[go: up one dir, main page]

CN103561115A - Method, open platform and system for obtaining electronic codes in real-time mode - Google Patents

Method, open platform and system for obtaining electronic codes in real-time mode Download PDF

Info

Publication number
CN103561115A
CN103561115A CN201310585149.6A CN201310585149A CN103561115A CN 103561115 A CN103561115 A CN 103561115A CN 201310585149 A CN201310585149 A CN 201310585149A CN 103561115 A CN103561115 A CN 103561115A
Authority
CN
China
Prior art keywords
application server
open platform
party application
request
order
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310585149.6A
Other languages
Chinese (zh)
Other versions
CN103561115B (en
Inventor
胡聪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201310585149.6A priority Critical patent/CN103561115B/en
Publication of CN103561115A publication Critical patent/CN103561115A/en
Application granted granted Critical
Publication of CN103561115B publication Critical patent/CN103561115B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

本发明涉及一种实时获取电子码的方法、开放平台及系统,该方法包括:开放平台接收到第三方应用服务器发送的前端支付请求后,通过第一接口向第三方应用服务器发送通知消息;通过第二接口接收第三方应用服务器根据通知消息返回的订单核实请求;当确定订单核实请求合法时,向第三方应用服务器返回验证成功消息;接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,并将电子码提供给预设的用户终端。由此解决了现有技术中,第三方应用服务器必须以手动方式预先向开放平台内导入一定批量的电子码所导致的操作繁琐等问题。

The present invention relates to a method, an open platform and a system for obtaining an electronic code in real time. The method includes: after the open platform receives a front-end payment request sent by a third-party application server, it sends a notification message to the third-party application server through a first interface; The second interface receives the order verification request returned by the third-party application server according to the notification message; when it is determined that the order verification request is legal, returns a verification success message to the third-party application server; receives the order verification request returned by the third-party application server after receiving the verification success message Verifying the electronic code corresponding to the request, and providing the electronic code to a preset user terminal. This solves the problem in the prior art that the third-party application server must manually import a certain batch of electronic codes into the open platform in advance, which causes cumbersome operations and the like.

Description

Method, open platform and the system of Real-time Obtaining electronics code
Technical field
The present invention relates to network communications technology field, be specifically related to a kind of method, open platform and system of Real-time Obtaining electronics code.
Background technology
All kinds of service encapsulates that open platform can be provided become series of computation machine data-interface easy to identify, third party developer directly calls these open data-interfaces just can enjoy the respective service of open platform, these open data-interfaces are also called Open API, provide the platform of these Open API itself to be just called as open platform.
Utilizing electronics code that third party's application server provides to provide the Push Service of electronics code to user is typical case's application of current open platform.In this application scenarios, third party's application server need to provide the electronics that can circulate code, and by the electronics code providing by open platform be pushed to need to this electronics code user terminal.Fig. 1 shows the schematic diagram of above-mentioned application scenarios.As shown in Figure 1, in order to realize the circulation of electronics code on open platform, third party's application developer (operating the operating personnel of above-mentioned third party's application server) needs in advance the electronics code of wanting to circulate on this open platform to be imported in this open platform with manual mode.As shown in Figure 2, first, third party's application developer need to generate one for the sequence number file of store electricity subcode to concrete guiding flow; Then sign in to the importing backstage that open platform provides, on this importing backstage, submit the information of this third party's application developer to, and the sequence number file generating before uploading; Finally, confirm to upload result, to realize the final importing of electronics code.After importing electronics code, open platform just can provide the Push Service of electronics code by the electronics code based on importing to user.In Fig. 1, also show the retrieval function of electronics code, this function and relation of the present invention are little, wouldn't introduce herein.
As can be seen here, utilize before existing open platform realizes the circulation of electronics code, must first electronics code be imported in this platform.But the mode of operation of above-mentioned manual importing electronics code is very loaded down with trivial details, need to expend a large amount of human costs.And, when manually importing electronics code, normally disposablely in open platform, import certain electronics code in batches for circulation.Like this, open platform also needs the electronics code importing in advance for these to prepay certain expense, and therefore, open platform also will be born the loss risk of prepayment cost.
Summary of the invention
In view of the above problems, the present invention has been proposed to a kind of method, open platform and system of the Real-time Obtaining electronics code that overcomes the problems referred to above or address the above problem are at least in part provided.
According to one aspect of the present invention, a kind of method of Real-time Obtaining electronics code is provided, comprising: open platform receives after the front-end payment request of third party's application server transmission, by first interface, to third party's application server, sends a notification message; The order returning according to notification message by the second interface reception third party application server is examined request; When definite order, examine request when legal, to third party's application server, return and be proved to be successful message; Receive third party's application server receive be proved to be successful return after message examine electronics code corresponding to request with order, and electronics code is offered to default user terminal.
According to another aspect of the present invention, a kind of open platform of Real-time Obtaining electronics code is provided, comprising: first communication module, is suitable for receiving the front-end payment request that third party's application server sends; First interface module, is suitable for sending a notification message to third party's application server; The second interface module, is suitable for receiving the order that third party's application server returns according to notification message and examines request; Whether legal authentication module, be suitable for determining that order is examined request; Second communication module, being suitable for examining request at order returns and is proved to be successful message to third party's application server when legal, and receive third party's application server receive be proved to be successful return after message examine electronics code corresponding to request with order, electronics code is offered to default user terminal.
According to another aspect of the present invention, a kind of system of Real-time Obtaining electronics code is provided, comprise above-mentioned open platform, one or more user terminals and one or more third party's application server.
Method at Real-time Obtaining electronics code provided by the invention, in open platform and system, for third party's application server provides the interface (first interface and the second interface) of two openings, by these two interfaces, the real time data that can realize between open platform and third party's application server is mutual, thereby make the open platform can be after receiving the front-end payment request that third party's application server sends at every turn, to third party's application server, send a notification message, the order that reception and checking third party application server return is examined request, and to third party's application server, return and be proved to be successful message after being verified, finally receive the electronics code that third party's application server returns accordingly.Can realize by the way the bi-directional verification mechanism between open platform and third party's application server, the fail safe that can improve the transfer of data between open platform and third party's application server.Under the prerequisite being protected in fail safe, third party's application server can, after receiving the front-end payment request relevant to electronics code of user's transmission, send required electronics code to open platform at every turn in real time.Solved thus in prior art, third party's application server must import the problems such as complex operation that certain electronics code is in batches caused in advance with manual mode in open platform.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to better understand technological means of the present invention, and can be implemented according to the content of specification, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.
Accompanying drawing explanation
By reading below detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing is only for the object of preferred implementation is shown, and do not think limitation of the present invention.And in whole accompanying drawing, by identical reference symbol, represent identical parts.In the accompanying drawings:
Scene schematic diagram when Fig. 1 shows from third party's application developer of the prior art to open platform importing electronics code;
Method flow diagram when Fig. 2 shows from third party's application developer of the prior art to open platform importing electronics code;
Fig. 3 shows the flow chart of the method for the Real-time Obtaining electronics code that one embodiment of the invention provides;
Fig. 4 shows the flow chart of the method for the Real-time Obtaining electronics code that another embodiment of the present invention provides;
Fig. 5 shows the structure chart of the open platform of the Real-time Obtaining electronics code that the embodiment of the present invention provides;
Fig. 6 shows the structure chart of the system of the Real-time Obtaining electronics code that the embodiment of the present invention provides.
Embodiment
Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in accompanying drawing, yet should be appreciated that and can realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order more thoroughly to understand the disclosure that these embodiment are provided, and can by the scope of the present disclosure complete convey to those skilled in the art.
The embodiment of the present invention provides a kind of method, open platform and system of Real-time Obtaining electronics code, in order to solve third party's application server in prior art, must in open platform, import the problems such as complex operation that certain electronics code is in batches caused in advance with manual mode.
Fig. 3 shows the flow chart of the method for the Real-time Obtaining electronics code that the embodiment of the present invention provides.As shown in Figure 3, the method originates in step S101, and in step S101, open platform receives after the front-end payment request of third party's application server transmission, by first interface, to third party's application server, sends a notification message.Wherein, first interface can be realized by default the first call back function, the first function pointer or a URL address.
Next, in step S102, the order that open platform returns according to notification message by the second interface reception third party application server is examined request.Wherein, the second interface can be realized by default the second call back function, the second function pointer or the 2nd URL address equally.
Then, in step S103, whether open platform determines that above-mentioned order is examined request legal, and is determining that it returns and be proved to be successful message to third party's application server when legal.
Finally, in step S104, open platform receive third party's application server receive be proved to be successful return after message examine electronics code corresponding to request with order, and this electronics code is offered to default user terminal.
Alternatively, in order to improve the fail safe of transfer of data, in the notification message sending in above-mentioned steps S101, further comprise the relevant information of front-end payment request, and these relevant informations are signed by default Digital Signature Algorithm.Correspondingly, third party's application server is received after this notification message, first by default signature verification algorithm, this notification message is verified, then according to the relevant information obtaining after being verified, is returned to order and examine request.Wherein, third party's application server returns to order according to the relevant information obtaining after being verified and examines the step of request and further comprise: first obtain the parameter to be verified comprising in relevant information, then by default Digital Signature Algorithm, treat certificate parameter and sign, finally the parameter to be verified after signature is encapsulated in to order and examines in request.Correspondingly, in step S103, whether open platform verifies that by following manner order is examined request legal: first, open platform is examined request by default signature verification algorithm to order and verified, obtains parameter to be verified wherein; Then, if the parameter to be verified obtaining is legal, can determine that this order is examined request legal.
Mode by above just can realize the bi-directional verification between open platform and third party's application server, thereby both can prevent that someone from pretending to be open platform to cheat third party's application server and sending electronics code to it, also can prevent that someone from pretending to be third party's application server to transmit malicious data to open platform.In addition, in order further to guarantee that electronics code is not tampered or intercepts and captures in the process sending to open platform, can also be further encrypted electronics code by third party's application server.For this reason, method in the present embodiment can also comprise following details: when communicating by primary sources host-host protocol (such as higher HTTPS agreement of fail safe etc.) between open platform and third party's application server, the electronics code that third party's application server returns is the electronics code that there is no encryption, open platform directly offers default user terminal by electronics code, can in the situation that internet security is high, simplify like this operation of transmission link; When communicating by secondary sources host-host protocol (such as lower http protocol of fail safe etc.) between open platform and third party's application server, the electronics code that third party's application server returns is the electronics code through encrypting, open platform offers default user terminal by electronics code after electronics code is decrypted again, can in the situation that internet security is low, improve transmission security like this, and prevent that the level of data below network application layer is stolen.
Can realize by the way the bi-directional verification mechanism between open platform and third party's application server, the fail safe that can improve the transfer of data between open platform and third party's application server.Under the prerequisite being protected in fail safe, third party's application server can, after receiving the front-end payment request relevant to electronics code of user's transmission, send required electronics code to open platform at every turn in real time.Solved thus in prior art, third party's application server must import the problems such as complex operation that certain electronics code is in batches caused in advance with manual mode in open platform.
In another embodiment of the present invention, the application scenarios that the user of take reads paying novel is example, and the method for Real-time Obtaining electronics code provided by the invention is described in detail.Wherein, the third party's application server in the present embodiment is that the server of paying novel is provided to user, and the electronics code that this server provides is for activating the particular chapter of novel, to user can be read these chapters and sections.Fig. 4 shows the method flow diagram of the Real-time Obtaining electronics code that the present embodiment provides.As shown in Figure 4, the method comprises the following steps:
Step S201: user terminal sends activation request to third party's application server.
Generally, this step is triggered when user wishes to read the paying chapters and sections of e-novel.For example, when user browses by user terminals such as computers after the summary suggestion content that complete primary school says, while wishing further to read the residue chapters and sections of this novel, need user first by electronics code, these chapters and sections to be activated.For this reason, user can send above-mentioned activation request by clicking the button of the printed words such as " activating immediately " that show on user terminal browser.
Generally, in this activation request, can comprise information such as user account number, novel title and section number.For this reason, after user clicks the button of " activating immediately ", browser page can first jump to the respective page of buying active coding, on this page, show " buying fast " and " login is bought " two options, if user clicks the option of " buying fast ", need user's filling in order information, comprising: Apply Names (as e-novel), production unit cost (as read the reading expense of a joint novel), product quantity (as the chapters and sections number of novel), user's contact method (as phone number and/or E-mail address etc.) etc.; If user clicks the option of " login is bought ", need user first to input the log-on messages such as user account number and password and fill in again corresponding sequence information afterwards.As can be seen here, in said process, browser can get the relevant information of this activation request, and these relevant informations are write in this activation request.In addition, in said process, can further include user is the link of electronics code defrayment by means of payment such as Alipays, and this link can realize by the existing various means of payment.
Step S202: third party's application server is received after the activation request that user terminal sends, sent front-end payment request to open platform.
First third party's application server resolves this activation request, gets the information such as user account number, novel title and section number that comprise in activation request; Then, according to these information structuring front-end payment requests, and this front-end payment request is sent to open platform.
Step S203: open platform receives after the front-end payment request of third party's application server transmission, sends a notification message to third party's application server by first interface.
Particularly, open platform is resolved front-end payment request, the information such as the user account number that obtains wherein comprising, novel title and section number, then, according to these information structuring notification messages, and by first interface, notification message is sent to third party's application server.Wherein, first interface can be realized by various ways such as default call back function, function pointer or URL addresses.For example, this first interface can be the Open API that open platform pre-sets, and third party's application server, when initial access open platform, comprises first interface by loading and realizes and the docking of open platform at interior Open API.Therefore, in this step, open platform directly calls this first interface and just can send a notification message to third party's application server.
In notification message, need to comprise the parameter information that some need third party's application server to confirm.Table 1 shows the parameter information comprising in notification message:
Table 1
Readjustment parameter Essential Parameter declaration
app_key true Application App key(adds signature)
order_id true Open platform order flowing water id(adds signature)
order_amount true Production unit cost (unit is for dividing) (adding signature)
order_count true Quantity purchase (adding signature)
product_id true Supplement product id(with money and add signature)
sign_type true Signature algorithm (not adding signature)
sign_return true Application returns to the parameter (not adding signature) of order validation interface
sign true The signature (endorsement method is as 3.1) extracting
The attribute of above-mentioned parameters is true, that is to say, in the present embodiment, above-mentioned parameters is all mandatory parameter.Wherein, parameter app_key represents title or the key assignments of application, for identifying uniquely an application, in the present embodiment, this application is the application of e-novel reader and so on, and the concrete value of this parameter is to determine according to the type that sends third party's application server of front-end payment request.Parameter order_id represents the order serial number of open platform, the order of processing at present for identifying uniquely open platform, and the concrete value of this parameter is automatically to determine when the quantity on order of pre-treatment according to open platform.Parameter order_amount represents the unit price of product, in the present embodiment, be the reading expense of corresponding novel, the concrete value of this parameter can be to make an appointment between open platform and third party's application server, can be also that open platform obtains from front-end payment request.Parameter order_count represents quantity purchase, and in the present embodiment, the concrete value of this parameter can be determined according to the quantity of the section number comprising in front-end payment request.Parameter p roduct_id represents the label of product to be supplemented with money, and for identifying uniquely product to be supplemented with money, in the present embodiment, the concrete value of this parameter can be determined according to the novel title comprising in front-end payment request.Parameter s ign_type represents the type of signature algorithm, for example, can be all kinds of signature algorithms such as 3DES algorithm or aes algorithm, by the signature algorithm that sign_type is represented, above-mentioned parameters is signed, to realize security verification.Parameter s ign_return represents that third party's application server examines required relevant information of when request at structure order, the processing of can not signing of this parameter.Parameter s ign represents the correct signature that third party's application server extracts from notification message.
Step S204: the order that open platform returns according to notification message by the second interface reception third party application server is examined request.
Third party's application server is received after above-mentioned notification message, first to resolve this notification message, and obtain the parameter s ign_type wherein comprising, to determine the signature algorithm that the parameters in this notification message adopts, then according to the corresponding signature verification algorithm of this signature algorithm to having added the parameter (such as parameter app_key, order_id, order_amount, order_count and product_id etc.) of signature to verify in this notification message, obtain the signature of these parameters.Then, the signature that parameter s ign in the signature of the above-mentioned parameter obtaining and notification message is identified compares, if identical, confirm that the parameters in notification message is true legal, third party's application server can be examined request by the parameters structure order based in notification message.
When concrete structure order is examined request, can construct in several ways, for example, the signature algorithm that the content that the sign_return parameter in above-mentioned parameter can be comprised is indicated by sign_type parameter is signed, and is that order is examined request by the data encapsulation obtaining after signature.This order is examined request and is sent to open platform by the second interface.Wherein, the second interface can be realized by various ways such as default call back function, function pointer or URL addresses equally.And the second interface and above-mentioned first interface can be both different interfaces, can be also identical interfaces.
Step S205: whether open platform determines that above-mentioned order is examined request legal, and when it is legal, returns and be proved to be successful message to third party's application server.
Particularly, the parameter that open platform is examined in request order according to the corresponding signature verification algorithm of sign_type parameter is verified, obtains signature wherein, whether legal judges that order is examined request according to signature.In addition, open platform can also be by judging that order examines whether the parameter that comprises in request and sign_return parameter in the notification message sending be before consistent judges that order examines the legitimacy of request.
Alternatively, in other embodiment of the present invention, open platform can also determine that order examines the legitimacy of request based on other information.For example, third party's application server can be examined and in request, comprise production unit cost information (being the reading expense of novel chapters and sections) at order, open platform judges whether this production unit cost information exceeds default threshold value, if exceeded, confirms that this order is examined request illegal.For example, suppose in actual conditions, the reading expense of one piece of novel can not surpass 100 yuan, therefore, if order is examined the production unit cost information comprising in request, obviously exceeds normal value, can determine that this order is examined request illegal.In a word, open platform can determine that order examines the legitimacy of request in conjunction with actual conditions, and the present invention does not limit concrete definite mode.
Step S206: open platform receive third party's application server receive be proved to be successful return after message examine electronics code corresponding to request with order, and this electronics code is offered to default user terminal.
Wherein, examining electronics code corresponding to request with order refers to for activating the electronics code of the corresponding chapters and sections of this novel.Open platform, when electronics code is offered to default user terminal, can be determined the user terminal address that receives electronics code according to the user account number comprising in front-end payment request.This user terminal address can be both in step S201, to send the address of the user terminal of activation request, can be also the address of other user terminals.For example, suppose in step S201, user has sent above-mentioned activation request by oneself terminal to third party's application server, through after the processing of above-mentioned each step, in step S206, first open platform gets the usersaccount information comprising in the front-end payment request that third party's application server sends, then, the relevant information providing when registering according to this user account number, such as phone number or E-mail address etc., to the mobile phone terminal of corresponding number or the E-mail address of corresponding address, send electronics code, then, user can obtain this electronics code by mobile phone terminal or E-mail address, and then utilize this electronics code to activate the appointment chapters and sections of paying novel.
As can be seen here, by the way, open platform can be after receiving the front-end payment request of third party's application server transmission at every turn, by first interface and the second interface complete and third party's application server between bi-directional verification, and after being verified, receive in real time the electronics code that third party's application server provides.So both can prevent that someone from pretending to be open platform to cheat third party's application server and sending electronics code to it, also can prevent that someone from pretending to be third party's application server to transmit malicious data to open platform.Therefore, make between open platform and third party's application server real-time transmission data safely.Avoided thus in prior art owing to manually importing to open platform the complex operation problem that certain electronics code in batches causes in advance, and avoided the loss risk of the prepayment cost that open platform managing pre-paid electronic code expense causes.
In addition, in order further to guarantee that electronics code is not tampered or intercepts and captures in the process sending to open platform, in above-mentioned step S206, can also further to electronics code, be encrypted by third party's application server, and the electronics code after encrypting is offered to open platform.During concrete encryption, can select 3DES cryptographic algorithm or AES cryptographic algorithm, now, the form of the electronics code that open platform receives is as shown in table 2.
Table 2
By table 2, can find out, in the electronics code after encryption, comprise following parameter: operating parameter config; For representing the parameter encryption of cipher mode, when being sky or NONE, this parameter value represents not encrypt, when being TRIPLEDES, this parameter value represents 3DES cipher mode; For representing the parameter iv of initialization vector, the default value of this parameter is latter 8 of encrypted characters string; For representing the parameter s ignature of endorsement method, this parameter is for verifying the integrality of message, and its default value is MD5; For representing the parameter m ac of integrity verification string; And for representing the parameter ret of data content (being the content of electronics code), this parameter can be transmitted by encrypting or not encrypting two kinds of modes.
Provide the coded representation method of above-mentioned parameter below:
Figure BDA0000417846280000111
In above-mentioned code segment, cipher mode is TRIPLEDES, and initialization vector is random number, and comprises for representing the parameter c ompletion of " integrity verification string ", and for representing the parameter s ignature of endorsement method.
According to above-mentioned code segment, the electronics code receiving is resolved, the data content that obtains wherein comprising " ret ", after " ret " is decrypted, may obtain any one in following two kinds of results depending on actual conditions:
In the first result, the electronics code obtaining is Single Electron code, that is to say, third party's application server has once only returned to an electronics code, and now, the decrypted result of " ret " is as follows:
Figure BDA0000417846280000112
In the second result, the electronics code obtaining is a plurality of electronics codes, that is to say, third party's application server has once returned to a plurality of electronics codes, and now, the decrypted result of " ret " is as follows:
Figure BDA0000417846280000121
By above-mentioned encipher transmit mode, can guarantee that electronics code is not tampered or intercepts and captures in the process sending to open platform, thereby further improve fail safe.
Fig. 5 shows the structure chart of the open platform of the Real-time Obtaining electronics code that the embodiment of the present invention provides.As shown in Figure 5, this open platform 50 comprises first communication module 51, first interface module 52, the second interface module 53, authentication module 54 and second communication module 55.
First communication module 51 receives the front-end payment request that third party's application server sends.
First interface module 52 sends a notification message to third party's application server.Wherein, first interface module 52 sends this notification message by default the first call back function, the first function pointer or a URL address.
The order that the second interface module 53 reception third party application servers return according to notification message is examined request.Wherein, the second interface module 53 receives this order by default the second call back function, the second function pointer or the 2nd URL address and examines request.
Whether authentication module 54 determines that order is examined request legal.Second communication module 55 is examined request at order and to third party's application server, is returned and be proved to be successful message when legal, and receive third party's application server receive be proved to be successful return after message examine electronics code corresponding to request with order, electronics code is offered to default user terminal.Wherein, when the electronics code returning when third party's application server is the electronics code through encrypting, second communication module 55 is further decrypted this electronics code.
Alternatively, the relevant information that comprises front-end payment request in the notification message that first interface module 52 sends, and these relevant informations are signed by default Digital Signature Algorithm; Third party's application server is received after this notification message, first by default signature verification algorithm, this notification message is verified, then according to the relevant information obtaining after being verified, is returned to order and examine request.Wherein, order is examined and in request, is comprised the parameter to be verified that third party's application server obtains from relevant information, and these parameters to be verified are signed by default Digital Signature Algorithm; Authentication module is suitable for by default signature verification algorithm, this order being examined and being asked to verify, obtains parameter to be verified wherein, if parameter to be verified is legal, determines that this order is examined request legal.
Fig. 6 shows the structure chart of the system of the Real-time Obtaining electronics code that the embodiment of the present invention provides.As shown in Figure 6, this system comprises: above-mentioned open platform 50 and third party's application server 60, and described system also comprises one or more user terminals (not shown on figure), the quantity of described third party's application server can also be for a plurality of.Concrete structure about open platform can, with reference to the description of above-described embodiment, repeat no more herein.
In the method and open platform of Real-time Obtaining electronics code provided by the invention, for third party's application server provides the interface (first interface and the second interface) of two openings, by these two interfaces, the real time data that can realize between open platform and third party's application server is mutual, thereby make the open platform can be after receiving the front-end payment request that third party's application server sends at every turn, to third party's application server, send a notification message, the order that reception and checking third party application server return is examined request, and to third party's application server, return and be proved to be successful message after being verified, finally receive the electronics code that third party's application server returns accordingly.Can realize by the way the bi-directional verification mechanism between open platform and third party's application server, the fail safe that can improve the transfer of data between open platform and third party's application server.Under the prerequisite being protected in fail safe, third party's application server can, after receiving the front-end payment request relevant to electronics code of user's transmission, send required electronics code to open platform at every turn in real time.Solved thus in prior art, third party's application server must import the problems such as complex operation that certain electronics code is in batches caused in advance with manual mode in open platform.
The algorithm providing at this is intrinsic not relevant to any certain computer, virtual system or miscellaneous equipment with demonstration.Various general-purpose systems also can with based on using together with this teaching.According to description above, it is apparent constructing the desired structure of this type systematic.In addition, the present invention is not also for any certain programmed language.It should be understood that and can utilize various programming languages to realize content of the present invention described here, and the description of above language-specific being done is in order to disclose preferred forms of the present invention.
In the specification that provided herein, a large amount of details have been described.Yet, can understand, embodiments of the invention can not put into practice in the situation that there is no these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the above in the description of exemplary embodiment of the present invention, each feature of the present invention is grouped together into single embodiment, figure or sometimes in its description.Yet, the method for the disclosure should be construed to the following intention of reflection: the present invention for required protection requires than the more feature of feature of clearly recording in each claim.Or rather, as reflected in claims below, inventive aspect is to be less than all features of disclosed single embodiment above.Therefore, claims of following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and can the module in the equipment in embodiment are adaptively changed and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and can put them into a plurality of submodules or subelement or sub-component in addition.At least some in such feature and/or process or unit are mutually repelling, and can adopt any combination to combine all processes or the unit of disclosed all features in this specification (comprising claim, summary and the accompanying drawing followed) and disclosed any method like this or equipment.Unless clearly statement in addition, in this specification (comprising claim, summary and the accompanying drawing followed) disclosed each feature can be by providing identical, be equal to or the alternative features of similar object replaces.
In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included in other embodiment, the combination of the feature of different embodiment means within scope of the present invention and forms different embodiment.For example, in the following claims, the one of any of embodiment required for protection can be used with compound mode arbitrarily.
All parts embodiment of the present invention can realize with hardware, or realizes with the software module moved on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that and can use in practice microprocessor or digital signal processor (DSP) to realize the some or all functions according to the some or all parts in the device of the embodiment of the present invention.The present invention for example can also be embodied as, for carrying out part or all equipment or device program (, computer program and computer program) of method as described herein.Realizing program of the present invention and can be stored on computer-readable medium like this, or can there is the form of one or more signal.Such signal can be downloaded and obtain from internet website, or provides on carrier signal, or provides with any other form.
It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the situation that do not depart from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed as element or step in the claims.Being positioned at word " " before element or " one " does not get rid of and has a plurality of such elements.The present invention can be by means of including the hardware of some different elements and realizing by means of the computer of suitably programming.In having enumerated the unit claim of some devices, several in these devices can be to carry out imbody by same hardware branch.The use of word first, second and C grade does not represent any order.Can be title by these word explanations.

Claims (10)

1.一种实时获取电子码的方法,包括:1. A method for obtaining an electronic code in real time, comprising: 开放平台接收到第三方应用服务器发送的前端支付请求后,通过第一接口向所述第三方应用服务器发送通知消息;After the open platform receives the front-end payment request sent by the third-party application server, it sends a notification message to the third-party application server through the first interface; 通过第二接口接收所述第三方应用服务器根据所述通知消息返回的订单核实请求;receiving the order verification request returned by the third-party application server according to the notification message through the second interface; 当确定所述订单核实请求合法时,向所述第三方应用服务器返回验证成功消息;When it is determined that the order verification request is legal, return a verification success message to the third-party application server; 接收所述第三方应用服务器收到所述验证成功消息后返回的与所述订单核实请求对应的电子码,并将所述电子码提供给预设的用户终端。receiving the electronic code corresponding to the order verification request returned by the third-party application server after receiving the verification success message, and providing the electronic code to a preset user terminal. 2.如权利要求1所述的方法,其中,所述第一接口通过预设的第一回调函数、第一函数指针或第一URL地址实现,所述第二接口通过预设的第二回调函数、第二函数指针或第二URL地址实现。2. The method according to claim 1, wherein the first interface is realized through a preset first callback function, a first function pointer or a first URL address, and the second interface is realized through a preset second callback function, second function pointer or second URL address implementation. 3.如权利要求1所述的方法,其中,所述通知消息中包含所述前端支付请求的相关信息,且所述相关信息通过预设的数字签名算法进行签名;3. The method according to claim 1, wherein the notification message includes relevant information of the front-end payment request, and the relevant information is signed by a preset digital signature algorithm; 所述第三方应用服务器收到所述通知消息后,先通过预设的签名验证算法对所述通知消息进行验证,再根据验证通过后得到的所述相关信息返回所述订单核实请求。After receiving the notification message, the third-party application server first verifies the notification message through a preset signature verification algorithm, and then returns the order verification request according to the relevant information obtained after the verification is passed. 4.如权利要求3所述的方法,其中,所述第三方应用服务器根据验证通过后得到的所述相关信息返回所述订单核实请求的步骤包括:获取所述相关信息中包含的待验证参数,通过所述预设的数字签名算法对所述待验证参数进行签名,将签名后的待验证参数封装在所述订单核实请求中;4. The method according to claim 3, wherein the step of the third-party application server returning the order verification request according to the relevant information obtained after passing the verification comprises: obtaining the parameters to be verified contained in the relevant information , signing the parameters to be verified by using the preset digital signature algorithm, and encapsulating the signed parameters to be verified in the order verification request; 所述开放平台确定所述订单核实请求合法的步骤包括:通过预设的签名验证算法对所述订单核实请求进行验证,得到其中的待验证参数,如果所述待验证参数合法,则确定所述订单核实请求合法。The step of the open platform determining that the order verification request is legal includes: verifying the order verification request through a preset signature verification algorithm to obtain the parameters to be verified, and if the parameters to be verified are legal, then determine the The order verification request is legitimate. 5.如权利要求1-4任一所述的方法,其中,当所述开放平台与所述第三方应用服务器之间通过第一类数据传输协议进行通信时,所述第三方应用服务器返回的电子码是没有加密的电子码,则所述开放平台直接将所述电子码提供给预设的用户终端;其中,所述第一类数据传输协议包括HTTPS协议;5. The method according to any one of claims 1-4, wherein, when the open platform communicates with the third-party application server through the first type of data transmission protocol, the third-party application server returns If the electronic code is an electronic code without encryption, the open platform directly provides the electronic code to a preset user terminal; wherein, the first type of data transmission protocol includes the HTTPS protocol; 当所述开放平台与所述第三方应用服务器之间通过第二类数据传输协议进行通信时,所述第三方应用服务器返回的电子码是经过加密的电子码,则所述开放平台对所述电子码进行解密之后再将所述电子码提供给预设的用户终端;其中,所述第二类数据传输协议包括HTTP协议。When the open platform communicates with the third-party application server through the second type of data transmission protocol, and the electronic code returned by the third-party application server is an encrypted electronic code, then the open platform will After the electronic code is decrypted, the electronic code is provided to a preset user terminal; wherein, the second type of data transmission protocol includes the HTTP protocol. 6.一种实时获取电子码的开放平台,包括:6. An open platform for real-time acquisition of electronic codes, including: 第一通信模块,适于接收第三方应用服务器发送的前端支付请求;The first communication module is adapted to receive the front-end payment request sent by the third-party application server; 第一接口模块,适于向所述第三方应用服务器发送通知消息;The first interface module is adapted to send a notification message to the third-party application server; 第二接口模块,适于接收所述第三方应用服务器根据所述通知消息返回的订单核实请求;The second interface module is adapted to receive the order verification request returned by the third-party application server according to the notification message; 验证模块,适于确定所述订单核实请求是否合法;a verification module adapted to determine whether said order verification request is legitimate; 第二通信模块,适于在所述订单核实请求合法时向所述第三方应用服务器返回验证成功消息,并接收所述第三方应用服务器收到所述验证成功消息后返回的与所述订单核实请求对应的电子码,将所述电子码提供给预设的用户终端。The second communication module is adapted to return a verification success message to the third-party application server when the order verification request is legal, and receive the order verification message returned by the third-party application server after receiving the verification success message. A corresponding electronic code is requested, and the electronic code is provided to a preset user terminal. 7.如权利要求6所述的开放平台,其中,所述第一接口模块通过预设的第一回调函数、第一函数指针或第一URL地址发送所述通知消息;7. The open platform according to claim 6, wherein the first interface module sends the notification message through a preset first callback function, a first function pointer or a first URL address; 所述第二接口模块通过预设的第二回调函数、第二函数指针或第二URL地址接收所述订单核实请求。The second interface module receives the order verification request through a preset second callback function, a second function pointer or a second URL address. 8.如权利要求6所述的开放平台,其中,所述第一接口模块发送的通知消息中包含所述前端支付请求的相关信息,且所述相关信息通过预设的数字签名算法进行签名;8. The open platform according to claim 6, wherein the notification message sent by the first interface module includes relevant information of the front-end payment request, and the relevant information is signed by a preset digital signature algorithm; 所述第三方应用服务器收到所述通知消息后,先通过预设的签名验证算法对所述通知消息进行验证,再根据验证通过后得到的所述相关信息返回所述订单核实请求。After receiving the notification message, the third-party application server first verifies the notification message through a preset signature verification algorithm, and then returns the order verification request according to the relevant information obtained after the verification is passed. 9.如权利要求8所述的开放平台,其中,所述订单核实请求中包含所述第三方应用服务器从所述相关信息中获取的待验证参数,且所述待验证参数通过预设的数字签名算法进行签名;9. The open platform according to claim 8, wherein the order verification request includes the parameters to be verified obtained by the third-party application server from the relevant information, and the parameters to be verified pass a preset number Signature algorithm to sign; 所述验证模块适于通过预设的签名验证算法对所述订单核实请求进行验证,得到其中的待验证参数,如果所述待验证参数合法,则确定所述订单核实请求合法。The verification module is adapted to verify the order verification request through a preset signature verification algorithm to obtain the parameters to be verified, and if the parameters to be verified are legal, then determine that the order verification request is legal. 10.一种实时获取电子码的系统,包括:如权利要求6-9任一所述的开放平台,一个或多个用户终端以及一个或多个第三方应用服务器。10. A system for obtaining electronic codes in real time, comprising: the open platform according to any one of claims 6-9, one or more user terminals and one or more third-party application servers.
CN201310585149.6A 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time Active CN103561115B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310585149.6A CN103561115B (en) 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310585149.6A CN103561115B (en) 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time

Publications (2)

Publication Number Publication Date
CN103561115A true CN103561115A (en) 2014-02-05
CN103561115B CN103561115B (en) 2016-09-28

Family

ID=50015265

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310585149.6A Active CN103561115B (en) 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time

Country Status (1)

Country Link
CN (1) CN103561115B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104717131A (en) * 2015-02-13 2015-06-17 腾讯科技(深圳)有限公司 Information interaction method and server
CN105553920A (en) * 2014-10-29 2016-05-04 腾讯科技(深圳)有限公司 Data interaction method, apparatus, and system
CN105610877A (en) * 2014-10-29 2016-05-25 腾讯科技(深圳)有限公司 Data interaction method, data interaction platform server and data interaction system
CN105635051A (en) * 2014-10-29 2016-06-01 腾讯科技(深圳)有限公司 Data interaction method, device, and system
CN105635050A (en) * 2014-10-29 2016-06-01 腾讯科技(深圳)有限公司 Data interaction method and system
CN105704196A (en) * 2014-11-28 2016-06-22 腾讯科技(深圳)有限公司 Resource push processing method and device
CN106204034A (en) * 2015-04-29 2016-12-07 中国电信股份有限公司 The mutual authentication method paid in application and system
CN107231390A (en) * 2016-03-23 2017-10-03 阿里巴巴集团控股有限公司 The processing method and processing device of Internet service
WO2020139474A1 (en) * 2018-12-26 2020-07-02 Mastercard International Incorporated Real-time messaging in a supply chain financing network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001040895A2 (en) * 1999-12-06 2001-06-07 Webusiness Usa, Inc. E-commerce market-place using an extranet platform
WO2001059569A2 (en) * 2000-02-09 2001-08-16 Apriva, Inc. Communication systems, components, and methods with programmable wireless devices
US20040181493A1 (en) * 2000-10-26 2004-09-16 Cross Thomas M. Method and system for real-time transactional information processing
WO2005001635A2 (en) * 2003-06-10 2005-01-06 Mastercard International Incorporated Systems and methods for conducting secure payment transactions using a formatted data structure
CN102567903A (en) * 2010-12-07 2012-07-11 中国移动通信集团公司 Web application subscription method, device and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001040895A2 (en) * 1999-12-06 2001-06-07 Webusiness Usa, Inc. E-commerce market-place using an extranet platform
WO2001059569A2 (en) * 2000-02-09 2001-08-16 Apriva, Inc. Communication systems, components, and methods with programmable wireless devices
US20040181493A1 (en) * 2000-10-26 2004-09-16 Cross Thomas M. Method and system for real-time transactional information processing
WO2005001635A2 (en) * 2003-06-10 2005-01-06 Mastercard International Incorporated Systems and methods for conducting secure payment transactions using a formatted data structure
CN102567903A (en) * 2010-12-07 2012-07-11 中国移动通信集团公司 Web application subscription method, device and system

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105610877B (en) * 2014-10-29 2019-12-27 腾讯科技(深圳)有限公司 Data interaction method, platform server and system
CN105553920A (en) * 2014-10-29 2016-05-04 腾讯科技(深圳)有限公司 Data interaction method, apparatus, and system
CN105610877A (en) * 2014-10-29 2016-05-25 腾讯科技(深圳)有限公司 Data interaction method, data interaction platform server and data interaction system
CN105635051A (en) * 2014-10-29 2016-06-01 腾讯科技(深圳)有限公司 Data interaction method, device, and system
CN105635050A (en) * 2014-10-29 2016-06-01 腾讯科技(深圳)有限公司 Data interaction method and system
CN105635050B (en) * 2014-10-29 2019-12-27 腾讯科技(深圳)有限公司 Data interaction method and system
CN105704196B (en) * 2014-11-28 2019-07-05 腾讯科技(深圳)有限公司 Resource supplying processing method and processing device
CN105704196A (en) * 2014-11-28 2016-06-22 腾讯科技(深圳)有限公司 Resource push processing method and device
CN104717131B (en) * 2015-02-13 2017-09-15 腾讯科技(深圳)有限公司 Information interacting method and server
CN104717131A (en) * 2015-02-13 2015-06-17 腾讯科技(深圳)有限公司 Information interaction method and server
US10873640B2 (en) 2015-02-13 2020-12-22 Tencent Technology (Shenzhen) Company Limited Information exchange method and server
CN106204034A (en) * 2015-04-29 2016-12-07 中国电信股份有限公司 The mutual authentication method paid in application and system
CN106204034B (en) * 2015-04-29 2019-07-23 中国电信股份有限公司 Using the mutual authentication method and system of interior payment
CN107231390A (en) * 2016-03-23 2017-10-03 阿里巴巴集团控股有限公司 The processing method and processing device of Internet service
WO2020139474A1 (en) * 2018-12-26 2020-07-02 Mastercard International Incorporated Real-time messaging in a supply chain financing network
US11138642B2 (en) 2018-12-26 2021-10-05 Mastercard International Incorporated Real-time messaging in a supply chain financing network
US11830047B2 (en) 2018-12-26 2023-11-28 Mastercard International Incorporated Real-time messaging in a supply chain financing network

Also Published As

Publication number Publication date
CN103561115B (en) 2016-09-28

Similar Documents

Publication Publication Date Title
CN103561115A (en) Method, open platform and system for obtaining electronic codes in real-time mode
CN104021333B (en) Mobile security watch bag
CN102414690B (en) The method and apparatus of secure web-page browsing environment is created with privilege signature
CN112131564B (en) Method, device, equipment and medium for encrypting data communication
CN112883361B (en) Function jump method and device of application program, computer equipment and storage medium
US20140227999A1 (en) Method, server and system for authentication of a person
CN103154960A (en) Methods and systems for generation of authorized virtual appliances
CN104184892A (en) Mobile terminal intelligent card based data transmission method and mobile terminal
CN113424490B (en) Secure password generation and management using NFC and contactless smart cards
CA2982865A1 (en) Method and system for transaction security
CN109891415B (en) Securing a Web server for an unauthorized client application
CN106465076B (en) Method and terminal for controlling short message reading
CN105701423A (en) Data storage method and device applied to cloud payment transactions
CN112311769A (en) Method, system, electronic device and medium for security authentication
CN108846671B (en) Online secure transaction method and system based on block chain
CN110445768B (en) Login method and device and electronic equipment
CN114567476B (en) Data security protection method and device, electronic equipment and medium
CN104301288A (en) Method and system for online identity authentication, online transaction certification, and online certification protection
CN113918982A (en) Data processing method and system based on identification information
CN110890979B (en) Automatic deployment method, device, equipment and medium for fort machine
CN115277082B (en) Verification method and device for third party application
CN108270741A (en) Mobile terminal authentication method and system
CN110061949B (en) Method and device for acquiring information
CN113761549A (en) Interface safety control and verification method and device
JP2022548805A (en) Generate and manage secure passwords using NFC and contactless smartcards

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220728

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.

TR01 Transfer of patent right