CN118413358A - Token processing method, device, equipment and storage medium - Google Patents

Token processing method, device, equipment and storage medium Download PDF

Info

Publication number
CN118413358A
CN118413358A CN202410485624.0A CN202410485624A CN118413358A CN 118413358 A CN118413358 A CN 118413358A CN 202410485624 A CN202410485624 A CN 202410485624A CN 118413358 A CN118413358 A CN 118413358A
Authority
CN
China
Prior art keywords
token
information
target
confusion
effective
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410485624.0A
Other languages
Chinese (zh)
Inventor
高源龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhoupu Data Technology Nanjing Co ltd
Original Assignee
Zhoupu Data Technology Nanjing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhoupu Data Technology Nanjing Co ltd filed Critical Zhoupu Data Technology Nanjing Co ltd
Priority to CN202410485624.0A priority Critical patent/CN118413358A/en
Publication of CN118413358A publication Critical patent/CN118413358A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a token processing method, a device, equipment and a storage medium, which belong to the technical field of data processing, wherein the method is applied to a server and comprises the following steps: under the condition that a token generation request sent by a requester is received, determining a current generation time interval according to the current request time of the token generation request and the historical generation time of a historical token of the requester; integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information; according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information; and encrypting the confusion token information to obtain the target token. The invention reduces the risks of illegal spreading, malicious stocking, cracking or embezzlement of the access token and improves the security and reliability of the access token.

Description

Token processing method, device, equipment and storage medium
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a token processing method, device, apparatus, and storage medium.
Background
The access token is widely applied to the scenes such as user identity authentication, session management and the like as an important security verification means.
However, the existing access token generation generally does not limit the generation quantity of the access tokens or limit the effective time of the access tokens after the identity authentication of the requester is successful, and the access tokens are generated in a fixed mode, so that the risks of illegal diffusion, malicious stocking, cracking or embezzlement of the access tokens are increased, and the safety and reliability of the access tokens are reduced.
Disclosure of Invention
The invention provides a token processing method, a device, equipment and a storage medium, which are used for reducing risks of illegal diffusion, malicious stocking, cracking or embezzlement of an access token and improving the safety and reliability of the access token.
According to an aspect of the present invention, there is provided a token processing method, which is applied to a server, including:
under the condition that a token generation request sent by a requester is received, determining a current generation time interval according to the current request time of the token generation request and the historical generation time of a historical token of the requester;
Integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information;
According to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information;
And encrypting the confusion token information to obtain the target token.
According to another aspect of the present invention, there is provided a token processing apparatus configured at a server, including:
the current generation time interval determining module is used for determining a current generation time interval according to the current request time of the token generation request and the historical generation time of the historical token of the requester under the condition that the token generation request sent by the requester is received;
The effective token information determining module is used for integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information;
the confusion token information determining module is used for carrying out confusion processing on the effective token information according to the generated at least one piece of confusion information to obtain confusion token information;
And the target token determining module is used for carrying out encryption processing on the confusion token information to obtain a target token.
According to another aspect of the present invention, there is provided an electronic apparatus including:
at least one processor; and
A memory communicatively coupled to the at least one processor; wherein,
The memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the token processing method of any one of the embodiments of the invention.
According to another aspect of the present invention there is provided a computer readable storage medium storing computer instructions for causing a processor to perform the token processing method of any of the embodiments of the present invention.
According to the technical scheme, under the condition that a token generation request sent by a requester is received, a current generation time interval is determined according to the current request time of the token generation request and the historical generation time of a historical token of the requester; integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information; according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information; and encrypting the confusion token information to obtain the target token. According to the technical scheme, after the identity authentication of the requester is successful, when the server receives the token generation request sent by the requester, the limit on the generation number of access tokens is realized according to the current request time of the token generation request and the specified generation time interval; the effective time of the token is added into the necessary information of the history token, so that the limit on the effective time of the access token is realized, and the access token is prevented from being illegally spread or maliciously stored; by adding the randomly generated confusion information into the effective token information, the randomness of the access token generation process is improved, the difficulty of cracking the access token is increased, and the risk of stealing the access token is reduced; the security and reliability of the access token is improved as a whole.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for processing tokens according to a first embodiment of the present invention;
FIG. 2 is a flow chart of a token processing method according to a second embodiment of the present invention;
Fig. 3 is a schematic structural diagram of a token processing apparatus according to a third embodiment of the present invention;
Fig. 4 is a schematic structural diagram of an electronic device implementing a token processing method according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "target," "current," "history," "first," and "second," and the like in the description and claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In addition, in the technical scheme of the invention, the related token generation request, the current request time of the token generation request, the history generation time of the history token of the requester, the specified generation time interval, the effective time of the token, and the collection, storage, use, processing, transmission, provision, disclosure and other processes of the target use state, confusion identification and the like of the target token stored locally meet the requirements of related laws and regulations, and the method does not violate the public order colloquial.
Example 1
Fig. 1 is a flowchart of a token processing method according to a first embodiment of the present invention, where the method may be implemented by a token processing apparatus, and the apparatus may be implemented in hardware and/or software and may be configured in an electronic device. As shown in fig. 1, the method is applied to a server, and includes:
S101, under the condition that a token generation request sent by a requester is received, determining a current generation time interval according to the current request time of the token generation request and the historical generation time of the historical token of the requester.
Wherein the requesting party refers to a party requesting the service from the server. The token generation request refers to a request to generate an access token; optionally, the method comprises; the token generation request includes, but is not limited to, a requester identity and a current request time. Wherein the access token may take the form of a string. The requester identity is used for uniquely identifying the requester; alternatively, the requester identity may take the form of numbers, letters or numbers plus letters. The current request time refers to the time when the request sends a token generation request to the server. The history token refers to the access token that was last generated prior to the current request time. The history generation time refers to the time at which the history token was generated. The current generation time interval refers to a time interval between the current request time and the historical generation time.
Specifically, after the identity authentication of the requester is successful and under the condition that a token generation request sent by the requester is received, the server acquires the current request time from the token generation request, acquires the historical generation time of the history token of the requester from the local cache, and determines the time deviation between the current request time and the historical generation time as the current generation time interval.
S102, integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information.
The specified generation time interval may be preset according to experience of a person skilled in the art, or may be set randomly, which is not particularly limited in the embodiment of the present invention. The token valid time refers to the time that can be used after the access token is generated; optionally, the valid time of the token may be preset according to an actual service requirement or an actual application scenario, which is not specifically limited in the embodiment of the present invention. The history token necessary information includes, but is not limited to, the identity of the requestor, the access rights of the requestor, the name of the requestor, and the role of the requestor. Valid token information refers to information used to verify the identity of the access token and the requestor.
Specifically, when the current generation time interval is greater than or equal to the specified generation time interval, the necessary information of the history token is integrated according to the effective time of the token, so as to obtain effective token information. More specifically, when the current generation time interval is greater than or equal to the prescribed generation time interval, the effective token information is obtained by adding the token effective time to the history necessary information of the history token by means of a character string splicing technique.
Optionally, the server may further acquire the history token of the requester from the local cache by using the identity of the requester in the token generation request as a search condition when the current generation time interval is smaller than the specified generation time interval, and feed back the history token to the requester instead of regenerating a new access token, thereby limiting the number of generation of access tokens to a certain extent and reducing the waste of resources in the process of generating the access token.
S103, according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information.
Wherein, the confusion information is information which is used for confusing the effective token information and has no actual meaning; alternatively, the confusion information may take the form of strings. The confusion token information is information obtained by carrying out confusion processing on the effective token information.
Specifically, at least one piece of confusion information may be generated based on a random algorithm; determining the information head position and the information tail position of the effective token information; and inserting the generated at least one piece of confusion information into the information head position or the information tail position to obtain confusion token information.
For example, if 5 pieces of confusion information are generated based on a random algorithm, after determining the information head position and the information tail position of the valid token information, 3 pieces of confusion information may be randomly selected from the generated 5 pieces of confusion information, the 3 pieces of confusion information may be sequentially inserted into the information head position, the 3 pieces of confusion information may be sequentially inserted into the information tail position, 1 piece of confusion information may be selected again from the 3 pieces of confusion information and inserted into the information head position, and 1 piece of confusion information may be randomly selected from the remaining 2 pieces of confusion information and inserted into the information tail position, or the remaining 2 pieces of confusion information may be sequentially inserted into the information tail position.
It can be appreciated that by adding the randomly generated confusion information to the valid token information, the randomness of the access token generation process can be improved, the difficulty of cracking the access token can be increased, and the risk of stealing the access token can be reduced.
S104, encrypting the confusion token information to obtain the target token.
The target token refers to an access token generated according to a token generation request sent by a requester.
Specifically, an RSA encryption algorithm can be adopted to encrypt the confusion token information to obtain the target token.
Optionally, the server may record, in the local cache, the target generation time of the target token and the target usage state of the target token, and may also send the target token to the requester. The target token is generated with its target usage state being an unused state.
According to the technical scheme, under the condition that a token generation request sent by a requester is received, a current generation time interval is determined according to the current request time of the token generation request and the historical generation time of a historical token of the requester; integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information; according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information; and encrypting the confusion token information to obtain the target token. According to the technical scheme, after the identity authentication of the requester is successful, when the server receives the token generation request sent by the requester, the limit on the generation number of access tokens is realized according to the current request time of the token generation request and the specified generation time interval; the effective time of the token is added into the necessary information of the history token, so that the limit on the effective time of the access token is realized, and the access token is prevented from being illegally spread or maliciously stored; by adding the randomly generated confusion information into the effective token information, the randomness of the access token generation process is improved, the difficulty of cracking the access token is increased, and the risk of stealing the access token is reduced; the security and reliability of the access token is improved as a whole.
Example two
Fig. 2 is a flowchart of a token processing method according to a second embodiment of the present invention, where an alternative implementation manner of verifying a target token is provided based on the foregoing embodiment. In the embodiments of the present invention, parts not described in detail may be referred to for related expressions of other embodiments. As shown in fig. 2, the method is applied to a server, and includes:
s201, when a token generation request sent by a requester is received, determining a current generation time interval according to the current request time of the token generation request and the historical generation time of the historical token of the requester.
S202, integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information.
S203, according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information.
S204, encrypting the confusion token information to obtain the target token.
S205, responding to a target access request containing a target token, and processing the target token according to the target use state and the confusion identification of the target token stored locally to obtain effective token information.
The target access request refers to an access request to be processed by the server. The target use state refers to the use state of the target token; alternatively, the target usage state may be an unused state or a used state. The confusion identification is used to identify confusion information in the target token.
Specifically, in response to each target access request containing a target token, under the condition that the target use state of the target token stored locally is identified as an unused state, decrypting the target token to obtain confusion token information; and removing confusion information in the confusion token information according to the confusion identification of the target token stored locally to obtain effective token information. More specifically, in response to each target access request containing a target token, under the condition that the target use state of the target token stored locally is identified as an unused state, adopting an RSA encryption algorithm to decrypt the target token to obtain confusion token information, and updating the use state of the target token stored locally from the unused state to the used state; locating the position of the confusion information from the confusion token information by taking the confusion identification of the target token stored locally as a retrieval condition; and removing the confusion information in the confusion token information according to the position of the confusion information to obtain effective token information.
Optionally, in response to each target access request including the target token, determining that the token check fails when the target usage state of the target token stored locally is identified as the used state, and feeding back first failure information of the token check failure to a requester transmitting the target access request.
Optionally, if decryption fails when decryption processing is performed on the target token, determining that the token check fails, and feeding back second failure information of the token check failure to a requester sending the target access request.
S206, verifying the target token according to the first requester identity information in the valid token information and the token valid time.
Wherein the first requester identity information refers to requester identity information in the valid token information.
Specifically, if the first requester identity information in the valid token information is consistent with the locally stored second requester identity information, verifying the target token according to the target request time of the target access request and the token valid time in the valid token information. The second requester identity information refers to requester identity information stored in a local cache by the server. The target request time refers to the time when the request sends the target access request to the server.
More specifically, under the condition that the identity information of the first requester in the effective token information is consistent with the identity information of the second requester stored locally, if the target request time of the target access request is within the token effective time in the effective token information, the target token in the target access request is indicated not to be expired, further the success of the token check is determined, and the requester is allowed to carry out the subsequent access flow; if the target request time is not within the effective time of the token, the target token in the target access request is expired, further the token check failure is determined, and third failure information of the token check failure is fed back to a requester sending the target access request.
After a target token is obtained, responding to a target access request containing the target token, and processing the target token according to a target use state and a confusion identifier of the target token stored locally to obtain effective token information; and verifying the target token according to the first requester identity information in the effective token information and the effective time of the token, so that the target token is verified, the safety and the reliability of the target token are ensured, and the overall safety level of the token application environment is improved.
On the basis of the above embodiment, as an alternative manner of the embodiment of the present invention, it is also possible to: under the condition that at least two target access requests including a target token initiated by the same requester are received, determining response failure times for the at least two target access requests; and checking the target token according to the response failure times.
The response failure times refer to total times that the server side does not respond to the target access request. It should be noted that, for each target access request including the target token received by the server, the number of response failures is zero in the initial case.
Specifically, for each target access request including a target token initiated by a requester, if the target access request is not responded by a server, storing the target access request into a local waiting queue; after the preset waiting time is elapsed, if the target access request is not responded by the server, continuing to store the target access request into a local waiting queue, recording response failure times, repeating the process until the response failure times reach a response failure times threshold value, stopping, determining that the token check fails, and feeding back fourth failure information of the token check failure to a requester sending the target access request. In so doing, only one target access request may be able to be responded to by the server upon receipt by the server of at least two target access requests containing target tokens.
It should be noted that, the preset waiting time and the response failure frequency threshold may be preset or randomly set according to the actual service requirement, which is not specifically limited by the embodiment of the present invention.
Example III
Fig. 3 is a schematic structural diagram of a token processing apparatus according to a third embodiment of the present invention, where the present embodiment is applicable to the case of generating and verifying an access token, and the apparatus may be implemented in a hardware and/or software form and may be configured in an electronic device. As shown in fig. 3, the device is configured at a server, and includes:
A current generation time interval determining module 301, configured to determine, when a token generation request sent by a requester is received, a current generation time interval according to a current request time of the token generation request and a historical generation time of a historical token of the requester;
the effective token information determining module 302 is configured to integrate the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token, so as to obtain effective token information;
the confusion token information determining module 303 is configured to perform confusion processing on the valid token information according to the generated at least one confusion information, so as to obtain confusion token information;
the target token determining module 304 is configured to encrypt the obfuscated token information to obtain a target token.
According to the technical scheme, under the condition that a token generation request sent by a requester is received, a current generation time interval is determined according to the current request time of the token generation request and the historical generation time of a historical token of the requester; integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information; according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information; and encrypting the confusion token information to obtain the target token. According to the technical scheme, after the identity authentication of the requester is successful, when the server receives the token generation request sent by the requester, the limit on the generation number of access tokens is realized according to the current request time of the token generation request and the specified generation time interval; the effective time of the token is added into the necessary information of the history token, so that the limit on the effective time of the access token is realized, and the access token is prevented from being illegally spread or maliciously stored; by adding the randomly generated confusion information into the effective token information, the randomness of the access token generation process is improved, the difficulty of cracking the access token is increased, and the risk of stealing the access token is reduced; the security and reliability of the access token is improved as a whole.
Optionally, the valid token information determining module 302 is specifically configured to:
and under the condition that the current generation time interval is greater than or equal to the specified generation time interval, integrating the necessary information of the history token according to the effective time of the token to obtain effective token information.
Optionally, the confusion token information determining module 303 is specifically configured to:
determining the information head position and the information tail position of the effective token information;
and inserting the generated at least one piece of confusion information into the information head position or the information tail position to obtain confusion token information.
Optionally, the apparatus further comprises:
The target token processing module is used for responding to a target access request containing a target token, and processing the target token according to the target use state and the confusion identification of the target token stored locally to obtain effective token information;
and the first token checking module is used for checking the target token according to the first requester identity information in the effective token information and the effective time of the token.
Optionally, the target token processing module is specifically configured to:
under the condition that the target use state of the target token stored locally is identified as the unused state, decrypting the target token to obtain confusion token information;
and removing confusion information in the confusion token information according to the confusion identification of the target token stored locally to obtain effective token information.
Optionally, the first token checking module is specifically configured to:
and if the first requester identity information in the effective token information is consistent with the locally stored second requester identity information, verifying the target token according to the target request time of the target access request and the token effective time in the effective token information.
Optionally, the apparatus further comprises:
The response failure times determining module is used for determining the response failure times of at least two target access requests under the condition that the target access requests including the target token are received at least two times initiated by the same requester;
And the second token checking module is used for checking the target token according to the response failure times.
The token processing device provided by the embodiment of the invention can execute the token processing method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of executing the token processing methods.
Example IV
Fig. 4 shows a schematic diagram of the structure of an electronic device 10 that may be used to implement an embodiment of the invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 4, the electronic device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM13, various programs and data required for the operation of the electronic device 10 may also be stored. The processor 11, the ROM12 and the RAM13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
Various components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the various methods and processes described above, such as the token processing method.
In some embodiments, the token processing method may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM12 and/or the communication unit 19. One or more of the steps of the token processing method described above may be performed when the computer program is loaded into RAM13 and executed by processor 11. Alternatively, in other embodiments, the processor 11 may be configured to perform the token processing method in any other suitable way (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for carrying out methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims (10)

1. A method for processing a token, which is applied to a server, comprising:
Under the condition that a token generation request sent by a requester is received, determining a current generation time interval according to the current request time of the token generation request and the historical generation time of a historical token of the requester;
Integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective time of the token to obtain effective token information;
according to the generated at least one piece of confusion information, carrying out confusion processing on the effective token information to obtain confusion token information;
and encrypting the confusion token information to obtain a target token.
2. The method according to claim 1, wherein integrating the history token necessary information of the history token according to the current generation time interval, the specified generation time interval and the token valid time to obtain valid token information includes:
And integrating the necessary information of the history token according to the effective time of the token under the condition that the current generation time interval is larger than or equal to the specified generation time interval, so as to obtain effective token information.
3. The method of claim 1, wherein the obfuscating the valid token information based on the generated at least one obfuscated information to obtain obfuscated token information comprises:
determining the information head position and the information tail position of the effective token information;
And inserting the generated at least one piece of confusion information into the information head position or the information tail position to obtain confusion token information.
4. The method according to claim 1, wherein the method further comprises:
Responding to a target access request containing the target token, and processing the target token according to the target use state and the confusion identification of the target token stored locally to obtain effective token information;
and verifying the target token according to the first requester identity information in the effective token information and the effective token time.
5. The method of claim 4, wherein processing the target token based on the locally stored target usage status and confusion identification of the target token to obtain valid token information comprises:
Under the condition that the target use state of the target token stored locally is identified as the unused state, decrypting the target token to obtain confusion token information;
and removing confusion information in the confusion token information according to the confusion identification of the target token stored locally, so as to obtain effective token information.
6. The method of claim 4, wherein verifying the target token based on the first requestor identity information in the valid token information and the token validity time comprises:
And if the first requester identity information in the effective token information is consistent with the locally stored second requester identity information, verifying the target token according to the target request time of the target access request and the token effective time in the effective token information.
7. The method according to claim 4, wherein the method further comprises:
Under the condition that at least two target access requests including the target token initiated by the same requester are received, determining response failure times for the at least two target access requests;
And checking the target token according to the response failure times.
8. A token processing apparatus, configured at a server, comprising:
The current generation time interval determining module is used for determining a current generation time interval according to the current request time of the token generation request and the historical generation time of the historical token of the requester under the condition that the token generation request sent by the requester is received;
The effective token information determining module is used for integrating the necessary information of the history token according to the current generation time interval, the specified generation time interval and the effective token time to obtain effective token information;
The confusion token information determining module is used for carrying out confusion processing on the effective token information according to the generated at least one piece of confusion information to obtain confusion token information;
And the target token determining module is used for carrying out encryption processing on the confusion token information to obtain a target token.
9. An electronic device, the electronic device comprising:
at least one processor; and
A memory communicatively coupled to the at least one processor; wherein,
The memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the token processing method of any one of claims 1-7.
10. A computer readable storage medium storing computer instructions for causing a processor to perform the token processing method of any one of claims 1-7.
CN202410485624.0A 2024-04-22 2024-04-22 Token processing method, device, equipment and storage medium Pending CN118413358A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410485624.0A CN118413358A (en) 2024-04-22 2024-04-22 Token processing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410485624.0A CN118413358A (en) 2024-04-22 2024-04-22 Token processing method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN118413358A true CN118413358A (en) 2024-07-30

Family

ID=92020030

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410485624.0A Pending CN118413358A (en) 2024-04-22 2024-04-22 Token processing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN118413358A (en)

Similar Documents

Publication Publication Date Title
US9578004B2 (en) Authentication of API-based endpoints
CN108429638B (en) Server operation and maintenance method, device and system and electronic equipment
CN108683667B (en) Account protection method, device, system and storage medium
US11418499B2 (en) Password security
CN116980230B (en) Information security protection method and device
CN114513350B (en) Identity verification method, system and storage medium
CN114327803A (en) Method, apparatus, device and medium for accessing machine learning model by block chain
CN118250103B (en) User authorization method, device, equipment and medium
CN109150790A (en) The recognition methods of Web page crawler and device
CN116781425B (en) Service data acquisition method, device, equipment and storage medium
CN117725598A (en) An Zhuoduan data encryption and decryption method, device, equipment and medium
CN112862484A (en) Secure payment method and device based on multi-terminal interaction
US8904508B2 (en) System and method for real time secure image based key generation using partial polygons assembled into a master composite image
CN117061110A (en) Message sharing method and device, electronic equipment and storage medium
CN109818915B (en) Information processing method and device, server and readable storage medium
CN118413358A (en) Token processing method, device, equipment and storage medium
CN113722690A (en) Data transmitting method, data receiving device, certificate recording method and certificate recording device
CN114024780B (en) Node information processing method and device based on Internet of things equipment
CN114584556B (en) File transmission method and device
CN117375846A (en) Resource access method, device, equipment and storage medium
CN117544378A (en) Authorization management method, device, equipment and storage medium
CN114428967A (en) Data transmission method, device, equipment and storage medium
CN116804914A (en) Data processing method and device, electronic equipment and storage medium
CN117061502A (en) File transmission method, device, equipment and storage medium
CN116015593A (en) Token generation method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination