CN104144152B - For the authorization method and system of third party's resource provider - Google Patents
For the authorization method and system of third party's resource provider Download PDFInfo
- Publication number
- CN104144152B CN104144152B CN201310170682.6A CN201310170682A CN104144152B CN 104144152 B CN104144152 B CN 104144152B CN 201310170682 A CN201310170682 A CN 201310170682A CN 104144152 B CN104144152 B CN 104144152B
- Authority
- CN
- China
- Prior art keywords
- information
- party
- resource
- intrinsic
- business
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of authorization method and system for third party's resource provider.This method includes:Business request information in response to receiving user's transmission, third party's business unit sends authorization request message to resource allocation unit, the identification information of third party's ResourceOffering element is included in authorization request message, sent by resource allocation unit to user and authorize prompting message, prompt user to authorize third party's business unit and third party's ResourceOffering element.The authorization information inputted according to user, so that user is realized in a sub-authorization to being authorized while third party's business unit as resource user, third party's ResourceOffering element, to realize access and acquisition of third party's ResourceOffering element to intrinsic resource information.By technical scheme provided by the invention, in customer service process for using, the resource authorization to third party's resource provider is safely and conveniently realized.
Description
Technical field
The present invention relates to Internet service field, more particularly to a kind of authorization method for third party's resource provider with
System.
Background technology
In recent years, platform opens the main flow business trend for turning into current internet.Internet enterprises provide as resource
Side, pass through open application programming interface(Application Programming Interface,API)There is provided etc. mode
Open platform, packed so as to which own resource be integrated, opening.Applications developer plays wound as resource user
Power is made, more service applications are createed based on open source, so as to provide more rich more high-quality business for Internet user
Service.
With the development of open platform business model, popularization effect of the intrinsic resource provider to resource capability is gradually convex
It is aobvious, attract many third party's resource providers.Third party's resource provider wishes with open platform inherently to provide own resource
Source is integrated, and can both enrich the attraction of the open source, enhancing of intrinsic resource provider offer to service application developer
Power, it is also possible to complete the service application to oneself resource by open platform.
Shown in Figure 1, Fig. 1 shows that a kind of resource based on open platform provides pattern.This pattern is as a kind of complete
New resource provides pattern, and under above-mentioned business scenario, third party's service application as resource user is, it is necessary to use the 3rd
Third party's resource that square resource provider provides.And third party's resource provider needs to obtain user's mandate or identity information
It can realize from the open platform of intrinsic resource provider and obtain intrinsic resource, so as to provide third party's money for third party's service application
Source.However, user resources are supplied to third party's resource provider, it would be possible to cause that user is authorized or identity information is let out
Dew.
At present, for the resources mode provided by development platform, generally use, which opens, to be authorized(Open
Authorization, OAUTH)Agreement, to protect user information safety and individual subscriber privacy in the external output procedure of resource.
The man-to-man authorizing information that the agreement is defined between resource provider, resource user, end user three is dealt with relationship,
Comparatively safe, open and easy standard is provided for the mandate of user resources.But provide pattern for above-mentioned new resources
Under business scenario, existing OAuth agreements are directed to the authorization flow of third party's resource provider, can not also realize to the
The mandate of tripartite's resource provider.Therefore, it is necessary to which a kind of technical scheme in customer service process for using, is safely realized to the
The mandate of tripartite's resource provider.
The content of the invention
One side according to embodiments of the present invention, a technical problem to be solved are:There is provided a kind of for the 3rd
The authorization method and system of square resource provider, easily and safely realize the mandate to third party's resource provider.
A kind of authorization method for third party's resource provider provided in an embodiment of the present invention, methods described include:
Business request information in response to receiving user's transmission, third party's business unit send to resource allocation unit and awarded
Weigh request message;
According to the authorization request message, the resource allocation unit obtains in the authorization request message and asks resource
ResourceOffering element identification information;
Identification information in response to including third party's ResourceOffering element in the authorization request message, the resource allocation
Unit is sent to the user authorizes prompting message, comprising the prompting user to the third party in the mandate prompting message
The information that business unit is authorized with third party's ResourceOffering element;
The authorization information of user's input is received, is included respectively to third party's business in the authorization information
The authorization information of unit and third party's ResourceOffering element;
According to the authorization information, the resource allocation unit is respectively to third party's business unit and described the
Tripartite's ResourceOffering element issues the first credential information and the second credential information;
Third party's ResourceOffering element accesses intrinsic ResourceOffering element using second credential information, and request obtains
Intrinsic resource information corresponding to taking;
The intrinsic ResourceOffering element is according to checking information corresponding with second credential information, checking described second
Credential information;
In response to being verified, to intrinsic resource information corresponding to third party's ResourceOffering element offer, to cause
Third party's ResourceOffering element provides the 3rd according to the corresponding intrinsic resource information to third party's business unit
Square resource information;
Third party's business unit utilizes first credential information, and described is obtained from third party's business unit
Tripartite's resource information, to provide the business service for the business request information for the user.
Preferably, methods described also includes:
According to the authorization information, the resource allocation unit issues the 3rd voucher to third party's business unit
Information;
Third party's business unit utilizes the 3rd credential information, obtains what the intrinsic ResourceOffering element provided
Intrinsic resource information;Or
Third party's business unit utilizes first credential information, obtains what the intrinsic ResourceOffering element provided
Intrinsic resource information.
Preferably, third party's business unit sends authorization request message to resource allocation unit, specifically includes:
According to the business service required for the business request information, third party's business unit identification provides the industry
Resource information required for business service;
Included in the authorization request message that third party's business unit is sent to resource allocation unit to described required
Resource information application information;
The resource allocation unit obtains the ResourceOffering element identification information that resource is asked in the authorization request message,
Specifically include:
According to the application information, the resource for obtaining the offer required resource information carries the resource allocation unit
For unit marks information.
Preferably, described in response to being verified, the intrinsic ResourceOffering element carries to third party's ResourceOffering element
For corresponding intrinsic resource information, specifically include:
In response to being verified, the intrinsic ResourceOffering element identifies according to third party's ResourceOffering element to be believed
Breath, the intrinsic money mutually bound with third party's ResourceOffering element identification information is provided to third party's ResourceOffering element
Source information.
Preferably, methods described also includes:
The resource allocation unit while the first credential information and the second credential information is issued or afterwards, will it is described with
Checking information corresponding to second credential information is sent to the intrinsic ResourceOffering element;
The intrinsic ResourceOffering element stores checking information corresponding with second credential information.
A kind of authoring system for third party's resource provider provided in an embodiment of the present invention, the system include:
Third party's business unit, for the business request information in response to receiving user's transmission, to resource allocation unit
Send authorization request message;The first credential information issued using resource allocation unit, obtained from third party's business unit described
Third party's resource information, to provide the business service for the business request information for the user;
Resource allocation unit, for according to the authorization request message, obtaining and money being asked in the authorization request message
The ResourceOffering element identification information in source;Mark in response to including third party's ResourceOffering element in the authorization request message
Information, sent to the user and authorize prompting message, comprising the prompting user to the described 3rd in the mandate prompting message
The information that square business unit is authorized with third party's ResourceOffering element;The authorization information of user's input is received,
The mandate to third party's business unit and third party's ResourceOffering element is included in the authorization information respectively
License Info;According to the authorization information, provided respectively to third party's business unit and third party's resource single
Member issues the first credential information and the second credential information;
Third party's ResourceOffering element, for accessing intrinsic ResourceOffering element, request using second credential information
Intrinsic resource information corresponding to acquisition;In response to being verified, according to corresponding intrinsic resource information, to third party's business
Unit provides third party's resource information;
Intrinsic ResourceOffering element, for according to checking information corresponding with second credential information, checking described the
Two credential informations, in response to being verified, to intrinsic resource information corresponding to third party's ResourceOffering element offer.
Preferably, the resource allocation unit, it is additionally operable to according to the authorization information, to third party's business sheet
Member issues the 3rd credential information;
Third party's business unit, it is additionally operable to utilize the 3rd credential information, obtains the intrinsic resource and list is provided
The intrinsic resource information that member provides;Or
Third party's business unit, it is additionally operable to utilize first credential information, obtains the intrinsic resource and list is provided
The intrinsic resource information that member provides.
Preferably, third party's business unit, specifically for being taken according to the business required for the business request information
Business, identification provide the resource information required for the business service;Authorization request message is sent to resource allocation unit, authorizing please
Seek the application information included in message to the required resource information;
The resource allocation unit, specifically for according to the application information, obtaining and providing the required resource letter
The ResourceOffering element identification information of breath.
Preferably, the intrinsic ResourceOffering element, specifically in response to being verified, according to third party's resource
Unit marks information is provided, provided and third party's ResourceOffering element identification information to third party's ResourceOffering element
The mutually intrinsic resource information of binding.
Preferably, the resource allocation unit, it is additionally operable to while the first credential information and the second credential information is issued
Or afterwards, the checking information corresponding with second credential information is sent to the intrinsic ResourceOffering element;
The intrinsic ResourceOffering element, it is additionally operable to storage checking information corresponding with second credential information.
The authorization method and system for third party's resource provider that the above embodiment of the present invention provides, based on OAuth
Agreement, the identification information in response to including third party's ResourceOffering element in authorization request message, by resource allocation unit to
User, which sends, authorizes prompting message, prompts user to authorize third party's business unit and third party's ResourceOffering element.Root
The authorization information inputted according to user so that user is realized to third party's business as resource user in a sub-authorization
Authorized while unit, third party's ResourceOffering element, to realize visit of third party's ResourceOffering element to intrinsic resource information
Ask and obtain.So as in customer service process for using, safely and conveniently realize and the resource of third party's resource provider is awarded
Power.
By referring to the drawings to the present invention exemplary embodiment detailed description, further feature of the invention and its
Advantage will be made apparent from.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also
To obtain other accompanying drawings according to these accompanying drawings.
Simultaneously, it should be appreciated that for the ease of description, the size of the various pieces shown in accompanying drawing is not according to reality
Proportionate relationship draw.Similar label and letter represents similar terms in following accompanying drawing, therefore, once a certain Xiang Yi
It is defined, then it need not be further discussed in subsequent accompanying drawing in individual accompanying drawing.
The accompanying drawing of a part for constitution instruction describes embodiments of the invention, and is used to solve together with the description
Release the principle of the present invention.
Referring to the drawings, according to following detailed description, the present invention can be more clearly understood, wherein:
Fig. 1 shows that a kind of resource based on open platform provides pattern;
Fig. 2 shows that a kind of flow of embodiment of the authorization method for third party's resource provider provided by the present invention is shown
It is intended to;
Fig. 3 shows that a kind of flow of embodiment of the authorization method for third party's resource provider provided by the present invention is shown
It is intended to;
Fig. 4 shows that a kind of flow of embodiment of the authorization method for third party's resource provider provided by the present invention is shown
It is intended to;
Fig. 5 shows that a kind of structure of embodiment of the authoring system for third party's resource provider provided by the present invention is shown
It is intended to.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.It should note
Anticipate and arrive:Unless specifically stated otherwise, the part and the positioned opposite of step otherwise illustrated in these embodiments does not limit this hair
Bright scope.
The description only actually at least one exemplary embodiment is illustrative to be never used as to the present invention below
And its application or any restrictions that use.Based on the embodiment in the present invention, those of ordinary skill in the art are not making wound
The every other embodiment obtained under the premise of the property made work, belongs to the scope of protection of the invention.
It may be not discussed in detail for technology, method and apparatus known to person of ordinary skill in the relevant, but suitable
In the case of, the technology, method and apparatus should be considered as authorizing part for specification.
In shown here and discussion all examples, any occurrence should be construed as merely exemplary, without
It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
Shown in Figure 2, Fig. 2 shows that the authorization method provided by the present invention for third party's resource provider is a kind of real
Apply the schematic flow sheet of example.User therein can be the various user terminals that user uses.The embodiment provide for the
The authorization method of tripartite's resource provider, including following operation.
101, the business request information in response to receiving user's transmission, third party's business unit is sent out to resource allocation unit
Send authorization request message.User passes through the service application that sends business request information to be provided using third party's business unit.
102, according to authorization request message, resource allocation unit, which is obtained in authorization request message, asks the resource of resource to carry
For unit marks information, so as to according to ResourceOffering element identification information, judge whether provided comprising third party's resource
The identification information of unit.
103, the identification information in response to including third party's ResourceOffering element in authorization request message, resource allocation unit
Sent to user and authorize prompting message, authorized in prompting message comprising prompting user to third party's business unit and third party's resource
The information that unit is authorized is provided.Prompting message is authorized by sending, to apply for that user is authorized.
104, the authorization information of user's input is received, is included respectively to third party's business unit in authorization information
With the authorization information of third party's ResourceOffering element.
105, according to authorization information, resource allocation unit provides to third party's business unit and third party's resource respectively
Unit issues the first credential information and the second credential information.According to different third party's ResourceOffering elements, resource allocation unit
The second separate credential information can be distributed to different third party's ResourceOffering elements.For example, respectively 3 the 3rd
Square resource provider unit a, b, c, respective second credential information voucher x, y, z is issued respectively.
106, third party's ResourceOffering element accesses intrinsic ResourceOffering element, acquisition request pair using the second credential information
The intrinsic resource information answered.Accordingly, third party's ResourceOffering element can utilize respective second credential information, access mutual
The second independent credential information, with corresponding intrinsic resource information.
107, intrinsic ResourceOffering element is according to checking information corresponding with the second credential information, checking the second voucher letter
Breath.Intrinsic ResourceOffering element utilizes checking information corresponding to the second credential information, and third party's ResourceOffering element is reflected
Power, to identify whether third party's ResourceOffering element has the authority for obtaining intrinsic resource.
108, it is intrinsic corresponding to intrinsic ResourceOffering element to third party's ResourceOffering element offer in response to being verified
Resource information, corresponding intrinsic resource information can be that the intrinsic resource letter to binding is identified with third party's ResourceOffering element
Breath, so that third party's ResourceOffering element can provide according to corresponding intrinsic resource information to third party's business unit
Third party's resource information.
109, third party's business unit utilizes the first credential information, and third party's resource letter is obtained from third party's business unit
Breath, to provide the user the business service for being directed to business request information.
In the authorization method for third party's resource that the above embodiment of the present invention provides, based on OAuth agreements, in response to
The identification information of third party's ResourceOffering element is included in authorization request message, is sent and authorized to user by resource allocation unit
Prompting message, user is prompted to authorize third party's business unit and third party's ResourceOffering element.Inputted according to user
Authorization information so that user is realized to third party's business unit as resource user, third party in a sub-authorization
Authorized while ResourceOffering element, to realize access and acquisition of third party's ResourceOffering element to intrinsic resource information.From
And in customer service process for using, safely and conveniently realize the resource authorization to third party's resource provider.
It should be noted that for the checking of defined, authentication process in OAuth agreements or to realize checking, authentication
Required encryption and decryption operation, those skilled in the art can repeat no more here according to OAuth protocol realizations.
Shown in Figure 3, Fig. 3 shows that the authorization method provided by the present invention for third party's resource provider is a kind of real
Apply the schematic flow sheet of example.According to the inventive method embodiment specific example, relative to Fig. 2, embodiment illustrated in fig. 3
Method can also include:
201, according to authorization information, resource allocation unit issues the 3rd credential information to third party's business unit;
202, third party's business unit utilizes the 3rd credential information, obtains the intrinsic resource that intrinsic ResourceOffering element provides
Information.
Above-mentioned 3rd credential information can be identical with the first credential information, can also be different.201 operation can be with 105
Operation simultaneously, before or after in 105 operation perform.
Shown in Figure 4, Fig. 4 shows that the authorization method provided by the present invention for third party's resource provider is a kind of real
Apply the schematic flow sheet of example.Third party's business unit can also utilize identical credential information access intrinsic ResourceOffering element with
Third party's ResourceOffering element.Therefore, third party's business unit utilizes the first credential information, accesses ResourceOffering element and provides,
And obtain the intrinsic resource information that intrinsic ResourceOffering element provides.Compared to Figure 1, this method also includes:
401, third party's business unit accesses intrinsic ResourceOffering element using the first credential information, and acquisition request inherently provides
Source information.
In the present embodiment, third party's business unit is accessed intrinsic by the first credential information, the 3rd credential information respectively
ResourceOffering element, third party's ResourceOffering element, so as to obtain a variety of different resource informations, then integrate different resource letters
Breath provides the user business service.
According to the inventive method embodiment specific example, third party's business unit sends to resource allocation unit and awarded
Request message is weighed, can specifically be included:Business service according to required for business request information, the identification of third party's business unit carry
For the resource information required for business service;Wrapped in the authorization request message that third party's business unit is sent to resource allocation unit
Containing the application information to required resource information.
Resource allocation unit according to application information, believe by the ResourceOffering element mark for obtaining the resource information required for providing
Breath, so as to the identification information judgment according to these ResourceOffering elements, which is third party's ResourceOffering element.
According to the inventive method embodiment specific example, in fig. 2 in 108 operations, in response to being verified, Gu
Intrinsic resource information corresponding to having ResourceOffering element to third party's ResourceOffering element offer, is specifically as follows:In response to testing
Card passes through, and intrinsic ResourceOffering element carries according to third party's ResourceOffering element identification information to third party's ResourceOffering element
For the intrinsic resource information mutually bound with third party's ResourceOffering element identification information.
Can be according to third party's ResourceOffering element to intrinsic resource information corresponding to the offer of third party's ResourceOffering element
The resource binding mapping established between intrinsic ResourceOffering element determines.Intrinsic ResourceOffering element and third party's resource carry
For that between unit, can appoint that with same mark, each accurately knowing in order to both sides carry for same user
The resource information of confession.For example, it is resource A that intrinsic ResourceOffering element, which is the intrinsic resource that the user provides, third party's resource is
Third party's resource that the user provides is resource B, according to advance binding mapping, when third party's ResourceOffering element provides correctly
Second credential information, that is, verify(Authentication)By when, each self energy is accurately positioned resource A, resource B.In embodiments of the invention
In, resource A can be the intrinsic resource information that intrinsic ResourceOffering element provides to third party's ResourceOffering element;Resource B can
To be third party's resource information that third party's ResourceOffering element is provided based on from intrinsic resource information to third party's business unit.
According to the inventive method embodiment specific example, intrinsic ResourceOffering element is carried out to the second credential information
During checking, according to checking information corresponding with the second credential information.The checking information can issue by resource allocation unit
While one credential information and the second credential information or afterwards, intrinsic ResourceOffering element is sent to.Intrinsic ResourceOffering element
The checking information is stored, so as to be verified in 107 operation to third party's ResourceOffering element.
Shown in Figure 5, Fig. 5 shows that the authoring system provided by the present invention for third party's resource provider is a kind of real
Apply the structural representation of example.The authoring system for third party's resource provider that the embodiment provides, including:
Third party's business unit 401 is used for the business request information in response to receiving user's transmission, to resource allocation list
Member sends authorization request message;The first credential information issued using resource allocation unit, is obtained from third party's business unit
Tripartite's resource information, to provide the user the business service for being directed to business request information;
Resource allocation unit 402 is used to, according to authorization request message, obtain the money for asking resource in authorization request message
Source provides unit marks information;Identification information in response to including third party's ResourceOffering element in authorization request message, Xiang Yong
Family, which is sent, authorizes prompting message, authorizes in prompting message and third party's business unit and third party's resource are provided comprising prompting user
The information that unit is authorized;The authorization information of user's input is received, is included respectively to third party in authorization information
The authorization information of business unit and third party's ResourceOffering element;According to authorization information, respectively to third party's business
Unit issues the first credential information and the second credential information with third party's ResourceOffering element;
Third party's ResourceOffering element 403 is used to access intrinsic ResourceOffering element using the second credential information, and request obtains
Intrinsic resource information corresponding to taking;In response to being verified, according to corresponding intrinsic resource information, carried to third party's business unit
For third party's resource information;
Intrinsic ResourceOffering element 404 is used to, according to checking information corresponding with the second credential information, verify the second voucher
Information, in response to being verified, to intrinsic resource information corresponding to the offer of third party's ResourceOffering element.
One specific example of system according to the invention embodiment, resource allocation unit 402, is additionally operable to according to authorization
Information, the 3rd credential information is issued to third party's business unit;
Third party's business unit 401, it is additionally operable to utilize the 3rd credential information, consolidating for intrinsic ResourceOffering element offer is provided
There is resource information.
In addition, third party's business unit can also utilize identical credential information to access intrinsic ResourceOffering element and the 3rd
Square ResourceOffering element.Therefore, third party's business unit 401, it is additionally operable to utilize first credential information, obtains described intrinsic
The intrinsic resource information that ResourceOffering element provides.
One specific example of system according to the invention embodiment, third party's business unit 401, specifically for according to business
Business service required for request message, identification provide the resource information required for business service;Sent to resource allocation unit
Authorization request message, the application information to required resource information is included in authorization request message;
Resource allocation unit 402, specifically for according to application information, the resource for obtaining the resource information required for providing carries
For unit marks information.
One specific example of system according to the invention embodiment, intrinsic ResourceOffering element 404, specifically in response to
It is verified, according to third party's ResourceOffering element identification information, is provided and third party's resource to third party's ResourceOffering element
The intrinsic resource information that unit marks information is mutually bound is provided.
One specific example of system according to the invention embodiment, resource allocation unit 402, be additionally operable to issue first with
Information is demonstrate,proved with while the second credential information or afterwards, checking information corresponding with the second credential information is sent into intrinsic resource
Unit is provided;Intrinsic ResourceOffering element 404, it is additionally operable to storage checking information corresponding with the second credential information.
So far, the authorization method and system for third party's resource provider according to the present invention is described in detail.
In order to avoid the design of the masking present invention, some details known in the field are not described.Those skilled in the art are according to upper
The description in face, completely it can be appreciated how implementing technical scheme disclosed herein.
Each embodiment is described by the way of progressive in this specification, what each embodiment stressed be and its
The difference of its embodiment, same or analogous part cross-reference between each embodiment.For system embodiment
For, because it is substantially corresponding with embodiment of the method, so description is fairly simple, referring to the portion of embodiment of the method in place of correlation
Defend oneself bright.
The authorization method and system for third party's resource provider of the present invention may be achieved in many ways.Example
Such as, being provided for third party for the present invention can be realized by any combinations of software, hardware, firmware or software, hardware, firmware
The authorization method and system of source provider.The said sequence of the step of for methods described is merely to illustrate, the present invention
Method the step of be not limited to order described in detail above, unless specifically stated otherwise.In addition, in some embodiments
In, the present invention can be also embodied as recording program in the recording medium, these programs include being used to realize according to the present invention's
The machine readable instructions of method.Thus, the present invention also covering storage is used for the record for performing the program of the method according to the invention
Medium.
Although some specific embodiments of the present invention are described in detail by example, the skill of this area
Art personnel it should be understood that above example merely to illustrating, the scope being not intended to be limiting of the invention.The skill of this area
Art personnel to above example it should be understood that can modify without departing from the scope and spirit of the present invention.This hair
Bright scope is defined by the following claims.
Claims (10)
1. a kind of authorization method for third party's resource provider, it is characterised in that methods described includes:
Business request information in response to receiving user's transmission, third party's business unit send to authorize to resource allocation unit and asked
Seek message;
According to the authorization request message, the resource allocation unit obtains the money that resource is asked in the authorization request message
Source provides unit marks information;
The resource allocation unit judges whether include third party's ResourceOffering element according to ResourceOffering element identification information
Identification information;
Identification information in response to including third party's ResourceOffering element in the authorization request message, the resource allocation unit
Sent to the user and authorize prompting message, comprising the prompting user to third party's business in the mandate prompting message
The information that unit is authorized with third party's ResourceOffering element;
The authorization information of user's input is received, is included respectively to third party's business unit in the authorization information
With the authorization information of third party's ResourceOffering element;
According to the authorization information, the resource allocation unit is respectively to third party's business unit and the third party
ResourceOffering element issues the first credential information and the second credential information;
Third party's ResourceOffering element accesses intrinsic ResourceOffering element, acquisition request pair using second credential information
The intrinsic resource information answered;
The intrinsic ResourceOffering element verifies second voucher according to checking information corresponding with second credential information
Information;
It is described to cause to intrinsic resource information corresponding to third party's ResourceOffering element offer in response to being verified
Third party's ResourceOffering element provides third party's money according to the corresponding intrinsic resource information to third party's business unit
Source information;
Third party's business unit utilizes first credential information, and the third party is obtained from third party's business unit
Resource information, to provide the business service for the business request information for the user.
2. according to the method for claim 1, it is characterised in that methods described also includes:
According to the authorization information, the resource allocation unit issues the 3rd voucher letter to third party's business unit
Breath;
Third party's business unit utilizes the 3rd credential information, obtains the intrinsic of the intrinsic ResourceOffering element offer
Resource information;Or
Third party's business unit utilizes first credential information, obtains the intrinsic of the intrinsic ResourceOffering element offer
Resource information;
3. according to the method for claim 2, it is characterised in that third party's business unit is sent to resource allocation unit
Authorization request message, specifically include:
According to the business service required for the business request information, third party's business unit identification provides the business clothes
Resource information required for business;
Included in the authorization request message that third party's business unit is sent to resource allocation unit to the required money
The application information of source information;
The resource allocation unit obtains the ResourceOffering element identification information that resource is asked in the authorization request message, specifically
Including:
The resource allocation unit obtains the resource offer list for providing the required resource information according to the application information
First identification information.
4. according to the method for claim 3, it is characterised in that described in response to being verified, the intrinsic resource provides
Intrinsic resource information corresponding to unit to third party's ResourceOffering element offer, is specifically included:
In response to being verified, the intrinsic ResourceOffering element according to third party's ResourceOffering element identification information, to
Third party's ResourceOffering element, which provides the intrinsic resource mutually bound with third party's ResourceOffering element identification information, to be believed
Breath.
5. according to the method described in Claims 1-4 any one, it is characterised in that methods described also includes:
The resource allocation unit while the first credential information and the second credential information is issued or afterwards, will it is described with it is described
Checking information corresponding to second credential information is sent to the intrinsic ResourceOffering element;
The intrinsic ResourceOffering element stores checking information corresponding with second credential information.
6. a kind of authoring system for third party's resource provider, it is characterised in that the system includes:
Third party's business unit, for the business request information in response to receiving user's transmission, sent to resource allocation unit
Authorization request message;The first credential information issued using resource allocation unit, the described 3rd is obtained from third party's business unit
Square resource information, to provide the business service for the business request information for the user;
Resource allocation unit, for according to the authorization request message, obtaining in the authorization request message and asking resource
ResourceOffering element identification information;According to ResourceOffering element identification information, whether single comprising the offer of third party's resource judge
The identification information of member;Identification information in response to including third party's ResourceOffering element in the authorization request message, to described
User, which sends, authorizes prompting message, in the mandate prompting message comprising prompt the user to third party's business unit with
The information that third party's ResourceOffering element is authorized;Receive the authorization information of user's input, the authorization
The authorization information to third party's business unit and third party's ResourceOffering element is included in information respectively;According to
The authorization information, issue the first voucher to third party's business unit and third party's ResourceOffering element respectively
Information and the second credential information;
Third party's ResourceOffering element, for accessing intrinsic ResourceOffering element, acquisition request using second credential information
Corresponding intrinsic resource information;In response to being verified, according to corresponding intrinsic resource information, to third party's business unit
Third party's resource information is provided;
Intrinsic ResourceOffering element, for according to checking information corresponding with second credential information, checking described second with
Information is demonstrate,proved, in response to being verified, to intrinsic resource information corresponding to third party's ResourceOffering element offer.
7. system according to claim 6, it is characterised in that the resource allocation unit, be additionally operable to according to the mandate
License Info, the 3rd credential information is issued to third party's business unit;
Third party's business unit, it is additionally operable to utilize the 3rd credential information, obtains the intrinsic ResourceOffering element and carry
The intrinsic resource information supplied;Or
Third party's business unit, it is additionally operable to utilize first credential information, obtains the intrinsic ResourceOffering element and carry
The intrinsic resource information supplied.
8. system according to claim 7, it is characterised in that third party's business unit, specifically for according to
Business service required for business request information, identification provide the resource information required for the business service;To resource allocation
Unit sends authorization request message, and the application information to the required resource information is included in authorization request message;
The resource allocation unit, specifically for according to the application information, obtaining and providing the required resource information
ResourceOffering element identification information.
9. system according to claim 8, it is characterised in that the intrinsic ResourceOffering element, specifically in response to
It is verified, according to third party's ResourceOffering element identification information, to third party's ResourceOffering element offer and institute
State the intrinsic resource information that third party's ResourceOffering element identification information is mutually bound.
10. according to the system described in claim 6 to 9 any one, it is characterised in that the resource allocation unit, be additionally operable to
While the first credential information and the second credential information is issued or afterwards, corresponding with second credential information tested described
Card information is sent to the intrinsic ResourceOffering element;
The intrinsic ResourceOffering element, it is additionally operable to storage checking information corresponding with second credential information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310170682.6A CN104144152B (en) | 2013-05-10 | 2013-05-10 | For the authorization method and system of third party's resource provider |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310170682.6A CN104144152B (en) | 2013-05-10 | 2013-05-10 | For the authorization method and system of third party's resource provider |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104144152A CN104144152A (en) | 2014-11-12 |
CN104144152B true CN104144152B (en) | 2017-12-08 |
Family
ID=51853220
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310170682.6A Active CN104144152B (en) | 2013-05-10 | 2013-05-10 | For the authorization method and system of third party's resource provider |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104144152B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107154912A (en) * | 2016-03-02 | 2017-09-12 | 中兴通讯股份有限公司 | A kind of offer of terminal service, acquisition methods, device and terminal |
WO2021046822A1 (en) * | 2019-09-12 | 2021-03-18 | Oppo广东移动通信有限公司 | Device activation method, terminal device, and computer storage medium |
CN111737681A (en) * | 2020-06-08 | 2020-10-02 | 海尔优家智能科技(北京)有限公司 | Resource acquisition method and device, storage medium and electronic device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102573112A (en) * | 2010-12-07 | 2012-07-11 | 中国电信股份有限公司 | Telecommunication network capability opening method, system and alliance support platform |
CN102710640A (en) * | 2012-05-31 | 2012-10-03 | 中国联合网络通信集团有限公司 | Authorization requesting method, device and system |
CN103051630A (en) * | 2012-12-21 | 2013-04-17 | 微梦创科网络科技(中国)有限公司 | Method, device and system for implementing authorization of third-party application based on open platform |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7024689B2 (en) * | 2002-12-13 | 2006-04-04 | Intuit, Inc. | Granting access rights to unattended software |
-
2013
- 2013-05-10 CN CN201310170682.6A patent/CN104144152B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102573112A (en) * | 2010-12-07 | 2012-07-11 | 中国电信股份有限公司 | Telecommunication network capability opening method, system and alliance support platform |
CN102710640A (en) * | 2012-05-31 | 2012-10-03 | 中国联合网络通信集团有限公司 | Authorization requesting method, device and system |
CN103051630A (en) * | 2012-12-21 | 2013-04-17 | 微梦创科网络科技(中国)有限公司 | Method, device and system for implementing authorization of third-party application based on open platform |
Also Published As
Publication number | Publication date |
---|---|
CN104144152A (en) | 2014-11-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104113552B (en) | A kind of platform authorization method, platform service end and applications client and system | |
CN105284091B (en) | A kind of certificate acquisition method and apparatus | |
CN104113551B (en) | A kind of platform authorization method, platform service end and applications client and system | |
CN105264818B (en) | A kind of certificate acquisition method and apparatus | |
CN105024975B (en) | The method, apparatus and system that account logs in | |
CN106534143A (en) | Method and system capable of realizing cross-application authentication authorization | |
CN103139182B (en) | A kind of method that user of permission accesses, client, server and system | |
CN103581118B (en) | A kind of resource convergence gateway and cross-platform authorization method and system | |
CN104717648B (en) | A kind of uniform authentication method and equipment based on SIM card | |
CN107294916A (en) | Single-point logging method, single-sign-on terminal and single-node login system | |
CN107835176A (en) | A kind of network authentication method and platform based on eID | |
CN103888252A (en) | UID, PID, and APPID-based control application access permission method | |
CN105991287A (en) | Signature data generation and fingerprint authentication request method and device | |
CN104158802A (en) | Platform authorization method, platform service side, application client side and system | |
CN103873449B (en) | Method for network access and system | |
CN108123795A (en) | Distributing method, application process, publishing platform and the system of quantum key chip | |
CN106302606B (en) | Across the application access method and device of one kind | |
CN106953831A (en) | A kind of authorization method of user resources, apparatus and system | |
CN110392065A (en) | Dodge the realization method and system for testing number certification SDK | |
CN109245897A (en) | A kind of node authentication method and device based on noninteractive zero-knowledge proof | |
CN103095666B (en) | Third-party application processing method and device | |
CN107766717A (en) | A kind of access control method, apparatus and system | |
CN105959276A (en) | Application control method, device, and terminal device based on third party account login | |
CN104144152B (en) | For the authorization method and system of third party's resource provider | |
CN105681340A (en) | Digital certificate use method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |