CN108733991B

CN108733991B - Webpage application access method and device and storage medium

Info

Publication number: CN108733991B
Application number: CN201710258512.1A
Authority: CN
Inventors: 金刚铭; 裴伟
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2017-04-19
Filing date: 2017-04-19
Publication date: 2021-04-06
Anticipated expiration: 2037-04-19
Also published as: CN108733991A

Abstract

The invention discloses a method and a device for accessing a webpage application and a storage medium; the method comprises the following steps: running a webpage application corresponding to an application account of a public platform in a browser, and simulating a host environment running in a social network client for the webpage application in the browser; calling a social network client to load an authorization webpage returned by a social network background, and acquiring an authorization code returned by the social network background; acquiring identity information of a user in the social network from a social network background through an application account background based on the authorization code, redirecting the webpage application to a callback page and logging in with the identity information; the method comprises the steps of loading an interface packaged with a terminal function and a social network client function in a webpage application, using the terminal function and/or the social network client function in a mode of calling the interface, and loading a processing result called by the interface in the webpage application. By implementing the method and the device, the webpage authorization can be realized by accessing the webpage application in the browser, and the business of the webpage application can be realized.

Description

Webpage application access method and device and storage medium

Technical Field

The invention relates to the internet technology, in particular to a method and a device for accessing a webpage application and a storage medium.

Background

The WeChat public platform is connected with WeChat users and public number operating users through public numbers, and the public number operating users mainly provide services for the WeChat users through public number message conversation and public number intranet pages.

In the case of a public number messaging session, which exists as a contact of a WeChat user, messaging sessions are the basis for the public number to interact with the user. At present, the public numbers mainly comprise: 1) the message service includes several kinds of message services, namely, group sending message, 2) passive reply message, 3) customer service message and 4) template message, which are respectively used for different scenes.

Many complex business scenarios need to provide corresponding services through applications (public number web page applications) in the form of web pages accessed in public numbers, and then:

1) the method comprises the following steps of webpage authorization, wherein public number webpage application can acquire identity information of a user through authorization of public number webpage application so as to log in with the identity information of the user;

2) the WeChat JS-SDK is packaged with a series of interfaces corresponding to the terminal function and the WeChat client function, and the public number webpage application can call various interfaces corresponding to the terminal function and the WeChat client function in the JS _ SDK in a mode of loading the WeChat JS _ SDK in a webpage, so that the purpose of realizing the service of the public number webpage application by using various functions is achieved, such as recording and playing WeChat voice, monitoring WeChat sharing, uploading a local picture of a mobile phone, taking a picture and the like.

At present, a WeChat background only supports the public number webpage application for accessing the public number in a mode of a WeChat client, and for the more common mode for accessing the public number webpage application, namely browser client access, a universal and efficient scheme for supporting the access and the use of the public number webpage application in a browser is lacked in the related technology.

Disclosure of Invention

The embodiment of the invention provides a webpage application access method, a webpage application access device and a storage medium, which can access a webpage application corresponding to a public platform in a browser.

The technical scheme of the embodiment of the invention is realized as follows:

in a first aspect, an embodiment of the present invention provides a method for accessing a web application, including:

running a webpage application corresponding to an application account of a public platform in a browser, and simulating a host environment running in a social network client for the webpage application in the browser;

a webpage authorization request is sent to a social network background aiming at the webpage application, a social network client is called to load an authorization webpage returned by the social network background, and after the authorization webpage acquires the authorization operation of the identity information of the open user in the social network, an authorization code returned by the social network background is acquired;

acquiring the identity information of the user in the social network from the social network background through an application account background based on the authorization code, redirecting the webpage application to a callback page and logging in with the identity information;

loading an interface packaged with a terminal function and a social network client function in the webpage application, using the terminal function and/or the social network client function by calling the interface, and loading a processing result called by the interface in the webpage application.

In a second aspect, an embodiment of the present invention provides a web application access apparatus, including:

the environment simulation unit is used for running a webpage application corresponding to an application account in a public platform in a browser and simulating a host environment running in a social network client for the webpage application in the browser;

the webpage authorization unit is used for initiating a webpage authorization request to a social network background aiming at the webpage application, calling a social network client to load an authorization webpage returned by the social network background, and acquiring an authorization code returned by the social network background after the authorization webpage acquires authorization;

the identity information unit is used for acquiring the identity information of the user in the social network from the social network background based on the authorization code, redirecting the webpage application to a callback page and logging in with the identity information;

the interface calling unit is used for initiating a webpage authorization request to a social network background aiming at the webpage application, calling a social network client to load an authorization webpage returned by the social network background, and acquiring an authorization code returned by the social network background after the authorization webpage acquires the authorization operation of the open user on the identity information of the social network.

In a third aspect, an embodiment of the present invention provides a web application access apparatus, including a processor and a memory, where the memory is used for storing an executable program; and the processor is used for realizing the webpage application access method provided by the embodiment of the invention when the executable program stored in the memory is executed.

In a fourth aspect, an embodiment of the present invention provides a readable storage medium, which stores an executable program, and when the executable program is executed by a processor, the executable program implements the web application access method provided in the embodiment of the present invention.

The embodiment of the invention has the following beneficial effects:

1) the browser enables the webpage application to detect the host environment running in the social network client side by simulating the host environment of the social network client side (such as a WeChat client side), deceives the webpage application, and even if the host environment is the browser, the webpage authorization can be successfully initiated for the webpage application;

2) through the social network client and the application account background, the effect of transparent transmission is realized between the webpage application operated by the browser and the social network background, in the processing process of webpage authorization and interface calling, on one hand, whether the host environment is the browser or the social network client is not required to be distinguished for the webpage application, the execution efficiency is high, on the other hand, the webpage application developers are not required to respectively develop the webpage application aiming at different host environments, and the expenses of webpage application development and maintenance are saved;

3) because the webpage application always detects that the webpage application is in the host environment of the social network client, the terminal function and/or the social network client function can be used by calling the same socket, and the host environment of the browser and the social network client is adapted, so that the webpage application can be logged in and used through the social network client, and the webpage application can also be logged in and used through the browser.

Drawings

Fig. 1-1 is an alternative topology schematic diagram of logging in a wechat environment to a public number web application in a wechat identity and supporting the wechat web application to implement a service of the wechat web application by calling various interfaces in a wechat JS _ SDK according to an embodiment of the present invention;

fig. 1-2 is an optional flowchart illustrating that the wechat environment logs in the wechat web application in the wechat identity, and supports the wechat web application to implement the service of the wechat web application by calling various interfaces in the wechat JS _ SDK according to an embodiment of the present invention;

fig. 1-3 are schematic diagrams of alternative processes for invoking various interfaces of the wechat JS-SDK by a public number web application according to an embodiment of the present invention, so as to implement a service using at least one of a terminal function and a wechat client function;

FIGS. 1-4 are schematic diagrams of system architectures for accessing web pages of a public web application in two host environments, a docking browser environment and a wechat environment, according to embodiments of the present invention;

fig. 1 to 5 are schematic diagrams of alternative processes for invoking various interfaces of a browser JS-SDK by a public web application according to an embodiment of the present invention, so as to implement a service using at least one of a terminal function and a wechat client function;

FIG. 2-1 is a schematic diagram of an alternative display for popping up an authorized web page when accessing a public address web page application in a wechat client according to an embodiment of the present invention;

FIG. 2-2 is an alternative display diagram illustrating a processing result of initiating an OAuth2.0 web page authorization request in a browser according to an embodiment of the present invention;

2-3 are schematic diagrams of alternative displays of an H5 webpage for accessing a public Web application in a browser according to an embodiment of the present invention;

2-4 are schematic diagrams of alternative displays of an authorized web page popped up when accessing a public web application in a browser according to an embodiment of the present invention;

2-5 are schematic diagrams of alternative displays for accessing an H5 web page of a public Web application in a browser for payment according to an embodiment of the present invention;

fig. 3 is an optional flowchart illustrating that the application logs in the public web application with a WeChat identity in a browser environment and supports the public web application to implement the service of the public web application by calling various interfaces in the browser JS _ SDK according to an embodiment of the present invention;

fig. 4 is a schematic diagram of an alternative software/hardware structure of a web application access device according to an embodiment of the present invention;

fig. 5 is a schematic diagram of an alternative functional structure of the apparatus for accessing a web application, applied to a user terminal according to an embodiment of the present invention.

Detailed Description

The present invention will be described in further detail below with reference to the accompanying drawings and examples. It should be understood that the examples provided herein are merely illustrative of the present invention and are not intended to limit the present invention. In addition, the following embodiments are provided as some embodiments for implementing the invention, not all embodiments for implementing the invention, and those skilled in the art will not make creative efforts to recombine technical solutions of the following embodiments and other embodiments based on implementing the invention all belong to the protection scope of the invention.

It should be noted that, in the embodiments of the present invention, the terms "comprises", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion, so that a method or apparatus including a series of elements includes not only the explicitly recited elements but also other elements not explicitly listed or inherent to the method or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other related elements in a method or apparatus that comprises the element (e.g., steps in a method or elements in an apparatus).

For example, the web application access method provided by the embodiment of the present invention includes a series of steps, but the web application access method provided by the embodiment of the present invention is not limited to the described steps, and similarly, the web application access apparatus provided by the embodiment of the present invention includes a series of units, but the apparatus provided by the embodiment of the present invention is not limited to include the explicitly described units, and may also include units that are required to be set for acquiring related information or performing processing based on the information.

Before further detailed description of the present invention, the terms and expressions provided in the embodiments of the present invention are described, and the terms and expressions provided in the embodiments of the present invention are applicable to the following explanations.

1) Public platforms (e.g., wechat public platforms) that provide interfacing users of (wechat) social networks with businesses, utilities, and non-government organizations, etc., where business utilities and non-government organizations, etc., are differentiated by public numbers, and that provide self-media functions and marketing functions (members, pushes, payments, activities, roll-ups, shares, business cards, etc.).

2) The application account number of the application accessed on the public platform by developers, enterprises, public institutions and non-government organizations may include:

the public number is an application account applied by a developer or a merchant on a public platform, and can realize all-around communication and interaction with characters, pictures, voice and videos of a user on the public platform through the application account, and can be classified into a service number and a subscription number in function.

The service number is an account type of a public platform, serves as a contact in a social network client (such as a WeChat client) of a user, and is used for pushing information to the user and providing services such as consultation, purchase and the like.

The subscription number is an account type of a public platform, is used as a contact in a social network client of a user, and pushes information and information to the user.

3) The web application, that is, the application realized based on the web accessed by the application account in the public platform, corresponds to the application account of the public platform, for example, the public application in the wechat public platform.

The application account webpage application refers to a third party application, such as a micro mall, a micro community, a micro official network and the like, which is accessed in an application account webpage by an application account operation user in order to extend the functions of a public platform (such as a WeChat public platform) and to realize specific services (such as design, development and marketing) of the application account. The application account webpage application is a webpage-based application (WEB APP) developed based on hypertext Markup Language (HTML) 5, Cascading Style Sheets (CSS3, screening Style Sheets) and JavaScript, and runs in a form of a webpage in a wechat client or browser, for example, a public number webpage application based on HTML5, also referred to as H5 APP.

4) And (2) webpage authorization, wherein when a client such as a WeChat client and a browser accesses a public webpage application, the public webpage application of the public number acquires the identity information of the user in the social network through the OAuth2.0 protocol support, and logs in the public webpage application by the identity information of the user (such as WeChat identity information in the WeChat social network).

5) The oauth2.0 protocol, a version of the internet standard protocol, allows access to the identity information of a wechat user in a web page of a wechat web application without requiring the wechat user to provide the wechat account with a username and password to the wechat web application, which may require explicit authorization to the user before accessing the identity information of the wechat user, or may be silent (without requiring manual authorization by the user), with the identity information obtained being differentiated depending on the manner of authorization.

A Software Development Kit (JS-SDK) implemented using JavaScript is packaged with a series of application program interfaces (hereinafter also referred to simply as interfaces).

Taking JS-SDK (micro-trusted JS-SDK) injected in a micro-trusted client as an example, the micro-trusted JS-SDK authorizes a user to log in a public number webpage application by the micro-trusted identity of the user, the micro-trusted JS-SDK comprises a series of JavaScript-based application Program interfaces (JSAPI, JavaScript Program Interface, hereinafter, the Interface is JSAPI if no special explanation Interface is provided), the interfaces are packages of calling methods of functions of the micro-trusted client and terminal functions, the public number webpage application uses terminal functions (terminals running the micro-trusted client) such as photographing, picture selection, voice, position and the like in a mode of calling the interfaces, and the basic open function of the public number webpage application is realized by using micro-trusted client functions such as sharing, scanning, card coupon, payment and the like.

6) The host environment: a trusted client or a browser's hosting environment.

7) A User Agent (UA), which is a special string header, enables a server to identify an operating system and version, a Central Processing Unit (CPU) type, a browser and version, a browser rendering engine, a browser language, and a browser plug-in used by a User, thereby determining whether the User browses using a computer or a mobile phone, and making a web page automatically adapted.

The following description will be given by taking a social network client as a wechat client and a public platform as a wechat public platform as an example, but should not be construed as limiting the application scenario of the embodiment of the present invention, and those skilled in the art can easily implement the method on other types of public platforms according to the following understanding.

When a wechat client accesses a public web application, there is a typical scenario as follows: the wechat client needs to support that the user authorizes the public number web page application to log in by using the wechat identity of the user under the condition that the wechat account information (wechat account and password) is not input, and support that the wechat web page application realizes various services of the wechat web page application by calling various interfaces (JSAPI) in the wechat JS _ SDK.

Referring to fig. 1-1, fig. 1-1 is a schematic diagram of an alternative topology for logging in a wechat environment (in a wechat client) to a public number WEB application in a wechat identity and supporting the public number WEB application to implement a service of the public number WEB application by calling various interfaces (i.e., JSAPI) in a wechat JS _ SDK according to an embodiment of the present invention, where a wechat backend provides a wechat basic service support such as instant messaging and friend circles (friend circles are used to show friend dynamics) to the wechat client, and also serves as an entity for deploying a wechat public platform, opens and registers public numbers to enterprises, business units, various organizations, individuals, and the like, and when a user accesses the wechat WEB application (i.e., WEB APP) through the wechat client, the wechat WEB application obtains authorization by loading an authorization WEB page, and logs in the background of the wechat WEB application in the wechat environment of the wechat client, and calling various interfaces in the WeChat JS _ SDK to realize the service.

The following describes the web page authorization and interface call based on fig. 1-1 with reference to fig. 1-2, and several parts of the signature preparation, the web page authorization, the signature verification and the interface call are involved in fig. 1-2, including steps 101 to 104, which are described below.

Step 101, a public number background performs signature preparation for public number webpage application to generate a signature.

The wechat background maintains a list of allowed interfaces for different public number web page applications, when a wechat client accesses the public number web page applications and the public number web page applications need to call the interfaces, the wechat background needs to verify whether the interfaces have the calling authority according to signatures held by the public number web page applications, and therefore signatures corresponding to the public number web page applications need to be generated in advance and distributed to the public number web page applications.

The public number is checked and passed in the WeChat background in advance, an identification (appID) of the public number webpage application and a key (appSecret) of the public number webpage application are obtained, and meanwhile, the address of a callback page of the public number webpage application is also configured in the WeChat background in advance.

Specifically, the public number background requests a token (access _ token) from the WeChat background using an identification of the public number Web application (appID) and a key of the public number (appSecret), and one example of a request using an encrypted Hypertext Transfer Protocol (HTTPS) is:

HTTP request mode: GET (GET tool)

https://api.weixin..com/cgi-bin/tokengrant_type＝client_credential&appid＝APP ID&secret＝APPSECRET

After the WeChat background verifies that the application of the public number webpage is legal based on the secret key (appsecret), the WeChat background generates and issues a token (access _ token) which can be used for acquiring a temporary ticket (jsapi _ ticket) from the WeChat background, the token (access _ token) generated each time is different, for example, the WeChat background returns the token (access _ token) and a corresponding validity period (expires _ in) in a mode of JavaScript Object Notation (JSON, JavaScript Object notification) data packet, and an example of the JSON data packet is as follows:

{"access_token":"ACCESS_TOKEN","expires_in":7200}

the token (access _ token) has a certain validity period (such as 7200 seconds), and when the token is overtime, the WeChat background sends an update token (refresh _ token) to the public number background.

The method comprises the steps that a public account background requests a Jsapi _ ticket of JAPI from a WeChat background in a mode of sending an HTTP GET request carrying a token (access _ token), the frequent refreshing of the temporary ticket (JSAPI _ ticket) can cause the load abnormality of the WeChat background to influence services due to the fact that the frequency of interface calling for obtaining the temporary ticket (JSAPI _ ticket) of the WeChat background is very limited, and the public account background can locally and globally cache the temporary ticket (JSAPI _ ticket) to avoid frequent refreshing.

For background generation of signatures (signatures) for public numbers, for example, the signatures use the following parameters: a random string (noncestr), a temporary ticket (jsapi _ ticket), a timestamp (timestamp), a Uniform resource identifier (URL) of a web page for which a public web application needs to call an interface.

After all the parameters to be signed are sorted from small to large according to the ASCII code of the field name (lexicographical order), the URL key value pair format (i.e. key1 value1& key2 value2 …) is used for splicing into a character string and carrying out encryption calculation to form a signature.

And 102, requesting webpage authorization based on OAuth2.0 by the public number webpage application, acquiring the identity information of the user, redirecting to a callback page and logging in by the identity information of the user.

According to different authorization scope (scope) of the initiated webpage authorization request, the public number webpage application can acquire an identifier (openID) of the user in the public number webpage application, and in addition, the identity information of the user can be further acquired.

1) The webpage authorization request takes the snsapi _ base as an authorization scope, and the public number webpage application can log in based on the acquired identifier (openID) of the user in the public number webpage application.

The method comprises the steps that a web page authorization request based on OAuth2.0 is sent to a WeChat background by a WeChat client side by a public number web page application, the WeChat background redirects the public number web page application to an authorization web page, a silent authorization mode is adopted in the authorization web page, the WeChat background is informed of obtaining authorization without the operation of confirming authorization by a user, and the public number web page application obtains an authorization code (code) returned by the WeChat background.

An example of the public number web application using the HTTPS request is as follows, where the public number web application requests a token (access _ token, here a token different from the token of step 101) available for obtaining user identity information from the wechat background via the public number background using an authorization code (code) as a ticket to exchange the token (access _ token) for the wechat background:

HTTP request mode: GET (GET tool)

https://api.weixin..com/sns/oauth2/access_token？appid＝APPID&secret＝SECRE T&code＝CODE&grant_type＝authorization_code

The token (access token) has a certain validity period (e.g., 7200 seconds), and when the token expires, the WeChat background sends an update token (refresh token) to the public number webpage application.

After the public number background acquires the token (access _ token) returned by the WeChat background, the public number background acquires the identifier (openID) of the user (in the public number webpage application) from the WeChat background by using the token (access _ token), wherein the identifier (openID) of the user is generated by the WeChat background and is used for distinguishing the user in the same public number webpage application and is different from the WeChat ID of the user.

The public number background realizes login with the user identification (openID) in the callback page by a redirection instruction, such as a temporary transfer (temporal Moved) instruction, namely a 302redirect instruction, in which the public number web application is instructed to redirect from the authorization web page to the callback page, and the user identification (openID) is added to the cookie of the callback page.

2) The webpage authorization request takes snsapi _ userinfo as an authorization scope, and the public number can log in the identity information of the user.

The method comprises the steps that a web page authorization request based on OAuth2.0 is sent to a WeChat background by a WeChat client side by a public number web page application, an identifier (appID) of the public number web page application and a key (appmatch) of the public number web page application are carried in the request, the WeChat background verifies whether the public number web page application is legal or not (for example, whether the public number web page application is configured in the WeChat background in advance or not) and redirects the public number web page application to an authorization web page after verification is successful.

Referring to fig. 2-1, fig. 2-1 is an optional display diagram of popping up an authorization web page when accessing a public number web page application in a wechat client according to an embodiment of the present invention, where when a user confirms authorization in the authorization web page, the wechat background is notified by the public number web page application to obtain authorization, and then an authorization code (code) returned by the wechat background is obtained, where the authorization code (code) is used for the wechat background to exchange a token (access _ token, where the token is different from the token in step 101) for obtaining identity information of the user.

Since the web page authorization initiated by the public number web page application takes snsapi _ userinfo as an authorization scope, after the public number background acquires the token (access _ token), the token (access _ token-) can be continuously used to request the identity information of the user from the WeChat background, and an example of requesting the identity information of the user by using HTTPS is as follows:

HTTP request mode: GET (GET tool)

https://api.weixin..com/sns/userinfoaccess_token＝ACCESS_TOKEN&openid＝OPENID&lang＝zh_CN

The identity information of the user comprises nicknames, head portraits, sexes and other information which represent the WeChat identity of the user, the WeChat background indicates that the WeChat webpage application is redirected from an authorized webpage to a callback page (such as a webpage related to services in the WeChat) through a redirection instruction, namely a 302redirect instruction, based on the identity information of the user, and the cookie of the callback page is added with the identity information of the user, so that the user can be logged in the WeChat identity of the user.

Similarly, the token (access _ token) has a certain validity period, and when the token (access _ token) is overtime, the WeChat background sends an update token (refresh _ token) to the public number background.

And 103, verifying the interface call by the public number webpage application by using the signature.

In order to enable the public number webpage application to call an interface of the WeChat JS _ SDK in a webpage (a callback page and a subsequently-jumped webpage) to realize a service, a file of the WeChat JS _ SDK which conforms to the WeChat JS _ SDK technical specification is injected into the webpage of the public number webpage application, and the file of the WeChat JS _ SDK is loaded and cached in a terminal by using a standard Module loading method such as Asynchronous Module Definition (AMD) and Common Module Definition (CMD).

In addition, before requesting the calling interface from the WeChat client, the signature generated in advance for the public number webpage application is also requested from the WeChat background, and the signature returned by the WeChat background, the identifier (appID) of the public number webpage application and the temporary ticket (jsapi _ ticket) are received.

When a webpage in the public number webpage application needs to realize a service by using at least one of a terminal function and a WeChat client function in the webpage, aiming at an interface list needing to be called for realizing the service, whether the calling authority of the interface list is available is verified by calling a verification interface opened by a WeChat background, and the processing when the verification interface is called comprises the following steps:

requesting a wechat background to verify a signature (signature) held by a public number webpage application, an interface list required to be called and an identifier (appID) of the public number webpage application through a wechat client, verifying the signature based on the identifier (appID) of the public number webpage application by the wechat background, verifying whether the signature has a calling authority of an interface in the interface list, and acquiring a verification result aiming at the signature and the interface list returned by the wechat background (the wechat background returns through a callback called by the interface), for example, when the verification result is acquired, indicating that the wechat webpage application can subsequently call a corresponding interface.

And step 104, calling various interfaces in the WeChat JS-SDK by the application of the public number webpage to realize services.

The token (access _ token) is a global interface invocation credential of the public number web application, the public number web application needs to use when invoking each interface of the WeChat JS _ SDK, the public number web application can use the identification (appID) and the key (appexecute) of the public number web application to obtain the token (access _ token, a token different from the previous steps) for invoking the interface from the WeChat background, and an example of the token (access _ token) is requested by using an HTTPS protocol is as follows:

HTTP request mode: GET (GET tool)

In order to avoid the influence on the service caused by frequent request of the token (access _ token), the token (access _ token) can be cached at the terminal side, the WeChat background specifies a limited validity period for the token (access _ token), and the last obtained token (access _ token) is caused to be invalid when the public number webpage application acquires the update token (refresh _ token) from the WeChat background.

The method comprises the steps that a public number webpage application initiates a request (for example, an HTTP request mode can still be used) for calling various interfaces in the WeChat JS-SDK, a token (access _ token) and an identifier (appID) of the public number webpage application are carried in the request, a WeChat client identifies calling of different public number webpage applications for the interfaces based on the identifier (appID) of the public number webpage application, a processing result of the interface calling is returned in a callback mode, and the services are realized by the public number webpage application by utilizing the processing result returned by the WeChat client.

Part of interfaces (such as a geographical position interface and an equipment information interface) in the WeChat JS _ SDK are only related to terminal functions, and when the interfaces are called, the WeChat client acquires a processing result of the corresponding function for the interface calling from an operating system layer of the terminal and returns the processing result to the public number webpage application; part of interfaces (such as an image interface, a wechat sharing interface and a wechat payment interface) in the wechat JS _ SDK are related to functions of the wechat client, when the interfaces are called, the wechat background participates in processing, and the wechat client acquires a processing result returned by the wechat background (returned in a callback mode) and returns the processing result to the public number webpage application.

Specifically, referring to fig. 1 to 3, fig. 1 to 3 are schematic diagrams of an alternative process in which a public web page application calls various interfaces (JSAPI) of a wechat JS-SDK, so as to implement a service using at least one of a terminal function and a wechat client function, where the process includes the following interfaces:

1) the payment interface (also referred to herein as the WeChat payment interface), when invoked, is: the WeChat client side sends a request of WeChat payment to the WeChat background, obtains the result of the WeChat payment and returns the result to the public number webpage application. For example, may be used to support a business in which a user orders goods for purchase in a web application.

2) The geographic location interface, when invoked, processes as: the WeChat client acquires the geographic position of the user from the operating system layer of the terminal, and the information such as the geographic position of a store nearest to the user, the coupon and the like can be preferentially loaded by the public number webpage application.

3) The device information interface (not shown in the figure), the processing when called is: the WeChat client acquires equipment information of a user from an operating system layer of the terminal, for example, when the user accesses an H5 webpage of a public number webpage application of a merchant through the WeChat client, a public number background dynamically switches the version of the webpage in the public number webpage application in a networking mode of user equipment, for example, an H5 webpage with a high-definition effect is loaded in a wireless compatibility authentication (WiFi) networking mode, and an H5 webpage with a part of webpage elements omitted is loaded in a 2G networking mode, so that delay of the webpage is avoided.

4) The sharing interface (also referred to herein as a WeChat sharing interface), when invoked, performs the following processes: the WeChat client shares the content (e.g., orders, commodities) of the H5 webpage with a social network (e.g., WeChat friends, WeChat friend circles, etc.) via the WeChat back office.

5) The image interface, the processing when called is: the WeChat client uses the camera function of the terminal to take pictures, select photos from an album, upload, download and preview the pictures.

6) And the audio interface is used for processing when being called as follows: and in the process of accessing the H5 webpage, the WeChat client calls an audio function provided by the operating system layer to record and play voice, and can perform voice communication with public customer service in the H5 webpage through an audio interface.

7) Scanning a scanning interface, wherein the processing when being called is as follows: scanning the graphic code and returning the identification result to the public number webpage application.

8) The intelligent interface is used for processing when being called as follows: the audio is recognized and the recognition result is returned to the public number web page application.

9) And the card and ticket interface is used for processing when being called as follows: and calling up the card ticket of the current H5 webpage access store, or realizing the card ticket already added in the card package of the WeChat client, or adding the card ticket into the card package of the WeChat client.

The above interfaces are only examples, and the JS _ SDK is slightly trusted according to the requirements of the actual service scenario, and other interfaces, such as a user management interface, a message sending interface, and the like, are also included in the JS _ SDK.

As can be seen from fig. 1 to 3, the public number web application calls various interfaces of the wechat JS-SDK in the web page to use various functions of the wechat client and the terminal, thereby implementing related services. For example, the H5 web page of the public number web application is accessed in the wechat client, the wechat web application initiates a web page authorization request based on oauth2.0 to the wechat background through the wechat client to obtain authorization, logs in with the wechat identity of the user, and the wechat web application calls a wechat payment interface in the web page to pay for the goods ordered in the wechat web application.

The browser is a tool for widely using access web pages, a user has a need for accessing a public number web page application by using the browser, and based on the above scheme for accessing the public number web page application in the wechat client and calling an interface to implement a service, if it is desired to log in with the wechat identity of the user when accessing the public number web page application in the browser, and to implement a service by using a terminal function and a wechat client function, there are the following problems:

1) public web applications cannot load web pages in a browser because they cannot obtain authorization.

Referring to fig. 2-2, fig. 2-2 is an optional display schematic diagram of a processing result of initiating an oauth2.0 web page authorization request in a browser according to an embodiment of the present invention, where when the browser accesses a page that needs web page authorization in a public number web page application, the browser initiates an oauth 2.0-based web page authorization request to a wechat background, and since a security policy of the wechat background does not allow to respond to the oauth2.0 web page authorization request from the browser, it is prompted that the oauth2.0 web page authorization request of the user fails, and the user needs to initiate the oauth2.0 web page authorization request in the wechat client.

2) After a browser is loaded, a page of the public number web page application cannot acquire the WeChat identity of a user, and further cannot automatically log in with the WeChat identity of the user.

Referring to fig. 2-3, fig. 2-3 are schematic diagrams illustrating an alternative display of an H5 web page for accessing a public web application in a browser according to an embodiment of the present invention, where a security policy of a wechat background allows a response to an oauth 2.0-based web page authorization request from a non-wechat client when the browser accesses an H5 web page for accessing a public web application, the public web application cannot log in the public web background because of failing to acquire a wechat identity of a user, and still needs the user to access the public web application in the wechat client for logging in.

3) Pages of the public number web application cannot be automatically logged in the browser with the user's WeChat identity.

Referring to fig. 2 to 4, fig. 2 to 4 are schematic diagrams illustrating an optional display of an authorization web page popped up when accessing a public number web page application in a browser according to an embodiment of the present invention, even if the public number web page application does not obtain the WeChat identity of the user, the user needs to manually register/input an account of the public number web page application for login, which relates to manual registration/login of the user, and the continuity of the public number web page application in the browser of the user cannot be ensured.

4) After the page of the public number web page application is loaded in the browser, the business can not be realized by using the WeChat client function and the terminal function.

Referring to fig. 2 to 5 again, fig. 2 to 5 are schematic diagrams illustrating an optional display for paying by accessing an H5 web page of a plmn application in a browser according to an embodiment of the present invention, where even if the plmn application can log in a browser environment, the plmn application cannot use a wechat client function and a terminal function by calling an interface because the browser does not support the technical specification of the wechat JS _ SDK, and thus cannot implement a service for implementing the plmn application.

In view of the above problems, as a first solution, referring to fig. 1 to 4, fig. 1 to 4 are schematic diagrams of system architectures for accessing a web page of a public web application in two host environments, namely a docking browser environment and a wechat environment, provided by an embodiment of the present invention, and a developer of the public web application respectively develops the public web application and a web page background service (for correspondingly issuing web page data to a wechat client/browser) in view of the browser environment and the wechat environment, correspondingly docks with the browser and the wechat client, and respectively executes the following processes.

1) When the WeChat client accesses the public number webpage application, the webpage of the public number webpage application developed aiming at the WeChat environment is loaded in the WeChat client, and the WeChat webpage application calls an interface of the WeChat JS-SDK to use various functions of the WeChat client and the terminal to realize services.

2) When the browser accesses the public number webpage application, a webpage of the public number webpage application developed aiming at the browser environment is loaded on the browser, and the public number webpage application realizes a service by using the functions of the WeChat client and the terminal through the interface of the WeChat JS _ SDK.

In the above scheme, in order to ensure that the wechat client and the browser can normally access and perform web authorization and call an interface in a web page to implement a service when accessing a web page of a public number web application, for a developer of the public number web application, the public number web application and web page background service interfacing the browser and the wechat need to be developed, and subsequently, the maintenance and the upgrade need to be performed on the public number web application and web page background service in different host environments.

To solve the above problem, as another solution, referring to fig. 3, fig. 3 is a schematic diagram of an optional process for logging in a public web application with a WeChat identity in a browser environment and supporting the public web application to implement a business of the public web application by calling various interfaces (JSAPI), which mainly relates to the following aspects:

1) if the address of the webpage currently accessed by the browser is detected to be in the webpage white list, the browser UA is set to be the UA of the WeChat client, and the host environment of the WeChat client is realized by simulating the UA of the WeChat client, so that the public number webpage application is mistakenly considered to be operated in the host environment of the WeChat client, the public number webpage application is deceived, and webpage authorization of OAuth2.0 can be smoothly initiated.

2) Aiming at the condition that the permission control is carried out on the OAuth 2.0-based webpage authorization request initiated by the non-WeChat client by the WeChat background, the browser is arranged in a client white list (comprising the WeChat client and the browser client) of the webpage which is allowed to be accessed by the WeChat background, so that when the browser accesses the public number webpage application, the OAuth 2.0-based webpage authorization request is initiated to the WeChat background, and the response of the WeChat background can be obtained.

3) The method includes that a browser injects a browser JS _ SDK file meeting WeChat JS _ SDK technical specifications into a webpage (a webpage needing interface calling) applied by a public number webpage, the function of an interface in the browser JS-SDK is consistent with the function of the interface in the WeChat JS _ SDK, and the calling method of the interface in the WeChat JS _ SDK is the same as the calling method of the interface in the browser JS-SDK.

Therefore, for a developer of the application of the public number web page, the interface for realizing the corresponding function is only required to be called according to the service which needs to be realized currently, and because the processing logic for calling the interface is consistent, the host environment of the public number web page does not need to be distinguished, namely, the interface in the WeChat JS _ SDK or the interface in the browser JS _ SDK is not required to be distinguished when the interface is called, so that the interface calling logic for the application of the public number web page in different host environments is simplified.

The host environment does not need to be distinguished by the public number webpage application when the interface is called, various functions of the WeChat client and the terminal can be easily used by calling the interface, and the WeChat client functions and terminal functions such as webpage authorization and WeChat payment of the user identity are communicated in the browser, so that the host environment consistent with that in WeChat is provided for the operation of the public number H5 webpage in the mobile phone browser, and the user experience of accessing the public number webpage application in the browser is ensured to be consistent with the experience of accessing the public number webpage application through the WeChat client.

Next, an exemplary description is given to the browser JS _ SDK, referring to fig. 1 to 5, where fig. 1 to 5 are schematic diagrams of optional processing in which the public web page application provided in the embodiment of the present invention calls various interfaces (JSAPI) of the browser JS _ SDK, so as to implement a service using at least one of a terminal function and a wechat client function, where the browser JS _ SDK includes the following types of interfaces:

1) the terminal function is realized by the native function provided by the terminal operating system layer, and when the interfaces are called, the browser acquires the processing result from the terminal operating system layer and returns the processing result to the public number webpage application.

2) The method comprises the steps that a part of interfaces (security interfaces) corresponding to functions of a WeChat client side, such as a WeChat sharing interface, a WeChat payment interface and the like, relate to user information security, when a public number webpage application calls the interfaces, a WeChat client side is called by a browser, after a user confirms operation (confirms sharing/payment) at the WeChat client side, a processing result is formed through cooperative processing of the WeChat client side and the WeChat background, and the processing result is returned to the public number webpage application through the browser background and the browser.

3) The other part of interfaces corresponding to the functions of the wechat client, such as an image interface, an audio interface, an intelligent interface and the like, do not pose a threat to the information security of the user, and do not need to call the wechat client (so that the wechat client is in a foreground running state) to enable the user to confirm the operation.

Fig. 3 is a schematic view of an optional process for logging in a public number web application in a browser environment with a wechat identity and supporting the public number web application to implement a service of the public number web application by calling various interfaces in the browser JS _ SDK according to an embodiment of the present invention; in fig. 3, several parts relating to signature preparation, web page authorization, signature verification and interface invocation are respectively illustrated through steps 201 to 204.

Step 201, the public number background performs signature preparation for the browser JS _ SDK to generate a signature.

The WeChat background maintains a list of allowed interfaces for different public number web page applications, when the WeChat client accesses the public number web page applications and the public number web page applications need to call the interfaces, the WeChat background needs to verify whether the calling authority of the requested interfaces is available according to the signature held by the public number web page applications, and therefore the signature corresponding to the public number web page applications needs to be generated in advance and distributed to the public number web page applications.

Specifically, the public number background uses the identity of the public number web application (appID), and the public number key (appsecret), requests a token (access _ token) from the WeChat background, and one example of a request using HTTPS is:

HTTP request mode: GET (GET tool)

After the wechat background verifies that the public number web page application is legal based on the key (appsecret), the wechat background generates and issues a token (access _ token) which can be used for accessing a temporary ticket (jsapi _ ticket) of the wechat background, for example, the wechat background returns the token (access _ token) and a corresponding validity period (expires _ in) by means of a JSON data packet, where one example of the JSON data packet is:

{"access_token":"ACCESS_TOKEN","expires_in":7200}

the token (access _ token) has a certain validity period (7200 seconds), and the WeChat background sends the update token (refresh _ token) to the public number background after the timeout.

The public account background requests a temporary ticket (JSAPI _ ticket) of the JAPI from the WeChat background by an HTTP GET request carrying a token (access _ token), and similarly, the temporary ticket (JSAPI _ ticket) has a certain validity period (7200 seconds), and due to the fact that the calling times of an interface of the WeChat background for acquiring the temporary ticket (JSAPI _ ticket) are limited, frequent refreshing of the temporary ticket (JSAPI _ ticket) can cause load abnormality of the WeChat background to affect services, and the public account background can locally and globally cache the temporary ticket (JSAPI _ ticket) to avoid frequent refreshing.

For example, a signature (signature) of JS-SDK is generated for the background of the public number, and the signature uses the following parameters: random string (noncestr), temporary ticket (jsapi _ ticket), timestamp (timestamp), URL of web page that needs to call interface in the public web application.

Step 202, the public number web page application requests to perform a web page authorization request based on oauth2.0, acquires the identity information of the user, redirects to a callback page and is in a login state with the identity information of the user.

The public number webpage application initiates a webpage authorization request based on OAuth2.0 to the WeChat background through the browser, the WeChat background transmits the address of the authorization webpage to the WeChat client, the WeChat client is called to be displayed by the foreground and obtains authorization by loading the authorization webpage (or a silent authorization mode can be adopted, namely, the authorization operation is not required to be manually implemented by a user), and the WeChat background is informed to obtain the authorization.

The wechat background returns the authorization code (code) to the wechat client, and then the wechat background returns the address of the authorization webpage and the authorization code (code) to the browser via the wechat client, and the browser loads the authorization webpage and the authorization result in the public number webpage application, for example, "authorization is successful, and the public number webpage application will obtain the following identity information … of the user".

The public number webpage application requests a token (access _ token, where the token is different from the token in step 201) which can be used for acquiring user identity information from the WeChat background through the browser and the public number background based on an authorization code (code), the public number background requests the identity information of the user from the WeChat background based on the acquired token (access _ token), the public number background redirects the public number webpage application to a callback page, and the cookie of the callback page (such as a webpage related to the service of the public number webpage application) includes the identity information of the user, so that the login state in the callback page with the identity information of the user can be realized.

According to different authorization scope (scope) of the initiated webpage authorization request, the public number webpage application can acquire an identifier (openID, hereinafter also referred to as user identifier) of the user in the public number webpage application, and in addition, can further acquire identity information of the user.

1) The webpage authorization request takes the snsapi _ base as an authorization scope, and the public number webpage application can log in based on the identifier (openID, hereinafter also referred to as user identifier) of the user in the public number webpage application.

The browser sets the browser UA as the WeChat UA when detecting that the address of the currently accessed authorized webpage is in a webpage white list issued by the browser background, and pretends to be a WeChat client through simulating the UA, so that the public number webpage application is mistakenly considered to run in a WeChat environment and cheats the public number webpage application, and therefore, the public number webpage application can smoothly initiate Oath2.0 webpage authorization.

The method comprises the steps that a public number webpage application initiates a webpage authorization request based on OAuth2.0 to a WeChat background through a browser, the address of a WeChat background authorization webpage is transmitted to a WeChat client, the WeChat client is switched to a foreground to display and load the authorization webpage, and the WeChat client notifies the WeChat background to acquire authorization without the user confirming authorization in a silent authorization mode.

And then, the address of the authorization webpage and an authorization code (code) are transmitted to the browser by the WeChat client through the WeChat background, and the browser is preset in a white list of the client which allows the access to the authorization webpage of the WeChat background, so that the authorization webpage can be normally loaded in the public number webpage application and an authorization result can be displayed.

The public number web application requests a token (here a token different from the token of step 201) from the WeChat background via the public number background based on an authorization code (code), an example of using HTTPS request is as follows:

HTTP request mode: GET (GET tool)

https://api.weixin..com/sns/oauth2/access_tokenappid＝APPID&secret＝SECRE T&code＝CODE&grant_type＝authorization_code

Since the webpage authorization request takes the snsapi _ base as an authorization scope, the public number background use token (access _ token) can request the identity (openID) of the user in the public number from the WeChat background, add the identity (openID) of the user into the cookie of the callback page (such as a webpage related to the service of the public number webpage application), transmit the callback page address and the authorization code (code) to the public number webpage application through the browser, redirect the public number webpage application to the callback page, and thus, the user identity (openID) can be in a login state in the callback page.

2) The webpage authorization request takes snsapi _ userinfo as an authorization scope, and the public number can acquire the identification (openID) of the user in the public number webpage application and the identity information of the user.

The public number webpage application initiates a webpage authorization request based on OAuth2.0 to the WeChat background through the browser, the WeChat background transmits the address of the authorization webpage to the WeChat client, and the WeChat client is switched to the foreground and loads the authorization webpage.

When the webpage authorization takes snsapi _ userinfo as an authorization scope, a user is required to manually confirm the authorization in an authorization webpage, and when the user confirms the authorization in the authorization webpage, the wechat client informs the wechat background to acquire the authorization.

The address of the authorization webpage and an authorization code (code) are transmitted to the browser by the WeChat background through the WeChat client, and the browser is preset in a white list of the client of the WeChat background, which allows the authorization webpage to be accessed, so that the authorization webpage can be normally loaded in the public number webpage application and an authorization result can be displayed.

The public number web application requests a token (here, the token is different from the token of step 201) from the wechat background via the public number background using an authorization code (code).

After the public number background acquires the token (access _ token), the token (access _ token) is continuously used for requesting the identity information of the user from the WeChat background, and an example of requesting the user identification by using HTTPS is as follows:

HTTP request mode: GET (GET tool)

After the public number obtains the user identifier (openID), because the security is higher when the webpage authorization request takes snsapi _ userinfo as an authorization scope, the public number can call an open application interface (openAPI) of a WeChat background through the user identifier (openID) and a token (access _ token) to request the identity information of the user, including a nickname, a head portrait, a gender and the like.

The method comprises the steps that a public number background adds identity information of a user into a cookie of a callback page (such as a webpage related to the service of a public number webpage application), returns a callback page address and an authorization code (code) to the public number webpage application through a browser, and redirects the public number webpage application to the callback page (a webpage displayed after the public number webpage application authorizes the webpage, such as a webpage related to the service of the public number), so that the callback page is in a login state according to the identity information of the user.

Similarly, the token (access _ token) has a certain validity period, and when the token (access _ token) is overtime, the public number background can refresh the WeChat background by using the refresh token (refresh _ token).

In step 203, the public number web application verifies the interface call by using the signature.

In order to call an interface of the browser JS _ SDK in the webpage to realize a service, the public number webpage application injects a file of the browser JS _ SDK which meets WeChat JS _ SDK technical specifications into the webpage, for example, the file of the browser JS _ SDK is loaded by using an AMD/CMD standard module loading method and cached at a terminal.

In addition, before the public number webpage is used for requesting to call the interface, a signature generated in advance for the public number webpage application is also requested from the WeChat background, and the signature returned by the WeChat background, an identifier (appID) of the public number webpage application and a temporary ticket (jsapi _ ticket) are received.

When a webpage in the public number webpage application needs to realize a service by using at least one of a terminal function and a WeChat client function in the webpage, aiming at an interface list which needs to be called for realizing the service, the public number webpage application verifies whether the webpage has a calling authority of the interface by calling a verification interface which is opened in a WeChat background, and the processing when the verification interface is called comprises the following steps:

the method comprises the steps that a public number webpage application requests a WeChat background through a browser and a browser background to verify a signature (signature) held by the public number webpage application, an interface list needing to be called and an identifier (appID) of the public number webpage application, the WeChat background verifies the signature based on the identifier (appID) of the public number webpage application and verifies whether the signature has a calling authority of an interface in the interface list, and a verification result aiming at the signature and the interface list, returned by the WeChat background through the browser background and the browser (returned by the WeChat background through a callback called by the interface), is obtained, for example, when the verification result is obtained, the fact that the public number webpage application can subsequently call a corresponding interface is shown.

And step 204, the interface in the WeChat JS-SDK is called by the public number webpage application, and the service is realized based on the returned processing result called by the interface.

The token (access _ token) is a globally unique interface calling credential of the public number web application, the public number web application needs to use when calling each interface of the WeChat JS _ SDK, the public number web application can use an identifier (appID) and a key (appexecute) of the public number web application to obtain the token (access _ token), and an example of using the HTTPS protocol to request the token (access _ token) is as follows:

HTTP request mode: GET (GET tool)

In order to avoid the influence on the service caused by frequent request of the token (access _ token), the token (access _ token) can be cached at the terminal side, the WeChat background specifies the token (access _ token) to have a limited validity period, the public number webpage application needs to be refreshed regularly, and repeated acquisition from the WeChat background through the public number background will cause the failure of the token (access _ token) acquired last time.

The method includes that a public number webpage application calls requests of various interfaces in a browser JS-SDK through a token (access _ token) (for example, the requests can still be in an HTTP request mode), the token (access _ token) and an identifier (appID) of the public number webpage application are carried in the requests, service related parameters can be carried in the calling requests of the interfaces according to service requirements, and processing results of interface calling are returned in a callback mode, and specifically includes the following conditions:

1) the method comprises the following steps that interfaces corresponding to terminal functions, such as a scanning interface and a geographic position interface, are used, the terminal functions are realized by native functions provided by a terminal operating system layer, when the interfaces are called, a browser obtains a processing result from the terminal operating system layer and returns the processing result to a public number webpage application, and for example, the scanning interface is called to realize a two-dimensional code scanning function in the browser; and for example, calling a positioning function of the geographic position interface according to the user, and automatically jumping to a related webpage of a store closest to the current position of the user when the public number webpage application is a micro store.

2) The method comprises the steps that a part of interfaces corresponding to functions of a WeChat client side, such as a WeChat sharing interface, a WeChat payment interface and the like, relate to user information safety, when public number webpage application calls the interfaces, a browser calls the WeChat client side, after a user confirms operation (confirms sharing/payment) at the WeChat client side, a processing result is formed through cooperative processing of the WeChat client side and the WeChat background, and the processing result is returned to the browser background and the browser through the WeChat background and the WeChat client side.

Taking the example of calling the wechat payment interface by the public number webpage application, the browser calls the wechat client according to the calling request of the public number webpage application and transmits parameters (such as a payee, a collection amount and the like) related to payment to the wechat client, when a user confirms payment at the wechat client, the wechat client continuously submits the calling request to the wechat background, after a payment processing result returned by the wechat background in a callback mode is obtained, the payment result is returned to the public number webpage application through the wechat client and the browser, and the payment result is displayed in the public number webpage application.

3) The other part of interfaces corresponding to the functions of the wechat client, such as an image interface, an audio interface, an intelligent interface and the like, do not pose a threat to the information security of the user, and do not need to call the wechat client to confirm the operation of the user.

Taking calling an image interface as an example, the public number webpage application provides a network printing function, when a user needs to print a photo, the user uploads the photo to be printed through an uploading control provided by the public number webpage application, the public number webpage application calls the image interface after receiving the photo, and the processing of calling the image interface design comprises the following steps: and transmitting the photos to the background of the browser through the browser, and transmitting the photos to a printing queue of the WeChat background by the background of the browser. And returning the printing result to the public number webpage application in a callback mode to prompt the user that the printing is finished.

An optional functional structure diagram of the web application access device is shown in fig. 4, and is deployed in a terminal device on a user side, where the web application access device 10 includes a hardware layer, a driver layer, an operating system layer, a software layer, and an application layer. However, it should be understood by those skilled in the art that the structure of the web application access device 10 shown in fig. 4 is only an example and does not constitute a limitation to the structure of the web application access device 10. For example, the web application accessing apparatus 10 may have more components than those shown in fig. 4 according to the implementation requirement, or omit some components according to the implementation requirement.

The hardware layers of the web application access device 10 include a processor 11, an input/output interface 13, a storage medium 14, and a network interface 12, which may communicate via a system bus connection.

The processor 11 may be implemented by a CPU, a Microprocessor (MCU), an Application Specific Integrated Circuit (ASIC), or a Field-Programmable Gate Array (FPGA).

The input/output interface 13 may be implemented using input/output devices such as a display screen, a touch screen, a speaker, etc.

The storage medium 14 may be implemented by a nonvolatile storage medium such as a flash memory, a hard disk, and an optical disk, or may also be implemented by a volatile storage medium such as a Double Data Rate (DDR) dynamic cache, in which an executable program for executing the web application access method is stored.

For example, the storage medium 14 may be disposed at the same location (e.g., a user-side terminal) as other components of the apparatus 10, or may be disposed in a distributed manner with respect to other components in the web application access apparatus 10, and the storage medium at least includes an operating system, a network communication program, and a browser application for implementing the web application access method provided by the embodiment of the present invention.

The network interface 12 provides the processor 11 with an access function of external data such as a storage medium 14 set in place.

The driver layer includes middleware 15 for the operating system 16 to recognize and communicate with the components of the hardware layer, such as a set of drivers for the components of the hardware layer.

The operating system 16 is used for providing a graphical interface facing a user, and exemplarily includes a plug-in icon, a desktop background and an application icon, and the operating system 16 supports the user to control the device via the graphical interface, and the embodiment of the present invention does not limit the software of the device, such as the type and version of the operating system, and may be, for example, a Linux operating system, a UNIX operating system or other operating systems.

The application layer includes a browser 17 to execute the web application access method, but may also include applications for implementing other conventional functions, such as a social networking client 18, etc.

The embodiment of the present invention provides a method for implementing a web application access device as a user terminal, such as a smart phone. Referring to fig. 5, fig. 5 is a schematic diagram of an optional functional structure of the web page access device applied to the user terminal according to the embodiment of the present invention, where the smart phone 20 provided with the web page access device includes:

a user interface 23 configured to provide an input interface for acquiring data input by a user; a network interface 24 configured to connect with a user terminal and obtain data of the user terminal; the processor 21 is configured to call the mirror image of the operating system 255 stored in the memory 25, run the browser 256 and the social network client 257 in the operating system 255, and support, by running the web application access device, to access, in the web application of the browser 256, the web application corresponding to the application account of the public platform; the above components may transmit data and instructions via the bus 22.

As for the web application access means, for example, the following functional modules may be included:

an environment simulation unit 251, configured to run, in the browser 256, a web application corresponding to the application account of the public platform, and simulate, in the browser 256, a host environment running on the social network client 257 for the web application;

the web page authorization unit 252 is configured to initiate a web page authorization request to the social network backend for the web page application, call the social network client 257 to load an authorization web page returned by the social network backend, and obtain an authorization code returned by the social network backend after the authorization web page obtains authorization;

the identity information unit 253 is used for initiating a webpage authorization request to the social network background aiming at the webpage application, calling the social network client 257 to load an authorization webpage returned by the social network background, and acquiring an authorization code returned by the social network background after the authorization webpage acquires an authorization operation of the identity information of the open user in the social network;

the interface calling unit 254 is configured to load an interface, in which a terminal function and a social network client 257 function are encapsulated, in the web application, and load a processing result called by the interface in the web application by using the terminal function and/or the social network client 257 function in a manner of calling the interface.

In one embodiment, the environment simulation unit 251 is configured to replace the user agent information of the browser 256 with the user agent information of the social network client 257 when it is detected that the web page currently accessed by the browser 256 is an authorized web page according to a web page white list, where the web page white list includes addresses of authorized web pages of the social network.

In an embodiment, the web page authorization unit 252 is specifically configured to obtain an address of an authorization page returned by the social network backend when detecting that the browser 256 has the right to initiate the web page authorization request according to a client white list, where the client white list includes the browser 256.

In an embodiment, the identity information unit 253 is specifically configured to request (carry an identifier of an application account) a token from the social network background via the application account background based on the authorization code, request a user identifier for distinguishing a user in a web application from the social network background via the application account background based on the token, and request identity information of the user in the social network from the social network background based on the token and the user identifier.

In one embodiment, the interface calling unit 254 is specifically configured to inject a software development kit packaged with an interface into the web application and load the software development kit, where the interface packaged by the software development kit is consistent with the function of the interface packaged by the software development kit injected by the social network client 257 into the web application, and the calling method is the same.

In an embodiment, the interface invoking unit 254 is specifically configured to obtain a token for invoking an interface from the social network backend based on the identifier of the web application and the key, and return a processing result of the interface invocation to the web application based on the identifier of the web application and the interface corresponding to the token invoking terminal function and/or the social network client 257 function.

In an embodiment, the interface calling unit 254 is specifically configured to call an interface corresponding to a terminal function based on the identifier of the web application and the token, obtain a processing result of the interface call from an operating system layer of the terminal, and return the processing result to the web application for loading.

In an embodiment, the interface invoking unit 254 is specifically configured to invoke an interface corresponding to a function of the social network client 257 related to user information security based on the identifier of the web application and the token, invoke the social network client 257 to obtain a user confirmation, obtain a processing result invoked from the social network client 257 by using the interface, and return the processing result to the web application.

In one embodiment, the interface invoking unit 254 is specifically configured to invoke an interface that does not relate to user information security based on the identity of the web application and the token, obtain a processing result of the interface invocation from the social network background via the browser 256, and return the processing result to the web application.

In one embodiment, the interface calling unit 254 is specifically configured to inject, in the web application, a signature generated by the social network background for the web application before calling the interface, and request, via the browser 256 background, the social network background to verify that the web application has the right to call the interface.

The embodiment of the invention has the following beneficial effects:

1) the browser enables the webpage application to be mistakenly considered to be operated in the host environment of the social network client side by simulating the host environment of the social network client side (such as a WeChat client side), cheating is conducted on the webpage application, and webpage authorization can be successfully initiated even if the host environment is the browser for the webpage application;

3) since the web application always detects that the web application is in the host environment of the social network client, the web application can adapt the host environments of the browser and the social network client by using the terminal function and/or the social network client function through calling the same socket.

4) The method has the advantages that the authorized web pages of the public platform can be smoothly loaded in the browser through the web page white list, the browser can initiate the OAuth 2.0-based web page authorization request to the WeChat background to obtain the response of the WeChat background when accessing the public number web page application through the client side white list, and the user experience consistent with the access in the WeChat client side is ensured when the browser accesses the public number web page application.

5) When an interface related to user information safety, such as a WeChat payment interface, is called, a WeChat client is called by a browser to enable a user to confirm, the user information safety is ensured, and when an interface which does not relate to the user information safety is called, the user can stay in a browser operation interface all the time through the cooperative processing of a browser background and a WeChat background, so that smooth operation experience is brought.

Those skilled in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media capable of storing program codes, such as a removable Memory device, a Random Access Memory (RAM), a Read-Only Memory (ROM), a magnetic disk, and an optical disk.

Alternatively, the integrated unit of the present invention may be stored in a computer-readable storage medium if it is implemented in the form of a software functional module and sold or used as a separate product. Based on such understanding, the technical solutions of the embodiments of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: a removable storage device, a RAM, a ROM, a magnetic or optical disk, or other various media that can store program code.

The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims

1. A method for accessing a web application, comprising:

a webpage authorization request is sent to a social network background aiming at the webpage application, the social network client is called to load an authorization webpage returned by the social network background, and after the authorization webpage acquires the authorization operation of the open user in the social network identity information, an authorization code returned by the social network background is acquired;

acquiring identity information of the user in a social network from an application account background based on the authorization code, redirecting the webpage application to a callback page and logging in the callback page by using the identity information;

2. The method of claim 1, wherein simulating a hosting environment running on a social networking client for the web application in the browser comprises:

and when detecting that the webpage currently accessed by the browser is the authorized webpage according to a webpage white list, replacing the user agent information of the browser with the user agent information of the social network client, wherein the webpage white list comprises the address of the authorized webpage of the social network.

3. The method of claim 1, wherein said invoking the social networking client to load the authorized web page returned by the social networking background comprises:

and when the social network background detects that the browser has the right to initiate a webpage authorization request according to a client white list, acquiring the address of the authorization webpage returned by the social network background.

4. The method of claim 1, wherein the obtaining identity information of the user in a social network from the social network backend via an application account backend based on the authorization code comprises:

requesting a token from the social network backend via the application account backend based on the authorization code, and requesting a user identifier for distinguishing the user in the web application from the social network backend via the application account backend based on the token;

and requesting the identity information of the user in the social network from the social network background based on the token and the user identification.

5. The method of claim 1, wherein loading an interface encapsulating terminal functionality and social network client functionality in the web application comprises:

injecting a software development kit packaged with the interface into the webpage application and loading the software development kit;

the functions of the interface of the software development suite package are consistent with those of the interface of the software development suite package injected into the webpage application by the social network client, and the calling methods are the same.

6. The method of claim 1, wherein said using the terminal functionality and/or the social network client functionality by invoking the interface comprises:

obtaining a token for calling the interface from the social network background based on the identification of the webpage application and the secret key;

and calling the interface corresponding to the terminal function and/or the social network client function based on the identification of the webpage application and the token, and returning a processing result called by the interface to the webpage application.

7. The method of claim 6, wherein returning the processing result of the interface call to the web application comprises:

and acquiring a processing result called by an interface from an operating system layer of the terminal, and returning the processing result to the webpage application for loading.

8. The method of claim 6, wherein the step of returning a processing result of the interface call to the web application based on the identification of the web application and the interface corresponding to the social network client function called by the token comprises:

calling an interface corresponding to a social network client function related to user information security based on the identification of the webpage application and the token, and calling the social network client to acquire the user confirmation;

and acquiring a processing result called by an interface from the social network through the social network client, and returning the processing result to the webpage application.

9. The method of claim 1, wherein the loading the processing result of the interface call in the web application by using the terminal function and/or the social network client function by calling the interface comprises:

and calling an interface which does not relate to user information security based on the identification of the webpage application and the token, acquiring a processing result called by the interface from the social network background through the browser background, and returning the processing result to the webpage application.

10. The method of claim 1, further comprising:

before the interface is called, a signature generated by the social network background aiming at the web application is injected into the web application, and the web application is requested to be verified to have the authority of calling the interface from the social network background through a browser background.

11. A web application access apparatus, comprising:

the environment simulation unit is used for running a webpage application corresponding to an application account of a public platform in a browser and simulating a host environment running in a social network client for the webpage application in the browser;

the webpage authorization unit is used for initiating a webpage authorization request to a social network background aiming at the webpage application, calling a social network client to load an authorization webpage returned by the social network background, and acquiring an authorization code returned by the social network background after the authorization webpage acquires the authorization operation of the identity information of an open user in the social network;

the identity information unit is used for acquiring the identity information of the user in the social network from the social network background through an application account background based on the authorization code, redirecting the webpage application to a callback page and logging in the callback page by using the identity information;

and the interface calling unit is used for loading an interface which is packaged with a terminal function and a social network client function in the webpage application, using the terminal function and/or the social network client function by calling the interface, and loading a processing result called by the interface in the webpage application.

12. The web application access apparatus of claim 11,

the environment simulation unit is specifically configured to, when it is detected that the web page currently accessed by the browser is the authorized web page according to a web page white list, replace user agent information of the browser with user agent information of the social network client, where the web page white list includes an address of the authorized web page of the social network.

13. The web application access apparatus of claim 11,

the web page authorization unit is specifically configured to, when the social network background detects that the browser has the right to initiate a web page authorization request according to a client white list, obtain an address of the authorization web page returned by the social network background.

14. The web application access apparatus of claim 11,

the identity information unit is specifically configured to request a token from the social network background via the application account background based on the authorization code, request a user identifier for distinguishing the user in the web application from the social network background via the application account background based on the token, and request identity information of the user in a social network from the social network background based on the token and the user identifier.

15. The web application access apparatus of claim 11,

the interface calling unit is specifically used for injecting a software development kit packaged with the interface into the webpage application and loading the software development kit;

the interface of the software development suite package is consistent with the function of the interface of the software development suite package injected into the webpage application by the social network client, and the function of the interface of the software development suite package is the same as that of the interface of the software development suite package injected into the webpage application by the social network client.

16. The web application access apparatus of claim 11,

the interface calling unit is specifically configured to obtain a token for calling the interface from the social network background based on the identifier of the web application and the key;

17. The web application access apparatus of claim 16,

the interface calling unit is specifically configured to obtain a processing result of interface calling from an operating system layer of the terminal, and return the processing result to the web application for loading.

18. The web application access apparatus of claim 16,

the interface calling unit is specifically configured to call an interface corresponding to a social network client function related to user information security based on the identifier of the web application and the token, and call the social network client to obtain the user confirmation; and acquiring a processing result called by an interface from the social network through the social network client, and returning the processing result to the webpage application.

19. The web application access apparatus of claim 11,

the interface calling unit is specifically configured to call an interface that does not relate to user information security based on the identifier of the web application and the token, obtain a processing result of interface calling from the social network background via the browser background, and return the processing result to the web application.

20. The web application access apparatus of claim 11,

the interface calling unit is specifically configured to, before calling the interface, inject a signature generated by the social network background for the web application into the web application, and request, via the browser background, the social network background to verify that the web application has an authority to call the interface.

21. A web application access apparatus, comprising:

a memory for storing an executable program;

a processor for implementing the following steps by executing the executable program stored in the memory:

22. A readable storage medium storing an executable program which when executed by a processor performs the steps of: