Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Token interface degradation method and storage medium

A token and interface technology, applied in the field of security verification, can solve problems such as security risks, algorithm leakage, security risks, etc., to ensure normal use, and achieve the effect of functionality and security.

Active Publication Date: 2020-11-20
FUJIAN TIANQUAN EDUCATION TECH LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, since there is no verification in the downgrade process, there are serious hidden dangers in security
Another way to downgrade is to verify locally after each caller’s authentication interface fails, but the local needs to know the token parsing algorithm; if the caller implements local verification, the algorithm will be leaked and cause greater damage. Security risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Token interface degradation method and storage medium
  • Token interface degradation method and storage medium
  • Token interface degradation method and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0064] Please refer to figure 2 , this embodiment provides a method for downgrading the token interface, which supports the caller to independently and flexibly configure the required token verification method, so as to be more suitable for remote verification methods such as the remote token verification interface due to network jitter or failure to respond In the event of failure, ensure that token verification can still be performed safely, and solve the problem that the existing token verification service cannot be provided normally, which affects business processing or directly skips the verification step and brings security risks.

[0065] The method of this embodiment may include:

[0066] 1. Pre-deployment

[0067] Suppose the generation rules of the token string (token) are:

[0068] {token version number}_{Token type}_{account type}_{account ID}_{expiration time}_{issuance area}_{5-digit random number}, this is the original plaintext string of the token; The stri...

Embodiment 2

[0101] This embodiment corresponds to Embodiment 1, and provides a specific application scenario, including:

[0102] 1. Assume that the generation rules of the token string are: {token version number}_{Token type}_{account type}_{account ID}_{expiration time}_{issuing area}_{5-digit random number}, this is The original plaintext string of the token, after the string is encrypted by the des encryption method and a fixed encryption key is set, the result obtained is the final token string (ciphertext). The algorithm for parsing the token string (ciphertext) is to use the des decryption method, and also use the same key to analyze the token string, and then obtain the plaintext of the token string.

[0103] 2. There is a UC system, which is what we call the account center system. For the functions of this system, an sdk tool will be provided, that is, a code tool usually provided in the java language, which can package the java language into an sdk tool for other java Systemati...

Embodiment 3

[0123] This embodiment corresponds to Embodiment 1 or Embodiment 2, and provides a computer-readable storage medium on which a computer program is stored. When the program is executed by a processor, it can realize the above-mentioned embodiment 1 or Embodiment 2. The steps involved in a method of token interface downgrade. The specific steps will not be repeated here, please refer to the descriptions of Embodiment 1 and Embodiment 2 for details.

[0124] To sum up, the method and storage medium for downgrading the token interface provided by the present invention realize the automatic reduction and upgrade of the verification mode, can adapt to the current scene, and ensure the safe and normal provision of verification services; and no need to restart Realize the automatic switching of the verification mode and improve the efficiency. Furthermore, the local verification method is improved, which significantly improves the security of the algorithm; further, three token inter...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a token interface degradation method and a storage medium. The token interface degradation method comprises the steps of: S1, acquiring and analyzing a token verification algorithm; S2, packaging the analyzed token verification algorithm into a token algorithm analysis packet, and storing the token algorithm analysis packet into a local dynamic link library; S3, when the failure frequency of remotely calling a token verification interface reaches a preset frequency, starting a local verification strategy, wherein the local verification strategy is executed by calling thetoken algorithm analysis packet in the local dynamic link library to perform token verification; and S4, when execution duration of the local verification strategy exceeds preset duration, restartinga remote verification strategy. The token interface degradation method can realize automatic reduction and upgrading of the verification mode without restarting, can adapt to the current scene, ensures that the verification service is provided safely and normally, is efficient, improves the security of the local verification mode, provides three token interface calling methods, can be flexibly configured and switched by a user, and ensures that services are provided for business.

Description

technical field [0001] The invention relates to the field of safety verification, in particular to a token interface downgrading method and a storage medium. Background technique [0002] The single sign-on and third-party login functions provided by most websites follow the OAuth2.0 protocol. Although the details of most websites are not consistent, and may even be extended based on the OAuth2.0 protocol, the basic process is certain, and the process is roughly as follows: [0003] 1. The third-party application requests authorization from the authentication server; [0004] 2. The user informs the authentication server to agree to the authorization (usually through the user scanning the code or entering the user name and password); [0005] 3. The authentication server notifies the third-party application of the authorization code (code); [0006] 4. The third-party application uses the authorization code (code) to apply for an Access Token from the authentication serve...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32
CPCH04L63/0807H04L9/3213
Inventor 刘德建林伟郭玉湖陈宏
Owner FUJIAN TIANQUAN EDUCATION TECH LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com