CN114760127A - Multi-interface authentication access method based on zero code - Google Patents
Multi-interface authentication access method based on zero code Download PDFInfo
- Publication number
- CN114760127A CN114760127A CN202210367497.5A CN202210367497A CN114760127A CN 114760127 A CN114760127 A CN 114760127A CN 202210367497 A CN202210367497 A CN 202210367497A CN 114760127 A CN114760127 A CN 114760127A
- Authority
- CN
- China
- Prior art keywords
- authentication
- cache
- token
- request
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The invention discloses a zero code-based multi-interface authentication access method, which is characterized by comprising the following steps of: s1, the caller sends the authentication rule inquiry request of the merchant to the authentication center through the authentication interface; s2, does the authentication center inquire whether the merchant is configured with authentication rules If yes, go to step S3; if not, go to step S4; s3, judging whether the token configuration exists in the merchant, if yes, obtaining the token address, requesting the token address, storing the returned token result into a cache, and executing the step S4; otherwise, the step S4 is executed directly. The invention can quickly modify the authentication request header information, the authentication rule information and the authentication parameter information through the web terminal authentication management page, can complete related parameter configuration even if a user has no software development experience, not only can thoroughly solve the problem of non-uniform authentication data during docking, but also can reduce the professional technical requirements of a user, so that a common operator can perform corresponding operation.
Description
Technical Field
The invention belongs to the field of Internet, and particularly relates to a zero-code-based multi-interface authentication access method.
Background
With the rapid development of new retail industries, more and more retail merchants begin to expand retail channels by interfacing with three-party takeaway platforms, where the third-party takeaway platform is an online local life service platform providing businesses such as placing orders and delivering takeaway orders, such as a united state, hungry, jingdong home, and the like. In order to facilitate retail merchants to operate take-out services through a unified operating platform, take-out kiosks have been created. Because the takeout center is a uniform operating platform formed after integrating and butting open platform interfaces of a plurality of three-party takeout platforms, a large number of retail merchants can use the takeout center to operate takeout services, and the utilization rate of the takeout center is very high.
With the continuous increase of the docking number of retail merchants, the take-out center needs to call the authentication interface of the retail merchant to obtain an authentication result in the docking process, but the authentication interface, the data structure, the authentication mode and the like of each retail merchant are differentiated and personalized, and if a calling program is developed for each retail merchant, the process is very complicated and redundant, so that a set of universal authentication interface calling method is designed to solve the problem that the authentication data structures of multiple merchants are inconsistent, and the method is an urgent matter at present.
Disclosure of Invention
The invention aims to overcome the problems and provide a zero-code-based multi-interface authentication access method.
The purpose of the invention is realized by the following technical scheme: a multi-interface authentication access method based on zero codes comprises the following steps:
s1, the caller sends the authentication rule inquiry request of the merchant to the authentication center through the authentication interface;
s2, does the authentication center inquire whether the merchant is configured with authentication rules? If yes, go to step S3; if not, go to step S4;
s3, judging whether the token configuration exists in the merchant, if so, acquiring the token address, requesting the token address, storing a returned token result into a cache, and executing the step S4; if not, directly executing the step S4;
s4, the authentication center searches the request header configuration information of the merchant in the cache;
s5, the authentication center searches the built-in variable cache of the system and loads the built-in variable resolver of the system;
and S6, assembling and generating a request header according to the data in the steps S4 and S5, and feeding back the request header to the caller through the authentication interface.
Further, the step S3, after acquiring the token address and requesting the token address, storing the returned token result in the cache, includes the following steps:
S31, the authentication center acquires the TOKEN address and parameter configuration of the merchant;
s32, loading a built-in variable parser of the system and a corresponding encryption algorithm;
s33, loading a request mode;
s34, the TOKEN address of the merchant is accessed, and the TOKEN result is stored in the cache.
In order to better realize the invention, the authentication center comprises a WEB terminal authentication management page used for modifying or configuring the authentication request head, the authentication rule and the authentication parameter, a database used for storing the configuration information of the authentication request head, the authentication rule and the authentication parameter, a cache used for storing and calling the authentication request head, the authentication rule and the authentication parameter, and an external interface used for calling and feeding back the authentication configuration information by a calling party.
Furthermore, the authentication request header at least comprises four groups of data information of an authentication address, a request header KEY, a request header value and a signature sequence, and the request header value supports two setting modes of a system constant and a system built-in variable.
The authentication rule at least comprises three groups of data information of an authentication address, a TOKEN address and a request mode.
The authentication parameters at least comprise four groups of data information of the parameter name, the parameter value, the request address of the TOKEN and the parameter value encryption algorithm of the merchant TOKEN.
When the cache calls the authentication request header, the authentication rules and the authentication parameters, the cache comprises any one of the following modes or any mode combination thereof, namely a new adding mode, a deleting mode and a modifying mode. Wherein, newly-increased mode is: when a user inputs an authentication request head, an authentication parameter or an authentication rule through a newly added button of an authentication request head management page, an authentication parameter page or an authentication rule page, the system directly newly adds and stores the input configuration information into a cache; the deletion mode is that when the user deletes the authentication request head, the authentication parameters or the authentication rules through a deletion button of the authentication request head management page, the authentication parameter page or the authentication rule page, the system deletes the configuration from the cache; the modification mode is that when a user modifies the authentication request head, the authentication parameters or the authentication rules through an editing button of the authentication request head management page, the authentication parameter page or the authentication rule page, the system firstly judges whether the original data exists in the cache or not, if the original data exists, the original authentication request head, the authentication parameters or the authentication rules are deleted from the cache, and then the updated authentication request head, the updated authentication parameters or the updated authentication rules are stored in the cache; if the original data does not exist, the updated authentication request head, the authentication parameters or the authentication rules are directly stored into the cache.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the invention can effectively solve the problem that the authentication data of different merchant interfaces are inconsistent, and the redundancy problem of independently developing systems for different merchants is needed to obtain the authentication data, thereby obviously improving the working efficiency and calling speed.
2. The invention can quickly modify the authentication request header information, the authentication rule information and the authentication parameter information through the WEB terminal authentication management page, can complete related parameter configuration even if a user has no software development experience, not only can thoroughly solve the problem of non-uniformity of authentication data during docking, but also can reduce the professional technical requirements of a user, so that a common operator can perform corresponding operation.
3. The invention realizes the storage of relevant parameters of merchant authentication by using a cache technology, and only needs to take out the set corresponding result value from the cache and return the result value to the caller when the caller requests, so the response speed is very high.
Drawings
Fig. 1 is a schematic diagram of a system structure of an authentication center according to the present invention.
Fig. 2 is a schematic flow chart of the access method of the authentication center according to the present invention.
Detailed Description
The present invention will be described in further detail with reference to examples, but the embodiments of the present invention are not limited thereto.
Examples
The invention provides an authentication center of a visual interface for a user by taking zero codes as an idea, and the system of the authentication center is shown in figure 1 and mainly comprises a WEB terminal authentication management page, a database, a cache and an external interface. The WEB terminal authentication management page is used for modifying or configuring data information of an authentication request head, data information of an authentication rule and data information of an authentication parameter, the database is used for storing the data configuration information of the authentication request head, the data configuration information of the authentication rule and the data configuration information of the authentication parameter, the cache is used for storing and calling the authentication request head, the authentication rule and the authentication parameter, and the external interface is used for calling and feeding back the authentication configuration information.
In order to ensure the technical effect, the system adopts the cache technology to realize the storage of relevant parameters of merchant authentication, and a caller only needs to take out a set corresponding result value from the cache and return the result value to the caller when requesting. When the authentication request header, the authentication rules and the authentication parameters are called, the cache has a plurality of modes, including a new adding mode, a deleting mode and a modifying mode. According to different requirements, the system can be configured with any one or any combination of the three modes.
The new mode specifically includes: when a user inputs the authentication request head, the authentication parameters or the authentication rules through a newly added button of the authentication request head management page, the authentication parameter page or the authentication rule page, the system directly newly adds and stores the input configuration information into the cache.
The deletion mode specifically means: when the user deletes the authentication request head, the authentication parameters or the authentication rules through a delete button of the authentication request head management page, the authentication parameter page or the authentication rule page, the system deletes the configuration from the cache.
The modification mode specifically means: when a user modifies an authentication request head, an authentication parameter or an authentication rule through an editing button of an authentication request head management page, an authentication parameter page or an authentication rule page, a system firstly judges whether the original data exists in a cache or not, if the original data exists, the original authentication request head, the authentication parameter or the authentication rule are deleted from the cache, and then the updated authentication request head, the updated authentication parameter or the updated authentication rule are stored in the cache; if the original data does not exist, the updated authentication request head, the authentication parameters or the authentication rules are directly stored into the cache.
Since the authentication request header, the authentication rule and the authentication parameter are core parts of the authentication center and are the basis for realizing zero codes, the present embodiment describes the three data information in a table form.
As shown in table 1 below, the information of the authentication request header includes 8 data information, and in a specific application, the minimum requirement at least includes four sets of data information, namely, an authentication address (field name is auth _ url), a request header KEY (field name is header _ KEY), a request header value (field name is header _ value), and signature sequencing (field name is sign _ sort), and the more perfect the other 4 sets of data are, the more beneficial the retrieval of data and the integrity of data are. The specific information content of the authentication request header is shown in the following table.
TABLE 1
Wherein, the request head value in the table indicates the request head transfer parameter value of the merchant, which supports the system constant and the system built-in variable.
When the configuration form is the system built-in variable, the configuration form needs to be recorded in a placeholder form, and the actual parameter value obtained by using the corresponding system built-in variable resolver is used for replacing the corresponding placeholder. The currently supported request header system built-in variable types and resolvers are shown in table 2 below:
TABLE 2
The authentication rule includes 16 sets of data information, and when the authentication rule is applied specifically, the minimum requirement includes three sets of data information, such as an authentication address (field name is auth _ url), a TOKEN address (field name is TOKEN _ url), and a request method (field name is TOKEN _ method), and the information specific content of the authentication rule is as shown in table 3 below.
TABLE 3
The authentication parameters include 8 sets of data information, and in specific application, the minimum requirement includes four sets of data information including a parameter name (field name is param _ name) of TOKEN of a merchant, a parameter value (field name is param _ value), a request address (field name is url) of TOKEN and a parameter value encryption algorithm (field name is algorithm), and the specific information of the authentication parameters is shown in the following table 4:
TABLE 4
Based on the data information of the authentication request header, the data information of the authentication rule, and the data information of the authentication parameter, the access method of the authentication center according to the present invention is shown in fig. 2, and includes the following steps:
s1, the caller sends the authentication rule inquiry request of the merchant to the authentication center through the authentication interface.
S2, the authentication center inquires whether the merchant is configured with the authentication rule? If yes, go to step S3; otherwise, step S4 is executed.
S3, judging whether the token configuration exists in the merchant, if yes, obtaining the token address, requesting the token address, storing the returned token result into a cache, and executing the step S4; otherwise, step S4 is executed directly.
In step S3, "after acquiring the token address, request the token address, and store the returned token result in the cache", the specific steps are as follows: s31, the authentication center obtains the TOKEN parameter configuration of the merchant to be inquired; s32, loading a built-in variable parser of the system and a corresponding encryption algorithm; s33, loading a request mode; s34, the TOKEN address of the merchant to be inquired is accessed and stored in the cache.
S4, the authentication center searches the request header configuration information of the merchant in the cache.
And S5, the authentication center searches the built-in variable cache of the system and loads the built-in variable resolver of the system.
And S6, assembling and generating a request header according to the data in the steps S4 and S5, and feeding back the request header to the caller through the authentication interface.
As described above, the present invention can be preferably realized.
Claims (7)
1. A multi-interface authentication access method based on zero codes is characterized by comprising the following steps:
s1, the caller sends the authentication rule inquiry request of the merchant to the authentication center through the authentication interface;
S2, does the authentication center inquire whether the merchant is configured with authentication rules? If yes, go to step S3; if not, go to step S4;
s3, judging whether the token configuration exists in the merchant, if yes, obtaining the token address, requesting the token address, storing the returned token result into a cache, and executing the step S4; if not, directly executing the step S4;
s4, the authentication center searches the request head configuration information of the merchant in the cache;
s5, the authentication center searches the system built-in variable cache and loads the system built-in variable resolver;
and S6, assembling and generating a request header according to the data in the steps S4 and S5, and feeding the request header back to the caller through the authentication interface.
2. The zero-code-based multi-interface authentication access method according to claim 1, wherein the step S3, after acquiring the token address and requesting the token address, storing the returned token result in a cache, includes the following steps:
s31, the authentication center acquires the TOKEN address and parameter configuration of the merchant;
s32, loading a system built-in variable resolver and a corresponding encryption algorithm;
s33, loading a request mode;
s34, the TOKEN address of the merchant is accessed, and the TOKEN result is stored in the cache.
3. The zero-code-based multi-interface authentication access method according to claim 1 or 2, wherein the authentication center includes a WEB-side authentication management page for modifying or configuring the authentication request header, the authentication rule and the authentication parameter, a database for storing configuration information of the authentication request header, the authentication rule and the authentication parameter, a cache for storing and calling the authentication request header, the authentication rule and the authentication parameter, and an external interface for calling and feeding back the authentication configuration information by a calling party.
4. The multi-interface authentication access method based on zero code according to claim 3, wherein the authentication request header at least includes four sets of data information of authentication address, request header KEY, request header value and signature sequence, and the request header value supports two setting modes of system constant and system built-in variable.
5. The multi-interface authorization access method based on zero code as claimed in claim 3, wherein the authorization rule at least includes three groups of data information of authorization address, TOKEN address and request mode.
6. The method as claimed in claim 3, wherein the authentication parameters at least include four sets of data information including the parameter name of TOKEN of the merchant, the parameter value, the request address of TOKEN and the encryption algorithm of the parameter value.
7. The zero-code-based multi-interface authentication access method according to claim 3, wherein the cache, when invoking the authentication request header, the authentication rules and the authentication parameters, comprises any one or a combination of the following modes:
a new adding mode: when a user inputs an authentication request head, an authentication parameter or an authentication rule through a newly added button of an authentication request head management page, an authentication parameter page or an authentication rule page, the system directly newly adds and stores the input configuration information into a cache;
and (3) deleting mode: when the user deletes the authentication request head, the authentication parameters or the authentication rules through a deletion button of the authentication request head management page, the authentication parameter page or the authentication rule page, the system deletes the configuration from the cache;
and (3) modifying the mode: when a user modifies an authentication request head, an authentication parameter or an authentication rule through an editing button of an authentication request head management page, an authentication parameter page or an authentication rule page, a system firstly judges whether the original data exists in a cache or not, if the original data exists, the original authentication request head, the authentication parameter or the authentication rule are deleted from the cache, and then the updated authentication request head, the updated authentication parameter or the updated authentication rule are stored in the cache; if the original data does not exist, the updated authentication request head, the authentication parameters or the authentication rules are directly stored into the cache.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210367497.5A CN114760127B (en) | 2022-04-08 | 2022-04-08 | Multi-interface authentication access method based on zero codes |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210367497.5A CN114760127B (en) | 2022-04-08 | 2022-04-08 | Multi-interface authentication access method based on zero codes |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114760127A true CN114760127A (en) | 2022-07-15 |
CN114760127B CN114760127B (en) | 2023-10-03 |
Family
ID=82328804
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210367497.5A Active CN114760127B (en) | 2022-04-08 | 2022-04-08 | Multi-interface authentication access method based on zero codes |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114760127B (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102196012A (en) * | 2010-03-17 | 2011-09-21 | 华为技术有限公司 | Service opening method, system and service opening server |
US20150310417A1 (en) * | 2014-04-29 | 2015-10-29 | Ebay Inc. | Payment code generation using a wireless beacon at a merchant location |
CN106296352A (en) * | 2016-08-04 | 2017-01-04 | 多点生活(中国)网络科技有限公司 | Order data treating method and apparatus |
CN107438061A (en) * | 2016-05-27 | 2017-12-05 | 北京京东尚科信息技术有限公司 | A kind of method and apparatus of kafka clients authentication |
CN108259619A (en) * | 2018-01-30 | 2018-07-06 | 成都东软学院 | Network request means of defence and network communicating system |
CN108809956A (en) * | 2018-05-23 | 2018-11-13 | 广州虎牙信息科技有限公司 | Method for authenticating, access request retransmission method based on micro services and device, system |
CN110650112A (en) * | 2018-06-27 | 2020-01-03 | 贵州白山云科技股份有限公司 | Universal authentication method and device and cloud service network system |
CN111131416A (en) * | 2019-12-12 | 2020-05-08 | 京东数字科技控股有限公司 | Business service providing method and device, storage medium and electronic device |
CN111770068A (en) * | 2020-06-15 | 2020-10-13 | 上海翌旭网络科技有限公司 | Consistency authentication method based on optimal link selection |
-
2022
- 2022-04-08 CN CN202210367497.5A patent/CN114760127B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102196012A (en) * | 2010-03-17 | 2011-09-21 | 华为技术有限公司 | Service opening method, system and service opening server |
US20150310417A1 (en) * | 2014-04-29 | 2015-10-29 | Ebay Inc. | Payment code generation using a wireless beacon at a merchant location |
CN107438061A (en) * | 2016-05-27 | 2017-12-05 | 北京京东尚科信息技术有限公司 | A kind of method and apparatus of kafka clients authentication |
CN106296352A (en) * | 2016-08-04 | 2017-01-04 | 多点生活(中国)网络科技有限公司 | Order data treating method and apparatus |
CN108259619A (en) * | 2018-01-30 | 2018-07-06 | 成都东软学院 | Network request means of defence and network communicating system |
CN108809956A (en) * | 2018-05-23 | 2018-11-13 | 广州虎牙信息科技有限公司 | Method for authenticating, access request retransmission method based on micro services and device, system |
CN110650112A (en) * | 2018-06-27 | 2020-01-03 | 贵州白山云科技股份有限公司 | Universal authentication method and device and cloud service network system |
CN111131416A (en) * | 2019-12-12 | 2020-05-08 | 京东数字科技控股有限公司 | Business service providing method and device, storage medium and electronic device |
CN111770068A (en) * | 2020-06-15 | 2020-10-13 | 上海翌旭网络科技有限公司 | Consistency authentication method based on optimal link selection |
Non-Patent Citations (2)
Title |
---|
万俊;林晓燕;: "政企应用组配鉴权平台研究", 信息技术与标准化, no. 11 * |
章武: ""基于移动终端的服务接入与服务定制的设计与实现"", 《信息科技》, no. 6 * |
Also Published As
Publication number | Publication date |
---|---|
CN114760127B (en) | 2023-10-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20110289420A1 (en) | Screen customization supporting system, screen customization supporting method, and computer-readable recording medium | |
US20220075807A1 (en) | Systems and methods for sharing documents | |
JPH09508995A (en) | Method and apparatus for controlling access to a database | |
JP2005526334A (en) | Application generator | |
EP2461615A1 (en) | Method for backing up terminal data and system thereof | |
CN105701112A (en) | Data processing method, apparatus and system | |
JP2947111B2 (en) | Exchange data transfer method and system | |
CN109767098A (en) | Processing method, device, computer equipment and the storage medium of product attribute | |
CN101546403A (en) | Online service system and method for providing online service | |
CN112685091A (en) | Service request processing method, device, equipment and medium based on big data | |
US9824227B2 (en) | Simulated control of a third-party database | |
US11019065B2 (en) | Digital consent system and associated methods | |
JPH08123714A (en) | System for concentrically converting file format | |
CN106776717A (en) | A kind of interface configurations method and system based on HBase | |
CN114760127B (en) | Multi-interface authentication access method based on zero codes | |
CN112785248A (en) | Human resource data cross-organization interaction method, device, equipment and storage medium | |
CN111382142A (en) | Database operation method, server and computer storage medium | |
EP3373165A1 (en) | Method of transferring the structures and data sets between the source and target systems and the system to implement it | |
CN110222105B (en) | Data summarization processing method and device | |
JPH07271569A (en) | Program specification preparation system | |
CN108241697A (en) | A kind of laboratory data inquiry management system | |
JP2000137643A (en) | Information sharing system, information sharing method and record medium recorded with program therefor | |
US8489768B2 (en) | Associated URLVS in exchanges | |
CN109783470B (en) | Owner tracking device, method and storage medium of database subsystem | |
JP2001312581A (en) | Computer system, computer, information providing method, and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |