CN113821277A

CN113821277A - Interface calling method and device, computer readable storage medium and electronic equipment

Info

Publication number: CN113821277A
Application number: CN202010609318.5A
Authority: CN
Inventors: 常银桥
Original assignee: Beijing Jingdong Century Trading Co Ltd; Beijing Wodong Tianjun Information Technology Co Ltd
Current assignee: Beijing Jingdong Century Trading Co Ltd; Beijing Wodong Tianjun Information Technology Co Ltd
Priority date: 2020-06-29
Filing date: 2020-06-29
Publication date: 2021-12-21

Abstract

The present disclosure provides an interface calling method, an interface calling apparatus, a computer-readable storage medium, and an electronic device; relates to the technical field of communication. The interface calling method comprises the following steps: receiving an interface calling request, and acquiring a method entry corresponding to a method to be called according to the interface calling request; when the method comprises anti-re-annotation, entering section layer processing according to the anti-re-annotation solution; and acquiring a logic judgment result obtained by processing, and entering the method entry according to the logic judgment result to call the method. The method can define the anti-reinjection solution to realize the anti-reinjection concurrency in the interface calling process, and further can ensure the consistency and the usability of the system.

Description

Interface calling method and device, computer readable storage medium and electronic equipment

Technical Field

The present disclosure relates to the field of communications technologies, and in particular, to an interface calling method, an interface calling apparatus, a computer-readable storage medium, and an electronic device.

Background

The interface is used as a sharing boundary between systems or between systems and people, and grammar interoperability support can be provided by setting standard specifications, so that the coupling degree between interactive applications can be reduced, and the flexibility of task processing is increased.

However, if another task calls the same interface method during execution of the other task, data inconsistency and the like may occur. Or, frequent calls in a short time can cause problems such as system unavailability.

Therefore, it is desirable to provide an interface calling method, by which a replay-preventing concurrence in an interface calling process can be realized, and consistency and usability of a system can be further ensured.

The information disclosed in the foregoing background section is only for enhancement of understanding of the background of the present disclosure and therefore may include information that does not constitute prior art that is known to a person of ordinary skill in the art.

Disclosure of Invention

The embodiment of the disclosure provides an interface calling method and device, a computer-readable storage medium and an electronic device, which can realize anti-replay concurrence in an interface calling process by defining an anti-replay solution in the method, and further can ensure the consistency and the usability of a system.

According to a first aspect of the present disclosure, there is provided an interface calling method, including:

receiving an interface calling request, and acquiring a method entry corresponding to a method to be called according to the interface calling request;

when the method comprises anti-re-annotation, entering section layer processing according to the anti-re-annotation solution;

and acquiring a logic judgment result obtained by processing, and entering the method entry according to the logic judgment result to call the method.

In an exemplary embodiment of the present disclosure, the interface call request includes a signature verification string and encrypted task data;

after receiving the interface call request, the method further comprises:

obtaining the signature verification character string and performing signature verification operation through a corresponding signature verification key;

and when the signature verification is successful, decrypting the encrypted task data to obtain the task data.

In an exemplary embodiment of the present disclosure, the interface call request includes a method name of the method; the method for receiving the interface calling request and acquiring the method entry corresponding to the method to be called according to the interface calling request comprises the following steps:

receiving the interface calling request, and acquiring the method name of the method in the interface calling request;

and acquiring a method entry corresponding to the method according to the method name.

In an exemplary embodiment of the disclosure, when the method includes anti-re-annotation, entering a cut plane layer process according to the anti-re-annotation solution, includes:

when the method comprises the anti-re-annotation, executing corresponding notification according to the anti-re-annotation solution, wherein the notification is a front notification, a surrounding notification, a rear notification or an abnormal notification.

In an exemplary embodiment of the present disclosure, the executing the corresponding notification according to the anti-replay solution includes:

obtaining an attribute value based on the anti-replay solution, and executing the notification according to the attribute value;

the attribute value comprises a method mark, a method group mark and a time window of the method, wherein the time window is an allowed time interval between two interface calling requests.

In an exemplary embodiment of the present disclosure, the notification is a pre-notification; the executing the notification according to the attribute value includes:

and acquiring the time window, and judging whether the difference value between the request time of the current interface calling request and the previous time is greater than or equal to the time window to obtain a logic judgment result.

In an exemplary embodiment of the present disclosure, entering the method entry according to the logic determination result to call the method includes:

and when the logic judgment result is yes, entering the method entry to call the method.

According to a second aspect of the present disclosure, there is provided an interface calling apparatus, including:

the receiving module is used for receiving an interface calling request and acquiring a method entry corresponding to a method to be called according to the interface calling request;

the processing module is used for entering section layer processing according to the anti-re-annotation solution when the method comprises the anti-re-annotation;

and the calling module is used for acquiring the processed logic judgment result and entering the method entry to call the method according to the logic judgment result.

According to a third aspect of the present disclosure, there is provided an electronic device comprising:

a processor;

a memory for storing executable instructions of the processor; wherein the processor is configured to perform any of the methods described above via execution of the executable instructions.

According to a fourth aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any one of the above.

Exemplary embodiments of the present disclosure may have some or all of the following benefits:

in the interface calling method provided by the exemplary embodiment of the present disclosure, first, an interface calling request is received, and a method entry corresponding to a method to be called is obtained according to the interface calling request; then, judging whether the method contains anti-replay, and entering a corresponding section layer for processing according to anti-replay solution when the method contains anti-replay; and finally, acquiring a logic judgment result obtained by the processing of the tangent plane layer, and calling the method according to the logic judgment result. On one hand, by defining anti-reeking in the method, the problem of inconsistent data and the like in the system caused by repeated calls to the interface can be improved. On the other hand, the above-mentioned cross-layer processing can control the time window of interface call by defining the way of notification, and then can prevent the concurrent operation to the interface, and can solve the situation that the system is not available due to frequent call instantaneously. In addition, the mode of section layer processing can decouple the re-judgment prevention and the task processing, and meanwhile, the logic judgment does not need to be carried out in the method corresponding to each task independently, so that the flexibility of the system is improved, and the system resources are saved.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.

FIG. 1 is a diagram illustrating an exemplary system architecture to which an interface call method and apparatus of embodiments of the present disclosure may be applied;

FIG. 2 illustrates a schematic structural diagram of a computer system suitable for use with the electronic device used to implement embodiments of the present disclosure;

FIG. 3 schematically shows a flow diagram of a process of an interface call method according to one embodiment of the present disclosure;

FIG. 4 schematically shows a flow diagram of a process of an interface call method according to one embodiment of the present disclosure;

fig. 5 schematically shows a block diagram of an interface invocation means according to an embodiment of the present disclosure.

Detailed Description

Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and the like. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.

Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.

Fig. 1 is a schematic diagram illustrating a system architecture of an exemplary application environment to which an interface calling method and apparatus according to an embodiment of the present disclosure may be applied.

As shown in fig. 1, the system architecture 100 may include one or more of

terminal devices

101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the

terminal devices

101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few. The

terminal devices

101, 102, 103 may be various electronic devices having a display screen, including but not limited to desktop computers, portable computers, smart phones, tablet computers, and the like. It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation. For example, server 105 may be a server cluster comprised of multiple servers, or the like.

The interface calling method provided by the embodiment of the present disclosure may be executed by the

terminal devices

101, 102, and 103, and accordingly, the interface calling apparatus may be disposed in the

terminal devices

101, 102, and 103. The interface calling method provided by the embodiment of the present disclosure may also be executed by the server 105, and accordingly, the interface calling apparatus may be disposed in the server 105. The interface calling method provided by the embodiment of the present disclosure may also be executed by the

terminal devices

101, 102, and 103 and the server 105 together, and accordingly, the interface calling apparatus may be disposed in the

terminal devices

101, 102, and 103 and the server 105, which is not particularly limited in this exemplary embodiment.

For example, in this exemplary embodiment, the calling end may send an interface calling request through the

terminal devices

101, 102, and 103, and after receiving the interface calling request, the

terminal devices

101, 102, and 103 will obtain a method entry corresponding to a method to be called through the interface calling request. Then, firstly, judging whether the method comprises anti-reinjection, and entering a tangent plane layer for processing according to the defined anti-reinjection solution; and finally, acquiring a logic judgment result obtained by processing, and entering the method entry to call the corresponding method according to the logic judgment result.

FIG. 2 illustrates a schematic structural diagram of a computer system suitable for use in implementing the electronic device of an embodiment of the present disclosure.

It should be noted that the computer system 200 of the electronic device shown in fig. 2 is only an example, and should not bring any limitation to the functions and the scope of the application of the embodiments of the present disclosure.

As shown in fig. 2, the computer system 200 includes a Central Processing Unit (CPU)201 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)202 or a program loaded from a storage section 208 into a Random Access Memory (RAM) 203. In the RAM 203, various programs and data necessary for system operation are also stored. The CPU 201, ROM 202, and RAM 203 are connected to each other via a bus 204. An input/output (I/O) interface 205 is also connected to bus 204.

The following components are connected to the I/O interface 205: an input portion 206 including a keyboard, a mouse, and the like; an output section 207 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 208 including a hard disk and the like; and a communication section 209 including a network interface card such as a LAN card, a modem, or the like. The communication section 209 performs communication processing via a network such as the internet. A drive 210 is also connected to the I/O interface 205 as needed. A removable medium 211 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 210 as necessary, so that a computer program read out therefrom is mounted into the storage section 208 as necessary.

To solve this problem, the inventors have tentatively proposed the following three methods:

the first method is to look back at the database state based on a specific service field. That is, when a call request is received, the current database state is checked according to the corresponding field, so that the effect of preventing the concurrence of repeated prevention is achieved. However, the method cannot completely prevent the overweight, and has the problems of low efficiency and the like.

The second method is to set a unique index, and use a unique constraint to achieve the purpose of preventing the replay concurrency. Although the method can completely prevent the duplication, the method can be adopted only when the interface is in plug-in operation and the unique index field can be selected because the method strongly depends on the unique index of the database. Most practical scenes cannot meet the requirement, so the universality of the method is poor.

The third method is to achieve the purpose of preventing the replay concurrency by setting a distributed lock. This method requires frequent locking and unlocking processes. Meanwhile, after an exception occurs, the lock is not released, and only the cache expiration time is relied on, which brings about a lot of uncertainty.

Meanwhile, in the above three methods, for the query type interface, if the instantaneous call is too frequent, the system may be unavailable.

In order to solve the problems existing in the above method, in the present exemplary embodiment, the inventor proposes a new technical solution, and the technical solution of the embodiments of the present disclosure is explained in detail below:

the present exemplary embodiment first provides an interface calling method, which specifically includes the following steps, as shown in fig. 3:

step S310: receiving an interface calling request, and acquiring a method entry corresponding to a method to be called according to the interface calling request;

step S320: when the method comprises anti-re-annotation, entering section layer processing according to the anti-re-annotation solution;

step S330: and acquiring a logic judgment result obtained by processing, and entering the method entry according to the logic judgment result to call the method.

In the interface calling method provided by the disclosed example embodiment, on one hand, by defining the anti-reevaluation in the method, the problem of inconsistent data and the like in the system caused by repeated calling of the interface can be improved. On the other hand, the above-mentioned cross-layer processing can control the time window of interface call by defining the way of notification, and then can prevent the concurrent operation to the interface, and can solve the situation that the system is not available due to frequent call instantaneously. In addition, the mode of section layer processing can decouple the re-judgment prevention and the task processing, and meanwhile, the logic judgment does not need to be carried out in the method corresponding to each task independently, so that the flexibility of the system is improved, and the system resources are saved.

Next, in another embodiment, the above steps are explained in more detail.

In step S310, an interface call request is received, and a method entry corresponding to a method to be called is obtained according to the interface call request.

In the present exemplary embodiment, the interface call request is a request issued by a request terminal to call a method for processing a certain task. After receiving the interface call request, the receiving end can determine a method entry corresponding to the method to be called by the requesting end according to the request. For example, the interface invocation request may be an invocation request of a method, such as data query, insertion, or modification, sent by a user through a terminal device, or may be an invocation request of a business method, such as ordering, returning order, payment, or refund, sent by an e-commerce platform, or may be a request of invoking a method, which conforms to the above definition, for performing any other operation, which belongs to the protection scope of the present exemplary embodiment.

The interface call request may include a method name of a called method, and the method entry corresponding to the method to be called obtained according to the interface call request may be implemented as follows: and obtaining the method name of the method to be called contained in the interface calling request, and obtaining the method entry corresponding to the method to be called according to the method name. The method corresponds to an operation or a process to be executed, for example, the method may be a method for implementing operations such as querying, modifying, and inserting data, or may be a method for performing a certain service process, and this is not particularly limited in this exemplary embodiment.

Preferably, the interface call Request may further include a time of the Request call, an identifier of the Request end, a signature verification string, and encrypted task data, and as shown in table 1, a Request object Request is defined:

table 1:

in table 1, the RequestMethod field is a method name, and is used to indicate an interface method to be called, and when the interface call request arrives, the request may be forwarded to a corresponding task processing method through the field.

The requestTime field is a time identifier and is used for recording the request time of the interface call request. For example, the format of the field may be "2020-03-2210: 10: 20", or may be in other forms that can identify time, which is not particularly limited in this example embodiment.

The requestClient field is used for identifying a request end which sends the interface call request, for example, the request end may be a user terminal device, and the corresponding identifier may be a; the request end may also be a certain service platform, and the corresponding identifier may be YW. In addition, the request end can also be any other equipment which sends out the call request. The identifier of the requesting end may be not only a letter, but also a number, a special character, or any combination of a letter, a number, and a special character, and may also be other sequences that may function as an identifier, which is not particularly limited in this exemplary embodiment.

In addition, in the present exemplary embodiment, in order to ensure communication security, technical means such as signature verification and encryption/decryption may be provided to support identity authentication and data encryption in the method invocation process, which is of great significance in task processing involving personal privacy and property transactions, which have high requirements for security. As shown in table 1, this can be achieved by setting a signature verification field requestSign in the interface call request, where the field is used for signature verification between the requester and the server. The signature verification rule may be set as follows, for example: a signature Key is firstly agreed between the two parties of the requesting party and the service party, for example, the Key may be md5Key, three parameters, namely, a RequestMethod field, a requestTime field and a requestClient field, in the interface call request are extracted, and a signature field requestSign is obtained by using the signature Key and the obtained parameters through the following formula:

MD5(requestMethod+requestTime+requestClient+md5Key)

it should be noted that the signature adopts the MD5 signature method, but other signature methods for generating the signature verification field also belong to the protection scope of the present exemplary embodiment. Preferably, in the present exemplary embodiment, as shown in table 1, the task data may be further encrypted to generate an enCodeRequestData field, and the field stores the encrypted task data, so that important information can be prevented from being intercepted by an illegal molecule. The encryption process can adopt a DES symmetric encryption algorithm, the requesting party and the service party agree with an encryption key in advance, and the task data is encrypted by using the encryption key. It should be noted that the encryption process may also adopt other encryption methods, and this exemplary embodiment is not particularly limited to this.

In this exemplary embodiment, the task Data RequestData before encryption in table 1 above may include a task designation field Rfid and a service-related Data field Data, as shown in table 2:

TABLE 2

Wherein, the Rfld field is used for uniquely marking the task to be processed. For example, if the requesting end is an e-commerce platform, most of the processed tasks are order services, the unique task identifier may be an unique identifier corresponding to a database record, such as an order number or a reimbursement number, and a group of interfaces may be corresponding to a service dimension, such as an order payment interface, and the order drawing interfaces may all be corresponding to the order dimension, and the reimbursement checking interface and the reimbursement completion interface may all be corresponding to the reimbursement dimension. It should be noted that the above scenario is only an exemplary illustration, and the protection scope of the exemplary embodiment is not limited thereto. In addition, the task Data also includes a Data field for storing other Data related to the task, which needs to be set according to the specific task to be processed.

In this exemplary embodiment, preferably, before forwarding the interface call request to the corresponding method, for the state of receiving the interface call request, an interface Response may be further defined, as shown in table 3, and after receiving the call request, feedback of whether the Response is successful or not is obtained according to the fields in table 3:

table 3:

for example, in the interface invoking method provided in this exemplary embodiment, after the invocation request is received, the identity of the requesting end is authenticated according to the signature verification field, after the authentication is passed, a corresponding decryption key is obtained according to a preset encryption algorithm, the task data is decrypted by using the decryption key to obtain a plaintext corresponding to the task data, and finally, a corresponding processing method may be invoked according to the task identifier and other task data. In the process, if the processes of signature checking, decryption, calling and the like are successfully carried out, an interface Response is returned, the resultCode field is 0, and the resultMsg field is 'success'. Otherwise, if any link fails, an interface Response is returned in the corresponding link, the resultCode field is an integer except 0, and the resultMsg field is 'error'.

It should be noted that the above scenario is only an exemplary illustration, and the protection scope of the exemplary embodiment is not limited thereto.

In step S320, when the method includes anti-re-annotation, a section layer process is performed according to the anti-re-annotation solution.

In this exemplary embodiment, after obtaining the method entry corresponding to the method to be called according to the interface call request, and before the calling method performs corresponding task processing, the anti-replay solution first needs to determine whether to enter the tangent plane layer for processing according to the anti-replay solution, where the implementation of the process may be as follows: determining whether the method includes anti-replay annotations; if the anti-replay solution is included, corresponding section layer processing is required according to the anti-replay solution. Otherwise, if the anti-replay is not included, the method is directly called to carry out corresponding task processing.

In the process of task processing, according to the difference of the focus points, the task processing flow can be divided into two parts, namely a core focus point and a transverse focus point. The core focus concerns each module corresponding to the main flow of the task processing, while the focus of the cross focus concerns the logic or responsibility which is not in great relation with the main flow of the task processing but is called by each module. For example, a log function, the log code is often spread laterally across all object hierarchies without any relationship to the core functionality of its corresponding object. This is true for other types of code, such as security, exception handling, and transparent persistence, where such extraneous code scattered throughout is the subject of concern across points of interest. In addition, the transection concern may be authority authentication, transaction, or other code that conforms to the definition, and this exemplary embodiment is not particularly limited to this.

The section is obtained by dissecting the inside of the encapsulated object based on a 'transverse cutting' technology and encapsulating common behaviors influencing a plurality of classes into a reusable module. By defining the tangent layer, the logic or responsibility which is irrelevant to the task and is called by the task module is encapsulated, so that the repeated codes of the system can be reduced, the coupling degree between the modules is reduced, and the operation and maintenance of the system in the future are facilitated.

After the slice layer is defined, the slice may also be processed by defining a notification in the slice layer. The above-mentioned tangent plane layer processing process can be realized as follows: the intercepted method is processed according to a predefined notification. The notification may be a front notification, a surround notification, a rear notification, or an exception notification, which is not particularly limited in this example embodiment. The method is characterized in that the pre-notification is carried out before the execution of the method, the post-notification carries out predefined operation on the method after the completion of the method, the time point of the surrounding notification can be any time of the execution of the method, and the exception notification is the operation added at the exception of the execution of the method.

In the present exemplary embodiment, in order to prevent the case where repeated frequent calls cause data inconsistency and system crash unavailability, the time interval for sending the interface call request may be controlled by defining a notification in the above-described hierarchical layer. The executing of the corresponding section layer processing according to the anti-re-annotation solution is executing a predefined notification according to the anti-re-annotation solution, and the implementation of the process may be: obtaining an attribute value based on the anti-replay solution, and executing a notification according to the obtained attribute value, wherein the attribute value includes a method identifier, a method group identifier, and a time window of a method to be called, as shown in table 4:

table 4:

the locktimessplit is an allowed time window between the first interface call request and the second interface call request, for example, the time window may be defined as 1000, where 1000 corresponds to 1 second. The methodMark is a method identifier corresponding to a task processing required by the interface call request, such as a method identifier corresponding to a service requirement for completing order payment. The methodGroup is the indication of the method group to which the called method belongs. For example, the same group to which the method of the desired business process belongs, such as order payment, may be identified as a group simultaneously with the ticketing of the order. The lockKeyTimeOut is the expiration time of the cache, so that the condition that too much space is occupied due to too much cache of the request is prevented, the space utilization rate is further improved, and the system resources are saved. It should be noted that the above scenario is only an exemplary illustration, and the scope of protection of the exemplary embodiment is not limited thereto

In this exemplary embodiment, the notification may be a pre-notification, and a logic determination result is obtained according to the time window before the task processing is performed. In the process, a key lockKey is defined and used for preventing the duplication and concurrence in the interface calling process. The naming convention for the key name key of this key, methodMark + methodGroup + rfId. The key value lockValue is the current time + lockTimeSplit. Preferably, the key variable may be stored in a distributed cache system, so that regardless of which machine the interface call is to be made to, the lockValue may be obtained for the determination. It should be noted that the above scenario is only an exemplary illustration, and the scope of protection of the exemplary embodiment is not limited thereto.

In summary, in a specific embodiment of the present exemplary embodiment, when the called method includes the anti-re-annotation, the implementation of the corresponding section level processing according to the anti-re-annotation solution may be as follows: when the method comprises the anti-replay, the attribute value defined in the anti-replay is obtained, and the lockKey is obtained by assembling according to the obtained attribute value: MethodMark + MethodGroup + rfId; judging whether the assembled key lockKey exists in the distributed cache system or not, if not, inserting the key lockKey, and setting lockValue as the current time + lockTimeSplit; if the key value exists, the corresponding key value lockValue is compared with the time of the interface calling request, and a logic judgment result is obtained. It should be noted that the above scenario is only an exemplary illustration, and the scope of protection of the exemplary embodiment is not limited thereto.

In step S330, a logic determination result obtained by the processing is obtained, and the method is called by entering the method entry according to the logic determination result.

In the exemplary implementation method, after a logic determination result is obtained through the process of step S320, a method interface is entered according to the logic determination result to call a corresponding method. By way of example, the following may be mentioned: when the request time of the interface call request is greater than or equal to the key value lockValue, calling a corresponding method and updating the key value lockValue to be the current time + lockTimeSplit of the call; and when the logic judgment result shows that the request time of the interface calling request is smaller than the key value lockValue, the interface calling request is proved to fall into a time window, and the response of the interface calling failure is directly returned. It should be noted that the above scenario is only an exemplary illustration, and the scope of protection of the exemplary embodiment is not limited thereto.

In a specific embodiment of the present exemplary embodiment, preferably, the interface calling method may be used for service processing of an e-commerce platform, and an overall flow of the service processing is performed, as shown in fig. 4, and may include the following steps:

step S410: an interface call request is received.

In the step, an interface calling request requestMethod is received, wherein the interface calling request comprises a method name requestMethod for requesting calling, a time requestTime for requesting calling, a marking requestClient of a request end, a signature string requestSign and encrypted service data enCodeRequestData, and the service data comprises a service unique marking rfId and other related service data.

Step S420: and performing identity authentication on the request terminal.

In this step, the identity authentication is performed on the request end initiating the call request, that is, the e-commerce platform client, according to the signature verification field in the interface call request. If the authentication is successful, go to step S430; if the authentication fails, the process proceeds to step S491.

Step S430: and decrypting the encrypted service data.

In this step, after the authentication of the request end is used, the encrypted service data is decrypted by using a pre-agreed key to obtain the service object.

Step S440: and forwarding the interface calling request to a corresponding method.

In this step, a corresponding service processing method is then found according to the requestMethod field in the interface call request, and the interface call request is forwarded to the corresponding method.

Step S450: and judging whether the method contains anti-reeking notes or not.

In the interface calling method provided in this example embodiment, a re-annotation prevention is added to a service method having a common called logic or responsibility, and a corresponding attribute value is set, where the attribute may include a time window locktimessplit, a method identification mark, a method group identification groupMethd, and a cache expiration time lockKeyTimeOut. In this specific application scenario, the attribute value may be "locktimessplit ═ 3000, methodMark ═ doBusiness, groupMethd ═ pay, and lockKeyTimeOut ═ 10000", where the time window 1000 represents 1 second, and 3000 represents 3 seconds. Based on the parameters, a key lockKey is defined and used for preventing the duplication and concurrence in the interface calling process. The naming convention for the key name key of this key, methodMark + methodGroup + rfId. The key value lockValue is the current time + lockTimeSplit.

In this step, after the interface call request is forwarded to the corresponding method, it is determined whether the method includes the anti-replay comment. If the determination result is that the method includes the anti-re-injection solution, go to step S460; otherwise, if the method does not include the anti-re-annotation, the method directly jumps to step S490 to enter the business process.

Step S460: and entering a tangent plane for anti-weight treatment.

In this step, the attribute lockTimeSplit, the method identification methodMark, and the method group identification groupMethd defined in the anti-replay are obtained, the service unique identification rfId in the interface call request is obtained, and the key name methodMark + methodGroup + rfId of the corresponding key lockKey is obtained by assembly.

Step S470: and judging whether the system has a lockKey.

In this step, after the key name of the key lockKey is acquired, the key lockKey is queried and judged in the distributed storage system. If the key exists, go to step S471; if not, go to step S472.

Step S471: the value lockValue where lockKey exists is retrieved.

In this step, after the key lockKey is found in the distributed storage system, the key lockValue stored in the key lockKey is taken out, and the process proceeds to step S480.

Step S472: the value lockValue of lockKey is set to be the current time + lockTimeSplit.

In this step, when the key value does not exist, the value lockValue of lockKey is set as the time of the current interface call request plus a time window, so as to subsequently determine whether the time interval between the next interface call request and the current request passes through a preset time window, and step S490 is performed after the setting is completed.

Step S480: and judging whether the current time is less than the lockKey.

In this step, it is determined whether the current time is less than the lockKey, and if the determination result is less than the lockKey, it is verified that the interface call request is in the time window of the previous call request, and in order to prevent the problems of system unavailability, data inconsistency, and the like caused by frequent calls, the process proceeds to step S491, and the request is returned to fail. Otherwise, it is proved that the time window is elapsed from the last call, the step S490 is skipped to enter service processing.

Step S490: and entering service processing.

Step 491: the return request fails.

Further, the present exemplary embodiment provides an interface calling apparatus. Referring to fig. 5, the interface calling apparatus 500 may include a receiving module 510, a processing module 520, and a calling module 530. Wherein:

the receiving module 510 may be configured to receive an interface call request, and obtain a method entry corresponding to a method to be called according to the interface call request;

processing module 520 may be configured to enter tangent plane layer processing upon the anti-re-annotation resolution when the method includes anti-re-annotation;

the calling module 530 may be configured to obtain a logic determination result obtained by the processing, and enter the method entry according to the logic determination result to call the method.

In this exemplary embodiment, the interface invoking device may further include a signature verification unit and a decryption unit, where the signature verification unit is configured to verify an identity of a request end of the invoking method, and the decryption unit is configured to decrypt the encrypted task data. The specific processes of signature verification and decryption have been described in detail in the corresponding steps of the interface calling method, and thus are not described herein again.

In addition, the receiving module may further include an obtaining unit, where the obtaining unit is configured to determine, according to the received interface call request, a method entry corresponding to the method to be called after receiving the interface call request, and the obtaining unit may be implemented by: receiving an interface calling request, and acquiring a method name corresponding to a method to be called contained in the interface calling request; and acquiring a corresponding method entry according to the method name. It should be noted that the above scenario is only an exemplary illustration, and the scope of protection of the exemplary embodiment is not limited thereto.

In this exemplary embodiment, the processing module includes a section layer processing unit, the section layer encapsulates and abstracts common behaviors of each method in a task processing process into a section class, the section layer processing unit is mainly used for processing the encapsulated common behaviors in the section layer, and the implementation may be: when the called method comprises the anti-replay solution, executing the corresponding notification according to the anti-replay solution, wherein the notification can be a front notification, a surrounding notification, a rear notification or an abnormal notification. Specifically, the attribute value may be obtained based on the anti-replay solution, and the defined notification may be executed according to the attribute value, where the attribute value includes a method identifier of a method, a method group identifier, and a time window, and the time window is an allowed time interval between two interface call requests.

The processing module may further include a logic determining unit, configured to obtain the time window, determine whether a difference between a request time of the current interface call request and a previous time is greater than or equal to the time window, and accordingly obtain a logic determination result. It should be noted that the above scenario is only an exemplary illustration, and the scope of protection of the exemplary embodiment is not limited thereto.

It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.

As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by an electronic device, cause the electronic device to implement the method as described in the above embodiments. For example, the electronic device may implement the various steps shown in fig. 3-4, etc.

It should be noted that the computer readable media shown in the present disclosure may be computer readable signal media or computer readable storage media or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.

It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims

1. An interface calling method, comprising:

2. The interface calling method according to claim 1, wherein the interface calling request includes a signature verification string and encrypted task data;

after receiving the interface call request, the method further comprises:

3. The interface call method according to claim 1, wherein the interface call request includes a method name of the method; the method for receiving the interface calling request and acquiring the method entry corresponding to the method to be called according to the interface calling request comprises the following steps:

4. The interface call method according to claim 3, wherein when said method includes a re-annotation prevention, entering a cut plane layer process according to said re-annotation prevention solution, comprises:

5. The interface invocation method according to claim 4, wherein said executing a corresponding notification in accordance with the anti-replay solution comprises:

6. The interface call method according to claim 5, wherein the notification is a pre-notification; the executing the notification according to the attribute value includes:

7. The interface call method according to claim 6, wherein the entering the method entry according to the logic determination result calls the method, including:

8. An interface invocation apparatus, comprising:

9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 7.

10. An electronic device, comprising:

a processor;

a memory for storing executable instructions of the processor;

wherein the processor is configured to perform the method of any of claims 1-7 via execution of the executable instructions.