CN112181541A - Data processing method and device, electronic equipment and storage medium - Google Patents
Data processing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN112181541A CN112181541A CN202011055118.6A CN202011055118A CN112181541A CN 112181541 A CN112181541 A CN 112181541A CN 202011055118 A CN202011055118 A CN 202011055118A CN 112181541 A CN112181541 A CN 112181541A
- Authority
- CN
- China
- Prior art keywords
- gateway function
- target
- gateway
- interface
- service request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4482—Procedural
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a data processing method, a data processing device, an electronic device and a storage medium, wherein the method comprises the following steps: after receiving a service request sent by a caller, the gateway determines a corresponding target interface in the gateway according to a target interface identifier contained in the service request, calls a corresponding target gateway function module from a preset universal gateway function template according to a target gateway function annotation contained in the service request, and verifies the service request according to a preset target gateway function strategy corresponding to the target interface. In the scheme, the corresponding gateway function module can be directly obtained from the preset general gateway function template according to the target gateway function annotation contained in the service request, the development of the gateway function is not needed, and the gateway function modules are obtained from the same general gateway function module, so that the style is uniform, the management and the maintenance are convenient, and in addition, when an interface is configured, the gateway function does not need to be considered, the development of the gateway function is not needed, and the workload is reduced.
Description
Technical Field
The present application relates to the field of internet, and in particular, to a data processing method and apparatus, an electronic device, and a storage medium.
Background
With the development of business, internet companies open more or less external interfaces to systems, and the interfaces are provided to external companies or departments in the form of APIs. In order to facilitate functions of unified management, unified authentication, a unified signature authentication mechanism, flow early warning and the like, a unified gateway, namely an API gateway is introduced, and the API gateway is a unique entrance called externally.
The existing API gateway adopts different verification schemes for external interfaces, which are different and identical, and usually uses hard coding to implement various gateway functions (such as parameter verification, current limiting, system protection, interface authentication, etc.), but since different developers may have different development languages and development environments, the styles cannot be unified, and the technical stack is also five-fold and is not easy to manage and maintain.
Disclosure of Invention
In order to solve the technical problems or at least partially solve the technical problems, the present application provides a data processing method, an apparatus, an electronic device and a storage medium.
In a first aspect, the present application provides a data processing method, including:
the gateway receives a service request sent by a calling party, wherein the service request carries a target interface identifier and a target gateway function annotation;
determining a target interface corresponding to the target interface identifier in the gateway;
acquiring a pre-stored target gateway function strategy corresponding to the target interface;
acquiring a gateway function module corresponding to the target gateway function annotation from a preset general gateway function template as a target gateway function module according to the target gateway function annotation, wherein the general gateway function template is a general template class which is obtained by abstracting gateway function logic and comprises a plurality of gateway function modules, and one gateway function module is used for realizing one gateway function;
and verifying the service request by utilizing the target gateway function module and the target gateway function strategy.
In a possible implementation manner, the obtaining a pre-stored target gateway function policy corresponding to the target interface includes:
presetting the corresponding relation between each interface in the network system and the gateway function strategy, and determining the target gateway function strategy corresponding to the target interface according to the corresponding relation.
In one possible implementation, the verifying the service request by using the target gateway function module and the target gateway function policy includes:
calling a target gateway function module to check the service request;
and if the service request conforms to the target gateway function policy corresponding to the target gateway function module, determining that the service request passes the verification.
In one possible implementation, the target gateway function module includes a current limiting function module;
the method further comprises the following steps:
detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold;
if the number of times is larger than the number threshold, the number of times of requests which are allowed to be received by the interface per second in the current limiting function strategy corresponding to the current limiting function module is set as a target number of times, so that the number of times of the service requests sent by the calling party are received by the target interface is reduced.
In one possible implementation, the target gateway function module includes an authentication function module;
the method further comprises the following steps:
detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold;
if the number of times is larger than the threshold value, the interface access authority corresponding to the calling party in the authentication function strategy corresponding to the authentication function module is set to be access prohibition, so that the target interface does not receive the service request sent by the calling party any more.
In a second aspect, an embodiment of the present application further provides a data processing apparatus, including:
the receiving module is used for receiving a service request sent by a calling party by a gateway, wherein the service request carries a target interface identifier and a target gateway function annotation;
the interface determining module is used for determining a target interface corresponding to the target interface identifier in the gateway;
the strategy acquisition module is used for acquiring a pre-stored target gateway function strategy corresponding to the target interface;
the function determining module is used for acquiring a gateway function module corresponding to the target gateway function annotation from a preset general gateway function template as a target gateway function module according to the target gateway function annotation, wherein the general gateway function template is a general template class which is obtained by abstracting gateway function logic and comprises a plurality of gateway function modules, and one gateway function module is used for realizing a gateway function;
and the checking module is used for checking the service request by utilizing the target gateway function module and the target gateway function strategy.
In a possible implementation manner, the policy obtaining module is specifically configured to:
presetting the corresponding relation between each interface in the network system and the gateway function strategy, and determining the target gateway function strategy corresponding to the target interface according to the corresponding relation.
In a possible implementation manner, the verification module is specifically configured to:
calling a target gateway function module to check the service request;
and if the service request conforms to the target gateway function policy corresponding to the target gateway function module, determining that the service request passes the verification.
In one possible implementation, the target gateway function module includes a current limiting function module;
the device also comprises a current limiting strategy adjusting module, which is specifically used for:
detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold;
if the number of times is larger than the number threshold, the number of times of requests which are allowed to be received by the interface per second in the current limiting function strategy corresponding to the current limiting function module is set as a target number of times, so that the number of times of the service requests sent by the calling party are received by the target interface is reduced.
In one possible implementation, the target gateway function module includes an authentication function module;
the device further comprises an authentication policy adjustment module, specifically configured to:
detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold;
if the number of times is larger than the threshold value, the interface access authority corresponding to the calling party in the authentication function strategy corresponding to the authentication function module is set to be access prohibition, so that the target interface does not receive the service request sent by the calling party any more.
In a third aspect, an embodiment of the present application further provides an electronic device, including: a processor and a memory, the processor being configured to execute a data processing program stored in the memory to implement the data processing method of the first aspect.
In a fourth aspect, the present application further provides a storage medium, where the storage medium stores one or more programs, and the one or more programs are executable by one or more processors to implement the data processing method according to the first aspect.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
according to the data processing method provided by the embodiment of the application, after a service request sent by a calling party is received, a corresponding target interface in a gateway is determined according to a target interface identifier contained in the service request, a corresponding target gateway function module is called from a preset general gateway function template according to a target gateway function annotation contained in the service request, and verification is carried out according to a preset target gateway function strategy corresponding to the target interface. In the scheme, the corresponding gateway function module can be directly obtained from the preset general gateway function template according to the target gateway function annotation contained in the service request, the gateway function does not need to be developed, the gateway function modules are obtained from the same general gateway function module, so that the style is unified, the management and the maintenance are convenient, the gateway function does not need to be considered when an interface is configured, the gateway function does not need to be developed, and the workload is reduced.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is an application scenario diagram of an API gateway provided in an embodiment of the present application;
fig. 2 is a flowchart of a data processing method according to an embodiment of the present application;
fig. 3 is a block diagram of a data processing apparatus according to an embodiment of the present application;
fig. 4 is a schematic view of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
To facilitate an understanding of the embodiments of the present application, prior to the description of the present application, the terms referred to herein are explained:
sentinel: the sentinel is a high-availability traffic protection component oriented to a distributed service architecture, mainly takes traffic as an entry point, and helps a developer to ensure the stability of micro-services from multiple dimensions of current limiting, traffic shaping, fusing degradation, system load protection, hotspot protection and the like.
API gateway: the API gateway encapsulates a plurality of micro-services in a business system, provides a unique access entrance to the outside, realizes high cohesion in the system, achieves loose coupling effect through gateway interaction between the systems, introduces the API gateway and can polymerize the interface to enable the services to be transparent to a calling party, reduces the coupling degree of the calling party and the service party, aggregates background services, saves flow, improves performance, improves user experience, and provides API management functions of safety, flow control, filtering, caching, charging, monitoring and the like.
In order to facilitate understanding of the embodiment of the present invention, an application scenario of the gateway is briefly described:
referring to fig. 1, an application scenario diagram of an API gateway is shown, where the application scenario diagram includes an API gateway, a caller, and a server, where the server is a party providing a service, such as a microservice, and the caller is a party using the service, such as a client or a pc, and one API gateway may be connected to multiple servers and multiple callers, and when the caller invokes a certain service, the API gateway sends a corresponding service request, and after receiving the service request, the API gateway checks the service request, and after the check is passed, sends the service request to the corresponding server.
In order to solve the problems of large development workload and inconvenience in maintenance and management of the existing API gateway, the embodiment of the application provides a system, and the system is used for configuring the gateway.
A first part: the application is integrated with the sentinel, the relevant api resources of the sentinel are introduced, the rules are loaded into the memory managed by the sentinel through the manager corresponding to the sentinel rules (such as FlowRuleManager, SystemRuleManager, ParamFlowRuleManager and the like), the functions of the sentinel are managed in the system, and the sentinel can be dynamically loaded and configured into the system in real time.
The role of the first part is: the system layer is accessed to the sentinel frame and supports dynamic loading and unloading of sentinel functions.
A second part: the configuration management system is integrated with the sentinel, a visual sentinel policy management function is provided, and specific policies of various sentinel functions can be configured. The reason why the configuration management system and the sentinel are adopted is that the method can more conveniently manage the sentinel rules in time to deal with some sudden and abnormal situations, for example, a calling party is arranged in front of a gateway interface which is always and concurrently called due to abnormal retry or hacking attack, at this time, if the abnormal request amount is not enough to cause the application of the gateway to be down or other abnormal situations, the sentinel rules can be adjusted through the configuration management system, for example, the authentication information of the calling party in the interface is removed, that is, the calling party is prohibited from accessing the interface, or a strategy corresponding to the current limiting function is adjusted, the access amount allowed per second is adjusted to a preset amount, so that the protection effect on the gateway is realized, wherein the preset amount can be the amount set according to the requirements.
The second part functions as: the policy corresponding to the current limiting function may limit the number of requests allowed to be received per second, and the policy corresponding to the authentication function may limit the service corresponding to the interface to be used only by some callers. The second part mainly has two characteristics, one is visual integrated management, and the other is real-time effect into the system.
And a third part: the gateway function module is used for realizing one gateway function, and the core of the template design mode is a step of defining an algorithm and allows subclasses to provide specific realization for one or more steps. The algorithm of template definition includes: parameter check, gateway functions (such as authentication, current limiting and the like) realized by sentinel, service call, power and the like, wherein the gateway functions realized by sentinel can select whether the gateway functions are needed or not through hooks.
The third part functions as follows: the method is used for simplifying the maintenance and development workload of the gateway interface. Because all external interfaces in the gateway are exposed from the gateway application and almost all external interfaces need the requirements of authentication, current limiting, power and the like, a set of general current limiting, authentication and other functions are realized on the gateway layer for all the interfaces in a template mode. However, because the interface details corresponding to each service are different, the template class only defines the steps of completely universal implementation and the whole interface, some detail implementation in the steps needs to be realized by each service, the key point of the part is universal encapsulation and cost reduction of subsequent development, and the interface only focuses on the service logic to be realized by the interface, but not the functions of the system and interface security level.
The system can realize the configuration of the gateway and realize the corresponding gateway function according to the configuration, and the application mainly comprises the following steps:
after the system is accessed to sentinel, strategy configuration is carried out on each interface of the gateway, and each time a service request sent by a calling party comes, the service request is verified by strategies such as authentication, current limiting and the like according to the configured strategies.
In an embodiment, since a gateway generally includes a pair of interfaces, one interface generally corresponds to one service, and different interfaces generally correspond to different services, policy of gateway functions corresponding to different services may be different, and thus, policy configuration of each interface of the gateway may include:
and under the condition of displaying the strategy configuration interface, receiving the gateway function strategy input by the user aiming at each interface in the strategy configuration interface, establishing the corresponding relation between each interface and the input gateway function strategy, and storing.
And subsequently, acquiring the gateway function strategy corresponding to each interface according to the corresponding relation.
According to the system, the gateway function is extracted from the service function into the template class, the template design mode is adopted, the gateway function of the interface, such as parameter verification, current limiting, system protection, interface authentication and the like, is encapsulated into the template class, the gateway function provides hooks for the interface to realize flexible gateway assembly, the function development complexity is reduced to a high degree, the development steps are simplified, and the function iteration and maintenance efficiency is improved. When an interface is newly added, only a service is needed to be realized, the flexible configuration and the universal technical framework of the gateway can be realized by utilizing the system, the functions of authentication, current limiting and the like are completely put into the unified gateway application for management, and when the gateway is maintained, only the universal templates need to be maintained, so that the system is convenient and simple, the gateway function strategy can be modified in real time, and the universal function templates can be reused.
In the following, a data processing method provided in an embodiment of the present application is described, where the method is applied to the above-mentioned system, and referring to fig. 2, the method may include the following steps:
and S21, the gateway receives a service request sent by a calling party, wherein the service request carries a target interface identifier and a target gateway function annotation.
In one embodiment, the gateway is an API gateway that is configured in the system in advance.
When a service request sent by a caller is received, the service request is analyzed to obtain a target interface identifier and a target gateway function annotation contained in the request, where the target interface identifier is an identifier of a gateway interface corresponding to the service requested by the caller, and the target gateway function annotation is an annotation of a gateway function corresponding to the service requested by the caller.
And S22, determining a target interface corresponding to the target interface identifier in the gateway.
In an embodiment, a corresponding identifier is set for each interface in the gateway in advance, and the corresponding interface can be determined according to the interface identifier.
In an embodiment, since one service usually corresponds to one interface, a corresponding relationship between a service identifier (i.e. an identifier of the service, such as a service ID) and the interface may also be preset, and since the caller needs to call the corresponding service, the service request sent by the caller should include the service identifier corresponding to the service to be called, and the service identifier may be used as a target interface identifier, and then the corresponding target interface is determined according to the preset corresponding relationship between the service identifier and the interface.
And S23, acquiring a pre-stored target gateway function strategy corresponding to the target interface.
In an embodiment, a correspondence between each interface in the network system and a gateway function policy is preset, and a target gateway function policy corresponding to the target interface is determined according to the correspondence.
In an embodiment, the correspondence between each interface and the gateway function policy may be set in the following manner:
the method comprises the steps that a strategy configuration interface is displayed in a system, the interface comprises strategy configuration windows corresponding to interfaces, one strategy configuration window corresponds to one gateway function, one interface possibly corresponds to a plurality of strategy configuration windows, and a user inputs a corresponding gateway function strategy in the window, so that the system can acquire the gateway function strategy corresponding to each interface, and after the gateway function strategy is acquired, the corresponding relation between the gateway function strategy and the gateway function and the corresponding relation between the gateway function strategy and the interface are established.
In an example, the policy configuration interface may include a policy configuration window corresponding to each gateway function module included in the generic gateway function template, so that a user may complete policy configuration for each gateway function in the policy configuration interface.
And S24, acquiring a gateway function module corresponding to the target gateway function annotation from a preset general gateway function module as the target gateway function module according to the target gateway function annotation, wherein the general gateway function module is a general template class which is obtained by abstracting gateway function logic and comprises a plurality of gateway function modules, and one gateway function module is used for realizing a gateway function.
In an embodiment, the module including a plurality of gateway function modules obtained by abstracting the gateway function logic includes:
splitting a gateway function logic, namely a code corresponding to a gateway function, splitting a code for realizing one gateway function into one block, and then respectively encapsulating each block of code into one gateway function module, thereby obtaining a plurality of gateway function modules for realizing different gateway functions.
In an embodiment, only the steps of completely general implementation and the whole interface are defined in the generic gateway function template, but the details of the steps may be different due to different services, for example, some services need an authentication function, some services do not need an authentication function, and in order to reduce the subsequent development cost, the details of the steps are implemented by the service itself, that is, when configuring the interface of the gateway, the generic gateway function template containing all the generic gateway function modules is set, the interface in the gateway can implement the call to the gateway function modules, however, according to the characteristics of the service corresponding to the interface, the interface may not need to call all the gateway function modules when applying, so that the target function annotation (the specific content of which may be determined by the service to be called) may be added in the service request sent by the caller, according to the method, when the interface of the gateway is configured, only the service logic to be realized by the interface is needed to be concerned, only the gateway function strategy is needed to be configured, the specific gateway function is not needed to be concerned, and the additional development of the gateway function is not needed when the interface is newly added, so that the workload is reduced.
In an embodiment, the determination of the target gateway function module may be implemented by a hook manner, specifically, a judgment logic is set in the gateway function module in the universal gateway function template in a manner of uniformly burying points, the judgment logic judges a target gateway function annotation, if the judgment result is yes, it is determined that the gateway function module corresponding to the judgment logic is called, that is, it is determined that the gateway function module corresponding to the judgment logic is the target gateway function module, if the judgment result is no, it is determined that the gateway function module corresponding to the judgment logic is not called, that is, it is determined that the gateway function module corresponding to the judgment logic is not the target gateway function module, and the specific judgment logic and the target gateway function annotation are set according to requirements.
And S25, verifying the service request by using the target gateway function module and the target gateway function strategy.
In an embodiment, S25 may invoke the target gateway function module to check the service request, determine whether the service request conforms to the target gateway function policy corresponding to the target gateway function module, and determine that the service request passes the check if the service request conforms to the target gateway function policy corresponding to the target gateway function module.
For example, the target gateway function module includes a current limiting module and an authentication module, where a gateway function policy corresponding to the current limiting module is that the interface is allowed to receive 100 service requests per second, and a list of callers allowed to access the interface is set in a gateway function policy corresponding to the authentication module, and then checking the service request by using the target gateway function module and the corresponding target gateway function policy may include:
analyzing the service request to obtain the information of a calling party sending the service request, determining whether the calling party is in a list of calling parties allowing access to the interface or not according to the information of the calling party, if not, the service request is failed to be verified, if so, judging whether the service request received by the interface within one second currently exceeds 100, if so, the service request is failed to be verified, and if not, the service request is passed.
According to the data processing method provided by the embodiment of the application, after a service request sent by a calling party is received, a corresponding target interface in a gateway is determined according to a target interface identifier contained in the service request, a corresponding target gateway function module is called from a preset general gateway function template according to a target gateway function annotation contained in the service request, and the service request is verified according to a preset target gateway function strategy corresponding to the target interface. In the scheme, the corresponding gateway function module can be directly obtained from the preset general gateway function template according to the target gateway function annotation contained in the service request, the development of the gateway function is not needed, the gateway function modules are obtained from the same general gateway function module, so that the style is unified, the management and the maintenance are convenient, the gateway function is not needed to be considered when the interface is configured, the development of the gateway function is not needed, and the workload is reduced.
On the basis of the foregoing embodiment, if the target gateway function module includes the current limiting function module, the data processing method may further include:
and detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold, if so, setting the number of times that the interface in the current limiting function strategy corresponding to the current limiting function module allows to receive the request per second as a target number of times so as to reduce the number of times that the target interface receives the service request sent by the caller.
The preset duration, the time threshold and the target times can be set according to requirements, and flexible configuration of the interface is achieved.
In this embodiment, by the above method, when a caller calls an interface all the time concurrently due to reasons such as abnormal retry or hacking, the amount of requests received by the interface can be reduced in time, so as to avoid the interface downtime or other abnormalities caused by an excessive abnormal request amount.
On the basis of the foregoing embodiment, if the target gateway function module includes an authentication function module, the data processing method may further include:
and detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset time threshold, if so, setting the interface access authority corresponding to the caller in the authentication function strategy corresponding to the authentication function module as access prohibition so that the target interface does not receive the service request sent by the caller any more.
Wherein the number threshold is a value set according to the requirement.
In this embodiment, by the above method, when a caller calls an interface all the time concurrently due to reasons such as abnormal retry or hacking, the amount of requests received by the interface can be reduced in time, so as to avoid the interface downtime or other abnormalities caused by an excessive abnormal request amount.
An embodiment of the present application further provides a data processing apparatus, and referring to fig. 3, the apparatus may include:
a receiving module 301, configured to receive, by a gateway, a service request sent by a caller, where the service request carries a target interface identifier and a target gateway function annotation;
an interface determining module 302, configured to determine a target interface in the gateway corresponding to the target interface identifier;
a policy obtaining module 303, configured to obtain a pre-stored target gateway function policy corresponding to the target interface;
a function determining module 304, configured to obtain, according to the target gateway function annotation, a gateway function module corresponding to the target gateway function annotation from a preset general gateway function template as a target gateway function module, where the general gateway function template is a general template class including a plurality of gateway function modules obtained by abstracting gateway function logic, and one gateway function module is used to implement a gateway function;
a checking module 305, configured to check the service request by using the target gateway function module and the target gateway function policy.
In an embodiment, the policy obtaining module 303 is specifically configured to:
presetting the corresponding relation between each interface in the network system and the gateway function strategy, and determining the target gateway function strategy corresponding to the target interface according to the corresponding relation.
In an embodiment, the verification module 305 is specifically configured to:
calling a target gateway function module to check the service request;
and if the service request conforms to the target gateway function policy corresponding to the target gateway function module, determining that the service request passes the verification.
In an embodiment, the target gateway function module includes a current limiting function module, and the apparatus further includes a current limiting policy adjusting module (not shown in the figure), specifically configured to:
detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold;
if the number of times is larger than the number threshold, the number of times of requests which are allowed to be received by the interface per second in the current limiting function strategy corresponding to the current limiting function module is set as a target number of times, so that the number of times of the service requests sent by the calling party are received by the target interface is reduced.
In an embodiment, the target gateway function module includes an authentication function module, and the apparatus further includes an authentication policy adjustment module (not shown in the figure), specifically configured to:
detecting whether the number of times that the gateway receives the service request sent by the caller in a preset time length is greater than a preset number threshold;
if the number of times is larger than the threshold value, the interface access authority corresponding to the calling party in the authentication function strategy corresponding to the authentication function module is set to be access prohibition, so that the target interface does not receive the service request sent by the calling party any more.
In another embodiment of the present application, an electronic device is further provided, as shown in fig. 4, including a processor 401, a communication interface 402, a memory 403, and a communication bus 404, where the processor 401, the communication interface 402, and the memory 403 complete communication with each other through the communication bus 404;
a memory 403 for storing a computer program;
the processor 401, when executing the program stored in the memory 403, implements the following steps:
the gateway receives a service request sent by a calling party, wherein the service request carries a target interface identifier and a target gateway function annotation;
determining a target interface corresponding to the target interface identifier in the gateway;
acquiring a pre-stored target gateway function strategy corresponding to the target interface;
acquiring a gateway function module corresponding to the target gateway function annotation from a preset general gateway function template as a target gateway function module according to the target gateway function annotation, wherein the general gateway function template is a general template class which is obtained by abstracting gateway function logic and comprises a plurality of gateway function modules, and one gateway function module is used for realizing one gateway function;
and verifying the service request by utilizing the target gateway function module and the target gateway function strategy.
The communication bus 404 mentioned in the above electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus 404 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 4, but this does not mean that there is only one bus or one type of bus.
The communication interface 402 is used for communication between the above-described electronic apparatus and other apparatuses.
The Memory 403 may include a Random Access Memory (RAM) or a non-volatile Memory (non-volatile Memory), such as at least one magnetic disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor 401 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In another embodiment of the present application, a computer-readable storage medium is further provided, wherein the computer-readable storage medium stores thereon a data processing method program, and when the data processing method program is executed by a processor, the data processing method program implements the steps of any of the data processing methods described above.
When the embodiment of the invention is specifically implemented, reference can be made to the above embodiments, and corresponding technical effects are achieved.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (12)
1. A data processing method, comprising:
the gateway receives a service request sent by a calling party, wherein the service request carries a target interface identifier and a target gateway function annotation;
determining a target interface corresponding to the target interface identifier in the gateway;
acquiring a pre-stored target gateway function strategy corresponding to the target interface;
acquiring a gateway function module corresponding to the target gateway function annotation from a preset general gateway function template as a target gateway function module according to the target gateway function annotation, wherein the general gateway function template is a general template class which is obtained by abstracting gateway function logic and comprises a plurality of gateway function modules, and one gateway function module is used for realizing one gateway function;
and verifying the service request by utilizing the target gateway function module and the target gateway function strategy.
2. The method of claim 1, wherein the obtaining a pre-stored target gateway function policy corresponding to the target interface comprises:
presetting the corresponding relation between each interface in the network system and the gateway function strategy, and determining the target gateway function strategy corresponding to the target interface according to the corresponding relation.
3. The method of claim 1, wherein verifying the service request using the target gateway function module and the target gateway function policy comprises:
calling a target gateway function module to check the service request;
and if the service request conforms to the target gateway function strategy corresponding to the target gateway function module, determining that the service request passes the verification.
4. The method of claim 1, wherein the target gateway function comprises a current limit function;
the method further comprises the following steps:
detecting whether the frequency of the gateway receiving the service request sent by the caller in a preset time length is greater than a preset frequency threshold value;
if the number of times is larger than the number threshold, the number of times of requests which are allowed to be received by the interface per second in the current limiting function strategy corresponding to the current limiting function module is set as a target number of times, so that the number of times of the service requests sent by the calling party are received by the target interface is reduced.
5. The method of claim 1, wherein the target gateway function module comprises an authentication function module;
the method further comprises the following steps:
detecting whether the frequency of the gateway receiving the service request sent by the caller in a preset time length is greater than a preset frequency threshold value;
if the number of times is larger than the threshold value, the interface access authority corresponding to the calling party in the authentication function strategy corresponding to the authentication function module is set to be access prohibition, so that the target interface does not receive the service request sent by the calling party any more.
6. A data processing apparatus, comprising:
the receiving module is used for receiving a service request sent by a calling party by a gateway, wherein the service request carries a target interface identifier and a target gateway function annotation;
the interface determining module is used for determining a target interface corresponding to the target interface identifier in the gateway;
the strategy acquisition module is used for acquiring a pre-stored target gateway function strategy corresponding to the target interface;
the function determining module is used for acquiring a gateway function module corresponding to the target gateway function annotation from a preset general gateway function template as a target gateway function module according to the target gateway function annotation, wherein the general gateway function template is a general template class which is obtained by abstracting gateway function logic and comprises a plurality of gateway function modules, and one gateway function module is used for realizing a gateway function;
and the checking module is used for checking the service request by utilizing the target gateway function module and the target gateway function strategy.
7. The apparatus of claim 6, wherein the policy acquisition module is specifically configured to:
presetting the corresponding relation between each interface in the network system and the gateway function strategy, and determining the target gateway function strategy corresponding to the target interface according to the corresponding relation.
8. The apparatus of claim 6, wherein the verification module is specifically configured to:
calling a target gateway function module to check the service request;
and if the service request conforms to the target gateway function strategy corresponding to the target gateway function module, determining that the service request passes the verification.
9. The apparatus of claim 6, wherein the target gateway function comprises a current limit function;
the device also comprises a current limiting strategy adjusting module, which is specifically used for:
detecting whether the frequency of the gateway receiving the service request sent by the caller in a preset time length is greater than a preset frequency threshold value;
if the number of times is larger than the number threshold, the number of times of requests which are allowed to be received by the interface per second in the current limiting function strategy corresponding to the current limiting function module is set as a target number of times, so that the number of times of the service requests sent by the calling party are received by the target interface is reduced.
10. The apparatus of claim 6, wherein the target gateway function module comprises an authentication function module;
the device further comprises an authentication policy adjustment module, specifically configured to:
detecting whether the frequency of the gateway receiving the service request sent by the caller in a preset time length is greater than a preset frequency threshold value;
if the number of times is larger than the threshold value, the interface access authority corresponding to the calling party in the authentication function strategy corresponding to the authentication function module is set to be access prohibition, so that the target interface does not receive the service request sent by the calling party any more.
11. An electronic device, comprising: a processor and a memory, the processor being configured to execute a data processing program stored in the memory to implement the data processing method of any one of claims 1 to 5.
12. A storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement the data processing method of any one of claims 1-5.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011055118.6A CN112181541A (en) | 2020-09-29 | 2020-09-29 | Data processing method and device, electronic equipment and storage medium |
| PCT/CN2021/120870 WO2022068761A1 (en) | 2020-09-29 | 2021-09-27 | Data processing method and apparatus, electronic device, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011055118.6A CN112181541A (en) | 2020-09-29 | 2020-09-29 | Data processing method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112181541A true CN112181541A (en) | 2021-01-05 |
Family
ID=73946058
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011055118.6A Pending CN112181541A (en) | 2020-09-29 | 2020-09-29 | Data processing method and device, electronic equipment and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112181541A (en) |
| WO (1) | WO2022068761A1 (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113014664A (en) * | 2021-03-12 | 2021-06-22 | 京东数科海益信息科技有限公司 | Gateway adaptation method, device, electronic equipment and storage medium |
| CN113127906A (en) * | 2021-04-29 | 2021-07-16 | 武汉虹信技术服务有限责任公司 | Unified authority management platform, method and storage medium based on C/S architecture |
| CN113312390A (en) * | 2021-06-01 | 2021-08-27 | 北京沃东天骏信息技术有限公司 | Service data calling method and device, storage medium and electronic equipment |
| CN113704000A (en) * | 2021-08-30 | 2021-11-26 | 康键信息技术(深圳)有限公司 | Service access optimization method, device, equipment and medium |
| WO2022068761A1 (en) * | 2020-09-29 | 2022-04-07 | 京东科技控股股份有限公司 | Data processing method and apparatus, electronic device, and storage medium |
| CN114390032A (en) * | 2022-01-12 | 2022-04-22 | 政采云有限公司 | Method, device, equipment and medium for requesting exit gateway |
| CN114500178A (en) * | 2021-12-21 | 2022-05-13 | 特斯联科技集团有限公司 | Intelligent internet of things gateway capable of self-operation and self-maintenance |
| CN115037789A (en) * | 2022-06-09 | 2022-09-09 | 中国工商银行股份有限公司 | Current limiting method, device, apparatus, storage medium and program product |
| CN118590441A (en) * | 2024-08-05 | 2024-09-03 | 杭州玳数科技有限公司 | Method and device for realizing fusing strategy cluster mode based on Sentinel framework |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114666408B (en) * | 2022-05-23 | 2022-09-06 | 深圳华锐分布式技术股份有限公司 | Market condition factor data transparent transmission method, device, equipment and medium based on Internet |
| CN115145712A (en) * | 2022-09-06 | 2022-10-04 | 云账户技术(天津)有限公司 | Interface calling method, device, equipment and medium for external service platform |
| CN116109112B (en) * | 2023-04-12 | 2023-06-27 | 徐工汉云技术股份有限公司 | Service data processing method, device, medium and equipment based on aggregation interface |
| CN118656284A (en) * | 2024-08-20 | 2024-09-17 | 天翼视联科技有限公司 | Log data monitoring method and device, electronic device and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019034979A1 (en) * | 2017-08-14 | 2019-02-21 | Reliance Jio Infocomm Limited | Systems and methods for controlling real-time traffic surge of application programming interfaces (apis) at server |
| CN110602043A (en) * | 2019-08-08 | 2019-12-20 | 中腾信金融信息服务(上海)有限公司 | API gateway implementation system and method for mobile application |
| CN111130939A (en) * | 2019-12-26 | 2020-05-08 | 深圳前海环融联易信息科技服务有限公司 | Flow control method and device, computer equipment and storage medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6968553B1 (en) * | 2001-03-01 | 2005-11-22 | Alcatel | Element manager common gateway architecture system and method |
| CN109510846B (en) * | 2017-09-14 | 2020-11-03 | 北京金山云网络技术有限公司 | API calling system, method and device, electronic equipment and storage medium |
| CN109358880A (en) * | 2018-10-18 | 2019-02-19 | 行吟信息科技(上海)有限公司 | A kind of universal gateway configuration method and device |
| CN110083338B (en) * | 2019-05-27 | 2023-12-22 | 广东金赋科技股份有限公司 | Service system based on intelligent gateway |
| CN110995873A (en) * | 2019-12-27 | 2020-04-10 | 美的集团股份有限公司 | Gateway service interface discovery method, system, electronic device and storage medium |
| CN112181541A (en) * | 2020-09-29 | 2021-01-05 | 京东数字科技控股股份有限公司 | Data processing method and device, electronic equipment and storage medium |
-
2020
- 2020-09-29 CN CN202011055118.6A patent/CN112181541A/en active Pending
-
2021
- 2021-09-27 WO PCT/CN2021/120870 patent/WO2022068761A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019034979A1 (en) * | 2017-08-14 | 2019-02-21 | Reliance Jio Infocomm Limited | Systems and methods for controlling real-time traffic surge of application programming interfaces (apis) at server |
| CN110602043A (en) * | 2019-08-08 | 2019-12-20 | 中腾信金融信息服务(上海)有限公司 | API gateway implementation system and method for mobile application |
| CN111130939A (en) * | 2019-12-26 | 2020-05-08 | 深圳前海环融联易信息科技服务有限公司 | Flow control method and device, computer equipment and storage medium |
Non-Patent Citations (3)
| Title |
|---|
| SCZYH30: ""Sentinel release-1.7"", 《HTTPS://GITHUB.COM/ALIBABA/SENTINEL/TREE/RELEASE-1.7》 * |
| 倔强的毛毛: ""Spring Cloud gateway 五 Sentinel整合"", 《HTTPS://ZHUANLAN.ZHIHU.COM/P/91262004》 * |
| 程序员你大爷: ""Spring Cloud gateway 七 Sentinel 注解方式使用"", 《HTTPS://WWW.BBSMAX.COM/A/KJDWLW4OZN/ 》 * |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022068761A1 (en) * | 2020-09-29 | 2022-04-07 | 京东科技控股股份有限公司 | Data processing method and apparatus, electronic device, and storage medium |
| CN113014664B (en) * | 2021-03-12 | 2023-06-30 | 京东科技信息技术有限公司 | Gateway adaptation method, device, electronic equipment and storage medium |
| CN113014664A (en) * | 2021-03-12 | 2021-06-22 | 京东数科海益信息科技有限公司 | Gateway adaptation method, device, electronic equipment and storage medium |
| CN113127906A (en) * | 2021-04-29 | 2021-07-16 | 武汉虹信技术服务有限责任公司 | Unified authority management platform, method and storage medium based on C/S architecture |
| CN113312390A (en) * | 2021-06-01 | 2021-08-27 | 北京沃东天骏信息技术有限公司 | Service data calling method and device, storage medium and electronic equipment |
| CN113704000A (en) * | 2021-08-30 | 2021-11-26 | 康键信息技术(深圳)有限公司 | Service access optimization method, device, equipment and medium |
| CN113704000B (en) * | 2021-08-30 | 2024-05-17 | 康键信息技术(深圳)有限公司 | Service access optimization method, device, equipment and medium |
| CN114500178A (en) * | 2021-12-21 | 2022-05-13 | 特斯联科技集团有限公司 | Intelligent internet of things gateway capable of self-operation and self-maintenance |
| CN114500178B (en) * | 2021-12-21 | 2024-04-02 | 特斯联科技集团有限公司 | Self-operation intelligent Internet of things gateway |
| CN114390032A (en) * | 2022-01-12 | 2022-04-22 | 政采云有限公司 | Method, device, equipment and medium for requesting exit gateway |
| CN115037789A (en) * | 2022-06-09 | 2022-09-09 | 中国工商银行股份有限公司 | Current limiting method, device, apparatus, storage medium and program product |
| CN115037789B (en) * | 2022-06-09 | 2024-03-26 | 中国工商银行股份有限公司 | Method, apparatus, device, storage medium and program product for limiting current |
| CN118590441A (en) * | 2024-08-05 | 2024-09-03 | 杭州玳数科技有限公司 | Method and device for realizing fusing strategy cluster mode based on Sentinel framework |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022068761A1 (en) | 2022-04-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112181541A (en) | Data processing method and device, electronic equipment and storage medium | |
| US11456965B2 (en) | Network service request throttling system | |
| CN112637214A (en) | Resource access method and device and electronic equipment | |
| US11983266B2 (en) | Systems and methods for event-based application control | |
| CN111614624B (en) | Risk detection method, device, system and storage medium | |
| CN110247897B (en) | System login method, device, gateway and computer readable storage medium | |
| US11128639B2 (en) | Dynamic injection or modification of headers to provide intelligence | |
| CN106612263B (en) | Method and equipment for processing application access request | |
| US20230068880A1 (en) | Function-based service framework with trusted execution platform | |
| CN112839006B (en) | Open platform interface calling method and related product | |
| CN109992298B (en) | Examination and approval platform expansion method and device, examination and approval platform and readable storage medium | |
| CN115242433B (en) | Data processing method, system, electronic device and computer readable storage medium | |
| US20220329492A1 (en) | Data collection method and apparatus | |
| CN115396154A (en) | Access authentication method, device, electronic equipment and storage medium | |
| CN112953951B (en) | User login verification and security detection method and system based on domestic CPU | |
| CN114386047A (en) | Application vulnerability detection method and device, electronic equipment and storage medium | |
| CN110929269B (en) | System authority management method, device, medium and electronic equipment | |
| CN113225348A (en) | Request anti-replay verification method and device | |
| CN110647757A (en) | Data processing method based on intelligent contract and related device | |
| CN116032570B (en) | Network access management method, device, electronic equipment and storage medium | |
| CN108897550B (en) | System and method for realizing program deployment, access and upgrade through packaging browser | |
| CN113765986B (en) | Flow control method of open platform and server | |
| WO2024007096A1 (en) | Privacy data protection method for android system | |
| US11838328B1 (en) | Preventing data exfiltration to unsanctioned cloud computing services (CCS) accounts using CCS application programming interfaces | |
| JP5835022B2 (en) | Distribution apparatus, distribution processing method and program, information processing apparatus, information processing method and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Room 221, 2 / F, block C, 18 Kechuang 11th Street, Daxing District, Beijing, 100176 Applicant after: Jingdong Technology Holding Co.,Ltd. Address before: Room 221, 2 / F, block C, 18 Kechuang 11th Street, Daxing District, Beijing, 100176 Applicant before: Jingdong Digital Technology Holding Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210105 |
|
| RJ01 | Rejection of invention patent application after publication |