CN108243172A - A kind of method and system for sending verification information - Google Patents

A kind of method and system for sending verification information Download PDF

Info

Publication number
CN108243172A
CN108243172A CN201611228347.7A CN201611228347A CN108243172A CN 108243172 A CN108243172 A CN 108243172A CN 201611228347 A CN201611228347 A CN 201611228347A CN 108243172 A CN108243172 A CN 108243172A
Authority
CN
China
Prior art keywords
request information
network request
network
interface parameter
solicited message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201611228347.7A
Other languages
Chinese (zh)
Other versions
CN108243172B (en
Inventor
汪刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Douyu Network Technology Co Ltd
Original Assignee
Wuhan Douyu Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Douyu Network Technology Co Ltd filed Critical Wuhan Douyu Network Technology Co Ltd
Priority to CN201611228347.7A priority Critical patent/CN108243172B/en
Publication of CN108243172A publication Critical patent/CN108243172A/en
Application granted granted Critical
Publication of CN108243172B publication Critical patent/CN108243172B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention provides a kind of method and system for sending verification information, method includes:Client obtains first network solicited message;Second network request information and first interface parameter are generated according to first network solicited message;Second network request information and first interface parameter are subjected to splicing generation third network request information;Third network request information is sent to server, server is enabled to be based on third network request information and calculates second interface parameter, and judge whether first interface parameter is consistent with second interface parameter, if it is determined that when second interface parameter and consistent first interface parameter, the verification information is sent to the client;So, even if user is captured or is replaced the telephone number in first network solicited message using script software, can not frequently or aggressively verification information be sent to the telephone number, reduce the probability that malice retransmits verification information, and the identifying code for being difficult to recognize without input is verified, and then improve the operating efficiency of user.

