Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, partial terms or terminology appearing in the course of describing the embodiments of the application are applicable to the following explanation:
HTTPS (full name: hyper Text Transfer Protocol over SecureSocket Layer), which is an HTTP channel targeting security, guarantees the security of the transmission process by transmission encryption and identity authentication on the basis of HTTP.
RPC is an abbreviated form of remote procedure call (Remote Procedure Call) and has a C/S system similar to a three-layer architecture, and a client program of a third party calls a standard or custom function inside the system through an interface to obtain data returned by the function for processing.
The RSA encryption algorithm is an asymmetric encryption algorithm, and an RSA public key cryptosystem. The public key cryptosystem is a cryptosystem that uses different encryption keys and decryption keys, and is a "computationally infeasible" cryptosystem in which decryption keys are derived from known encryption keys.
Advanced encryption standard (Advanced Encryption Standard, AES), also known as Rijndael encryption, is a commonly used encryption standard in cryptography.
According to an aspect of the embodiment of the application, a method embodiment of a business service providing method is provided.
Alternatively, in the present embodiment, the above-described business service providing method may be applied to a hardware environment constituted by the first platform 101, the second platform 103, and the gateway 105 as shown in fig. 1. As shown in fig. 1, the gateway 105 is connected to the first platform 101 and the second platform 103 through a network, which may be used to provide authentication services for the first platform 101, and a database 107 may be provided on the gateway 105 or independent of the gateway 105, for providing data storage services for the gateway 105, where the network includes, but is not limited to: a wide area network, a metropolitan area network, or a local area network.
The method for providing the business service according to the embodiment of the present application may be performed by the gateway 105, or may be performed by the gateway 105 together with the first platform 101 and the second platform 103.
Fig. 2 is a flowchart of an alternative business service providing method according to an embodiment of the present application, and as shown in fig. 2, the method may include the steps of:
step S202, a target service request sent by a service device is obtained through a target interface, wherein the target interface is an interface on a gateway of a first platform, the target interface is used for receiving the service request requesting the first platform to provide service, the target service request is used for requesting a second platform to provide service for the first platform, and the service device is used in the second platform.
The first platform is a platform for outputting services (such as checkout service, lending service, taxi service, take-away service, etc.) to the outside; the second platform is a platform using the service output by the first platform, such as a certain online shopping platform, which uses the checkout service output by the first platform; the target interface is an interface for uniformly receiving service requests sent by the second platforms on the gateway of the first platform, and the service devices can be devices such as a server and a user terminal on the second platform.
Step S204, an authentication operation is performed on the second platform using the information determined by the service request, and the authentication operation is used to verify the identity of the second platform.
Step S206, in the case that the authentication operation to the second platform is passed, the target business service matched with the second platform is provided to the second platform.
The target business service matched with the second platforms can be determined according to the second platforms, for example, the business service which can be used by each second platform is preconfigured, that is, the business service which can be used by each second platform can be searched as long as the specific second platform is known; the above-mentioned target service matched with the second platform may also be determined according to the target service request, for example, the target service request carries an identifier of a required target service, the service that can be used by the second platform may be preconfigured (may be a plurality of service services, for example, a corresponding relationship between the second platform and a plurality of identifiers of the plurality of service services is saved), when the target service request is initiated, the identifier carried by the target service request is obtained, and in the case that the identifier is a part of the identifiers in the plurality of identifiers, the service corresponding to the identifier may be provided to the second platform.
In the related technology, required services of each merchant need to be configured independently, an independent interface is provided, encryption and decryption modes are not uniform, a blacklist or a white list cannot be controlled, each internal RPC service needs to be packaged and converted into an HTTPS protocol interface, each interface needs to apply for an external domain name independently, and the process of enabling the merchant is low in processing efficiency and resource waste. Through the steps of the application, for each second platform applying business services to the first platform, the information related to the authentication of the second platform can be stored in the gateway or the first platform in advance, and when the second platform needs to use the business services, the application is uniformly applied through the target interface of the gateway, and the independent access interface and the authority for configuring the access interface are not required to be provided according to the merchant demands, so that the technical problem of complicated operation for providing the services to the outside in the related art can be solved, and the technical effect of reducing the operation complexity for providing the services to the outside is achieved.
By adopting the technical scheme of the application, the target interface (such as HTTPS interface) of the external output gateway can be unified, and unified packaging service, security service and control service can be provided. The following further details the technical solution of the present application in connection with the steps shown in fig. 2:
In the technical solution provided in step S202, for each second platform (such as a merchant), the required services thereof can be actively configured through the background, or the required services thereof can be configured by the merchant, and the services can be directly used when the merchant is enabled (i.e. the provided services) of a certain first platform for which the merchant starts the application, for example, the merchant corresponds to the merchant (such as the identification ID of the merchant); and providing service through a target interface (such as an HTTPS interface) of the unified gateway, and acquiring a target service request sent by service equipment through the target interface by the gateway when initiating the service request.
Alternatively, for services provided to merchants, services such as upgrade maintenance, pause, stop, resume, etc. may be provided.
In the technical scheme provided in step S204, the authentication operation is performed on the second platform by using the information determined by the service request, for example, when a merchant accesses through the target interface, authentication is implemented through asymmetric encryption and decryption, so as to provide a corresponding service.
Optionally, performing an authentication operation on the second platform using the information determined by the service request includes step S2042-step S2044:
step S2042, obtaining the device address and/or key information of the service device according to the service request, wherein the key information is used for asymmetrically encrypting and decrypting the information transmitted between the first platform and the second platform.
Optionally, acquiring the device address of the service device according to the service request includes: the device address carried in the service request is obtained as the device address of the service device, and the device address can be the hardware MAC address of the device or the network IP address.
Step S2044 performs an authentication operation on the second platform using the device address and/or key information of the service device.
In the above embodiment, if the authentication is performed only by using the device address, that is, the authentication operation is performed on the second platform by using the device address of the service device, the following steps 1 to 2 may be implemented:
step 1, under the condition that a white list is configured on a second platform and the equipment address of service equipment exists in the white list, determining that the authentication operation of the service equipment passes; determining that the authentication operation on the service equipment is not passed under the condition that the second platform is configured with a white list and the equipment address of the service equipment does not exist in the white list, wherein the white list is used for storing the address of the equipment allowing information to be sent;
step 2, determining that the authentication operation of the service equipment passes under the condition that the second platform is configured with a blacklist and the equipment address of the service equipment does not exist in the blacklist; and in the case that the second platform is configured with a blacklist and the device address of the service device exists in the blacklist, determining that the authentication operation on the service device is not passed, wherein the blacklist is used for storing the address of the device which is not allowed to send information.
Optionally, taking the device address as an IP address as an example, in the verification of the blacklist and the whitelist, the order of the verification may be: if the current merchant has configured the white list IP of the access gateway, performing white list verification, namely, the IP in the white list is accessible, the IP not in the white list is directly refused, and if the current merchant has not configured the white list IP of the access gateway, the white list verification is skipped; if the current merchant has configured the blacklist IP of the access gateway, blacklist verification is carried out, namely the IP which is not in the blacklist is accessible, the IP in the blacklist is directly refused, and if the current merchant has not configured the blacklist IP of the access gateway, blacklist verification is skipped.
In the above embodiment, if only the key information is used for authentication, that is, the authentication operation is performed on the second platform by using the key information, the following steps 1 to 6 may be implemented:
step 1, determining whether a platform public key of a second platform corresponding to a platform identification (such as a merchant ID, a merchant number, etc.) in the target service request exists, wherein the key information comprises the platform public key of the second platform. The step is public key verification, which is to verify the public key of the merchant platform, and the verification logic verifies whether the merchant number is configured with public key information on the gateway platform according to the merchant number.
And step 2, determining whether a platform private key of the first platform corresponding to the temporary token in the target service request exists or not under the condition that the platform public key corresponding to the platform identification of the second platform exists, wherein the key information comprises the platform private key of the first platform.
And step 3, under the condition that the platform private key of the first platform corresponding to the temporary token exists, decrypting the encrypted message in the target service request by using the platform private key of the first platform.
And 4, under the condition that the encrypted message in the target service request is successfully decrypted by using the platform private key of the first platform, verifying the signature information of the second platform in the target service request by using the platform public key of the second platform.
And step 5, determining that the authentication operation of the service equipment passes under the condition that the verification of the signature information of the second platform by using the platform public key of the second platform passes.
And 6, determining that the authentication operation of the service equipment is not passed under the condition that the platform public key corresponding to the platform identification of the second platform does not exist or the platform private key of the first platform corresponding to the temporary token does not exist or the encrypted message in the target service request is failed to be decrypted by using the platform private key of the first platform or the verification of the signature information of the second platform by using the platform public key of the second platform is not passed.
The above steps 1-6 are verification, and according to the message Wen Miwen (or called encrypted message) in the request sent by the merchant, the decryption is performed according to the private Key of the first platform, so as to obtain the plaintext of the request message, the decryption may be performed according to the private Key of the first platform and the Key information in the request message, by RSA decryption, an encrypted random string with 16 bit length is obtained, and then by AES algorithm, the plaintext information in the Body of the request message is obtained by decryption according to the encrypted random string with 16 bit length and Body information (a component in HTTPS message). And then, assembling a signature body according to the signature rule appointed by the first platform, and checking the signature according to the public key of the merchant.
It should be noted that, the above keys are all in the form of a key pair, and the public key in the same key pair is public and can be known by other platforms, while the private key is private and only known by the platform itself.
In the above embodiment, if the device address and the key information are used to perform authentication at the same time, the step of performing authentication using the device address may be performed first, and if the device address and the key information pass, the step of performing authentication using the key information is performed again, and if either authentication fails, the authentication is regarded as failed.
In the above embodiment, if authentication is performed using only the key information, that is, the authentication operation is performed on the second platform using the key information, it may be implemented according to steps 1 to 6 as shown above.
In the technical scheme provided in step S206, a target service matched with the second platform is provided to the second platform, for example, the target service is determined according to the information obtained by decrypting the encrypted message in the target service request; the encrypted data (e.g., transaction data) of the target business service is provided to the second platform.
As an alternative embodiment, the technical solution of the present application may be divided into the following parts:
logic is implemented inside the gateway platform: the gateway platform configures the merchant, allocates corresponding interfaces according to the service required by the merchant, each accessible interface in the merchant is unique, the gateway platform supports unifying the interfaces of HTTP, HTTPS, JSF protocol types into HTTPS protocol, and the merchant can use appointed enabling service according to the merchant number, the interface type, the public key and the token allocated to the merchant.
Gateway platform call flow (merchant calls second platform): the merchant (i.e. the second platform) assembles the gateway request message according to the interface rule provided by the platform side of the first platform, including: the method comprises the steps of sending a post request (namely a service request) of HTTPS to a gateway platform by information such as a merchant number, an interface type, an external user id, a financial openId, a token, a signature, an encrypted message body, a version and the like, performing request IP black-and-white list verification, public key verification, signature verification and message body decryption on a received message by the gateway platform, routing the merchant request to a specific service on a platform side of a second platform according to the interface type, performing encryption and signature operation by the gateway platform according to a stipulated rule after receiving return information of the specific service on the platform side of the second platform, and returning the message to the merchant.
Gateway platform call flow (platform callback merchant of second platform): the platform side service of the second platform calls the service of a merchant configured to the gateway platform, and the gateway platform comprises the following steps according to the request message information of the platform side service of the second platform: and after the merchant side returns the encrypted and signed request result according to the constraint rule, the gateway platform decrypts and checks the request result of the merchant side according to the constraint rule, and returns the service plaintext result of the merchant side to the service of the second platform side.
Gateway platform processing flow: flow of platform services of the second platform requested by the external merchant: acquiring a private key of the second platform side according to the request message; acquiring a merchant side public key according to the request message; decrypting and checking the message body according to the platform side private key and the merchant side public key of the second platform to obtain a plaintext message for requesting service; routing service requested by the merchant according to the request message; according to the plaintext message, routing the plaintext message to the service requested by the merchant, and packaging the message requesting the platform service of the second platform; according to the service routed to the merchant, packaging a message requesting the platform service of the second platform, and executing specific request operation according to different protocol types (JSF/Http); checking a return result of the platform service of the second platform; encrypting and signing a returned result of the platform service of the second platform; returning a result record log; and returning the return value message of the platform side service of the second platform after the encryption signature to the merchant side.
The service routing flow: routing platform side service of a second platform requested by the merchant according to the gateway merchant number and the interface type; code for checking signature and decrypting message: acquiring a signature Key according to the signature in the merchant request message and a platform private Key of the second platform; acquiring a plaintext of a Body in a request message according to the Body and a signature Key of the request message; acquiring data to be verified according to a plaintext of Body and a request message; checking whether the signature of the request message is correct or not; returning the plaintext information of Body; and (3) checking a black-and-white list: acquiring a request IP from a message requested by a merchant; checking whether the list is in a white list; checking whether the list is in a blacklist; the platform side of the second platform recalls the code of the merchant: acquiring public key information of the merchant according to a request message of a platform side of the second platform; acquiring private key information of a platform side of the second platform according to a request message of the platform side of the second platform; constructing a message body of a request merchant according to the platform side message body of the second platform, the merchant public key and the platform side private key of the second platform; sending a request to a merchant according to the service of the platform side request message routing of the second platform; checking the return value of the merchant side; decrypting and checking the returned value of the merchant side; returning the plaintext of the return value of the merchant side to platform side service of the second platform; the code of encryption and signature (applicable object: request message when the platform of the second platform calls back the merchant, return message when the merchant requests the second platform): randomly generating an AES key; AES encrypted data; encrypting the AESkey randomly generated by the merchant by using an RSA algorithm; a data signature; and returning the encrypted and signed message body.
The technical scheme of the application is suitable for various scenes such as loan, payment, cash taking and the like, for example, an applicable business case of a loan business A is taken as an example, the business is a loan joint product which is formed by cooperation of a platform A (namely a first platform) and a platform B (namely a second platform), and two user accounts are associated and share a loan amount and support the overrun of the amount in a temple scene. The user can complete the closed-loop operation of activation, transaction, audit and repayment in the APP of the second platform, wherein the audit and repayment is realized by jumping to the bill page of the first platform, and the user can complete the activation flow of the first platform and consume the bill page on the second platform after the activation. The following further details the technical scheme of the present application in connection with the steps shown in fig. 3.
In step S302, a merchant (i.e., an ecoapplication) of the second platform initiates a request to the gateway.
Step S304, according to the merchant number in the request parameter, the associated merchant side public key is obtained.
Step S306, if the associated merchant side public key does not exist, the prompt information of access failure is returned.
Step S308, if yes, the token in the ecological side request parameter is obtained, and the associated platform side private key is obtained.
Step S310, if the associated platform side private key does not exist, the prompt information of access failure is returned.
Step S312, if so, signature verification and decryption are performed according to the platform side private key and the merchant side public key.
In step S314, if the signature verification or decryption fails, a prompt message of access failure is returned.
Step S316, if signature verification and decryption are successful, searching the corresponding merchant service according to the merchant number and the interface type.
In step S318, if no corresponding merchant service is found, a prompt message is returned to prompt that the merchant service is unregistered.
Step S320, if the corresponding merchant service is found, the merchant service is called to receive the returned result of the merchant service.
Step S322, the returned result of the merchant service is sent to the merchant side, and if the merchant side does not respond, the business interface of the merchant side is abnormal.
Step S324, if the merchant side responds, the returned result sent by the business interface of the merchant side is decrypted and the signature is verified.
Step S326, if the decryption and signature verification are passed, the gateway returns corresponding information to the merchant side according to the return result.
By adopting the technical scheme of the application, the service required by the merchant is unified in protocol, the security authentication mechanism and the access control mechanism are unified, the management system functions of roles are enriched, the management efficiency is improved, and the enabling efficiency of products is improved.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.
From the description of the above embodiments, it will be clear to a person skilled in the art that the method according to the above embodiments may be implemented by means of software plus the necessary general hardware platform, but of course also by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present application.
According to another aspect of the embodiment of the present application, there is also provided a service providing apparatus for implementing the above service providing method. Fig. 4 is a schematic diagram of an alternative business service providing apparatus according to an embodiment of the present application, and as shown in fig. 4, the apparatus may include:
an obtaining unit 401, configured to obtain, through a target interface, a target service request sent by a service device, where the target interface is an interface on a gateway of a first platform, the target interface is configured to receive a service request that requests the first platform to provide a service, the target service request is configured to request a second platform to provide a service for the first platform, and the service device is a device used in the second platform;
an authentication unit 403, configured to perform an authentication operation on the second platform using information determined by the service request, where the authentication operation is used to verify an identity of the second platform;
and the service unit 405 is configured to provide, to the second platform, a target business service that matches the second platform, if the authentication operation on the second platform passes.
It should be noted that, the acquiring unit 401 in this embodiment may be used to perform step S202 in the embodiment of the present application, the authentication unit 403 in this embodiment may be used to perform step S204 in the embodiment of the present application, and the service unit 405 in this embodiment may be used to perform step S206 in the embodiment of the present application.
It should be noted that the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to what is disclosed in the above embodiments. It should be noted that the above modules may be implemented in software or hardware as a part of the apparatus in the hardware environment shown in fig. 1.
In the related technology, required services of each merchant need to be configured independently, an independent interface is provided, encryption and decryption modes are not uniform, a blacklist or a white list cannot be controlled, each internal RPC service needs to be packaged and converted into an HTTPS protocol interface, each interface needs to apply for an external domain name independently, and the process of enabling the merchant is low in processing efficiency and resource waste. Through the steps of the application, for each second platform applying business services to the first platform, the information related to the authentication of the second platform can be stored in the gateway or the first platform in advance, and when the second platform needs to use the business services, the application is uniformly applied through the target interface of the gateway, and the independent access interface and the authority of the access interface are not required to be provided according to the merchant demands, so that the technical problem of complicated operation of providing the services to the outside in the related art can be solved, and the technical effect of reducing the operation complexity of providing the services to the outside is achieved.
Optionally, the authentication unit includes: the acquisition module is used for acquiring equipment address and/or key information of the service equipment according to the service request, wherein the key information is used for asymmetrically encrypting and decrypting information transmitted between the first platform and the second platform; and the authentication module is used for executing the authentication operation on the second platform by using the equipment address of the service equipment and/or the secret key information.
Optionally, the authentication module is further operable to: determining that the authentication operation of the service equipment passes under the condition that the second platform is configured with a white list and the equipment address of the service equipment exists in the white list; determining that the authentication operation on the service equipment is not passed under the condition that the second platform is configured with the white list and the equipment address of the service equipment does not exist in the white list, wherein the white list is used for storing the address of equipment allowing information to be sent; determining that the authentication operation of the service equipment passes under the condition that the second platform is configured with a blacklist and the equipment address of the service equipment does not exist in the blacklist; and under the condition that the second platform is configured with the blacklist and the device address of the service device exists in the blacklist, determining that the authentication operation of the service device is not passed, wherein the blacklist is used for storing the address of the device which is not allowed to send information.
Optionally, the authentication module is further operable to: determining whether a platform public key of the second platform corresponding to the platform identifier in the target service request exists, wherein the key information comprises the platform public key of the second platform; determining whether a platform private key of the first platform corresponding to a temporary token in the target service request exists or not under the condition that a platform public key corresponding to a platform identifier of the second platform exists, wherein the key information comprises the platform private key of the first platform; under the condition that the platform private key of the first platform corresponding to the temporary token exists, decrypting the encrypted message in the target service request by using the platform private key of the first platform; under the condition that the encrypted message in the target service request is successfully decrypted by using the platform private key of the first platform, verifying the signature information of the second platform in the target service request by using the platform public key of the second platform; determining that the authentication operation of the service equipment passes under the condition that the verification of the signature information of the second platform by using the platform public key of the second platform passes; and determining that the authentication operation of the service equipment is not passed under the condition that the platform public key corresponding to the platform identification of the second platform does not exist or the platform private key of the first platform corresponding to the temporary token does not exist or the encrypted message in the target service request is failed to be decrypted by using the platform private key of the first platform or the verification of the signature information of the second platform by using the platform public key of the second platform is not passed.
Optionally, the acquiring module may be further configured to acquire an equipment address carried in the service request as an equipment address of the service device.
Optionally, the service unit may be further configured to determine the target service according to information obtained by decrypting the encrypted packet in the target service request; and providing the encrypted data of the target business service for the second platform.
It should be noted that the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to what is disclosed in the above embodiments. It should be noted that the above modules may be implemented in software or in hardware as part of the apparatus shown in fig. 1, where the hardware environment includes a network environment.
According to another aspect of the embodiment of the present application, there is also provided a server or a terminal for implementing the above-mentioned providing method of business service.
Fig. 5 is a block diagram of a terminal according to an embodiment of the present application, and as shown in fig. 5, the terminal may include: one or more (only one is shown in fig. 5) processors 501, memory 503, and transmission means 505, as shown in fig. 5, the terminal may further comprise input output devices 507.
The memory 503 may be used to store software programs and modules, such as program instructions/modules corresponding to the method and apparatus for providing a business service in the embodiment of the present application, and the processor 501 executes the software programs and modules stored in the memory 503, thereby performing various functional applications and data processing, that is, implementing the method for providing a business service described above. Memory 503 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, the memory 503 may further include memory located remotely from the processor 501, which may be connected to the terminal via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 505 is used for receiving or transmitting data via a network, and may also be used for data transmission between the processor and the memory. Specific examples of the network described above may include wired networks and wireless networks. In one example, the transmission device 505 includes a network adapter (Network Interface Controller, NIC) that may be connected to other network devices and routers via a network cable to communicate with the internet or a local area network. In one example, the transmission device 505 is a Radio Frequency (RF) module, which is used to communicate with the internet wirelessly.
Wherein in particular the memory 503 is used for storing application programs.
The processor 501 may call an application stored in the memory 503 via the transmission means 505 to perform the following steps:
the method comprises the steps that a target service request sent by service equipment is obtained through a target interface, wherein the target interface is an interface on a gateway of a first platform, the target interface is used for receiving the service request for requesting the first platform to provide service, the target service request is used for requesting a second platform to provide service for the first platform, and the service equipment is equipment used in the second platform;
performing an authentication operation on the second platform using the information determined by the service request, wherein the authentication operation is used for verifying the identity of the second platform;
and providing the target business service matched with the second platform to the second platform under the condition that the authentication operation of the second platform is passed.
Alternatively, specific examples in this embodiment may refer to examples described in the foregoing embodiments, and this embodiment is not described herein.
It will be appreciated by those skilled in the art that the structure shown in fig. 5 is only illustrative, and the terminal may be a smart phone (such as an Android phone, an iOS phone, etc.), a tablet computer, a palmtop computer, a mobile internet device (Mobile Internet Devices, MID), a PAD, etc. Fig. 5 is not limited to the structure of the electronic device. For example, the terminal may also include more or fewer components (e.g., network interfaces, display devices, etc.) than shown in fig. 5, or have a different configuration than shown in fig. 5.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program for instructing a terminal device to execute in association with hardware, the program may be stored in a computer readable storage medium, and the storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic or optical disk, and the like.
The embodiment of the application also provides a storage medium. Alternatively, in the present embodiment, the above-described storage medium may be used for executing the program code of the providing method of the business service.
Alternatively, in this embodiment, the storage medium may be located on at least one network device of the plurality of network devices in the network shown in the above embodiment.
Alternatively, in the present embodiment, the storage medium is configured to store program code for performing the steps of:
the method comprises the steps that a target service request sent by service equipment is obtained through a target interface, wherein the target interface is an interface on a gateway of a first platform, the target interface is used for receiving the service request for requesting the first platform to provide service, the target service request is used for requesting a second platform to provide service for the first platform, and the service equipment is equipment used in the second platform;
Performing an authentication operation on the second platform using the information determined by the service request, wherein the authentication operation is used for verifying the identity of the second platform;
and providing the target business service matched with the second platform to the second platform under the condition that the authentication operation of the second platform is passed.
Alternatively, specific examples in this embodiment may refer to examples described in the foregoing embodiments, and this embodiment is not described herein.
Alternatively, in the present embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
The integrated units in the above embodiments may be stored in the above-described computer-readable storage medium if implemented in the form of software functional units and sold or used as separate products. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing one or more computer devices (which may be personal computers, servers or network devices, etc.) to perform all or part of the steps of the method described in the embodiments of the present application.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In several embodiments provided by the present application, it should be understood that the disclosed client may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, such as the division of the units, is merely a logical function division, and may be implemented in another manner, for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The foregoing is merely a preferred embodiment of the present application and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present application, which are intended to be comprehended within the scope of the present application.