CN115630249A - Service processing method and device, electronic equipment and computer readable medium - Google Patents

Service processing method and device, electronic equipment and computer readable medium Download PDF

Info

Publication number
CN115630249A
CN115630249A CN202211196785.5A CN202211196785A CN115630249A CN 115630249 A CN115630249 A CN 115630249A CN 202211196785 A CN202211196785 A CN 202211196785A CN 115630249 A CN115630249 A CN 115630249A
Authority
CN
China
Prior art keywords
acquiring
server
client
authorization code
request message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211196785.5A
Other languages
Chinese (zh)
Inventor
曹威
李凯
刘亚娇
张希威
袁茵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
CCB Finetech Co Ltd
Original Assignee
China Construction Bank Corp
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp, CCB Finetech Co Ltd filed Critical China Construction Bank Corp
Priority to CN202211196785.5A priority Critical patent/CN115630249A/en
Publication of CN115630249A publication Critical patent/CN115630249A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/958Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a service processing method, a service processing device, electronic equipment and a computer readable medium, which relate to the technical field of mobile interconnection, and one specific embodiment comprises the steps of receiving a service processing request, acquiring corresponding user information, generating an access link according to the user information and acquiring a first authorization code; jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode as calling a native method, and acquiring a second authorization code corresponding to the calling mode; the first authorization code and the second authorization code are verified, and in response to the verification passing, the native method is executed on the access page, so that execution result information is obtained; and executing subsequent business logic on the access page according to the execution result information. By generating the access link according to the user information and performing authorization code verification when the client calls the native method, the transaction safety is ensured while the business requirements are met and the APP basic service is called.

Description

Service processing method and device, electronic equipment and computer readable medium
Technical Field
The present application relates to the field of mobile internet technologies, and in particular, to a service processing method and apparatus, an electronic device, and a computer-readable medium.
Background
At present, after an APP native method is agreed, an H5 link can be directly called to carry out page skipping through an H5 skip client page, and the transaction safety cannot be guaranteed. And the client H5 program cannot call the basic service of the APP, resulting in that the key function cannot be implemented.
In the process of implementing the present application, the inventor finds that at least the following problems exist in the prior art:
when the page jump is carried out, the safety is low, and key functions cannot be realized due to the fact that APP basic services cannot be called.
Disclosure of Invention
In view of this, embodiments of the present application provide a service processing method, an apparatus, an electronic device, and a computer readable medium, which can solve the problems that security is low and key functions cannot be realized due to inability to call APP basic services when a page jump is performed in the prior art.
In order to achieve the above object, according to an aspect of the embodiments of the present application, a service processing method is provided, including:
receiving a service processing request, acquiring corresponding user information, generating an access link according to the user information and acquiring a first authorization code;
jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode as calling a native method, and acquiring a second authorization code corresponding to the calling mode;
the first authorization code and the second authorization code are verified, and in response to the verification passing, the native method is executed on the access page, so that execution result information is obtained;
and executing subsequent business logic on the access page according to the execution result information.
Optionally, after determining the calling mode, the method further includes:
responding to the calling mode of calling the server-side interface, acquiring a request message, encrypting the request message, and further acquiring response data corresponding to the encrypted request message;
and executing subsequent business logic according to the response data.
Optionally, after checking the first and second authorization codes, the method further comprises:
and responding to the verification failure, generating and outputting authentication failure prompt information.
Optionally, encrypting the request packet includes:
and acquiring a server public key generated by the server background according to the asymmetric encryption algorithm, and encrypting the request message by using the server public key to generate an encrypted request message.
Optionally, the obtaining response data corresponding to the encrypted request packet includes:
the server side private key generated by the server side background according to the asymmetric encryption algorithm is obtained, and the encrypted request message is decrypted by the server side private key to generate a decryption request message;
acquiring a corresponding response message according to the decryption request message, acquiring a client public key generated by a client background according to an asymmetric encryption algorithm, and encrypting the response message by using the client public key to generate an encrypted response message;
and acquiring a client private key generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data.
Optionally, the client background and the server background share the client public key and the server public key.
Optionally, before generating the access link according to the user information and acquiring the first authorization code, the method further includes:
the user information is encrypted with the client public key to generate an access link.
In addition, the present application also provides a service processing apparatus, including:
the receiving unit is configured to receive the service processing request, acquire corresponding user information, further generate an access link according to the user information and acquire a first authorization code;
the authorization code acquisition unit is configured to jump to a corresponding access page according to the access link, determine a calling mode, and acquire a second authorization code corresponding to the calling mode in response to the calling mode being a calling native method;
the verification unit is configured to verify the first authorization code and the second authorization code, and in response to the verification passing, the native method is executed on the access page, so that execution result information is obtained;
and the execution unit is configured to execute the subsequent business logic on the access page according to the execution result information.
Optionally, the execution unit is further configured to:
responding to the calling mode of calling the server-side interface, acquiring a request message, encrypting the request message, and further acquiring response data corresponding to the encrypted request message;
and executing subsequent business logic according to the response data.
Optionally, the verification unit is further configured to:
and responding to the verification failure, generating and outputting authentication failure prompt information.
Optionally, the execution unit is further configured to:
and acquiring a server public key generated by the server background according to the asymmetric encryption algorithm, and encrypting the request message by using the server public key to generate an encrypted request message.
Optionally, the execution unit is further configured to:
acquiring a server private key generated by a server background according to an asymmetric encryption algorithm, and decrypting the encrypted request message by using the server private key to generate a decrypted request message;
acquiring a corresponding response message according to the decryption request message, acquiring a client public key generated by a client background according to an asymmetric encryption algorithm, and encrypting the response message by using the client public key to generate an encrypted response message;
and acquiring a client private key generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data.
Optionally, the client background and the server background share the client public key and the server public key.
Optionally, before generating the access link according to the user information and obtaining the first authorization code, the method is further configured to:
the user information is encrypted with the client public key to generate an access link.
In addition, the present application also provides a service processing electronic device, including: one or more processors; a storage device for storing one or more programs which, when executed by one or more processors, cause the one or more processors to implement the business process method as described above.
In addition, the present application also provides a computer readable medium, on which a computer program is stored, which when executed by a processor implements the service processing method as described above.
To achieve the above object, according to still another aspect of embodiments of the present application, there is provided a computer program product.
A computer program product according to an embodiment of the present application includes a computer program, and when the computer program is executed by a processor, the computer program implements the service processing method provided in the embodiment of the present application.
One embodiment of the above invention has the following advantages or benefits: the method comprises the steps of obtaining corresponding user information by receiving a service processing request, further generating an access link according to the user information and obtaining a first authorization code; jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode as calling a native method, and acquiring a second authorization code corresponding to the calling mode; the first authorization code and the second authorization code are verified, and in response to the verification passing, the native method is executed on the access page, so that execution result information is obtained; and executing subsequent business logic on the access page according to the execution result information. By generating the access link according to the user information and performing authorization code verification when the client calls the native method, the transaction safety is ensured while the business requirements are met and the calling of APP basic service is realized.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a further understanding of the application and are not to be construed as limiting the application. Wherein:
fig. 1 is a schematic diagram of a main flow of a business processing method according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a main flow of a business process method according to one embodiment of the present application;
FIG. 3 is a schematic main flow chart diagram of a business processing method according to an embodiment of the present application;
FIG. 4 is a schematic main flow diagram of a business processing method according to an embodiment of the present application;
fig. 5 is a schematic diagram of the main elements of a traffic processing apparatus according to an embodiment of the present application;
FIG. 6 is an exemplary system architecture diagram to which embodiments of the present application may be applied;
fig. 7 is a schematic structural diagram of a computer system suitable for implementing the terminal device or the server according to the embodiment of the present application.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness. According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations.
Fig. 1 is a schematic diagram of a main flow of a service processing method according to an embodiment of the present application, and as shown in fig. 1, the service processing method includes:
step S101, receiving a service processing request, obtaining corresponding user information, further generating an access link according to the user information, and obtaining a first authorization code.
In this embodiment, an execution main body (for example, a server) of the service processing method may receive the service processing request through a wired connection or a wireless connection. The business process may be, for example, login, real name authentication, and the like. After receiving the service processing request, the execution main body may obtain user information corresponding to the request, specifically may jump to a link address carried in the request to obtain the user information stored in the address, and further encrypt the user information to generate an access link, where the access link may be, for example, an H5 link. When the execution body generates the access link, an authorization code, referred to herein as a first authorization code, may be randomly generated for performing authorization check of a subsequent service.
And S102, jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode as a calling native method, and acquiring a second authorization code corresponding to the calling mode.
And jumping to a corresponding access page through the access link generated according to the user information, and displaying the access page to the user so that the user can select a calling mode and obtain the calling mode selected by the user. The calling mode comprises calling a native method and calling a server interface. When the execution subject determines that the calling mode selected by the user is calling the native method, the attached authorization code can be obtained and used as the second authorization code.
And S103, checking the first authorization code and the second authorization code, responding to the passing of the checking, executing the native method on the access page, and further obtaining the execution result information.
The execution subject may compare whether the first authorization code and the second authorization code are consistent to check, and when the first authorization code and the second authorization code are consistent, that is, when the check is passed, a native method such as login and real-name authentication is executed on the access page, and execution result information is obtained. The execution result information may specifically be information of success or failure of login, success or failure of real-name authentication, or the like.
Specifically, after the first authorization code and the second authorization code are verified, the service processing method further includes:
and responding to the verification failure, generating and outputting authentication failure prompt information.
And step S104, executing subsequent business logic on the access page according to the execution result information.
The subsequent service logic may specifically refer to logic such as data query and data update.
In the embodiment, the corresponding user information is acquired by receiving the service processing request, and then an access link is generated according to the user information and a first authorization code is acquired; jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode being a calling native method, and acquiring a second authorization code corresponding to the calling mode; the first authorization code and the second authorization code are verified, and the native method is executed on the access page in response to passing of verification, so that execution result information is obtained; and executing subsequent business logic on the access page according to the execution result information. By generating the access link according to the user information and performing authorization code verification when the client calls the native method, the transaction safety is ensured while the business requirements are met and the calling of APP basic service is realized.
Fig. 2 is a schematic main flow diagram of a service processing method according to an embodiment of the present application, and as shown in fig. 2, the service processing method includes:
step S201, receiving a service processing request, obtaining corresponding user information, generating an access link according to the user information, and obtaining a first authorization code.
And S202, jumping to a corresponding access page according to the access link, and determining a calling mode.
Step S203, in response to the calling mode being to call the server interface, obtaining the request message, encrypting the request message, and further obtaining the response data corresponding to the encrypted request message.
Specifically, encrypting the request packet includes:
and acquiring a server public key (such as serverPubKey) generated by the server background according to an asymmetric encryption algorithm (such as an RSA encryption algorithm), and encrypting the request message by using the server public key to generate an encrypted request message.
Specifically, acquiring response data corresponding to the encrypted request packet includes:
acquiring a server private key (such as serverpivkey) generated by a server background according to an asymmetric encryption algorithm (such as RSA encryption algorithm), and decrypting the encrypted request message by using the server private key to generate a decrypted request message;
acquiring a corresponding response message according to the decryption request message, acquiring a client public key (such as a clientPubKey) generated by a client background according to an asymmetric encryption algorithm, and encrypting the response message by using the client public key (such as the clientPubKey) to generate an encrypted response message;
and acquiring a client private key (such as a clientPrivKey) generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data. Specifically, the response data may be, for example, login success response data or real-name authentication success response data, and the content of the response data is not specifically limited in the embodiment of the present application.
Specifically, before generating the access link according to the user information and acquiring the first authorization code, the method further includes:
the user information is encrypted with a client public key (e.g., clientPubKey) to generate an access link. Therefore, the business requirements are ensured, and meanwhile, the transaction safety during business processing is also ensured.
Specifically, the client background and the server background share the client public key and the server public key.
And step S204, executing subsequent business logic according to the response data.
The subsequent service logic may be, for example, a data query logic or a data update logic, and the content of the subsequent service logic is not specifically limited in this embodiment of the application.
Step S205, in response to the calling mode being the calling native method, obtain a second authorization code corresponding to the calling mode.
The native method may be, for example, a login method, a real-name authentication method, and the like, and the content of the native method is not specifically limited in the embodiments of the present application.
And S206, checking the first authorization code and the second authorization code, responding to the passing of the checking, and executing the native method on the access page to further obtain the execution result information.
And step S207, executing subsequent service logic on the access page according to the execution result information.
According to the embodiment of the application, the APP user information is encrypted and then spliced to the H5 link by using the RSA algorithm, and meanwhile, the authorization code is generated through the background, and authorization verification is performed when the client (namely three parties) H5 calls the APP native method. Through RSA encryption and decryption messages, a client (namely three parties) H5 can call an APP server background method in a network request mode, business requirements are met, and meanwhile transaction safety is guaranteed.
Fig. 3 is a schematic main flow diagram of a service processing method according to an embodiment of the present application, and as shown in fig. 3, the service processing method includes:
step S301, receiving a service processing request, obtaining corresponding user information, further generating an access link according to the user information, and obtaining a first authorization code.
The service processing request may be, for example, a request for login, real name authentication, or the like. The user information may include, for example, a user name, a user credit rating, and the like. The user information is encrypted to generate an access link, which may be, for example, an H5 link. When the execution body generates the access link, an authorization code, referred to herein as a first authorization code, may be randomly generated for performing authorization check of a subsequent service.
And step S302, jumping to a corresponding access page according to the access link, and determining a calling mode.
In the embodiment of the application, the calling mode comprises calling a native method and calling a server-side interface. When the execution subject determines that the calling mode selected by the user is calling the native method, the attached authorization code can be obtained and used as the second authorization code.
Step S303, responding to the calling mode of calling the server interface, and acquiring the request message.
Step S304, a server public key (e.g., serverPubKey) generated by the server background according to the asymmetric encryption algorithm (e.g., RSA encryption algorithm) is obtained, and the request packet is encrypted by using the server public key to generate an encrypted request packet.
Step S305, obtaining a server private key (e.g., serverpivkey) generated by the server background according to the asymmetric encryption algorithm (e.g., RSA encryption algorithm), and decrypting the encrypted request message by using the server private key to generate a decrypted request message.
Step S306, obtaining a corresponding response message according to the decryption request message, obtaining a client public key (e.g., clientPubKey) generated by the client background according to the asymmetric encryption algorithm, and then encrypting the response message by using the client public key (e.g., clientPubKey) to generate an encrypted response message.
In the embodiment of the application, a client private key (such as a clientPrivKey) generated by a client background according to an asymmetric encryption algorithm is acquired, and the encrypted response message is decrypted by using the client private key to obtain response data. Specifically, the response data may be, for example, login success response data or real-name authentication success response data, and the content of the response data is not specifically limited in the embodiment of the present application.
And step S307, acquiring a client private key generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data.
Specifically, the response data may be, for example, login success response data or real-name authentication success response data, and the content of the response data is not specifically limited in the embodiment of the present application.
And step S308, executing subsequent business logic according to the response data.
In the embodiment of the present application, the subsequent service logic may specifically refer to logic such as data query and data update.
Step S309, in response to the calling mode being the calling of the native method, obtaining a second authorization code corresponding to the calling mode.
Step S310, the first authorization code and the second authorization code are verified, and in response to the verification passing, the native method is executed on the access page, so that execution result information is obtained.
And step S311, executing subsequent service logic on the access page according to the execution result information.
According to the embodiment of the application, the APP user information is encrypted and then spliced to the H5 link by utilizing the RSA algorithm, and meanwhile, the authorization code is generated through the background, and authorization verification is carried out when the client (namely three parties) H5 calls the APP native method. Through RSA encryption and decryption messages, a client (namely three parties) H5 can call an APP server background method in a network request mode, business requirements are met, and meanwhile transaction safety is guaranteed.
Fig. 4 is a schematic view of an application scenario of a service processing method according to an embodiment of the present application. The service processing method of the embodiment of the application is applied to a scene of skipping to a client page through an H5 link for service processing. In the embodiment of the application, the Hybrid app: the Hybrid app is developed by using a network language and a program language at the same time, a mobile operating system is distinguished through an application store, and mobile applications which need to be installed and used by users are distributed. The Hybrid app has the advantages of good user interaction experience of Native apps and the advantages of cross-platform development of Web apps. The RSA algorithm: the RSA public key cryptosystem is a cryptosystem that uses different encryption and decryption keys, and it is computationally infeasible to derive the decryption key from a known encryption key. JSbridge: JSBridge is a technology that has emerged with the popularity of Hybrid apps. JSBridge is a communication mode between JS and Native, that is, defining the communication between Native and JS, where Native calls JS only through a fixed bridge object, and JS calls Native only through a fixed bridge object.
As shown in fig. 4, the APP performs JSBridge initialization, the server background generates a public key (e.g., serverPubKey) and a private key (e.g., serverpivkey) through an RSA algorithm, calls the server background to encrypt user information, generates a client (i.e., three-party) H5 link, and obtains an authorization code (authcode) from the server (background). Meanwhile, the client (i.e. three-party) background also generates a public key (e.g. clientPubKey) and a private key (e.g. clientPubKey) by the RSA algorithm. The client (i.e. three-party) background decrypts the parameters of the jump link by using a private key (e.g. clientPubKey) to obtain the user information and an authorization code. The client (i.e., three party) H5 can invoke the APP method in two ways: one method is to call an APP Native method through JSbridge and utilize an authorization code to perform security check; and the other method is to call an APP server background method in a network request mode and encrypt and decrypt messages by using an RSA algorithm.
The specific steps, as shown in fig. 4:
step 1: and the server side carries out JSbridge initialization and realizes a Native method.
And 2, step: the server background and the client (namely three parties) background respectively generate a pair of public key and private key according to RSA algorithm.
And step 3: and the server side calls a server side background interface to encrypt the user information, generates an H5 link and acquires the authorization code.
And 4, step 4: and clicking the service transaction function entrance by the user, and jumping to a client (namely a three-party) H5 page according to the H5 link.
And 5: the client (i.e., three party) H5 calls the APP native method and passes in the authorization code. When the original method is executed, the authorization code obtained in the step 3 and the input authorization code are checked, if the authorization code passes the check, the execution is continued, otherwise, the authentication failure is prompted.
Step 6: the client (i.e., the third party) background encrypts the request message (i.e., the request data) by using a public key (e.g., serverPubKey) generated by the server background, and the request header contains the allocated api (i.e., APP identifier, such as APP number) and the server background decrypts the request message by using a private key (e.g., serverpivkey). And then, encrypting a corresponding message by using a public key (such as a clientPubKey) generated by the background of the client (namely, the three parties), and returning the message to the background of the client (namely, the three parties). The client (i.e. the third party) background decrypts the response message through a private key (e.g. clientPrivKey), and then returns the response message to the client (i.e. the third party) H5.
And 7: the client (i.e., the third party) H5 may obtain data according to the two calling modes, and continue to execute subsequent service logic after obtaining the data.
According to the embodiment of the application, the APP user information is encrypted and then spliced to the H5 link by using the RSA algorithm, and meanwhile, the authorization code is generated through the background, and authorization verification is performed when the client (namely three parties) H5 calls the APP native method. Through the RSA encryption and decryption message, the client (namely three parties) H5 can also call an APP server background method in a network request mode, and the transaction safety is guaranteed while the business requirements are met.
Fig. 5 is a schematic diagram of main units of a service processing apparatus according to an embodiment of the present application. As shown in fig. 5, the service processing apparatus 500 includes a receiving unit 501, an authorization code obtaining unit 502, a checking unit 503, and an executing unit 504.
The receiving unit 501 is configured to receive the service processing request, obtain corresponding user information, generate an access link according to the user information, and obtain a first authorization code.
The authorization code obtaining unit 502 is configured to jump to a corresponding access page according to the access link, determine a calling mode, and obtain a second authorization code corresponding to the calling mode in response to the calling mode being a calling native method.
The checking unit 503 is configured to check the first authorization code and the second authorization code, and in response to the check passing, execute the native method on the access page to obtain the execution result information.
And the execution unit 504 is configured to execute the subsequent business logic on the access page according to the execution result information.
In some embodiments, the execution unit 504 is further configured to: responding to the calling mode of calling the server-side interface, acquiring a request message, encrypting the request message, and further acquiring response data corresponding to the encrypted request message; and executing subsequent business logic according to the response data.
In some embodiments, the verification unit 503 is further configured to: and responding to the verification failure, generating and outputting authentication failure prompt information.
In some embodiments, the execution unit 504 is further configured to: and acquiring a server public key generated by the server background according to the asymmetric encryption algorithm, and encrypting the request message by using the server public key to generate an encrypted request message.
In some embodiments, the execution unit 504 is further configured to: acquiring a server private key generated by a server background according to an asymmetric encryption algorithm, and decrypting the encrypted request message by using the server private key to generate a decrypted request message; acquiring a corresponding response message according to the decryption request message, acquiring a client public key generated by a client background according to an asymmetric encryption algorithm, and encrypting the response message by using the client public key to generate an encrypted response message; and acquiring a client private key generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data.
In some embodiments, the client backend and the server backend share a client public key and a server public key.
In some embodiments, the receiving unit 501 is further configured to: the user information is encrypted with the client public key to generate an access link.
It should be noted that the service processing method and the service processing apparatus of the present application have corresponding relation in specific implementation content, and therefore repeated content is not described again.
Fig. 6 shows an exemplary system architecture 600 to which the service processing method or the service processing apparatus according to the embodiment of the present application may be applied.
As shown in fig. 6, the system architecture 600 may include terminal devices 601, 602, 603, a network 604, and a server 605. The network 604 serves to provide a medium for communication links between the terminal devices 601, 602, 603 and the server 605. Network 604 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use the terminal devices 601, 602, 603 to interact with a server 605, via a network 604, to receive or send messages or the like. The terminal devices 601, 602, 603 may have installed thereon various communication client applications, such as shopping applications, web browser applications, search applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 601, 602, 603 may be various electronic devices having a business process screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 605 may be a server providing various services, such as a server side management server (for example only) providing support for business processing requests submitted by users using the terminal devices 601, 602, 603. The server management server can receive the service processing request, acquire corresponding user information, generate an access link according to the user information and acquire a first authorization code; jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode being a calling native method, and acquiring a second authorization code corresponding to the calling mode; the first authorization code and the second authorization code are verified, and the native method is executed on the access page in response to passing of verification, so that execution result information is obtained; and executing subsequent business logic on the access page according to the execution result information. By generating the access link according to the user information and performing authorization code verification when the client calls the native method, the transaction safety is ensured while the business requirements are met and the calling of APP basic service is realized.
It should be noted that the service processing method provided in the embodiment of the present application is generally executed by the server 605, and accordingly, the service processing apparatus is generally disposed in the server 605.
It should be understood that the number of terminal devices, networks, and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for an implementation.
Referring now to FIG. 7, shown is a block diagram of a computer system 700 suitable for use in implementing a terminal device of an embodiment of the present application. The terminal device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU) 701, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM703, various programs and data necessary for the operation of the computer system 700 are also stored. The CPU701, the ROM702, and the RAM703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a liquid crystal credit authorization query processor (LCD), and the like, and a speaker and the like; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to embodiments disclosed herein, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, embodiments disclosed herein include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program executes the above-described functions defined in the system of the present application when executed by the Central Processing Unit (CPU) 701.
It should be noted that the computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may include, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present application may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a receiving unit, an authorization code acquiring unit, a checking unit, and an executing unit. Wherein the names of the elements do not in some way constitute a limitation on the elements themselves.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs, and when the one or more programs are executed by the device, the device receives a service processing request, acquires corresponding user information, generates an access link according to the user information, and acquires a first authorization code; jumping to a corresponding access page according to the access link, determining a calling mode, responding to the calling mode as calling a native method, and acquiring a second authorization code corresponding to the calling mode; the first authorization code and the second authorization code are verified, and the native method is executed on the access page in response to passing of verification, so that execution result information is obtained; and executing subsequent business logic on the access page according to the execution result information.
The computer program product of the present application includes a computer program, and the computer program realizes the service processing method in the embodiment of the present application when being executed by a processor.
According to the technical scheme of the embodiment of the application, the access link is generated according to the user information, and the authorization code is checked when the client calls the native method, so that the transaction safety is ensured while the business requirements are met and the APP basic service is called.
The above-described embodiments should not be construed as limiting the scope of the present application. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (16)

1. A method for processing a service, comprising:
receiving a service processing request, acquiring corresponding user information, further generating an access link according to the user information and acquiring a first authorization code;
jumping to a corresponding access page according to the access link, determining a calling mode, and acquiring a second authorization code corresponding to the calling mode in response to the calling mode being a calling native method;
the first authorization code and the second authorization code are verified, a native method is executed on the access page in response to the verification passing, and then execution result information is obtained;
and executing subsequent service logic on the access page according to the execution result information.
2. The method of claim 1, wherein after the determining the manner of invocation, the method further comprises:
responding to the calling mode that a server interface is called, acquiring a request message, encrypting the request message, and further acquiring response data corresponding to the encrypted request message;
and executing subsequent service logic according to the response data.
3. The method of claim 1, wherein after the verifying the first and second authorization codes, the method further comprises:
and responding to the verification failure, generating and outputting authentication failure prompt information.
4. The method according to claim 2, wherein the encrypting the request message comprises:
and acquiring a server public key generated by the server background according to the asymmetric encryption algorithm, and encrypting the request message by using the server public key to generate an encrypted request message.
5. The method according to claim 4, wherein the obtaining response data corresponding to the encrypted request message comprises:
acquiring a server private key generated by a server background according to an asymmetric encryption algorithm, and decrypting the encrypted request message by using the server private key to generate a decryption request message;
acquiring a corresponding response message according to the decryption request message, acquiring a client public key generated by a client background according to an asymmetric encryption algorithm, and encrypting the response message by using the client public key to generate an encrypted response message;
and acquiring a client private key generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data.
6. The method of claim 5, wherein the client backend and the server backend share the client public key and the server public key.
7. The method of claim 5, wherein prior to the generating an access link based on the user information and obtaining a first authorization code, the method further comprises:
and encrypting the user information by utilizing the client public key to generate an access link.
8. A traffic processing apparatus, comprising:
the receiving unit is configured to receive a service processing request, acquire corresponding user information, further generate an access link according to the user information and acquire a first authorization code;
the authorization code acquisition unit is configured to jump to a corresponding access page according to the access link, determine a calling mode, and acquire a second authorization code corresponding to the calling mode in response to the calling mode being a calling native method;
a verification unit configured to verify the first authorization code and the second authorization code, and in response to a verification pass, execute a native method on the access page to obtain execution result information;
and the execution unit is configured to execute subsequent business logic on the access page according to the execution result information.
9. The apparatus of claim 8, wherein the execution unit is further configured to:
responding to the calling mode of calling a server-side interface, acquiring a request message, encrypting the request message, and further acquiring response data corresponding to the encrypted request message;
and executing subsequent service logic according to the response data.
10. The apparatus of claim 8, wherein the verification unit is further configured to:
and responding to the verification failure, generating and outputting authentication failure prompt information.
11. The apparatus of claim 9, wherein the execution unit is further configured to:
and acquiring a server public key generated by the server background according to the asymmetric encryption algorithm, and encrypting the request message by using the server public key to generate an encrypted request message.
12. The apparatus of claim 11, wherein the execution unit is further configured to:
acquiring a server private key generated by a server background according to an asymmetric encryption algorithm, and decrypting the encrypted request message by using the server private key to generate a decryption request message;
acquiring a corresponding response message according to the decryption request message, acquiring a client public key generated by a client background according to an asymmetric encryption algorithm, and encrypting the response message by using the client public key to generate an encrypted response message;
and acquiring a client private key generated by the client background according to the asymmetric encryption algorithm, and decrypting the encrypted response message by using the client private key to obtain response data.
13. The apparatus of claim 12, wherein the client backend and the server backend share the client public key and the server public key.
14. A transaction processing electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-7.
15. A computer-readable medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the method of any one of claims 1-7.
16. A computer program product comprising a computer program, wherein the computer program, when executed by a processor, implements the method of any one of claims 1-7.
CN202211196785.5A 2022-09-28 2022-09-28 Service processing method and device, electronic equipment and computer readable medium Pending CN115630249A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211196785.5A CN115630249A (en) 2022-09-28 2022-09-28 Service processing method and device, electronic equipment and computer readable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211196785.5A CN115630249A (en) 2022-09-28 2022-09-28 Service processing method and device, electronic equipment and computer readable medium

Publications (1)

Publication Number Publication Date
CN115630249A true CN115630249A (en) 2023-01-20

Family

ID=84904418

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211196785.5A Pending CN115630249A (en) 2022-09-28 2022-09-28 Service processing method and device, electronic equipment and computer readable medium

Country Status (1)

Country Link
CN (1) CN115630249A (en)

Similar Documents

Publication Publication Date Title
CN107249004B (en) Identity authentication method, device and client
CN107888656B (en) Calling method and calling device of server-side interface
US11588642B2 (en) Method and apparatus for sharing and acquiring information
CN109981576B (en) Key migration method and device
CN112883435B (en) Method and equipment for realizing safe communication with intelligent contract
CN110377440B (en) Information processing method and device
CN108923925B (en) Data storage method and device applied to block chain
CN109660534B (en) Multi-merchant-based security authentication method and device, electronic equipment and storage medium
CN112437044B (en) Instant messaging method and device
CN112039826A (en) Login method and device applied to applet terminal
CN111199037A (en) Login method, system and device
CN111246407B (en) Data encryption and decryption method and device for short message transmission
CN106411520B (en) Method, device and system for processing virtual resource data
CN112004201A (en) Short message sending method and device and computer system
CN111416788B (en) Method and device for preventing transmission data from being tampered
CN113282951A (en) Security verification method, device and equipment for application program
CN112329044A (en) Information acquisition method and device, electronic equipment and computer readable medium
CN109995534B (en) Method and device for carrying out security authentication on application program
CN112966286B (en) Method, system, device and computer readable medium for user login
CN115630249A (en) Service processing method and device, electronic equipment and computer readable medium
CN111355584B (en) Method and apparatus for generating blockchain multi-signatures
CN113761566A (en) Data processing method and device
CN112926076B (en) Data processing method, device and system
CN116112172B (en) Android client gRPC interface security verification method and device
CN113452771B (en) Interface calling method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination