algorithm generates summary info;The summary info is encrypted;Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface parameter.
- 9. a kind of system for sending verification information, which is characterized in that the system comprises:Client, for obtaining first network solicited message;Second network request is generated according to the first network solicited message Information and first interface parameter;The second network request information and the first interface parameter are subjected to splicing generation third net Network solicited message, and the third network request information is sent to server;Server, please for being based on the third network Information is asked to calculate second interface parameter, judges whether the first interface parameter and the second interface parameter are consistent, however, it is determined that When the first interface parameter and the consistent second interface parameter, the verification information is sent to the client;Wherein, institute State first network solicited message, the second network request information is positioned with the third network request information for unified resource Symbol, and the first network solicited message, the second network request information and the third network request information are different;It is described First interface parameter is token value with the second interface parameter.
- 10. system as claimed in claim 9, which is characterized in that the server sends the verification to the client to be believed During breath, sent according to preset transmission times.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611228347.7A CN108243172B (en) | 2016-12-27 | 2016-12-27 | Method and system for sending verification information |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611228347.7A CN108243172B (en) | 2016-12-27 | 2016-12-27 | Method and system for sending verification information |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108243172A true CN108243172A (en) | 2018-07-03 |
CN108243172B CN108243172B (en) | 2020-08-04 |
Family
ID=62702639
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611228347.7A Active CN108243172B (en) | 2016-12-27 | 2016-12-27 | Method and system for sending verification information |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108243172B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112566121A (en) * | 2020-12-09 | 2021-03-26 | 北京深思数盾科技股份有限公司 | Method for preventing attack, server, electronic equipment and storage medium |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101997880A (en) * | 2010-12-01 | 2011-03-30 | 湖南智源信息网络技术开发有限公司 | Method and device for verifying security of network page or interface |
CN102868533A (en) * | 2012-09-13 | 2013-01-09 | 中科华核电技术研究院有限公司 | Method and system for verifying resource access authorization |
CN103795692A (en) * | 2012-10-31 | 2014-05-14 | 中国电信股份有限公司 | Open authorization method, open authorization system and authentication and authorization server |
CN104348849A (en) * | 2013-07-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Instant communication key-value data issuing method, server, client and system |
US9239912B1 (en) * | 2011-12-12 | 2016-01-19 | Google Inc. | Method, manufacture, and apparatus for content protection using authentication data |
CN105407102A (en) * | 2015-12-10 | 2016-03-16 | 四川长虹电器股份有限公司 | Http request data reliability verification method |
CN105703910A (en) * | 2016-04-18 | 2016-06-22 | 中邮建技术有限公司 | Dynamic password verifying method based on Wechat service number |
CN105978878A (en) * | 2016-05-11 | 2016-09-28 | 腾讯科技(深圳)有限公司 | Webpage verification method and device |
CN106161411A (en) * | 2015-04-27 | 2016-11-23 | 阿里巴巴集团控股有限公司 | A kind of webpage verification using data-hiding technology method and device |
-
2016
- 2016-12-27 CN CN201611228347.7A patent/CN108243172B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101997880A (en) * | 2010-12-01 | 2011-03-30 | 湖南智源信息网络技术开发有限公司 | Method and device for verifying security of network page or interface |
US9239912B1 (en) * | 2011-12-12 | 2016-01-19 | Google Inc. | Method, manufacture, and apparatus for content protection using authentication data |
CN102868533A (en) * | 2012-09-13 | 2013-01-09 | 中科华核电技术研究院有限公司 | Method and system for verifying resource access authorization |
CN103795692A (en) * | 2012-10-31 | 2014-05-14 | 中国电信股份有限公司 | Open authorization method, open authorization system and authentication and authorization server |
CN104348849A (en) * | 2013-07-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Instant communication key-value data issuing method, server, client and system |
CN106161411A (en) * | 2015-04-27 | 2016-11-23 | 阿里巴巴集团控股有限公司 | A kind of webpage verification using data-hiding technology method and device |
CN105407102A (en) * | 2015-12-10 | 2016-03-16 | 四川长虹电器股份有限公司 | Http request data reliability verification method |
CN105703910A (en) * | 2016-04-18 | 2016-06-22 | 中邮建技术有限公司 | Dynamic password verifying method based on Wechat service number |
CN105978878A (en) * | 2016-05-11 | 2016-09-28 | 腾讯科技(深圳)有限公司 | Webpage verification method and device |
Non-Patent Citations (2)
Title |
---|
JOSHUA1830: "防止恶意频繁发送短信验证码", 《HTTP://BLOG.CSDN.NET/JOSHUA1830/ARTICLE/DETAILS/51780768》 * |
魏冰,徐震: "基于验证机制的应用层DDoS攻击防御方法", 《计算机工程与设计》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112566121A (en) * | 2020-12-09 | 2021-03-26 | 北京深思数盾科技股份有限公司 | Method for preventing attack, server, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108243172B (en) | 2020-08-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108365961B (en) | The response method and server that interface call method and terminal device, interface call | |
CN103618794B (en) | Method, terminal and the server of automated log on | |
US10073916B2 (en) | Method and system for facilitating terminal identifiers | |
CN105391695B (en) | A kind of terminal registration method and method of calibration | |
CN105554037B (en) | Authentication processing method and service platform | |
CN103155513B (en) | Accelerate the method and apparatus of certification | |
CN104468531B (en) | The authorization method of sensitive data, device and system | |
CN107147644B (en) | Method for realizing login of mobile APP user in single device | |
WO2018018697A1 (en) | Method and system for identifying spam message from false base station | |
CN110291757A (en) | For providing the method for simplified account register service, user authentication service and utilizing its certificate server | |
CN103607284B (en) | Identity authentication method and equipment and server | |
CN110521182B (en) | Method and system for protocol level identity mapping | |
CN107801229A (en) | Smart home is with network method, terminal, equipment and the device with store function | |
US11997188B2 (en) | Method and system for HTTP session management using hash chains | |
CN105119722A (en) | Identity verification method, equipment and system | |
CN105490997B (en) | Safe checking method, device, terminal and server | |
CN109688098A (en) | Safety communicating method, device, equipment and the computer readable storage medium of data | |
CN102946384A (en) | User authentication method and device | |
CN111404695B (en) | Token request verification method and device | |
CN105162604A (en) | Feature image identification based verification method and system, and verification server | |
CN104821882A (en) | Network security verification method based on voice biometric features | |
CN108174360A (en) | A kind of note transmission method and device, short-message verification method and device | |
CN109525949A (en) | Register method and device, storage medium, server, user terminal | |
CN110233850A (en) | Register method, application server, user terminal and system based on alliance's chain | |
CN108243172A (en) | A kind of method and system for sending verification information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |