[go: up one dir, main page]

CN103561115B - Obtain the method for electronics code, open platform and system in real time - Google Patents

Obtain the method for electronics code, open platform and system in real time Download PDF

Info

Publication number
CN103561115B
CN103561115B CN201310585149.6A CN201310585149A CN103561115B CN 103561115 B CN103561115 B CN 103561115B CN 201310585149 A CN201310585149 A CN 201310585149A CN 103561115 B CN103561115 B CN 103561115B
Authority
CN
China
Prior art keywords
party application
application server
request
open platform
order
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310585149.6A
Other languages
Chinese (zh)
Other versions
CN103561115A (en
Inventor
胡聪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201310585149.6A priority Critical patent/CN103561115B/en
Publication of CN103561115A publication Critical patent/CN103561115A/en
Application granted granted Critical
Publication of CN103561115B publication Critical patent/CN103561115B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

本发明涉及一种实时获取电子码的方法、开放平台及系统,该方法包括:开放平台接收到第三方应用服务器发送的前端支付请求后,通过第一接口向第三方应用服务器发送通知消息;通过第二接口接收第三方应用服务器根据通知消息返回的订单核实请求;当确定订单核实请求合法时,向第三方应用服务器返回验证成功消息;接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,并将电子码提供给预设的用户终端。由此解决了现有技术中,第三方应用服务器必须以手动方式预先向开放平台内导入一定批量的电子码所导致的操作繁琐等问题。

The present invention relates to a method, an open platform and a system for obtaining an electronic code in real time. The method includes: after the open platform receives a front-end payment request sent by a third-party application server, it sends a notification message to the third-party application server through a first interface; The second interface receives the order verification request returned by the third-party application server according to the notification message; when it is determined that the order verification request is legal, returns a verification success message to the third-party application server; receives the order verification request returned by the third-party application server after receiving the verification success message Verifying the electronic code corresponding to the request, and providing the electronic code to a preset user terminal. This solves the problem in the prior art that the third-party application server must manually import a certain batch of electronic codes into the open platform in advance, which causes cumbersome operations and the like.

Description

实时获取电子码的方法、开放平台及系统Method, open platform and system for obtaining electronic code in real time

技术领域technical field

本发明涉及网络通信技术领域,具体涉及一种实时获取电子码的方法、开放平台及系统。The invention relates to the technical field of network communication, in particular to a method, an open platform and a system for obtaining electronic codes in real time.

背景技术Background technique

开放平台能够将其提供的各类服务封装成一系列计算机易识别的数据接口,第三方开发者直接调用这些开放的数据接口就可以享用开放平台的相应服务,这些开放的数据接口也叫做Open API,提供这些Open API的平台本身就被称为开放平台。The open platform can encapsulate various services provided by it into a series of data interfaces that are easy to recognize by the computer. Third-party developers can directly call these open data interfaces to enjoy the corresponding services of the open platform. These open data interfaces are also called Open API. Platforms that provide these Open APIs are called open platforms themselves.

利用第三方应用服务器提供的电子码向用户提供电子码的推送服务是目前开放平台的一个典型应用。在这种应用场景中,第三方应用服务器需要提供可以流通的电子码,并将提供的电子码通过开放平台推送给需要该电子码的用户终端。图1示出了上述应用场景的示意图。如图1所示,为了实现电子码在开放平台上的流通,第三方应用开发者(即操作上述第三方应用服务器的操作人员)需要事先将欲在该开放平台上流通的电子码以手动方式导入该开放平台内。具体的导入流程如图2所示,首先,第三方应用开发者需要生成一个用于存储电子码的序列号文件;然后登录到开放平台提供的导入后台,在该导入后台上提交该第三方应用开发者的信息,并上传之前生成的序列号文件;最后,确认上传结果,以实现电子码的最终导入。在导入电子码之后,开放平台就可以基于导入的电子码向用户提供电子码的推送服务。图1中还示出了电子码的找回功能,该功能与本发明关系不大,此处暂不介绍。It is a typical application of the current open platform to use the electronic code provided by the third-party application server to provide the push service of the electronic code to the user. In this application scenario, the third-party application server needs to provide the electronic code that can be circulated, and push the provided electronic code to the user terminal that needs the electronic code through the open platform. Fig. 1 shows a schematic diagram of the above application scenario. As shown in Figure 1, in order to realize the circulation of electronic codes on the open platform, third-party application developers (that is, the operators who operate the above-mentioned third-party application servers) need to manually transfer the electronic codes to be circulated on the open platform in advance. into the open platform. The specific import process is shown in Figure 2. First, the third-party application developer needs to generate a serial number file for storing the electronic code; then log in to the import background provided by the open platform, and submit the third-party application on the import background The developer's information, and upload the serial number file generated before; finally, confirm the upload result to realize the final import of the electronic code. After the electronic code is imported, the open platform can provide users with electronic code push services based on the imported electronic code. Figure 1 also shows the retrieval function of the electronic code, which has little to do with the present invention and will not be introduced here.

由此可见,利用现有的开放平台实现电子码的流通之前,必须先将电子码导入到该平台内。但是,上述手动导入电子码的操作方式非常繁琐,需要耗费大量的人力成本。而且,在手动导入电子码时,通常是一次性向开放平台内导入一定批量的电子码以供流通。这样,开放平台还需要为这些预先导入的电子码预付一定的费用,因此,开放平台还将承担预付成本的损失风险。It can be seen that before using the existing open platform to realize the circulation of the electronic code, the electronic code must first be imported into the platform. However, the above-mentioned operation method of manually importing the electronic code is very cumbersome and requires a lot of labor costs. Moreover, when manually importing electronic codes, a certain batch of electronic codes is usually imported into the open platform at one time for circulation. In this way, the open platform also needs to prepay certain fees for these pre-imported electronic codes, so the open platform will also bear the loss risk of the prepaid cost.

发明内容Contents of the invention

鉴于上述问题,提出了本发明以便提供一种克服上述问题或者至少部分地解决上述问题的实时获取电子码的方法、开放平台及系统。In view of the above problems, the present invention is proposed to provide a method, an open platform and a system for obtaining electronic codes in real time which overcome the above problems or at least partly solve the above problems.

依据本发明的一个方面,提供了一种实时获取电子码的方法,包括:开放平台接收到第三方应用服务器发送的前端支付请求后,通过第一接口向第三方应用服务器发送通知消息;通过第二接口接收第三方应用服务器根据通知消息返回的订单核实请求;当确定订单核实请求合法时,向第三方应用服务器返回验证成功消息;接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,并将电子码提供给预设的用户终端。According to one aspect of the present invention, a method for obtaining an electronic code in real time is provided, including: after the open platform receives the front-end payment request sent by the third-party application server, it sends a notification message to the third-party application server through the first interface; The second interface receives the order verification request returned by the third-party application server according to the notification message; when the order verification request is determined to be legal, returns a verification success message to the third-party application server; receives the order verification returned by the third-party application server after receiving the verification success message Request the corresponding electronic code, and provide the electronic code to the preset user terminal.

依据本发明的另一方面,提供了一种实时获取电子码的开放平台,包括:第一通信模块,适于接收第三方应用服务器发送的前端支付请求;第一接口模块,适于向第三方应用服务器发送通知消息;第二接口模块,适于接收第三方应用服务器根据通知消息返回的订单核实请求;验证模块,适于确定订单核实请求是否合法;第二通信模块,适于在订单核实请求合法时向第三方应用服务器返回验证成功消息,并接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,将电子码提供给预设的用户终端。According to another aspect of the present invention, an open platform for real-time acquisition of electronic codes is provided, including: a first communication module, adapted to receive a front-end payment request sent by a third-party application server; a first interface module, adapted to send a payment request to a third party The application server sends a notification message; the second interface module is adapted to receive the order verification request returned by the third-party application server according to the notification message; the verification module is adapted to determine whether the order verification request is legal; the second communication module is adapted to receive the order verification request in the order verification request When it is legal, return a verification success message to the third-party application server, and receive the electronic code corresponding to the order verification request returned by the third-party application server after receiving the verification success message, and provide the electronic code to the preset user terminal.

依据本发明的另一方面,提供了一种实时获取电子码的系统,包括上述的开放平台,一个或多个用户终端及一个或多个第三方应用服务器。According to another aspect of the present invention, a system for obtaining electronic codes in real time is provided, including the above-mentioned open platform, one or more user terminals and one or more third-party application servers.

在本发明提供的实时获取电子码的方法、开放平台及系统中,为第三方应用服务器提供了两个开放的接口(第一接口和第二接口),通过这两个接口,能够实现开放平台与第三方应用服务器之间的实时数据交互,从而使开放平台能够在每次接收到第三方应用服务器发送的前端支付请求后,向第三方应用服务器发送通知消息,接收及验证第三方应用服务器返回的订单核实请求,并在验证通过后向第三方应用服务器返回验证成功消息,最后接收第三方应用服务器据此返回的电子码。通过上述方式能够实现开放平台与第三方应用服务器之间的双向验证机制,能够提高开放平台与第三方应用服务器之间的数据传输的安全性。在安全性得到保障的前提下,第三方应用服务器可以在每次接收到用户发送的与电子码相关的前端支付请求之后,实时地向开放平台发送所需的电子码。由此解决了现有技术中,第三方应用服务器必须以手动方式预先向开放平台内导入一定批量的电子码所导致的操作繁琐等问题。In the method, open platform and system for obtaining electronic codes in real time provided by the present invention, two open interfaces (the first interface and the second interface) are provided for the third-party application server. Through these two interfaces, the open platform can be realized. Real-time data interaction with the third-party application server, so that the open platform can send a notification message to the third-party application server every time it receives the front-end payment request sent by the third-party application server, and receive and verify the return of the third-party application server The order verification request, and after the verification is passed, return a verification success message to the third-party application server, and finally receive the electronic code returned by the third-party application server accordingly. The two-way verification mechanism between the open platform and the third-party application server can be realized through the above method, and the security of data transmission between the open platform and the third-party application server can be improved. On the premise that the security is guaranteed, the third-party application server can send the required electronic code to the open platform in real time after receiving the front-end payment request related to the electronic code sent by the user each time. This solves the problem in the prior art that the third-party application server must manually import a certain batch of electronic codes into the open platform in advance, which causes cumbersome operations and the like.

上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段,而可依照说明书的内容予以实施,并且为了让本发明的上述和其它目的、特征和优点能够更明显易懂,以下特举本发明的具体实施方式。The above description is only an overview of the technical solution of the present invention. In order to better understand the technical means of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present invention more obvious and understandable , the specific embodiments of the present invention are enumerated below.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating a preferred embodiment and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to designate the same parts. In the attached picture:

图1示出了现有技术中的第三方应用开发者向开放平台导入电子码时的场景示意图;Fig. 1 shows a schematic diagram of a scene when a third-party application developer imports an electronic code into an open platform in the prior art;

图2示出了现有技术中的第三方应用开发者向开放平台导入电子码时的方法流程图;Fig. 2 shows the flow chart of the method when the third-party application developer imports the electronic code into the open platform in the prior art;

图3示出了本发明一个实施例提供的实时获取电子码的方法的流程图;Fig. 3 shows the flowchart of the method for obtaining electronic code in real time provided by one embodiment of the present invention;

图4示出了本发明另一实施例提供的实时获取电子码的方法的流程图;FIG. 4 shows a flow chart of a method for obtaining an electronic code in real time according to another embodiment of the present invention;

图5示出了本发明实施例提供的实时获取电子码的开放平台的结构图;Fig. 5 shows a structural diagram of an open platform for real-time acquisition of electronic codes provided by an embodiment of the present invention;

图6示出了本发明实施例提供的实时获取电子码的系统的结构图。Fig. 6 shows a structural diagram of a system for obtaining electronic codes in real time according to an embodiment of the present invention.

具体实施方式detailed description

下面将参照附图更详细地描述本公开的示例性实施例。虽然附图中显示了本公开的示例性实施例,然而应当理解,可以以各种形式实现本公开而不应被这里阐述的实施例所限制。相反,提供这些实施例是为了能够更透彻地理解本公开,并且能够将本公开的范围完整的传达给本领域的技术人员。Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

本发明实施例提供了一种实时获取电子码的方法、开放平台及系统,用以解决现有技术中第三方应用服务器必须以手动方式预先向开放平台内导入一定批量的电子码所导致的操作繁琐等问题。The embodiment of the present invention provides a method, an open platform and a system for obtaining electronic codes in real time, which are used to solve the problem that the third-party application server must manually import a certain batch of electronic codes into the open platform in advance in the prior art. cumbersome issues.

图3示出了本发明实施例提供的实时获取电子码的方法的流程图。如图3所示,该方法起始于步骤S101,在步骤S101中,开放平台接收到第三方应用服务器发送的前端支付请求后,通过第一接口向第三方应用服务器发送通知消息。其中,第一接口可以通过预设的第一回调函数、第一函数指针或第一URL地址来实现。Fig. 3 shows a flowchart of a method for obtaining an electronic code in real time provided by an embodiment of the present invention. As shown in Fig. 3, the method starts at step S101. In step S101, the open platform sends a notification message to the third-party application server through the first interface after receiving the front-end payment request sent by the third-party application server. Wherein, the first interface may be realized through a preset first callback function, a first function pointer or a first URL address.

接下来,在步骤S102中,开放平台通过第二接口接收第三方应用服务器根据通知消息返回的订单核实请求。其中,第二接口同样可以通过预设的第二回调函数、第二函数指针或第二URL地址来实现。Next, in step S102, the open platform receives the order verification request returned by the third-party application server according to the notification message through the second interface. Wherein, the second interface can also be realized through a preset second callback function, a second function pointer or a second URL address.

然后,在步骤S103中,开放平台确定上述的订单核实请求是否合法,并在确定其合法时向第三方应用服务器返回验证成功消息。Then, in step S103, the open platform determines whether the above-mentioned order verification request is legal, and returns a verification success message to the third-party application server when it is determined that it is legal.

最后,在步骤S104中,开放平台接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,并将该电子码提供给预设的用户终端。Finally, in step S104, the open platform receives the electronic code corresponding to the order verification request returned by the third-party application server after receiving the verification success message, and provides the electronic code to the preset user terminal.

可选地,为了提高数据传输的安全性,上述步骤S101中发送的通知消息中进一步包含前端支付请求的相关信息,且这些相关信息通过预设的数字签名算法进行签名。相应地,第三方应用服务器收到该通知消息后,先通过预设的签名验证算法对该通知消息进行验证,再根据验证通过后得到的相关信息返回订单核实请求。其中,第三方应用服务器根据验证通过后得到的相关信息返回订单核实请求的步骤进一步包括:首先获取相关信息中包含的待验证参数,然后通过预设的数字签名算法对待验证参数进行签名,最后将签名后的待验证参数封装在订单核实请求中即可。相应地,在步骤S103中,开放平台通过下述方式验证订单核实请求是否合法:首先,开放平台通过预设的签名验证算法对订单核实请求进行验证,得到其中的待验证参数;然后,如果得到的待验证参数合法,则可以确定该订单核实请求合法。Optionally, in order to improve the security of data transmission, the notification message sent in the above step S101 further includes relevant information of the front-end payment request, and the relevant information is signed by a preset digital signature algorithm. Correspondingly, after receiving the notification message, the third-party application server first verifies the notification message through a preset signature verification algorithm, and then returns an order verification request according to relevant information obtained after passing the verification. Wherein, the step of the third-party application server returning the order verification request according to the relevant information obtained after the verification is passed further includes: first obtaining the parameters to be verified contained in the relevant information, then signing the parameters to be verified by a preset digital signature algorithm, and finally sending the The signed parameters to be verified can be encapsulated in the order verification request. Correspondingly, in step S103, the open platform verifies whether the order verification request is legal in the following manner: first, the open platform verifies the order verification request through a preset signature verification algorithm to obtain the parameters to be verified; then, if it obtains If the parameter to be verified is legal, it can be determined that the order verification request is legal.

通过上面的方式就可以实现开放平台与第三方应用服务器之间的双向验证,从而既可以防止有人冒充开放平台来欺骗第三方应用服务器向其发送电子码,也可以防止有人冒充第三方应用服务器向开放平台传输恶意数据。另外,为了进一步确保电子码在向开放平台发送的过程中不被篡改或截获,还可以由第三方应用服务器进一步对电子码进行加密。为此,本实施例中的方法还可以包括如下细节:当开放平台与第三方应用服务器之间通过第一类数据传输协议(例如安全性较高的HTTPS协议等)进行通信时,第三方应用服务器返回的电子码是没有加密的电子码,则开放平台直接将电子码提供给预设的用户终端即可,这样可以在网络安全性高的情况下简化传输环节的操作;当开放平台与第三方应用服务器之间通过第二类数据传输协议(例如安全性较低的HTTP协议等)进行通信时,第三方应用服务器返回的电子码是经过加密的电子码,则开放平台对电子码进行解密之后再将电子码提供给预设的用户终端,这样可以在网络安全性低的情况下提高传输安全性,并防止数据在网络应用层以下的层级被盗取。Through the above method, the two-way verification between the open platform and the third-party application server can be realized, which can prevent someone from pretending to be an open platform to deceive the third-party application server to send an electronic code to it, and can also prevent someone from pretending to be a third-party application server. Open platforms transmit malicious data. In addition, in order to further ensure that the electronic code is not tampered with or intercepted during the process of sending it to the open platform, the electronic code can also be further encrypted by a third-party application server. To this end, the method in this embodiment may also include the following details: when communicating between the open platform and the third-party application server through the first type of data transmission protocol (such as HTTPS protocol with higher security, etc.), the third-party application The electronic code returned by the server is an unencrypted electronic code, and the open platform can directly provide the electronic code to the preset user terminal, which can simplify the operation of the transmission link under the condition of high network security; when the open platform and the first When the third-party application servers communicate through the second type of data transmission protocol (such as HTTP protocol with low security, etc.), the electronic code returned by the third-party application server is an encrypted electronic code, and the open platform will decrypt the electronic code. After that, the electronic code is provided to the preset user terminal, which can improve the transmission security in the case of low network security and prevent data from being stolen at the level below the network application layer.

通过上述方式能够实现开放平台与第三方应用服务器之间的双向验证机制,能够提高开放平台与第三方应用服务器之间的数据传输的安全性。在安全性得到保障的前提下,第三方应用服务器可以在每次接收到用户发送的与电子码相关的前端支付请求之后,实时地向开放平台发送所需的电子码。由此解决了现有技术中,第三方应用服务器必须以手动方式预先向开放平台内导入一定批量的电子码所导致的操作繁琐等问题。The two-way verification mechanism between the open platform and the third-party application server can be realized through the above method, and the security of data transmission between the open platform and the third-party application server can be improved. On the premise that the security is guaranteed, the third-party application server can send the required electronic code to the open platform in real time after receiving the front-end payment request related to the electronic code sent by the user each time. This solves the problem in the prior art that the third-party application server must manually import a certain batch of electronic codes into the open platform in advance, which causes cumbersome operations and the like.

在本发明的另一实施例中,以用户阅读付费小说的应用场景为例,对本发明提供的实时获取电子码的方法进行详细介绍。其中,本实施例中的第三方应用服务器是向用户提供付费小说的服务器,该服务器提供的电子码用于激活小说的特定章节,以便使用户能够对这些章节进行阅读。图4示出了本实施例提供的实时获取电子码的方法流程图。如图4所示,该方法包括以下步骤:In another embodiment of the present invention, taking the application scenario of a user reading a paid novel as an example, the method for obtaining an electronic code in real time provided by the present invention is introduced in detail. Wherein, the third-party application server in this embodiment is a server that provides paid novels to users, and the electronic code provided by the server is used to activate specific chapters of the novel so that users can read these chapters. FIG. 4 shows a flow chart of the method for obtaining an electronic code in real time provided by this embodiment. As shown in Figure 4, the method includes the following steps:

步骤S201:用户终端向第三方应用服务器发送激活请求。Step S201: the user terminal sends an activation request to a third-party application server.

通常情况下,本步骤在用户希望阅读电子小说的付费章节时被触发。例如,当用户通过电脑等用户终端浏览完小说的概要性提示内容后,希望进一步阅读该小说的剩余章节时,需要用户先通过电子码对这些章节进行激活。为此,用户可以通过点击用户终端浏览器上显示的“立即激活”等字样的按钮来发送上述的激活请求。Normally, this step is triggered when the user wishes to read a paid chapter of the electronic novel. For example, when a user wishes to further read the remaining chapters of the novel after browsing the summary prompt content of the novel through a user terminal such as a computer, the user needs to first activate these chapters through an electronic code. To this end, the user may send the above-mentioned activation request by clicking a button with words such as "activate now" displayed on the browser of the user terminal.

通常情况下,该激活请求中会包含例如用户帐号、小说名称以及章节号等信息。为此,当用户点击“立即激活”的按钮之后,浏览器页面可以先跳转到购买激活码的相应页面,在该页面上显示有“快速购买”和“登录购买”两个选项,如果用户点击“快速购买”的选项,则需要用户填写订单信息,包括:应用名称(如电子小说)、产品单价(如阅读一节小说的阅读费用)、产品数量(如小说的章节数)、用户联系方式(如手机号码和/或电子邮箱等)等;如果用户点击“登录购买”的选项,则需要用户先输入用户帐号和密码等登录信息之后再填写相应的订单信息。由此可见,在上述过程中,浏览器可以获取到该激活请求的相关信息,并将这些相关信息写入该激活请求中。另外,在上述过程中,还可以进一步包括用户通过支付宝等支付方式为电子码支付费用的环节,该环节可通过现有的各种支付方式实现。Usually, the activation request will include information such as user account, novel title and chapter number. For this reason, after the user clicks the "Activate Now" button, the browser page can first jump to the corresponding page for purchasing the activation code. Click the "Quick Purchase" option, and the user is required to fill in the order information, including: application name (such as electronic novel), product unit price (such as the reading fee for reading a novel), product quantity (such as the number of chapters of the novel), user contact method (such as mobile phone number and/or email address, etc.); if the user clicks on the "login to purchase" option, the user needs to enter the login information such as the user account and password before filling in the corresponding order information. It can be seen that, in the above process, the browser can obtain relevant information of the activation request, and write the relevant information into the activation request. In addition, in the above process, it may further include a link in which the user pays for the electronic code through payment methods such as Alipay, which can be realized through various existing payment methods.

步骤S202:第三方应用服务器收到用户终端发来的激活请求后,向开放平台发送前端支付请求。Step S202: After receiving the activation request from the user terminal, the third-party application server sends a front-end payment request to the open platform.

第三方应用服务器首先解析该激活请求,获取到激活请求中包含的用户帐号、小说名称以及章节号等信息;然后,根据这些信息构造前端支付请求,并将该前端支付请求发送给开放平台。The third-party application server first parses the activation request, and obtains information such as the user account, novel name, and chapter number included in the activation request; then, constructs a front-end payment request based on these information, and sends the front-end payment request to the open platform.

步骤S203:开放平台接收到第三方应用服务器发送的前端支付请求后,通过第一接口向第三方应用服务器发送通知消息。Step S203: After receiving the front-end payment request sent by the third-party application server, the open platform sends a notification message to the third-party application server through the first interface.

具体地,开放平台对前端支付请求进行解析,得到其中包含的用户帐号、小说名称以及章节号等信息,然后,根据这些信息构造通知消息,并通过第一接口将通知消息发送给第三方应用服务器。其中,第一接口可以通过预设的回调函数、函数指针或URL地址等多种方式来实现。例如,该第一接口可以是开放平台预先设置好的Open API,第三方应用服务器在最初接入开放平台时,通过加载包含第一接口在内的Open API来实现与开放平台的对接。因此,在本步骤中,开放平台直接调用该第一接口就可以向第三方应用服务器发送通知消息。Specifically, the open platform parses the front-end payment request to obtain information such as the user account, novel name, and chapter number contained therein, and then constructs a notification message based on the information, and sends the notification message to a third-party application server through the first interface . Wherein, the first interface may be implemented in various ways such as a preset callback function, function pointer or URL address. For example, the first interface may be an Open API preset by the open platform. When the third-party application server first accesses the open platform, it realizes the connection with the open platform by loading the Open API including the first interface. Therefore, in this step, the open platform can send a notification message to the third-party application server by directly invoking the first interface.

在通知消息中需要包含一些需要第三方应用服务器确认的参数信息。表1示出了通知消息中所包含的参数信息:The notification message needs to include some parameter information that needs to be confirmed by the third-party application server. Table 1 shows the parameter information included in the notification message:

表1Table 1

回调参数callback parameters 必选required 参数说明Parameter Description app_keyapp_key truetrue 应用App key(加入签名)Apply App key (add signature) order_idorder_id truetrue 开放平台订单流水id(加入签名)Open platform order flow id (add signature) order_amountorder_amount truetrue 产品单价(单位为分)(加入签名)Product unit price (in cents) (add signature) order_countorder_count truetrue 购买数量(加入签名)Purchase Quantity (Add Signature) product_idproduct_id truetrue 充值产品id(加入签名)Recharge product id (add signature) sign_typesign_type truetrue 签名算法(不加入签名)Signature algorithm (do not add signature) sign_returnsign_return truetrue 应用回传给订单核实接口的参数(不加入签名)Parameters returned by the application to the order verification interface (no signature added) signsign truetrue 提取的签名(签名方法如3.1)Extracted signature (Signature method as in 3.1)

上述各个参数的属性均为true,也就是说,在本实施例中,上述各个参数都是必选参数。其中,参数app_key表示应用的名称或键值,用于唯一地标识一个应用,在本实施例中,该应用即为电子小说阅读器之类的应用,该参数的具体取值是根据发送前端支付请求的第三方应用服务器的类型确定的。参数order_id表示开放平台的订单流水号,用于唯一地标识开放平台目前正在处理的订单,该参数的具体取值是根据开放平台当前处理的订单数量自动确定的。参数order_amount表示产品的单价,在本实施例中,即为对应小说的阅读费用,该参数的具体取值可以是开放平台与第三方应用服务器之间预先约定好的,也可以是开放平台从前端支付请求中获取的。参数order_count表示购买数量,在本实施例中,该参数的具体取值可以根据前端支付请求中包含的章节号的数量确定。参数product_id表示待充值的产品的标号,用于唯一地标识待充值的产品,在本实施例中,该参数的具体取值可以根据前端支付请求中包含的小说名称确定。参数sign_type表示签名算法的类型,例如,可以是3DES算法或者AES算法等各类签名算法,通过sign_type所表示的签名算法对上述的各个参数进行签名,以便实现安全性验证。参数sign_return表示第三方应用服务器在构造订单核实请求时所需的相关信息,该参数可以不进行签名处理。参数sign表示第三方应用服务器从通知消息中提取出的正确签名。The attributes of the above parameters are all true, that is to say, in this embodiment, the above parameters are mandatory parameters. Among them, the parameter app_key represents the name or key value of the application, which is used to uniquely identify an application. In this embodiment, the application is an application such as an electronic novel reader, and the specific value of this parameter is based on the sending front-end payment Determined by the type of third-party application server requested. The parameter order_id indicates the order serial number of the open platform, which is used to uniquely identify the order currently being processed by the open platform. The specific value of this parameter is automatically determined according to the number of orders currently processed by the open platform. The parameter order_amount indicates the unit price of the product. In this embodiment, it is the reading fee of the corresponding novel. The specific value of this parameter can be pre-agreed between the open platform and the third-party application server, or it can be obtained from the front end of the open platform. Obtained in the payment request. The parameter order_count indicates the purchase quantity. In this embodiment, the specific value of this parameter can be determined according to the number of chapter numbers contained in the front-end payment request. The parameter product_id represents the label of the product to be recharged, and is used to uniquely identify the product to be recharged. In this embodiment, the specific value of this parameter can be determined according to the title of the novel contained in the front-end payment request. The parameter sign_type indicates the type of signature algorithm, for example, it can be various signature algorithms such as 3DES algorithm or AES algorithm, and the above parameters are signed by the signature algorithm indicated by sign_type, so as to realize security verification. The parameter sign_return indicates the relevant information required by the third-party application server when constructing the order verification request, and this parameter does not need to be signed. The parameter sign indicates the correct signature extracted from the notification message by the third-party application server.

步骤S204:开放平台通过第二接口接收第三方应用服务器根据通知消息返回的订单核实请求。Step S204: The open platform receives the order verification request returned by the third-party application server according to the notification message through the second interface.

第三方应用服务器收到上述的通知消息后,先要解析该通知消息,并获取其中包含的参数sign_type,以便确定该通知消息中的各个参数所采用的签名算法,然后根据该签名算法相应的签名验证算法对该通知消息中加入了签名的参数(例如参数app_key、order_id、order_amount、order_count以及product_id等)进行验证,得到这些参数的签名。然后,将得到的上述参数的签名与通知消息中的参数sign所标识的签名进行比较,如果相同,则确认通知消息中的各个参数是真实合法的,第三方应用服务器则会基于通知消息中的各个参数构造订单核实请求。After receiving the above notification message, the third-party application server must first parse the notification message and obtain the parameter sign_type contained in it, so as to determine the signature algorithm adopted by each parameter in the notification message, and then sign according to the corresponding signature algorithm The verification algorithm verifies the signed parameters (such as parameters app_key, order_id, order_amount, order_count, product_id, etc.) in the notification message to obtain the signatures of these parameters. Then, compare the obtained signature of the above parameters with the signature identified by the parameter sign in the notification message. If they are the same, it is confirmed that each parameter in the notification message is true and legal, and the third-party application server will Each parameter constructs the order verification request.

具体构造订单核实请求时,可以通过多种方式来构造,例如,可以将上述参数中的sign_return参数所包含的内容通过sign_type参数所标明的签名算法进行签名,并将签名后得到的数据封装为订单核实请求。该订单核实请求通过第二接口发送给开放平台。其中,第二接口同样可以通过预设的回调函数、函数指针或URL地址等多种方式来实现。而且,第二接口与上述的第一接口既可以是不同的接口,也可以是相同的接口。When constructing an order verification request, it can be constructed in various ways. For example, the content contained in the sign_return parameter in the above parameters can be signed by the signature algorithm indicated by the sign_type parameter, and the signed data can be packaged as an order Verify request. The order verification request is sent to the open platform through the second interface. Wherein, the second interface can also be implemented in multiple ways such as a preset callback function, function pointer or URL address. Moreover, the second interface and the above-mentioned first interface may be different interfaces, or may be the same interface.

步骤S205:开放平台确定上述的订单核实请求是否合法,并在其合法时,向第三方应用服务器返回验证成功消息。Step S205: The open platform determines whether the above-mentioned order verification request is legal, and returns a verification success message to the third-party application server if it is legal.

具体地,开放平台根据sign_type参数所对应的签名验证算法对订单核实请求中的参数进行验证,获取其中的签名,根据签名来判断订单核实请求是否合法。另外,开放平台还可以通过判断订单核实请求中所包含的参数与之前发送的通知消息中的sign_return参数是否一致来判断订单核实请求的合法性。Specifically, the open platform verifies the parameters in the order verification request according to the signature verification algorithm corresponding to the sign_type parameter, obtains the signature, and judges whether the order verification request is legal according to the signature. In addition, the open platform can also determine the legitimacy of the order verification request by judging whether the parameters included in the order verification request are consistent with the sign_return parameter in the previously sent notification message.

可选地,在本发明其他的实施例中,开放平台还可以基于其他信息来确定订单核实请求的合法性。例如,第三方应用服务器可以在订单核实请求中包含产品单价信息(即小说章节的阅读费用),开放平台判断该产品单价信息是否超出预设的阈值,如果超出,则确认该订单核实请求非法。例如,假设实际情况中,一篇小说的阅读费用不会超过100元,因此,如果订单核实请求中包含的产品单价信息明显超出正常值,则可以确定该订单核实请求非法。总之,开放平台可以结合实际情况确定订单核实请求的合法性,本发明对具体的确定方式不做限定。Optionally, in other embodiments of the present invention, the open platform may also determine the legitimacy of the order verification request based on other information. For example, the third-party application server can include product unit price information (that is, the reading cost of novel chapters) in the order verification request, and the open platform judges whether the product unit price information exceeds a preset threshold, and if so, confirms that the order verification request is illegal. For example, suppose that in actual situations, the reading cost of a novel does not exceed 100 yuan. Therefore, if the product unit price information contained in the order verification request obviously exceeds the normal value, it can be determined that the order verification request is illegal. In short, the open platform can determine the legitimacy of the order verification request in combination with the actual situation, and the present invention does not limit the specific determination method.

步骤S206:开放平台接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,并将该电子码提供给预设的用户终端。Step S206: The open platform receives the electronic code corresponding to the order verification request returned by the third-party application server after receiving the verification success message, and provides the electronic code to the preset user terminal.

其中,与订单核实请求对应的电子码是指用于激活该小说的相应章节的电子码。开放平台在将电子码提供给预设的用户终端时,可以根据前端支付请求中所包含的用户帐号来确定接收电子码的用户终端地址。该用户终端地址既可以是步骤S201中发送激活请求的用户终端的地址,也可以是其他用户终端的地址。例如,假设在步骤S201中,用户通过自家的计算机终端向第三方应用服务器发送了上述的激活请求,经过上述各个步骤的处理之后,在步骤S206中,开放平台首先获取到第三方应用服务器发来的前端支付请求中所包含的用户帐号信息,然后,根据该用户帐号在注册时提供的相关信息,例如手机号码或电子邮箱地址等,向对应号码的手机终端或对应地址的电子邮箱发送电子码,然后,用户通过手机终端或电子邮箱即可获得该电子码,进而利用该电子码激活付费小说的指定章节。Wherein, the electronic code corresponding to the order verification request refers to the electronic code used to activate the corresponding chapter of the novel. When the open platform provides the electronic code to the preset user terminal, it can determine the address of the user terminal receiving the electronic code according to the user account number contained in the front-end payment request. The user terminal address may be the address of the user terminal sending the activation request in step S201, or the address of other user terminals. For example, assuming that in step S201, the user sends the above-mentioned activation request to the third-party application server through his own computer terminal, after the processing of the above-mentioned steps, in step S206, the open platform first obtains the The user account information contained in the front-end payment request, and then, according to the relevant information provided by the user account during registration, such as mobile phone number or email address, etc., send an electronic code to the mobile terminal with the corresponding number or the email address with the corresponding address. , and then, the user can obtain the electronic code through the mobile phone terminal or email, and then use the electronic code to activate the specified chapter of the paid novel.

由此可见,通过上述方式,开放平台可以在每次接收到第三方应用服务器发送的前端支付请求之后,通过第一接口和第二接口完成与第三方应用服务器之间的双向验证,并在验证通过后实时接收第三方应用服务器提供的电子码。这样既可以防止有人冒充开放平台来欺骗第三方应用服务器向其发送电子码,也可以防止有人冒充第三方应用服务器向开放平台传输恶意数据。因此,使开放平台与第三方应用服务器之间可以安全地实时传输数据。由此避免了现有技术中由于预先向开放平台手动导入一定批量的电子码所导致的操作繁琐问题,并且避免了开放平台预付电子码费用所导致的预付成本的损失风险。It can be seen that, through the above method, the open platform can complete the two-way verification with the third-party application server through the first interface and the second interface after receiving the front-end payment request sent by the third-party application server each time, and verify After passing, receive the electronic code provided by the third-party application server in real time. This can prevent someone from pretending to be an open platform to trick a third-party application server into sending an electronic code to it, and can also prevent someone from pretending to be a third-party application server to transmit malicious data to the open platform. Therefore, data can be securely transmitted in real time between the open platform and the third-party application server. This avoids the cumbersome operation problems caused by manually importing a certain batch of electronic codes into the open platform in advance in the prior art, and avoids the risk of loss of prepaid costs caused by the prepaid electronic code fees on the open platform.

另外,为了进一步确保电子码在向开放平台发送的过程中不被篡改或截获,在上述的步骤S206中,还可以由第三方应用服务器进一步对电子码进行加密,并将加密后的电子码提供给开放平台。具体加密时,可以选用3DES加密算法或AES加密算法,此时,开放平台接收到的电子码的格式如表2所示。In addition, in order to further ensure that the electronic code is not tampered with or intercepted during the process of sending it to the open platform, in the above step S206, the third-party application server may further encrypt the electronic code, and provide the encrypted electronic code with Give an open platform. For specific encryption, 3DES encryption algorithm or AES encryption algorithm can be selected. At this time, the format of the electronic code received by the open platform is shown in Table 2.

表2Table 2

通过表2可以看出,加密后的电子码中包含如下参数:操作参数config;用于表示加密方式的参数encryption,当该参数值为空或NONE时表示不加密,当该参数值为TRIPLEDES时表示3DES加密方式;用于表示初始化向量的参数iv,该参数的默认值为加密字符串的后8位;用于表示签名方法的参数signature,该参数用于验证消息的完整性,其默认值为MD5;用于表示完整性验证串的参数mac;以及用于表示数据内容(即电子码的内容)的参数ret,该参数可以通过加密或不加密两种方式传输。It can be seen from Table 2 that the encrypted electronic code contains the following parameters: the operating parameter config; the parameter encryption used to indicate the encryption method. When the value of this parameter is empty or NONE, it means no encryption; when the value of this parameter is TRIPLEDES Indicates the 3DES encryption method; the parameter iv used to indicate the initialization vector, the default value of this parameter is the last 8 digits of the encrypted string; the parameter signature used to indicate the signature method, which is used to verify the integrity of the message, and its default value It is MD5; the parameter mac used to indicate the integrity verification string; and the parameter ret used to indicate the data content (that is, the content of the electronic code), which can be transmitted in two ways: encrypted or unencrypted.

下面给出上述参数的代码表示方法:The code representation of the above parameters is given below:

在上述代码段中,加密方式为TRIPLEDES,初始化向量为随机数,且包含用于表示“完整性验证串”的参数completion,以及用于表示签名方法的参数signature。In the above code segment, the encryption method is TRIPLEDES, the initialization vector is a random number, and includes the parameter completion used to represent the "integrity verification string" and the parameter signature used to represent the signature method.

根据上述代码段对接收到的电子码进行解析,得到其中包含的数据内容“ret”,对“ret”进行解密后,视实际情况可能得到如下两种结果中的任意一种:Analyze the received electronic code according to the above code segment, and get the data content "ret" contained in it. After decrypting "ret", one of the following two results may be obtained depending on the actual situation:

在第一种结果中,得到的电子码为单个电子码,也就是说,第三方应用服务器一次只返回了一个电子码,此时,“ret”的解密结果如下:In the first result, the obtained electronic code is a single electronic code, that is to say, the third-party application server only returns one electronic code at a time. At this time, the decryption result of "ret" is as follows:

在第二种结果中,得到的电子码为多个电子码,也就是说,第三方应用服务器一次返回了多个电子码,此时,“ret”的解密结果如下:In the second result, the obtained electronic code is multiple electronic codes, that is to say, the third-party application server returns multiple electronic codes at one time. At this time, the decryption result of "ret" is as follows:

通过上述加密传输方式能够确保电子码在向开放平台发送的过程中不被篡改或截获,从而进一步提高安全性。Through the above encrypted transmission method, it can be ensured that the electronic code will not be tampered with or intercepted during the process of sending it to the open platform, thereby further improving security.

图5示出了本发明实施例提供的实时获取电子码的开放平台的结构图。如图5所示,该开放平台50包括第一通信模块51、第一接口模块52、第二接口模块53、验证模块54以及第二通信模块55。Fig. 5 shows a structural diagram of an open platform for real-time acquisition of electronic codes provided by an embodiment of the present invention. As shown in FIG. 5 , the open platform 50 includes a first communication module 51 , a first interface module 52 , a second interface module 53 , a verification module 54 and a second communication module 55 .

第一通信模块51接收第三方应用服务器发送的前端支付请求。The first communication module 51 receives the front-end payment request sent by the third-party application server.

第一接口模块52向第三方应用服务器发送通知消息。其中,第一接口模块52通过预设的第一回调函数、第一函数指针或第一URL地址发送该通知消息。The first interface module 52 sends a notification message to the third-party application server. Wherein, the first interface module 52 sends the notification message through a preset first callback function, a first function pointer or a first URL address.

第二接口模块53接收第三方应用服务器根据通知消息返回的订单核实请求。其中,第二接口模块53通过预设的第二回调函数、第二函数指针或第二URL地址接收该订单核实请求。The second interface module 53 receives the order verification request returned by the third-party application server according to the notification message. Wherein, the second interface module 53 receives the order verification request through a preset second callback function, a second function pointer or a second URL address.

验证模块54确定订单核实请求是否合法。第二通信模块55在订单核实请求合法时向第三方应用服务器返回验证成功消息,并接收第三方应用服务器收到验证成功消息后返回的与订单核实请求对应的电子码,将电子码提供给预设的用户终端。其中,当第三方应用服务器返回的电子码是经过加密的电子码时,第二通信模块55进一步对该电子码进行解密。The verification module 54 determines whether the order verification request is legitimate. The second communication module 55 returns a verification success message to the third-party application server when the order verification request is legal, and receives the electronic code corresponding to the order verification request returned by the third-party application server after receiving the verification success message, and provides the electronic code to the pre-order set user terminal. Wherein, when the electronic code returned by the third-party application server is an encrypted electronic code, the second communication module 55 further decrypts the electronic code.

可选地,第一接口模块52发送的通知消息中包含前端支付请求的相关信息,且这些相关信息通过预设的数字签名算法进行签名;则第三方应用服务器收到该通知消息后,先通过预设的签名验证算法对该通知消息进行验证,再根据验证通过后得到的相关信息返回订单核实请求。其中,订单核实请求中包含第三方应用服务器从相关信息中获取的待验证参数,且这些待验证参数通过预设的数字签名算法进行签名;则验证模块适于通过预设的签名验证算法对该订单核实请求进行验证,得到其中的待验证参数,如果待验证参数合法,则确定该订单核实请求合法。Optionally, the notification message sent by the first interface module 52 includes relevant information of the front-end payment request, and the relevant information is signed by a preset digital signature algorithm; after receiving the notification message, the third-party application server first passes The preset signature verification algorithm verifies the notification message, and then returns the order verification request according to the relevant information obtained after the verification is passed. Wherein, the order verification request includes the parameters to be verified obtained from the relevant information by the third-party application server, and these parameters to be verified are signed by a preset digital signature algorithm; The order verification request is verified, and the parameters to be verified are obtained. If the parameters to be verified are legal, it is determined that the order verification request is legal.

图6示出了本发明实施例提供的实时获取电子码的系统的结构图。如图6所示,该系统包括:上述的开放平台50以及第三方应用服务器60,所述系统还包括一个或多个用户终端(图上未示出),所述第三方应用服务器的数量还可以为多个。关于开放平台的具体结构可参照上述实施例的描述,此处不再赘述。Fig. 6 shows a structural diagram of a system for obtaining electronic codes in real time according to an embodiment of the present invention. As shown in Figure 6, the system includes: the above-mentioned open platform 50 and a third-party application server 60, the system also includes one or more user terminals (not shown in the figure), the number of the third-party application server is also Can be multiple. For the specific structure of the open platform, reference may be made to the descriptions of the foregoing embodiments, which will not be repeated here.

在本发明提供的实时获取电子码的方法及开放平台中,为第三方应用服务器提供了两个开放的接口(第一接口和第二接口),通过这两个接口,能够实现开放平台与第三方应用服务器之间的实时数据交互,从而使开放平台能够在每次接收到第三方应用服务器发送的前端支付请求后,向第三方应用服务器发送通知消息,接收及验证第三方应用服务器返回的订单核实请求,并在验证通过后向第三方应用服务器返回验证成功消息,最后接收第三方应用服务器据此返回的电子码。通过上述方式能够实现开放平台与第三方应用服务器之间的双向验证机制,能够提高开放平台与第三方应用服务器之间的数据传输的安全性。在安全性得到保障的前提下,第三方应用服务器可以在每次接收到用户发送的与电子码相关的前端支付请求之后,实时地向开放平台发送所需的电子码。由此解决了现有技术中,第三方应用服务器必须以手动方式预先向开放平台内导入一定批量的电子码所导致的操作繁琐等问题。In the method and open platform for obtaining electronic codes in real time provided by the present invention, two open interfaces (the first interface and the second interface) are provided for the third-party application server. Through these two interfaces, the open platform and the second interface can be realized. Real-time data interaction between the three-party application servers, so that the open platform can send a notification message to the third-party application server every time it receives the front-end payment request sent by the third-party application server, and receive and verify the order returned by the third-party application server Verify the request, and return a verification success message to the third-party application server after the verification is passed, and finally receive the electronic code returned by the third-party application server accordingly. The two-way verification mechanism between the open platform and the third-party application server can be realized through the above method, and the security of data transmission between the open platform and the third-party application server can be improved. On the premise that the security is guaranteed, the third-party application server can send the required electronic code to the open platform in real time after receiving the front-end payment request related to the electronic code sent by the user each time. This solves the problem in the prior art that the third-party application server must manually import a certain batch of electronic codes into the open platform in advance, which causes cumbersome operations and the like.

在此提供的算法和显示不与任何特定计算机、虚拟系统或者其它设备固有相关。各种通用系统也可以与基于在此的示教一起使用。根据上面的描述,构造这类系统所要求的结构是显而易见的。此外,本发明也不针对任何特定编程语言。应当明白,可以利用各种编程语言实现在此描述的本发明的内容,并且上面对特定语言所做的描述是为了披露本发明的最佳实施方式。The algorithms and displays presented herein are not inherently related to any particular computer, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages can be used to implement the content of the present invention described herein, and the above description of specific languages is for disclosing the best mode of the present invention.

在此处所提供的说明书中,说明了大量具体细节。然而,能够理解,本发明的实施例可以在没有这些具体细节的情况下实践。在一些实例中,并未详细示出公知的方法、结构和技术,以便不模糊对本说明书的理解。In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

类似地,应当理解,为了精简本公开并帮助理解各个发明方面中的一个或多个,在上面对本发明的示例性实施例的描述中,本发明的各个特征有时被一起分组到单个实施例、图、或者对其的描述中。然而,并不应将该公开的方法解释成反映如下意图:即所要求保护的本发明要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说,如下面的权利要求书所反映的那样,发明方面在于少于前面公开的单个实施例的所有特征。因此,遵循具体实施方式的权利要求书由此明确地并入该具体实施方式,其中每个权利要求本身都作为本发明的单独实施例。Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, in order to streamline this disclosure and to facilitate an understanding of one or more of the various inventive aspects, various features of the invention are sometimes grouped together in a single embodiment, figure, or its description. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

本领域那些技术人员可以理解,可以对实施例中的设备中的模块进行自适应性地改变并且把它们设置在与该实施例不同的一个或多个设备中。可以把实施例中的模块或单元或组件组合成一个模块或单元或组件,以及此外可以把它们分成多个子模块或子单元或子组件。除了这样的特征和/或过程或者单元中的至少一些是相互排斥之外,可以采用任何组合对本说明书(包括伴随的权利要求、摘要和附图)中公开的所有特征以及如此公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述,本说明书(包括伴随的权利要求、摘要和附图)中公开的每个特征可以由提供相同、等同或相似目的的替代特征来代替。Those skilled in the art can understand that the modules in the device in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings), as well as any method or method so disclosed, may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

此外,本领域的技术人员能够理解,尽管在此所述的一些实施例包括其它实施例中所包括的某些特征而不是其它特征,但是不同实施例的特征的组合意味着处于本发明的范围之内并且形成不同的实施例。例如,在下面的权利要求书中,所要求保护的实施例的任意之一都可以以任意的组合方式来使用。Furthermore, those skilled in the art will understand that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

本发明的各个部件实施例可以以硬件实现,或者以在一个或者多个处理器上运行的软件模块实现,或者以它们的组合实现。本领域的技术人员应当理解,可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例的装置中的一些或者全部部件的一些或者全部功能。本发明还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如,计算机程序和计算机程序产品)。这样的实现本发明的程序可以存储在计算机可读介质上,或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到,或者在载体信号上提供,或者以任何其他形式提供。The various component embodiments of the present invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art should understand that a microprocessor or a digital signal processor (DSP) may be used in practice to implement some or all functions of some or all components in the device according to the embodiment of the present invention. The present invention can also be implemented as an apparatus or an apparatus program (for example, a computer program and a computer program product) for performing a part or all of the methods described herein. Such a program for realizing the present invention may be stored on a computer-readable medium, or may be in the form of one or more signals. Such a signal may be downloaded from an Internet site, or provided on a carrier signal, or provided in any other form.

应该注意的是上述实施例对本发明进行说明而不是对本发明进行限制,并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。在权利要求中,不应将位于括号之间的任何参考符号构造成对权利要求的限制。单词“包含”不排除存在未列在权利要求中的元件或步骤。位于元件之前的单词“一”或“一个”不排除存在多个这样的元件。本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的计算机来实现。在列举了若干装置的单元权利要求中,这些装置中的若干个可以是通过同一个硬件项来具体体现。单词第一、第二、以及第三等的使用不表示任何顺序。可将这些单词解释为名称。It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a unit claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The use of the words first, second, and third, etc. does not indicate any order. These words can be interpreted as names.

Claims (11)

1. a method for real-time acquisition electronics code, including:
After open platform receives the front-end payment request that third-party application server sends, connect by first Mouth sends a notification message to described third-party application server;Wherein, described in described notification message comprises The relevant information of front-end payment request;
By third-party application server described in the second interface according to the institute comprised in described notification message Request examined by the order of the relevant information return stating front-end payment request;
When determine described order examine request legal time, to described third-party application server return verify into Merit message;
Receive described third-party application server receive described in be proved to be successful after message that return with described order Examine the electronics code that request is corresponding, and described electronics code is supplied to the user terminal preset.
The most described first interface is by the first readjustment preset Function, the first function pointer or a URL address realize, and described second interface is by default second time Letter of transfer number, the second function pointer or the 2nd URL address realize.
The described front end comprised in the most described notification message is propped up The relevant information paying request is signed by the Digital Signature Algorithm preset;
After described third-party application server receives described notification message, first pass through default signature verification and calculate Described notification message is verified by method, returns institute further according to the described relevant information obtained after being verified State order and examine request.
4. method as claimed in claim 3, wherein, described third-party application server is logical according to checking Later the described relevant information described order of return obtained is examined the step of request and is included: obtain described relevant The parameter to be verified comprised in information, by described default Digital Signature Algorithm to described parameter to be verified Sign, the parameter to be verified after signature is encapsulated in described order and examines in request;
Described open platform determines that described order is examined the legal step of request and included: by default signature Described order is examined request and is verified by verification algorithm, obtains parameter to be verified therein, if described Parameter to be verified is legal, it is determined that it is legal that request examined by described order.
5. the method as described in claim 1-4 is arbitrary, wherein, when described open platform and the described 3rd When being communicated by primary sources host-host protocol between side's application server, described third-party application takes The electronics code that business device returns is the electronics code do not encrypted, and the most described open platform is directly by described electronics code It is supplied to the user terminal preset;Wherein, described primary sources host-host protocol includes HTTPS agreement;
By secondary sources host-host protocol between described open platform and described third-party application server When communicating, the electronics code that described third-party application server returns is the electronics code through encryption, then Described electronics code is supplied to the user preset by described open platform again after being decrypted described electronics code Terminal;Wherein, described secondary sources host-host protocol includes http protocol.
6. an open platform for real-time acquisition electronics code, including:
First communication module, is suitable to receive the front-end payment request that third-party application server sends;
First interface module, is suitable to send a notification message to described third-party application server;Wherein, institute State the relevant information comprising described front-end payment request in notification message;
Second interface module, is suitable to receive described third-party application server and wraps according in described notification message Request examined by the order that the relevant information of the described front-end payment request contained returns;
Authentication module, is adapted to determine that request examined by described order the most legal;
Second communication module, is suitable to service to described third-party application when described order is examined and asked legal Device returns and is proved to be successful message, and receive described third-party application server receive described in be proved to be successful message Corresponding electronics code is asked in examining with described order of rear return, and described electronics code is supplied to the use preset Family terminal.
7. open platform as claimed in claim 6, wherein, described first interface module is passed through default First call back function, the first function pointer or a URL address send described notification message;
Described second interface module is by the second call back function, the second function pointer or the 2nd URL that preset Address receives described order and examines request.
8. open platform as claimed in claim 6, wherein, the notice that described first interface module sends The relevant information of the described front-end payment request comprised in message is signed by the Digital Signature Algorithm preset Name;
After described third-party application server receives described notification message, first pass through default signature verification and calculate Described notification message is verified by method, returns institute further according to the described relevant information obtained after being verified State order and examine request.
9. open platform as claimed in claim 8, wherein, described order examine request comprises described The parameter to be verified that third-party application server obtains from described relevant information, and described parameter to be verified Signed by default Digital Signature Algorithm;
Described authentication module is suitable to, by default signature verification algorithm, described order is examined request and tests Card, obtains parameter to be verified therein, if described parameter to be verified is legal, it is determined that described order core Real request is legal.
10. the open platform as described in claim 6-9 is arbitrary, wherein, when described third-party application takes The electronics code that business device returns is the electronics code through encryption, the second communication module in described open platform It is further adapted for described electronics code is decrypted.
The system of 11. 1 kinds of real-time acquisition electronics codes, including: opening as described in claim 6-10 is arbitrary Set level platform, one or more user terminals and one or more third-party application server.
CN201310585149.6A 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time Active CN103561115B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310585149.6A CN103561115B (en) 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310585149.6A CN103561115B (en) 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time

Publications (2)

Publication Number Publication Date
CN103561115A CN103561115A (en) 2014-02-05
CN103561115B true CN103561115B (en) 2016-09-28

Family

ID=50015265

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310585149.6A Active CN103561115B (en) 2013-11-19 2013-11-19 Obtain the method for electronics code, open platform and system in real time

Country Status (1)

Country Link
CN (1) CN103561115B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635050B (en) * 2014-10-29 2019-12-27 腾讯科技(深圳)有限公司 Data interaction method and system
CN105635051B (en) * 2014-10-29 2020-07-03 腾讯科技(深圳)有限公司 Data interaction method, device and system
CN105610877B (en) * 2014-10-29 2019-12-27 腾讯科技(深圳)有限公司 Data interaction method, platform server and system
CN105553920B (en) * 2014-10-29 2020-06-05 腾讯科技(深圳)有限公司 Data interaction method, device and system
CN105704196B (en) * 2014-11-28 2019-07-05 腾讯科技(深圳)有限公司 Resource supplying processing method and processing device
CN104717131B (en) 2015-02-13 2017-09-15 腾讯科技(深圳)有限公司 Information interacting method and server
CN106204034B (en) * 2015-04-29 2019-07-23 中国电信股份有限公司 Using the mutual authentication method and system of interior payment
CN107231390B (en) * 2016-03-23 2020-11-06 创新先进技术有限公司 Internet service processing method and device
US11138642B2 (en) 2018-12-26 2021-10-05 Mastercard International Incorporated Real-time messaging in a supply chain financing network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001040895A2 (en) * 1999-12-06 2001-06-07 Webusiness Usa, Inc. E-commerce market-place using an extranet platform
WO2001059569A2 (en) * 2000-02-09 2001-08-16 Apriva, Inc. Communication systems, components, and methods with programmable wireless devices
WO2005001635A2 (en) * 2003-06-10 2005-01-06 Mastercard International Incorporated Systems and methods for conducting secure payment transactions using a formatted data structure
CN102567903A (en) * 2010-12-07 2012-07-11 中国移动通信集团公司 Web application subscription method, device and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181493A1 (en) * 2000-10-26 2004-09-16 Cross Thomas M. Method and system for real-time transactional information processing

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001040895A2 (en) * 1999-12-06 2001-06-07 Webusiness Usa, Inc. E-commerce market-place using an extranet platform
WO2001059569A2 (en) * 2000-02-09 2001-08-16 Apriva, Inc. Communication systems, components, and methods with programmable wireless devices
WO2005001635A2 (en) * 2003-06-10 2005-01-06 Mastercard International Incorporated Systems and methods for conducting secure payment transactions using a formatted data structure
CN102567903A (en) * 2010-12-07 2012-07-11 中国移动通信集团公司 Web application subscription method, device and system

Also Published As

Publication number Publication date
CN103561115A (en) 2014-02-05

Similar Documents

Publication Publication Date Title
CN103561115B (en) Obtain the method for electronics code, open platform and system in real time
CN105207774B (en) The cryptographic key negotiation method and device of verification information
CN105357191B (en) The encryption method and device of user data
CN103020826B (en) Payment processing method and server
CN105207775B (en) The read method and device of verification information
CN105142139B (en) Method and device for obtaining verification information
US8949935B2 (en) Secure account creation
US20110085667A1 (en) Various methods and apparatuses for securing an application container
CN110532766A (en) A kind of processing method and relevant device of the trusted application based on more containers
WO2023030450A1 (en) Data sharing method and electronic device
CN106790267A (en) A kind of method and apparatus of access server operating system
CN104660557B (en) operation processing method and device
CN103561006B (en) Application authentication method and device and application authentication server based on Android
CN114528571B (en) Resource access and data processing method, device, electronic device and medium
CN106878245A (en) Graphic code information provision and acquisition method, device and terminal
CN107342966B (en) Authority credentials distribution method and device
US20140298486A1 (en) Granting access to digital content obtained from a third-party service
CN110677399B (en) Authentication method and device
CN108449315A (en) Ask calibration equipment, method and the computer readable storage medium of legitimacy
WO2023005838A1 (en) Data sharing method and electronic device
CN110033340A (en) Interior purchase management method, device and the client device of virtual goods
CN108566374A (en) A kind of application method for down loading and its system, block chain node device, terminal
CN109495458A (en) A kind of method, system and the associated component of data transmission
CN112819469B (en) Payment method and system, terminal, server, computer system and medium
CN104463584A (en) Method for Realizing Secure Payment of Mobile App

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220728

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.