微信公众平台是腾讯推出的一个电子商务服务、社交媒体应用程序,它既可以作为一个独立的内容分发工具,也能够帮助企业在移动互联网上进行整合式的电子商务。该平台使用tokens来标识不同的对话者,但如果token数量不断增长,就会影响对话质量。因此,我们必须想法去减少token数量,否则将无法保护有效性或者保障对话流畅性。
要实现减少tokens的同时,保证对话的质量,首先要明白tokens是如何流通并存储在微信公众平台中. 微信公众平台使用OAuth 2.0协议来生成access_tokens, 这些access_tokens将作为所有API之间相互通信的“凭据”, 是API所有者(例如: 甲方) 通过协议相互之间进行通信时必需要包含在request header中. 各API之间都是以 access_token 作为"key",而 response body 中才包含真正想要得到data; access_token 是存储在内存中 (例如 : Redis , Memcache etc.) 等NoSQL Database中 .
因此 , 要想实现减少 tokens 的同时 , 各 API 都必需遵循 OAuth2.0 标准 . 各 API 服务端都应当遵循 RFC 6749 (The OAuth 2.0 Authorization Framework) 等相关标准 ; 这样 access token 才能够永久性、安全性地存储在 NoSQL Database中 , 降低 tokens 失效风险 .
此外 , 要想大大减少 tokens 的使用量 ; 高版本 SDK / Client Library / AppServer (例如 : PHP SDK )必然支撑 JWT Token (JSON Web Tokens).JWT Token 机制把 AccessToken RefreshToken UserId RoleIds ExpireDateTime Signature & other info(JSON Format) “集装”成一条URL QueryString ; 这样 request header 僵不再需要 include AccessToken string; client side app server layer code will just fetch the JWT URL querystring from cookie or localStorage and pass it to the backend api service for authentication and authorization usage .
再者 , OAuth2 protocol should be combined with OpenID Connect Protocol to reduce token number even more efficiently when dealing with multiple services across different domains as well as Single Sign-On scenarios .OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol that allows clients to verify end-users' identities in a secure manner by using an ID Token containing verified user information such as name, email address etc., so this could help us eliminate users logging into each system separately and thus reducing our need for additional tokens too..
Last but not least, we can also use caching technique to reduce token numbers while maintaining conversation quality effectively too. We can cache responses returned from APIs after successful authentication using some external storage mechanisms like memcached or redis which would allow us store frequently used data without having to make requests every time they are needed thereby reducing the amount of calls required by our application which in turn reduces number of tokens consumed per call..
In conclusion, there are many ways we can reduce token numbers while ensuring conversation quality at the same time such as following OAuth2 standards properly and implementing single sign-on solutions through openid connect protocols along with proper caching techniques depending on what type of application we are building
