CN111800426A - Method, device, equipment and medium for accessing native code interface in application program - Google Patents
Method, device, equipment and medium for accessing native code interface in application program Download PDFInfo
- Publication number
- CN111800426A CN111800426A CN202010647215.8A CN202010647215A CN111800426A CN 111800426 A CN111800426 A CN 111800426A CN 202010647215 A CN202010647215 A CN 202010647215A CN 111800426 A CN111800426 A CN 111800426A
- Authority
- CN
- China
- Prior art keywords
- interface
- server
- web page
- identifier
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a method, a device, equipment and a medium for accessing a native code interface in an application program. The method comprises the following steps: receiving an interface access request sent by a web page server, wherein the interface access request comprises a server identifier of the web page server and a target interface identifier of a native code interface requesting access; acquiring relevant information of each interface corresponding to a server identifier, wherein each interface is a native code interface which is provided with access authority by a web page server corresponding to the server identifier, the relevant information comprises an interface identifier, and the relevant information is acquired from an application program server; and if the related information of each interface comprises the interface identification of the target native code interface, executing the native code corresponding to the target interface identification. In the embodiment of the application, when the related information of each interface contains the target interface identifier, the corresponding native code is executed, so that the safety of the information interaction process is improved.
Description
Technical Field
The application relates to the technical field of mobile internet, in particular to a method, a device, equipment and a medium for accessing a native code interface in an application program.
Background
The development of the mobile internet brings large-scale growth of mixed-mode application, the development mode integrates codes in two forms of a Web page and an application native, and the two forms of codes are sometimes required to interact and communicate in order to ensure better user interaction experience.
In the prior art, no matter an android mobile operating system or an apple mobile operating system, an interaction mechanism of a Web page code and an application Native code (such as a Native code) provided by the android mobile operating system does not distinguish a privileged Web page from a common Web page, so that once the Native code exposes an interface to the outside, any Web page loaded by an application program can access the interface, and the problem of poor interaction security exists.
Disclosure of Invention
The present application aims to solve at least one of the above technical drawbacks.
In one aspect, an embodiment of the present application provides an access method for a native code interface in an application, where the method includes:
receiving an interface access request sent by a web page server, wherein the interface access request comprises a server identifier of the web page server and a target interface identifier of a native code interface requesting access;
acquiring relevant information of each interface corresponding to a server identifier, wherein each interface is a native code interface which is provided with access authority by a web page server corresponding to the server identifier, the relevant information comprises an interface identifier, and the relevant information is acquired from an application program server;
and if the related information of each interface comprises the interface identification of the target native code interface, executing the native code corresponding to the target interface identification.
Optionally, before receiving the interface access request sent by the web page server, the method includes:
receiving a web page operation request of a user through a user interface of an application program;
and sending the web page operation request to a corresponding web page server so that the web page server sends an interface access request to the terminal equipment when determining that the native code interface needs to be called according to the web page operation request.
Optionally, the method further includes:
receiving an interface parameter ciphertext sent by a web page server, wherein the interface parameter ciphertext is obtained by encrypting an interface parameter by using a first encryption key corresponding to the web page server;
based on the server identification, a first decryption key corresponding to the web page server is obtained from the application program server;
executing the native code corresponding to the target interface identification, including:
decrypting the interface parameter ciphertext based on the first decryption key;
if the decryption is successful, executing a native code corresponding to the target interface identifier based on the interface parameter obtained by the decryption;
the method further comprises the following steps:
and if the decryption fails, generating corresponding prompt information.
Optionally, the method further includes:
based on the server identification, a second encryption key corresponding to the web page server is obtained from the application program server;
encrypting an execution result obtained by executing the native code corresponding to the target interface identifier based on the second encryption key to obtain an execution result ciphertext;
and sending the execution result ciphertext to the web page server so that the web page server decrypts the execution result ciphertext based on a second decryption key corresponding to the second encryption key to obtain an execution result.
Optionally, the first encryption key and the second decryption key are private keys of the web page server, and the second encryption key and the first decryption key are public keys of the web page server.
Optionally, the obtaining of the relevant information of each interface corresponding to the server identifier includes:
if the interface access request is the interface access request firstly sent by the web page server, sending a related information acquisition request to the application program server, wherein the related information acquisition request comprises a server identifier; receiving relevant information of each interface corresponding to the server identification returned by the application program server, and storing the relevant information to a local storage space;
and if the interface access request is not the interface access request sent by the web page server for the first time, acquiring the relevant information of each interface corresponding to the server identifier from the local storage space.
Optionally, the relevant information of each interface is obtained by the application server in the following manner:
receiving a page registration request sent by a web page server, wherein the page registration request comprises a server identifier and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to a web page server;
receiving an interface authority application request returned by the web page server based on the received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
On the other hand, an embodiment of the present application provides an access method for a native code interface in an application program, where the method includes:
receiving an interface related information acquisition request sent by terminal equipment, wherein the interface related information acquisition request comprises a server identifier of a web page server, the interface related information acquisition request is sent by the terminal equipment when receiving an interface access request sent by the web page server, and the interface access request comprises the server identifier and a target interface identifier of a native code interface requesting access;
determining relevant information of each interface corresponding to the server identifier, wherein each interface is a native code interface which is provided with access authority by a web page server corresponding to the server identifier, and the relevant information comprises an interface identifier;
and sending the relevant information of each interface to the terminal equipment so that the terminal equipment executes the native code corresponding to the target interface identifier when determining that the relevant information of each interface contains the target interface identifier.
Optionally, the interface access request is an interface access request sent by the web page server to the terminal device for the first time; the method comprises the steps that when the terminal equipment receives relevant information of each interface, the relevant information of each interface is stored in a local storage space, and when the terminal equipment receives an interface access request sent again by a web page server, the relevant information of each interface is obtained from the local storage space.
Optionally, the method further includes:
receiving a page registration request sent by a web page server, wherein the page registration request comprises a server identifier and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to a web page server;
receiving an interface authority application request returned by a web page server based on received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
Optionally, the interface information of each applicable native code interface includes packet related information of each interface packet, and for an interface packet, the packet related information of the interface packet includes a packet identifier of the interface packet and related information of each interface belonging to the interface packet;
if the interface identification information includes a group identification, determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information, including:
determining the relevant information of each interface corresponding to the grouping identification carried in the interface permission application request as the relevant information of each interface corresponding to the server identification;
if the interface identification information includes an interface identification, determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information, including:
and determining the relevant information of the interface corresponding to the interface identifier carried in the interface permission application request as the relevant information of each interface corresponding to the server identifier.
Optionally, the method further includes:
acquiring a domain name of a web server;
establishing an association relation between a domain name of a web server and a group identifier corresponding to a server identifier;
determining relevant information of each interface corresponding to the server identification, wherein the relevant information comprises the following steps:
acquiring a domain name of a web page server corresponding to a server identifier;
determining a target grouping identifier corresponding to the domain name based on the domain name and the association relation of the web server;
and determining the relevant information of each interface corresponding to the target grouping identification as the relevant information of each interface corresponding to the server identification according to the grouping relevant information of each interface grouping.
Optionally, determining the relevant information of each interface corresponding to the server identifier includes:
performing security verification on a web page server corresponding to the server identifier;
when the safety verification passes, determining the related information of each interface corresponding to the server identification;
the method further comprises the following steps:
and if the security verification is not passed, sending corresponding prompt information to the terminal equipment.
Optionally, performing security verification on the web page corresponding to the server identifier includes:
acquiring a URL (Uniform Resource Locator) of a web page server corresponding to the server identifier;
and performing security verification on the URL, and/or acquiring the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server.
Optionally, obtaining the domain name of the web page server based on the URL, and performing security verification on the domain name of the web page server, includes:
based on the authorized domain name associated information of each web page server, performing security verification on the domain name of the web page server;
for a web page server, the domain name association information includes the domain name of the web page server and/or the authorized validity period of each interface corresponding to the domain name.
Optionally, the method further includes:
receiving and storing a corresponding decryption key sent by a web page server;
receiving a key acquisition request sent by terminal equipment, wherein the key acquisition request comprises a server identifier; the key acquisition request is sent when an interface parameter ciphertext is received;
determining a decryption key corresponding to the server identifier;
and returning the decryption key to the terminal equipment, wherein the key comprises a key corresponding to the server identifier.
In another aspect, an embodiment of the present application provides an apparatus for accessing a native code interface in an application, where the apparatus includes:
the access request receiving module is used for receiving an interface access request sent by the web page server, wherein the interface access request comprises a server identifier of the web page server and a target interface identifier of a native code interface which requests to access;
the interface information acquisition module is used for acquiring relevant information of each interface corresponding to the server identifier, wherein each interface is a native code interface which is provided with access authority by a web page server corresponding to the server identifier, the relevant information comprises the interface identifier, and the relevant information is acquired from the application program server;
and the code execution module is used for executing the native code corresponding to the target interface identifier if the relevant information of each interface comprises the interface identifier of the target native code interface.
Optionally, the apparatus further includes a request receiving module, specifically configured to:
receiving a web page operation request of a user through a user interface of an application program before receiving an interface access request sent by a web page server of a webpage;
and sending the web page operation request to a corresponding web page server so that the web page server sends an interface access request to the terminal equipment when determining that the native code interface needs to be called according to the web page operation request.
Optionally, the apparatus further includes a ciphertext processing module, which is specifically configured to:
receiving an interface parameter ciphertext sent by a web page server, wherein the interface parameter ciphertext is obtained by encrypting an interface parameter by using a first encryption key corresponding to the web page server;
based on the server identification, a first decryption key corresponding to the web page server is obtained from the application program server;
when executing the native code corresponding to the target interface identifier, the code execution module is specifically configured to:
decrypting the interface parameter ciphertext based on the first decryption key;
if the decryption is successful, executing a native code corresponding to the target interface identifier based on the interface parameter obtained by the decryption;
the device further comprises an information generation module, specifically configured to:
and when the decryption fails, generating corresponding prompt information.
Optionally, the ciphertext processing module is further configured to obtain, based on the server identifier, a second encryption key corresponding to the web page server from the application server;
encrypting an execution result obtained by executing the native code corresponding to the target interface identifier based on the second encryption key to obtain an execution result ciphertext;
and sending the execution result ciphertext to the web page server so that the web page server decrypts the execution result ciphertext based on a second decryption key corresponding to the second encryption key to obtain an execution result.
Optionally, when the interface information obtaining module obtains the relevant information of each interface corresponding to the server identifier, the interface information obtaining module is specifically configured to:
if the interface access request is the interface access request firstly sent by the web page server, sending a related information acquisition request to the application program server, wherein the related information acquisition request comprises a server identifier; receiving relevant information of each interface corresponding to the server identification returned by the application program server, and storing the relevant information to a local storage space;
and if the interface access request is not the interface access request sent by the web page server for the first time, acquiring the relevant information of each interface corresponding to the server identifier from the local storage space.
In another aspect, an embodiment of the present application provides an apparatus for accessing a native code interface in an application, where the apparatus includes:
the interface information acquisition request acquisition module is used for receiving an interface related information acquisition request sent by the terminal equipment, wherein the interface related information acquisition request comprises a server identifier of the web page server, the interface related information acquisition request is sent by the terminal equipment when receiving an interface access request sent by the web page server, and the interface access request comprises the server identifier and a target interface identifier of a native code interface which requests access;
the interface information determining module is used for determining relevant information of each interface corresponding to the server identifier, wherein each interface is a native code interface which is provided with access authority and corresponds to the web page server of the server identifier, and the relevant information comprises the interface identifier;
and the interface information sending module is used for sending the relevant information of each interface to the terminal equipment so that the terminal equipment executes the native code corresponding to the target interface identifier when determining that the relevant information of each interface contains the target interface identifier.
Optionally, the interface access request is an interface access request sent by the web page server to the terminal device for the first time; the method comprises the steps that when the terminal equipment receives relevant information of each interface, the relevant information of each interface is stored in a local storage space, and when the terminal equipment receives an interface access request sent again by a web page server, the relevant information of each interface is obtained from the local storage space.
Optionally, the interface information determining module is further configured to:
receiving a page registration request sent by a web page server, wherein the page registration request comprises a server identifier and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to a web page server;
receiving an interface authority application request returned by a web page server based on received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
Optionally, the interface information of each applicable native code interface includes packet related information of each interface packet, and for an interface packet, the packet related information of the interface packet includes a packet identifier of the interface packet and related information of each interface belonging to the interface packet;
if the interface identification information includes a group identification, the interface information determining module is specifically configured to, when determining the relevant information of each interface corresponding to the interface identification information, determine the relevant information of each interface corresponding to the server identification:
determining the relevant information of each interface corresponding to the grouping identification carried in the interface permission application request as the relevant information of each interface corresponding to the server identification;
if the interface identification information includes an interface identification, the interface information determining module is specifically configured to, when determining the relevant information of each interface corresponding to the server identification from the relevant information of each interface corresponding to the interface identification information:
and determining the relevant information of the interface corresponding to the interface identifier carried in the interface permission application request as the relevant information of each interface corresponding to the server identifier.
Optionally, the apparatus further includes an association relation determining module, specifically configured to:
acquiring a domain name of a web server;
establishing an association relation between a domain name of a web server and a group identifier corresponding to a server identifier;
when determining the related information of each interface corresponding to the server identifier, the interface information determining module is specifically configured to:
acquiring a domain name of a web page server corresponding to a server identifier;
determining a target grouping identifier corresponding to the domain name based on the domain name and the association relation of the web server;
and determining the relevant information of each interface corresponding to the target grouping identification as the relevant information of each interface corresponding to the server identification according to the grouping relevant information of each interface grouping.
Optionally, when determining the relevant information of each interface corresponding to the server identifier, the interface information determining module is specifically configured to:
performing security verification on a web page server corresponding to the server identifier;
when the safety verification passes, determining the related information of each interface corresponding to the server identification;
the device further comprises an information generation module, specifically configured to:
and when the security verification is not passed, sending corresponding prompt information to the terminal equipment.
Optionally, when the interface information determining module performs security verification on the web page corresponding to the server identifier, the interface information determining module is specifically configured to:
acquiring a URL (uniform resource locator) of a web page server corresponding to a server identifier;
and performing security verification on the URL, and/or acquiring the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server.
Optionally, the interface information determining module is specifically configured to, when obtaining the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server:
based on the authorized domain name associated information of each web page server, performing security verification on the domain name of the web page server;
for a web page server, the domain name association information includes the domain name of the web page server and/or the authorized validity period of each interface corresponding to the domain name.
In another aspect, an embodiment of the present application provides an electronic device, including a processor and a memory: the memory is configured to store a computer program which, when executed by the processor, causes the processor to perform the method of any one of the above-mentioned one aspect or the method of any one of the other aspect.
In another aspect, the present application provides a computer-readable storage medium for storing a computer program, which when executed on a computer, enables the computer to perform the method of any one of the above aspects or the method of any one of the other aspects.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
in the embodiment of the application, when receiving an interface access request sent by a web page server, a terminal device may perform authority authentication on the interface access request according to related information of each interface corresponding to the web page server, which is acquired from an application server, and execute a corresponding native code only when the related information of each interface includes a target interface identifier, based on the scheme, it is ensured that only the web page server having a corresponding access authority can call a corresponding native code interface, and the security of an interaction process between the native code of the application and the web page code is ensured; furthermore, because the relevant information of each interface in the embodiment of the application is acquired from the application server, instead of coding the white list in the terminal device in a hard coding manner, redundant codes are reduced, and the compatibility is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a schematic diagram of a system architecture according to an embodiment of the present application;
fig. 2 is a schematic flowchart of an interface authority registration method according to an embodiment of the present application;
fig. 3 is a schematic flowchart of an information interaction process according to an embodiment of the present application;
fig. 4 is a schematic flowchart of interface permission detection according to an embodiment of the present application;
fig. 5 is a schematic flowchart of an access method for receiving a native code interface in an application according to an embodiment of the present application;
fig. 6 is a schematic flowchart of an access method of a native code interface in an application according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an access apparatus for native code interface in an application according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an access apparatus for native code interface in an application according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
Cloud technology refers to a hosting technology for unifying serial resources such as hardware, software, network and the like in a wide area network or a local area network to realize calculation, storage, processing and sharing of data.
Cloud technology (Cloud technology) is based on a general term of network technology, information technology, integration technology, management platform technology, application technology and the like applied in a Cloud computing business model, can form a resource pool, is used as required, and is flexible and convenient. Cloud computing technology will become an important support. Background services of the technical network system require a large amount of computing and storage resources, such as video websites, picture-like websites and more web portals. With the high development and application of the internet industry, each article may have its own identification mark and needs to be transmitted to a background system for logic processing, data in different levels are processed separately, and various industrial data need strong system background support and can only be realized through cloud computing.
Cloud Security (Cloud Security) refers to a generic term for Security software, hardware, users, organizations, secure Cloud platforms for Cloud-based business model applications. The cloud security integrates emerging technologies and concepts such as parallel processing, grid computing and unknown virus behavior judgment, abnormal monitoring of software behaviors in the network is achieved through a large number of meshed clients, the latest information of trojans and malicious programs in the internet is obtained and sent to the server for automatic analysis and processing, and then the virus and trojan solution is distributed to each client.
The main research directions of cloud security include: 1. the cloud computing security mainly researches how to guarantee the security of the cloud and various applications on the cloud, including the security of a cloud computer system, the secure storage and isolation of user data, user access authentication, information transmission security, network attack protection, compliance audit and the like; 2. the cloud of the security infrastructure mainly researches how to adopt cloud computing to newly build and integrate security infrastructure resources and optimize a security protection mechanism, and comprises the steps of constructing a super-large-scale security event and an information acquisition and processing platform through a cloud computing technology, realizing the acquisition and correlation analysis of mass information, and improving the handling control capability and the risk control capability of the security event of the whole network; 3. the cloud security service mainly researches various security services, such as anti-virus services and the like, provided for users based on a cloud computing platform.
The server in the embodiment of the application may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a network service, cloud communication, a middleware service, a domain name service, a security service, a CDN, a big data and artificial intelligence platform, and the like. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.
The mixed-mode mobile application is an application which is developed by combining two types of codes between a web application and a native application, and the mixed-mode application program has good interactive experience of the native application and has the advantage of cross-platform web application. The development of the mobile internet brings large-scale growth of mixed-mode application, the development mode integrates codes in two forms of web pages and application originals, and the two forms of codes are sometimes needed to interact and communicate in order to ensure better user interaction experience.
In the prior art, some developers use a customized JSBridge interface for distinguishing privileged web pages or simply judge features such as web page domain names before using an operating system interface, but this method lacks fine-grained authority control, once a security vulnerability occurs in the judgment logic, all exposed Native codes can be called by malicious web page codes, or a white list is set in a terminal in a hard coding manner for maintaining interface authority of a client, however, this method needs to be implemented by adopting different codes in different platforms, the compatibility is poor, and when the business demand is increased and the codes need to be frequently upgraded and maintained, the dynamic expandability is difficult to ensure.
Based on this, the present application provides an access method for native code interface in an application program, which aims to solve some or all of the above technical problems.
For a better understanding and a description of the solution of the embodiments of the present application, an alternative embodiment of the present application will be described below with reference to an example.
A schematic diagram of a system architecture to which the present application is applicable is shown in fig. 1, and as shown in the diagram, the system architecture may include a terminal device (i.e., an application client in the diagram), an application server (i.e., an application server in the diagram), and a web page server (i.e., a front-end web page vendor in the diagram) of a web page (i.e., a front-end web page in the diagram). In practical applications, a user may download and install a mixed-mode mobile application (i.e., an application client) corresponding to an application server on his terminal device. The application program server can manage the access authority of each native code interface corresponding to the application program, and can authorize and allocate the access authority of each native code interface for the web page server according to an interface authority application request sent by the web page server. When the user uses the application program client, the terminal device sends a web page operation request to the web page server according to the operation of the user on the web page, and when the web page server determines that the native code interface needs to be called, the web page server sends an interface access request of the corresponding native code interface to the terminal device.
If the interface access request is the interface access request (namely, the first access interface in the figure) sent by the web page server for the first time, sending a related information acquisition request (namely, an interface list) to the application program server; the application program server extracts the domain name of the web page server from the URL of the web page server, determines whether the web page server has access authority (namely the URL in the figure) according to the URL and the domain name of the web page server, returns the relevant information of each interface to the application program client (namely the interface list in the figure) if the web page server has the access authority, and the application program client caches the interface list to the local; and otherwise, if the web page server does not have the access right, the web page server is refused to access the native code interface.
Further, when the access authority is provided (namely, the authority is provided in the figure), the application client receives the interface parameter ciphertext sent by the front-end webpage manufacturer, decrypts the interface parameter ciphertext based on the public key corresponding to the front-end webpage manufacturer to obtain the interface parameter (namely, the decryption parameter in the figure), then executes the Native code corresponding to the Native code interface (namely, the Native code in the figure to obtain the execution result based on the interface parameter, further encrypts the execution result based on the public key corresponding to the front-end webpage manufacturer to obtain the execution result ciphertext and returns the execution result ciphertext to the web page server (namely, the return data in the figure is encrypted), and the front-end webpage manufacturer decrypts the execution result ciphertext based on the private key to obtain the execution result (namely, the interface return data in the figure).
Optionally, when the web page needs to access the authority of the native code interface (i.e. the interface hereinafter) of the application program, the interface authority may be registered with the application server corresponding to the application program, as shown in fig. 2, and the registration process is described in detail below.
Step S101, a web page server sends a page registration request to an application program server, wherein the page registration request comprises a web page server identifier and registration verification information;
the registration verification information may include a certificate of the web page server and a domain name corresponding to the web page server.
Step S102, after the application program server receives the page registration request, the registration verification information is verified; if the verification is passed, executing step S103, and if the verification fails, executing step S110;
specifically, the application server may verify the validity of the domain name of the web page server and the uploaded certificate, if the verification passes, step S103 is executed, and if the verification fails, it indicates that the page registration request may be an impersonation manufacturer or an attack, step S110 is executed.
Step S103, the application program server sends interface information of the applicable native code interface to the web page server;
in practical applications, the interface information of the applicable native code interface may include packet related information of each interface packet, and for an interface packet, the packet related information of the interface packet includes a packet identifier of the interface packet and related information of each interface belonging to the interface packet.
Step S104: the web page server returns an interface authority application request to the application program server according to the service requirement and the received interface information of the applicable native code interface, wherein the interface authority application request can comprise a grouping identifier and/or an interface identifier of the web page server for applying the access authority;
step S105: the application program server checks the interface authority application request, if the application is approved, step S106 is executed, otherwise step S110 is executed;
when the application server checks the interface permission application request, the application server may determine whether an interface packet corresponding to an interface packet identifier included in the interface permission application request exists and/or determine whether an interface corresponding to an interface identifier included in the interface permission application request exists.
Step S106, determining whether the interface permission application request comprises an interface grouping identifier or an interface identifier, if the interface grouping identifier is the interface grouping identifier, executing step S107, and if the interface grouping identifier is the interface identifier, executing step S108;
step S107: the application program server grants the access right of each interface belonging to the interface group corresponding to the interface group identifier to the web page server;
step S108: the application program server grants the access authority of the interface corresponding to the interface identifier carried in the interface authority application request to the web page server;
in practical application, the application server may send the interface identifier of each interface having the access right of the web page server to the server when receiving a request for acquiring the related information of the interface of the web page server from the terminal device.
Step S109, the web page server uploads the public key, and the application program server stores the public key;
in practical application, the application server stores the public key, so that the terminal device can decrypt the interface parameter ciphertext sent by the web page server according to the public key, encrypt the obtained execution result and return the encrypted execution result to the web page server, and the web page server can decrypt the encrypted execution result based on the corresponding private key to obtain the execution result.
Step S110, refusing the application of the access right of the native code interface of the application program by the web page server.
Optionally, after each web page server applies for registering the access right of the native code interface to the application server, the application server may perform hierarchical management on the access right of the native code interface, for example, may manage, in a list manner, which web page servers each native code interface grants the access right, where an expression form of the list may be as shown in table 1.
TABLE 1
| Interface name | Interface grouping | Domain name | Public key | Period of validity |
| getID | Advertisement group | xx.aaa.com | xxxxxxxxxxxxxx | 2022-1-1 |
| … | … | … | … | … |
As can be seen from table 1, the application server mainly maintains fields such as interface name, interface group, domain name, and public key. Wherein:
"interface name" is the name of the interface exposed to the outside by the native code in the application (i.e., the name of the native code interface), i.e., the interface ID (Iden …), getID as shown in table 1;
"interface grouping" is the interface grouping that the correspondent interface belongs to, an interface grouping can correspond to a plurality of interfaces, an interface can also belong to a plurality of interface grouping, the division of the interface grouping is according to the interface security attribute or service attribute, for example, can divide into the interface grouping such as advertising group, account group, statistic group, temporary group, etc., the interface marked as "getID" shown in the table is divided into the advertising group;
"the domain name" is the domain name of the web page server, can be used for the only identification of the web page server, in the actual application, in order to realize the fine-grained control, strengthen the security, the domain name of the web page server can force the accurate subdomain, such as subdomain name of a certain web page server in the table is xx.aaa.com, the web page server has access right to the interface marked as "getID";
the public key is a public key provided by the web page server, is matched with a private key of the web page server and has uniqueness, and the public key of the web page server is xxxxxxxxxxxxxx in the table;
"validity period" is the period of time (i.e. authorization period) for which the web page server has access to the native code interface when registering, as shown in the table for which the web page server has access to the get interface to 2022 year 1 month 1.
Optionally, in practical application, the application server may dynamically manage the native code interface, specifically, the dynamic management of the application server on the interface authority may include:
1. for a newly generated business cooperation web page server, if the web page server belongs to a certain category of manufacturers, the web page server can be classified into a certain interface group, and the access rights of all interfaces belonging to the certain interface group are given to the web page server. For example, an advertiser's web page server may be listed in an ad group and a partner's web page server may be listed in a log group. Or when a partner manufacturer is temporarily cooperative or only needs to have access to individual interfaces, only certain parts of the specific interfaces can be given access.
2. For a web page server of a manufacturer needing to enlarge the cooperation range, the level of an interface packet to which the web page server belongs can be improved or the access authority of a newly added native code interface can be improved;
3. for the web page server of the cooperative expiration or violation vendor, the domain name of the web page server is removed from the belonging interface group, and the access right of some interfaces which is separately endowed is deleted together.
In the embodiment of the application, because the access authority of the interface is maintained in the application server, the method and the device can be suitable for different operating system platforms, redundant codes in a client can be effectively avoided, the updating and maintaining cost of the application client is reduced, and the compatibility is improved; in addition, the scheme provided by the embodiment of the application can also adopt an interface grouping mode to carry out hierarchical management on the access authority of the interface, thereby effectively reducing the complexity of interface maintenance and management and embodying dynamic expandability; furthermore, the authority of the native code interface is managed in a grading mode, the security level of the accessible interfaces of different cooperation manufacturers is effectively distinguished, accurate and real-time authority control can be conducted on the manufacturers, and the security is improved.
Optionally, in practical application, when the application program has information interaction with the loaded web page, if the web page server that needs the web page in the information interaction process needs to access the native code interface of the application program, the information interaction process may be as shown in fig. 3, specifically:
step S201, receiving a web page operation request of a user through a user interface of an application program, and sending the web page operation request to a web page server;
step S202, a web page server sends an interface access request to terminal equipment containing the application program, wherein the interface access request comprises a server identifier of the web page server, a target interface identifier requesting access and an interface parameter ciphertext obtained by encrypting an interface parameter by the web page server by using a private key corresponding to the server identifier;
step S203, judging whether the interface access request is the interface access request firstly sent by the web page server, if so, executing step S204, otherwise, executing step S208;
step S204, the terminal equipment sends a related information acquisition request to an application program server, wherein the related information acquisition request comprises the server identification;
step S205, the application server obtains the domain name of the web page server corresponding to the server identifier, and determines whether the target group identifier corresponding to the domain name exists based on the domain name and the association relationship of the web server, if so, step S206 is executed, otherwise, step S213 is executed;
step S206, the application program server determines the relevant information of each interface corresponding to the target grouping identification as the relevant information of each interface corresponding to the server identification according to the grouping relevant information of each interface grouping, and sends the relevant information to the terminal equipment;
step S207, the terminal device stores the relevant information of each interface corresponding to the server identifier in a local storage space;
step S208, the terminal device determines whether the relevant information of each interface corresponding to the server identifier includes a target interface identifier, if so, step S209 is executed, otherwise, step S213 is executed;
step S209, the terminal device obtains a public key corresponding to the web page server from the application server based on the server identifier of the web page server;
step S210, the terminal equipment decrypts the interface parameter ciphertext based on the acquired public key, if the decryption is successful, step S211 is executed, otherwise, step S214 is executed;
step S211, the terminal device executes the native code corresponding to the target interface identifier based on the decrypted interface parameter to obtain an execution result, encrypts the execution result based on the public key to obtain an execution result ciphertext and returns the execution result ciphertext to the web page server;
step S212, the web page server decrypts the execution result ciphertext based on the private key, if the decryption is successful, the step S215 is executed, and if the decryption is failed, otherwise, the steps S202 to S212 are repeatedly executed;
step S213, the application program server returns prompt information without interface access authority to the terminal equipment;
step S214, the terminal device refuses the web page server to access the native code interface corresponding to the target interface identifier;
in step S215, an execution result is obtained.
It can be understood that, when the terminal device executes the native code corresponding to the target interface identifier, if the interface parameter is not needed, the step S209 to the step S211 may not be needed to be executed, but the "executing the native code corresponding to the target interface identifier" in the step S211 is directly executed; optionally, when the web page server does not need to obtain the execution result, the step S211 of "encrypting the execution result based on the public key to obtain the execution result ciphertext and returning the execution result ciphertext to the web page server" and the step S212 may also be optionally not performed, and the step of performing all steps in this example is only to describe all contents that may be involved in the information interaction process, and is not limited to performing each step.
In practical application, when the application server receives a related information acquisition request sent by the terminal device, the application server may perform permission detection on a server corresponding to a web page server identifier included in the related information acquisition request, obtain related information of each interface corresponding to the web page server identifier, and return the related information to the terminal device, as shown in fig. 4, the process may be executed by the application server, and specifically may include:
step S301, receiving an interface related information acquisition request sent by a terminal device, wherein the interface related information acquisition request comprises a server identifier;
step S302, obtaining the URL of the web page server corresponding to the server identification;
step S303, checking whether the URL is in a URL blacklist list, if so, executing step S311, and if not, executing step S304;
step S304, acquiring a domain name of the web page server from the URL;
it can be understood that, sometimes, when the domain name of the web page server is acquired in the operating system in the terminal device, because the URL resolution inventory provided by the operating system is in a security problem, at this time, when the URL is resolved on the terminal device, the extracted domain name may not be consistent with the actual domain name, and further, a security problem may exist. In the embodiment of the application, the domain name of the web page server is acquired from the URL in the application program server, so that the method is not influenced by operating system bugs, and the security problem can be effectively solved.
Step S305, determining whether the domain name associated information contains the domain name of the web page server based on the domain name associated information of each authorized web page server, if yes, executing step S306, otherwise, executing step S311;
step S306, verifying whether each interface corresponding to the web page server exceeds the authorized validity period, if so, executing step S311, otherwise, executing step S307;
step S307, based on the domain name and the association relationship of the web server, determining whether a target group identifier corresponding to the domain name of the web page server exists, if so, executing step S308, otherwise, executing step S311;
step S308, according to the grouping related information of each interface grouping, determining the related information of each interface corresponding to the target grouping identification as the related information of each interface corresponding to the server identification, and returning the related information to the terminal equipment;
step S309, determining whether each native code interface corresponding to the domain name exists, if so, executing step S310, otherwise, executing step S311;
step S310, determining the relevant information of each native code interface corresponding to the domain name as the relevant information of each interface corresponding to the server identification, and returning to the terminal equipment;
step S311, sending the corresponding prompt information to the terminal device.
In the embodiment of the application, the interface access authority is judged at the application server side aiming at the native code interface of the web page access application, so that the safety problems generated in the processes of domain name extraction, white list matching, parameter transmission and the like when the traditional scheme is judged at the client side are effectively avoided, and the safety of the application program and the web page information interaction can be effectively ensured.
The following describes the technical solution of the present application and how to solve the above technical problem in detail with reference to alternative embodiments. It is to be understood that the following embodiments may be combined with each other, and that the same or similar concepts or processes may not be described in detail in some embodiments.
Fig. 5 is a flowchart illustrating an access method of a native code interface in an application provided in an embodiment of the present application. As shown in fig. 5, the main execution body of the method is a terminal device containing an application program, and the method may include:
step S401, an interface access request sent by a web page server is received, wherein the interface access request comprises a server identifier of the web page server and a target interface identifier of a native code interface requesting access.
The interface access request is used for representing the action that the web page server wants to access the native code interface, and the target interface identification refers to the interface identification of the native code interface that the web page server wants to access.
In practical application, when a web page server needs to access a native code interface corresponding to an application program, an interface access request may be sent to a terminal device including the application program, where the interface access request includes a server identifier for uniquely identifying the web page server and a target interface identifier of the native code interface that is requested to be accessed, so that the terminal device may determine which web page server specifically requests to access the native code interface according to the server identifier and determine which native code interface specifically needs to be accessed according to the target interface identifier.
Step S402, obtaining relevant information of each interface corresponding to the server identifier, wherein each interface is a native code interface of a web page server corresponding to the server identifier and having access right, the relevant information comprises an interface identifier, and the relevant information is obtained from the application program server.
In practical application, the terminal device may obtain, from the application server, related information of each interface corresponding to the server identifier, where the related information includes the interface identifier, and at this time, a native code interface corresponding to the interface identifier included in the related information is a native code interface that the web page server has access right.
Step S403, if the relevant information of each interface includes the interface identifier of the target native code interface, executing the native code corresponding to the target interface identifier.
Specifically, when the terminal device obtains the related information of each interface corresponding to the server identifier, it may be determined whether each interface identifier in the related information includes a target interface identifier, and if the target interface identifier is included, it indicates that the web page server has the permission to access the native code interface corresponding to the target interface identifier, and at this time, the native code corresponding to the target interface identifier may be executed.
In the embodiment of the application, when the terminal device receives an interface access request sent by a web page server, the terminal device can acquire the relevant information of each interface corresponding to the web page server from an application server, perform authority authentication on the interface access request, and execute the corresponding native code only when the relevant information of each interface contains a target interface identifier, thereby effectively improving the safety of the information interaction process between the application and the web page; further, since the relevant information of each interface in the embodiment of the present application is obtained from the application server, a white list does not need to be encoded in the terminal device in a hard coding manner, redundant codes are reduced, and interface permission maintenance does not need to be performed at the application client, thereby improving compatibility.
In an alternative embodiment of the present application, before receiving an interface access request sent by a web page server, the method includes:
receiving a web page operation request of a user through a user interface of an application program;
and sending the web page operation request to a corresponding web page server so that the web page server sends an interface access request to the terminal equipment when determining that the native code interface needs to be called according to the web page operation request.
In practical application, when a user triggers a web page operation request through a user interface of an application program, terminal equipment can send the web page operation request to a corresponding web page server; the web page server may determine whether the operation request needs to call the native code interface according to the web page operation request, and if it is determined that the native code interface needs to be called, may send an interface access request including an interface identifier (i.e., a target interface identifier) of the native code interface that needs to be called to the terminal device.
In an alternative embodiment of the present application, the method further comprises:
receiving an interface parameter ciphertext sent by a web page server, wherein the interface parameter ciphertext is obtained by encrypting an interface parameter by using a first encryption key corresponding to the web page server;
based on the server identification, a first decryption key corresponding to the web page server is obtained from the application program server;
executing the native code corresponding to the target interface identification, including:
decrypting the interface parameter ciphertext based on the first decryption key;
if the decryption is successful, executing a native code corresponding to the target interface identifier based on the interface parameter obtained by the decryption;
the method further comprises the following steps:
and if the decryption fails, generating corresponding prompt information.
The interface parameter refers to an environment parameter of the web page server, for example, the environment parameter may be an IP (Internet Protocol) address of the web page server.
In practical application, when a native code corresponding to a target interface identifier is executed, an interface parameter of a web page server is sometimes required to be input as the execution native code, and at this time, the terminal device may receive an interface parameter ciphertext obtained by the web page server through encryption processing of the interface parameter based on a first encryption key; further, the terminal device may obtain a first decryption key corresponding to the web page server from the application server, and decrypt the interface parameter ciphertext based on the obtained first decryption key, at this time, if decryption is successful, the interface parameter obtained by decryption may be used as an input for executing a native code corresponding to a target interface identifier, and execute the native code corresponding to the target interface identifier, otherwise, if decryption is failed, corresponding prompt information may be generated, for example, prompt information of decryption failure may be generated, and the prompt information of decryption failure is sent to the web page server, so as to inform the web page server that decryption is failed this time.
The method for receiving the interface parameter ciphertext sent by the web page server by the terminal device may be configured in advance, and the embodiment of the present application is not limited. For example, the interface parameter ciphertext may be included in the interface access request sent by the web page server, may be sent by the web page server to the terminal device separately, or may be returned after the web server receives the data acquisition request sent by the terminal device.
In an alternative embodiment of the present application, the method further comprises:
based on the server identification, a second encryption key corresponding to the web page server is obtained from the application program server;
encrypting an execution result obtained by executing the native code corresponding to the target interface identifier based on the second encryption key to obtain an execution result ciphertext;
and sending the execution result ciphertext to the web page server so that the web page server decrypts the execution result ciphertext based on a second decryption key corresponding to the second encryption key to obtain an execution result.
In practical application, after executing the native code corresponding to the target interface identifier, the terminal device may obtain a corresponding execution result, and may further obtain a second encryption key corresponding to the web page server from the application server; when the web page server needs the execution result, in order to ensure the security during data transmission, the execution result can be encrypted based on the second encryption key, and an execution result ciphertext is obtained and returned to the web page server; further, after the web page server receives the execution result ciphertext, the execution result ciphertext may be decrypted based on the second decryption key, so as to obtain an execution result.
In the transmission process of the interface parameter ciphertext and the execution result ciphertext, the https mode can be forcibly adopted to resist man-in-the-middle attack, and therefore the safety of data transmission is improved.
Optionally, the first encryption key and the second decryption key may be private keys of the web page server, and the second encryption key and the first decryption key may be public keys of the web page server.
In the embodiment of the application, when the information of the application program and the Web page is interacted, the transmitted data transmission is encrypted, so that security holes possibly brought in the transmission process can be effectively avoided, and the security is improved.
In an optional embodiment of the present application, the obtaining of the relevant information of each interface corresponding to the server identifier includes:
if the interface access request is the interface access request firstly sent by the web page server, sending a related information acquisition request to the application program server, wherein the related information acquisition request comprises a server identifier; receiving relevant information of each interface corresponding to the server identification returned by the application program server, and storing the relevant information to a local storage space;
and if the interface access request is not the interface access request sent by the web page server for the first time, acquiring the relevant information of each interface corresponding to the server identifier from the local storage space.
In practical application, if the interface access request received by the terminal device is the interface access request firstly sent by the web page server, the terminal may send a related information acquisition request including a server identifier of the web page server to the application server at this time; further, when the application server receives the related information access request, the related information of each interface corresponding to the server identifier can be determined and returned to the terminal device; after receiving the relevant information of each interface corresponding to the server identifier, the terminal device may store the relevant information of each interface corresponding to the server identifier in the local storage space.
Optionally, when the interface access request received by the terminal device is not the interface access request first sent by the web page server, and the terminal device receives the interface access request first sent by the web page server, the terminal device has already acquired, from the application server, the relevant information of each interface corresponding to the server identifier of the web page server, and has stored the information in the local storage space, and at this time, the terminal device may directly acquire the relevant information of each interface corresponding to the server identifier from the local storage space.
In practical application, because the relevant information of each interface corresponding to the web page server may be updated, in order to ensure the accuracy of the relevant information of each interface stored locally, the relevant information of each interface may be updated according to a set period; certainly, in practical application, when the terminal device receives an interface access request sent by the web page server each time, the terminal device may reacquire the relevant information of each interface corresponding to the server identifier of the web page server from the application server, and at this time, it may be ensured that the obtained relevant information of each interface is the latest relevant information, so that the accuracy of the relevant information of each interface is improved.
In an optional embodiment of the present application, the relevant information of each interface is obtained by the application server in the following manner:
receiving a page registration request sent by a web page server, wherein the page registration request comprises a server identifier and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to a web page server;
receiving an interface authority application request returned by the web page server based on the received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
In practical application, when the web page server wants to register the access right of the native code interface, a page registration request can be sent to the application program server, and the page registration request comprises a server identifier and registration verification information; correspondingly, when the application server receives the page registration request, it may determine, according to the server identifier included in the page registration request, which web page server applies for the access right of the registered native code interface, and may also verify the registration verification information of the web page server in order to improve security, and if the verification passes, it indicates that the page registration request sent this time is secure, and at this time, the interface information of each applicable native code interface may be sent to the web page server.
Further, the web page server may determine, according to the received interface information of the applicable native code interface, a native code interface for which access permission needs to be applied, and return an interface permission application request to the application program server, where the interface permission application request includes interface identification information of each native code interface requesting authorization; the application server may determine the relevant information of each interface corresponding to the interface identification information as the relevant information of each interface corresponding to the server identification.
The verification information specifically refers to which information may be preconfigured according to actual requirements, for example, the verification information may refer to a domain name of a web page server and a certificate corresponding to the web page server, and the embodiment of the present application is not limited.
Fig. 6 is a flowchart illustrating an access method of a native code interface in an application provided in an embodiment of the present application. As shown in fig. 6, the method is performed by an application server of an application, and the method includes:
step S501, receiving an interface related information acquisition request sent by a terminal device, where the interface related information acquisition request includes a server identifier of a web page server, where the interface related information acquisition request is sent by the terminal device when receiving an interface access request sent by the web page server, and the interface access request includes the server identifier and a target interface identifier of a native code interface requesting access.
When receiving an interface access request sent by a web page server, a terminal device may send related information indicating that it is desired to obtain each native code interface having access right of the web page server, where the interface related information obtaining request includes a server identifier for identifying the web page server, and the description of the interface access request may refer to the foregoing description, which is not described herein again.
Step S502, determining relevant information of each interface corresponding to the server identifier, wherein each interface is a native code interface of a web page server corresponding to the server identifier and has access right, and the relevant information comprises the interface identifier.
In practical application, after receiving the interface related information acquisition request, the application program server may determine each native code interface of which the web page server corresponding to the server identifier included in the interface related information acquisition request has access right, and use the interface identifier of each native code interface as the related information of each interface corresponding to the server identifier.
Step S503, sending the relevant information of each interface to the terminal device, so that when the terminal device determines that the relevant information of each interface includes the target interface identifier, the terminal device executes the native code corresponding to the target interface identifier.
Specifically, after the application server determines that the web page server corresponding to the server identifier has each native code interface with access right, the interface identifier of each interface of the native code may be returned to the terminal device as the related information of each interface; after receiving the relevant information of each interface, the terminal device may determine whether the target interface identifier is included in the relevant information, and further determine whether the native code corresponding to the target interface identifier needs to be executed.
In an optional embodiment of the present application, the interface access request is an interface access request that is sent by a web page server to a terminal device for the first time; the method comprises the steps that when the terminal equipment receives relevant information of each interface, the relevant information of each interface is stored in a local storage space, and when the terminal equipment receives an interface access request sent again by a web page server, the relevant information of each interface is obtained from the local storage space.
In practical application, if a terminal device receives an interface access request sent by a certain web page server for the first time, the terminal device sends an interface related information acquisition request containing a server identifier of the web page server to an application program server, and when receiving related information of each interface returned by the application program server, the terminal device can store the related information of each interface corresponding to the server identifier of the web page server into a local storage space; optionally, when the terminal device receives the interface access request sent by the web page server again, the terminal device may obtain the relevant information of each interface corresponding to the server identifier from the local storage space, and does not need to obtain the relevant information from the application server again.
In an alternative embodiment of the present application, the method further comprises:
receiving a page registration request sent by a web page server, wherein the page registration request comprises a server identifier and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to a web page server;
receiving an interface authority application request returned by a web page server based on received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
The method comprises the steps that a web page server sends a page registration request which indicates that the web page server wants to apply for registering the access authority of a native code interface; interface information of the applicable native code interface refers to interface information of each native code interface which can grant access authority to the web page server; for a detailed description of the registration verification information, reference is made to the foregoing description, which is not repeated herein.
In practical application, when a page registration request sent by a web page server is received, the web page server can be verified based on the registration verification information included in the page registration request, and if the web page server passes the verification, the interface information of an applicable native code interface is sent to the web page server; correspondingly, the web page server can determine a native code interface which needs to apply for the access authority specifically based on the received interface information, and generate an interface authority application request based on the interface identification information of each native code interface requesting for authorization and return the interface authority application request to the application program server; the application server can determine which access rights of the native code interface are granted to the web page server based on the interface right application request, and further obtain the relevant information of each interface corresponding to the server identifier of the web page server.
In an optional embodiment of the present application, the interface information of each applicable native code interface includes packet related information of each interface packet, and for an interface packet, the packet related information of the interface packet includes a packet identifier of the interface packet, and related information of each interface belonging to the interface packet;
if the interface identification information includes a group identification, determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information, including:
determining the relevant information of each interface corresponding to the grouping identification carried in the interface permission application request as the relevant information of each interface corresponding to the server identification;
if the interface identification information includes an interface identification, determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information, including:
and determining the relevant information of the interface corresponding to the interface identifier carried in the interface permission application request as the relevant information of each interface corresponding to the server identifier.
In practical application, in order to facilitate management of the native code interface, the applicable native code interface may be divided into interface groups, and for each interface group, the group related information of the interface group may include a group identifier for identifying the interface group and related information of each interface belonging to the interface group. The basis for dividing applicable native code interfaces into interface groups may be configured in advance, and the embodiments of the present application are not limited. For example, the native code interfaces for login may be divided into interface groups according to the role of each native code interface, such as dividing the native code interfaces for login into one interface group.
Optionally, after receiving the interface information of each applicable native code interface, the web page server may send an interface permission application request to the application server according to its actual service requirement, where the interface permission application request may include an interface group identifier or an interface group name for which the web page server needs to apply for an access permission; when the application program server receives the interface authority application request, whether the interface information of each applicable native code interface includes the interface grouping identification or the interface grouping name included in the interface authority application request is determined, if so, the relevant information of each interface corresponding to the grouping identification or the interface grouping name carried in the interface authority application request is determined as the relevant information of each interface corresponding to the server identification, namely, the access authority of each native code interface belonging to the interface grouping corresponding to the interface grouping identification is granted to the web page server.
Optionally, after receiving the interface information of each applicable native code interface, the web page server may also send an interface permission application request to the application server according to its actual service requirement, where the interface permission application request may include an interface identifier for which the web page server needs to apply for an access permission; when the application program server receives the interface authority application request, whether the interface information of each applicable native code interface includes the interface identifier included in the interface authority application request is determined, if yes, the relevant information of each interface corresponding to the interface identifier carried in the interface authority application request is determined as the relevant information of each interface corresponding to the server identifier, namely, the access authority of the native code interface corresponding to the interface identifier is granted to the web page server.
Optionally, in practical application, if some native code interfaces that are not divided into interface groups exist, after the web page server receives the interface information of each of the applicable native code interfaces, if it is determined according to its actual service requirement that some native code interfaces that are not divided into interface groups are needed, some native code interfaces that are divided into interface groups are also needed, at this time, the interface permission application request sent by the web page server may include an interface group identifier and an interface identifier that request to grant an application access permission.
In an alternative embodiment of the present application, the method further comprises:
acquiring a domain name of a web server;
establishing an association relation between a domain name of a web server and a group identifier corresponding to a server identifier;
determining relevant information of each interface corresponding to the server identification, wherein the relevant information comprises the following steps:
acquiring a domain name of a web page server corresponding to a server identifier;
determining a target grouping identifier corresponding to the domain name based on the domain name and the association relation of the web server;
and determining the relevant information of each interface corresponding to the target grouping identification as the relevant information of each interface corresponding to the server identification according to the grouping relevant information of each interface grouping.
In practical application, the domain name of the web server may be obtained, and then the association relationship between the domain name of the web server and the group identifier corresponding to the server identifier corresponding thereto is established, that is, a connection is established between the domain name of the web server and the group identifier corresponding to the web server, and at this time, the group identifier corresponding to the server identifier can be known when the domain name of the web server is known. If the domain name of the web server can uniquely identify the web server, the page server identifier can also be the domain name of the web page server, and the group identifier corresponding to the server identifier is the group identifier corresponding to the domain name of the web server.
Optionally, when the application server receives an interface related information acquisition request sent by the terminal device, it may determine a web page server corresponding to the server identifier included in the application server, then acquire a domain name of the web page server, then determine a target group identifier corresponding to the domain name of the web page server based on the domain name and the association relationship of the web server, determine related information of each interface belonging to the target group identifier according to the group related information of each interface group, and return the related information of each interface belonging to the target group identifier to the terminal device as the related information of each interface corresponding to the server identifier.
In an alternative embodiment of the present application, determining relevant information of each interface corresponding to the server identifier includes:
performing security verification on a web page server corresponding to the server identifier;
when the safety verification passes, determining the related information of each interface corresponding to the server identification;
the method further comprises the following steps:
and if the security verification is not passed, sending corresponding prompt information to the terminal equipment.
In practical application, in order to prevent malicious acquisition of access rights of a native code interface and security risks, in the embodiment of the present application, when determining related information of each interface corresponding to a server identifier, security verification may be performed on a web page server corresponding to the web page server identifier first, and when the security verification passes, each interface corresponding to the server identifier is used as each interface having access rights of the web page server, and interface identifiers of each interface having access rights are returned to a terminal device. Optionally, if the security verification fails, corresponding prompt information may be sent to the terminal device to notify that the terminal device has a security risk in the web page server or does not have a right to access the native code interface.
In an optional embodiment of the present application, the performing security verification on the web page corresponding to the server identifier includes:
acquiring a Uniform Resource Locator (URL) of a web page server corresponding to a server identifier;
and performing security verification on the URL, and/or acquiring the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server.
In practical application, when performing security verification on a web page corresponding to a server identifier, a URL of a web page server corresponding to the server identifier may be obtained, and then security verification is performed on the URL, or a domain name of the web page server corresponding to the server identifier may be determined, and security verification is performed on the domain name of the web page server.
When the URL is subjected to security verification, a URL blacklist can be configured in advance, the URL blacklist comprises URLs of all web page servers which cannot access native code interfaces, and after the URL of the web page server is obtained, if the URL blacklist comprises the URL of the web page server, the URL blacklist is regarded as verification failure.
In an optional embodiment of the present application, obtaining a domain name of a web page server based on a URL, and performing security verification on the domain name of the web page server includes:
based on the authorized domain name associated information of each web page server, performing security verification on the domain name of the web page server;
for a web page server, the domain name association information includes the domain name of the web page server and/or the authorized validity period of each interface corresponding to the domain name.
In practical applications, domain name association information may exist for each web page server with native code interface access rights (i.e., authorized web page servers), and the domain name association information may include the authorized domain name of each web page server and/or the authorized validity period of each interface (i.e., interface identifier of each native code interface) corresponding to the domain name of each web page server.
Optionally, when performing security verification on the domain name of the web page server, it may be determined whether the domain name of the web page server is included in the domain name association information, if the domain name of the web page server is included, the verification is regarded as passed, and if the domain name of the web page server is not included, the verification is regarded as failed, that is, the web page server does not have the right to access the native code interface.
Optionally, when performing security verification on the domain name of the web page server, security verification may also be performed on an authorized validity period of each interface corresponding to the web page server, and when a certain native code interface exceeds the authorized validity period, it is determined that the native code interface no longer has an access right. If the authorized validity periods corresponding to the native code interfaces are different, when the relevant information of the interfaces corresponding to the server identifier is determined, the relevant information of the interfaces with unauthorized validity periods can be determined as the relevant information of the interfaces corresponding to the server identifier.
The domain name of the web page server can be extracted from a URL corresponding to the web page server, and the domain name of the web page server can be a sub-domain name of the web page server. It can be understood that, if the registration information is verified to include the URL corresponding to the web page server, the verification may be performed directly based on the URL without acquiring the URL again, and thus, the data processing amount may be reduced.
It can be understood that the execution sequence of the various security verification methods described above may be configured in advance, and the embodiments of the present application are not limited thereto.
In an alternative embodiment of the present application, the method further comprises:
receiving and storing a corresponding decryption key sent by a web page server;
receiving a key acquisition request sent by terminal equipment, wherein the key acquisition request comprises a server identifier; the key acquisition request is sent when an interface parameter ciphertext is received;
determining a decryption key corresponding to the server identifier;
and returning the decryption key to the terminal equipment, wherein the key comprises a key corresponding to the server identifier.
In practical applications, when the web page server has the access right of the native code interface, the web page server may send its own public key to the application server, and the application server stores the public key of the web page server as a key for the web page server after receiving the public key, so that the subsequent terminal device may perform encryption processing and/or decryption processing of data based on the public key.
In practical applications, the web page server sometimes needs to send an interface parameter to the terminal device, so that the terminal device executes the native code of the target interface according to the interface parameter, but in order to ensure data security during data transmission, the interface parameter is usually encrypted based on an encryption key corresponding to the web page server; optionally, when the terminal device needs to return an execution result obtained after executing the native code to the web page server, the execution result may also be encrypted by using the encryption key, so as to ensure the security of data transmission. Based on this, the terminal device may send a key acquisition request to the application server, and the application server determines the decryption key corresponding to the server identifier in the key acquisition request and returns the decryption key to the terminal device.
The key includes at least one of a second encryption key and a first decryption key, and it can be understood that when the key includes the second encryption key and the first decryption key, the terminal device acquires the decryption key and the encryption key at one time, and of course, the terminal device may also acquire the second encryption key or the first decryption key separately.
Optionally, in this embodiment of the application, the first decryption key may be a public key corresponding to the web page server, and the key for performing the interface parameter encryption processing and the decryption processing on the execution result by the web server may be a private key corresponding to the web page server.
The embodiment of the present application provides an access apparatus for a native code interface in an application, as shown in fig. 7, the access apparatus 70 for a native code interface in an application may include: an access request receiving module 701, an interface information acquiring module 702, and a code executing module 703, wherein,
an access request receiving module 701, configured to receive an interface access request sent by a web page server, where the interface access request includes a server identifier of the web page server and a target interface identifier of a native code interface that requests access;
an interface information obtaining module 702, configured to obtain relevant information of each interface corresponding to a server identifier, where each interface is each native code interface that a web page server corresponding to the server identifier has access right, and the relevant information includes an interface identifier, and the relevant information is obtained from an application server;
the code execution module 703 is configured to execute the native code corresponding to the target interface identifier if the relevant information of each interface includes the interface identifier of the target native code interface.
Optionally, the apparatus further includes a request receiving module, specifically configured to:
receiving a web page operation request of a user through a user interface of an application program before receiving an interface access request sent by a web page server of a webpage;
and sending the web page operation request to a corresponding web page server so that the web page server sends an interface access request to the terminal equipment when determining that the native code interface needs to be called according to the web page operation request.
Optionally, the apparatus further includes a ciphertext processing module, which is specifically configured to:
receiving an interface parameter ciphertext sent by a web page server, wherein the interface parameter ciphertext is obtained by encrypting an interface parameter by using a first encryption key corresponding to the web page server;
based on the server identification, a first decryption key corresponding to the web page server is obtained from the application program server;
when executing the native code corresponding to the target interface identifier, the code execution module is specifically configured to:
decrypting the interface parameter ciphertext based on the first decryption key;
if the decryption is successful, executing a native code corresponding to the target interface identifier based on the interface parameter obtained by the decryption;
the device further comprises an information generation module, specifically configured to:
and when the decryption fails, generating corresponding prompt information.
Optionally, the ciphertext processing module is further configured to obtain, based on the server identifier, a second encryption key corresponding to the web page server from the application server;
encrypting an execution result obtained by executing the native code corresponding to the target interface identifier based on the second encryption key to obtain an execution result ciphertext;
and sending the execution result ciphertext to the web page server so that the web page server decrypts the execution result ciphertext based on a second decryption key corresponding to the second encryption key to obtain an execution result.
Optionally, when the interface information obtaining module obtains the relevant information of each interface corresponding to the server identifier, the interface information obtaining module is specifically configured to:
if the interface access request is the interface access request firstly sent by the web page server, sending a related information acquisition request to the application program server, wherein the related information acquisition request comprises a server identifier; receiving relevant information of each interface corresponding to the server identification returned by the application program server, and storing the relevant information to a local storage space;
and if the interface access request is not the interface access request sent by the web page server for the first time, acquiring the relevant information of each interface corresponding to the server identifier from the local storage space.
An embodiment of the present application provides an access apparatus for a native code interface in an application, as shown in fig. 8, the access apparatus 80 for a native code interface in an application may include: an interface information acquisition request acquisition module 801, an interface information determination module 802, and an interface information transmission module 803, wherein,
an interface information obtaining request obtaining module 801, configured to receive an interface related information obtaining request sent by a terminal device, where the interface related information obtaining request includes a server identifier of a web page server, where the interface related information obtaining request is sent by the terminal device when receiving an interface access request sent by the web page server, and the interface access request includes the server identifier and a target interface identifier of a native code interface that requests access;
an interface information determining module 802, configured to determine relevant information of each interface corresponding to the server identifier, where each interface is each native code interface having access right of the web page server corresponding to the server identifier, and the relevant information includes the interface identifier;
the interface information sending module 803 is configured to send the relevant information of each interface to the terminal device, so that when it is determined that the relevant information of each interface includes the target interface identifier, the terminal device executes the native code corresponding to the target interface identifier.
Optionally, the interface access request is an interface access request sent by the web page server to the terminal device for the first time; the method comprises the steps that when the terminal equipment receives relevant information of each interface, the relevant information of each interface is stored in a local storage space, and when the terminal equipment receives an interface access request sent again by a web page server, the relevant information of each interface is obtained from the local storage space.
Optionally, the interface information determining module is further configured to:
receiving a page registration request sent by a web page server, wherein the page registration request comprises a server identifier and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to a web page server;
receiving an interface authority application request returned by a web page server based on received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
Optionally, the interface information of each applicable native code interface includes packet related information of each interface packet, and for an interface packet, the packet related information of the interface packet includes a packet identifier of the interface packet and related information of each interface belonging to the interface packet;
if the interface identification information includes a group identification, the interface information determining module is specifically configured to, when determining the relevant information of each interface corresponding to the interface identification information, determine the relevant information of each interface corresponding to the server identification:
determining the relevant information of each interface corresponding to the grouping identification carried in the interface permission application request as the relevant information of each interface corresponding to the server identification;
if the interface identification information includes an interface identification, the interface information determining module is specifically configured to, when determining the relevant information of each interface corresponding to the server identification from the relevant information of each interface corresponding to the interface identification information:
and determining the relevant information of the interface corresponding to the interface identifier carried in the interface permission application request as the relevant information of each interface corresponding to the server identifier.
Optionally, the apparatus further includes an association relation determining module, specifically configured to:
acquiring a domain name of a web server;
establishing an association relation between a domain name of a web server and a group identifier corresponding to a server identifier;
when determining the related information of each interface corresponding to the server identifier, the interface information determining module is specifically configured to:
acquiring a domain name of a web page server corresponding to a server identifier;
determining a target grouping identifier corresponding to the domain name based on the domain name and the association relation of the web server;
and determining the relevant information of each interface corresponding to the target grouping identification as the relevant information of each interface corresponding to the server identification according to the grouping relevant information of each interface grouping.
Optionally, when determining the relevant information of each interface corresponding to the server identifier, the interface information determining module is specifically configured to:
performing security verification on a web page server corresponding to the server identifier;
when the safety verification passes, determining the related information of each interface corresponding to the server identification;
the device further comprises an information generation module, specifically configured to:
and when the security verification is not passed, sending corresponding prompt information to the terminal equipment.
Optionally, when the interface information determining module performs security verification on the web page corresponding to the server identifier, the interface information determining module is specifically configured to:
acquiring a URL (uniform resource locator) of a web page server corresponding to a server identifier;
and performing security verification on the URL, and/or acquiring the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server.
Optionally, the interface information determining module is specifically configured to, when obtaining the domain name of the web page server based on the URL and performing security verification on the domain name of the web page server:
based on the authorized domain name associated information of each web page server, performing security verification on the domain name of the web page server;
for a web page server, the domain name association information includes the domain name of the web page server and/or the authorized validity period of each interface corresponding to the domain name.
The access device for the native code interface in the application program according to the embodiment of the present application can execute the access method for the native code interface in the application program according to the embodiment of the present application, and the implementation principles are similar, and are not described herein again.
An embodiment of the present application provides an electronic device, as shown in fig. 9, an electronic device 2000 shown in fig. 9 includes: a processor 2001 and a memory 2003. Wherein the processor 2001 is coupled to a memory 2003, such as via a bus 2002. Optionally, the electronic device 2000 may also include a transceiver 2004. It should be noted that the transceiver 2004 is not limited to one in practical applications, and the structure of the electronic device 2000 is not limited to the embodiment of the present application.
The processor 2001 is applied in the embodiment of the present application to implement the functions of the modules shown in fig. 7 and 8.
The processor 2001 may be a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 2001 may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs and microprocessors, and the like.
The memory 2003 may be, but is not limited to, ROM or other types of static storage devices that can store static information and computer programs, RAM or other types of dynamic storage devices that can store information and computer programs, EEPROM, CD-ROM or other optical disk storage, optical disk storage (including compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store a desired computer program or in the form of a data structure and that can be accessed by a computer.
The memory 2003 is used for storing computer programs for executing the application programs of the present scheme and is controlled in execution by the processor 2001. The processor 2001 is used to execute a computer program of an application program stored in the memory 2003 to implement the actions of the apparatus provided by the embodiments shown in fig. 7 and 8.
An embodiment of the present application provides an electronic device, including a processor and a memory: the memory is configured to store a computer program which, when executed by the processor, causes the processor to perform any of the methods of the above embodiments.
The present application provides a computer-readable storage medium for storing a computer program, which, when run on a computer, enables the computer to execute any one of the above-mentioned methods.
According to one aspect of the present application, embodiments of the present application provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method provided in the various alternative implementations described above.
The terms and implementation principles used in this application for a computer-readable storage medium may refer to the method in the embodiments of the present application, and are not described herein again.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, several modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.
Claims (15)
1. A method for accessing a native code interface in an application, the method comprising:
receiving an interface access request sent by a web page server of a webpage, wherein the interface access request comprises a server identifier of the web page server and a target interface identifier of a native code interface requesting access;
acquiring related information of each interface corresponding to the server identifier, wherein each interface is a native code interface of a web page server corresponding to the server identifier and has access right, the related information comprises an interface identifier, and the related information is acquired from an application program server;
and if the related information of each interface comprises the interface identifier of the target native code interface, executing the native code corresponding to the target interface identifier.
2. The method of claim 1, wherein before receiving the interface access request sent by the web page server, the method comprises:
receiving a web page operation request of a user through a user interface of an application program;
and sending the web page operation request to a corresponding web page server so that the web page server sends the interface access request to the terminal equipment when determining that a native code interface needs to be called according to the web page operation request.
3. The method of claim 1, further comprising:
receiving an interface parameter ciphertext sent by the web page server, wherein the interface parameter ciphertext is obtained by encrypting an interface parameter by using a first encryption key corresponding to the web page server;
based on the server identification, a first decryption key corresponding to the web page server is obtained from the application program server;
the executing the native code corresponding to the target interface identification comprises:
decrypting the interface parameter ciphertext based on the first decryption key;
if the decryption is successful, executing a native code corresponding to the target interface identifier based on the interface parameter obtained by the decryption;
the method further comprises the following steps:
and if the decryption fails, generating corresponding prompt information.
4. The method of claim 3, further comprising:
based on the server identification, a second encryption key corresponding to the web page server is obtained from the application program server;
encrypting an execution result obtained by executing the native code corresponding to the target interface identifier based on the second encryption key to obtain an execution result ciphertext;
and sending the execution result ciphertext to the web page server so that the web page server decrypts the execution result ciphertext based on a second decryption key corresponding to the second encryption key to obtain the execution result.
5. The method according to claim 4, wherein the obtaining the related information of each interface corresponding to the server identifier comprises:
if the interface access request is the interface access request firstly sent by the web page server, sending a related information acquisition request to the application program server, wherein the related information acquisition request comprises the server identifier; receiving relevant information of each interface corresponding to the server identification returned by the application program server, and storing the relevant information to a local storage space;
and if the interface access request is not the interface access request sent by the web page server for the first time, acquiring the relevant information of each interface corresponding to the server identifier from the local storage space.
6. A method for accessing a native code interface in an application, the method comprising:
receiving an interface related information acquisition request sent by terminal equipment, wherein the interface related information acquisition request comprises a server identifier of a web page server, the interface related information acquisition request is sent by the terminal equipment when receiving an interface access request sent by the web page server, and the interface access request comprises the server identifier and a target interface identifier of a native code interface requesting access;
determining relevant information of each interface corresponding to the server identifier, wherein each interface is a native code interface of a web page server corresponding to the server identifier and has access right, and the relevant information comprises an interface identifier;
and sending the relevant information of each interface to the terminal equipment so that the terminal equipment executes the native code corresponding to the target interface identifier when determining that the relevant information of each interface contains the target interface identifier.
7. The method according to claim 6, wherein the interface access request is an interface access request sent by the web page server to the terminal device for the first time; the terminal device stores the relevant information of each interface to a local storage space when receiving the relevant information of each interface, and acquires the relevant information of each interface from the local storage space when receiving an interface access request sent again by the web page server.
8. The method of claim 7, further comprising:
receiving a page registration request sent by the web page server, wherein the page registration request comprises the server identification and registration verification information;
verifying the registration verification information, and if the verification is passed, sending interface information of each applicable native code interface to the web page server;
receiving an interface authority application request returned by the web page server based on the received interface information, wherein the interface authority application request comprises interface identification information of each native code interface requesting authorization;
and determining the relevant information of each interface corresponding to the server identification according to the relevant information of each interface corresponding to the interface identification information.
9. The method according to claim 8, wherein the interface information of each applicable native code interface includes packet related information of each interface packet, and for an interface packet, the packet related information of the interface packet includes packet identification of the interface packet, related information of each interface belonging to the interface packet;
if the interface identification information includes a group identification, determining the relevant information of each interface corresponding to the server identification from the relevant information of each interface corresponding to the interface identification information includes:
determining the relevant information of each interface corresponding to the group identifier carried in the interface permission application request as the relevant information of each interface corresponding to the server identifier;
if the interface identification information includes an interface identification, determining the relevant information of each interface corresponding to the server identification from the relevant information of each interface corresponding to the interface identification information, including:
and determining the relevant information of the interface corresponding to the interface identifier carried in the interface permission application request as the relevant information of each interface corresponding to the server identifier.
10. The method of claim 9, further comprising:
acquiring a domain name of the web server;
establishing an association relation between the domain name of the web server and the group identifier corresponding to the server identifier;
the determining the relevant information of each interface corresponding to the server identifier includes:
acquiring a domain name of a web page server corresponding to the server identifier;
determining a target grouping identifier corresponding to the domain name based on the domain name of the web server and the association relation;
and determining the relevant information of each interface corresponding to the target grouping identification as the relevant information of each interface corresponding to the server identification according to the grouping relevant information of each interface grouping.
11. The method according to any one of claims 6 to 10, wherein the determining the related information of each interface corresponding to the server identifier comprises:
performing security verification on the web page server corresponding to the server identifier;
when the security verification passes, determining the related information of each interface corresponding to the server identification;
the method further comprises the following steps:
and if the safety verification is not passed, sending corresponding prompt information to the terminal equipment.
12. An apparatus for accessing native code interfaces in an application, comprising:
the system comprises an access request receiving module, a web page server and a web page server, wherein the access request receiving module is used for receiving an interface access request sent by the web page server, and the interface access request comprises a server identifier of the web page server and a target interface identifier of a native code interface requesting access;
an interface information obtaining module, configured to obtain relevant information of each interface corresponding to the server identifier, where each interface is a native code interface of a web page server corresponding to the server identifier and has access right, the relevant information includes an interface identifier, and the relevant information is obtained from an application server;
and the code execution module is used for executing the native code corresponding to the target interface identifier if the relevant information of each interface comprises the interface identifier of the target native code interface.
13. An apparatus for accessing native code interfaces in an application, comprising:
an interface information acquisition request acquisition module, configured to receive an interface related information acquisition request sent by a terminal device, where the interface related information acquisition request includes a server identifier of a web page server, where the interface related information acquisition request is sent by the terminal device when receiving an interface access request sent by the web page server, and the interface access request includes the server identifier and a target interface identifier of a native code interface that requests access;
an interface information determining module, configured to determine relevant information of each interface corresponding to the server identifier, where each interface is a native code interface of a web page server corresponding to the server identifier and has access right, and the relevant information includes an interface identifier;
and the interface information sending module is used for sending the relevant information of each interface to the terminal equipment so as to enable the terminal equipment to execute the native code corresponding to the target interface identifier when the relevant information of each interface is determined to contain the target interface identifier.
14. An electronic device, comprising a processor and a memory:
the memory is configured to store a computer program that, when executed by the processor, causes the processor to perform the method of any of claims 1-5, or any of claims 6-11.
15. A computer-readable storage medium for storing a computer program which, when run on a computer, causes the computer to perform the method of any of claims 1-5, or any of claims 6-11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010647215.8A CN111800426A (en) | 2020-07-07 | 2020-07-07 | Method, device, equipment and medium for accessing native code interface in application program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010647215.8A CN111800426A (en) | 2020-07-07 | 2020-07-07 | Method, device, equipment and medium for accessing native code interface in application program |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111800426A true CN111800426A (en) | 2020-10-20 |
Family
ID=72810372
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010647215.8A Pending CN111800426A (en) | 2020-07-07 | 2020-07-07 | Method, device, equipment and medium for accessing native code interface in application program |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111800426A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112528274A (en) * | 2020-12-24 | 2021-03-19 | 微医云(杭州)控股有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN112600786A (en) * | 2020-11-12 | 2021-04-02 | 湖南快乐阳光互动娱乐传媒有限公司 | Data interaction method and device |
| CN112822020A (en) * | 2020-12-30 | 2021-05-18 | 平安普惠企业管理有限公司 | Network request method, network request device, computer equipment and storage medium |
| CN113515767A (en) * | 2021-08-02 | 2021-10-19 | 杭州粉象家科技有限公司 | Interface request management method and device based on mixed-mode mobile application |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056175A (en) * | 2007-04-26 | 2007-10-17 | 华为技术有限公司 | Disk array and its access right control method and device, server and server system |
| CN101515932A (en) * | 2009-03-23 | 2009-08-26 | 中兴通讯股份有限公司 | Method and system for accessing Web service safely |
| CN103973642A (en) * | 2013-01-30 | 2014-08-06 | 中国电信股份有限公司 | Method and device for realizing JS API security access control |
| CN104731581A (en) * | 2015-02-03 | 2015-06-24 | 惠州Tcl移动通信有限公司 | Frame code modifying method and device based on Android system |
| CN105933315A (en) * | 2016-04-21 | 2016-09-07 | 浪潮集团有限公司 | Network service security communication method, device and system |
| CN107368736A (en) * | 2017-07-03 | 2017-11-21 | 青岛海信电器股份有限公司 | Information access method, device and computer-readable recording medium |
| US20170372600A1 (en) * | 2015-01-16 | 2017-12-28 | Nokia Technologies Oy | Method, apparatus, and computer program product for local control through intermediate device |
| CN107918731A (en) * | 2016-10-11 | 2018-04-17 | 百度在线网络技术(北京)有限公司 | Method and apparatus for controlling the authority to access to open interface |
| CN108809956A (en) * | 2018-05-23 | 2018-11-13 | 广州虎牙信息科技有限公司 | Method for authenticating, access request retransmission method based on micro services and device, system |
| CN108924125A (en) * | 2018-06-29 | 2018-11-30 | 招银云创(深圳)信息技术有限公司 | Control method, device, computer equipment and the storage medium of interface calling permission |
| CN110069941A (en) * | 2019-03-15 | 2019-07-30 | 深圳市买买提信息科技有限公司 | A kind of interface access authentication method, apparatus and computer-readable medium |
| CN110348236A (en) * | 2018-04-02 | 2019-10-18 | 腾讯科技(深圳)有限公司 | A kind of operating right setting method, device and the storage medium of file |
| CN110430288A (en) * | 2019-09-16 | 2019-11-08 | 腾讯科技(深圳)有限公司 | Node visit method, apparatus, computer equipment and storage medium |
| CN110535971A (en) * | 2019-09-16 | 2019-12-03 | 腾讯科技(深圳)有限公司 | Interface configuration processing method, device, equipment and storage medium based on block chain |
| CN110636057A (en) * | 2019-09-10 | 2019-12-31 | 腾讯科技(深圳)有限公司 | Application access method and device and computer readable storage medium |
-
2020
- 2020-07-07 CN CN202010647215.8A patent/CN111800426A/en active Pending
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056175A (en) * | 2007-04-26 | 2007-10-17 | 华为技术有限公司 | Disk array and its access right control method and device, server and server system |
| CN101515932A (en) * | 2009-03-23 | 2009-08-26 | 中兴通讯股份有限公司 | Method and system for accessing Web service safely |
| CN103973642A (en) * | 2013-01-30 | 2014-08-06 | 中国电信股份有限公司 | Method and device for realizing JS API security access control |
| US20170372600A1 (en) * | 2015-01-16 | 2017-12-28 | Nokia Technologies Oy | Method, apparatus, and computer program product for local control through intermediate device |
| CN104731581A (en) * | 2015-02-03 | 2015-06-24 | 惠州Tcl移动通信有限公司 | Frame code modifying method and device based on Android system |
| CN105933315A (en) * | 2016-04-21 | 2016-09-07 | 浪潮集团有限公司 | Network service security communication method, device and system |
| CN107918731A (en) * | 2016-10-11 | 2018-04-17 | 百度在线网络技术(北京)有限公司 | Method and apparatus for controlling the authority to access to open interface |
| CN107368736A (en) * | 2017-07-03 | 2017-11-21 | 青岛海信电器股份有限公司 | Information access method, device and computer-readable recording medium |
| CN110348236A (en) * | 2018-04-02 | 2019-10-18 | 腾讯科技(深圳)有限公司 | A kind of operating right setting method, device and the storage medium of file |
| CN108809956A (en) * | 2018-05-23 | 2018-11-13 | 广州虎牙信息科技有限公司 | Method for authenticating, access request retransmission method based on micro services and device, system |
| CN108924125A (en) * | 2018-06-29 | 2018-11-30 | 招银云创(深圳)信息技术有限公司 | Control method, device, computer equipment and the storage medium of interface calling permission |
| CN110069941A (en) * | 2019-03-15 | 2019-07-30 | 深圳市买买提信息科技有限公司 | A kind of interface access authentication method, apparatus and computer-readable medium |
| CN110636057A (en) * | 2019-09-10 | 2019-12-31 | 腾讯科技(深圳)有限公司 | Application access method and device and computer readable storage medium |
| CN110430288A (en) * | 2019-09-16 | 2019-11-08 | 腾讯科技(深圳)有限公司 | Node visit method, apparatus, computer equipment and storage medium |
| CN110535971A (en) * | 2019-09-16 | 2019-12-03 | 腾讯科技(深圳)有限公司 | Interface configuration processing method, device, equipment and storage medium based on block chain |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112600786A (en) * | 2020-11-12 | 2021-04-02 | 湖南快乐阳光互动娱乐传媒有限公司 | Data interaction method and device |
| CN112528274A (en) * | 2020-12-24 | 2021-03-19 | 微医云(杭州)控股有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN112528274B (en) * | 2020-12-24 | 2023-09-22 | 微医云(杭州)控股有限公司 | Data processing method, device, electronic equipment and storage medium |
| CN112822020A (en) * | 2020-12-30 | 2021-05-18 | 平安普惠企业管理有限公司 | Network request method, network request device, computer equipment and storage medium |
| CN112822020B (en) * | 2020-12-30 | 2023-12-12 | 新疆联盛科技有限公司 | Network request method, device, computer equipment and storage medium |
| CN113515767A (en) * | 2021-08-02 | 2021-10-19 | 杭州粉象家科技有限公司 | Interface request management method and device based on mixed-mode mobile application |
| CN113515767B (en) * | 2021-08-02 | 2024-01-23 | 杭州粉象家科技有限公司 | Interface request management method and device based on mixed mode mobile application |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111212095B (en) | Authentication method, server, client and system for identity information | |
| CN112422532B (en) | Service communication method, system and device and electronic equipment | |
| JP5522307B2 (en) | System and method for remote maintenance of client systems in electronic networks using software testing with virtual machines | |
| US9219722B2 (en) | Unclonable ID based chip-to-chip communication | |
| CN111800426A (en) | Method, device, equipment and medium for accessing native code interface in application program | |
| CN114679293A (en) | Access control method, device and storage medium based on zero trust security | |
| US10715502B2 (en) | Systems and methods for automating client-side synchronization of public keys of external contacts | |
| CN111355726B (en) | Identity authorization login method and device, electronic equipment and storage medium | |
| US20150281239A1 (en) | Provision of access privileges to a user | |
| CN112016106B (en) | Authentication calling method, device and equipment of open interface and readable storage medium | |
| CN104184713A (en) | Terminal identification method, machine identification code registration method, and corresponding system and equipment | |
| CN110225017B (en) | Identity authentication method, equipment and storage medium based on alliance block chain | |
| CN106713315B (en) | Login method and device of plug-in application program | |
| JP2017097542A (en) | Authentication control program, authentication control device, and authentication control method | |
| CN112099964A (en) | Interface calling method and device, storage medium and electronic device | |
| CN110807210B (en) | Information processing method, platform, system and computer storage medium | |
| CN107276966B (en) | Control method and login system of distributed system | |
| CN109525613B (en) | Request processing system and method | |
| TWI546698B (en) | Login system based on servers, login authentication server, and authentication method thereof | |
| WO2018145742A1 (en) | Private key updating | |
| CN108429732B (en) | Method and system for acquiring resources | |
| CN109802927B (en) | Security service providing method and device | |
| CN114861144A (en) | Data authority processing method based on block chain | |
| CN111935122B (en) | Data security processing method and device | |
| CN111988298A (en) | Data processing method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40030770 Country of ref document: HK |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |