CN114124430B - Token replacement method, device and storage medium - Google Patents
Token replacement method, device and storage medium Download PDFInfo
- Publication number
- CN114124430B CN114124430B CN202111014307.3A CN202111014307A CN114124430B CN 114124430 B CN114124430 B CN 114124430B CN 202111014307 A CN202111014307 A CN 202111014307A CN 114124430 B CN114124430 B CN 114124430B
- Authority
- CN
- China
- Prior art keywords
- token
- data
- target system
- website
- replacement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000012795 verification Methods 0.000 claims abstract description 15
- 230000001960 triggered effect Effects 0.000 claims abstract description 11
- 230000008569 process Effects 0.000 claims abstract description 8
- 230000003993 interaction Effects 0.000 claims abstract description 7
- 238000006243 chemical reaction Methods 0.000 claims description 8
- 230000004044 response Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 4
- 230000000977 initiatory effect Effects 0.000 claims description 2
- 230000009471 action Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention provides a token replacement method, a device and a storage medium, when a user logs in a current website, first token data of a website system corresponding to the current website are acquired and stored, after the user logs in successfully, a token replacement request initiated by the background of the current website is automatically processed, security verification is carried out on the first token data in the token replacement request, when the verification passes, second token data of a target system corresponding to each heterogeneous webpage embedded in the current website is acquired, when the heterogeneous webpage is triggered, data interaction is carried out on the target system based on the second token data, the first token data and the second token data can be acquired directly at the front end in the triggering process of the heterogeneous webpage, the in-site data in the website system is invisible to the user, and the second token data can be directly adopted for carrying out data access on the target system, so that the security of the data in the website system is ensured.
Description
Technical Field
The present invention relates to the field of network technologies, and in particular, to a method, an apparatus, and a storage medium for token replacement.
Background
In a large website, pages or services of other third-party systems are often embedded in one page, the number of the required applets and the APP is more, the applets jump, or services of a plurality of systems are integrated in one APP, front-end source codes are directly exposed, and the security is poor.
Disclosure of Invention
In view of this, the embodiments of the present invention provide a method, an apparatus, and a storage medium for replacing a token, so as to ensure security of source codes.
In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:
a method of token replacement, comprising:
responding to a token acquisition request of a login user for a website system corresponding to a current login website, and storing first token data corresponding to the token acquisition request;
when a token replacement request is detected to be initiated by a page background, the token replacement request is analyzed to obtain identification information of a target system required to perform token conversion;
verifying whether first token data for token replacement is legal or not;
if the second token data of the target system is legal, acquiring the second token data of the target system, and storing the second token data to the front end;
when the heterogeneous page triggered by the user is detected, the second token data is read, and a data request is initiated to the target system based on the second token data;
and acquiring and displaying feedback data of the target system.
Optionally, in the token replacement method, the target system is a system corresponding to each heterogeneous page embedded in the target website.
Optionally, before responding to a token acquisition request of a login user for a website system corresponding to a current login website, the token replacement method further includes:
acquiring and storing an authentication interface of a website system and a token generation interface of a target system;
the checking whether the first token data for token replacement is legal or not comprises the following steps:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
the obtaining the second token data of the target system includes:
and obtaining second token data of the target system through a token generation interface of the target system.
Optionally, in the above token replacement method, when the number of stored token generation interfaces is greater than 1, obtaining second token data of the target system through the token generation interfaces of the target system includes:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
Optionally, in the above token replacement method, the method further includes:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system when the target system is removed from the current login website.
A token replacement device comprising:
the first token data acquisition unit is used for responding to a token acquisition request of a login user for a website system corresponding to a current login website and storing first token data corresponding to the token acquisition request;
the replacement request response unit is used for analyzing the token replacement request when the token replacement request initiated by the page background is detected, so as to obtain the identification information of the target system required to perform token conversion;
a verification unit for verifying whether the first token data for performing the token replacement is legal;
the second token data acquisition unit is used for acquiring second token data of the target system if the first token data are detected to be legal, and storing the second token data to the front end;
the data interaction unit is used for reading the second token data when detecting that the user triggers the heterogeneous page, and initiating a data request to the target system based on the second token data; and acquiring and displaying feedback data of the target system.
Optionally, in the token replacement device,
the first token data acquisition unit is further used for, before responding to a token acquisition request of a login user for a website system corresponding to a current login website: acquiring and storing an authentication interface of a website system;
the second token data acquisition unit is further used for acquiring and storing a token generation interface of the target system before acquiring second token data of the target system;
at this time, the verifying whether the first token data for performing the token replacement is legal includes:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
the obtaining the second token data of the target system includes:
and obtaining second token data of the target system through a token generation interface of the target system.
Optionally, in the token replacement device,
when the number of the saved token generation interfaces is greater than 1, acquiring second token data of the target system through the token generation interfaces of the target system, wherein the second token data comprises the following steps:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
Optionally, the token replacement device further includes:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system when the target system is removed from the current login website.
A storage medium storing a plurality of instructions adapted to be loaded by a processor to perform the steps of the token replacement method of any one of the preceding claims.
Based on the technical scheme, when a user logs in a current website, the first token data of the website system corresponding to the current website are obtained and stored, after the login is successful, a token replacement request initiated by the background of the current website is automatically processed, security verification is carried out on the first token data in the token replacement request, when the verification is passed, second token data of the target system corresponding to each heterogeneous webpage embedded in the current website is obtained, when the heterogeneous webpage is triggered, data interaction is carried out on the target system based on the second token data, the first token data and the second token data can be directly obtained at the front end in the triggering process of the heterogeneous webpage, the data in the website system is invisible to the user, and the second token data can be directly adopted for carrying out data access on the target system, so that the security of the data in the website system is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a token replacement method disclosed in an embodiment of the present application;
FIG. 2 is a detailed flow chart of a token replacement method disclosed in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a token replacement device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
To prevent front end source code from being directly exposed when jumping among multiple applets, the application discloses a token replacement method, which can be applied to a client, see fig. 1, and can include:
step S101: responding to a token acquisition request of a login user for a website system corresponding to a current login website, and storing first token data corresponding to the token acquisition request.
Referring to fig. 1 and 2, when a user logs in a current login website by using a client, a system applying the method automatically generates a token acquisition request for acquiring token data of the current login website, sends the token acquisition request to a website system corresponding to the current login website, after acquiring the token acquisition request, the website system generates first token data (atoken) corresponding to the website system, sends the first token data atoken of the website system as real-time response data of the token acquisition request to the client, and after acquiring the first token data atoken, the client stores the first token data atoken in a front-end browser of the client, and at this time, the user can successfully log in the current login website.
Step S102: when a token replacement request initiated by a page background is detected, the token replacement request is analyzed to obtain identification information of a target system required to perform token conversion.
After a user logs in the current login website, if a heterogeneous page exists in the current login website, a page background automatically initiates a token replacement request, and when a device applying the method detects that the page background initiates the token replacement request, the token replacement request is analyzed to obtain identification information of a target system required to perform token conversion, wherein the token replacement request includes at least stored first token data atoken and identification information of the target system, and the identification information of the target system can refer to address information of a token generation interface of the target system.
Step S103: it is checked whether the first token data for token replacement is valid.
In this step, in order to ensure the security of the front end source code, before performing token replacement, security verification needs to be performed on the first token data included in the token replacement request, that is, security verification is performed on the first token data that is fetched by the client, and when security verification is performed, the website system may be used to perform security verification.
Step S104: and if the second token data of the target system is legal, acquiring the second token data of the target system, and storing the second token data to the front end.
After the security verification is carried out on the first token data, if the security verification of the first token data is passed, executing the step, if the security verification fails, not responding to the token replacement request, and carrying out error reporting. When the step is executed, the token data token of the target system corresponding to each heterogeneous webpage embedded in the current login website is obtained, the token data is recorded as second token data btoken, and then the second token data btoken is stored to a client side to wait for system call.
Step S105: and when the heterogeneous page triggered by the user is detected, the second token data is read, and a data request is initiated to the target system based on the second token data.
In the step, when the heterogeneous page of the current website is detected to be triggered by a user, second token data btoken of a target system corresponding to the triggered heterogeneous page is extracted, and data interaction is directly carried out on the target system corresponding to the heterogeneous page based on the second token data btoken.
Step S106: and acquiring and displaying feedback data of the target system.
According to the technical scheme disclosed by the embodiment of the application, when a user logs in a current website, first token data of a website system corresponding to the current website are acquired and stored, after the user logs in successfully, a token replacement request initiated by a background of the current website is automatically processed, security verification is carried out on the first token data in the token replacement request, when the verification passes, second token data of a target system corresponding to each heterogeneous webpage embedded in the current website is acquired, when the heterogeneous webpage is triggered, data interaction is carried out on the basis of the second token data directly with the target system, the first token data and the second token data can be acquired directly at the front end in the triggering process of the heterogeneous webpage, in-site data in the website system are invisible to the user, and the second token data can be directly adopted for carrying out data access on the target system, so that the security of the data in the website system is ensured.
In the foregoing embodiments of the present application, the target system is a system corresponding to each heterogeneous page embedded in the target website, and the heterogeneous page is a plug-in or a function control embedded in the current login website.
The above solution disclosed in the embodiments of the present application may be implemented by a preset application program, for example, the above may be implemented by a JAVA application program, which is loaded on the client, and when the client is started locally, the above procedure is automatically executed. In the above scheme, the authentication interface of the website system may be cured at the client, and when the security check is performed on the first token data, the first token data may be directly sent to the website system end through the authentication interface of the website system, and the security check is performed at the website system end. Correspondingly, the token generation interfaces of the target system corresponding to the heterogeneous webpages in the current login website can be solidified at the client, and when the client needs to use, the token generation interfaces are directly called, namely, when the security check passes, second token data of the target system are obtained at the client, and then the client directly obtains the system interface of the target system based on the second token data.
That is, in summary, before responding to the token acquisition request of the login user for the website system corresponding to the current login website, the method further includes:
and acquiring and storing an authentication interface of the website system and a token generation interface of the target system at the client. In the technical solution disclosed in this embodiment, the authentication interface and the token generation interface may provide a request parameter request and a response data processing rule response, where the request parameter is mainly a request header parameter, a url parameter and a request body parameter, and the response data processing rule may support two formats of JSON and a common character string, and certainly may also support other formats, where JSON uses XPath definition rules, and the common character string uses regular expression processing rules;
at this time, the verifying whether the first token data for performing the token replacement is legal includes:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
at this time, the obtaining the second token data of the target system includes:
and obtaining second token data of the target system through a token generation interface of the target system.
In this way, the authentication interface and the token generation interface are both solidified at the client, so that the problem of source code leakage caused by excessive data facing the user in the website system can be effectively prevented.
In the technical solution disclosed in this embodiment, the number of token generation interfaces stored at the client may be greater than 1, and the target systems corresponding to different token generation interfaces are different;
when the number of the saved token generation interfaces is greater than 1, acquiring second token data of the target system through the token generation interfaces of the target system, wherein the second token data comprises the following steps:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
In the technical solution disclosed in another embodiment of the present application, considering that a user may autonomously add or delete a heterogeneous web page in the target website based on his own needs, when the heterogeneous web page in the current login website changes, the stored token generation interface may be adjusted based on the change, that is, in the above solution, the method may further include:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system in a client when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system by the client when the target system is removed from the current login website.
In this embodiment, corresponding to the above method, the present application further discloses a token replacing device, and please refer to the content of the above method embodiment for specific working content of each unit in the device, and the token replacing device provided in the embodiment of the present invention is described below, where the token replacing device described below and the token replacing method described above may refer to each other correspondingly.
Referring to fig. 3, a token replacement apparatus disclosed in an embodiment of the present application includes:
a first token data acquisition unit 100, configured to respond to a token acquisition request of a login user for a website system corresponding to a current login website, and store first token data corresponding to the token acquisition request;
the replacement request response unit 200 is configured to parse the token replacement request when detecting that the page background initiates the token replacement request, so as to obtain identification information of a target system that needs to perform token conversion;
a checking unit 300 for checking whether the first token data for performing the token replacement is legal;
a second token data acquisition unit 400, configured to acquire second token data of the target system if the first token data is detected to be legal, and store the second token data to a front end;
the data interaction unit 500 is configured to read the second token data when detecting that the user triggers the heterogeneous page, and initiate a data request to the target system based on the second token data; and acquiring and displaying feedback data of the target system.
Corresponding to the method, the first token data acquisition unit is further configured to, before responding to a token acquisition request of a login user for a website system corresponding to a current login website: acquiring and storing an authentication interface of a website system;
the second token data acquisition unit is further used for acquiring and storing a token generation interface of the target system before acquiring second token data of the target system;
at this time, the verifying whether the first token data for performing the token replacement is legal includes:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
the obtaining the second token data of the target system includes:
and obtaining second token data of the target system through a token generation interface of the target system.
Corresponding to the method, when the number of the stored token generation interfaces is greater than 1, obtaining second token data of the target system through the token generation interfaces of the target system comprises the following steps:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
Corresponding to the method, the method further comprises:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system when the target system is removed from the current login website.
Corresponding to the above method, the present application also discloses a storage medium, characterized in that the storage medium stores a plurality of instructions, which are adapted to be loaded by a processor to perform the steps in the token replacement method according to any of the above.
Specifically, corresponding to the above method, the instructions, when executed, are specifically configured to perform the following operations:
responding to a token acquisition request of a login user for a website system corresponding to a current login website, and storing first token data corresponding to the token acquisition request;
when a token replacement request is detected to be initiated by a page background, the token replacement request is analyzed to obtain identification information of a target system required to perform token conversion;
verifying whether first token data for token replacement is legal or not;
if the second token data of the target system is legal, acquiring the second token data of the target system, and storing the second token data to the front end;
when the heterogeneous page triggered by the user is detected, the second token data is read, and a data request is initiated to the target system based on the second token data;
and acquiring and displaying feedback data of the target system.
The instruction is further used for, before responding to a token acquisition request of a login user for a website system corresponding to a current login website:
acquiring and storing an authentication interface of a website system and a token generation interface of a target system;
the checking whether the first token data for token replacement is legal or not comprises the following steps:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
the obtaining the second token data of the target system includes:
and obtaining second token data of the target system through a token generation interface of the target system.
When the number of the stored token generation interfaces is greater than 1, the instruction obtains the second token data of the target system through the token generation interfaces of the target system, and specifically includes:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
The instructions are also for:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system when the target system is removed from the current login website.
The storage medium stores a plurality of instructions, which can be realized in the form of codes, and the type and the coding mode of the codes can be selected according to the demands of users.
For convenience of description, the above system is described as being functionally divided into various modules, respectively. Of course, the functions of each module may be implemented in the same piece or pieces of software and/or hardware when implementing the present invention.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for a system or system embodiment, since it is substantially similar to a method embodiment, the description is relatively simple, with reference to the description of the method embodiment being made in part. The systems and system embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
It is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (7)
1. A method of token replacement, the method being applied to a client and comprising:
responding to a token acquisition request of a login user for a website system corresponding to a current login website, and storing first token data corresponding to the token acquisition request;
when a token replacement request is detected to be initiated by a page background, the token replacement request is analyzed to obtain identification information of a target system required to perform token conversion;
verifying whether first token data for token replacement is legal or not;
if the second token data of the target system is legal, acquiring the second token data of the target system, and storing the second token data to the front end;
when the heterogeneous page triggered by the user is detected, the second token data is read, and a data request is initiated to the target system based on the second token data;
acquiring and displaying feedback data of the target system;
the target system is a system corresponding to each heterogeneous page embedded in the target website;
before responding to the token acquisition request of the login user for the website system corresponding to the current login website, the method further comprises the following steps:
acquiring and storing an authentication interface of a website system and a token generation interface of a target system at a client;
the checking whether the first token data for token replacement is legal or not comprises the following steps:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
the obtaining the second token data of the target system includes:
acquiring second token data of the target system through a token generation interface of the target system;
in the process that the heterogeneous page is triggered, the first token data and the second token data are directly acquired at the client, the data in the website system are invisible to the user, and the second token data are directly adopted to access the data of the target system, so that the safety of the data in the website system is guaranteed.
2. The token replacement method of claim 1, wherein obtaining second token data of the target system through the token generation interface of the target system when the number of saved token generation interfaces is greater than 1, comprises:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
3. The token replacement method of claim 1, further comprising:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system when the target system is removed from the current login website.
4. A token replacement apparatus, comprising:
the first token data acquisition unit is used for responding to a token acquisition request of a login user for a website system corresponding to a current login website and storing first token data corresponding to the token acquisition request;
the system comprises a replacement request response unit, a target system and a replacement request processing unit, wherein the replacement request response unit is used for analyzing a token replacement request when detecting that a page background initiates the token replacement request to obtain identification information of the target system required to perform token conversion, and the target system is a system corresponding to each heterogeneous page embedded in a target website;
a verification unit for verifying whether the first token data for performing the token replacement is legal;
the second token data acquisition unit is used for acquiring second token data of the target system if the first token data are detected to be legal, and storing the second token data to the front end;
the data interaction unit is used for reading the second token data when detecting that the user triggers the heterogeneous page, and initiating a data request to the target system based on the second token data; acquiring and displaying feedback data of the target system;
wherein,
the first token data acquisition unit is further used for, before responding to a token acquisition request of a login user for a website system corresponding to a current login website: acquiring and storing an authentication interface of a website system at a client;
the second token data acquisition unit is further used for acquiring and storing a token generation interface of the target system before acquiring second token data of the target system;
at this time, the verifying whether the first token data for performing the token replacement is legal includes:
checking whether first token data for performing token replacement is legal or not by adopting an authentication interface of the website system;
the obtaining the second token data of the target system includes:
acquiring second token data of the target system through a token generation interface of the target system;
the token replacement device directly acquires the first token data and the second token data from the client in the process that the heterogeneous page is triggered, the data in the website system is invisible to the user, and the second token data is directly adopted to access the data of the target system so as to ensure the security of the data in the website system.
5. The token replacement apparatus according to claim 4, wherein when the number of the held token generation interfaces is greater than 1, acquiring second token data of the target system through the token generation interface of the target system, comprises:
and acquiring second token data of the target system through a token generation interface of the target system corresponding to the heterogeneous page.
6. The token replacement apparatus according to claim 5, further comprising:
scanning the target system embedded in the current login website, judging whether a new target system is embedded in or removed from the current login website, acquiring and storing a token generation interface of the new target system when the new target system is embedded in the current login website, and deleting the stored token generation interface of the removed target system when the target system is removed from the current login website.
7. A storage medium storing a plurality of instructions adapted to be loaded by a processor to perform the steps of the token replacement method of any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111014307.3A CN114124430B (en) | 2021-08-31 | 2021-08-31 | Token replacement method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111014307.3A CN114124430B (en) | 2021-08-31 | 2021-08-31 | Token replacement method, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114124430A CN114124430A (en) | 2022-03-01 |
| CN114124430B true CN114124430B (en) | 2024-03-01 |
Family
ID=80441095
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111014307.3A Active CN114124430B (en) | 2021-08-31 | 2021-08-31 | Token replacement method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114124430B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107147647A (en) * | 2017-05-11 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of webpage authorization method and device |
| CN109981664A (en) * | 2019-03-29 | 2019-07-05 | 北京致远互联软件股份有限公司 | Website logging method, device and the realization device of page end |
| CN111628971A (en) * | 2017-02-09 | 2020-09-04 | 阿里巴巴集团控股有限公司 | Trust login method |
| CN112039909A (en) * | 2020-09-03 | 2020-12-04 | 平安科技(深圳)有限公司 | Authentication method, device, equipment and storage medium based on unified gateway |
| CN112333198A (en) * | 2020-11-17 | 2021-02-05 | 中国银联股份有限公司 | Secure cross-domain login method, system and server |
| CN112910904A (en) * | 2021-02-03 | 2021-06-04 | 叮当快药科技集团有限公司 | Login method and device of multi-service system |
| CN113285936A (en) * | 2021-05-14 | 2021-08-20 | 深圳市金蝶天燕云计算股份有限公司 | Cross-domain data acquisition method and related device |
-
2021
- 2021-08-31 CN CN202111014307.3A patent/CN114124430B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111628971A (en) * | 2017-02-09 | 2020-09-04 | 阿里巴巴集团控股有限公司 | Trust login method |
| CN107147647A (en) * | 2017-05-11 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of webpage authorization method and device |
| CN109981664A (en) * | 2019-03-29 | 2019-07-05 | 北京致远互联软件股份有限公司 | Website logging method, device and the realization device of page end |
| CN112039909A (en) * | 2020-09-03 | 2020-12-04 | 平安科技(深圳)有限公司 | Authentication method, device, equipment and storage medium based on unified gateway |
| CN112333198A (en) * | 2020-11-17 | 2021-02-05 | 中国银联股份有限公司 | Secure cross-domain login method, system and server |
| CN112910904A (en) * | 2021-02-03 | 2021-06-04 | 叮当快药科技集团有限公司 | Login method and device of multi-service system |
| CN113285936A (en) * | 2021-05-14 | 2021-08-20 | 深圳市金蝶天燕云计算股份有限公司 | Cross-domain data acquisition method and related device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114124430A (en) | 2022-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20170346805A1 (en) | Login method and apparatus, and open platform system | |
| CN107704497B (en) | Webpage data crawling method and device, webpage data crawling platform and storage medium | |
| CN107528858B (en) | Login method, device and equipment based on webpage and storage medium | |
| US11538046B2 (en) | Page data acquisition method, apparatus, server, electronic device and computer readable medium | |
| CN108415804B (en) | Method for acquiring information, terminal device and computer readable storage medium | |
| CN108632219B (en) | Website vulnerability detection method, detection server, system and storage medium | |
| EP3111359B1 (en) | Method and system for extracting characteristic information | |
| CN109446801B (en) | Method, device, server and storage medium for detecting simulator access | |
| CN112100536A (en) | Webpage access method, device and equipment and readable storage medium | |
| CN107147645B (en) | Method and device for acquiring network security data | |
| CN107302586A (en) | A kind of Webshell detection methods and device, computer installation, readable storage medium storing program for executing | |
| CN112232794A (en) | Payment method and device, storage medium and electronic equipment | |
| CN112068902A (en) | Plug-in calling method and device, electronic equipment and storage medium | |
| CN112800309A (en) | Crawler system based on HTTP proxy and implementation method thereof | |
| US11899770B2 (en) | Verification method and apparatus, and computer readable storage medium | |
| CN115543827A (en) | Buried point data display method and device | |
| CN113709147B (en) | Network security event response method, device and equipment | |
| CN114124430B (en) | Token replacement method, device and storage medium | |
| CN112600864A (en) | Verification code verification method, device, server and medium | |
| CN103034711A (en) | Form recognition method and device | |
| CN115065510A (en) | Login method, device, system, electronic equipment and readable storage medium | |
| CN107204958B (en) | Method and device for detecting webpage resource elements and terminal equipment | |
| CN109688004B (en) | Abnormal data detection method and equipment | |
| CN110231921B (en) | Log printing method, device, equipment and computer readable storage medium | |
| CN109740386B (en) | Method and device for detecting static resource file |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240130 Address after: 266101 in Haier Industrial Park, Laoshan District, Qingdao City, Shandong Province Applicant after: Qingdao Haier Technology Co., Ltd. Country or region after: China Applicant after: Haier Zhijia Co.,Ltd. Address before: 266101 Haier Road, Laoshan District, Qingdao, Qingdao, Shandong Province, No. 1 Applicant before: QINGDAO HAIER SMART TECHNOLOGY R&D Co.,Ltd. Country or region before: China Applicant before: Haier Zhijia Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |