CN110855655B - Information verification method, device, equipment and storage medium - Google Patents

Information verification method, device, equipment and storage medium Download PDF

Info

Publication number
CN110855655B
CN110855655B CN201911077305.1A CN201911077305A CN110855655B CN 110855655 B CN110855655 B CN 110855655B CN 201911077305 A CN201911077305 A CN 201911077305A CN 110855655 B CN110855655 B CN 110855655B
Authority
CN
China
Prior art keywords
page
verification
target
operation request
target operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911077305.1A
Other languages
Chinese (zh)
Other versions
CN110855655A (en
Inventor
王岳晨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing ByteDance Network Technology Co Ltd
Original Assignee
Beijing ByteDance Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing ByteDance Network Technology Co Ltd filed Critical Beijing ByteDance Network Technology Co Ltd
Priority to CN201911077305.1A priority Critical patent/CN110855655B/en
Publication of CN110855655A publication Critical patent/CN110855655A/en
Application granted granted Critical
Publication of CN110855655B publication Critical patent/CN110855655B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Abstract

The embodiment of the disclosure discloses an information verification method, an information verification device, information verification equipment and a storage medium, wherein the method comprises the following steps: acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter; acquiring page description information corresponding to the target page, and adding the page description information into the target operation request; sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification; and responding the target operation request according to target response data returned by the verification end after the verification is successful. According to the technical scheme of the embodiment, when the target operation request matched with the target page is obtained, the corresponding page description information is also obtained, then parameter verification is carried out through the verification end, and the target operation request is responded, so that the parameter verification of the operation request at an application level and a page level is realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.

Description

Information verification method, device, equipment and storage medium
Technical Field
The present disclosure relates to software technologies, and in particular, to an information verification method, apparatus, device, and storage medium.
Background
With the continuous development of software technology, various Applications (APPs) appear in mobile terminals, providing users with diverse functional services.
In the existing application development, the application of the mobile terminal communicates with an SDK (software development kit) to acquire Token (Token), or performs network request interaction with a background server in a manner of distinguishing domain names and parameters to complete verification of a corresponding application layer.
The inventor finds in the process of implementing the present invention that such application-level authentication is difficult to fully guarantee the security of data interaction for sensitive information, especially information related to user privacy.
Disclosure of Invention
The disclosure provides an information verification method, an information verification device and a storage medium, which are used for verifying whether an operation request of a user is valid and simultaneously realizing security verification of an application level and a page level.
In a first aspect, an embodiment of the present disclosure provides an information verification method, applied to an application program, where the method includes:
acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter;
acquiring page description information corresponding to the target page, and adding the page description information serving as a page layer verification parameter into the target operation request;
sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification;
and responding the target operation request according to target response data returned by the verification end after the verification is successful.
In a second aspect, an embodiment of the present disclosure provides an information verification method, applied to a verification end, including:
acquiring a target operation request which is sent by an application program and matched with a target page, wherein the target operation request comprises an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page;
verifying the application layer verification parameters and the page layer verification parameters respectively;
after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, feeding target response data back to the application program so that the application program can respond to the target operation request.
In a third aspect, an embodiment of the present disclosure provides an information verification apparatus, including:
the first target operation request acquisition module is used for acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter;
the page description information acquisition module is used for acquiring page description information corresponding to the target page and adding the page description information serving as a page layer verification parameter into the target operation request;
the target operation request sending module is used for sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification;
and the target response data receiving module is used for responding to the target operation request according to the target response data returned by the verification end after the verification is successful.
In a fourth aspect, an embodiment of the present disclosure provides an information verification apparatus, including:
a second target operation request obtaining module, configured to obtain a target operation request that is sent by an application and matches a target page, where the target operation request includes an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page;
the parameter verification module is used for respectively verifying the application layer verification parameters and the page layer verification parameters;
and the target response data sending module is used for feeding back target response data to the application program after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, so that the application program responds to the target operation request.
In a fifth aspect, an embodiment of the present disclosure provides an electronic device, which includes a memory, a processing device, and a computer program stored in the memory and executable on the processing device, where the processing device implements the information verification method according to the first embodiment of the present disclosure or implements the information verification method according to the second embodiment of the present disclosure when executing the computer program.
In a sixth aspect, the disclosed embodiments provide a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform the information verification method of the first embodiment of the present disclosure, or perform the information verification method of the second embodiment of the present disclosure.
According to the technical scheme of the embodiment, when the target operation request matched with the target page is obtained, the page description information corresponding to the target page is obtained and added into the target operation request, then the target operation request is subjected to application layer parameter verification and page layer parameter verification through the verification end, and then the target operation request is responded according to the target response data fed back by the verification end, so that the parameter verification of the operation request at an application level and a page level is realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and features are not necessarily drawn to scale.
Fig. 1 is a flowchart of an information verification method in a first embodiment of the disclosure;
fig. 2A is a flowchart of an information verification method in a second embodiment of the disclosure;
fig. 2B is a data flow diagram of an information verification method in a first specific application scenario of the present disclosure;
fig. 3 is a block diagram of an information verification apparatus according to a third embodiment of the present disclosure;
fig. 4 is a block diagram of an information verification apparatus according to a fourth embodiment of the present disclosure.
Fig. 5 is a block diagram of a device in a fifth embodiment of the disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order, and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
Example one
Fig. 1 is a flowchart of an information verification method provided in a first embodiment of the present disclosure, where this embodiment is applicable to verifying whether an operation request of a user is valid, and this method may be executed by an information verification apparatus in a third embodiment of the present disclosure, where the apparatus may be implemented by software and/or hardware and integrated in an application program, and the method specifically includes the following steps:
s110, a target operation request matched with the target page is obtained, and the target operation request comprises at least one item of application layer verification parameters.
If only one display page exists in the application program, the target page is the display page; if a plurality of display pages exist in the application program at the same time, for example, the plurality of pages are displayed simultaneously in a tiled mode, the target page is a page in an activated state in the current display page; the target operation request is an operation request triggered by a user in a target page in a sliding and/or clicking mode and the like; the application layer authentication parameters are included in the target operation request and used for verifying whether the target operation request is valid, for example, if the target operation request is an account login, the corresponding application layer authentication parameters include an account number and a password; the target operation request is a modified password, and the corresponding application layer authentication parameters include a new password and an old password.
In particular, the Application program in the embodiment of the present disclosure may be a software program installed in a computer, or may also be an Application program (APP) installed in a terminal device such as a mobile phone or a tablet computer.
And S120, acquiring page description information corresponding to the target page, and adding the page description information serving as a page layer verification parameter into the target operation request.
The page description information is characteristic information describing a target page and is used for distinguishing other pages, such as addresses of the target page and information including pictures, characters, formats and the like in the target page; and taking the page description information as a page layer verification parameter, namely adding at least one item of feature information of the target page into the target operation request. Optionally, in this embodiment of the present disclosure, the page description information is a class name of a view controller corresponding to the target page. Wherein, the view controller is a container for controlling each view in the page; class name, i.e. the type of view controller. The acquiring of the page description information corresponding to the target page includes: calling a set system function to obtain the class name of the top view controller in the current display page; and the top-level view controller is a view controller corresponding to the page in the activated state in the current display page. Particularly, the view controller is realized by UIViewController function of the application program running in the IOS system environment; and the view controller is realized through an Activity function when the application program runs in the android system environment.
Since the view controller usually includes multiple views, and may even include views that are not related to the current service, if the views are verified, that is, the view information is added to the target operation request as a page layer verification parameter, it is very easy to cause a situation that the verification of the correct operation request fails; for example, taking the user login page as an example, the view controller may include views of advertisement information types in addition to views related to the account and the password, and when authentication is performed through the views, if the views of the advertisement information types are located, the views are most likely to be regarded as invalid pages, which may result in authentication failure, and the user cannot log in, so in the embodiment of the present disclosure, authentication is performed through the view controller instead of through the views.
Specifically, before obtaining the page description information corresponding to the target page and adding the page description information as a page layer verification parameter to the target operation request, the method further includes: judging the type of the target operation request; if the target operation request is an operation request of a specific type, for example, operation requests of types such as account login, password modification, recharging, cash withdrawal, consumption and the like, acquiring page description information corresponding to the target page, and adding the page description information into the target operation request as a page layer verification parameter; if the target operation request is an unspecified type operation request, that is, a normal operation request, it is not necessary to obtain page description information corresponding to the target page, and it is also not necessary to add the page description information as a page layer verification parameter to the target operation request, and verification is performed only by using an application layer verification parameter included in the target operation request itself.
S130, sending the target operation request to a verification end so that the verification end carries out parameter verification.
The verification end comprises a background verification server corresponding to the application program and/or an SDK (Software Development Kit) integrated in the application program, and the target operation request is sent to the background verification server and/or the SDK according to different requirements of the target operation request, so that the verification end verifies the application layer verification parameters and the page layer verification parameters in the target operation request.
And S140, responding to the target operation request according to target response data returned by the verification end after the verification is successful.
When the verification end determines that the target operation request is valid, namely, the verification of both the application layer verification parameter and the page layer verification parameter in the target operation request is successful, returning target response data; and the application program responds to the operation request of the user after receiving the response data.
Optionally, in this embodiment of the present disclosure, after sending the target operation request to the verification end, the method further includes: and executing corresponding fault-tolerant operation according to the fault-tolerant data returned by the verification end after the verification fails. The fault-tolerant data can comprise a popup prompt and/or a page jump link, and after the fault-tolerant data is obtained, a user can be prompted to verify an error through the popup prompt, and/or a correct page jump link is displayed to the user.
According to the technical scheme of the embodiment, when the target operation request matched with the target page is obtained, the page description information corresponding to the target page is obtained and added into the target operation request, then the target operation request is subjected to application layer parameter verification and page layer parameter verification through the verification end, and then the target operation request is responded according to the target response data fed back by the verification end, so that the parameter verification of the operation request at an application level and a page level is realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.
Example two
Fig. 2A is a flowchart of an information verification method provided in the second embodiment of the present disclosure, where this embodiment is applicable to verifying whether an operation request of a user is valid, and this method may be executed by an information verification apparatus in the fourth embodiment of the present disclosure, where this apparatus may be implemented by software and/or hardware and is integrated in a verification end, and this method specifically includes the following steps:
s210, a target operation request which is sent by an application program and matched with a target page is obtained, wherein the target operation request comprises an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page.
S220, verifying the application layer verification parameters and the page layer verification parameters respectively.
Specifically, the verifying the page layer verification parameters includes: and verifying the page layer verification parameters through the stored page layer verification parameter template. For example, the page content of each page is stored as a page layer verification parameter template, the obtained page layer verification parameters (e.g., the title content of the page) are matched with the template, and if the matching is successful, the verification is considered to be passed.
When the page description information includes a class name of a view controller corresponding to the target page, the page layer verification parameter template includes a class name white list of the view controller. And if the obtained class name of the view controller corresponding to the target page is determined to exist in the white list, the matching is considered to be successful, and the verification is passed.
And S230, after the application layer verification parameters and the page layer verification parameters are determined to pass the verification successfully, feeding target response data back to the application program so that the application program responds to the target operation request.
Optionally, after verifying the application layer verification parameter and the page layer verification parameter respectively, the method further includes: after determining that the verification of the application layer verification parameters and/or the page layer verification parameters fails, feeding fault-tolerant data back to the application program so that the application program executes fault-tolerant operation. For example, after the verification of the application layer verification parameters fails, the popup prompt information is returned so that the application program prompts the user for a verification error in a popup mode; and after the verification of the page layer verification parameters fails, returning a correct page jump link to guide the user to send the target operation request again by using a correct page.
According to the technical scheme of the embodiment of the invention, the application layer verification parameters and the page layer verification parameters in the target operation request are respectively verified, and when the verification is successful, the target response data is returned, so that the application program responds to the target operation request, the parameter verification of the operation request at the application level and the page level is further realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.
Specific application scenario one
Fig. 2B is a data flow diagram of an information verification method in a first specific application scenario of the present disclosure, where the method specifically includes:
an application program acquires a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter; the application program acquires page description information corresponding to the target page; the application program adds the page description information as a page layer verification parameter into the target operation request; the application program sends the target operation request to a verification end;
the method comprises the steps that a verification end obtains a target operation request sent by an application program; the verification end respectively verifies the application layer verification parameters and the page layer verification parameters; the verification end determines that the application layer verification parameters and the page layer verification parameters pass verification successfully; the verification end feeds target response data back to the application program; and the application program responds to the target operation request after acquiring the target response data fed back by the verification end.
According to the technical scheme of the embodiment, when the application program obtains the target operation request matched with the target page, the application program also obtains the page description information corresponding to the target page and adds the page description information into the target operation request, then the target operation request is subjected to application layer parameter verification and page layer parameter verification through the verification end, and the application program responds to the target operation request according to the target response data fed back by the verification end, so that the parameter verification of the operation request at an application level and a page level is realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.
EXAMPLE III
Fig. 3 is a block diagram of an information verification apparatus provided in a third embodiment of the present disclosure, which specifically includes: a first target operation request obtaining module 310, a page description information obtaining module 320, a target operation request sending module 330, and a target response data receiving module 340.
A first target operation request obtaining module 310, configured to obtain a target operation request matched with a target page, where the target operation request includes at least one application layer verification parameter;
a page description information obtaining module 320, configured to obtain page description information corresponding to the target page, and add the page description information to the target operation request as a page layer verification parameter;
a target operation request sending module 330, configured to send the target operation request to a verifying end, so that the verifying end performs parameter verification;
and the target response data receiving module 340 is configured to respond to the target operation request according to the target response data returned by the verifying end after the verification is successful.
According to the technical scheme of the embodiment, when the target operation request matched with the target page is obtained, the page description information corresponding to the target page is obtained and added into the target operation request, then the target operation request is subjected to application layer parameter verification and page layer parameter verification through the verification end, and then the target operation request is responded according to the target response data fed back by the verification end, so that the parameter verification of the operation request at an application level and a page level is realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.
Optionally, on the basis of the above technical solution, the page description information is a class name of a view controller corresponding to the target page.
Optionally, on the basis of the above technical solution, the target page is a page in an active state in the currently displayed page.
Optionally, on the basis of the above technical solution, the page description information obtaining module 320 is specifically configured to:
and calling a set system function to obtain the class name of the top view controller in the current display page.
Optionally, on the basis of the above technical solution, the information verification apparatus further includes:
and the fault-tolerant operation execution module is used for executing corresponding fault-tolerant operation according to the fault-tolerant data returned by the verification end after the verification fails.
The device can execute the information verification method provided by the first embodiment of the disclosure, and has the corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the method provided in the first embodiment of the present disclosure.
Example four
Fig. 4 is a block diagram of a structure of an information verification apparatus provided in the fourth embodiment of the present disclosure, which specifically includes: a second target operation request acquisition module 410, a parameter verification module 420 and a target response data transmission module 430.
A second target operation request obtaining module 410, configured to obtain a target operation request that is sent by an application and matches a target page, where the target operation request includes an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page;
a parameter verification module 420, configured to verify the application layer verification parameter and the page layer verification parameter respectively;
and a target response data sending module 430, configured to, after determining that both the application layer verification parameter and the page layer verification parameter successfully pass verification, feed back target response data to the application program, so that the application program responds to the target operation request.
According to the technical scheme of the embodiment, when the application program obtains the target operation request matched with the target page, the application program also obtains the page description information corresponding to the target page and adds the page description information into the target operation request, then the target operation request is subjected to application layer parameter verification and page layer parameter verification through the verification end, and the application program responds to the target operation request according to the target response data fed back by the verification end, so that the parameter verification of the operation request at an application level and a page level is realized, the accuracy of information verification is greatly improved, and the safety of data interaction is ensured.
Optionally, on the basis of the foregoing technical solution, the parameter verification module 420 is specifically configured to:
and verifying the page layer verification parameters through the stored page layer verification parameter template.
Optionally, on the basis of the above technical solution, the page description information includes a class name of a view controller corresponding to the target page; the page level verification parameter template includes a class name white list of the view controller.
Optionally, on the basis of the above technical solution, the information verification apparatus further includes:
and the fault-tolerant data sending module is used for feeding back fault-tolerant data to the application program after the verification of the application layer verification parameter and/or the page layer verification parameter is determined to be failed so as to enable the application program to execute fault-tolerant operation.
The device can execute the information verification method provided by the second embodiment of the disclosure, and has the corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the method provided in the second embodiment of the present disclosure.
EXAMPLE five
Fig. 5 shows a schematic structural diagram of an electronic device (e.g., the terminal device or the server in fig. 1) 500 suitable for implementing an embodiment of the present disclosure. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), a vehicle terminal (e.g., a car navigation terminal), and the like, and a stationary terminal such as a digital TV, a desktop computer, and the like. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 5, electronic device 500 may include a processing means (e.g., central processing unit, graphics processor, etc.) 501 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage means 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the electronic apparatus 500 are also stored. The processing device 501, the ROM 502, and the RAM 503 are connected to each other through a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
Generally, the following devices may be connected to the I/O interface 505: input devices 506 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 507 including, for example, a Liquid Crystal Display (LCD), speakers, vibrators, and the like; storage devices 508 including, for example, magnetic tape, hard disk, etc.; and a communication device 509. The communication means 509 may allow the electronic device 500 to communicate with other devices wirelessly or by wire to exchange data. While fig. 5 illustrates an electronic device 500 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program carried on a non-transitory computer readable medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 509, or installed from the storage means 508, or installed from the ROM 502. The computer program performs the above-described functions defined in the methods of the embodiments of the present disclosure when executed by the processing device 501.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter; acquiring page description information corresponding to the target page, and adding the page description information serving as a page layer verification parameter into the target operation request; sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification; and responding the target operation request according to target response data returned by the verification end after the verification is successful.
Or acquiring a target operation request which is sent by an application program and matched with a target page, wherein the target operation request comprises an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page; verifying the application layer verification parameters and the page layer verification parameters respectively; after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, feeding target response data back to the application program so that the application program can respond to the target operation request.
Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including but not limited to an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. For example, the first target operation request obtaining module may be described as "a module for obtaining a target operation request matched with a target page, wherein the target operation request includes at least one item of application layer verification parameter".
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
According to one or more embodiments of the present disclosure, [ example 1 ] there is provided an information verification method including:
acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter;
acquiring page description information corresponding to the target page, and adding the page description information serving as a page layer verification parameter into the target operation request;
sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification;
and responding the target operation request according to target response data returned by the verification end after the verification is successful.
In accordance with one or more embodiments of the present disclosure, [ example 2 ] there is provided the method of example 1, further comprising:
the page description information is a class name of a view controller corresponding to the target page.
In accordance with one or more embodiments of the present disclosure, [ example 3 ] there is provided the method of example 2, further comprising:
the target page is a page in an activated state in a current display page;
and calling a set system function to obtain the class name of the top view controller in the current display page.
According to one or more embodiments of the present disclosure, [ example 4 ] there is provided the method of any one of examples 1-3, further comprising:
and executing corresponding fault-tolerant operation according to the fault-tolerant data returned by the verification end after the verification fails.
According to one or more embodiments of the present disclosure, [ example 5 ] there is provided an information verification method comprising:
acquiring a target operation request which is sent by an application program and matched with a target page, wherein the target operation request comprises an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page;
verifying the application layer verification parameters and the page layer verification parameters respectively;
after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, feeding target response data back to the application program so that the application program can respond to the target operation request.
According to one or more embodiments of the present disclosure, [ example 6 ] there is provided the method of example 5, further comprising:
and verifying the page layer verification parameters through the stored page layer verification parameter template.
In accordance with one or more embodiments of the present disclosure, [ example 7 ] there is provided the method of example 6, further comprising:
the page description information comprises a class name of a view controller corresponding to the target page; the page level verification parameter template includes a class name white list of the view controller.
According to one or more embodiments of the present disclosure, [ example 8 ] there is provided the method of any one of examples 5-7, further comprising:
after determining that the verification of the application layer verification parameters and/or the page layer verification parameters fails, feeding fault-tolerant data back to the application program so that the application program executes fault-tolerant operation.
According to one or more embodiments of the present disclosure, [ example 9 ] there is provided an information authentication apparatus including:
the first target operation request acquisition module is used for acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter;
the page description information acquisition module is used for acquiring page description information corresponding to the target page and adding the page description information serving as a page layer verification parameter into the target operation request;
the target operation request sending module is used for sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification;
and the target response data receiving module is used for responding to the target operation request according to the target response data returned by the verification end after the verification is successful.
According to one or more embodiments of the present disclosure, [ example 10 ] there is provided an information authentication apparatus including:
a second target operation request obtaining module, configured to obtain a target operation request that is sent by an application and matches a target page, where the target operation request includes an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page;
the parameter verification module is used for respectively verifying the application layer verification parameters and the page layer verification parameters;
and the target response data sending module is used for feeding back target response data to the application program after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, so that the application program responds to the target operation request.
According to one or more embodiments of the present disclosure, [ example 11 ] there is provided an electronic device comprising a memory, a processing apparatus, and a computer program stored on the memory and executable on the processing apparatus, the processing apparatus implementing the information authentication method according to any one of examples 1 to 4 or implementing the information authentication method according to any one of examples 5 to 8 when executing the program.
According to one or more embodiments of the present disclosure, [ example 12 ] there is provided a storage medium containing computer-executable instructions for performing the information authentication method of any one of examples 1-4, or performing the information authentication method of any one of examples 5-8, when executed by a computer processor.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other embodiments in which any combination of the features described above or their equivalents does not depart from the spirit of the disclosure. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.
Further, while operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order. Under certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are included in the above discussion, these should not be construed as limitations on the scope of the disclosure. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination.
Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.

Claims (11)

1. An information verification method applied to an application program is characterized by comprising the following steps:
acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter;
acquiring page description information corresponding to the target page, and adding the page description information serving as a page layer verification parameter into the target operation request; the page description information is a class name of a view controller corresponding to the target page;
sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification;
and responding the target operation request according to target response data returned by the verification end after the verification is successful.
2. The method according to claim 1, wherein the target page is a page in an active state in a currently displayed page;
the acquiring of the page description information corresponding to the target page includes:
and calling a set system function to obtain the class name of the top view controller in the current display page.
3. The method according to claim 1 or 2, wherein after sending the target operation request to a verifying end, further comprising:
and executing corresponding fault-tolerant operation according to the fault-tolerant data returned by the verification end after the verification fails.
4. An information verification method is applied to a verification end and is characterized by comprising the following steps:
acquiring a target operation request which is sent by an application program and matched with a target page, wherein the target operation request comprises an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page; the page description information is a class name of a view controller corresponding to the target page;
verifying the application layer verification parameters and the page layer verification parameters respectively;
after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, feeding target response data back to the application program so that the application program can respond to the target operation request.
5. The method of claim 4, wherein verifying the page layer verification parameters comprises:
and verifying the page layer verification parameters through the stored page layer verification parameter template.
6. The method of claim 5, wherein the page level authentication parameter template comprises a white list of class names of view controllers.
7. The method of any of claims 4-6, after verifying the page-level verification parameters, further comprising:
after determining that the verification of the application layer verification parameters and/or the page layer verification parameters fails, feeding fault-tolerant data back to the application program so that the application program executes fault-tolerant operation.
8. An information authentication apparatus, comprising:
the first target operation request acquisition module is used for acquiring a target operation request matched with a target page, wherein the target operation request comprises at least one application layer verification parameter;
the page description information acquisition module is used for acquiring page description information corresponding to the target page and adding the page description information serving as a page layer verification parameter into the target operation request; the page description information is a class name of a view controller corresponding to the target page;
the target operation request sending module is used for sending the target operation request to a verification end so as to enable the verification end to carry out parameter verification;
and the target response data receiving module is used for responding to the target operation request according to the target response data returned by the verification end after the verification is successful.
9. An information authenticator apparatus, comprising:
a second target operation request obtaining module, configured to obtain a target operation request that is sent by an application and matches a target page, where the target operation request includes an application layer verification parameter and a page layer verification parameter, and the page layer verification parameter is page description information of the target page; the page description information is a class name of a view controller corresponding to the target page;
the parameter verification module is used for respectively verifying the application layer verification parameters and the page layer verification parameters;
and the target response data sending module is used for feeding back target response data to the application program after the application layer verification parameters and the page layer verification parameters are determined to be successfully verified, so that the application program responds to the target operation request.
10. An electronic device comprising a memory, processing means and a computer program stored on the memory and executable on the processing means, characterized in that the processing means, when executing the program, implements an information authentication method as claimed in any one of claims 1 to 3 or implements an information authentication method as claimed in any one of claims 4 to 7.
11. A storage medium containing computer-executable instructions for performing the information verification method of any one of claims 1-3, or performing the information verification method of any one of claims 4-7, when executed by a computer processor.
CN201911077305.1A 2019-11-06 2019-11-06 Information verification method, device, equipment and storage medium Active CN110855655B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911077305.1A CN110855655B (en) 2019-11-06 2019-11-06 Information verification method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911077305.1A CN110855655B (en) 2019-11-06 2019-11-06 Information verification method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110855655A CN110855655A (en) 2020-02-28
CN110855655B true CN110855655B (en) 2021-12-24

Family

ID=69598681

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911077305.1A Active CN110855655B (en) 2019-11-06 2019-11-06 Information verification method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110855655B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115001765A (en) * 2022-05-24 2022-09-02 北京得间科技有限公司 Page resource loading and verifying method and computing equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162473A (en) * 2007-11-27 2008-04-16 腾讯科技(深圳)有限公司 Method and system for publishing content information on web page
CN109831416A (en) * 2018-12-27 2019-05-31 北京城市网邻信息技术有限公司 A kind of login method and device
CN109922132A (en) * 2019-01-18 2019-06-21 深圳壹账通智能科技有限公司 Method, apparatus, electronic equipment and the storage medium of form request processing

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9336525B2 (en) * 2013-10-01 2016-05-10 Adobe Systems Incorporated Method and apparatus for enabling dynamic analytics configuration on a mobile device
CN107783832A (en) * 2016-08-25 2018-03-09 平安科技(深圳)有限公司 A kind of view controller method of controlling security and terminal
CN107368731A (en) * 2017-07-12 2017-11-21 网易(杭州)网络有限公司 A kind of method and apparatus for carrying out safety verification

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162473A (en) * 2007-11-27 2008-04-16 腾讯科技(深圳)有限公司 Method and system for publishing content information on web page
CN109831416A (en) * 2018-12-27 2019-05-31 北京城市网邻信息技术有限公司 A kind of login method and device
CN109922132A (en) * 2019-01-18 2019-06-21 深圳壹账通智能科技有限公司 Method, apparatus, electronic equipment and the storage medium of form request processing

Also Published As

Publication number Publication date
CN110855655A (en) 2020-02-28

Similar Documents

Publication Publication Date Title
CN111639319B (en) User resource authorization method, device and computer readable storage medium
CN111258602B (en) Information updating method and device
CN110378743B (en) Application invitation method, terminal device, server and medium
CN110430292B (en) Method and device for inviting login of network platform, electronic equipment and readable medium
US20220377119A1 (en) Interaction method and apparatus, and electronic device
CN112866385B (en) Interface calling method and device, electronic equipment and storage medium
US20230291591A1 (en) Interaction method and apparatus, and electronic device
CN111199037A (en) Login method, system and device
CN110674481B (en) Account registration method, device, equipment and storage medium of application program
CN115102744A (en) Data access method and device
CN111857858A (en) Method and apparatus for processing information
CN111241518B (en) User authentication method, device, equipment and medium
CN110855655B (en) Information verification method, device, equipment and storage medium
CN110619101B (en) Method and apparatus for processing information
CN113079085B (en) Business service interaction method, business service interaction device, business service interaction equipment and storage medium
CN114417318A (en) Third-party page jumping method and device and electronic equipment
CN111897620A (en) Interaction method and device and electronic equipment
CN115510419A (en) Electronic equipment control method and device, electronic equipment and storage medium
CN111752625A (en) Method and device for interface mock
CN111786936A (en) Method and device for authentication
CN111125676B (en) Joint authorization method and device
CN110855767B (en) Method, device, equipment and storage medium for responding operation request
CN113641966B (en) Application integration method, system, equipment and medium
CN112261659B (en) Control method and device for terminal and server, terminal and storage medium
CN113824625B (en) Information interaction method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant