Disclosure of Invention
In view of this, the present application provides a method and apparatus for generating an entitlement token, a storage medium, and a computer device, and aims to solve the problem that the service data response server needs to configure corresponding entitlement token verification rules for each user client in advance and select the matched verification rules according to different user clients, thereby increasing the response time of a service request and reducing the user experience because the forms of the entitlement tokens generated based on different user clients are not uniform.
According to one aspect of the present application, there is provided a method for generating a rights token, including:
receiving a generation request for an authority token initiated by a target user, wherein the generation request carries authentication information of the target user and a channel identification identifier of a generation request initiating client;
determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark, and verifying the authentication information based on the authentication information verification rule;
and if the verification result is passed, generating the permission token based on a preset permission token generation rule.
Preferably, if the verification result is passed, generating the permission token based on a preset permission token generation rule, including:
encoding the name of the preset authority token generation rule and a preset encryption algorithm based on a preset encoding rule to obtain a first sub-authority token;
the basic information of the right token is coded based on the preset coding rule, and a second sub right token is obtained;
performing connection processing on the first sub-right token and the second sub-right token to obtain a connection combination of the first sub-right token and the second sub-right token;
encrypting the connection combination based on the preset encryption algorithm and a preset private key to obtain a third sub-authority token;
and combining the first sub-rights token, the second sub-rights token and the third sub-rights token to generate a rights token.
Preferably, the rights token is stored in a local storage space of the target user client, and if the verification result is passed, after the rights token is generated based on a preset rights token generation rule, the method further includes:
receiving a request of the target user for service data, wherein the request carries a right token to be verified;
verifying the right token to be verified based on a preset public key;
and if the verification result is passed, transmitting the request to a service data response server so that the target user obtains a service response matched with the request.
Preferably, the verifying the rights token to be verified based on the preset public key specifically includes:
decoding a first sub-right token to be verified in the right tokens to be verified based on the preset encoding rule to obtain a preset encryption algorithm;
encrypting the connection combination of the first sub-right token to be verified and the second sub-right token to be verified in the right tokens to be verified based on the preset encryption algorithm and the preset public key to obtain an encryption result;
and determining a verification result according to the encryption result and a third sub-to-be-verified permission token in the to-be-verified permission tokens.
Preferably, before the receiving the request for generating the permission token initiated by the target user, the method further includes:
and generating a corresponding key pair for each client channel, and mapping and storing the key pair and each client channel.
Preferably, before the receiving the request for generating the permission token initiated by the target user, the method further includes:
configuring corresponding authentication information verification rules for each client channel, and mapping and storing the authentication information verification rules and each client channel.
Preferably, the service data is medical service data.
According to another aspect of the present application, there is provided an apparatus for generating an authority token, including:
the receiving module is used for receiving a generation request for the permission token initiated by a target user, wherein the generation request carries authentication information of the target user and a channel identification mark of a generation request initiating client;
the verification module is used for determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark and verifying the authentication information based on the authentication information verification rule;
and the generation module is used for generating the permission token based on a preset permission token generation rule if the verification result is passed.
Preferably, the generating module specifically includes:
the encoding unit is used for encoding the name of the preset authority token generation rule and a preset encryption algorithm based on a preset encoding rule to obtain a first sub-authority token;
the encoding unit is further used for encoding the basic information of the rights token based on the preset encoding rule to obtain a second sub-rights token;
the connection unit is used for carrying out connection processing on the first sub-right token and the second sub-right token to obtain a connection combination of the first sub-right token and the second sub-right token;
the first encryption unit is used for carrying out encryption processing on the connection combination based on the preset encryption algorithm and the preset private key to obtain a third sub-authority token;
and the generating unit is used for combining the first sub-rights token, the second sub-rights token and the third sub-rights token to generate a rights token.
Preferably, the rights token is stored in a local storage space of the target user client, and after the generating module, the apparatus further includes:
the receiving module is used for receiving a request of the target user for service data, wherein the request carries a right token to be verified;
the right token verification module is used for verifying the right token to be verified based on a preset public key;
and the transmission module is used for transmitting the request to a service data response server if the verification result is passed, so that the target user obtains the service response matched with the request.
Preferably, the rights token verification module specifically includes:
the decoding unit is used for decoding a first sub-right token to be verified in the right tokens to be verified based on the preset encoding rule to obtain a preset encryption algorithm;
the second encryption unit is used for carrying out encryption processing on the connection combination of the first sub-right token to be verified and the second sub-right token to be verified in the right tokens to be verified based on the preset encryption algorithm and the preset public key to obtain an encryption result;
and the determining unit is used for determining a verification result according to the encryption result and a third sub-to-be-verified permission token in the to-be-verified permission tokens.
Preferably, before the receiving module, the apparatus further includes:
and the first storage module is used for generating corresponding key pairs for the client channels and mapping and storing the key pairs and the client channels.
Preferably, before the receiving module, the apparatus further includes:
and the second storage module is used for configuring corresponding authentication information verification rules for each client channel and mapping and storing the authentication information verification rules and each client channel.
Preferably, the service data is medical service data.
According to still another aspect of the present application, there is provided a storage medium having stored therein at least one executable instruction for causing a processor to perform operations corresponding to the above-described method of generating an entitlement token.
According to still another aspect of the present application, there is provided a computer apparatus including: the device comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete communication with each other through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the operation corresponding to the generation method of the authority token.
By means of the technical scheme, the technical scheme provided by the embodiment of the application has at least the following advantages:
the application provides a method and a device for generating an authority token, a storage medium and computer equipment, wherein a generation request for the authority token initiated by a target user is received firstly, and the generation request carries authentication information of the target user and a channel identification identifier of a generation request initiating client; secondly, determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark, and verifying the authentication information based on the authentication information verification rule; and finally, if the verification result is passed, generating an authority token based on a preset authority token generation rule. Compared with the prior art, the embodiment of the application receives the generation request for the authority token initiated by the user through any kind of client through the unified authority token generation server, determines the matched authentication information verification rule according to the channel identification mark of the client initiated by the generation request, and verifies the authentication information of the user; after verification is passed, generating exclusive rights tokens based on unified rights token generation rules, so that the rights token forms of different clients are unified; furthermore, the form of the authority token is unified, so that a corresponding verification rule is not required to be searched when the token is verified, the response time of the service request is effectively shortened, and the experience of a user is improved.
The foregoing description is only an overview of the present application, and is intended to be implemented in accordance with the teachings of the present application in order that the same may be more clearly understood and to make the same and other objects, features and advantages of the present application more readily apparent.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The embodiment of the application can acquire and process the related data based on the artificial intelligence technology. Among these, artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use knowledge to obtain optimal results.
Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a robot technology, a biological recognition technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and other directions.
In this regard, in one embodiment, as shown in fig. 1, a method for generating a rights token is provided, and the method is described as applied to a computer device such as a server, where the server may be an independent server, or may be a cloud server that provides cloud services, a cloud database, cloud computing, a cloud function, cloud storage, a network service, cloud communication, a middleware service, a domain name service, a security service, a content delivery network (Content Delivery Network, CDN), and basic cloud computing services such as a big data and an artificial intelligent platform, such as an intelligent medical system, a digital medical platform, and the like. The method comprises the following steps:
101. and receiving a generation request for the permission token initiated by the target user.
The generation request carries authentication information of the target user, and generates a channel identification mark of the request initiating client; authentication information including, but not limited to, user ID, contact, avatar, etc.; the generation request initiating client includes, but is not limited to, an open platform (such as a medical institution online service platform, etc.), a medical institution applet, etc.; the channel identification identifier may be used to distinguish between the various originating clients described above. In the embodiment of the application, the current execution end can be a user authorization management server end, firstly, authentication information of a target user is verified, and if the authentication information passes, an exclusive permission token of the target user is regenerated.
It should be noted that, the current execution end may directly receive a request initiated by a user based on a user client, or may configure an API gateway between the current execution end and the user client for receiving and transmitting a message, and receive the request of the user through the API gateway and transmit the request to the current service end, and transmit the current service end to the user service end to generate the permission token, which can be understood that the API gateway may intercept a malicious attack to avoid the current service end directly receiving the malicious attack.
102. And determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark, and verifying the authentication information based on the authentication information verification rule.
In the embodiment of the present application, the authentication information verification rule matched with the client may be determined according to the channel identification identifier of the initiating client received in step 101 of the embodiment, and it should be noted that the corresponding authentication information verification rule may be configured for each client channel in advance, and the authentication information verification rule and each client channel may be mapped and stored, so that when authentication information needs to be verified, searching may be performed according to the channel identification identifier of the current initiating client. Further, the authentication information received in the embodiment step 101 is verified according to the found rule. By way of example, authentication information verification rules may be a user name + password-based verification, a cell phone number + verification code-based verification, an OAuth2 verification mechanism, a one-touch login verification based on another association procedure, an SSO Token verification mechanism, a SAML2 verification mechanism, an applet authentication mechanism, a simple Token authentication mechanism, etc.
103. And if the verification result is passed, generating the permission token based on a preset permission token generation rule.
In the embodiment of the application, when the verification result of the authentication information is passed, the target user is a legal user, at the moment, a special authority token can be issued to the target user, preferably, JWT (namely Json Web Toke, JSON-based open standard RFC7519 executed for passing claims among network application environments) can be selected as a preset authority token generation rule to generate an authority token; further, the permission token may be stored in a local storage space of the client of the target user, and the subsequent service requests of the target user may all carry the permission token. Preferably, the local storage space of the client is a stateless storage space and is not a cookie container, so that the problem of cross-domain restriction of the cookie container can be effectively avoided.
Compared with the prior art, the embodiment of the application receives the generation request for the authority token initiated by the user through any kind of client through the unified authority token generation server, determines the matched authentication information verification rule according to the channel identification mark of the client initiated by the generation request, and verifies the authentication information of the user; after verification is passed, generating exclusive rights tokens based on unified rights token generation rules, so that the rights token forms of different clients are unified; furthermore, the form of the authority token is unified, so that a corresponding verification rule is not required to be searched when the token is verified, the response time of the service request is effectively shortened, and the experience of a user is improved.
In an embodiment of the present application, for further limitation and explanation, as shown in fig. 2, if the verification result is passed, in step 103, an authority token is generated based on a preset authority token generation rule, which specifically includes:
201. and carrying out coding processing on the name of the preset authority token generation rule and a preset encryption algorithm based on the preset coding rule to obtain a first sub-authority token.
202. And carrying out coding processing on the basic information of the permission token based on a preset coding rule to obtain a second sub-permission token.
203. And carrying out connection processing on the first sub-right token and the second sub-right token to obtain a connection combination of the first sub-right token and the second sub-right token.
204. And carrying out encryption processing on the connection combination based on a preset encryption algorithm and a preset private key to obtain a third sub-right token.
205. And combining the first sub-rights token, the second sub-rights token and the third sub-rights token to generate a rights token.
The preset coding rule can adopt any coding rule, such as a Base64 coding rule and the like; the preset encryption algorithm may be a unified encryption algorithm, or may be different encryption algorithms configured for different initiating clients in advance, which is not specifically limited in the embodiment of the present application. In the embodiment of the application, the permission tokens can comprise three sub-permission tokens, namely a first sub-permission token Header, a second sub-permission token Payload and a third sub-permission token Signature, wherein the first sub-permission token is obtained by encoding and processing a name (JWT) of a preset permission token generation rule and a preset encryption algorithm, and is used for declaring the name (JWT) of the preset permission token generation rule and the preset encryption algorithm; the second sub-rights token is obtained by encoding the basic information of the rights token, and is used for storing the basic information of the rights token, including but not limited to an issuer identifier iss of the rights token (namely, the creator of the rights token can be represented in a character string form), an identifier sub of a terminal user of the rights token (which is unique within the iss and is 255 ASCII characters at maximum, case-differentiated), an audience aud of the rights token (namely, a rights token receiver can be represented as a case-differentiated character string array), an expiration timestamp exp of the rights token (which needs to be greater than the issuing time and is invalid for the rights token exceeding the timestamp), a validation timestamp nbf of the rights token (namely, the rights token is available from the validation timestamp), an issuing timestamp iat of the rights token, and a unique identity identifier jti of the rights token (which is mainly used as a one-time ton, thereby avoiding replay the stated value is unique in each rights token created by the rights token issuer; the third sub-rights token is obtained by encrypting the first sub-rights token and the second sub-rights token through a preset private key generated in advance and the preset encryption algorithm, and is used for signing the rights token; and finally, combining the first sub-right token, the second sub-right token and the third sub-right token to generate the right token.
An embodiment of the present application provides a method for generating a rights token, as shown in fig. 3, where the method includes:
301. a request for business data is received for a target user.
Wherein the request carries the rights token to be verified. In the embodiment of the application, the request for the service data can be medical related service data such as registration order inquiry, case information inquiry, inspection report inquiry and the like.
As a preferred embodiment, the rights token is stored in a local storage space of the target user client.
In the embodiment of the application, the authority token can be stored in the local storage space of the client of the target user, and the follow-up service request of the target user can carry the authority token. Preferably, the local storage space of the client is a stateless storage space and is not a cookie container, so that the problem of cross-domain restriction of the cookie container can be effectively avoided.
302. And verifying the right token to be verified based on the preset public key.
In the implementation of the application, firstly, decoding processing is carried out on a first sub-to-be-verified authority token Header in the to-be-verified authority token to obtain a preset encryption algorithm; then, based on the preset encryption algorithm and a preset public key, carrying out encryption processing on a connection combination of a first sub-to-be-verified rights token Header and a second sub-to-be-verified rights token Payload in the rights token to be verified, so as to obtain an encryption result; and finally, comparing the encryption result with a third sub-to-be-verified authority token Signature serving as a Signature, and judging that the to-be-verified authority token passes verification at the moment if the encryption result is consistent with the third sub-to-be-verified authority token Signature, which means that the to-be-verified authority token is not tampered.
Correspondingly, the embodiment step 302 specifically includes: decoding a first sub-to-be-verified permission token in the to-be-verified permission tokens based on a preset coding rule to obtain a preset encryption algorithm; encrypting the connection combination of the first sub-right token to be verified and the second sub-right token to be verified in the right tokens to be verified based on a preset encryption algorithm and a preset public key to obtain an encryption result; and determining a verification result according to the encryption result and a third sub-to-be-verified permission token in the to-be-verified permission tokens.
303. If the verification result is passed, the request is transmitted to a service data response server, so that the target user obtains a service response matched with the request.
The service data response server may be used to implement a request for service data, including but not limited to a request for medical related service data such as registration order query, case information query, and inspection report query. In the embodiment of the application, after the authority token of the target user passes verification, the current execution end can transmit the request of the current execution end for the service data to the service data response server end so as to realize the request of the target user.
In an embodiment of the present application, for further definition and explanation, before the embodiment step 101 receives the request for generating the rights token initiated by the target user, the embodiment method further includes: and generating a corresponding key pair for each client channel, and mapping and storing the key pair and each client channel.
In the embodiment of the application, when the current execution end performs service butt joint with each client channel, a dedicated key pair can be generated for the current execution end and mapped and stored with the current execution end, so that the permission token is generated based on the private key in the key pair, and the permission token is verified based on the public key in the key pair.
In an embodiment of the present application, for further definition and explanation, before the embodiment step 101 receives the request for generating the rights token initiated by the target user, the embodiment method further includes: configuring corresponding authentication information verification rules for each client channel, and mapping and storing the authentication information verification rules and each client channel.
In the embodiment of the application, the corresponding authentication information verification rule can be configured for each client channel in advance, and the authentication information verification rule and each client channel are mapped and stored, so that when authentication information needs to be verified, searching is carried out according to the channel identification mark of the current initiating client. Authentication information verification rules include, but are not limited to, verification based on a user name+password, verification based on a mobile phone number+verification code, OAuth2 verification mechanism, one-touch login verification based on another associated program, SSO Token verification mechanism, SAML2 verification mechanism, applet authentication mechanism, simple Token authentication mechanism, and the like.
The application provides a generation method of an authority token, which comprises the steps of firstly receiving a generation request for the authority token initiated by a target user, wherein the generation request carries authentication information of the target user and a channel identification mark of a generation request initiating client; secondly, determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark, and verifying the authentication information based on the authentication information verification rule; and finally, if the verification result is passed, generating an authority token based on a preset authority token generation rule. Compared with the prior art, the embodiment of the application receives the generation request for the authority token initiated by the user through any kind of client through the unified authority token generation server, determines the matched authentication information verification rule according to the channel identification mark of the client initiated by the generation request, and verifies the authentication information of the user; after verification is passed, generating exclusive rights tokens based on unified rights token generation rules, so that the rights token forms of different clients are unified; furthermore, the form of the authority token is unified, so that a corresponding verification rule is not required to be searched when the token is verified, the response time of the service request is effectively shortened, and the experience of a user is improved.
Further, as an implementation of the method shown in fig. 1, an embodiment of the present application provides a device for generating an authority token, as shown in fig. 4, where the device includes:
the receiving module 41, the verifying module 42, the generating module 43.
The receiving module 41 is configured to receive a generation request for the permission token initiated by a target user, where the generation request carries authentication information of the target user and a channel identification identifier of a client initiated by the generation request;
a verification module 42, configured to determine an authentication information verification rule that matches the generation request initiating client according to the channel identification identifier, and verify the authentication information based on the authentication information verification rule;
the generating module 43 is configured to generate an rights token based on a preset rights token generation rule if the verification result is passed.
Preferably, the generating module specifically includes:
the encoding unit is used for encoding the name of the preset authority token generation rule and a preset encryption algorithm based on a preset encoding rule to obtain a first sub-authority token;
the encoding unit is further used for encoding the basic information of the rights token based on the preset encoding rule to obtain a second sub-rights token;
the connection unit is used for carrying out connection processing on the first sub-right token and the second sub-right token to obtain a connection combination of the first sub-right token and the second sub-right token;
the first encryption unit is used for carrying out encryption processing on the connection combination based on the preset encryption algorithm and the preset private key to obtain a third sub-authority token;
and the generating unit is used for combining the first sub-rights token, the second sub-rights token and the third sub-rights token to generate a rights token.
Preferably, the rights token is stored in a local storage space of the target user client, and after the generating module, the apparatus further includes:
the receiving module is used for receiving a request of the target user for service data, wherein the request carries a right token to be verified;
the right token verification module is used for verifying the right token to be verified based on a preset public key;
and the transmission module is used for transmitting the request to a service data response server if the verification result is passed, so that the target user obtains the service response matched with the request.
Preferably, the rights token verification module specifically includes:
the decoding unit is used for decoding a first sub-right token to be verified in the right tokens to be verified based on the preset encoding rule to obtain a preset encryption algorithm;
the second encryption unit is used for carrying out encryption processing on the connection combination of the first sub-right token to be verified and the second sub-right token to be verified in the right tokens to be verified based on the preset encryption algorithm and the preset public key to obtain an encryption result;
and the determining unit is used for determining a verification result according to the encryption result and a third sub-to-be-verified permission token in the to-be-verified permission tokens.
Preferably, before the receiving module, the apparatus further includes:
and the first storage module is used for generating corresponding key pairs for the client channels and mapping and storing the key pairs and the client channels.
Preferably, before the receiving module, the apparatus further includes:
and the second storage module is used for configuring corresponding authentication information verification rules for each client channel and mapping and storing the authentication information verification rules and each client channel.
Preferably, the service data is medical service data.
The application provides a generating device of an authority token, which firstly receives a generating request for the authority token initiated by a target user, wherein the generating request carries authentication information of the target user and a channel identification mark of a generating request initiating client; secondly, determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark, and verifying the authentication information based on the authentication information verification rule; and finally, if the verification result is passed, generating an authority token based on a preset authority token generation rule. Compared with the prior art, the embodiment of the application receives the generation request for the authority token initiated by the user through any kind of client through the unified authority token generation server, determines the matched authentication information verification rule according to the channel identification mark of the client initiated by the generation request, and verifies the authentication information of the user; after verification is passed, generating exclusive rights tokens based on unified rights token generation rules, so that the rights token forms of different clients are unified; furthermore, the form of the authority token is unified, so that a corresponding verification rule is not required to be searched when the token is verified, the response time of the service request is effectively shortened, and the experience of a user is improved.
According to an embodiment of the present application, there is provided a storage medium storing at least one executable instruction for performing the method for generating an entitlement token in any of the method embodiments described above.
Based on such understanding, the technical solution of the present application may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.), and includes several instructions for causing a computer device (may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective implementation scenario of the present application.
Fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present application, and the specific embodiment of the present application is not limited to the specific implementation of the computer device.
As shown in fig. 5, the computer device may include: a processor 502, a communication interface (Communications Interface) 504, a memory 506, and a communication bus 508.
Wherein: processor 502, communication interface 504, and memory 506 communicate with each other via communication bus 508.
A communication interface 504 for communicating with network elements of other devices, such as clients or other servers.
The processor 502 is configured to execute the program 510, and may specifically perform relevant steps in the above-described embodiment of the method for generating the rights token.
In particular, program 510 may include program code including computer-operating instructions.
The processor 502 may be a central processing unit CPU, or a specific integrated circuit ASIC (Application Specific Integrated Circuit), or one or more integrated circuits configured to implement embodiments of the present application. The one or more processors included in the computer device may be the same type of processor, such as one or more CPUs; but may also be different types of processors such as one or more CPUs and one or more ASICs.
A memory 506 for storing a program 510. Memory 506 may comprise high-speed RAM memory or may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
The program 510 may be specifically operable to cause the processor 502 to:
receiving a generation request for an authority token initiated by a target user, wherein the generation request carries authentication information of the target user and a channel identification identifier of a generation request initiating client;
determining an authentication information verification rule matched with the generation request initiating client according to the channel identification mark, and verifying the authentication information based on the authentication information verification rule;
and if the verification result is passed, generating the permission token based on a preset permission token generation rule.
The storage medium may also include an operating system, a network communication module. The operating system is a program that manages the physical device hardware and software resources of the generation of the rights tokens described above, supporting the execution of information handling programs and other software and/or programs. The network communication module is used for realizing communication among all components in the storage medium and communication with other hardware and software in the information processing entity equipment.
In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different manner from other embodiments, so that the same or similar parts between the embodiments are mutually referred to. For system embodiments, the description is relatively simple as it essentially corresponds to method embodiments, and reference should be made to the description of method embodiments for relevant points.
The method and system of the present application may be implemented in a number of ways. For example, the methods and systems of the present application may be implemented by software, hardware, firmware, or any combination of software, hardware, firmware. The above-described sequence of steps for the method is for illustration only, and the steps of the method of the present application are not limited to the sequence specifically described above unless specifically stated otherwise. Furthermore, in some embodiments, the present application may also be embodied as programs recorded in a recording medium, the programs including machine-readable instructions for implementing the methods according to the present application. Thus, the present application also covers a recording medium storing a program for executing the method according to the present application.
It will be appreciated by those skilled in the art that the modules or steps of the application described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, they may alternatively be implemented in program code executable by computing devices, so that they may be stored in a memory device for execution by computing devices, and in some cases, the steps shown or described may be performed in a different order than that shown or described, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps within them may be fabricated into a single integrated circuit module for implementation. Thus, the present application is not limited to any specific combination of hardware and software.
The above description is only of the preferred embodiments of the present application and is not intended to limit the present application, but various modifications and variations can be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application.