[go: up one dir, main page]

CN114915483B - Application service calling method, device, equipment and storage medium - Google Patents

Application service calling method, device, equipment and storage medium Download PDF

Info

Publication number
CN114915483B
CN114915483B CN202210588719.6A CN202210588719A CN114915483B CN 114915483 B CN114915483 B CN 114915483B CN 202210588719 A CN202210588719 A CN 202210588719A CN 114915483 B CN114915483 B CN 114915483B
Authority
CN
China
Prior art keywords
rule
application service
service request
data
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210588719.6A
Other languages
Chinese (zh)
Other versions
CN114915483A (en
Inventor
白云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Yunchuang Shuan Technology Co ltd
Original Assignee
Shenzhen Yunchuang Shuan Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Yunchuang Shuan Technology Co ltd filed Critical Shenzhen Yunchuang Shuan Technology Co ltd
Priority to CN202210588719.6A priority Critical patent/CN114915483B/en
Publication of CN114915483A publication Critical patent/CN114915483A/en
Application granted granted Critical
Publication of CN114915483B publication Critical patent/CN114915483B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention relates to the field of safety protection, and discloses an application service calling method, which comprises the following steps: acquiring an application program of an application service request to be sent, constructing a first-level cache between a server and the application program by using a preset script language, and configuring a data verification rule of the application program in the first-level cache; synchronizing the data verification rule to a second-level cache of the reverse proxy server to obtain a synchronous verification rule; receiving an application service request sent by an application program, identifying the service type of the application service request, and checking the application service request by utilizing a synchronous check rule according to the service type; when the verification of the application service request fails, updating the data verification rule, and returning to execute the step of synchronizing the data verification rule into the secondary cache of the reverse proxy server; and when the verification of the application service request is successful, the reverse proxy server inquires the request data of the application service request, and the request data is returned to the application program. The invention can reduce the delay of application service call.

Description

Application service calling method, device, equipment and storage medium
Technical Field
The present invention relates to the field of security protection, and in particular, to a method, an apparatus, a device, and a computer readable storage medium for calling an application service.
Background
Application service invocation refers to that an application program sends out a service, requests a server to invoke the service and returns a request invoking result.
At present, authority verification is required to be performed on application service before application service call by utilizing a security rule, so that the condition that a service request is override or the like is prevented, the service request is generally transmitted from an application program to a gateway, security verification of the application service is realized by calling the security rule in the gateway, and in the process, the application service needs to enter the gateway first and can be performed after waiting for the gateway to call the security rule. Thus, the delay of application service invocation is high.
Disclosure of Invention
The invention provides an application service calling method, an application service calling device, application service calling equipment and a storage medium, and aims to reduce delay of application service calling.
In order to achieve the above object, the present invention provides an application service calling method, including:
acquiring an application program of an application service request to be sent, constructing a first-level cache between a preset reverse proxy server and the application program by using a preset script language, and configuring a data verification rule of the application program in the first-level cache;
Synchronizing the data verification rule to a second-level cache of the preset reverse proxy server to obtain a synchronization verification rule;
receiving an application service request sent by the application program, identifying the service type of the application service request, and checking the application service request by utilizing the synchronous check rule according to the service type;
When the verification of the application service request fails, after updating the data verification rule, returning to execute the step of synchronizing the data verification rule to the secondary cache of the preset reverse proxy server;
and when the application service request is successfully checked, inquiring request data of the application service request through the preset reverse proxy server, and returning the request data to the application program.
Optionally, the constructing a first-level cache between the preset reverse proxy server and the application program by using a preset scripting language includes:
acquiring the maximum concurrency number of the application program, and analyzing the cache space of the preset reverse proxy server according to the maximum concurrency number;
configuring the preset script language in the preset reverse proxy server;
and constructing the first-level cache in the cache space by using the preset scripting language.
Optionally, the configuring the data verification rule of the application program in the first-level cache includes:
acquiring a historical application service request of the application program, and classifying the historical application service request to obtain a classification request;
Extracting a field value from the classified request, and analyzing the request intention of the classified request according to the field value;
and constructing a check rule of the application program in the first-level cache according to the request intention, and converting the check rule into a regular expression format to obtain the data check rule.
Optionally, the synchronizing the data checking rule to the second level cache of the preset reverse proxy server to obtain a synchronization checking rule includes:
Identifying a logical address of the data verification rule in the preset reverse proxy server;
converting the logical address into a physical address of the data checking rule in the secondary cache through a conversion rule;
And synchronizing the data checking rule to the physical address of the secondary cache to obtain the synchronous checking rule.
Optionally, the identifying the service type of the application service request includes:
identifying a session object of the application service request;
extracting a service account number of the application service request from the session object;
and obtaining the service type of the application service request through the service account.
Optionally, the verifying the application service request according to the service type by using the synchronization verification rule includes:
inquiring a target check rule of the application service request from the synchronous check rule according to the service type;
acquiring a random number parameter and a first check parameter of the application service request, and constructing a second check parameter of the target check rule and the random number parameter through base64 coding;
consistency verification is carried out on the first verification parameter and the second verification parameter;
When the consistency check of the first check parameter and the second check parameter is successful, the synchronous check rule checks the application service request successfully;
and when the consistency check of the first check parameter and the second check parameter fails, the check of the application service request by the synchronous check rule fails.
Optionally, the updating the data verification rule includes:
inquiring a target check rule of the application service request from the data check rule;
when the target check rule exists, acquiring a latest rule base time stamp from a database, identifying the time stamp of the target check rule, and comparing the latest rule base time stamp with the time stamp of the target check rule;
When the time stamp of the latest rule base is inconsistent with the time stamp of the data verification rule, the latest data verification rule in the database is extracted, and the data verification rule is updated to be the latest data verification rule;
And when the target check rule does not exist, constructing the data check rule of the application service request.
In order to solve the above problems, the present invention also provides an application service invocation apparatus, the apparatus comprising:
the verification rule configuration module is used for acquiring an application program of an application service request to be sent, constructing a first-level cache between a preset reverse proxy server and the application program by using a preset script language, and configuring a data verification rule of the application program in the first-level cache;
the check rule synchronization module is used for synchronizing the data check rule into the secondary cache of the preset reverse proxy server to obtain a synchronous check rule;
The application service verification module is used for receiving an application service request sent by the application program, identifying the service type of the application service request, and verifying the application service request by utilizing the synchronous verification rule according to the service type;
The verification rule updating module is used for returning to execute the step of synchronizing the data verification rule into the secondary cache of the preset reverse proxy server after updating the data verification rule when the verification of the application service request fails;
And the request data return module is used for inquiring the request data of the application service request through the preset reverse proxy server and returning the request data to the application program when the verification of the application service request is successful.
In order to solve the above-mentioned problems, the present invention also provides an electronic apparatus including:
at least one processor; and
A memory communicatively coupled to the at least one processor; wherein,
The memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the application service invocation method described above.
In order to solve the above-mentioned problems, the present invention also provides a computer-readable storage medium having stored therein at least one computer program that is executed by a processor in an electronic device to implement the above-mentioned application service invocation method.
It can be seen that, in the embodiment of the present invention, by acquiring an application program of an application service request to be sent, for obtaining a history application service request from the application program subsequently, and constructing rules for the application service request to be sent according to the history application service request, further, by constructing a first-level cache between a preset reverse proxy server and the application program by using a preset scripting language, for reducing space pressure of the preset reverse proxy server by using an embedded scripting programming function provided by the preset scripting language in the preset reverse proxy server, further, in the embodiment of the present invention, by configuring a data verification rule of the application program in the first-level cache, for storing the data verification rule in the first-level cache in advance, the problem of rate mismatch between the preset reverse proxy server and the local cache of the application program is reduced through the first-level cache, further, the embodiment of the invention obtains the synchronous check rule by synchronizing the data check rule into the second-level cache of the preset reverse proxy server, so as to be used for checking the application service request when checking the application request, and reduces the delay of service call by acquiring the check rule from the second-level cache, further, the embodiment of the invention obtains the content of the application service request by receiving the application service request sent by the application program, performs safety check on the application service request through the synchronous check rule, improves the safety of the system, and further, the embodiment of the invention checks the application service request by utilizing the synchronous check rule according to the service type, the method and the device are used for reducing the first-level cache acquisition rule of the reverse proxy server, converting the first-level cache acquisition rule into the second-level cache acquisition rule of the reverse proxy server to check the application service request, reducing the delay degree of the check request and simultaneously realizing zero consumption of the reverse proxy server when checking the application service request, further, the method and the device are used for transmitting the request data to the application program through the preset reverse proxy server after the data check rule is not met and is not updated through check failure, and the like, so that the data check rule is updated in time, further, the method and the device are used for returning the request data to the application program through the preset reverse proxy server after the data check rule is updated, and further, the method and the device are used for responding the request data to the application program and returning the application program through the application program. Therefore, the application service calling method, the device, the equipment and the storage medium provided by the embodiment of the invention can be used for reducing the delay of application service calling.
Drawings
FIG. 1 is a flowchart of an application service invocation method according to an embodiment of the present invention;
FIG. 2 is a detailed flowchart illustrating a step in an application service invocation method according to an embodiment of the present invention;
FIG. 3 is a detailed flowchart illustrating a step in an application service invocation method according to an embodiment of the present invention;
FIG. 4 is a detailed flowchart illustrating a step in an application service invocation method according to an embodiment of the present invention;
FIG. 5 is a detailed flowchart illustrating a step in an application service invocation method according to an embodiment of the present invention;
FIG. 6 is a detailed flowchart illustrating a step in an application service invocation method according to an embodiment of the present invention;
FIG. 7 is a functional block diagram of an application service invocation apparatus according to an embodiment of the present invention;
Fig. 8 is a schematic structural diagram of an electronic device implementing the application service invocation method according to an embodiment of the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The embodiment of the application provides an application service calling method. In the embodiment of the present application, the execution body of the application service invocation method includes, but is not limited to, at least one of a server, a terminal, and the like, which can be configured to execute the method provided in the embodiment of the present application. In other words, the application service invocation method may be performed by software or hardware installed in the terminal device or the server device, and the software may be a blockchain platform. The service end includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The server may be an independent server, or may be a cloud server that provides cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, middleware services, domain name services, security services, content delivery networks (Content Delivery Network, CDN), and basic cloud computing services such as big data and artificial intelligence platforms.
Referring to fig. 1, a flowchart of an application service calling method according to an embodiment of the invention is shown. In this embodiment, the application service calling method includes steps S1 to S5:
S1, acquiring an application program of an application service request to be sent, constructing a first-level cache between a preset reverse proxy server and the application program by using a preset script language, and configuring a data verification rule of the application program in the first-level cache.
According to the embodiment of the invention, the application program of the application service request to be sent is acquired and is used for subsequently acquiring the historical application service request from the application program, and the rule construction is carried out on the application service request to be sent according to the historical application service request.
The application service request to be sent refers to a request message from a user end to a server end, and the request message includes a request method for resources, identifiers of the resources, a used protocol and the like in a message head line. By application is meant a computer program developed to run on top of an operating system in order to accomplish a particular task or tasks.
According to the embodiment of the invention, the first-level cache between the preset reverse proxy server and the application program is constructed by utilizing the preset scripting language, so that the space pressure of the preset reverse proxy server is reduced by utilizing the embedded script programming function provided by the preset scripting language in the preset reverse proxy server.
The preset scripting language refers to a LUA language, wherein the LUA language is written by a standard C language, is a small scripting language, and can be compiled on an operating system. The preset reverse proxy server is an nmginx server, and is configured to accept a connection request on the internet by using the proxy server, forward the request to a server on the internal network, and return a result obtained from the server to a client requesting connection on the internet. The first-level cache is realized by combining an Nginx server and the Lua language.
As an embodiment of the present invention, referring to fig. 2, the constructing a first level cache between a preset reverse proxy server and the application program by using a preset scripting language includes:
s11, acquiring the maximum concurrency number of the application program, and analyzing the cache space of the preset reverse proxy server according to the maximum concurrency number;
S12, configuring the preset script language in the preset reverse proxy server;
s13, constructing the first-level cache in the cache space by utilizing the preset script language.
Illustratively, obtaining the maximum concurrency number of the application program, and analyzing the cache space of the preset reverse proxy server according to the maximum concurrency number includes: when the application program transmits the maximum concurrent request data to a preset reverse proxy server, the preset reverse proxy server stores the maximum concurrent request data by using a cache, and the cache space of the preset reverse proxy server can be obtained by the maximum concurrent number; the configuring of the preset scripting language in the preset reverse proxy server may be implemented by adding an nginx_lua_module module in the LUA language.
According to the embodiment of the invention, the data verification rule of the application program is configured in the first-level cache, so that the data verification rule is stored in the first-level cache in advance, and the problem of rate mismatch between the preset reverse proxy server and the local cache of the application program is reduced through the first-level cache.
The data verification rule refers to a rule for verifying the text, the character string parameters and the header of the application request, and comprises http basic authentication, session-cookie, token, oauth and other verification rules.
As an embodiment of the present invention, referring to fig. 3, the configuring the data checking rule of the application program in the first-level cache includes:
s21, acquiring a historical application service request of the application program, and classifying the historical application service request to obtain a classification request;
S22, extracting a field value from the classification request, and analyzing the request intention of the classification request according to the field value;
S23, constructing a check rule of the application program in the first-level cache according to the request intention, and converting the check rule into a regular expression format to obtain the data check rule.
Illustratively, the classifying the application service request may be that the application service request is classified according to a GET type and a POST type; the step of extracting a field value from the classified request, and according to the field value, analyzing the request intention of the classified request can be that when the field value is User-Agent, the request intention can be obtained to be statistics of types; the step of constructing the check rule of the application service request in the first-level cache according to the request intention may be that when the request is to fill in a password, the check rule of the password is constructed to be whether the check rule accords with 6-18 letters or numbers; the step of converting the check rule into a regular expression format, and the step of obtaining the data check rule can be to convert the 6-18 letters or numbers into/≡a-z0-9] {6,18} $/g regular expression.
S2, synchronizing the data verification rule to a second-level cache of the preset reverse proxy server to obtain a synchronization verification rule.
According to the embodiment of the invention, the data verification rule is synchronized to the secondary cache of the preset reverse proxy server to obtain the synchronous verification rule, so that when the application request is verified, the verification rule is obtained from the secondary cache to verify, and the delay of service call is reduced. The second level cache refers to a storage space of a user side where the application program is located, namely a local cache.
As an embodiment of the present invention, referring to fig. 4, the step of synchronizing the data check rule to the second level cache of the preset reverse proxy server to obtain a synchronization check rule includes:
S31, in the preset reverse proxy server, identifying the logical address of the data verification rule;
S32, converting the logical address into a physical address of the data verification rule in the secondary cache through a conversion rule;
s33, synchronizing the data verification rule to the physical address of the secondary cache to obtain the synchronization verification rule.
Illustratively, the logical address is comprised of two parts, a segment identifier and an intra-segment offset, and the identifying the logical address of the data check rule includes: taking the entry address of the secondary cache as the initial address of the logic address, and distributing the offset of the initial address, namely the offset in the section by a compiler; the conversion rule is that the page address of the logical address=the block address of the physical address, the logical address=the page number+the page address (the block address), when the logical address is hexadecimal, the address is firstly changed into binary, the first six bits are taken as the page number, the block number is obtained through the corresponding relation, the real physical address is the block address of the block number, when the logical address is decimal, the page number is equal to the logical address/the page size, the quotient is the page number, the block number is obtained through the corresponding relation, the remainder is the offset, and the physical address is the block number, the page size and the offset.
And S3, receiving an application service request sent by the application program, identifying the service type of the application service request, and checking the application service request by utilizing the synchronous check rule according to the service type.
According to the embodiment of the invention, the application service request sent by the application program is received so as to be used for acquiring the content of the application service request, and the safety check is carried out on the application service request through the synchronous check rule, so that the safety of the system is improved.
As an embodiment of the present invention, referring to fig. 5, the identifying the service type of the application service request includes:
s41, identifying a session object of the application service request;
s42, extracting a service account number of the application service request from the session object;
S43, obtaining the service type of the application service request through the service account.
The Session object of the application service request is an Session object, and the Session object for identifying the application service request is identified from an http request; the Session object comprises a service account number of the application service request; and obtaining the service type according to the service account number means that different service accounts send out different service types, and the service types of the same service account number are consistent.
According to the embodiment of the invention, the application service request is checked by utilizing the synchronous check rule according to the service type, so that the rule acquired from the primary cache of the reverse proxy server is reduced, the rule acquired from the local cache is converted into the check of the application service request, the delay degree of the check request is reduced, and zero consumption of the reverse proxy server is realized when the application service request is checked.
As an embodiment of the present invention, referring to fig. 5, the verifying, according to the service type, the application service request by using the synchronization verification rule includes:
S51, inquiring a target check rule of the application service request from the synchronous check rule according to the service type;
S52, acquiring a random number parameter and a first check parameter of the application service request, and constructing a second check parameter of the target check rule and the random number parameter through base64 coding;
s53, carrying out consistency check on the first check parameter and the second check parameter;
S54, when the consistency check of the first check parameter and the second check parameter is successful, the check of the synchronous check rule on the application service request is successful;
s55, when the consistency check of the first check parameter and the second check parameter fails, the check of the application service request by the synchronous check rule fails.
Illustratively, according to the service type, inquiring the target check rule of the application service request from the synchronous check rules to correspond to different target check rules of different service types; the method comprises the steps that a random number parameter and a first check parameter of an application service request are obtained, and the random number parameter and the first check parameter are obtained from a request header of the application service request, wherein base64 coding refers to coding of a binary to character process; the constructing the target verification rule and the second verification parameter of the random number parameter by base64 encoding may be implemented by auth=base 64.Encode (hmacsha (password, random number)), where auth is the second verification parameter.
And S4, when the verification of the application service request fails, after updating the data verification rule, returning to execute the step of synchronizing the data verification rule into the secondary cache of the preset reverse proxy server.
The embodiment of the invention is used for updating the data verification rule in time by updating the data verification rule to know that the data verification rule does not accord with the actual data verification rule and is not updated through verification failure and the like.
As an embodiment of the present invention, the updating the data verification rule includes: inquiring a target check rule of the application service request from the data check rule; when the target check rule exists, acquiring a latest rule base time stamp from a database, identifying the time stamp of the target check rule, and comparing the latest rule base time stamp with the time stamp of the target check rule; when the time stamp of the latest rule base is inconsistent with the time stamp of the data verification rule, the latest data verification rule in the database is extracted, and the data verification rule is updated to be the latest data verification rule; and when the target check rule does not exist, constructing the data check rule of the application service request.
The time stamp is a time stamp of each piece of data in the blockchain, and the event on the blockchain can be prevented from being tampered by others through the time stamp.
Further, as another embodiment of the present invention, when the target check rule does not exist, the data check rule for constructing the application service request is consistent with the method for configuring the data check rule of the application program in the first-level cache, which is not described herein.
The embodiment of the invention returns to the original path after updating the data verification rule by returning to execute the step of synchronizing the data verification rule into the secondary cache of the preset reverse proxy server, so as to carry out the re-verification on the application service request.
As an embodiment of the present invention, the step of returning to execute the step of synchronizing the data check rule to the secondary cache of the preset reverse proxy server is implemented by the preset reverse proxy server.
S5, when the application service request is successfully checked, inquiring request data of the application service request through the preset reverse proxy server, and returning the request data to the application program.
The embodiment of the invention queries the request data of the application service request through the preset reverse proxy server, and is used for transmitting the request data to the application program through the preset reverse proxy server after the request data of the application service request is queried.
As an embodiment of the present invention, the querying, by the preset reverse proxy server, the request data of the application service request includes: converting the application service request into a corresponding request data function through the preset reverse proxy server; reversely proxy the request data function to a database server through the preset reverse proxy server; identifying, in the database server, a data resource path of the application service request by the request data function; and inquiring the request data according to the data resource path.
When the application service request is a user login request, the converting the application service request into a corresponding request data function by the preset reverse proxy server converts the user login request into an access product request and an access order request, wherein the access product request and the access order request are the request data function; the request data function is reversely proxied to a database server through the preset reverse proxy server through the reverse proxy function of the preset reverse proxy server; and in the database server, identifying the data resource path of the application service request through the request data function through routing.
The embodiment of the invention returns the request data to the application program so as to be used for responding to the application service request of the application program and timely returning the response result to the application program.
As an embodiment of the present invention, the returning the request data to the application program is implemented by the preset reverse proxy server.
It can be seen that, in the embodiment of the present invention, by acquiring an application program of an application service request to be sent, for obtaining a history application service request from the application program subsequently, and constructing rules for the application service request to be sent according to the history application service request, further, by constructing a first-level cache between a preset reverse proxy server and the application program by using a preset scripting language, for reducing space pressure of the preset reverse proxy server by using an embedded scripting programming function provided by the preset scripting language in the preset reverse proxy server, further, in the embodiment of the present invention, by configuring a data verification rule of the application program in the first-level cache, for storing the data verification rule in the first-level cache in advance, the problem of rate mismatch between the preset reverse proxy server and the local cache of the application program is reduced through the first-level cache, further, the embodiment of the invention obtains the synchronous check rule by synchronizing the data check rule into the second-level cache of the preset reverse proxy server, so as to be used for checking the application service request when checking the application request, and reduces the delay of service call by acquiring the check rule from the second-level cache, further, the embodiment of the invention obtains the content of the application service request by receiving the application service request sent by the application program, performs safety check on the application service request through the synchronous check rule, improves the safety of the system, and further, the embodiment of the invention checks the application service request by utilizing the synchronous check rule according to the service type, the method and the device are used for reducing the first-level cache acquisition rule of the reverse proxy server, converting the first-level cache acquisition rule into the second-level cache acquisition rule of the reverse proxy server to check the application service request, reducing the delay degree of the check request and simultaneously realizing zero consumption of the reverse proxy server when checking the application service request, further, the method and the device are used for transmitting the request data to the application program through the preset reverse proxy server after the data check rule is not met and is not updated through check failure, and the like, so that the data check rule is updated in time, further, the method and the device are used for returning the request data to the application program through the preset reverse proxy server after the data check rule is updated, and further, the method and the device are used for responding the request data to the application program and returning the application program through the application program. Therefore, the embodiment of the invention can reduce the delay of the application service call.
Fig. 7 is a functional block diagram of an application service calling device according to an embodiment of the present invention.
The application service invocation apparatus 100 of the present invention may be installed in an electronic device. Depending on the implemented functions, the application service invocation apparatus 100 may include a verification rule configuration module 101, a verification rule synchronization module 102, an application service verification module 103, a verification rule update module 104, and a request data return module 105. The module of the invention, which may also be referred to as a unit, refers to a series of computer program segments, which are stored in the memory of the electronic device, capable of being executed by the processor of the electronic device and of performing a fixed function.
In the present embodiment, the functions concerning the respective modules/units are as follows:
the verification rule configuration module 101 is configured to obtain an application program to be sent with an application service request, construct a first-level cache between a preset reverse proxy server and the application program by using a preset scripting language, and configure a data verification rule of the application program in the first-level cache;
the check rule synchronization module 102 is configured to synchronize the data check rule to a second level cache of the preset reverse proxy server to obtain a synchronization check rule;
The application service verification module 103 is configured to receive an application service request sent by the application program, identify a service type of the application service request, and verify the application service request according to the service type by using the synchronization verification rule;
The verification rule updating module 104 is configured to, when the verification of the application service request fails, update the data verification rule, and then return to execute the step of synchronizing the data verification rule to the secondary cache of the preset reverse proxy server;
The request data returning module 105 is configured to query, when the verification of the application service request is successful, request data of the application service request through the preset reverse proxy server, and return the request data to the application program.
In detail, each module in the application service invocation apparatus 100 in the embodiment of the present application adopts the same technical means as the application service invocation method described in fig. 1 to 3 and can produce the same technical effects when in use, and will not be described again here.
Fig. 8 is a schematic structural diagram of an electronic device 1 implementing an application service invocation method according to an embodiment of the present invention.
The electronic device 1 may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as an application service invocation program, stored in the memory 11 and being executable on the processor 10.
The processor 10 may be formed by an integrated circuit in some embodiments, for example, a single packaged integrated circuit, or may be formed by a plurality of integrated circuits packaged with the same function or different functions, including one or more central processing units (Central Processing Unit, CPU), microprocessors, digital processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the electronic device 1, connects respective parts of the entire electronic device using various interfaces and lines, executes programs or modules stored in the memory 11 (for example, executes an application service calling program or the like) and calls data stored in the memory 11 to perform various functions of the electronic device and process data.
The memory 11 includes at least one type of readable storage medium including flash memory, a removable hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a magnetic memory, a magnetic disk, an optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device, such as a mobile hard disk of the electronic device. The memory 11 may also be an external storage device of the electronic device in other embodiments, such as a plug-in mobile hard disk, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD) or the like, which are provided on the electronic device. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device. The memory 11 may be used not only for storing application software installed in an electronic device and various types of data, such as codes of application service invoker programs, but also for temporarily storing data that has been output or is to be output.
The communication bus 12 may be a peripheral component interconnect standard (PERIPHERAL COMPONENT INTERCONNECT, PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, among others. The bus may be classified as an address bus, a data bus, a control bus, etc. The bus is arranged to enable a connection communication between the memory 11 and at least one processor 10 etc.
The communication interface 13 is used for communication between the electronic device 1 and other devices, including a network interface and a user interface. Optionally, the network interface may include a wired interface and/or a wireless interface (e.g., WI-FI interface, bluetooth interface, etc.), typically used to establish a communication connection between the electronic device and other electronic devices. The user interface may be a Display (Display), an input unit such as a Keyboard (Keyboard), or alternatively a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch, or the like. The display may also be referred to as a display screen or display unit, as appropriate, for displaying information processed in the electronic device and for displaying a visual user interface.
Fig. 8 shows only an electronic device with components, and it will be appreciated by a person skilled in the art that the structure shown in fig. 8 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or may combine certain components, or may be arranged in different components.
For example, although not shown, the electronic device 1 may further include a power source (such as a battery) for supplying power to each component, and preferably, the power source may be logically connected to the at least one processor 10 through a power management device, so that functions of charge management, discharge management, power consumption management, and the like are implemented through the power management device. The power supply may also include one or more of any of a direct current or alternating current power supply, recharging device, power failure detection circuit, power converter or inverter, power status indicator, etc. The electronic device 1 may further include various sensors, bluetooth modules, wi-Fi modules, etc., which will not be described herein.
It should be understood that the embodiments described are for illustrative purposes only and are not limited to this configuration in the scope of the patent application.
The application service invocation program stored in the memory 11 in the electronic device 1 is a combination of instructions that, when executed in the processor 10, may implement:
acquiring an application program of an application service request to be sent, constructing a first-level cache between a preset reverse proxy server and the application program by using a preset script language, and configuring a data verification rule of the application program in the first-level cache;
Synchronizing the data verification rule to a second-level cache of the preset reverse proxy server to obtain a synchronization verification rule;
receiving an application service request sent by the application program, identifying the service type of the application service request, and checking the application service request by utilizing the synchronous check rule according to the service type;
When the verification of the application service request fails, after updating the data verification rule, returning to execute the step of synchronizing the data verification rule to the secondary cache of the preset reverse proxy server;
and when the application service request is successfully checked, inquiring request data of the application service request through the preset reverse proxy server, and returning the request data to the application program.
In particular, the specific implementation method of the above instructions by the processor 10 may refer to the description of the relevant steps in the corresponding embodiment of the drawings, which is not repeated herein.
Further, the modules/units integrated in the electronic device 1 may be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as separate products. The computer readable storage medium may be volatile or nonvolatile. For example, the computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM).
The present invention also provides a computer readable storage medium storing a computer program which, when executed by a processor of an electronic device, can implement:
acquiring an application program of an application service request to be sent, constructing a first-level cache between a preset reverse proxy server and the application program by using a preset script language, and configuring a data verification rule of the application program in the first-level cache;
Synchronizing the data verification rule to a second-level cache of the preset reverse proxy server to obtain a synchronization verification rule;
receiving an application service request sent by the application program, identifying the service type of the application service request, and checking the application service request by utilizing the synchronous check rule according to the service type;
When the verification of the application service request fails, after updating the data verification rule, returning to execute the step of synchronizing the data verification rule to the secondary cache of the preset reverse proxy server;
and when the application service request is successfully checked, inquiring request data of the application service request through the preset reverse proxy server, and returning the request data to the application program.
In the several embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is merely a logical function division, and there may be other manners of division when actually implemented.
The modules described as separate components may or may not be physically separate, and components shown as modules may or may not be physical units, may be located in one place, or may be distributed over multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional module in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units can be realized in a form of hardware or a form of hardware and a form of software functional modules.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof.
The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like. The blockchain (Blockchain), essentially a de-centralized database, is a string of data blocks that are generated in association using cryptographic methods, each of which contains information from a batch of network transactions for verifying the validity (anti-counterfeit) of its information and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, an application services layer, and the like.
The embodiment of the application can acquire and process the related data based on the artificial intelligence technology. Wherein artificial intelligence (ARTIFICIAL INTELLIGENCE, AI) is the theory, method, technique, and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend, and expand human intelligence, sense the environment, acquire knowledge, and use knowledge to obtain optimal results.
Furthermore, it is evident that the word "comprising" does not exclude other elements or steps, and that the singular does not exclude a plurality. A plurality of units or means recited in the system claims can also be implemented by means of software or hardware by means of one unit or means. The terms first, second, etc. are used to denote a name, but not any particular order.
Finally, it should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made to the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention.

Claims (9)

1. An application service invocation method, the method comprising:
Acquiring an application program of an application service request to be sent, acquiring the maximum concurrency number of the application program, analyzing a cache space of a preset reverse proxy server according to the maximum concurrency number, configuring a preset script language in the preset reverse proxy server, constructing a first-level cache in the cache space by using the preset script language, and configuring a data verification rule of the application program in the first-level cache, wherein the data verification rule is a rule for verifying the application service request sent by the application program;
Synchronizing the data verification rule to a second-level cache of the preset reverse proxy server to obtain a synchronization verification rule;
receiving an application service request sent by the application program, identifying the service type of the application service request, and checking the application service request by utilizing the synchronous check rule according to the service type;
When the verification of the application service request fails, after updating the data verification rule, returning to execute the step of synchronizing the data verification rule to the secondary cache of the preset reverse proxy server;
and when the application service request is successfully checked, inquiring request data of the application service request through the preset reverse proxy server, and returning the request data to the application program.
2. The application service invocation method of claim 1, wherein said configuring data verification rules of said application in said level one cache comprises:
acquiring a historical application service request of the application program, and classifying the historical application service request to obtain a classification request;
Extracting a field value from the classified request, and analyzing the request intention of the classified request according to the field value;
and constructing a check rule of the application program in the first-level cache according to the request intention, and converting the check rule into a regular expression format to obtain the data check rule.
3. The application service invocation method of claim 1, wherein synchronizing the data check rule into the secondary cache of the preset reverse proxy server to obtain a synchronization check rule comprises:
Identifying a logical address of the data verification rule in the preset reverse proxy server;
converting the logical address into a physical address of the data checking rule in the secondary cache through a conversion rule;
And synchronizing the data checking rule to the physical address of the secondary cache to obtain the synchronous checking rule.
4. The application service invocation method of claim 1, wherein said identifying the service type of the application service request comprises:
identifying a session object of the application service request;
extracting a service account number of the application service request from the session object;
and obtaining the service type of the application service request through the service account.
5. The application service invocation method of claim 1, wherein said verifying said application service request with said synchronization verification rule according to said service type comprises:
inquiring a target check rule of the application service request from the synchronous check rule according to the service type;
acquiring a random number parameter and a first check parameter of the application service request, and constructing a second check parameter of the target check rule and the random number parameter through base64 coding;
consistency verification is carried out on the first verification parameter and the second verification parameter;
When the consistency check of the first check parameter and the second check parameter is successful, the synchronous check rule checks the application service request successfully;
and when the consistency check of the first check parameter and the second check parameter fails, the check of the application service request by the synchronous check rule fails.
6. The application service invocation method of claim 1, wherein said updating said data verification rule comprises:
inquiring a target check rule of the application service request from the data check rule;
when the target check rule exists, acquiring a latest rule base time stamp from a database, identifying the time stamp of the target check rule, and comparing the latest rule base time stamp with the time stamp of the target check rule;
When the time stamp of the latest rule base is inconsistent with the time stamp of the data verification rule, the latest data verification rule in the database is extracted, and the data verification rule is updated to be the latest data verification rule;
And when the target check rule does not exist, constructing the data check rule of the application service request.
7. An application service invocation apparatus, the apparatus comprising:
The system comprises a verification rule configuration module, a verification rule configuration module and a verification rule processing module, wherein the verification rule configuration module is used for acquiring an application program of an application service request to be sent, acquiring the maximum concurrency number of the application program, analyzing a cache space of a preset reverse proxy server according to the maximum concurrency number, configuring a preset script language in the preset reverse proxy server, constructing a first-level cache in the cache space by utilizing the preset script language, and configuring a data verification rule of the application program in the first-level cache, wherein the data verification rule is a rule for verifying the application service request sent by the application program;
the check rule synchronization module is used for synchronizing the data check rule into the secondary cache of the preset reverse proxy server to obtain a synchronous check rule;
The application service verification module is used for receiving an application service request sent by the application program, identifying the service type of the application service request, and verifying the application service request by utilizing the synchronous verification rule according to the service type;
The verification rule updating module is used for returning to execute the step of synchronizing the data verification rule into the secondary cache of the preset reverse proxy server after updating the data verification rule when the verification of the application service request fails;
And the request data return module is used for inquiring the request data of the application service request through the preset reverse proxy server and returning the request data to the application program when the verification of the application service request is successful.
8. An electronic device, the electronic device comprising:
at least one processor; and
A memory communicatively coupled to the at least one processor; wherein,
The memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the application service invocation method of any of claims 1 to 6.
9. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the application service invocation method of any one of claims 1 to 6.
CN202210588719.6A 2022-05-26 2022-05-26 Application service calling method, device, equipment and storage medium Active CN114915483B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210588719.6A CN114915483B (en) 2022-05-26 2022-05-26 Application service calling method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210588719.6A CN114915483B (en) 2022-05-26 2022-05-26 Application service calling method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN114915483A CN114915483A (en) 2022-08-16
CN114915483B true CN114915483B (en) 2024-07-23

Family

ID=82767915

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210588719.6A Active CN114915483B (en) 2022-05-26 2022-05-26 Application service calling method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114915483B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113918857A (en) * 2021-10-14 2022-01-11 国家税务总局山东省税务局 Three-level cache acceleration method for improving performance of distributed WEB application system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130091266A1 (en) * 2011-10-05 2013-04-11 Ajit Bhave System for organizing and fast searching of massive amounts of data
US10255336B2 (en) * 2015-05-07 2019-04-09 Datometry, Inc. Method and system for transparent interoperability between applications and data management systems
CN107704582A (en) * 2017-10-08 2018-02-16 安徽康佳电子有限公司 A kind of closed loop Ecological feed-back catenary system based on server and webpage
US11206313B1 (en) * 2020-09-09 2021-12-21 Oracle International Corporation Surrogate cache for optimized service access with compact user objects and offline database updates

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113918857A (en) * 2021-10-14 2022-01-11 国家税务总局山东省税务局 Three-level cache acceleration method for improving performance of distributed WEB application system

Also Published As

Publication number Publication date
CN114915483A (en) 2022-08-16

Similar Documents

Publication Publication Date Title
CN110602052B (en) Micro-service processing method and server
CN110535971B (en) Interface configuration processing method, device, equipment and storage medium based on block chain
CN111163182B (en) Block chain-based device registration method and apparatus, electronic device, and storage medium
TWI678909B (en) Safety authentication method, device and system
CN113422686B (en) Gateway layer authentication method, system, electronic device and storage medium
US20200120039A1 (en) Systems and methods for controlling access to broker resources
CN112506559B (en) Gray release method and device based on gateway, electronic equipment and storage medium
CN114844792B (en) Dynamic monitoring method, device, equipment and storage medium based on LUA language
CN114185743B (en) A data processing method, device, computer equipment and storage medium
CN111651121B (en) Data logic calculation method, device, electronic device and storage medium
US20230298021A1 (en) Method for acquiring a random number for blockchain, device and storage medium
CN114827161B (en) Service call request sending method and device, electronic equipment and readable storage medium
CN115941352A (en) Information security interaction method, device, electronic equipment and storage based on big data
CN114793244A (en) Resource processing method, device, equipment and medium for block chain
CN114915483B (en) Application service calling method, device, equipment and storage medium
CN113221154A (en) Service password obtaining method and device, electronic equipment and storage medium
CN113127109A (en) Interface calling method and device, electronic equipment and readable storage medium
CN114938293B (en) NGINX data tracing method, device, equipment and storage medium based on block chain
CN117527400A (en) Login authentication method and device, electronic equipment and storage medium
CN113704000B (en) Service access optimization method, device, equipment and medium
CN115033605A (en) Data query method and device, electronic equipment and storage medium
CN116070191A (en) Information processing method and device, storage medium, and program product
CN115222392A (en) Service access method, device, medium and electronic equipment based on block chain
CN113364821A (en) Functional service access method, device and storage medium
CN114710352B (en) Password calling method and device of PHP system, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant