CN113221154A - Service password obtaining method and device, electronic equipment and storage medium - Google Patents
Service password obtaining method and device, electronic equipment and storage mediumDownload PDFInfo
- Publication number
- CN113221154A CN113221154ACN202110607855.0ACN202110607855ACN113221154ACN 113221154 ACN113221154 ACN 113221154ACN 202110607855 ACN202110607855 ACN 202110607855ACN 113221154 ACN113221154 ACN 113221154A
- Authority
- CN
- China
- Prior art keywords
- password
- service
- service password
- interface
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
Description
Technical Field
The present invention relates to the field of security, and in particular, to a method and an apparatus for obtaining a service password, an electronic device, and a computer-readable storage medium.
Background
With the operation and development of systems in an enterprise, at present, service passwords of applications in a production environment are hosted on a server, and hosted service password acquisition is realized through a client, but such a manner means that different implementation manners for acquiring the service passwords hosted on the server by different clients are different, and the manner for acquiring the hosted passwords by the client is to initiate a request to the server every time the application service needs to use the passwords, which easily causes certain security risk in acquiring the service passwords.
Disclosure of Invention
The invention provides a service password acquisition method, a service password acquisition device, electronic equipment and a computer readable storage medium, and mainly aims to improve the security of service password acquisition.
In order to achieve the above object, the present invention provides a service password obtaining method, including:
receiving a service password acquisition request of a client, and calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request;
when the interface is successfully verified, inquiring a service password from the password escrow platform according to the service password acquisition request;
if the service password is not inquired, inquiring the service password from a server corresponding to the client according to the service password acquisition request, and returning the inquired service password to the client;
and if the service password is inquired, decrypting the service password and returning the service password to the client.
Optionally, before the invoking of the password hosting platform corresponding to the client performs interface verification on the service password acquisition request, the method further includes:
acquiring an interface parameter object of a password hosting platform corresponding to the client, and converting the interface parameter object into a corresponding interface response message;
and analyzing the interface response message and then generating a corresponding interface verification script.
Optionally, the invoking a password hosting platform corresponding to the client to perform interface verification on the service password acquisition request includes:
acquiring a password request parameter of the service password acquisition request, performing interface conversion on the password request parameter, and generating an interface calling parameter;
and executing interface verification of the interface calling parameter according to the interface verification script.
Optionally, the performing, according to the interface verification script, interface verification of the interface call parameter includes:
calculating the matching degree of the interface calling parameter in the service password obtaining request and the interface response message in the interface verification script;
if the matching degree is not greater than the preset matching degree, the service password acquisition request fails to be verified;
and if the matching degree is greater than the preset matching degree, the service password acquisition request is verified successfully.
Optionally, the calculating a matching degree between the interface call parameter in the service password obtaining request and the interface response packet in the interface verification script includes:
calculating the matching degree of the interface calling parameter in the service password obtaining request and the interface response message in the interface verification script by using the following formula:
wherein T (x, y) represents a degree of matching, xiIndicating the ith interface call parameter, y, in the service password acquisition requestiAnd identifying the ith interface response message in the interface verification script.
Optionally, the querying a service password from the password hosting platform according to the service password obtaining request includes:
acquiring a password service identifier of the service password acquisition request;
and inquiring the password configuration identification corresponding to the password service identification from the password hosting platform to obtain an inquiry result.
Optionally, the querying a service password from a server corresponding to the client according to the service password obtaining request includes:
acquiring a password service identifier and a client identifier of the service password acquisition request;
and acquiring the service password of the password service identifier from the server corresponding to the client by using a query statement according to the client identifier.
In order to solve the above problem, the present invention further provides a service password obtaining apparatus, including:
the verification module is used for receiving a service password acquisition request of a client and calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request;
the query module is used for querying a service password from the password escrow platform according to the service password acquisition request when the interface is successfully verified;
the return module is used for inquiring the service password from the server corresponding to the client according to the service password acquisition request when the service password is not inquired, and returning the inquired service password to the client;
and the return module is also used for decrypting the service password and returning the service password to the client side when the service password is inquired.
In order to solve the above problem, the present invention also provides an electronic device, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor, the computer program being executed by the at least one processor to implement the service password acquisition method described above.
In order to solve the above problem, the present invention further provides a computer-readable storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in an electronic device to implement the service password obtaining method described above.
The method comprises the steps of firstly receiving a service password acquisition request of a client, calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request so as to identify that the service password acquisition request can normally access an application service program corresponding to the client, and ensuring the security of subsequent service password acquisition; secondly, when the interface is successfully verified, the embodiment of the invention queries the service password from the password escrow platform according to the service password acquisition request, can realize uniform management of the service password, and is compatible with different manners of escrow password requests, so as to further improve the security of the service password acquisition request. Therefore, the service password acquisition method, the service password acquisition device, the electronic equipment and the storage medium can improve the security of service password acquisition.
Drawings
Fig. 1 is a schematic flowchart of a service password obtaining method according to an embodiment of the present invention;
fig. 2 is a detailed flowchart illustrating a step of the service password obtaining method provided in fig. 1 according to a first embodiment of the present invention;
fig. 3 is a schematic block diagram of a service password obtaining apparatus according to an embodiment of the present invention;
fig. 4 is a schematic diagram of an internal structure of an electronic device implementing a service password obtaining method according to an embodiment of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The embodiment of the application provides a service password obtaining method. The execution subject of the service password obtaining method includes, but is not limited to, at least one of electronic devices such as a server and a terminal that can be configured to execute the method provided by the embodiments of the present application. In other words, the service password obtaining method may be performed by software or hardware installed in the terminal device or the server device, and the software may be a blockchain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like.
Fig. 1 is a schematic flow chart of a service password obtaining method according to an embodiment of the present invention. In the embodiment of the present invention, the service password obtaining method includes:
s1, receiving a service password acquisition request of the client, and calling a password hosting platform corresponding to the client to carry out interface verification on the password acquisition request.
In the embodiment of the present invention, the client may also be referred to as a mobile terminal, and is configured to load and access an application service. The service password obtaining request refers to a plaintext password for accessing a corresponding application service program in the client, and can be known as a loading password when the application service is started, such as a user login requirement password, a loading mall order password and an IP address password for searching a certain server. The password hosting platform is a Software Development Kit for hosting plain-text passwords, can be compatible with different password requests and password management modes, and is compiled by a Java programming language, and the Software Development Kit (SDK) is a Development tool set used by a Software engineer to establish application Software for a specific Software package, a Software framework, a hardware platform, an operating system and the like.
Further, it should be understood that, when accessing an application service program corresponding to a client, some illegal data may exist in a corresponding service password acquisition request, such as an error in a character encoding format, a blocked access authority, an error in user information, and the like, and therefore, the method provided by the invention uses a pre-constructed filter to legally verify the service password acquisition request before calling a password hosting platform corresponding to the client to perform interface verification on the password acquisition request, so as to intercept illegal data in the service password acquisition request, and ensure normal access of the service password acquisition request.
In one embodiment of the present invention, the pre-constructed filter is developed by using a Java framework, and the Java framework includes: the system comprises a Spring framework, a Mybatis framework and a SpringMVC framework, wherein the filter comprises a filter and a Servlet filter. The filter creation technology belongs to the current mature technology and is not described herein.
Further, when the service password obtaining request is successfully verified, it indicates that the service password obtaining request can normally access the application service program corresponding to the client, so that in the embodiment of the present invention, the password hosting platform corresponding to the client is called to perform interface verification on the service password obtaining request, so as to obtain the service password corresponding to the service password obtaining request, and thus, the application service loading and access corresponding to the client are realized.
Further, in this embodiment of the present invention, before the invoking the password hosting platform corresponding to the client to perform interface verification on the service password acquisition request, the method further includes: and configuring an interface verification script in the password hosting platform so as to realize interface verification with the service password acquisition request. Specifically, the configuring an interface verification script in the password hosting platform includes: acquiring an interface parameter object of a password hosting platform corresponding to the client, converting the interface parameter object into an interface response message by using a session method, analyzing the interface response message by using a JavaScript language, and generating an interface verification script. The interface response message can be understood as an interface implementation class of the password hosting platform and is used for being compatible with various password hosting request modes, so that the validity of the service password acquisition request can be verified, and normal data access between the client and the corresponding password hosting platform can be guaranteed.
In detail, referring to fig. 2, the invoking of the password hosting platform corresponding to the client to perform interface verification on the service password acquisition request includes:
s20, obtaining the password request parameter of the service password obtaining request, and performing interface conversion on the password request parameter to generate an interface calling parameter;
and S21, executing interface verification of the interface calling parameter according to the interface verification script.
In an optional embodiment, the password request parameter in the service password obtaining request is obtained through a request instruction, where the password request parameter includes parameters such as an application name, an application version, and a password.
In an optional embodiment, the interface conversion of the password request parameter may be implemented by a preset parameter interface conversion rule, and the parameter interface conversion parameter may be configured by a user through a SpringMVC framework.
In an optional embodiment, the performing, according to the interface verification script, interface verification of the interface invocation parameter includes: and calculating the matching degree of the interface calling parameter in the service password obtaining request and the interface response message in the interface verification script, wherein if the matching degree is not greater than the preset matching degree, the verification of the service password obtaining request fails, and if the matching degree is greater than the preset matching degree, the verification of the service password obtaining request succeeds. Optionally, the preset matching degree is 0.89, and may also be set according to an actual service scenario.
In an optional embodiment, the following formula is used to calculate the matching degree between the interface call parameter in the service password acquisition request and the interface response message in the interface verification script:
wherein T (x, y) represents a degree of matching, xiIndicating the ith interface call parameter, y, in the service password acquisition requestiAnd identifying the ith interface response message in the interface verification script.
And S2, when the interface is successfully verified, inquiring the service password from the password escrow platform according to the service password acquisition request.
It should be understood that, when the interface is successfully verified, it indicates that the corresponding service password acquisition request can normally access the password hosting platform, so in the embodiment of the present invention, according to the service password acquisition request, a service password is queried from the password hosting platform to acquire a start password of the application service corresponding to the client, thereby ensuring normal start of the application service.
Further, according to the service password obtaining request, the embodiment of the present invention further includes, before querying the service password from the password escrow platform: and constructing the password configuration identification of the password hosting platform so as to realize the matching of the subsequent password identification. The password configuration identifier refers to a configuration item identifier cached in the password hosting platform, and the configuration item identifier is a number code obtained by encoding a configuration item according to a preset encoding rule. The configuration item identifier and the configuration item have a one-to-one mapping relationship, for example, the configuration item identifier corresponding to the configuration item a is 001, and the configuration item identifier of the configuration item B is 002. Optionally, in the embodiment of the present invention, the configuration item in the spring container is used as the cache, and the configuration item resource of the cache is managed by the spring container, so that the service password is managed uniformly, and the operation performance and the user experience of the password hosting platform can be improved.
Specifically, the querying a service password from the password escrow platform according to the service password obtaining request includes: and acquiring a password service identifier of the service password acquisition request, and inquiring a password configuration identifier corresponding to the password service identifier from the password hosting platform to obtain an inquiry result.
The service Password identifier is used to represent information of a service application corresponding to the service Password acquisition request, such as Password _1, Password _2, Password _3, and the like, where Password _1 may be used to represent an inquiry identifier of a short message inquiry application, Password _2 may be used to represent a login identifier of a user login application, and Password _3 may be used to represent a payment identifier of an order payment application.
In an alternative embodiment, the query identified by the cryptographic configuration may be implemented by a query statement, such as a select statement.
If the service password is not inquired, executing S3, acquiring a request according to the service password, inquiring the service password from the server corresponding to the client, and returning the inquired service password to the client.
It should be understood that if the service password of the service password acquisition request is not queried in the password hosting platform, it indicates that the password hosting platform hosts no service password corresponding to the service password acquisition or hosts a corresponding service password that is invalid, and therefore in the embodiment of the present invention, according to the service password acquisition request, the service password is queried from the server corresponding to the client, so as to ensure normal loading of the service application corresponding to the service password acquisition request.
The querying a service password from a server corresponding to the client according to the service password obtaining request includes: and acquiring a password service identifier and a client identifier of the service password acquisition request, and acquiring the service password of the password service identifier from a server corresponding to the client by using a query statement according to the client identifier.
Further, the embodiment of the present invention returns the queried service password to the client, so as to ensure that the service application corresponding to the client is normally loaded.
Another application embodiment of the present invention further comprises: and encrypting the inquired service password and returning the encrypted service password to the password escrow platform so that the corresponding service password acquisition request can be directly inquired for the next time. Wherein the encryption of the service password can be realized by the currently known encryption algorithm (such as a symmetric encryption algorithm).
If the service password is inquired, executing S4, decrypting the service password and returning to the client.
It should be understood that, if the service password of the service password acquisition request is queried in the password hosting platform, it indicates that the password hosting platform hosts the service password corresponding to the service password acquisition request, and further, it should be understood that, the service password in the password hosting platform is acquired from a service end, and in order to ensure the security of the service password, the service password in the hosting platform is generated by encrypting through an encryption algorithm, which may be the above symmetric encryption algorithm, so that, in the embodiment of the present invention, the service password is decrypted and then returned to the client. The decryption of the service password is realized based on a corresponding encryption algorithm, for example, the encryption algorithm is a symmetric encryption algorithm, when the service password is encrypted by adopting the encryption algorithm, a key is generated, and the password escrow platform returns the key to the corresponding client to realize the decryption of the service password.
The method comprises the steps of firstly receiving a service password acquisition request of a client, calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request so as to identify that the service password acquisition request can normally access an application service program corresponding to the client, and ensuring the security of subsequent service password acquisition; secondly, when the interface is successfully verified, the embodiment of the invention queries the service password from the password escrow platform according to the service password acquisition request, can realize uniform management of the service password, and is compatible with different escrow password requests, so as to further improve the security of the service password acquisition request.
Fig. 3 is a functional block diagram of the service password acquiring apparatus according to the present invention.
The service password obtaining apparatus 100 according to the present invention may be installed in an electronic device. Depending on the implemented functions, the service password obtaining means may include a verification module 101, a query module 102, and a return module 103. A module according to the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and that can perform a fixed function, and that are stored in a memory of the electronic device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the verification module 101 is configured to receive a service password acquisition request of a client, and invoke a password hosting platform corresponding to the client to perform interface verification on the service password acquisition request;
the query module 102 is configured to query a service password from the password hosting platform according to the service password obtaining request when the interface verification is successful;
the returning module 103 is configured to, when the service password is not queried, query a service password from a server corresponding to the client according to the service password acquisition request, and return the queried service password to the client;
the returning module 103 is further configured to decrypt the service password and return the decrypted service password to the client when the service password is queried.
In detail, when the modules in the service password obtaining apparatus 100 according to the embodiment of the present invention are used, the same technical means as the service password obtaining method described in fig. 1 and fig. 2 are used, and the same technical effect can be produced, and details are not described here.
Fig. 4 is a schematic structural diagram of an electronic device implementing the service password obtaining method according to the present invention.
The electronic device 1 may comprise a processor 10, a memory 11 and a bus, and may further comprise a computer program, such as a service password obtaining program 12, stored in the memory 11 and operable on the processor 10.
The memory 11 includes at least one type of readable storage medium, which includes flash memory, removable hard disk, multimedia card, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may also be an external storage device of the electronic device 1 in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only to store application software installed in the electronic device 1 and various types of data, such as a code for service password acquisition, etc., but also to temporarily store data that has been output or is to be output.
The processor 10 may be composed of an integrated circuit in some embodiments, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same or different functions, including one or more Central Processing Units (CPUs), microprocessors, digital Processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device 1 by running or executing programs or modules (for example, executing the service password obtaining program 12 and the like) stored in the memory 11 and calling data stored in the memory 11.
The bus may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
Fig. 4 only shows an electronic device with components, and it will be understood by those skilled in the art that the structure shown in fig. 4 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than those shown, or some components may be combined, or a different arrangement of components.
For example, although not shown, the electronic device 1 may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so as to implement functions of charge management, discharge management, power consumption management, and the like through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device 1 may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.
Further, the electronic device 1 may further include a network interface, and optionally, the network interface may include a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used for establishing a communication connection between the electronic device 1 and other electronic devices.
Optionally, the electronic device 1 may further comprise a user interface, which may be a Display (Display), an input unit (such as a Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the electronic device 1 and for displaying a visualized user interface, among other things.
It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.
The service password obtaining 12 stored in the memory 11 of the electronic device 1 is a combination of a plurality of computer programs, which when executed in the processor 10, can implement:
receiving a service password acquisition request of a client, and calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request;
when the interface is successfully verified, inquiring a service password from the password escrow platform according to the service password acquisition request;
if the service password is not inquired, inquiring the service password from a server corresponding to the client according to the service password acquisition request, and returning the inquired service password to the client;
and if the service password is inquired, decrypting the service password and returning the service password to the client.
Specifically, the processor 10 may refer to the description of the relevant steps in the embodiment corresponding to fig. 1 for a specific implementation method of the computer program, which is not described herein again.
Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a non-volatile computer-readable storage medium. The computer readable storage medium may be volatile or non-volatile. For example, the computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).
The present invention also provides a computer-readable storage medium, storing a computer program which, when executed by a processor of an electronic device, may implement:
receiving a service password acquisition request of a client, and calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request;
when the interface is successfully verified, inquiring a service password from the password escrow platform according to the service password acquisition request;
if the service password is not inquired, inquiring the service password from a server corresponding to the client according to the service password acquisition request, and returning the inquired service password to the client;
and if the service password is inquired, decrypting the service password and returning the service password to the client.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (10)
1. A service password acquisition method, characterized in that the method comprises:
receiving a service password acquisition request of a client, and calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request;
when the interface is successfully verified, inquiring a service password from the password escrow platform according to the service password acquisition request;
if the service password is not inquired, inquiring the service password from a server corresponding to the client according to the service password acquisition request, and returning the inquired service password to the client;
and if the service password is inquired, decrypting the service password and returning the service password to the client.
2. The method for obtaining the service password according to claim 1, wherein before the invoking of the password hosting platform corresponding to the client performs interface verification on the service password obtaining request, the method further comprises:
acquiring an interface parameter object of a password hosting platform corresponding to the client, and converting the interface parameter object into an interface response message;
and analyzing the interface response message and generating an interface verification script.
3. The method for obtaining the service password according to claim 2, wherein the invoking of the password hosting platform corresponding to the client performs interface verification on the service password obtaining request, and includes:
acquiring a password request parameter of the service password acquisition request, performing interface conversion on the password request parameter, and generating an interface calling parameter;
and executing interface verification of the interface calling parameter according to the interface verification script.
4. The service password obtaining method according to claim 3, wherein the performing interface verification of the interface call parameter according to the interface verification script includes:
calculating the matching degree of the interface calling parameter in the service password obtaining request and the interface response message in the interface verification script;
if the matching degree is not greater than the preset matching degree, the service password acquisition request fails to be verified;
and if the matching degree is greater than the preset matching degree, the service password acquisition request is verified successfully.
5. The method for obtaining the service password according to claim 4, wherein the calculating the matching degree between the interface call parameter in the service password obtaining request and the interface response message in the interface verification script comprises:
calculating the matching degree of the interface calling parameter in the service password obtaining request and the interface response message in the interface verification script by using the following formula:
wherein T (x, y) represents a degree of matching, xiIndicating the ith interface call parameter, y, in the service password acquisition requestiAnd identifying the ith interface response message in the interface verification script.
6. The method for acquiring the service password according to any one of claims 1 to 5, wherein the querying the service password from the password hosting platform according to the service password acquisition request comprises:
acquiring a password service identifier of the service password acquisition request;
and inquiring the password configuration identification corresponding to the password service identification from the password hosting platform to obtain an inquiry result.
7. The method according to any one of claims 1 to 5, wherein the querying a service password from a server corresponding to the client according to the service password obtaining request includes:
acquiring a password service identifier and a client identifier of the service password acquisition request;
and acquiring the service password of the password service identifier from the server corresponding to the client by using a query statement according to the client identifier.
8. A service password acquisition apparatus, characterized in that the apparatus comprises:
the verification module is used for receiving a service password acquisition request of a client and calling a password hosting platform corresponding to the client to carry out interface verification on the service password acquisition request;
the query module is used for querying a service password from the password escrow platform according to the service password acquisition request when the interface is successfully verified;
the return module is used for inquiring the service password from the server corresponding to the client according to the service password acquisition request when the service password is not inquired, and returning the inquired service password to the client;
and the return module is also used for decrypting the service password and returning the service password to the client side when the service password is inquired.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the service password acquisition method of any one of claims 1 to 7.
10. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the service password acquisition method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110607855.0ACN113221154A (en) | 2021-06-01 | 2021-06-01 | Service password obtaining method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110607855.0ACN113221154A (en) | 2021-06-01 | 2021-06-01 | Service password obtaining method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113221154Atrue CN113221154A (en) | 2021-08-06 |
Family
ID=77082108
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110607855.0APendingCN113221154A (en) | 2021-06-01 | 2021-06-01 | Service password obtaining method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113221154A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113726888A (en)* | 2021-08-31 | 2021-11-30 | 安天科技集团股份有限公司 | Cipher data processing method and device based on block chain, electronic equipment and medium |
| CN115022397A (en)* | 2022-06-16 | 2022-09-06 | 平安普惠企业管理有限公司 | Interface parameter simplifying method and device, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102866998A (en)* | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
| CN108092775A (en)* | 2016-11-23 | 2018-05-29 | 阿里巴巴集团控股有限公司 | A kind of method of calibration and device, electronic equipment |
| CN108418785A (en)* | 2017-12-13 | 2018-08-17 | 平安科技(深圳)有限公司 | Password call method, server and storage medium |
| CN109347839A (en)* | 2018-10-25 | 2019-02-15 | 深圳壹账通智能科技有限公司 | Centralized password management method and centralized password management, device, electronic equipment and computer storage medium |
| US20210036851A1 (en)* | 2019-07-29 | 2021-02-04 | EMC IP Holding Company LLC | Cryptographic key management using key proxies and generational indexes |
| CN112528307A (en)* | 2020-12-18 | 2021-03-19 | 平安银行股份有限公司 | Service request checking method and device, electronic equipment and storage medium |
- 2021
- 2021-06-01CNCN202110607855.0Apatent/CN113221154A/enactivePending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102866998A (en)* | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
| CN108092775A (en)* | 2016-11-23 | 2018-05-29 | 阿里巴巴集团控股有限公司 | A kind of method of calibration and device, electronic equipment |
| CN108418785A (en)* | 2017-12-13 | 2018-08-17 | 平安科技(深圳)有限公司 | Password call method, server and storage medium |
| CN109347839A (en)* | 2018-10-25 | 2019-02-15 | 深圳壹账通智能科技有限公司 | Centralized password management method and centralized password management, device, electronic equipment and computer storage medium |
| US20210036851A1 (en)* | 2019-07-29 | 2021-02-04 | EMC IP Holding Company LLC | Cryptographic key management using key proxies and generational indexes |
| CN112528307A (en)* | 2020-12-18 | 2021-03-19 | 平安银行股份有限公司 | Service request checking method and device, electronic equipment and storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113726888A (en)* | 2021-08-31 | 2021-11-30 | 安天科技集团股份有限公司 | Cipher data processing method and device based on block chain, electronic equipment and medium |
| CN115022397A (en)* | 2022-06-16 | 2022-09-06 | 平安普惠企业管理有限公司 | Interface parameter simplifying method and device, electronic equipment and storage medium |
| CN115022397B (en)* | 2022-06-16 | 2023-11-03 | 河南匠多多信息科技有限公司 | Interface parameter reduction method, device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113055380B (en) | Message processing method and device, electronic equipment and medium | |
| CN113422686B (en) | Gateway layer authentication method, system, electronic device and storage medium | |
| CN113127915A (en) | Data encryption desensitization method and device, electronic equipment and storage medium | |
| CN112948851A (en) | User authentication method, device, server and storage medium | |
| CN113691378A (en) | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium | |
| CN112217642A (en) | Data encryption sharing method and device, electronic equipment and computer storage medium | |
| CN114417374A (en) | Blockchain-based smart contract business card method, device, device and storage medium | |
| CN113420049A (en) | Data circulation method and device, electronic equipment and storage medium | |
| CN111209557A (en) | Cross-domain single sign-on method, device, electronic device and storage medium | |
| CN113221154A (en) | Service password obtaining method and device, electronic equipment and storage medium | |
| CN114726644A (en) | Data transmission method, device and equipment based on secret key encryption and storage medium | |
| CN115941352B (en) | Information security interaction method and device based on big data, electronic equipment and storage medium | |
| CN112988888B (en) | Key management method, device, electronic equipment and storage medium | |
| CN112217639B (en) | Data encryption sharing method and device, electronic equipment and computer storage medium | |
| CN114827161A (en) | Service calling request sending method and device, electronic equipment and readable storage medium | |
| CN115374150A (en) | Character string data query method, device, electronic equipment and storage medium | |
| CN112540839B (en) | Information changing method, device, electronic equipment and storage medium | |
| CN113918517A (en) | Multi-type file centralized management method, device, equipment and storage medium | |
| CN111934882B (en) | Identity authentication method and device based on block chain, electronic equipment and storage medium | |
| CN112150151A (en) | Secure payment method and device, electronic equipment and storage medium | |
| CN112417400A (en) | Security optimization method, device, electronic device and medium based on multi-cluster system | |
| CN112487400A (en) | Single sign-on method and device based on multiple pages, electronic equipment and storage medium | |
| CN111683070A (en) | Data transmission method and device based on identity encryption and storage medium | |
| CN111859351A (en) | Method, system, server and storage medium for writing information into chip | |
| CN114826725A (en) | Data interaction method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | Application publication date:20210806 | |
| WD01 | Invention patent application deemed withdrawn after publication |