Description

A kind of method and system for sending verification information
Technical field
The invention belongs to field of communication technology more particularly to a kind of method and system for sending verification information.
Background technology
The APP of many terminals is registered or is logged in cell-phone number in the market, generally in the verification for obtaining mobile phone reception Before information, need first to input several numbers or the identifying code of symbol is registered or logged in.
And in order to avoid identifying code by frequent or aggressive is sent, the prior art designs identifying code increasingly complex Change, the word on identifying code it is crooked even be difficult to recognize, when input by user may input error, to logging in or noting Volume APP causes certain obstacle, so as to reduce the operating efficiency of user.
Invention content
In view of the problems of the existing technology, an embodiment of the present invention provides it is a kind of send verification information method and be System, for solve in the prior art log in or register APP when, identifying code is avoided by frequent or aggressive to send, is caused The technical issues of user's operation efficiency reduces.
The present invention provides a kind of method for sending verification information, the method includes:
Client obtains first network solicited message;
Second network request information and first interface parameter are generated according to the first network solicited message;By described second Network request information and the first interface parameter carry out splicing generation third network request information;
The third network request information is sent to server so that the server can be based on the third network please Information is asked to calculate second interface parameter, and judges whether the first interface parameter and the second interface parameter are consistent, if really When the fixed second interface parameter and the consistent first interface parameter, the verification information is sent to the client;Wherein, The first network solicited message, the second network request information are positioned with the third network request information for unified resource Symbol, and the first network solicited message, the second network request information and the third network request information are different;It is described First interface parameter is token value with the second interface parameter.
It is described that second network request information and first interface are generated according to the first network solicited message in said program Parameter, including:
The time parameter character string in the first network solicited message is obtained from dictionary;
The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;
The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;
The key assignments array is converted to the word of the numerical value using the mapping relations between the key assignments and the numerical value Symbol string;
The character string of the numerical value and server address are subjected to splicing and obtain the second network request information;
The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
In said program, the utilization symmetric encipherment algorithm obtains described first from the second network request information and connects Mouth parameter, including:
The second network request information is parsed, obtains server address and the first inquiry string;
Parameter in first inquiry string according to preset second ordering rule is ranked up, forms described the Two inquiry strings;
4th network request information is generated according to second inquiry string;
The 4th network request information, which is based on, using symmetry algorithm generates summary info;
The summary info is encrypted;
Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface ginseng Number.
The present invention also provides it is a kind of send verification information method, the method includes:
Client obtains first network solicited message;
Second network request information and first interface parameter are generated according to the first network solicited message;By described second Network request information and the first interface parameter carry out splicing generation third network request information, and please by the third network Information is asked to be sent to server;
Server be based on the third network request information calculate second interface parameter, judge the first interface parameter with Whether the second interface parameter is consistent, however, it is determined that when the first interface parameter and the consistent second interface parameter, to institute It states client and sends the verification information;Wherein, the first network solicited message, the second network request information with it is described Third network request information is uniform resource locator, and the first network solicited message, the second network request information And the third network request information is different;The first interface parameter is token value with the second interface parameter.
In said program, when the server is to the client transmission verification information, according to preset transmission time Number is sent.
The present invention also provides a kind of client, the client includes:
Acquiring unit, for obtaining first network solicited message;
First generation unit, for being connect according to the first network solicited message the second network request information of generation and first Mouth parameter;Second generation unit, for generating third net according to the second network request information and the first interface parameter Network solicited message;
Transmitting element, for the third network request information to be sent to server so that the server can be based on The third network request information calculates second interface parameter, and when the determining second interface parameter and first interface ginseng When number is consistent, the verification information is sent to the client;Wherein, the first network solicited message, second network Solicited message and the third network request information are uniform resource locator, and the first network solicited message, described the Two network request information and the third network request information are different;The first interface parameter is with the second interface parameter Token value.
In said program, first generation unit includes:
First obtains subelement, for obtaining the time parameter character in the first network solicited message from dictionary String;
The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;
The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;
Conversion subunit, for being converted the key assignments array using the mapping relations between the key assignments and the numerical value Character string for the numerical value;
Splice subelement, second network is obtained for the character string of the numerical value and server address to be carried out splicing Solicited message;
Second obtains subelement, for obtaining described the from the second network request information using symmetric encipherment algorithm One interface parameters.
In said program, the second acquisition subelement is obtained using MD5 algorithms from the second network request information The first interface parameter, including:
The second network request information is parsed, obtains server address and the first inquiry string;
Parameter in first inquiry string according to preset second ordering rule is ranked up, forms described the Two inquiry strings;
4th network request information is generated according to second inquiry string;
The 4th network request information, which is based on, using symmetry algorithm generates summary info;
The summary info is encrypted;
Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface ginseng Number.
The present invention also provides it is a kind of send verification information system, the system comprises:
Client, for obtaining first network solicited message;Second network is generated according to the first network solicited message Solicited message and first interface parameter;The second network request information and the first interface parameter are subjected to splicing generation the Three network request information, and the third network request information is sent to server;Server, for being based on the third net Network solicited message calculates second interface parameter, judges whether the first interface parameter and the second interface parameter are consistent, if When determining the first interface parameter and the consistent second interface parameter, the verification information is sent to the client;Its In, the first network solicited message, the second network request information and the third network request information are unified resource Finger URL, and the first network solicited message, the second network request information and the third network request information are different; The first interface parameter is token value with the second interface parameter.
In said program, when the server is to the client transmission verification information, according to preset transmission time Number is sent.
The present invention provides it is a kind of send verification information method and system, the method includes:Client obtains first Network request information;Second network request information and first interface parameter are generated according to the first network solicited message;By institute It states the second network request information and the first interface parameter carries out splicing generation third network request information;By the third net Network solicited message is sent to server so that the server can be based on the third network request information and calculate second interface ginseng Number, and judges whether the first interface parameter and the second interface parameter consistent, however, it is determined that the second interface parameter and When the first interface parameter is consistent, the verification information is sent to the client;Wherein, the first network request letter Breath, the second network request information and the third network request information are uniform resource locator, and the first network Solicited message, the second network request information and the third network request information are different;The first interface parameter and institute Second interface parameter is stated as token value;In this way, even if user is captured using script software or replaced in first network solicited message Telephone number, frequently or aggressively verification information can not be sent to the telephone number, because also needing to get correctly Token value could send verification information, this reduces the probability that malice retransmits verification information, and be difficult to without input The identifying code of identification is verified, and then improves the operating efficiency of user.
Description of the drawings
Fig. 1 is the overall structure diagram of the system provided in an embodiment of the present invention for sending verification information;
Fig. 2 is the method flow schematic diagram provided in an embodiment of the present invention for sending verification information;
Fig. 3 is the another method flow schematic diagram for sending verification information provided in an embodiment of the present invention
Fig. 4 is the overall structure diagram of client provided in an embodiment of the present invention;
Fig. 5 provides the overall structure diagram of the first generation unit for the embodiment of the present invention.
Specific embodiment
In order to when logging in or registering APP, be verified, and testing using reception without inputting the identifying code for being difficult to recognize When card information is verified, the probability that malice retransmits verification information is reduced, improves the operating efficiency of user, the present invention provides A kind of method and system for sending verification information, the method includes:Client obtains first network solicited message;According to described First network solicited message generates the second network request information and first interface parameter;By the second network request information and institute It states first interface parameter and carries out splicing generation third network request information;The third network request information is sent to service Device so that the server can be based on the third network request information and calculate second interface parameter, and judge that described first connects Whether mouth parameter and the second interface parameter are consistent, however, it is determined that the second interface parameter and the first interface parameter are consistent When, send the verification information to the client;Wherein, the first network solicited message, second network request letter Breath and the third network request information are uniform resource locator, and the first network solicited message, second network Solicited message and the third network request information are different;The first interface parameter is token with the second interface parameter Value;
Technical scheme of the present invention is described in further detail below by drawings and the specific embodiments.
Before the embodiment of the method for introducing the present invention, first introduce and system architecture is verified in the embodiment of the present invention, such as Fig. 1 institutes Show, which includes:Client 101 and server 102.Server 102 with N number of client 101 as shown in Figure 1, can realize logical Letter connection, N is natural number, wherein, the communication mode between client 101, server 102 can be wire communication, can also It is wireless communication, the client 101 can be specifically smart mobile phone or tablet computer, can also be intelligent wearing Equipment etc., the application are not construed as limiting this.
As shown in Fig. 2, the data exchange process between the client 101 and the server 102 is as follows:
S1, client obtain first network solicited message;Generating the second network according to the first network solicited message please Ask information and first interface parameter;It please according to the second network request information and first interface parameter generation third network Information is sought, the third network request information is sent to server by client.
In this step, client obtains first network solicited message, after getting first network solicited message, according to described First network solicited message generates the second network request information and first interface parameter, specifically includes:
Because first network solicited message is in dictionary dict, client obtains time parameter from dictionary dict first Character string, for example, the character string of the time parameter can be e=14696&method=get-code&mobile= 1355408****;Wherein, e, method, mobile are the key assignments key of a dictionary dict;1469, get-code, 1355408**** is the numerical value value of dictionary dict.Wherein, the first network solicited message is uniform resource locator URL。
After all key assignments key for getting time parameter character string, according to preset first ordering rule to described Key assignments key is ranked up, and obtains key assignments array;First ordering rule can utilize OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, using the mapping relations between the key assignments and the numerical value by the key assignments array The character string of the numerical value is converted to, the character string of the numerical value and server address are carried out splicing obtains second network Solicited message;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
Specifically, first key assignments key1 in key assignments array is taken out using objectAtIndex methods, is closed using mapping System takes out first numerical value value1 by first key assignments key1 from dictionary dict, then by first key assignments key1 A new character string dictvaluestr1 is spliced into first numerical value value1;The rest may be inferred, and all key assignments are all turned The character string of dictvaluestr types is turned to, finally splices the character string of all dictvaluestr types, is formed The character string of the numerical value.
Then the path of the character string of numerical value and server address parts are carried out being spliced to form the second network request information Sorturl;Wherein, the second network request information is also a URL in fact, but in the first network solicited message not Together;The server address includes:Path parts and inquiry string query_string parts.It for example, will The character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and form second Network request information Sorturl.It is describedhttp:// server address/apiThe path parts of as described server address.
After getting the second network request information Sorturl, believed using symmetric encipherment algorithm from second network request The first interface parameter is obtained in breath.Wherein, the symmetric encipherment algorithm can be the getNewToken letters in MD5 algorithms Number.The first interface parameter is the token token values that client is calculated.
Specifically, the second network request information Sorturl is parsed, obtains server address first half path parts And the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2, And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng Number.
After first interface parameter is generated, according to the second network request information Sorturl and the first interface Parameter generates third network request information;First interface parameter Token splicings specifically are worth second network request to believe After ceasing Sorturl, that is, form the third network request information TokenUrl, and by the third network request information TokenUrl is sent to server.Wherein, the third network request information is uniform resource locator, and the first network Solicited message, the second network request information and the third network request information are different.
For example, the third network request information TokenUrl=http:// server address/apiE=14696& Method=get-code&mobile=1355408****%%%%%&token=********** * * * * * * * * * *
S2, server are based on the third network request information and calculate second interface parameter, judge the first interface ginseng Whether number is consistent with the second interface parameter, however, it is determined that when the first interface parameter and the consistent second interface parameter, The verification information is sent to the client.
In this step, after the server receives third network request information TokenUrl, pass through Token keywords The third network request information TokenUrl is parsed, is obtained in third network request information TokenUrl after Token Value, utilized based on the value after the Token and client obtain the same method of first interface parameter and obtains second interface and joins Number, and judges whether the first interface parameter and the second interface parameter consistent, however, it is determined that the first interface parameter and When the second interface parameter is consistent, the verification information is sent to the client.Here, the second interface parameter is clothes The token token values that business device calculates, because server obtains the mistake of second interface parameter and client acquisition first interface parameter Journey is the same, and details are not described herein.
Also, when sending verification information to the client, in order to avoid frequently malice is sent, need according to preset Transmission times is sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment Transmission times is 10 times.
Embodiment two
The present embodiment provides a kind of methods for sending verification information, and the method is based on client-side, as shown in figure 3, institute The method of stating includes:
S301, client obtain first network solicited message;Second network is generated according to the first network solicited message Solicited message and first interface parameter.
In this step, client obtains first network solicited message, after getting first network solicited message, according to described First network solicited message generates the second network request information and first interface parameter, specifically includes:
Because first network solicited message is in dictionary dict, client obtains time parameter from dictionary dict first Character string, for example, the character string of the time parameter can be e=14696&method=get-code&mobile= 1355408****;Wherein, e, method, mobile are the key assignments key of a dictionary dict;1469, get-code, 1355408**** is the numerical value value of dictionary dict.Wherein, the first network solicited message is uniform resource locator URL。
After all key assignments key for getting time parameter character string, according to preset first ordering rule to described Key assignments key is ranked up, and obtains key assignments array;First ordering rule can utilize OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, using the mapping relations between the key assignments and the numerical value by the key assignments array The character string of the numerical value is converted to, the character string of the numerical value and server address are carried out splicing obtains second network Solicited message;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
Specifically, first key assignments key1 in key assignments array is taken out using objectAtIndex methods, is closed using mapping System takes out first numerical value value1 by first key assignments key1 from dictionary dict, then by first key assignments key1 A new character string dictvaluestr1 is spliced into first numerical value value1;The rest may be inferred, and all key assignments are all turned The character string of dictvaluestr types is turned to, finally splices the character string of all dictvaluestr types, is formed The character string of the numerical value.
Then the path of the character string of numerical value and server address parts are carried out being spliced to form the second network request information Sorturl;Wherein, the second network request information is also a URL in fact, but in the first network solicited message not Together;The server address includes:Path parts and inquiry string query_string parts.It for example, will The character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and form second Network request information Sorturl.It is describedhttp:// server address/apiThe path parts of as described server address.
After getting the second network request information Sorturl, believed using symmetric encipherment algorithm from second network request The first interface parameter is obtained in breath.Wherein, the symmetric encipherment algorithm can be the getNewToken letters in MD5 algorithms Number.The first interface parameter is the token token values that client is calculated.
Specifically, the second network request information Sorturl is parsed, obtains server address first half path parts And the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2, And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng Number.
S302 generates third network request information according to the second network request information and the first interface parameter.
In this step, after first interface parameter is generated, according to the second network request information Sorturl and described First interface parameter generates third network request information;The splicing of first interface parameter is specifically worth second network request After information Sorturl, that is, the third network request information TokenUrl is formed, for example, the third network request information TokenUrl=http:// server address/apiE=14696&method=get-code&mobile= 1355408****%%%%%&token=********************;Wherein, the third network request information is Uniform resource locator, and the first network solicited message, the second network request information and the third network request Information is different.
The third network request information is sent to server by S303.
In this step, after client generates third network request information, and by the third network request information TokenUrl is sent to server.
After the server receives third network request information TokenUrl, by Token keywords to described Three network request information TokenUrl are parsed, and are obtained the value after Token in third network request information TokenUrl, are based on Value after the Token is utilized obtains the same method acquisition second interface parameters of first interface parameter Token with client, and Judge whether the first interface parameter and the second interface parameter are consistent, however, it is determined that the first interface parameter and described When two interface parameters are consistent, the verification information is sent to the client.Here, the second interface parameter is server meter The token token values of calculating, because server obtains second interface parameter as the process that client obtains first interface parameter, Details are not described herein.
Also, when sending verification information to the client, in order to avoid frequently malice is sent, need according to preset Transmission times is sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment Transmission times is 10 times.
Embodiment three
Corresponding to embodiment one, a kind of system for sending verification information, referring to Fig. 1, the system are present embodiments provided Including:Client 101 and server 102;When sending verification information, it is implemented as follows:
The client 101 obtains first network solicited message, after getting first network solicited message, according to described the One network request information generates the second network request information and first interface parameter, specifically includes:
Because first network solicited message URL is in dictionary dict, when client 101 is obtained from dictionary dict first Between parameter character string, for example, the character string of the time parameter can be e=14696&method=get-code& Mobile=1355408****;Wherein, e, method, mobile are the key assignments key of a dictionary dict;1469, get- Code, 1355408**** are the numerical value value of dictionary dict.Wherein, the first network solicited message is unified resource positioning Accord with URL.
After all key assignments key for getting time parameter character string, according to preset first ordering rule to described Key assignments key is ranked up, and obtains key assignments array;First ordering rule can utilize OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, using the mapping relations between the key assignments and the numerical value by the key assignments array The character string of the numerical value is converted to, the character string of the numerical value and server address are carried out splicing obtains second network Solicited message;The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
Specifically, first key assignments key1 in key assignments array is taken out using objectAtIndex methods, is closed using mapping System takes out first numerical value value1 by first key assignments key1 from dictionary dict, then by first key assignments key1 A new character string dictvaluestr1 is spliced into first numerical value value1;The rest may be inferred, and all key assignments are all turned The character string of dictvaluestr types is turned to, finally splices the character string of all dictvaluestr types, is formed The character string of the numerical value.
Then the path of the character string of numerical value and server address parts are carried out being spliced to form the second network request information Sorturl;Wherein, the second network request information is also a URL in fact, but in the first network solicited message not Together;The server address includes:Path parts and inquiry string query_string parts.It for example, will The character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and form second Network request information Sorturl.It is describedhttp:// server address/apiThe path parts of as described server address.
After getting the second network request information Sorturl, believed using symmetric encipherment algorithm from second network request The first interface parameter is obtained in breath.Wherein, the symmetric encipherment algorithm can be the getNewToken letters in MD5 algorithms Number.The first interface parameter is the token token values that client is calculated.
Specifically, the second network request information Sorturl is parsed, obtains server address first half path parts And the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2, And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng Number.
After first interface parameter is generated, according to the second network request information Sorturl and the first interface Parameter generates third network request information;The splicing of first interface parameter is specifically worth the second network request information After Sorturl, that is, form the third network request information TokenUrl, and by the third network request information TokenUrl is sent to server.Wherein, the third network request information is uniform resource locator, and the first network Solicited message, the second network request information and the third network request information are different.
For example, the third network request information TokenUrl=http:// server address/apiE=14696& Method=get-code&mobile=1355408****%%%%%&token=********** * * * * * * * * * *
After the server 102 receives third network request information TokenUrl, by Token keywords to described Third network request information TokenUrl is parsed, and obtains the value after Token, base in third network request information TokenUrl Value after the Token is utilized obtains the same method acquisition second interface parameter of first interface parameter, and sentence with client Whether the first interface parameter of breaking and the second interface parameter are consistent, however, it is determined that the first interface parameter and described second When interface parameters is consistent, the verification information is sent to the client 101.Here, the second interface parameter is server The token token values calculated obtain first interface parameter because server 102 obtains second interface parameter with client 101 Process is the same, and details are not described herein.
Also, when sending verification information to the client 101, in order to avoid frequently malice is sent, need according to pre- If transmission times sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment The transmission times put is 10 times.
Example IV
Corresponding to embodiment two, the present embodiment also provides a kind of client, as shown in figure 4, the client includes:It obtains Unit 41, the first generation unit 42, the second generation unit 43, transmitting element 44;Wherein,
The acquiring unit 41 is used to obtain first network solicited message;Because first network solicited message is in dictionary dict In, client obtains the character string of time parameter first from dictionary dict, for example, the character string of the time parameter can be with For e=14696&method=get-code&mobile=1355408****;Wherein, e, method, mobile are a words The key assignments key of allusion quotation dict;1469, get-code, 1355408**** are the numerical value value of dictionary dict.Wherein, described first Network request information is uniform resource position mark URL.
After the acquiring unit 41 gets first network solicited message, the first generation unit 42 is used for according to described the One network request information generates the second network request information and first interface parameter.
Specifically, referring to Fig. 5, first generation unit 42 includes:First obtain subelement 51, conversion subunit 52, Splice subelement 53 and second and obtain subelement 54;Wherein,
After the first acquisition subelement 51 gets all key assignments key of time parameter character string, according to preset the One ordering rule is ranked up the key assignments key, obtains key assignments array;First ordering rule can utilize OrtedArrayUsingComparator sort methods generate, and are using ortedArrayUsingComparator sort methods A sequential key assignments array array can be generated.Key assignments key in the key assignments array array can be arranged according to ascending order Sequence or according to descending sort, in the present embodiment is ranked up according to ascending order a-z.
After key assignments array is got, the conversion subunit 52 is closed using the mapping between the key assignments and the numerical value The key assignments array is converted to the character string of the numerical value by system, and the splicing subelement 53 is used for the character string of the numerical value Splicing, which is carried out, with server address obtains the second network request information;Described second, which obtains subelement 54, utilizes symmetric cryptography Algorithm obtains the first interface parameter from the second network request information.
Specifically, the conversion subunit 52 takes out first key in key assignments array using objectAtIndex methods Value key1 takes out first numerical value value1, so by first key assignments key1 using mapping relations from dictionary dict First key assignments key1 and first numerical value value1 are spliced into a new character string dictvaluestr1 afterwards;Class according to this It pushes away, all key assignments is converted to the character string of dictvaluestr types, finally by all dictvaluestr types Character string is spliced, and forms the character string of the numerical value.
Then the path of the character string of numerical value and server address parts are spliced to form by the splicing subelement 53 Second network request information Sorturl;Wherein, the second network request information is also a URL in fact, but in described first Network request information is different;The server address includes:Path parts and inquiry string query_string parts.Example Such as, by the character strings such as dictvaluestr1, dictvaluestr2 withhttp:// server address/apiSpliced and formed Second network request information Sorturl.It is describedhttp:// server address/apiThe path portions of as described server address Point.
After the described second acquisition subelement 54 gets the second network request information Sorturl, calculated using symmetric cryptography Method obtains the first interface parameter Token from the second network request information.Wherein, the symmetric encipherment algorithm can be with It is the getNewToken functions in MD5 algorithms.The first interface parameter is the token token values that client is calculated.
Here, after the second acquisition subelement 54 gets the second network request information Sorturl, symmetric cryptography is utilized Algorithm obtains the first interface parameter Token from the second network request information and specifically includes:
The second acquisition subelement 54 parses the second network request information Sorturl, before obtaining server address Half part path parts and the first inquiry string query_string1;
Parameter in the first inquiry string query_string1 is arranged according to preset second ordering rule Then parameter in first inquiry string query_string1 is inserted into "=" and " & " and is encrypted to form institute by sequence in order State the second inquiry string query_string2.Wherein, second ordering rule can be sorted according to title.
4th network request information is generated according to the second inquiry string query_string2;Specifically, word is utilized The mode of symbol string splicing, the first half path parts of stitching server address and the second inquiry string query_string2, And be inserted between path parts and the second inquiry string part query_string2 "" be encrypted, form the 4th network Solicited message urll.
Using symmetry algorithm based on the second polling character query_ in the updated 4th network request information String2 generation summary infos digest;Wherein, first parameter is private key SECRET_ in the summary info digest KEY, second parameter are the 4th network request information url1.Wherein, the symmetry algorithm in the present embodiment is that HMAC_SHA1 is calculated Method.
After getting summary info digest, the summary info digest is encrypted;Specifically, to abstract Information digest carries out base64 coded treatments, and the summary info digest after coded treatment is carried out safe handling, such as will Character "/" in summary info digest is substituted for " _ ";Character "+" is substituted for "-";Certainly, this is that one kind therein is replaced Mode is changed, is not limited herein.
Finally the cleartext information ACCESS_KEY of preset-key and the summary info digest after encryption are spelled Connect, between the summary info digest after the cleartext information and encryption by ":" connection, form the first interface ginseng Number.
After first generation unit 42 generates first interface parameter, the second generation unit 43 is used for according to described second Network request information and first interface parameter generation third network request information;Specifically by first interface parameter Token splicings are worth after the second network request information Sorturl, that is, form the third network request information TokenUrl, wherein, the third network request information is uniform resource locator, and the first network solicited message, institute It states the second network request information and the third network request information is different.
For example, the third network request information TokenUrl=http:// server address/apiE=14696& Method=get-code&mobile=1355408****%%%%%&token=********** * * * * * * * * * *
The transmitting element 44 is used to the third network request information being sent to server so that the server energy Second interface parameter is calculated, and when the determining second interface parameter and described first connect based on the third network request information When mouth parameter is consistent, the verification information is sent to the client.
After the server receives third network request information TokenUrl, by Token keywords to described Three network request information TokenUrl are parsed, and are obtained the value after Token in third network request information TokenUrl, are based on Value after the Token is utilized obtains the same method acquisition second interface parameters of first interface parameter Token with client, and Judge whether the first interface parameter and the second interface parameter are consistent, however, it is determined that the first interface parameter and described When two interface parameters are consistent, the verification information is sent to the client.Here, the second interface parameter is server meter The token token values of calculating obtain first interface parameter Token because server obtains second interface parameter Token1 with client Process it is the same, details are not described herein.
Also, when sending verification information to the client, in order to avoid frequently malice is sent, need according to preset Transmission times is sent.The preset transmission times can be configured according to actual scene, be set in the present embodiment Transmission times is 10 times.
The advantageous effect brought of one or more embodiment provided by the invention is:
The present invention provides it is a kind of send verification information method and system, the method includes:Client obtains first Network request information;Second network request information and first interface parameter are generated according to the first network solicited message;It is described First network solicited message and the second network request information are uniform resource locator, and the first network solicited message It is different from the second network request information;The second network request information and the first interface parameter are subjected to splicing life Into third network request information;The third network request information is sent to server so that the server can be based on institute It states third network request information and calculates second interface parameter, and judge that the first interface parameter is with the second interface parameter It is no consistent, however, it is determined that when the second interface parameter and the consistent first interface parameter, to be tested to described in client transmission Demonstrate,prove information;The first interface parameter is token value with the second interface parameter;In this way, even if user is grabbed using script software It takes and replaces the telephone number in first network solicited message, frequently or aggressively can not send verification to the telephone number Information, also, due to the number for being preset with transmission, even if user at will makes up an effective phone number, ceaselessly carry out Verification information is received, but as long as be more than preset transmission times, will be ignored by server, this reduces malice to retransmit The probability of verification information, and the identifying code for being difficult to recognize without input is verified, and then improves the operation effect of user Rate.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention, it is all All any modification, equivalent and improvement made within the spirit and principles in the present invention etc. should be included in the protection of the present invention Within the scope of.

Claims (10)

  1. A kind of 1. method for sending verification information, which is characterized in that the method includes:
    Client obtains first network solicited message;
    Second network request information and first interface parameter are generated according to the first network solicited message;
    The second network request information and the first interface parameter are subjected to splicing generation third network request information;
    The third network request information is sent to server so that the server, which can be based on the third network request, to be believed Breath calculates second interface parameter, and judges whether the first interface parameter and the second interface parameter are consistent, however, it is determined that institute When stating second interface parameter and the consistent first interface parameter, the verification information is sent to the client;Wherein, it is described First network solicited message, the second network request information and the third network request information are uniform resource locator, And the first network solicited message, the second network request information and the third network request information are different;Described One interface parameters is token value with the second interface parameter.
  2. 2. the method as described in claim 1, which is characterized in that described that second net is generated according to the first network solicited message Network solicited message and first interface parameter, including:
    The time parameter character string in the first network solicited message is obtained from dictionary;
    The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;
    The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;
    The key assignments array is converted to the character string of the numerical value using the mapping relations between the key assignments and the numerical value;
    The character string of the numerical value and server address are subjected to splicing and obtain the second network request information;
    The first interface parameter is obtained from the second network request information using symmetric encipherment algorithm.
  3. 3. method as claimed in claim 2, which is characterized in that described to utilize symmetric encipherment algorithm from second network request The first interface parameter is obtained in information, including:
    The second network request information is parsed, obtains server address and the first inquiry string;
    Parameter in first inquiry string according to preset second ordering rule is ranked up, described second is formed and looks into Ask character string;
    4th network request information is generated according to second inquiry string;
    The 4th network request information, which is based on, using symmetry algorithm generates summary info;
    The summary info is encrypted;
    Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface parameter.
  4. A kind of 4. method for sending verification information, which is characterized in that the method includes:
    Client obtains first network solicited message;
    Second network request information and first interface parameter are generated according to the first network solicited message;By second network Solicited message and the first interface parameter carry out splicing generation third network request information, and the third network request is believed Breath is sent to server;
    Server be based on the third network request information calculate second interface parameter, judge the first interface parameter with it is described Whether second interface parameter is consistent, however, it is determined that when the first interface parameter and the consistent second interface parameter, to the visitor Family end sends the verification information;Wherein,
    The first network solicited message, the second network request information and the third network request information are unified resource Finger URL, and the first network solicited message, the second network request information and the third network request information are different; The first interface parameter is token value with the second interface parameter.
  5. 5. method as claimed in claim 4, which is characterized in that the server sends the verification information to the client When, it is sent according to preset transmission times.
  6. 6. a kind of client, which is characterized in that the client includes:
    Acquiring unit, for obtaining first network solicited message;
    First generation unit, for generating the second network request information and first interface ginseng according to the first network solicited message Number;Second generation unit, for being asked according to the second network request information and first interface parameter generation third network Seek information;
    Transmitting element, for the third network request information to be sent to server so that the server can be based on described Third network request information calculates second interface parameter, and when the determining second interface parameter and the first interface parameter one During cause, the verification information is sent to the client;Wherein, the first network solicited message, second network request Information and the third network request information are uniform resource locator, and the first network solicited message, second net Network solicited message and the third network request information are different;The first interface parameter is token with the second interface parameter Value.
  7. 7. client as claimed in claim 6, which is characterized in that first generation unit includes:
    First obtains subelement, for obtaining the time parameter character string in the first network solicited message from dictionary;
    The key assignments key of the time parameter character string is obtained, each key-value pair answers a numerical value;
    The key assignments is ranked up according to preset first ordering rule, obtains key assignments array;
    Conversion subunit, for the key assignments array to be converted to institute using the mapping relations between the key assignments and the numerical value State the character string of numerical value;
    Splice subelement, second network request is obtained for the character string of the numerical value and server address to be carried out splicing Information;
    Second obtains subelement, is connect for obtaining described first from the second network request information using symmetric encipherment algorithm Mouth parameter.
  8. 8. client as claimed in claim 7, which is characterized in that described second obtains subelement using MD5 algorithms from described The first interface parameter is obtained in second network request information, including:
    The second network request information is parsed, obtains server address and the first inquiry string;
    Parameter in first inquiry string according to preset second ordering rule is ranked up, described second is formed and looks into Ask character string;
    4th network request information is generated according to second inquiry string;
    The 4th network request information, which is based on, using symmetry algorithm generates summary info;
    The summary info is encrypted;
    Summary info after the cleartext information of preset-key and encryption is spliced, forms the first interface parameter.
  9. 9. a kind of system for sending verification information, which is characterized in that the system comprises:
    Client, for obtaining first network solicited message;Second network request is generated according to the first network solicited message Information and first interface parameter;The second network request information and the first interface parameter are subjected to splicing generation third net Network solicited message, and the third network request information is sent to server;Server, please for being based on the third network Information is asked to calculate second interface parameter, judges whether the first interface parameter and the second interface parameter are consistent, however, it is determined that When the first interface parameter and the consistent second interface parameter, the verification information is sent to the client;Wherein, institute State first network solicited message, the second network request information is positioned with the third network request information for unified resource Symbol, and the first network solicited message, the second network request information and the third network request information are different;It is described First interface parameter is token value with the second interface parameter.
  10. 10. system as claimed in claim 9, which is characterized in that the server sends the verification to the client to be believed During breath, sent according to preset transmission times.
CN201611228347.7A 2016-12-27 2016-12-27 Method and system for sending verification information Active CN108243172B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611228347.7A CN108243172B (en) 2016-12-27 2016-12-27 Method and system for sending verification information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611228347.7A CN108243172B (en) 2016-12-27 2016-12-27 Method and system for sending verification information

Publications (2)

Publication Number Publication Date
CN108243172A true CN108243172A (en) 2018-07-03
CN108243172B CN108243172B (en) 2020-08-04

Family

ID=62702639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611228347.7A Active CN108243172B (en) 2016-12-27 2016-12-27 Method and system for sending verification information

Country Status (1)

Country Link
CN (1) CN108243172B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112566121A (en) * 2020-12-09 2021-03-26 北京深思数盾科技股份有限公司 Method for preventing attack, server, electronic equipment and storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101997880A (en) * 2010-12-01 2011-03-30 湖南智源信息网络技术开发有限公司 Method and device for verifying security of network page or interface
CN102868533A (en) * 2012-09-13 2013-01-09 中科华核电技术研究院有限公司 Method and system for verifying resource access authorization
CN103795692A (en) * 2012-10-31 2014-05-14 中国电信股份有限公司 Open authorization method, open authorization system and authentication and authorization server
CN104348849A (en) * 2013-07-25 2015-02-11 腾讯科技(深圳)有限公司 Instant communication key-value data issuing method, server, client and system
US9239912B1 (en) * 2011-12-12 2016-01-19 Google Inc. Method, manufacture, and apparatus for content protection using authentication data
CN105407102A (en) * 2015-12-10 2016-03-16 四川长虹电器股份有限公司 Http request data reliability verification method
CN105703910A (en) * 2016-04-18 2016-06-22 中邮建技术有限公司 Dynamic password verifying method based on Wechat service number
CN105978878A (en) * 2016-05-11 2016-09-28 腾讯科技(深圳)有限公司 Webpage verification method and device
CN106161411A (en) * 2015-04-27 2016-11-23 阿里巴巴集团控股有限公司 A kind of webpage verification using data-hiding technology method and device

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101997880A (en) * 2010-12-01 2011-03-30 湖南智源信息网络技术开发有限公司 Method and device for verifying security of network page or interface
US9239912B1 (en) * 2011-12-12 2016-01-19 Google Inc. Method, manufacture, and apparatus for content protection using authentication data
CN102868533A (en) * 2012-09-13 2013-01-09 中科华核电技术研究院有限公司 Method and system for verifying resource access authorization
CN103795692A (en) * 2012-10-31 2014-05-14 中国电信股份有限公司 Open authorization method, open authorization system and authentication and authorization server
CN104348849A (en) * 2013-07-25 2015-02-11 腾讯科技(深圳)有限公司 Instant communication key-value data issuing method, server, client and system
CN106161411A (en) * 2015-04-27 2016-11-23 阿里巴巴集团控股有限公司 A kind of webpage verification using data-hiding technology method and device
CN105407102A (en) * 2015-12-10 2016-03-16 四川长虹电器股份有限公司 Http request data reliability verification method
CN105703910A (en) * 2016-04-18 2016-06-22 中邮建技术有限公司 Dynamic password verifying method based on Wechat service number
CN105978878A (en) * 2016-05-11 2016-09-28 腾讯科技(深圳)有限公司 Webpage verification method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JOSHUA1830: "防止恶意频繁发送短信验证码", 《HTTP://BLOG.CSDN.NET/JOSHUA1830/ARTICLE/DETAILS/51780768》 *
魏冰,徐震: "基于验证机制的应用层DDoS攻击防御方法", 《计算机工程与设计》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112566121A (en) * 2020-12-09 2021-03-26 北京深思数盾科技股份有限公司 Method for preventing attack, server, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN108243172B (en) 2020-08-04

Similar Documents

Publication Publication Date Title
CN108365961B (en) The response method and server that interface call method and terminal device, interface call
CN103618794B (en) Method, terminal and the server of automated log on
US10073916B2 (en) Method and system for facilitating terminal identifiers
CN105391695B (en) A kind of terminal registration method and method of calibration
CN105554037B (en) Authentication processing method and service platform
CN103155513B (en) Accelerate the method and apparatus of certification
CN104468531B (en) The authorization method of sensitive data, device and system
CN107147644B (en) Method for realizing login of mobile APP user in single device
WO2018018697A1 (en) Method and system for identifying spam message from false base station
CN110291757A (en) For providing the method for simplified account register service, user authentication service and utilizing its certificate server
CN103607284B (en) Identity authentication method and equipment and server
CN110521182B (en) Method and system for protocol level identity mapping
CN107801229A (en) Smart home is with network method, terminal, equipment and the device with store function
US11997188B2 (en) Method and system for HTTP session management using hash chains
CN105119722A (en) Identity verification method, equipment and system
CN105490997B (en) Safe checking method, device, terminal and server
CN109688098A (en) Safety communicating method, device, equipment and the computer readable storage medium of data
CN102946384A (en) User authentication method and device
CN111404695B (en) Token request verification method and device
CN105162604A (en) Feature image identification based verification method and system, and verification server
CN104821882A (en) Network security verification method based on voice biometric features
CN108174360A (en) A kind of note transmission method and device, short-message verification method and device
CN109525949A (en) Register method and device, storage medium, server, user terminal
CN110233850A (en) Register method, application server, user terminal and system based on alliance's chain
CN108243172A (en) A kind of method and system for sending verification information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant