WO2017041657A1 - Application interface management method and device - Google Patents

Application interface management method and device Download PDF

Info

Publication number
WO2017041657A1
WO2017041657A1 PCT/CN2016/097505 CN2016097505W WO2017041657A1 WO 2017041657 A1 WO2017041657 A1 WO 2017041657A1 CN 2016097505 W CN2016097505 W CN 2016097505W WO 2017041657 A1 WO2017041657 A1 WO 2017041657A1
Authority
WO
WIPO (PCT)
Prior art keywords
call
application interface
annotation information
authentication
module
Prior art date
Application number
PCT/CN2016/097505
Other languages
French (fr)
Chinese (zh)
Inventor
陈晓丹
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2017041657A1 publication Critical patent/WO2017041657A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating

Definitions

  • the present application relates to the field of computers, and in particular, to an application interface management method and apparatus.
  • the existing information system In addition to the requirements of completing the service, the existing information system generally needs to set up an open interface to provide external services through the API (Application Programming Interface), and the corresponding service process is accompanied by corresponding The return of indicator data; where the indicator generally refers to the type of data returned by the interface call. For the security of the data, it is generally necessary to check the identity of the caller, and at the same time, it is necessary to control the granularity of the returned indicator according to the identity of the caller.
  • API Application Programming Interface
  • An object of the present application is to provide an application interface management method and apparatus to solve the problem of implementing application interface call management when the existing code is not changed on a large scale or the code body logic is not changed.
  • an application interface management method includes:
  • the call of the application interface is managed according to the annotation information and the call request.
  • an application interface management apparatus wherein the apparatus includes:
  • An interception module for intercepting a call request to an application interface
  • An obtaining module configured to obtain annotation information of the application interface
  • Calling a management module configured to perform, according to the annotation information and the call request, the call of the application interface management.
  • the application interface management method and apparatus provided by the present application does not affect the execution logic of the existing code of the application interface because the increase of the annotation information does not need to change the existing code or the code body on a large scale.
  • the logic changes only need to add annotation information to the existing application interface, and correspondingly introduce additional processing logic, you can manage the interface of different granularity for each interface that is open, thus reducing the value overhead caused by code maintenance. .
  • FIG. 1 is a flow chart showing an application interface management method according to an aspect of the present application
  • FIG. 2 is a schematic flow chart of an application interface management method according to still another aspect of the present application.
  • FIG. 3 is a schematic structural diagram of an application interface management apparatus according to an aspect of the present application.
  • FIG. 4 shows a schematic structural diagram of an application interface management apparatus according to still another aspect of the present application.
  • FIG. 1 is a flow chart showing an application interface management method according to an aspect of the present application. As shown in FIG. 1, the application interface management method includes:
  • Step S101 intercepting a call request to an application interface
  • Step S102 Obtain annotation information of the application interface.
  • Step S103 managing the call of the application interface according to the annotation information and the call request.
  • the application interface refers to an API interface.
  • the API interface is pre-added with annotation information, such as Annotation annotation information provided by the Java language, and the annotation information includes management information for calling the API interface, such as management information for calling authentication and index filtering.
  • annotation information can be processed by AOP (Aspect Oriented Programming) technology to control the call of the API interface.
  • annotation information will not It affects the execution logic of the existing code of the application interface. Therefore, when managing the application interface call, there is no need to change the existing code or change the logic of the code main body on a large scale, and only need to manage the code through the independently added application interface. According to the annotation information, the call management of each application interface can be realized, thereby reducing the value overhead caused by code maintenance, for example, avoiding the service failure caused by the modification of the main logic.
  • the annotation information includes calling authentication information
  • the managing the call of the application interface according to the annotation information and the calling request further includes:
  • the call authentication is divided into two kinds of results, the call authentication is passed, and the call to the API interface is executed at this time; the call authentication is not passed, for example, the identity of the caller does not comply with the call permission of the API interface, and according to the return value Type, wrap the error message and return directly.
  • managing the call of the application interface according to the annotation information and the calling request further includes:
  • the caller of the API interface does not perform call authentication and directly executes the API interface call.
  • annotation information further includes indicator filtering information
  • the managing the call of the application interface according to the annotation information and the calling request further includes:
  • the returned result filtered by the indicator is returned.
  • the return result obtained by directly executing the API interface call may be returned, or the return result obtained by executing the API interface call after the authentication is invoked may be filtered by the indicator. Go back.
  • managing the call of the application interface according to the annotation information and the calling request further includes:
  • the return result obtained by directly executing the API interface call may be returned, or the return result obtained by executing the API interface call after the authentication is invoked may be not filtered. , return directly and end the entire process.
  • the method further includes:
  • the class that processes the annotation information can be created in a face-oriented manner.
  • annotation information is added in advance using the Annotation mechanism provided by the Java language, and the annotation information added by the Annotation does not affect the execution logic of the existing code.
  • the aspect-oriented approach refers to AOP (Aspect Oriented Programming), a technique for achieving unified maintenance of program functions through precompilation and runtime dynamic agents.
  • the classes used to process annotation information are newly added and do not require changes to the concrete implementation logic of the existing application interface.
  • the application interface calling method includes:
  • Step S201 adding the annotation information to the application interface.
  • annotation information is added by the Annotation mechanism provided by the Java language, and the annotation information added by the Annotation does not affect the execution logic of the existing code.
  • the annotation information includes the call authentication information and the indicator filtering information. In addition, it may also include information on whether interface management is required, for example, whether the API authentication interface needs to be invoked, or whether the API interface needs to be invoked. Returns the result for metric filtering.
  • the call authentication information may include information such as an authentication processing object
  • the indicator filtering information may include information such as an indicator filtering object.
  • the indicator can refer to the data category returned by the interface calling the API interface.
  • Step S202 creating a class for processing the annotation information.
  • the class that processes the annotation information can be created in a face-oriented manner, and the aspect-oriented approach refers to the AOP mode.
  • the classes used to process annotation information are newly added and do not require changes to the concrete implementation logic of the existing application interface.
  • Step S203 intercepting the calling request of the application interface and acquiring the annotation information of the application interface.
  • the service requester the API interface caller
  • the AOP intercepts the call request and parses the Annotation annotation information that has been added by the API interface to obtain the data information required for subsequent API interface call management.
  • step S204 it is determined whether call authentication needs to be performed.
  • the judgment is made based on whether or not information required for interface management is included in the annotation information. For example, it is determined based on whether or not the information to be called for authentication is set in advance to the API interface.
  • Step S205 when the call authentication is not required, the call to the application interface is directly executed.
  • the caller of the API interface does not perform call authentication and directly executes the API interface call.
  • the process may go to step S209 to determine whether it is necessary to perform index filtering on the returned result.
  • Step S206 When the call authentication needs to be performed, call the authentication request according to the call authentication information.
  • the call authentication is divided into two kinds of results, the call authentication is passed, and the process jumps to step S208 for processing; the call authentication is not passed, for example, the identity of the caller does not comply with the call permission of the API interface, and the jump is performed at this time.
  • the process proceeds to step S207.
  • Step S207 When the call authentication fails, the error prompt information is returned.
  • the error message is wrapped and returned directly to the end of the process.
  • Step S208 after the call authentication is passed, perform a call to the application interface.
  • the identity of the caller conforms to the call permission setting of the API interface, and the call authentication is allowed to pass. After the API interface is called and the returned result is obtained, the process proceeds to step S209 to determine.
  • step S209 it is determined whether index filtering is required.
  • the judgment is made based on whether or not information required for interface management is included in the annotation information. For example, it is determined based on whether or not the information required to be filtered by the API interface is set in advance. The judgment is divided into two kinds of results, and the indicator filtering is not required, and the process proceeds to step S210 for processing; the indicator filtering is required, and the process proceeds to step S211 for processing.
  • step S210 when the indicator filtering is not required, the return result after the execution of the call is directly returned.
  • the return result obtained by directly executing the API interface call in step S205, or the return result obtained by executing the API interface call after the authentication is passed in step S208 Without metric filtering, go straight back and end the entire process.
  • step S211 when the indicator filtering needs to be performed, the indicator filtering is performed on the returned result after the call is performed according to the indicator filtering information.
  • step S212 the returned result filtered by the indicator is returned.
  • the API interface is preset to require index filtering
  • the return result obtained by directly executing the call of the API interface in step S205 or the return result obtained by executing the API interface call after calling the authentication in step S208
  • the metric granularity of the returned metrics can be controlled according to the identity of the caller.
  • FIG. 3 shows a schematic structural diagram of an application interface management apparatus according to an aspect of the present application.
  • the application interface management apparatus 3 includes an interception module 31, an acquisition module 32, and an invocation management module 33.
  • the intercepting module 31 is configured to intercept a call request to the application interface
  • the obtaining module 32 is configured to obtain the annotation information of the application interface
  • the calling management module 33 is configured to perform, according to the annotation information and the calling request The call of the application interface is managed.
  • the intercepting module 31 intercepts the call request sent by the caller to the API interface, and sends it to the call management module 33 for processing; the obtaining module 32 acquires the pre-added annotation information from the API interface, and sends the annotation information to the call management module 33. deal with.
  • the API interface is pre-added with annotation information, such as Annotation annotation information provided by the Java language, and the annotation information includes management information for calling the API interface, such as management information for calling authentication and index filtering.
  • the call management module 33 performs call authentication management according to the call authentication information in the annotation information, performs identity control on the caller of the API interface, that is, the service user, or returns the information to the API interface according to the index filtering information in the annotation information. The granularity of the indicators is controlled and managed.
  • the application interface management device of the present application does not need to change the existing code or modify the logic of the code main body on a large scale, and only needs to manage the code through the independently added application interface, and can process the call to each application interface according to the annotation information. Management, thereby reducing the value overhead of code maintenance, such as avoiding service failures due to changes in the subject logic.
  • FIG. 4 shows a schematic structural diagram of an application interface management apparatus according to still another aspect of the present application.
  • the application interface management apparatus 4 includes: an interception module 31, an acquisition module 32, and an invocation management module 33 shown in FIG. 3, and an annotation module 41 and a processing class module 42.
  • the intercepting module 31 is configured to intercept a call request to the application interface
  • the obtaining module 32 is configured to obtain the annotation information of the application interface
  • the calling management module 33 is configured to perform, according to the annotation information and the calling request The call of the application interface is managed.
  • the intercepting module 31 intercepts the call request sent by the caller to the API interface, and sends it to the call management module 33 for processing; the obtaining module 32 acquires the pre-added annotation information from the API interface, and sends the annotation information to the call management module 33. deal with.
  • the annotation module 41 is configured to add the annotation information to the application interface.
  • the annotation information does not affect the execution logic of the existing code.
  • the annotation information includes the call authentication information and the indicator filtering information, and may also include information about whether interface management is required, for example, whether it is necessary.
  • the API interface performs information for invoking authentication, or whether it needs to perform index filtering on the returned result of calling the API interface.
  • the call authentication information may include information such as an authentication processing object
  • the indicator filtering information may include information such as an indicator filtering object.
  • the indicator can refer to the data category returned by the interface calling the API interface.
  • the processing class module 42 is configured to create a class that processes the annotation information.
  • the processing class module 42 is further configured to: create a class that processes the annotation information in a face-oriented manner.
  • the class used to process the annotation information is newly added, and there is no need to change the concrete implementation logic class of the existing application interface.
  • the call management module 33 further includes: an authentication module 331, an execution calling module 332, and a first determining module 333.
  • the authentication module 331 is configured to perform call authentication on the call request according to the call authentication information.
  • the authentication module 331 is further configured to: return an error prompt message when the call authentication fails.
  • the execution invoking module 332 is configured to execute a call to the application interface after the call authentication is passed.
  • the execution invocation module 332 is further configured to directly perform a call to the application interface when call authentication is not required.
  • the first determining module 333 is configured to determine whether the call authentication needs to be performed before the call authentication is performed.
  • the first determining module 333 notifies the execution calling module 332 to directly execute the call to the application interface; when the call authentication needs to be performed, the first determining module 333 notifies the authentication module 331 to make the call. After the authentication is passed, the authentication module 331 notifies the execution calling module 332 to execute the API interface call; when the calling authentication fails, the authentication module 331 directly returns the error prompt information according to the return value type.
  • the call management module 33 further includes: an index filtering module 334, a return module 335, and a second determining module 336.
  • the metric filtering module 334 is configured to perform metric filtering on the return result after the application interface is invoked according to the metric filtering information.
  • the returning module 335 is configured to return the returned result filtered by the indicator.
  • the returning module 334 is further configured to: directly return a return result after the execution of the application interface call when the indicator filtering is not required.
  • the second determining module 336 is configured to determine whether the indicator filtering needs to be performed before performing the indicator filtering
  • the second determining module 336 When the metric filtering is not required, the second determining module 336 notifies the returning module 334 to directly return the return result obtained by the execution calling module 332.
  • the second determining module 336 passes The knowledge indicator filtering module 334 performs index filtering on the return result obtained by the execution calling module 332, and the return module 334 returns the returned result processed by the index filtering module 334.
  • the return result of the execution call module 332 can be obtained by directly executing the API interface call, or by calling the API interface call after the authentication is passed.
  • the present application can be implemented in software and/or a combination of software and hardware, for example, using an application specific integrated circuit (ASIC), a general purpose computer, or any other similar hardware device.
  • the software program of the present application can be executed by a processor to implement the steps or functions described above.
  • the software programs (including related data structures) of the present application can be stored in a computer readable recording medium such as a RAM memory, a magnetic or optical drive or a floppy disk and the like.
  • some of the steps or functions of the present application may be implemented in hardware, for example, as a circuit that cooperates with a processor to perform various steps or functions.
  • a portion of the present application can be applied as a computer program product, such as computer program instructions, which, when executed by a computer, can invoke or provide a method and/or technical solution in accordance with the present application.
  • the program instructions for invoking the method of the present application may be stored in a fixed or removable recording medium, and/or transmitted by a data stream in a broadcast or other signal bearing medium, and/or stored in a The working memory of the computer device in which the program instructions are run.
  • an embodiment in accordance with the present application includes a device including a memory for storing computer program instructions and a processor for executing program instructions, wherein when the computer program instructions are executed by the processor, triggering
  • the apparatus operates based on the aforementioned methods and/or technical solutions in accordance with various embodiments of the present application.

Abstract

Disclosed is an application interface management method and device. Said method comprises: intercepting calling request for an application interface (S101); acquiring annotation information of the application interface (S102); and managing the calling of the application interface in accordance with the annotation information and the calling request (S103). Compared with the prior art, the present application interface management method and device provide, by means of adding annotation information to the existing codes, the information required for the calling process management, thus requiring no change to the existing codes on a large scale or to the main logic of the codes. Code management by means of independently added application interfaces and processing according to annotation information enable calling management for each application interface, thereby reducing the cost resulting from code maintenance.

Description

一种应用接口管理方法和装置Application interface management method and device
本申请要求2015年09月09日递交的申请号为201510570439.2发明名称为“一种应用接口管理方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application Serial No. No. No. No. No. No. No. No. No. No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No
技术领域Technical field
本申请涉及计算机领域,尤其涉及一种应用接口管理方法和装置。The present application relates to the field of computers, and in particular, to an application interface management method and apparatus.
背景技术Background technique
现有的信息系统除了完成自身服务的需求,一般还需要设定对外开放的接口,以实现通过API(应用程序编程接口,Application Programming Interface)的方式对外提供服务,对外提供服务过程中伴随着相应指标数据的返回;其中,指标一般是指接口调用所返回的数据类别。为了数据的安全,一般需要对调用方的身份进行检验,同时需要根据调用方的身份对返回的指标粒度进行控制。In addition to the requirements of completing the service, the existing information system generally needs to set up an open interface to provide external services through the API (Application Programming Interface), and the corresponding service process is accompanied by corresponding The return of indicator data; where the indicator generally refers to the type of data returned by the interface call. For the security of the data, it is generally necessary to check the identity of the caller, and at the same time, it is necessary to control the granularity of the returned indicator according to the identity of the caller.
现有技术在进行调用方鉴权和指标过滤时,一般通过在接口的具体实现代码上增加相应的逻辑,进行硬编码。这种做法在项目前期可以达到较好的维护,但到了后期,由于所开的接口过多,当修改现有代码逻辑的时候,无法保证现有服务的稳定。同时,对于之前没有进行接口管理的代码,如果需要增加该功能,则涉及到大规模代码的修改。In the prior art, when the caller authentication and the indicator filtering are performed, the corresponding logic is generally added to the specific implementation code of the interface to perform hard coding. This kind of practice can achieve better maintenance in the early stage of the project, but in the later stage, due to too many interfaces, when the existing code logic is modified, the existing service cannot be guaranteed. At the same time, for code that has not been interface management before, if you need to add this function, it involves the modification of large-scale code.
发明内容Summary of the invention
本申请的一个目的是提供一种应用接口管理方法和装置,以解决在不大规模更改现有代码或不对代码主体逻辑进行改动时,实现应用接口调用管理的问题。An object of the present application is to provide an application interface management method and apparatus to solve the problem of implementing application interface call management when the existing code is not changed on a large scale or the code body logic is not changed.
根据本申请的一个方面,提供了一种应用接口管理方法,其中,所述方法包括:According to an aspect of the present application, an application interface management method is provided, wherein the method includes:
拦截对应用接口的调用请求;Intercepting a call request to an application interface;
获取所述应用接口的注解信息;Obtaining annotation information of the application interface;
根据所述注解信息和所述调用请求对所述应用接口的调用进行管理。The call of the application interface is managed according to the annotation information and the call request.
根据本申请的另一个方面,提供了一种应用接口管理装置,其中,所述装置包括:According to another aspect of the present application, an application interface management apparatus is provided, wherein the apparatus includes:
拦截模块,用于拦截对应用接口的调用请求;An interception module for intercepting a call request to an application interface;
获取模块,用于获取所述应用接口的注解信息;An obtaining module, configured to obtain annotation information of the application interface;
调用管理模块,用于根据所述注解信息和所述调用请求对所述应用接口的调用进行 管理。Calling a management module, configured to perform, according to the annotation information and the call request, the call of the application interface management.
与现有技术相比,本申请提供的应用接口管理方法和装置,由于注解信息的增加不会对应用接口的已有代码的执行逻辑造成影响,不需要大规模更改现有代码或者对代码主体逻辑进行改动,只需要在现有应用接口上增加注解信息,并相应的引入额外的处理逻辑,就可以对开放出的每个接口进行不同粒度的接口管理,从而减少代码维护带来的价值开销。Compared with the prior art, the application interface management method and apparatus provided by the present application does not affect the execution logic of the existing code of the application interface because the increase of the annotation information does not need to change the existing code or the code body on a large scale. The logic changes, only need to add annotation information to the existing application interface, and correspondingly introduce additional processing logic, you can manage the interface of different granularity for each interface that is open, thus reducing the value overhead caused by code maintenance. .
附图说明DRAWINGS
通过阅读参照以下附图所作的对非限制性实施例所作的详细描述,本申请的其它特征、目的和优点将会变得更明显:Other features, objects, and advantages of the present application will become more apparent from the detailed description of the accompanying drawings.
图1示出根据本申请一个方面的应用接口管理方法的流程示意图;1 is a flow chart showing an application interface management method according to an aspect of the present application;
图2示出根据本申请又一个方面的应用接口管理方法的流程示意图;2 is a schematic flow chart of an application interface management method according to still another aspect of the present application;
图3示出根据本申请一个方面的应用接口管理装置的结构示意图;FIG. 3 is a schematic structural diagram of an application interface management apparatus according to an aspect of the present application;
图4示出根据本申请又一个方面的应用接口管理装置的结构示意图。FIG. 4 shows a schematic structural diagram of an application interface management apparatus according to still another aspect of the present application.
附图中相同或相似的附图标记代表相同或相似的部件。The same or similar reference numerals in the drawings denote the same or similar components.
具体实施方式detailed description
下面结合附图对本申请作进一步详细描述。The present application is further described in detail below with reference to the accompanying drawings.
图1示出根据本申请一个方面的应用接口管理方法的流程示意图。如图1所示,该应用接口管理方法包括:FIG. 1 is a flow chart showing an application interface management method according to an aspect of the present application. As shown in FIG. 1, the application interface management method includes:
步骤S101,拦截对应用接口的调用请求;Step S101, intercepting a call request to an application interface;
步骤S102,获取所述应用接口的注解信息;Step S102: Obtain annotation information of the application interface.
步骤S103,根据所述注解信息和所述调用请求对所述应用接口的调用进行管理。Step S103, managing the call of the application interface according to the annotation information and the call request.
其中,应用接口指API接口。API接口预先添加有注解信息,例如Java语言提供的Annotation注解信息,注解信息内包含有对API接口调用的管理信息,例如调用鉴权、指标过滤的管理信息。当接收到对API接口的调用请求时,拦截调用请求并获取该API接口的注解信息,然后根据注解信息内的调用鉴权信息进行调用鉴权管理,对API接口的调用方,即服务使用方,进行身份控制;或者根据注解信息内的指标过滤信息,对API接口返回的指标粒度进行控制管理。可以通过AOP(Aspect Oriented Programming,面向切面编程)技术,对注解信息进行处理,以控制API接口的调用。注解信息的增加不会 对应用接口的已有代码的执行逻辑造成影响,因此,对应用接口调用进行管理时,不需要大规模更改现有代码或者对代码主体逻辑进行改动,仅需要通过独立增设的应用接口管理代码,根据注解信息进行处理即可实现对每个应用接口的调用管理,从而减少代码维护带来的价值开销,例如避免因主体逻辑的修改而带来的服务失效。The application interface refers to an API interface. The API interface is pre-added with annotation information, such as Annotation annotation information provided by the Java language, and the annotation information includes management information for calling the API interface, such as management information for calling authentication and index filtering. When receiving the call request to the API interface, intercepting the call request and obtaining the annotation information of the API interface, and then performing call authentication management according to the call authentication information in the annotation information, the caller of the API interface, that is, the service consumer To perform identity control, or to filter and control the information according to the indicators in the annotation information, and to control the granularity of the indicators returned by the API interface. The annotation information can be processed by AOP (Aspect Oriented Programming) technology to control the call of the API interface. The increase in annotation information will not It affects the execution logic of the existing code of the application interface. Therefore, when managing the application interface call, there is no need to change the existing code or change the logic of the code main body on a large scale, and only need to manage the code through the independently added application interface. According to the annotation information, the call management of each application interface can be realized, thereby reducing the value overhead caused by code maintenance, for example, avoiding the service failure caused by the modification of the main logic.
可选地,所述注解信息包含调用鉴权信息;Optionally, the annotation information includes calling authentication information;
根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The managing the call of the application interface according to the annotation information and the calling request further includes:
根据所述调用鉴权信息对所述调用请求进行调用鉴权;Performing call authentication on the call request according to the call authentication information;
在所述调用鉴权通过后,执行对所述应用接口的调用;After the call authentication is passed, performing a call to the application interface;
在所述调用鉴权没有通过时,返回错误提示信息。When the call authentication fails, an error message is returned.
在此,调用鉴权分为两种结果,调用鉴权通过,此时执行对API接口的调用;调用鉴权没有通过,例如调用者的身份不符合API接口的调用权限,此时根据返回值类型,包装错误提示信息后直接返回。Here, the call authentication is divided into two kinds of results, the call authentication is passed, and the call to the API interface is executed at this time; the call authentication is not passed, for example, the identity of the caller does not comply with the call permission of the API interface, and according to the return value Type, wrap the error message and return directly.
可选地,根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:Optionally, managing the call of the application interface according to the annotation information and the calling request further includes:
在进行调用鉴权之前,判断是否需要进行调用鉴权;Before calling the authentication, it is determined whether the call authentication needs to be performed;
当不需要进行调用鉴权时,直接执行对所述应用接口的调用。When the call authentication is not required, the call to the application interface is directly executed.
在此,如果预先设定不需要对该API接口的调用进行调用鉴权时,对于该API接口的调用者,不进行调用鉴权,直接执行API接口调用。Here, if it is not necessary to perform call authentication for the call of the API interface, the caller of the API interface does not perform call authentication and directly executes the API interface call.
可选地,所述注解信息还包含指标过滤信息;Optionally, the annotation information further includes indicator filtering information;
根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The managing the call of the application interface according to the annotation information and the calling request further includes:
根据所述指标过滤信息对执行所述应用接口调用后的返回结果进行指标过滤;Performing index filtering on the returned result after the execution of the application interface is performed according to the indicator filtering information;
将经过所述指标过滤的返回结果进行返回。The returned result filtered by the indicator is returned.
在此,当API接口预设为需要指标过滤时,可以将直接执行API接口调用而获取的返回结果,或者,将调用鉴权通过后执行API接口调用而获取的返回结果,经过指标过滤后再进行返回。Here, when the API interface is preset to require index filtering, the return result obtained by directly executing the API interface call may be returned, or the return result obtained by executing the API interface call after the authentication is invoked may be filtered by the indicator. Go back.
可选地,根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:Optionally, managing the call of the application interface according to the annotation information and the calling request further includes:
在进行指标过滤之前,判断是否需要进行指标过滤;Before performing metric filtering, determine whether metric filtering is required.
当不需要进行指标过滤时,直接对执行所述应用接口调用后的返回结果进行返回。When the metric filtering is not required, the return result after the execution of the application interface call is directly returned.
在此,当API接口预设为不需要指标过滤时,可以将直接执行API接口调用而获取的返回结果,或者,将调用鉴权通过后执行API接口调用而获取的返回结果,不进行指标过滤,直接进行返回并结束整个流程。 Here, when the API interface is preset to not require index filtering, the return result obtained by directly executing the API interface call may be returned, or the return result obtained by executing the API interface call after the authentication is invoked may be not filtered. , return directly and end the entire process.
可选地,所述方法还包括:Optionally, the method further includes:
对所述应用接口添加所述注解信息;Adding the annotation information to the application interface;
创建对所述注解信息进行处理的类。优选地,可以通过面向切面的方式创建对所述注解信息进行处理的类。Create a class that processes the annotation information. Preferably, the class that processes the annotation information can be created in a face-oriented manner.
在此,注解信息采用Java语言提供的Annotation机制预先进行添加,通过Annotation增加的注解信息不会对已有代码的执行逻辑造成影响。面向切面的方式指AOP(面向切面编程,Aspect Oriented Programming),即通过预编译方式和运行期动态代理实现程序功能的统一维护的一种技术。用于对注解信息进行处理的类是新增加的,不需要更改现有应用接口的具体实现逻辑类。Here, the annotation information is added in advance using the Annotation mechanism provided by the Java language, and the annotation information added by the Annotation does not affect the execution logic of the existing code. The aspect-oriented approach refers to AOP (Aspect Oriented Programming), a technique for achieving unified maintenance of program functions through precompilation and runtime dynamic agents. The classes used to process annotation information are newly added and do not require changes to the concrete implementation logic of the existing application interface.
图2示出根据本申请又一个方面的应用接口管理方法的流程示意图。如图2所示,该应用接口调用方法包括:2 is a flow chart showing an application interface management method according to still another aspect of the present application. As shown in FIG. 2, the application interface calling method includes:
步骤S201,对应用接口添加所述注解信息。Step S201, adding the annotation information to the application interface.
在此,注解信息采用Java语言提供的Annotation机制进行添加,通过Annotation增加的注解信息不会对已有代码的执行逻辑造成影响。注解信息包含调用鉴权信息和指标过滤信息,此外,还可以包含是否需要进行接口管理的信息,例如,是否需要对该API接口进行调用鉴权的信息,或者,是否需要对调用该API接口的返回结果进行指标过滤的信息。其中,调用鉴权信息可以包含鉴权处理对象等信息,指标过滤信息可以包含指标过滤对象等信息。此处,指标可以指接口调用API接口所返回的数据类别。Here, the annotation information is added by the Annotation mechanism provided by the Java language, and the annotation information added by the Annotation does not affect the execution logic of the existing code. The annotation information includes the call authentication information and the indicator filtering information. In addition, it may also include information on whether interface management is required, for example, whether the API authentication interface needs to be invoked, or whether the API interface needs to be invoked. Returns the result for metric filtering. The call authentication information may include information such as an authentication processing object, and the indicator filtering information may include information such as an indicator filtering object. Here, the indicator can refer to the data category returned by the interface calling the API interface.
步骤S202,创建对所述注解信息进行处理的类。Step S202, creating a class for processing the annotation information.
在此,可以通过面向切面的方式创建对所述注解信息进行处理的类,面向切面的方式指AOP方式。用于对注解信息进行处理的类是新增加的,不需要更改现有应用接口的具体实现逻辑类。Here, the class that processes the annotation information can be created in a face-oriented manner, and the aspect-oriented approach refers to the AOP mode. The classes used to process annotation information are newly added and do not require changes to the concrete implementation logic of the existing application interface.
步骤S203,拦截应用接口的调用请求并获取所述应用接口的注解信息。Step S203, intercepting the calling request of the application interface and acquiring the annotation information of the application interface.
在此,服务请求方,即API接口调用方,发起调用请求。通过AOP拦截该调用请求,同时解析API接口已经添加的Annotation注解信息,以获取后续API接口调用管理所需的数据信息。Here, the service requester, the API interface caller, initiates the call request. The AOP intercepts the call request and parses the Annotation annotation information that has been added by the API interface to obtain the data information required for subsequent API interface call management.
步骤S204,判断是否需要进行调用鉴权。In step S204, it is determined whether call authentication needs to be performed.
在此,根据注解信息包含的是否需要进行接口管理的信息进行判断。例如根据预先对该API接口设定的是否需要进行调用鉴权的信息,进行判断。Here, the judgment is made based on whether or not information required for interface management is included in the annotation information. For example, it is determined based on whether or not the information to be called for authentication is set in advance to the API interface.
步骤S205,当不需要进行调用鉴权时,直接执行对所述应用接口的调用。 Step S205, when the call authentication is not required, the call to the application interface is directly executed.
在此,如果预先设定不需要对该API接口的调用进行调用鉴权时,对于该API接口的调用者,不进行调用鉴权,直接执行API接口调用。执行API接口调用并获取返回结果后,可以跳转至步骤S209,判断是否需要对该返回结果进行指标过滤。Here, if it is not necessary to perform call authentication for the call of the API interface, the caller of the API interface does not perform call authentication and directly executes the API interface call. After the API interface is invoked and the returned result is obtained, the process may go to step S209 to determine whether it is necessary to perform index filtering on the returned result.
步骤S206,当需要进行调用鉴权时,根据所述调用鉴权信息对所述调用请求进行调用鉴权。Step S206: When the call authentication needs to be performed, call the authentication request according to the call authentication information.
在此,调用鉴权分为两种结果,调用鉴权通过,此时跳转至步骤S208进行处理;调用鉴权没有通过,例如调用者的身份不符合API接口的调用权限,此时跳转至步骤S207进行处理。Here, the call authentication is divided into two kinds of results, the call authentication is passed, and the process jumps to step S208 for processing; the call authentication is not passed, for example, the identity of the caller does not comply with the call permission of the API interface, and the jump is performed at this time. The process proceeds to step S207.
步骤S207,在所述调用鉴权没有通过时,返回错误提示信息。Step S207: When the call authentication fails, the error prompt information is returned.
在此,根据返回值类型,包装错误提示信息后直接返回并结束整个流程。Here, according to the return value type, the error message is wrapped and returned directly to the end of the process.
步骤S208,在所述调用鉴权通过后,执行对所述应用接口的调用。Step S208, after the call authentication is passed, perform a call to the application interface.
在此,调用者身份符合API接口的调用权限设置,调用鉴权允许通过。执行API接口调用并获取返回结果后,进入步骤S209进行判断。Here, the identity of the caller conforms to the call permission setting of the API interface, and the call authentication is allowed to pass. After the API interface is called and the returned result is obtained, the process proceeds to step S209 to determine.
步骤S209,判断是否需要进行指标过滤。In step S209, it is determined whether index filtering is required.
在此,根据注解信息包含的是否需要进行接口管理的信息进行判断。例如根据预先对该API接口设定的是否需要进行指标过滤的信息,进行判断。判断分为两种结果,不需要进行指标过滤,跳转至步骤S210进行处理;需要进行指标过滤,跳转至步骤S211进行处理。Here, the judgment is made based on whether or not information required for interface management is included in the annotation information. For example, it is determined based on whether or not the information required to be filtered by the API interface is set in advance. The judgment is divided into two kinds of results, and the indicator filtering is not required, and the process proceeds to step S210 for processing; the indicator filtering is required, and the process proceeds to step S211 for processing.
步骤S210,当不需要进行指标过滤时,直接对执行调用后的返回结果进行返回。In step S210, when the indicator filtering is not required, the return result after the execution of the call is directly returned.
在此,当API接口预设为不需要指标过滤时,可以将步骤S205直接执行API接口调用而获取的返回结果,或者,将步骤S208调用鉴权通过后执行API接口调用而获取的返回结果,不进行指标过滤,直接进行返回并结束整个流程。Here, when the API interface is preset to not require index filtering, the return result obtained by directly executing the API interface call in step S205, or the return result obtained by executing the API interface call after the authentication is passed in step S208, Without metric filtering, go straight back and end the entire process.
步骤S211,当需要进行指标过滤时,根据所述指标过滤信息对执行调用后的返回结果进行指标过滤。In step S211, when the indicator filtering needs to be performed, the indicator filtering is performed on the returned result after the call is performed according to the indicator filtering information.
步骤S212,将经过所述指标过滤的返回结果进行返回。In step S212, the returned result filtered by the indicator is returned.
在此,当API接口预设为需要指标过滤时,可以将步骤S205直接执行API接口的调用而获取的返回结果,或者,将步骤S208调用鉴权通过后执行API接口调用而获取的返回结果,经过指标过滤后再进行返回并结束整个流程,可以实现根据调用方的身份对返回的指标粒度进行控制。Here, when the API interface is preset to require index filtering, the return result obtained by directly executing the call of the API interface in step S205, or the return result obtained by executing the API interface call after calling the authentication in step S208, After the metrics are filtered and then returned and the entire process is ended, the metric granularity of the returned metrics can be controlled according to the identity of the caller.
通过本申请的应用接口管理方法,只需要在现有接口上增加注解信息,并相应的引 入额外的处理逻辑类,就可以达到不修改已有逻辑的前提下对开放出的每个接口进行不同粒度的接口管理。Through the application interface management method of the present application, it is only necessary to add annotation information to the existing interface, and correspondingly Into the extra processing logic class, you can achieve different granularity of interface management for each interface that is open without modifying the existing logic.
图3示出根据本申请一个方面的应用接口管理装置的结构示意图。如图3所示,该应用接口管理装置3包括:拦截模块31、获取模块32和调用管理模块33。FIG. 3 shows a schematic structural diagram of an application interface management apparatus according to an aspect of the present application. As shown in FIG. 3, the application interface management apparatus 3 includes an interception module 31, an acquisition module 32, and an invocation management module 33.
其中,拦截模块31,用于拦截对应用接口的调用请求;获取模块32,用于获取所述应用接口的注解信息;调用管理模块33,用于根据所述注解信息和所述调用请求对所述应用接口的调用进行管理。The intercepting module 31 is configured to intercept a call request to the application interface, and the obtaining module 32 is configured to obtain the annotation information of the application interface, and the calling management module 33 is configured to perform, according to the annotation information and the calling request The call of the application interface is managed.
在此,拦截模块31拦截调用方发送的对API接口的调用请求,并发送至调用管理模块33进行处理;获取模块32从该API接口获取预先添加的注解信息,并发送至调用管理模块33进行处理。API接口预先添加有注解信息,例如Java语言提供的Annotation注解信息,注解信息内包含有对API接口调用的管理信息,例如调用鉴权、指标过滤的管理信息。调用管理模块33根据注解信息内的调用鉴权信息进行调用鉴权管理,对API接口的调用方,即服务使用方,进行身份控制;或者根据注解信息内的指标过滤信息,对API接口返回的指标粒度进行控制管理。Here, the intercepting module 31 intercepts the call request sent by the caller to the API interface, and sends it to the call management module 33 for processing; the obtaining module 32 acquires the pre-added annotation information from the API interface, and sends the annotation information to the call management module 33. deal with. The API interface is pre-added with annotation information, such as Annotation annotation information provided by the Java language, and the annotation information includes management information for calling the API interface, such as management information for calling authentication and index filtering. The call management module 33 performs call authentication management according to the call authentication information in the annotation information, performs identity control on the caller of the API interface, that is, the service user, or returns the information to the API interface according to the index filtering information in the annotation information. The granularity of the indicators is controlled and managed.
本申请的应用接口管理装置,不需要大规模更改现有代码或者对代码主体逻辑进行改动,仅需要通过独立增设的应用接口管理代码,根据注解信息进行处理即可实现对每个应用接口的调用管理,从而减少代码维护带来的价值开销,例如避免因主体逻辑的修改而带来的服务失效。The application interface management device of the present application does not need to change the existing code or modify the logic of the code main body on a large scale, and only needs to manage the code through the independently added application interface, and can process the call to each application interface according to the annotation information. Management, thereby reducing the value overhead of code maintenance, such as avoiding service failures due to changes in the subject logic.
图4示出根据本申请又一个方面的应用接口管理装置的结构示意图。如图4所示,该应用接口管理装置4包括:图3所示的拦截模块31、获取模块32和调用管理模块33,以及添加注解模块41和处理类模块42。FIG. 4 shows a schematic structural diagram of an application interface management apparatus according to still another aspect of the present application. As shown in FIG. 4, the application interface management apparatus 4 includes: an interception module 31, an acquisition module 32, and an invocation management module 33 shown in FIG. 3, and an annotation module 41 and a processing class module 42.
其中,拦截模块31,用于拦截对应用接口的调用请求;获取模块32,用于获取所述应用接口的注解信息;调用管理模块33,用于根据所述注解信息和所述调用请求对所述应用接口的调用进行管理。The intercepting module 31 is configured to intercept a call request to the application interface, and the obtaining module 32 is configured to obtain the annotation information of the application interface, and the calling management module 33 is configured to perform, according to the annotation information and the calling request The call of the application interface is managed.
在此,拦截模块31拦截调用方发送的对API接口的调用请求,并发送至调用管理模块33进行处理;获取模块32从该API接口获取预先添加的注解信息,并发送至调用管理模块33进行处理。Here, the intercepting module 31 intercepts the call request sent by the caller to the API interface, and sends it to the call management module 33 for processing; the obtaining module 32 acquires the pre-added annotation information from the API interface, and sends the annotation information to the call management module 33. deal with.
其中,添加注解模块41,用于对所述应用接口添加所述注解信息。The annotation module 41 is configured to add the annotation information to the application interface.
在此,注解信息不会对已有代码的执行逻辑造成影响。注解信息包含调用鉴权信息和指标过滤信息,此外,还可以包含是否需要进行接口管理的信息,例如,是否需要对 该API接口进行调用鉴权的信息,或者,是否需要对调用该API接口的返回结果进行指标过滤的信息。其中,调用鉴权信息可以包含鉴权处理对象等信息,指标过滤信息可以包含指标过滤对象等信息。此处,指标可以指接口调用API接口所返回的数据类别。Here, the annotation information does not affect the execution logic of the existing code. The annotation information includes the call authentication information and the indicator filtering information, and may also include information about whether interface management is required, for example, whether it is necessary The API interface performs information for invoking authentication, or whether it needs to perform index filtering on the returned result of calling the API interface. The call authentication information may include information such as an authentication processing object, and the indicator filtering information may include information such as an indicator filtering object. Here, the indicator can refer to the data category returned by the interface calling the API interface.
其中,处理类模块42,用于创建对所述注解信息进行处理的类。优选地,所述处理类模块42还用于:通过面向切面的方式创建对所述注解信息进行处理的类。The processing class module 42 is configured to create a class that processes the annotation information. Preferably, the processing class module 42 is further configured to: create a class that processes the annotation information in a face-oriented manner.
在此,用于对注解信息进行处理的类是新增加的,不需要更改现有应用接口的具体实现逻辑类。Here, the class used to process the annotation information is newly added, and there is no need to change the concrete implementation logic class of the existing application interface.
进一步,所述调用管理模块33还包括:鉴权模块331、执行调用模块332和第一判断模块333。Further, the call management module 33 further includes: an authentication module 331, an execution calling module 332, and a first determining module 333.
鉴权模块331,用于根据所述调用鉴权信息对所述调用请求进行调用鉴权;所述鉴权模块331还用于:在所述调用鉴权没有通过时,返回错误提示信息。The authentication module 331 is configured to perform call authentication on the call request according to the call authentication information. The authentication module 331 is further configured to: return an error prompt message when the call authentication fails.
执行调用模块332,用于在所述调用鉴权通过后,执行对所述应用接口的调用。所述执行调用模块332还用于:当不需要进行调用鉴权时,直接执行对所述应用接口的调用。The execution invoking module 332 is configured to execute a call to the application interface after the call authentication is passed. The execution invocation module 332 is further configured to directly perform a call to the application interface when call authentication is not required.
第一判断模块333,用于在进行调用鉴权之前,判断是否需要进行调用鉴权。The first determining module 333 is configured to determine whether the call authentication needs to be performed before the call authentication is performed.
在此,当不需要进行调用鉴权时,第一判断模块333通知执行调用模块332直接执行对所述应用接口的调用;当需要进行调用鉴权时,第一判断模块333通知鉴权模块331进行调用鉴权;当调用鉴权通过后,鉴权模块331通知执行调用模块332执行API接口调用;当调用鉴权没有通过时,鉴权模块331根据返回值类型,包装错误提示信息后直接返回。Here, when the call authentication is not required, the first determining module 333 notifies the execution calling module 332 to directly execute the call to the application interface; when the call authentication needs to be performed, the first determining module 333 notifies the authentication module 331 to make the call. After the authentication is passed, the authentication module 331 notifies the execution calling module 332 to execute the API interface call; when the calling authentication fails, the authentication module 331 directly returns the error prompt information according to the return value type.
进一步,所述调用管理模块33还包括:指标过滤模块334、返回模块335和第二判断模块336。Further, the call management module 33 further includes: an index filtering module 334, a return module 335, and a second determining module 336.
指标过滤模块334,用于根据所述指标过滤信息对执行所述应用接口调用后的返回结果进行指标过滤。The metric filtering module 334 is configured to perform metric filtering on the return result after the application interface is invoked according to the metric filtering information.
返回模块335,用于将经过所述指标过滤的返回结果进行返回。所述返回模块334还用于:当不需要进行指标过滤时,直接对执行所述应用接口调用后的返回结果进行返回。The returning module 335 is configured to return the returned result filtered by the indicator. The returning module 334 is further configured to: directly return a return result after the execution of the application interface call when the indicator filtering is not required.
第二判断模块336,用于在进行指标过滤之前,判断是否需要进行指标过滤;The second determining module 336 is configured to determine whether the indicator filtering needs to be performed before performing the indicator filtering;
其中,当不需要进行指标过滤时,第二判断模块336通知返回模块334直接对执行调用模块332得出的返回结果进行返回。当需要进行指标过滤时,第二判断模块336通 知指标过滤模块334对执行调用模块332得出的返回结果进行指标过滤,返回模块334将经过指标过滤模块334处理的返回结果进行返回。执行调用模块332的返回结果可以为直接执行API接口调用而得到,或者,调用鉴权通过后执行API接口调用而得到。When the metric filtering is not required, the second determining module 336 notifies the returning module 334 to directly return the return result obtained by the execution calling module 332. When the indicator filtering needs to be performed, the second determining module 336 passes The knowledge indicator filtering module 334 performs index filtering on the return result obtained by the execution calling module 332, and the return module 334 returns the returned result processed by the index filtering module 334. The return result of the execution call module 332 can be obtained by directly executing the API interface call, or by calling the API interface call after the authentication is passed.
通过本申请的应用接口管理装置,只需要在现有接口上增加注解信息,并相应的引入额外的处理逻辑类,就可以在不修改已有逻辑的前提下,实现对开放出的每个应用接口进行不同粒度的接口管理。Through the application interface management device of the present application, it is only necessary to add annotation information to the existing interface, and correspondingly introduce additional processing logic classes, so that each application opened to the public can be realized without modifying the existing logic. Interfaces perform interface management at different granularities.
需要注意的是,本申请可在软件和/或软件与硬件的组合体中被实施,例如,可采用专用集成电路(ASIC)、通用目的计算机或任何其他类似硬件设备来实现。在一个实施例中,本申请的软件程序可以通过处理器执行以实现上文所述步骤或功能。同样地,本申请的软件程序(包括相关的数据结构)可以被存储到计算机可读记录介质中,例如,RAM存储器,磁或光驱动器或软磁盘及类似设备。另外,本申请的一些步骤或功能可采用硬件来实现,例如,作为与处理器配合从而执行各个步骤或功能的电路。It should be noted that the present application can be implemented in software and/or a combination of software and hardware, for example, using an application specific integrated circuit (ASIC), a general purpose computer, or any other similar hardware device. In one embodiment, the software program of the present application can be executed by a processor to implement the steps or functions described above. Likewise, the software programs (including related data structures) of the present application can be stored in a computer readable recording medium such as a RAM memory, a magnetic or optical drive or a floppy disk and the like. In addition, some of the steps or functions of the present application may be implemented in hardware, for example, as a circuit that cooperates with a processor to perform various steps or functions.
另外,本申请的一部分可被应用为计算机程序产品,例如计算机程序指令,当其被计算机执行时,通过该计算机的操作,可以调用或提供根据本申请的方法和/或技术方案。而调用本申请的方法的程序指令,可能被存储在固定的或可移动的记录介质中,和/或通过广播或其他信号承载媒体中的数据流而被传输,和/或被存储在根据所述程序指令运行的计算机设备的工作存储器中。在此,根据本申请的一个实施例包括一个装置,该装置包括用于存储计算机程序指令的存储器和用于执行程序指令的处理器,其中,当该计算机程序指令被该处理器执行时,触发该装置运行基于前述根据本申请的多个实施例的方法和/或技术方案。In addition, a portion of the present application can be applied as a computer program product, such as computer program instructions, which, when executed by a computer, can invoke or provide a method and/or technical solution in accordance with the present application. The program instructions for invoking the method of the present application may be stored in a fixed or removable recording medium, and/or transmitted by a data stream in a broadcast or other signal bearing medium, and/or stored in a The working memory of the computer device in which the program instructions are run. Herein, an embodiment in accordance with the present application includes a device including a memory for storing computer program instructions and a processor for executing program instructions, wherein when the computer program instructions are executed by the processor, triggering The apparatus operates based on the aforementioned methods and/or technical solutions in accordance with various embodiments of the present application.
对于本领域技术人员而言,显然本申请不限于上述示范性实施例的细节,而且在不背离本申请的精神或基本特征的情况下,能够以其他的具体形式实现本申请。因此,无论从哪一点来看,均应将实施例看作是示范性的,而且是非限制性的,本申请的范围由所附权利要求而不是上述说明限定,因此旨在将落在权利要求的等同要件的含义和范围内的所有变化涵括在本申请内。不应将权利要求中的任何附图标记视为限制所涉及的权利要求。此外,显然“包括”一词不排除其他单元或步骤,单数不排除复数。装置权利要求中陈述的多个单元或装置也可以由一个单元或装置通过软件或者硬件来实现。第一,第二等词语用来表示名称,而并不表示任何特定的顺序。 It is obvious to those skilled in the art that the present application is not limited to the details of the above-described exemplary embodiments, and the present invention can be implemented in other specific forms without departing from the spirit or essential characteristics of the present application. Therefore, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the invention is defined by the appended claims instead All changes in the meaning and scope of equivalent elements are included in this application. Any reference signs in the claims should not be construed as limiting the claim. In addition, it is to be understood that the word "comprising" does not exclude other elements or steps. A plurality of units or devices recited in the device claims may also be implemented by a unit or device by software or hardware. The first, second, etc. words are used to denote names and do not denote any particular order.

Claims (16)

  1. 一种应用接口管理方法,其中,所述方法包括:An application interface management method, wherein the method comprises:
    拦截对应用接口的调用请求;Intercepting a call request to an application interface;
    获取所述应用接口的注解信息;Obtaining annotation information of the application interface;
    根据所述注解信息和所述调用请求对所述应用接口的调用进行管理。The call of the application interface is managed according to the annotation information and the call request.
  2. 根据权利要求1所述的方法,其中,所述注解信息包含调用鉴权信息;The method of claim 1 wherein said annotation information comprises invoking authentication information;
    根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The managing the call of the application interface according to the annotation information and the calling request further includes:
    根据所述调用鉴权信息对所述调用请求进行调用鉴权;Performing call authentication on the call request according to the call authentication information;
    在所述调用鉴权通过后,执行对所述应用接口的调用。After the call authentication is passed, a call to the application interface is performed.
  3. 根据权利要求2所述的方法,其中,根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The method of claim 2, wherein managing the call of the application interface according to the annotation information and the call request further comprises:
    在所述调用鉴权没有通过时,返回错误提示信息。When the call authentication fails, an error message is returned.
  4. 根据权利要求2所述的方法,其中,根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The method of claim 2, wherein managing the call of the application interface according to the annotation information and the call request further comprises:
    在进行调用鉴权之前,判断是否需要进行调用鉴权;Before calling the authentication, it is determined whether the call authentication needs to be performed;
    当不需要进行调用鉴权时,直接执行对所述应用接口的调用。When the call authentication is not required, the call to the application interface is directly executed.
  5. 根据权利要求1所述的方法,其中,所述注解信息还包含指标过滤信息;The method of claim 1, wherein the annotation information further comprises indicator filtering information;
    根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The managing the call of the application interface according to the annotation information and the calling request further includes:
    根据所述指标过滤信息对执行所述应用接口调用后的返回结果进行指标过滤;Performing index filtering on the returned result after the execution of the application interface is performed according to the indicator filtering information;
    将经过所述指标过滤的返回结果进行返回。The returned result filtered by the indicator is returned.
  6. 根据权利要求5所述的方法,其中,根据所述注解信息和所述调用请求对所述应用接口的调用进行管理还包括:The method of claim 5, wherein managing the call of the application interface according to the annotation information and the call request further comprises:
    在进行指标过滤之前,判断是否需要进行指标过滤;Before performing metric filtering, determine whether metric filtering is required.
    当不需要进行指标过滤时,直接对执行所述应用接口调用后的返回结果进行返回。When the metric filtering is not required, the return result after the execution of the application interface call is directly returned.
  7. 根据权利要求1至6中任一项所述的方法,其中,所述方法还包括:The method of any of claims 1 to 6, wherein the method further comprises:
    对所述应用接口添加所述注解信息;Adding the annotation information to the application interface;
    创建对所述注解信息进行处理的类。Create a class that processes the annotation information.
  8. 根据权利要求7所述的方法,其中,所述创建对所述注解信息进行处理的类还包括:The method of claim 7 wherein said creating a class to process said annotation information further comprises:
    通过面向切面的方式创建对所述注解信息进行处理的类。 A class that processes the annotation information is created in a face-oriented manner.
  9. 一种应用接口管理装置,其中,所述装置包括:An application interface management device, wherein the device comprises:
    拦截模块,用于拦截对应用接口的调用请求;An interception module for intercepting a call request to an application interface;
    获取模块,用于获取所述应用接口的注解信息;An obtaining module, configured to obtain annotation information of the application interface;
    调用管理模块,用于根据所述注解信息和所述调用请求对所述应用接口的调用进行管理。Calling a management module, configured to manage the call of the application interface according to the annotation information and the call request.
  10. 根据权利要求9所述的装置,其中,所述注解信息包含调用鉴权信息;The apparatus of claim 9, wherein the annotation information comprises invoking authentication information;
    所述调用管理模块还包括:The call management module further includes:
    鉴权模块,用于根据所述调用鉴权信息对所述调用请求进行调用鉴权;An authentication module, configured to perform call authentication on the call request according to the call authentication information;
    执行调用模块,用于在所述调用鉴权通过后,执行对所述应用接口的调用。Executing a calling module, configured to perform a call to the application interface after the call authentication is passed.
  11. 根据权利要求10所述的装置,其中,所述鉴权模块还用于:The device according to claim 10, wherein the authentication module is further configured to:
    在所述调用鉴权没有通过时,返回错误提示信息。When the call authentication fails, an error message is returned.
  12. 根据权利要求10所述的装置,其中,所述调用管理模块还包括:The device of claim 10, wherein the call management module further comprises:
    第一判断模块,用于在进行调用鉴权之前,判断是否需要进行调用鉴权;a first determining module, configured to determine whether call authentication is required before performing call authentication;
    所述执行调用模块还用于:当不需要进行调用鉴权时,直接执行对所述应用接口的调用。The execution invoking module is further configured to directly perform a call to the application interface when call authentication is not required.
  13. 根据权利要求9所述的装置,其中,所述注解信息还包含指标过滤信息;The apparatus according to claim 9, wherein said annotation information further comprises indicator filtering information;
    所述调用管理模块还包括:The call management module further includes:
    指标过滤模块,用于根据所述指标过滤信息对执行所述应用接口调用后的返回结果进行指标过滤;An metric filtering module, configured to perform metric filtering on a return result after the application interface is invoked according to the metric filtering information;
    返回模块,用于将经过所述指标过滤的返回结果进行返回。A return module is used to return the returned result filtered by the indicator.
  14. 根据权利要求13所述的装置,其中,所述调用管理模块还包括:The device of claim 13, wherein the call management module further comprises:
    第二判断模块,用于在进行指标过滤之前,判断是否需要进行指标过滤;The second determining module is configured to determine whether the indicator filtering needs to be performed before performing the indicator filtering;
    所述返回模块还用于:当不需要进行指标过滤时,直接对执行所述应用接口调用后的返回结果进行返回。The returning module is further configured to directly return a return result after the execution of the application interface call when the indicator filtering is not required.
  15. 根据权利要求9至14中任一项所述的装置,其中,所述装置还包括:The device according to any one of claims 9 to 14, wherein the device further comprises:
    添加注解模块,用于对所述应用接口添加所述注解信息;Adding an annotation module, configured to add the annotation information to the application interface;
    处理类模块,用于创建对所述注解信息进行处理的类。A processing class module for creating a class that processes the annotation information.
  16. 根据权利要求15所述的装置,其中,所述处理类模块还用于:The apparatus of claim 15, wherein the processing class module is further configured to:
    通过面向切面的方式创建对所述注解信息进行处理的类。 A class that processes the annotation information is created in a face-oriented manner.
PCT/CN2016/097505 2015-09-09 2016-08-31 Application interface management method and device WO2017041657A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510570439.2A CN106528185A (en) 2015-09-09 2015-09-09 Application interface management method and apparatus
CN201510570439.2 2015-09-09

Publications (1)

Publication Number Publication Date
WO2017041657A1 true WO2017041657A1 (en) 2017-03-16

Family

ID=58240539

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/097505 WO2017041657A1 (en) 2015-09-09 2016-08-31 Application interface management method and device

Country Status (2)

Country Link
CN (1) CN106528185A (en)
WO (1) WO2017041657A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110489180A (en) * 2019-08-07 2019-11-22 北京字节跳动网络技术有限公司 One kind burying a report method, device, medium and electronic equipment
US10496387B2 (en) 2018-04-03 2019-12-03 Microsoft Technology Licensing, Llc Crowdsourced API resource consumption information for integrated development environments
CN110908644A (en) * 2019-10-16 2020-03-24 浙江大搜车软件技术有限公司 Configuration method and device of state node, computer equipment and storage medium
CN111191246A (en) * 2019-12-19 2020-05-22 杭州安恒信息技术股份有限公司 Spring annotation based security development verification method
CN111414194A (en) * 2020-03-19 2020-07-14 政采云有限公司 Interface information generation method and system, electronic equipment and storage medium
CN112398870A (en) * 2020-11-30 2021-02-23 深圳市六度人和科技有限公司 Cross-platform protocol generation method, device, system, equipment and storage medium
CN112632158A (en) * 2019-09-24 2021-04-09 阿里巴巴集团控股有限公司 Data processing method, device and storage medium
CN113722733A (en) * 2021-08-27 2021-11-30 北京航天云路有限公司 Data access authority control method based on Java annotation
CN115174683A (en) * 2022-06-29 2022-10-11 广州鲁邦通智能科技有限公司 Request method and system for calling query interface

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109165248B (en) * 2018-01-29 2019-09-03 北京数聚鑫云信息技术有限公司 A kind of management system and management method based on API
CN109726081A (en) * 2019-01-02 2019-05-07 深圳壹账通智能科技有限公司 Method, apparatus, computer equipment and the storage medium of service exception processing
CN110147261A (en) * 2019-04-15 2019-08-20 平安普惠企业管理有限公司 Parameter verification method and relevant device based on calling interface
CN110045952B (en) * 2019-04-19 2020-09-29 京东数字科技控股有限公司 Code calling method and device
CN110968296B (en) * 2019-12-03 2023-07-25 政采云有限公司 Data acquisition method, device, equipment and readable storage medium
CN111324394B (en) * 2020-01-23 2023-05-12 北京恒华伟业科技股份有限公司 System integration method and device
CN111858101B (en) * 2020-07-28 2023-05-26 深圳平安医疗健康科技服务有限公司 Cloud architecture system-oriented adaptation method, device, equipment and storage medium
CN113127309B (en) * 2021-04-30 2023-10-10 北京奇艺世纪科技有限公司 Program monitoring method and device, electronic equipment and storage medium
CN113779638A (en) * 2021-11-15 2021-12-10 浪潮软件股份有限公司 Method and device for realizing interface caller authentication in dynamic proxy mode

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103049271A (en) * 2012-12-27 2013-04-17 微梦创科网络科技(中国)有限公司 Method and device for automatically generating description document of API (application program interface)
CN103399734A (en) * 2013-07-10 2013-11-20 北京慧点科技股份有限公司 Method for generating REST service and achieving REST and corresponding equipment
CN103514026A (en) * 2013-09-27 2014-01-15 摩卡软件(天津)有限公司 Method for directly calling java api through javascript

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101276271A (en) * 2007-03-29 2008-10-01 北京邮电大学 Method and interceptor system facing to tangent plane programming
CN102982130A (en) * 2012-11-16 2013-03-20 深圳市融创天下科技股份有限公司 Synchronized method for not only structured query language (NOSQL) and relational database management system (RDBMS) database and system thereof
CN103412766A (en) * 2013-09-05 2013-11-27 曙光云计算技术有限公司 User right-based data access method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103049271A (en) * 2012-12-27 2013-04-17 微梦创科网络科技(中国)有限公司 Method and device for automatically generating description document of API (application program interface)
CN103399734A (en) * 2013-07-10 2013-11-20 北京慧点科技股份有限公司 Method for generating REST service and achieving REST and corresponding equipment
CN103514026A (en) * 2013-09-27 2014-01-15 摩卡软件(天津)有限公司 Method for directly calling java api through javascript

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10496387B2 (en) 2018-04-03 2019-12-03 Microsoft Technology Licensing, Llc Crowdsourced API resource consumption information for integrated development environments
CN110489180A (en) * 2019-08-07 2019-11-22 北京字节跳动网络技术有限公司 One kind burying a report method, device, medium and electronic equipment
CN110489180B (en) * 2019-08-07 2023-03-28 北京字节跳动网络技术有限公司 Buried point reporting method, device, medium and electronic equipment
CN112632158A (en) * 2019-09-24 2021-04-09 阿里巴巴集团控股有限公司 Data processing method, device and storage medium
CN110908644A (en) * 2019-10-16 2020-03-24 浙江大搜车软件技术有限公司 Configuration method and device of state node, computer equipment and storage medium
CN110908644B (en) * 2019-10-16 2023-12-12 浙江大搜车软件技术有限公司 Configuration method and device of state node, computer equipment and storage medium
CN111191246A (en) * 2019-12-19 2020-05-22 杭州安恒信息技术股份有限公司 Spring annotation based security development verification method
CN111414194B (en) * 2020-03-19 2023-08-11 政采云有限公司 Interface information generation method, system, electronic equipment and storage medium
CN111414194A (en) * 2020-03-19 2020-07-14 政采云有限公司 Interface information generation method and system, electronic equipment and storage medium
CN112398870B (en) * 2020-11-30 2022-09-13 深圳市六度人和科技有限公司 Cross-platform protocol generation method, device, system, equipment and storage medium
CN112398870A (en) * 2020-11-30 2021-02-23 深圳市六度人和科技有限公司 Cross-platform protocol generation method, device, system, equipment and storage medium
CN113722733A (en) * 2021-08-27 2021-11-30 北京航天云路有限公司 Data access authority control method based on Java annotation
CN115174683A (en) * 2022-06-29 2022-10-11 广州鲁邦通智能科技有限公司 Request method and system for calling query interface
CN115174683B (en) * 2022-06-29 2023-10-13 广州鲁邦通智能科技有限公司 Request method and system for calling query interface

Also Published As

Publication number Publication date
CN106528185A (en) 2017-03-22

Similar Documents

Publication Publication Date Title
WO2017041657A1 (en) Application interface management method and device
WO2019153472A1 (en) Automated interface testing method, device, equipment, and storage medium
US9092332B2 (en) Activity based sampling of diagnostics data
JP5985631B2 (en) Activate trust level
WO2019024674A1 (en) Smart contract processing method and apparatus
US8434070B2 (en) Generating specifications of client-server applications for static analysis
WO2018045753A1 (en) Method and device for distributed graph computation
US20120102474A1 (en) Static analysis of client-server applications using framework independent specifications
CN111143087A (en) Interface calling method and device, storage medium and server
CN110489310B (en) Method and device for recording user operation, storage medium and computer equipment
US9336014B2 (en) Method, apparatus, and system for human-machine interaction
US20100306766A1 (en) Adding aspects to virtual machine monitors
US20130067439A1 (en) Injecting faults into program for testing
US20230401058A1 (en) Semantic functional wrappers of services
US9871873B2 (en) Adapter for communication between web applications within a browser
US10970055B2 (en) Identifying software and hardware bottlenecks
US9430196B2 (en) Message inlining
US20090144752A1 (en) Unmanaged-to-managed aggregation
CN107769974B (en) Service publishing method and device
US20150205649A1 (en) Operating a Program Code Object in Conjunction with an Application Context
CN112925523A (en) Object comparison method, device, equipment and computer readable medium
US9027152B2 (en) Device for right managing web data, recording medium for performing method for right managing web data on computer, and device and method for providing right management information
US10303580B2 (en) Controlling debug processing
CN111984427B (en) Non-intrusive Web system mutual exclusion lock implementation method
JP2014229114A (en) OSGi SERVICE REGISTRATION DEVICE, REGISTRATION METHOD AND REGISTRATION PROGRAM

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16843595

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16843595

Country of ref document: EP

Kind code of ref document: A1