CN117591105A

CN117591105A - Interface call processing method and device

Info

Publication number: CN117591105A
Application number: CN202311611641.6A
Authority: CN
Inventors: 贺瑞宏
Original assignee: China Construction Bank Corp; CCB Finetech Co Ltd
Current assignee: China Construction Bank Corp; CCB Finetech Co Ltd
Priority date: 2023-11-29
Filing date: 2023-11-29
Publication date: 2024-02-23

Abstract

The invention discloses an interface call processing method and device, and relates to the technical field of data security. One embodiment of the method comprises the following steps: receiving a call request of an intermediate interface of a target activity; acquiring configuration information of a target activity according to the activity number, acquiring an interface dictionary name corresponding to the interface serial number from the configuration information, and acquiring a method name from an interface dictionary item corresponding to the interface dictionary name; determining a called intermediate interface according to the method name, and performing format conversion processing on interface parameters according to an encapsulation interface document of the intermediate interface; and sending the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service to obtain a processing result returned by the third party interface, and returning the processing result to the rear end of the application program after format conversion. According to the embodiment, through unified middle layer management, the calling and maintenance processes of a plurality of third party interfaces are simplified, and the development efficiency and the maintainability of the system are improved.

Description

Interface call processing method and device

Technical Field

The present invention relates to the field of data security technologies, and in particular, to a method and an apparatus for processing interface calls.

Background

Typically in developing a marketing campaign, it is necessary to query for different third party interface data, such as: query whether the coupon is approved, etc. Because the third party interface has different data sources, the protocol types, the data encryption modes, the data structures and the like of different interfaces are diversified, and more time and effort are required to be consumed to complete the docking, so that the reusability needs to be improved as much as possible.

Meanwhile, with the continuous expansion of the service scale and the expansion and change of developers, repeated butt joint of some butt-jointed third party interfaces occurs, or operators and managers cannot know that each activity calls the third party interfaces, the operators and the managers must rely on the developers to check through checking source codes, statistical management is inconvenient, and potential safety risks of interface abuse exist.

Disclosure of Invention

In view of this, the embodiments of the present invention provide a method and an apparatus for processing interface call, which at least can solve the problems of complexity, insufficient flexibility, and performance bottleneck existing in the prior art when a third party interface is called.

To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided an interface call processing method, including:

Receiving a call request of an intermediate interface of a target activity; the calling request is generated by the back end of the application program based on the activity number, the interface serial number and the interface parameter of the target activity;

acquiring configuration information of a target activity according to the activity number, acquiring an interface dictionary name corresponding to the interface serial number from the configuration information, and acquiring a method name from an interface dictionary item corresponding to the interface dictionary name; the interface dictionary names are used for describing interface functions;

determining a called intermediate interface according to the method name, and performing format conversion processing on the interface parameters according to the encapsulation interface document of the intermediate interface;

and sending the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service to obtain a processing result returned by the third party interface, and returning the processing result to the rear end of the application program after format conversion.

Optionally, the call request further includes a permission token of the target activity, and the obtaining, from the configuration information, an interface dictionary name corresponding to the interface serial number includes:

and acquiring a real authority token from the configuration information, and acquiring an interface dictionary name corresponding to the interface serial number from the configuration information in response to the authority token being identical to the real authority token.

Optionally, before the receiving the call request to the intermediate interface of the target activity, the method further comprises:

receiving an activity number and an authority token configured for a target activity, and an interface serial number and an interface dictionary name of a configured intermediate interface;

inquiring corresponding interface dictionary items according to the interface dictionary names, and acquiring interface dictionary document paths from the interface dictionary items;

and downloading corresponding encapsulation interface documents from the first database according to the interface dictionary document paths so as to generate target activity configuration information and sending the target activity configuration information to the back end of the application program.

Optionally, the method further comprises:

receiving interface dictionary items configured for each intermediate interface; the interface dictionary item comprises an interface dictionary name, an interface dictionary document path and a method name used by an interface, wherein the interface dictionary document path is a download link of a packaged interface document in a first database;

the interface dictionary entries for each intermediate interface are stored in a second database.

Optionally, the method further comprises:

according to a preset encryption rule, carrying out encryption processing on the interface parameters to obtain encryption parameters;

generating a call request of an intermediate interface of the target activity based on the activity number, the interface serial number and the encryption parameter of the target activity;

Before the format conversion processing is performed on the interface parameters according to the encapsulated interface document of the intermediate interface, the method further comprises:

and decrypting the encryption parameters by using a decryption rule corresponding to the preset encryption rule to obtain decryption parameters.

Optionally, the method further comprises:

acquiring a current time stamp, and processing the interface parameter and the current time stamp by using a preset algorithm to obtain a check bit;

generating a call request of an intermediate interface of the target activity based on the activity number, the interface serial number, the interface parameter, the current time stamp and the check bit of the target activity;

and processing the interface parameter and the current time stamp by using a preset algorithm to obtain a new check bit, and determining that the interface parameter is available in response to the new check bit being identical to the check bit.

Optionally, the method further comprises:

acquiring a parameter format configured for a third party interface in advance, determining a target parameter format, and establishing a conversion relationship between the parameter format and the target parameter format; the intermediate interfaces all use a target parameter format;

And generating an intermediate interface corresponding to the third-party interface in the intermediate layer, and generating an encapsulation interface document of the intermediate interface based on the conversion relation.

Optionally, the packaged interface document further includes an authority token of a third party interface, and the method further includes:

receiving an authority token configured for a third party interface; the permission token is used for obtaining the calling permission of the third party interface through authentication;

the interface parameters after the format conversion are described, sending the message to a third party interface corresponding to the intermediate interface in a third party service, including:

and generating a third-party interface calling request based on the interface parameters and the authority tokens after format conversion, and sending the third-party interface calling request to a third-party interface corresponding to the intermediate interface in the third-party service.

Optionally, the package interface document further includes a communication protocol of a third party interface, and the method further includes:

receiving a communication protocol configured for a third party interface;

the sending the interface parameters after format conversion to the third party interface corresponding to the intermediate interface in the third party service includes:

and determining a third party interface corresponding to the intermediate interface in the third party service, and transmitting the interface parameters after format conversion to the third party interface according to a communication protocol of the third party interface.

Optionally, the package interface document further includes an error handling and retry mechanism, the method further comprising:

and under the condition that the processing result is failure, triggering an error processing and retry mechanism to send the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service again, and repeating the operation until the processing result is success or the retry times reach the upper limit.

To achieve the above object, according to another aspect of the embodiments of the present invention, there is provided an interface call processing apparatus applied to an intermediate layer between a back end of an application program and a third party service, the third party interface being located in the third party service, including:

the receiving module is used for receiving a call request of an intermediate interface of the target activity; the calling request is generated by the back end of the application program based on the activity number, the interface serial number and the interface parameter of the target activity;

the determining module is used for acquiring configuration information of a target activity according to the activity number, acquiring an interface dictionary name corresponding to the interface serial number from the configuration information, and acquiring a method name from an interface dictionary item corresponding to the interface dictionary name; the interface dictionary names are used for describing interface functions;

The processing module is used for determining a called intermediate interface according to the method name and performing format conversion processing on the interface parameters according to the encapsulation interface document of the intermediate interface;

and the transmission module is used for transmitting the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service to obtain a processing result returned by the third party interface, and returning the processing result to the rear end of the application program after format conversion.

Optionally, the call request further includes a rights token of the target activity, and the determining module is configured to:

Optionally, the apparatus further includes a first configuration module configured to:

Optionally, the apparatus further comprises a second configuration module for:

Optionally, the apparatus further comprises:

the processing module is further configured to: and decrypting the encryption parameters by using a decryption rule corresponding to the preset encryption rule to obtain decryption parameters.

Optionally, the apparatus further comprises:

The processing module is further configured to: and processing the interface parameter and the current time stamp by using a preset algorithm to obtain a new check bit, and determining that the interface parameter is available in response to the new check bit being identical to the check bit.

Optionally, the apparatus further comprises a packaging module for:

Optionally, the package interface document further includes an authority token of a third party interface, and the package module is further configured to:

the processing module is used for: and generating a third-party interface calling request based on the interface parameters and the authority tokens after format conversion, and sending the third-party interface calling request to a third-party interface corresponding to the intermediate interface in the third-party service.

Optionally, the package interface document further includes a communication protocol of a third party interface, and the package module is further configured to:

receiving a communication protocol configured for a third party interface;

the processing module is used for: and determining a third party interface corresponding to the intermediate interface in the third party service, and transmitting the interface parameters after format conversion to the third party interface according to a communication protocol of the third party interface.

Optionally, the package interface document further includes an error handling and retry mechanism, and the processing module is configured to: and under the condition that the processing result is failure, triggering an error processing and retry mechanism to send the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service again, and repeating the operation until the processing result is success or the retry times reach the upper limit.

To achieve the above object, according to still another aspect of the embodiments of the present invention, there is provided an interface call processing electronic device.

The electronic equipment of the embodiment of the invention comprises: one or more processors; and the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors are enabled to realize the interface calling processing method.

To achieve the above object, according to still another aspect of the embodiments of the present invention, there is provided a computer-readable medium having stored thereon a computer program which, when executed by a processor, implements any of the above-described interface call processing methods.

To achieve the above object, according to still another aspect of an embodiment of the present invention, there is provided a computer program product. The computer program product of the embodiment of the invention comprises a computer program, and the program is executed by a processor to realize the interface calling processing method provided by the embodiment of the invention.

According to the solution provided by the present invention, one embodiment of the above invention has the following advantages or beneficial effects: a customized and efficient middle layer is established between the rear end of the application program and the third party service, and the complex interface calling logic is hidden in the middle layer by packaging the third party interface, so that development difficulty and risk are reduced, the third party interface is not exposed externally, and only the middle layer interface is exposed. Through unified middle layer management, the calling and maintenance processes of a plurality of third party interfaces are simplified, and developers can solve the problems of complexity, insufficient flexibility, performance bottleneck and the like in the prior art through a unified interface calling mode, so that the learning cost of different interfaces is reduced, and the development efficiency and the maintainability of a system are improved.

Further effects of the above-described non-conventional alternatives are described below in connection with the embodiments.

Drawings

The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:

FIG. 1 is a schematic flow diagram of an interface call processing method according to an embodiment of the present invention;

FIG. 2 (a) is a schematic diagram of configuration activity information;

FIG. 2 (b) is a schematic diagram of configuration interface dictionary items;

FIG. 3 is a flow diagram of an alternative interface call processing method according to an embodiment of the invention;

FIG. 4 is a flow diagram of an alternative interface call processing method according to an embodiment of the invention;

FIG. 5 is a schematic diagram of the main modules of an interface call processing apparatus according to an embodiment of the present invention;

FIG. 6 is an exemplary system architecture diagram in which embodiments of the present invention may be applied;

fig. 7 is a schematic diagram of a computer system suitable for use in implementing a mobile device or server of an embodiment of the invention.

Detailed Description

Exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, in which various details of the embodiments of the present invention are included to facilitate understanding, and are to be considered merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

It is noted that embodiments of the invention and features of the embodiments may be combined with each other without conflict. In the technical scheme of the invention, the related aspects of acquisition, analysis, use, transmission, storage and the like of the personal information of the user accord with the regulations of related laws and regulations, are used for legal and reasonable purposes, are not shared, leaked or sold outside the legal use aspects and the like, and are subjected to supervision and management of a supervision department. Necessary measures should be taken for the personal information of the user to prevent illegal access to such personal information data, ensure that personnel having access to the personal information data comply with the regulations of the relevant laws and regulations, and ensure the personal information of the user.

Once these user personal information data are no longer needed, the risk should be minimized by limiting or even prohibiting the data collection and/or deletion. User privacy is protected, when applicable, by de-identifying the data, including in some related applications, such as by removing a particular identifier (e.g., date of birth, etc.), controlling the amount or specificity of stored data (e.g., collecting location data at a city level rather than at a specific address level), controlling how the data is stored, and/or other methods.

Referring to fig. 1, a main flowchart of an interface call processing method provided by an embodiment of the present invention is shown, including the following steps:

s101: receiving a call request of an intermediate interface of a target activity; the calling request is generated by the back end of the application program based on the activity number, the interface serial number and the interface parameter of the target activity;

s102: acquiring configuration information of a target activity according to the activity number, acquiring an interface dictionary name corresponding to the interface serial number from the configuration information, and acquiring a method name from an interface dictionary item corresponding to the interface dictionary name; the interface dictionary names are used for describing interface functions;

s103: determining a called intermediate interface according to the method name, and performing format conversion processing on the interface parameters according to the encapsulation interface document of the intermediate interface;

s104: and sending the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service to obtain a processing result returned by the third party interface, and returning the processing result to the rear end of the application program after format conversion.

In the above embodiment, the unified middle layer of the third party interface is a middleware located between the application program and the third party service, and in order to improve the multiplexing of the third party interface, a middle layer is arranged between the rear end (i.e. the calling party) of the application program and the third party service, so that the visual management and unified standard use of all the third party interfaces are realized through the middle layer, meanwhile, the complexity of accessing the third party interface by a developer can be reduced, the difficulty of developing and maintaining the application program is reduced, and the expandability, flexibility and stability of the system are improved.

For step S101, the back end of the application program responds to the access operation of the target activity in the application program, and transmits the call request for the intermediate interface in the target activity, and in this scheme, the third party interface is not exposed to the outside, and only the intermediate interface of the intermediate layer interacts with the external application program. In practice, there may be a plurality of activities, and to distinguish these activities, an activity number, such as XX1, YY1, may be configured for each activity. Different intermediate interfaces have different interface serial numbers, such as 001 and 002, the interface serial numbers correspond to the names of the intermediate interfaces, the specific interface which the calling party wants to call can be determined through the active serial numbers and the interface serial numbers, and the interface serial numbers are used for replacing the intermediate interface names so as to reduce the exposure of the related information of the interfaces in parameters as much as possible. The interface parameters are input parameters required by the interface of the middle layer.

For step S102, an activity number and a rights token are configured for each activity in advance in the activity background management system, and intermediate interface information is configured; the intermediate interface information includes an interface serial number and an interface dictionary name, as shown in fig. 2 (a), where the interface serial number is the serial number of the intermediate interface, such as 001 and 002. Different activities call different intermediate interfaces, specifically according to intermediate layer staff configuration.

The interface dictionary name is used to describe the interface function, such as the login and authentication of the function of the login authentication interface. The rights token is, for example, WIEASODNASK210-AN2EMLA20MD, and is a rights token of the target activity, and is used for authenticating and identifying the access rights to the target activity, where the rights token of the activity is automatically generated by the system, the rights tokens of different activities are different, and after the same activity is changed, the rights token may also change.

The interface document is a packaged interface document of the intermediate interface, is a document for technical docking, can be regarded as related document description of the interface, and is written and maintained by a person packaging the interface so that a developer can review and understand specific information of each interface. In this scheme, the interface document is used to determine the corresponding interface dictionary item according to the interface dictionary name, and the path of the interface dictionary document is obtained from the interface dictionary item, as shown in fig. 2 (b). The interface dictionary document path is essentially an interface document download link for generating a download link after uploading the intermediate layer's packaged interface document to the document database MongoDB (i.e., the first database). Thus, the encapsulated interface document of the intermediate interface can be obtained from the document database MongoDB through the interface dictionary document, and then the encapsulated interface document is uploaded to the active background management system.

Through the above description, the correspondence between the interface serial number and the interface dictionary name can be established. An activity may need to call multiple intermediate interfaces, and by clicking the "+" sign in the page, the intermediate interface adding function may be implemented, and a correspondence between the corresponding interface serial number and the interface dictionary name may be established. And finally, the activity configuration activity number, the authority token, the interface information of each intermediate interface and the encapsulation interface document are sent to an application program activity back-end staff.

Therefore, after the middle layer receives the call request of the middle interface of the target activity, which is transmitted by the back end of the application program, the configuration information of the target activity is firstly obtained according to the activity number in the call request, the configuration information is shown in fig. 2 (a), so as to obtain the interface dictionary name corresponding to the interface serial number from the configuration information, and further obtain the method name from the interface dictionary item shown in fig. 2 (b) according to the interface dictionary name. The interface dictionary entries for each intermediate interface may be stored in a common Mysql database (i.e., the second database).

As can be seen from fig. 2 (a) and the foregoing description, in this solution, an entitlement token needs to be configured for a target activity, so after configuration information of the target activity is obtained, a real entitlement token of the target activity needs to be obtained from the configuration information first, and if the real entitlement token is consistent with an entitlement token in a call request, a subsequent operation is allowed, otherwise, the flow is directly ended.

The mongo db is an open-source NoSQL database management system for documents, which organizes data in a document storage manner, and each document is a BSON (binary JSON) object similar to the JSON format, and may contain different types of data, such as a character string, a number, a date, an array, and the like. MongoDB is known for its flexible data model and scalability, and is suitable for many different types of applications. MySQL is an open-source relational database management system (RDBMS) and is widely used for various types of applications and websites. It supports multi-user, multi-threaded database management, allowing users to store and retrieve data in one or more databases. MySQL is a lightweight and high-performance database system that is suitable for many different scale applications.

A data dictionary is a collection of data metadata (metadata) that includes definitions and descriptions of data objects such as databases, files, tables, fields, data types, relationships, constraints, indexes, and the like. Data dictionaries typically record information about the structure, properties, usage, relationships, etc. of data objects so that developers, database administrators, and other related personnel can accurately understand and manipulate the data. The data dictionary is mainly used for providing a unified data information source and helping people to better understand data structures and data relations, so that maintainability, development efficiency and data consistency of a system are improved. The data dictionary can be used as an important reference tool in the processes of database management, software development and system maintenance, and helps team members to know and manage data resources. The method uploads the packaged interface document to the interface dictionary item.

For steps S103 and S104, the method names of the different intermediate interfaces are different as described with reference to fig. 2 (b), so that after determining the method name, the corresponding intermediate interface can be determined according to the method name. In connection with the foregoing description, the configuration information of the target activity includes intermediate interface information, which substantially includes its package interface document in addition to the interface serial number and the interface dictionary name, as shown in fig. 2 (a). Thus, after determining the intermediate interface, its package interface document may be obtained.

In order to realize unified management of interfaces, the method adopts a mode of packaging and adapting different third party interfaces so as to convert various different third party interface calls into a unified interface format. If some interfaces have preset parameter formats of xml format and preset target parameter formats of JSON format, the conversion relationship between the xml format of the third party interface and the JSON format of the intermediate interface can be established. It should be noted that, the intermediate interfaces corresponding to different third party interfaces in the intermediate layer are different, for example, the third party interface a-intermediate interface a and the third party interface B-intermediate interface B, but the parameter formats used by the intermediate interface ab are all JSON formats. And packaging the conversion relation to obtain a packaging interface document of the intermediate interface.

Wherein JSON and XML data formats: JSON (JavaScript Object Notation) and XML (eXtensible Markup Language) are common data exchange formats for transferring structured data between different systems. Through the parameter mapping and converting mechanism, the parameters transmitted by the back end of the application program are converted into the parameter formats required by different third party interfaces, so that the problem of mismatching of the interface formats is solved, and the interactive operability between the back end of the application program and the third party service is improved.

After format conversion is performed on the interface parameters in the call request through the mapping relation between the parameter formats in the package interface document of the intermediate interface, if the JSON format parameters are converted into xml format parameters, the parameters are sent to a third party interface corresponding to the intermediate interface in the third party service, and if the intermediate interface a is determined through the steps, the parameters after format conversion are sent to the third party interface a. And the third party interface processes the xml format parameters to obtain a processing result. The middle layer converts the xml format processing result into the JSON format processing result and returns the JSON format processing result to the rear end of the application program.

According to the method provided by the embodiment, the interface serial number is used for replacing the intermediate interface name, so that the interface information can be well protected, the information security is improved, the intermediate layer obtains the activity configuration information through the activity serial number, and the interface dictionary name corresponding to the interface serial number is searched from the activity configuration information, so that the intermediate interface which is called currently is determined. According to the scheme, the complex interface calling logic is hidden in the middle layer through the packaging of the third-party interface, so that development difficulty and risk of an application program rear-end developer are reduced. Through unified middle layer management, the calling and maintenance processes of a plurality of third party interfaces are simplified, and developers can reduce the learning cost of different interfaces through a unified interface calling mode, so that the development efficiency and the maintainability of the system are improved.

Referring to fig. 3, a flowchart of an optional interface call processing method according to an embodiment of the invention is shown, including the following steps:

s301: receiving a call request of an intermediate interface of a target activity; wherein the call request is generated by the application backend based on one or more of: the method comprises the steps of obtaining an activity number, an authority token, an interface serial number, an encryption parameter, an interface parameter, a current time stamp and a check bit of a target activity, and obtaining the encryption parameter through encryption processing of the interface parameter;

s302: acquiring configuration information of a target activity according to the activity number, acquiring a real authority token from the configuration information, and acquiring an interface dictionary name corresponding to the interface serial number from the configuration information in response to the authority token being identical to the real authority token;

s303: acquiring a method name from the interface dictionary items corresponding to the interface dictionary names, and determining a called intermediate interface according to the method name; the interface dictionary names are used for describing interface functions;

s304: using a decryption rule corresponding to a preset encryption rule to decrypt the encryption parameter to obtain an interface parameter;

s305: processing the interface parameter and the current time stamp by using a preset algorithm to obtain a new check bit, and determining that the interface parameter is available in response to the new check bit being identical to the check bit;

S306: performing format conversion processing on the interface parameters according to the encapsulation interface document of the intermediate interface;

s307: and sending the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service to obtain a processing result returned by the third party interface, and returning the processing result to the rear end of the application program after format conversion.

In the above embodiment, for steps S302, S303 and S307, reference is made to the description shown in fig. 1, and the description is omitted here.

For steps S301, S304 to S306, the middle layer administrator may configure, according to actual needs, a list of intermediate interface dictionaries that are allowed to be invoked for the target activity in the active background management system, where the intermediate interfaces are allowed to be opened to the outside, so as to ensure that only legal interfaces are invoked by the application activity back-end developer, otherwise, the application activity back-end developer has no invocation authority.

In the event background management system, the middle tier administrator may download documents containing interface documents as well as call information, including the event number and rights token, interface sequence number, interface dictionary name, and package interface documents for the target event. This information is delivered to the active backend developer for subsequent interface calls. The active background management system and the interface middle layer service share the same set of public Mysql database and MongoDB database, so as to acquire interface information and interface documents.

Example 1

The call request comprises encryption parameters, the encryption parameters are obtained by encrypting interface parameters, and the encryption rules are general encryption rules or encryption rules contained in the encapsulation interface document. And the active back-end developer constructs a request according to the active serial number, the interface serial number and the encryption parameter interface specific information of the interface middle layer, and then initiates the request to the interface middle layer. After the intermediate layer determines the intermediate interface, the intermediate layer needs to process the encryption parameters by using a decryption rule to obtain decryption parameters.

Example two

The call request includes a check bit, such as an MD5Message-Digest Algorithm (all referred to as MD5Message-Digest algorism), which is set to prevent parameters from being modified, and is generally calculated by the MD5 Algorithm to obtain a value for all interface parameters and current timestamps, after receiving all interface parameters and check bits, the middle layer performs the same MD5 Algorithm on all interface parameters and current timestamps in the request to calculate a value, and if the value is the same, it indicates that the interface parameters are complete and not modified, so that the MD5 value is the same as the MD5 value transmitted by the caller.

Example III

And the active back-end developer constructs a request according to the active number, the interface serial number and other parameters, interfaces specific information of the interface middle layer, and then initiates the request to the interface middle layer, wherein the request comprises the active number, the interface serial number, the encrypted parameters and the current timestamp. Check bits, etc. Because the encryption parameters are required to be decrypted again in combination with the above description, whether the decryption parameters are available or not is judged through the MD5 algorithm, so that the actual availability of the parameters is further ensured.

In the fourth embodiment, as a further optimization of the first embodiment, the second embodiment, and the third embodiment, the method may further include an authority token to further verify the target activity, which is specifically described with reference to fig. 1, and will not be described herein.

In addition, a parameter checking mechanism may be further set, that is, a rationality check may be performed on the parameter transferred by the caller, for example: whether the activity number exists, whether the activity corresponding to the activity number is in progress or not, and the verification conditions possibly needed by different interfaces are different.

According to the method provided by the embodiment, the encryption can ensure that the interface parameters are safe and cannot be stolen, the permission token is used for judging whether the target activity is trusted, and the check bit is used for judging whether all the interface parameters are tampered.

Referring to fig. 4, a flowchart of another optional interface call processing method according to an embodiment of the invention is shown, including the following steps:

s401: receiving a call request of an intermediate interface of a target activity; the calling request is generated by the back end of the application program based on the activity number, the interface serial number and the interface parameter of the target activity;

s402: acquiring configuration information of a target activity according to the activity number, acquiring an interface dictionary name corresponding to the interface serial number from the configuration information, and acquiring a method name from an interface dictionary item corresponding to the interface dictionary name; the interface dictionary names are used for describing interface functions;

s403: determining a called intermediate interface according to the method name, and performing format conversion processing on the interface parameters according to the encapsulation interface document of the intermediate interface; wherein the packaged interface document further includes one or more of: authority token, communication protocol, error handling and retry mechanism of the third party interface;

s404: the interface parameters after format conversion are sent to a third party interface corresponding to the intermediate interface in a third party service;

s405: generating a third party interface calling request based on the interface parameters and the authority tokens after format conversion, and sending the third party interface calling request to a third party interface corresponding to the intermediate interface in a third party service;

S406: determining a third party interface corresponding to the intermediate interface in the third party service, and transmitting the interface parameters after format conversion to the third party interface according to a communication protocol of the third party interface;

s407: and under the condition that the processing result is failure, triggering an error processing and retry mechanism to send the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service again, and repeating the operation until the processing result is success or the retry times reach the upper limit.

In the above embodiment, the steps S401 to S403 may be described with reference to fig. 1 to 3, and are not described herein.

For steps S404-S407, the package interface document also includes one or more of the following: rights token, communication protocol, error handling and retry mechanism for the third party interface. The permission token is used for carrying out identity verification on the third party interface or the call request and judging whether the permission of calling the third party interface is possessed or not. The communication mode is the communication mode required by the third party interface, such as http and https. The error processing and retry mechanism is a triggered retry mechanism under the condition that the interface processing result is failure, and sets the upper limit of the retry times, for example, the retry times of the third party interface A are 4 times, and the retry times of the third party interface B are 5 times. In addition to the customization described above, the present solution may also be used to perform other customization operations separately for a single third party interface, such as requiring desensitization or masking of individual sensitive fields returned by the interface.

Referring to fig. 2 (b), the interface document needs to be uploaded into the interface dictionary item, including information such as interface name, parameter list, request mode, authentication mode, etc. And uploading the packaged interface document to the data document. For unified processing of various contents in an interface document, policy mode and adapter mode processing may be used. The strategy mode is a behavior design mode, a series of algorithms can be defined, and each algorithm is respectively put into an independent class so that the objects of the algorithms can be mutually replaced. The adapter mode is a structural design mode that enables interface-incompatible objects to cooperate with each other.

Embodiment one: the interface parameters and the authority tokens after format conversion are required to generate a third party interface calling request to be sent to a third party interface corresponding to the intermediate interface in the third party service, for example, to a third party interface A corresponding to the intermediate interface a.

Embodiment two: and sending the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service according to the communication protocol of the third party interface.

Embodiment III: and generating a third-party interface calling request by the interface parameters and the authority tokens after format conversion, and sending the third-party interface calling request to a third-party interface corresponding to the intermediate interface in the third-party service according to a communication protocol of the third-party interface.

In the fourth embodiment, as optimization of the above three embodiments, if the processing result is failure, the middle layer resends the interface call request instruction to the third party interface until the processing result is successful or the upper limit of the failure times is reached.

According to the service necessity, aiming at the condition that some interfaces fail in request due to network fluctuation, instead of directly returning the information of the failed request to a calling party, the request is initiated to the interfaces again through an error processing and retry mechanism until the request succeeds or reaches the retry upper limit number of times, so that the quick processing and recovery can be ensured when the interface call is in question, and the stability and the usability of the system are improved. In addition, the middle layer can also convert the original error data packet of the interface into a unified data format, so that the calling party can uniformly process and identify according to one format.

According to the method provided by the embodiment, the interface parameters, the protocol, the authentication mode and the like of the interface calling the third party interface between the intermediate interfaces are uniformly processed, so that the interface parameters, the protocol, the authentication mode and the like are guaranteed to have the same calling mode and data format, the same set of codes are used in practice, the third party interface is called only according to the access requirement and the specification of the third party interface when the third party interface is called, the third party interface is not exposed to the outside in the whole process, and only the intermediate interface is exposed, so that the safety of the third party interface is guaranteed, and the abuse condition is avoided.

Existing integration middleware is typically composed of a set of components that manage communications and integration between different systems. The following is one existing integrated middleware implementation: component one: a Message Queue (Message Queue) for asynchronous communication, sends application requests into the Queue, and is then processed one by a third party service. This can reduce the coupling between systems and improve the reliability and expansibility of the systems. And a second component: a data conversion engine (Data Transformation Engine) is responsible for converting the data format of the application into a format suitable for a different third party interface. It can perform parameter mapping, data type conversion, etc., so that the application can more conveniently communicate with different third party services. And (3) a component III: an authentication and authorization module (Authentication and Authorization Module) manages authentication and authorization of the third party interface, ensuring that only authenticated requests can access the third party services. The method can centrally manage authentication credentials, and reduces complexity of decentralized authentication processing in an application program. And a fourth component: an error handling and retry module (Error Handling and Retry Module) is responsible for handling errors that may occur when third party interface calls and provides a unified error handling mechanism. It can decide whether to retry the request according to the error type, thereby improving the stability of the system. And fifthly, an assembly: the log and monitoring module (Logging and Monitoring Module) is responsible for recording logs and performance indexes of all third-party interface calls and helping to conduct fault detection and performance optimization.

However, the above integrated middleware has the following problems: 1. complexity: although communication between systems may be managed, development and maintenance is complicated by the fact that its versatility may be overly complex, requiring additional configuration and customization. 2. The flexibility is not enough: the integrated middleware may provide some general purpose data conversion and authentication modules but does not have the additional processing power to be done on individual interfaces, thus failing to meet the specific needs of each third party interface. 3. Performance bottlenecks: since the integration middleware needs to handle the communication of multiple systems, performance bottlenecks may be introduced, especially in high load situations, 4, poor customization: the prior art may not meet the needs of certain specific business scenarios because its versatility may not meet all of the specific customizations.

The scheme can solve the defects of the prior art by establishing a customized and efficient middle layer between the rear end of the application program and the third-party service, thereby improving the development efficiency, the system performance and the adaptability of the application program: 1. simplifying complexity: a special management layer for the third party interface is provided, so that a developer can call and manage more easily, and the complexity of the system is reduced. 2. Providing flexibility and meeting specific requirements: the method and the system allow high customization according to the specific requirements of different third party interfaces, ensure flexibility and are not limited by generality, thereby meeting the requirements of specific business scenes and enabling the solution to be more fit with the actual situation.

The method provided by the embodiment of the invention has other beneficial effects:

1. unified interface management and customization processing: setting a target parameter format to uniformly manage parameter formats of a plurality of different third party interfaces, configuring an authority token for each third party interface, and setting calling authorities. And creating an intermediate interface corresponding to the third party interface in the intermediate layer, and packaging the information, the communication mode, the error and the retry mechanism of the third party interface to obtain a packaging interface document of the intermediate interface. Through the process, the unified management of the third-party interface call in the middle layer and the customized processing aiming at the specific requirement of each third-party interface are realized, and the more efficient and flexible interface call is realized. Meanwhile, the system has good expandability, and new third party interfaces or expansion functions can be easily added.

2. Dynamic dictionary configuration and rights control: and configuring a data dictionary, and obtaining dictionary names of the intermediate interfaces, interface document downloading paths, used method names and interface documents. The administrator can flexibly control the intermediate interface list which is allowed to be invoked by the activity, so that the flexible management of the interfaces is realized through the dynamic dictionary configuration, and meanwhile, the authority control can be performed, so that only the authorized interfaces can be invoked.

3. Comprehensive safety checking mechanism: the multi-level security check is realized in the interface calling process, including authority token check, decryption processing, check bit check and parameter check, so that the third party service can be accessed only by the verified request, the confidentiality of the data transmission process is ensured, the safety of the interface calling is improved, and malicious calling and illegal access are prevented. The mechanism can adapt to different authentication modes and security requirements.

Referring to fig. 5, a schematic diagram of main modules of an interface call processing apparatus 500 according to an embodiment of the present invention is shown, including:

a receiving module 501, configured to receive a call request for an intermediate interface of a target activity; the calling request is generated by the back end of the application program based on the activity number, the interface serial number and the interface parameter of the target activity;

a determining module 502, configured to obtain configuration information of a target activity according to the activity number, obtain an interface dictionary name corresponding to the interface serial number from the configuration information, and obtain a method name from an interface dictionary item corresponding to the interface dictionary name; the interface dictionary names are used for describing interface functions;

a processing module 503, configured to determine a called intermediate interface according to the method name, and perform format conversion processing on the interface parameter according to an encapsulation interface document of the intermediate interface;

And the transmission module 504 is configured to send the interface parameter after format conversion to a third party interface corresponding to the intermediate interface in the third party service, obtain a processing result returned by the third party interface, convert the processing result into a format, and return the format to the rear end of the application program.

In the implementation device of the present invention, the call request further includes a target active rights token, and the determining module 502 is configured to:

The implementation device of the invention further comprises a first configuration module for:

The implementation device of the invention further comprises a second configuration module for:

The implementation device of the invention further comprises:

the processing module 503 is further configured to: and decrypting the encryption parameters by using a decryption rule corresponding to the preset encryption rule to obtain decryption parameters.

The implementation device of the invention further comprises:

The processing module 503 is further configured to: and processing the interface parameter and the current time stamp by using a preset algorithm to obtain a new check bit, and determining that the interface parameter is available in response to the new check bit being identical to the check bit.

The implementation device of the invention also comprises a packaging module for:

In the embodiment of the invention, the packaging interface document further comprises an authority token of a third party interface, and the packaging module is further used for:

the processing module 503 is configured to: and generating a third-party interface calling request based on the interface parameters and the authority tokens after format conversion, and sending the third-party interface calling request to a third-party interface corresponding to the intermediate interface in the third-party service.

In the embodiment of the invention, the packaging interface document further comprises a communication protocol of a third party interface, and the packaging module is further used for:

receiving a communication protocol configured for a third party interface;

the processing module 503 is configured to: and determining a third party interface corresponding to the intermediate interface in the third party service, and transmitting the interface parameters after format conversion to the third party interface according to a communication protocol of the third party interface.

In the embodiment of the present invention, the package interface document further includes an error handling and retry mechanism, and the processing module 503 is configured to: and under the condition that the processing result is failure, triggering an error processing and retry mechanism to send the interface parameters after format conversion to a third party interface corresponding to the intermediate interface in the third party service again, and repeating the operation until the processing result is success or the retry times reach the upper limit.

In addition, the implementation of the apparatus in the embodiments of the present invention has been described in detail in the above method, so that the description is not repeated here.

Fig. 6 shows an exemplary system architecture 600 in which embodiments of the invention may be applied, including terminal devices 601, 602, 603, a network 604, and a server 605 (by way of example only).

The terminal devices 601, 602, 603 may be various electronic devices having a display screen and supporting web browsing, are installed with various communication client applications, and a user may interact with the server 605 through the network 604 using the terminal devices 601, 602, 603 to receive or transmit messages, etc.

The network 604 is used as a medium to provide communication links between the terminal devices 601, 602, 603 and the server 605. The network 604 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.

The server 605 may be a server providing various services, and it should be noted that, the method provided by the embodiment of the present invention is generally executed by the server 605, and accordingly, the apparatus is generally disposed in the server 605.

It should be understood that the number of terminal devices, networks and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.

Referring now to FIG. 7, there is illustrated a schematic diagram of a computer system 700 suitable for use in implementing an embodiment of the present invention. The terminal device shown in fig. 7 is only an example, and should not impose any limitation on the functions and the scope of use of the embodiment of the present invention.

As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU) 701, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data required for the operation of the system 700 are also stored. The CPU 701, ROM 702, and RAM 703 are connected to each other through a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.

The following components are connected to the I/O interface 705: an input section 706 including a keyboard, a mouse, and the like; an output portion 707 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like; a storage section 708 including a hard disk or the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. The drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read therefrom is mounted into the storage section 708 as necessary.

In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 709, and/or installed from the removable medium 711. The above-described functions defined in the system of the present invention are performed when the computer program is executed by a Central Processing Unit (CPU) 701.

The computer readable medium shown in the present invention may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.

The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The modules involved in the embodiments of the present invention may be implemented in software or in hardware. The described modules may also be provided in a processor, for example, as: a processor comprises a receiving module, a determining module, a processing module and a transmitting module. The names of these modules do not in some way constitute a limitation of the module itself, for example, the transmission module may also be described as "calling a third party interface module".

As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be present alone without being fitted into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to perform any of the interface call processing methods described above.

The computer program product of the present invention comprises a computer program which, when executed by a processor, implements the interface call processing method in the embodiments of the present invention.

The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives can occur depending upon design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims

1. An interface call processing method, which is applied to an intermediate layer between a back end of an application program and a third party service, wherein the third party interface is located in the third party service, includes:

2. The method of claim 1, wherein the invocation request further includes a rights token for a target activity, the obtaining an interface dictionary name corresponding to the interface serial number from the configuration information, comprising:

3. The method of claim 2, wherein prior to the receiving the call request to the intermediate interface for the target activity, the method further comprises:

4. A method according to claim 3, characterized in that the method further comprises:

5. The method according to claim 1, wherein the method further comprises:

6. The method according to claim 1 or 5, characterized in that the method further comprises:

7. The method according to claim 1, wherein the method further comprises:

8. The method of claim 7, wherein the packaged interface document further comprises an entitlement token for a third party interface, the method further comprising:

9. The method of claim 7 or 8, wherein the package interface document further includes a communication protocol for a third party interface, the method further comprising:

Receiving a communication protocol configured for a third party interface;

10. The method of claim 7, wherein the package interface document further comprises an error handling and retry mechanism, the method further comprising:

11. An interface call processing device, applied to an intermediate layer between an application back end and a third party service, where a third party interface is located in the third party service, comprising:

12. The apparatus of claim 11, wherein the invocation request further comprises a rights token for the target activity, the determination module to:

13. The apparatus of claim 12, further comprising a first configuration module configured to:

14. The apparatus of claim 13, further comprising a second configuration module configured to:

15. The apparatus of claim 11, wherein the apparatus further comprises:

16. The apparatus according to claim 11 or 15, characterized in that the apparatus further comprises:

17. The apparatus of claim 11, further comprising a packaging module to:

18. An electronic device, comprising:

one or more processors;

storage means for storing one or more programs,

when executed by the one or more processors, causes the one or more processors to implement the method of any of claims 1-10.

19. A computer readable medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any of claims 1-10.

20. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1-10.