CN105306210A - Method, device and system for realizing authorization through application - Google Patents
Method, device and system for realizing authorization through application Download PDFInfo
- Publication number
- CN105306210A CN105306210A CN201410376681.1A CN201410376681A CN105306210A CN 105306210 A CN105306210 A CN 105306210A CN 201410376681 A CN201410376681 A CN 201410376681A CN 105306210 A CN105306210 A CN 105306210A
- Authority
- CN
- China
- Prior art keywords
- terminal
- information
- authorization
- application program
- user account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a method, a device and a system for realizing authorization through an application, and aims to realize an authorization operation easily and rapidly through the application. The method comprises the following steps: receiving an operation execution request sent by a first terminal, wherein the operation execution request comprises user account information; when the authorization operation is needed to execute an operation, generating authorization request information, and pushing the authorization request information to an application in a second terminal through a message pushing channel, wherein the authorization request information comprises the user account information; and receiving authorization result information corresponding to the user account information returned by the application, and transmitting the authorization result information to the first terminal.
Description
Technical field
The present invention relates to Internet technical field, be specifically related to a kind of application program that utilizes and realize method, the Apparatus and system of authorizing.
Background technology
Along with the development of Internet technology, internet, applications has been dissolved in the middle of the work of people, life dramatically, protects individual account, the fail safe of information is the problem to merit attention in the process using the Internet.For ensureing fail safe, when user carries out some sensitive operation, such as login, Modify password etc., need to carry out authority checking operation.
In the prior art, general employing note or mailbox carry out the mode of authorizing, such as user uses PC (PersonalComputer, personal computer) when carrying out register, server judges to need to carry out Authorized operation, then pc client shows identifying code and send frame and input frame, after user clicks transmission, in the mobile phone that identifying code is sent to user by the mode of note or mail by server or mailbox, user opens SMS or identifying code checked by mailbox, input validation code submits server authentication to, is verified rear permission and logs in.As can be seen here, realize the mode complicated operation of authorizing in prior art, efficiency is lower.
Summary of the invention
In view of this, the invention provides a kind of application program that utilizes and realize method, the Apparatus and system of authorizing, to solve in prior art the mode complicated operation realizing authorizing, the technical problem that efficiency is lower.
For solving the problem, technical scheme provided by the invention is as follows:
Utilize application program to realize a method of authorizing, described method comprises:
Receive the executable operations request that first terminal sends, described executable operations request comprises user account information;
When determining that executable operations needs to carry out Authorized operation, generate authorization requests information, and utilize message push passage by described authorization requests information pushing to the application program in the second terminal, described authorization requests information comprises described user account information;
Receive the Authorization result information corresponding with described user account information that described application program returns, and described Authorization result information is sent to described first terminal.
Accordingly, the equipment identification information of described first terminal and the IP address of described first terminal is also comprised in described executable operations request;
Describedly determine that executable operations needs to carry out Authorized operation, comprising:
Judge that whether described first terminal is common equipment corresponding to described user account information according to the equipment identification information of described first terminal, judge that whether the IP address of described first terminal is common IP address corresponding to described user account information, if above-mentioned judged result is no, then determine that executable operations needs to carry out Authorized operation.
Accordingly, described message push passage is message push server, describedly utilizes message push passage by described authorization requests information pushing to the application program in the second terminal, comprising:
The identification information of application program in the second terminal and described authorization requests information is sent to described message push server, to make described message push server when determining that described user account information is online in described application program, push described authorization requests information to the application program in described second terminal.
Accordingly, described message push server is also for after the registration request receiving the transmission of the application program in described second terminal, preserve user account information presence in the application, described registration request comprises identification information and the user account information of application program.
Accordingly, utilize message push passage by described authorization requests information pushing to before the application program in the second terminal, described method also comprises:
Obtain the user account information in described authorization requests information;
Set up the transient node corresponding to described user account information.
Accordingly, after the Authorization result information corresponding with described user account information that the described application program of reception returns, before described Authorization result information is sent to described first terminal, described method also comprises:
According to described Authorization result information searching to corresponding described transient node, change the licensing status information of described transient node according to described Authorization result information.
Accordingly, described described authorization message is sent to described first terminal, comprising:
When described first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding described transient node, and described licensing status information is sent to described first terminal.
Accordingly, utilize message push passage by described authorization requests information pushing to the application program in the second terminal after, described method also comprises:
Send to described first terminal and wait for authorization message, be switched to make described first terminal and wait for mandate interface.
Accordingly, when described Authorization result information is for allowing authorization message, after described Authorization result information is sent to described first terminal, described method also comprises:
When again receiving the executable operations request that first terminal sends, in described executable operations request, also comprising described Authorization result information, allowing described first terminal to continue executable operations.
Utilize application program to realize a device of authorizing, described device comprises:
First receiving element, for receiving the executable operations request that first terminal sends, described executable operations request comprises user account information;
Determining unit, for determining that executable operations needs to carry out Authorized operation;
Generation unit, for when described determining unit determination executable operations needs to carry out Authorized operation, generate authorization requests information, described authorization requests information comprises described user account information;
Push unit, for utilizing message push passage by described authorization requests information pushing to the application program in the second terminal;
Second receiving element, for receiving the Authorization result information corresponding with described user account information that described application program returns;
First transmitting element, for sending to described first terminal by described Authorization result information.
Accordingly, the equipment identification information of described first terminal and the IP address of described first terminal is also comprised in described executable operations request;
Described determining unit comprises:
First judgment sub-unit, for judging that according to the equipment identification information of described first terminal whether described first terminal is common equipment corresponding to described user account information;
Second judgment sub-unit, for judging that whether the IP address of described first terminal is common IP address corresponding to described user account information;
Determine subelement, if be no for the judged result of described first judgment sub-unit, described second judgment sub-unit, then determine that executable operations needs to carry out Authorized operation.
Accordingly, described message push passage is message push server, described push unit specifically for:
The identification information of application program in the second terminal and described authorization requests information is sent to described message push server, to make described message push server when determining that described user account information is online in described application program, push described authorization requests information to the application program in described second terminal.
Accordingly, described message push server is also for after the registration request receiving the transmission of the application program in described second terminal, preserve user account information presence in the application, described registration request comprises identification information and the user account information of application program.
Accordingly, described device also comprises:
Obtain unit, for obtaining the user account information in described authorization requests information;
Set up unit, for setting up the transient node corresponding to described user account information.
Accordingly, described device also comprises:
Changing unit, for according to the described transient node of described Authorization result information searching to correspondence, changes the licensing status information of described transient node according to described Authorization result information.
Accordingly, described first transmitting element specifically for:
When described first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding described transient node, and described licensing status information is sent to described first terminal.
Accordingly, described device also comprises:
Second transmitting element, waits for authorization message for sending to described first terminal, is switched to waits for mandate interface to make described first terminal.
Accordingly, when described Authorization result information is for allowing authorization message, described device also comprises:
Allowing unit, for when again receiving the executable operations request that first terminal sends, in described executable operations request, also comprising described Authorization result information, allow described first terminal to continue executable operations.
Utilize application program to realize a system of authorizing, described system comprises:
First terminal, the second terminal and authorization server;
Described first terminal, for sending executable operations request to described authorization server, receives the Authorization result information that described authorization server sends;
Described second terminal, for receiving the authorization requests information of described authorization server push, sends described Authorization result information to described authorization server;
Described authorization server is that above-mentioned a kind of application program that utilizes realizes the device of authorizing.
As can be seen here, the embodiment of the present invention has following beneficial effect:
The embodiment of the present invention is when determining that user uses first terminal (as computer) executable operations to need to authorize, push channel is utilized to push corresponding authorization requests from second terminal (as mobile terminals such as mobile phones) of trend user, can click in the application program of the second terminal to make user authorizes button to complete mandate, the mode utilizing application program to realize authorizing is simple effectively, decrease operating process, thus improves the efficiency realizing authorizing.
Accompanying drawing explanation
The flow chart that utilize the embodiment of the method one of application program realization mandate of Fig. 1 for providing in the embodiment of the present invention;
The flow chart that utilize the embodiment of the method two of application program realization mandate of Fig. 2 for providing in the embodiment of the present invention;
Fig. 3 is the flow chart of message push process in the embodiment of the present invention;
The flow chart that utilize the embodiment of the method three of application program realization mandate of Fig. 4 for providing in the embodiment of the present invention;
The flow chart that utilize the embodiment of the method four of application program realization mandate of Fig. 5 for providing in the embodiment of the present invention;
The schematic diagram that utilize the device embodiment of application program realization mandate of Fig. 6 for providing in the embodiment of the present invention;
The schematic diagram that utilize the system embodiment of application program realization mandate of Fig. 7 for providing in the embodiment of the present invention;
The schematic diagram of server example of Fig. 8 for providing in the embodiment of the present invention.
Embodiment
For enabling above-mentioned purpose of the present invention, feature and advantage become apparent more, are described in further detail the embodiment of the present invention below in conjunction with the drawings and specific embodiments.
The application program that utilizes provided in the embodiment of the present invention realizes method, the Apparatus and system of authorizing, for realizing Authorized operation complexity in prior art, the technical problem that efficiency is lower, propose authorization requests active push to the application program in customer mobile terminal, and be prompted to user, user only need click in the application and authorize button to complete mandate, eliminates the complex processes such as input validation code, thus improves the efficiency realizing authorizing.
The embodiment of the present invention is described from the design factors utilizing application program to realize authorizing, and this device utilizing application program to realize authorizing can load in the server, and this server can be authorization server.
Shown in Figure 1, be that the application program that utilizes provided in the embodiment of the present invention realizes the embodiment of the method one of authorizing, can comprise the following steps:
Step 101: receive the executable operations request that first terminal sends, executable operations request comprises user account information.
First terminal refers to the terminal needing executable operations, and performed operation includes but not limited to that login, Modify password etc. relate to the operation of user account safety, and first terminal is generally immobile terminal, such as desktop computer etc.After first terminal triggers executable operations request, authorization server can receive the executable operations request that first terminal sends.User account information can be comprised in executable operations request, such as user name, the operation requests information relevant to executable operations can also be comprised in executable operations request, such as perform logging request, perform in register request and can comprise user name and password, to make authorization server after authentication of users name and password are passed through, can continue to perform subsequent step.
Step 102: when determining that executable operations needs to carry out Authorized operation, generates authorization requests information, and utilizes message push passage by authorization requests information pushing to the application program in the second terminal, and authorization requests information comprises user account information.
In some embodiments of the invention, the equipment identification information of first terminal and the IP address (InternetProtocolAddress, Internet protocol address) of first terminal is also comprised in executable operations request.
Then determine that executable operations needs the specific implementation of carrying out Authorized operation to comprise:
Judge that whether first terminal is common equipment corresponding to user account information according to the equipment identification information of first terminal, judge that whether the IP address of first terminal is common IP address corresponding to user account information, if above-mentioned judged result is no, then determine that executable operations needs to carry out Authorized operation.
Also namely can judge this time to operate in non-common operation place or judge that used first terminal is non-common equipment by equipment identification information by IP address, then may there are abnormal conditions in representative of consumer account, when carrying out sensitive operation, need to notify that user authorizes by trusted approach, to ensure the fail safe of user account.
Determine that executable operations needs to carry out Authorized operation and also can arrange by judging to ask the operation of execution whether to belong to user the operating list that needs carry out authorizing simultaneously, such as, user arranges each Modify password all to be needed to authorize, then when first terminal initiates the executable operations request of Modify password, directly can determine that executable operations needs to carry out Authorized operation.
When determining that executable operations needs to carry out Authorized operation, then generate authorization requests information, can user account information be comprised in authorization requests information, such as user name.
Utilize message push passage by authorization requests information pushing to the application A PP (Application) in the second terminal, second terminal refers to the terminal of carrying out Authorized operation, be generally the mobile terminal of user, such as mobile phone etc., mobile terminal generally has good individual subscriber attribute, is therefore applicable to carrying out Authorized operation.Message push passage can be message push server, and authorization requests information directly utilizes message push (PUSH) passage to be pushed to the second terminal APP by the embodiment of the present invention, thus eliminates user's request and carry out the process of authorizing.User can utilize the APP one-key operation mandate in the second terminal, then the second terminal sends the Authorization result information corresponding with user account information to authorization server, and Authorization result information can, for allowing authorization message, also can be refusal authorization message.
Step 103: receive the Authorization result information corresponding with user account information that application program returns, and Authorization result information is sent to first terminal.
Authorization result information can be sent to the first terminal needing executable operations, thus complete licensing process after receiving and authorizing combining information by authorization server.
Like this, the embodiment of the present invention is when determining that user uses first terminal (as computer) executable operations to need to authorize, push channel is utilized to push corresponding authorization requests from second terminal (as mobile terminals such as mobile phones) of trend user, can click in the application program of the second terminal to make user authorizes button to complete mandate, the mode utilizing application program to realize authorizing is simple effectively, decrease operating process, thus improves the efficiency realizing authorizing.
In some embodiments of the invention, when Authorization result information is for allowing authorization message, after Authorization result information is sent to first terminal, the method utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise: when again receiving the executable operations request that first terminal sends, also comprise Authorization result information in executable operations request, allow first terminal to continue executable operations.
Shown in Figure 2, that the application program that utilizes that the embodiment of the present invention provides realizes the embodiment of the method two of authorizing, the present embodiment is described to utilize the system perspective of application program realization mandate, the system utilizing application program to realize authorizing provided in the embodiment of the present invention can comprise first terminal, the second terminal and authorization server, and the present embodiment can comprise the following steps:
Step 201: first terminal sends executable operations request to authorization server, and executable operations request comprises user account information.
Step 202: authorization server is when determining that executable operations needs to carry out Authorized operation, generate authorization requests information, and utilizing message push passage by authorization requests information pushing to the application program in the second terminal, authorization requests information comprises user account information.
Step 203: the application program in the second terminal receives authorization requests information, allow to authorize or forbid to authorize by clicking according to described authorization requests information to make user, the result that second terminal is clicked according to user generates Authorization result information, and Authorization result information is sent to authorization server, Authorization result information can for allowing authorization message or refusal authorization message.
Step 204: authorization server receives the Authorization result information corresponding with user account information that application program returns, and Authorization result information is sent to first terminal.
Step 205: when Authorization result information is for permission authorization message, first terminal sends executable operations request to authorization server again, also comprises Authorization result information in executable operations request.
Step 206: authorization server allows first terminal to continue executable operations according to Authorization result information, returns successful operation information.
In some embodiments of the invention, message push passage can be message push server, then utilize message push passage can be comprised to the specific implementation of the application program in the second terminal by authorization requests information pushing:
Identification information and the authorization requests information of application program in the second terminal is sent to message push server, to make message push server when determining that user account information is online in the application, push authorization requests information to the application program in the second terminal.
In some embodiments of the invention, after message push server can also be used for the registration request of the application program transmission in reception second terminal, preserve user account information presence in the application, registration request comprises identification information and the user account information of application program.
Shown in Figure 3, be the schematic diagram that message push server in the embodiment of the present invention (PUSH server) realizes propelling movement process, message push server can comprise PUSH access module, Registering modules, presence memory module and PUSH interface module.Pushed information can have two flow processs: wherein step 3011-3013 is terminal APP register flow path, and step 3021-step 3023 is message push flow processs.
Register flow path can comprise the following steps:
Step 3011: in the second terminal, APP sets up a long-chain to PUSH access module and connects, send registration request, in registration request, bring the information such as the identification information (APPID) of application program, user account information, equipment identification information (device id); After succeeding in registration, the second terminal also regularly can send heartbeat packet, maintains the survival that long-chain connects.
Step 3012:PUSH access module gets after a long-chain connects, and joined in long chained list, index is SOCKETID.Then receive registration request, link information (comprising server ID, SOCKETID etc.) is joined in request bag, be transmitted to Registering modules; Rear extended meeting carrys out the long chained list of maintenance and management by receiving heartbeat packet, if certain long-chain spreading time can not receive heartbeat packet, can reject this long-chain and connect.
Step 3013: after Registering modules receives registration request bag, is written in line states memory module by log-on message, index is APPID+ user account information, and data comprise the information such as device id, server ID, SOCKETID; Registering modules rejects certain long-chain when connecing, and can be deleted by the nodal information in presence memory module simultaneously.
Message push flow process can comprise the following steps:
Step 3021:PUSH interface module receives a PUSH request, and required parameter comprises specifies APPID and user account information.First PUSH server searches presence memory module, whether online to judge this appointment APPID and user account information, successfully illustrates online, take out link information if searched.
SOCKETID in link information is added in PUSH request by step 3022:PUSH server, then by server ID in link information, request is sent to the server that this APPID and long-chain corresponding to user account information connect place PUSH access module.
Step 3023:PUSH access module finds long-chain to connect by SOCKETID, PUSH message is sent to the user account in target terminal APPID after receiving PUSH request.
Can complete like this and utilize message push server by authorization requests information pushing to the application program process in the second terminal.
In some embodiments of the invention, utilize message push passage by authorization requests information pushing to before the application program in the second terminal, the method utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
The user account information of obtaining the authorization in solicited message; Set up the transient node corresponding to user account information.
In some embodiments of the invention, after the Authorization result information corresponding with user account information that reception application program returns, before Authorization result information is sent to first terminal, the method utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
According to Authorization result information searching to corresponding transient node, according to the licensing status information of Authorization result information change transient node.
After establishing the transient node corresponding to user account information, then in some embodiments of the invention, the specific implementation of first terminal authorization message is sent to comprise:
When first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding transient node, and licensing status information is sent to first terminal.
In addition, in some embodiments of the invention, utilize message push server by authorization requests information pushing to the application program in the second terminal after, the method utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
Send to first terminal and wait for authorization message, be switched to make first terminal and wait for mandate interface.
Shown in Figure 4, that the application program that utilizes that the embodiment of the present invention provides realizes the embodiment of the method three of authorizing, the present embodiment is described to utilize the system perspective of application program realization mandate, the system utilizing application program to realize authorizing provided in the embodiment of the present invention can comprise first terminal, the second terminal and authorization server, and the present embodiment can comprise the following steps:
Step 401: first terminal sends executable operations request to authorization server, and executable operations request comprises user account information.
Step 402: authorization server when determining that executable operations needs to carry out Authorized operation, the user account information of obtaining the authorization in solicited message; Set up the transient node corresponding to user account information.This transient node can have the term of validity, if before the deadline, user does not complete mandate, then this transient node is automatically expired, can be recovered use.
Step 403: authorization server generates authorization requests information, and utilize message push passage by authorization requests information pushing to the application program in the second terminal, authorization requests information comprises user account information.
Step 404: authorization server sends to first terminal and waits for authorization message, is switched to make first terminal and waits for mandate interface.User can clearly be known, and current executable operations needs to authorize, and authorizes successfully and just can continue executable operations.
Step 405: the application program in the second terminal receives authorization requests information, allow to authorize or forbid to authorize by clicking according to described authorization requests information to make user, the result that second terminal is clicked according to user generates Authorization result information, and Authorization result information is sent to authorization server, Authorization result information can for allowing authorization message or refusal authorization message.
Step 406: authorization server to corresponding transient node, changes the licensing status information of transient node according to Authorization result information searching according to Authorization result information.
Step 407: first terminal adopts the mode of poll to send inquiry Authorization result to authorization server.
Step 408: licensing status information to the licensing status information of corresponding transient node, and is sent to first terminal by authorization whois lookup.
Step 409: when Authorization result information is for permission authorization message, first terminal sends executable operations request to authorization server again, also comprises Authorization result information in executable operations request.
Step 410: authorization server allows first terminal to continue executable operations according to Authorization result information, returns successful operation information.
It should be noted that user account information can be utilized to search transient node after setting up transient node completes licensing process, also random index can be distributed for transient node, need the place of using user account information that the index of transient node all can be utilized to replace user account information, to save system resource at subsequent step.
In the present embodiment, transient node is utilized to store licensing status information, adopt first terminal initiatively to initiate the mode of inquiry request, Authorization result information is sent it back first terminal, initiatively issues Authorization result information more simple possible compared to authorization server.
In actual applications, take executable operations as register be example, the embodiment of the method utilizing application program to realize authorizing that the embodiment of the present invention provides is described, shown in Figure 5, that the application program that utilizes that the embodiment of the present invention provides realizes the embodiment of the method four of authorizing, the present embodiment is described to utilize the system perspective of application program realization mandate, the system utilizing application program to realize authorizing provided in the embodiment of the present invention can comprise first terminal, second terminal and authorization server, authorization server can need specifically to be subdivided into logon server and authorization server according to application in actual applications, the present embodiment take first terminal as PC, second terminal is mobile phone is that example is described, then the present embodiment can comprise the following steps:
Step 501: user, after pc client input username and password, submits to logging request to logon server, mainly comprises username and password, equipment identification information, IP address of equipment in logging request.
Step 502: logon server is authentication of users name and password first, after being verified, again according to the information such as equipment identification information and IP address of equipment, judge whether to need to carry out subscriber authorisation operation, if need to determine to need to carry out Authorized operation, then return and need to authorize, return the temporary receipt TS1 that an encrypting user account generates simultaneously.
Step 503:PC client submits to authorization requests to authorization server, and authorization requests mainly comprises temporary receipt TS1, client ip address etc.In order to the fail safe in data transmission procedure, the effect of temporary receipt TS1 is encrypted transmission to user account information.
Step 504: first authorization server verifies temporary receipt TS1, take out user account information, then a SESSION transient node is set up, the index of node is random generation, be designated as TOKEN, by user account information stored in this SESSION transient node, afterwards TOKEN and user are logged in information such as (being obtained by inquiry in IP address of equipment to IP storehouse) be pushed to user mobile phone APP by message PUSH passage, request user authorization.SESSION transient node has the term of validity, if before the deadline, user does not complete mandate, and this SESSION transient node is automatically expired, can be recovered use.
Step 505: authorization server returns to pc client and waits for authorization message, returns and waits in authorization message and can comprise TOKEN, and now pc client can be switched to and wait for subscriber authorisation interface.
Step 506: user opens mobile phone A PP and checks authorization requests information, click " allowing to log in " and carry out Authorized operation, then mobile phone A PP submits to user authorization result information to authorization server, and Authorization result information spinner will comprise the subscriber identity information on TOKEN, mobile phone A PP.After authorization server receives request, first verify mobile phone A PP user identity, after being verified, then find corresponding SESSION transient node, by the status modifier of SESSION transient node for authorize by TOKEN.
Step 507:PC client adopts the mode of poll to inquire about Authorization result, and inquiry Authorization result required parameter mainly comprises TOKEN.
Step 508: authorization server finds corresponding SESSION transient node by TOKEN, and then return authorization result, returns permission authorization message after the user authorization, simultaneously return authorization bill TS2; All the time wait authorization message was returned before subscriber authorisation; If SESSION transient node is expired can return refusal authorization message.
Step 509: return after allowing authorization message, pc client resubmits logging request to logon server, can comprise in logging request and authorize bill TS2.
Step 510: after bill TS2 success is authorized in logon server checking, allows user to log in, returns and login successfully and relevant bill.
Like this, the embodiment of the present invention is when determining that user uses first terminal (as computer) executable operations to need to authorize, push channel is utilized to push corresponding authorization requests from second terminal (as mobile terminals such as mobile phones) of trend user, can click in the application program of the second terminal to make user authorizes button to complete mandate, the mode utilizing application program to realize authorizing is simple effectively, decrease operating process, thus improves the efficiency realizing authorizing.
Accordingly, shown in Figure 6, also provide a kind of application program that utilizes to realize the device embodiment of authorizing in the embodiment of the present invention, this device embodiment can comprise:
First receiving element 601, for receiving the executable operations request that first terminal sends, executable operations request comprises user account information.
Determining unit 602, for determining that executable operations needs to carry out Authorized operation.
Generation unit 603, for when determining unit determination executable operations needs to carry out Authorized operation, generate authorization requests information, authorization requests information comprises user account information.
Push unit 604, for utilizing message push passage by authorization requests information pushing to the application program in the second terminal.
Second receiving element 605, for receiving the Authorization result information corresponding with user account information that application program returns.
First transmitting element 606, for sending to first terminal by Authorization result information.
In some embodiments of the invention, the equipment identification information of first terminal and the IP address of first terminal can also be comprised in executable operations request;
Then determining unit can comprise:
First judgment sub-unit, for judging that according to the equipment identification information of first terminal whether first terminal is common equipment corresponding to user account information;
Second judgment sub-unit, for judging that whether the IP address of first terminal is common IP address corresponding to user account information;
Determine subelement, if be no for the judged result of the first judgment sub-unit, the second judgment sub-unit, then determine that executable operations needs to carry out Authorized operation.
In some embodiments of the invention, message push passage is message push server, and push unit can be specifically for:
Identification information and the authorization requests information of application program in the second terminal is sent to message push server, to make message push server when determining that user account information is online in the application, push authorization requests information to the application program in the second terminal.
In some embodiments of the invention, after message push server can also be used for the registration request of the application program transmission in reception second terminal, preserve user account information presence in the application, registration request comprises identification information and the user account information of application program.
In some embodiments of the invention, the device embodiment utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
Obtain unit, for the user account information of obtaining the authorization in solicited message;
Set up unit, for setting up the transient node corresponding to user account information.
In some embodiments of the invention, the device embodiment utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
Changing unit, for according to the transient node of Authorization result information searching to correspondence, according to the licensing status information of Authorization result information change transient node.
In some embodiments of the invention, the first transmitting element can be specifically for:
When first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding transient node, and licensing status information is sent to first terminal.
In some embodiments of the invention, the device embodiment utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
Second transmitting element, waits for authorization message for sending to first terminal, is switched to waits for mandate interface to make first terminal.
In some embodiments of the invention, when Authorization result information is for allowing authorization message, the device embodiment utilizing application program to realize authorizing provided in the embodiment of the present invention can also comprise:
Allowing unit, for when again receiving the executable operations request that first terminal sends, in executable operations request, also comprising Authorization result information, allow first terminal to continue executable operations.
Accordingly, shown in Figure 7, also provide a kind of application program that utilizes to realize the system embodiment of authorizing in the embodiment of the present invention, native system embodiment can comprise:
First terminal 701, second terminal 702 and authorization server 703.
First terminal may be used for sending executable operations request to authorization server, receives the Authorization result information that authorization server sends.
Second terminal may be used for the authorization requests information receiving authorization server push, sends Authorization result information to authorization server.
Authorization server can be then that a kind of application program that utilizes provided in above-described embodiment realizes the device embodiment of authorizing.Corresponding explanation see above-described embodiment, can not repeat them here.
Like this, the embodiment of the present invention is when determining that user uses first terminal (as computer) executable operations to need to authorize, push channel is utilized to push corresponding authorization requests from second terminal (as mobile terminals such as mobile phones) of trend user, can click in the application program of the second terminal to make user authorizes button to complete mandate, the mode utilizing application program to realize authorizing is simple effectively, decrease operating process, thus improves the efficiency realizing authorizing.
Accordingly, the embodiment of the present invention also provides a kind of server, shown in Figure 8, can comprise:
Processor 801, memory 802, input unit 803 and output device 804.The quantity of the processor 801 in server can be one or more, for a processor in Fig. 8.In some embodiments of the invention, processor 801, memory 802, input unit 803 are connected by bus or alternate manner with output device 804, wherein, to be connected by bus in Fig. 8.
Memory 802 can be used for storing software program and module, and processor 801 is stored in software program and the module of memory 802 by running, thus performs various function application and the data processing of server.Memory 802 mainly can comprise storage program district and store data field, and wherein, storage program district can storage operation system, application program etc. needed at least one function.In addition, memory 802 can comprise high-speed random access memory, can also comprise nonvolatile memory, such as at least one disk memory, flush memory device or other volatile solid-state parts.Input unit 803 can be used for the numeral or the character information that receive input, and generation arranges with the user of server and function controls the input of relevant key signals.
Specifically in the present embodiment, processor 801 can according to following instruction, executable file corresponding for the process of one or more application program is loaded in memory 802, and is run the application program be stored in memory 802 by processor 801, thus realize various function:
Receive the executable operations request that first terminal sends, described executable operations request comprises user account information;
When determining that executable operations needs to carry out Authorized operation, generate authorization requests information, and utilize message push passage by described authorization requests information pushing to the application program in the second terminal, described authorization requests information comprises described user account information;
Receive the Authorization result information corresponding with described user account information that described application program returns, and described Authorization result information is sent to described first terminal.
Accordingly, the equipment identification information of described first terminal and the IP address of described first terminal is also comprised in described executable operations request;
Describedly determine that executable operations needs to carry out Authorized operation, comprising:
Judge that whether described first terminal is common equipment corresponding to described user account information according to the equipment identification information of described first terminal, judge that whether the IP address of described first terminal is common IP address corresponding to described user account information, if above-mentioned judged result is no, then determine that executable operations needs to carry out Authorized operation.
Accordingly, described message push passage is message push server, describedly utilizes message push passage by described authorization requests information pushing to the application program in the second terminal, comprising:
The identification information of application program in the second terminal and described authorization requests information is sent to described message push server, to make described message push server when determining that described user account information is online in described application program, push described authorization requests information to the application program in described second terminal.
Accordingly, utilize message push passage by described authorization requests information pushing to before the application program in the second terminal, described method also comprises:
Obtain the user account information in described authorization requests information;
Set up the transient node corresponding to described user account information.
Accordingly, after the Authorization result information corresponding with described user account information that the described application program of reception returns, before described Authorization result information is sent to described first terminal, described method also comprises:
According to described Authorization result information searching to corresponding described transient node, change the licensing status information of described transient node according to described Authorization result information.
Accordingly, described described authorization message is sent to described first terminal, comprising:
When described first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding described transient node, and described licensing status information is sent to described first terminal.
Accordingly, utilize message push passage by described authorization requests information pushing to the application program in the second terminal after, described method also comprises:
Send to described first terminal and wait for authorization message, be switched to make described first terminal and wait for mandate interface.
Accordingly, when described Authorization result information is for allowing authorization message, after described Authorization result information is sent to described first terminal, described method also comprises:
When again receiving the executable operations request that first terminal sends, in described executable operations request, also comprising described Authorization result information, allowing described first terminal to continue executable operations.
Like this, the embodiment of the present invention is when determining that user uses first terminal (as computer) executable operations to need to authorize, push channel is utilized to push corresponding authorization requests from second terminal (as mobile terminals such as mobile phones) of trend user, can click in the application program of the second terminal to make user authorizes button to complete mandate, the mode utilizing application program to realize authorizing is simple effectively, decrease operating process, thus improves the efficiency realizing authorizing.
It should be noted that, in this specification, each embodiment adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar portion mutually see.For system disclosed in embodiment or device, because it corresponds to the method disclosed in Example, so description is fairly simple, relevant part illustrates see method part.
Also it should be noted that, in this article, the such as relational terms of first and second grades and so on is only used for an entity or operation to separate with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
The software module that the method described in conjunction with embodiment disclosed herein or the step of algorithm can directly use hardware, processor to perform, or the combination of the two is implemented.Software module can be placed in the storage medium of other form any known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.
To the above-mentioned explanation of the disclosed embodiments, professional and technical personnel in the field are realized or uses the present invention.To be apparent for those skilled in the art to the multiple amendment of these embodiments, General Principle as defined herein can without departing from the spirit or scope of the present invention, realize in other embodiments.Therefore, the present invention can not be restricted to these embodiments shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
Claims (19)
1. utilize application program to realize a method of authorizing, it is characterized in that, described method comprises:
Receive the executable operations request that first terminal sends, described executable operations request comprises user account information;
When determining that executable operations needs to carry out Authorized operation, generate authorization requests information, and utilize message push passage by described authorization requests information pushing to the application program in the second terminal, described authorization requests information comprises described user account information;
Receive the Authorization result information corresponding with described user account information that described application program returns, and described Authorization result information is sent to described first terminal.
2. method according to claim 1, is characterized in that, also comprises the equipment identification information of described first terminal and the IP address of described first terminal in described executable operations request;
Describedly determine that executable operations needs to carry out Authorized operation, comprising:
Judge that whether described first terminal is common equipment corresponding to described user account information according to the equipment identification information of described first terminal, judge that whether the IP address of described first terminal is common IP address corresponding to described user account information, if above-mentioned judged result is no, then determine that executable operations needs to carry out Authorized operation.
3. method according to claim 1, is characterized in that, described message push passage is message push server, describedly utilizes message push passage by described authorization requests information pushing to the application program in the second terminal, comprising:
The identification information of application program in the second terminal and described authorization requests information is sent to described message push server, to make described message push server when determining that described user account information is online in described application program, push described authorization requests information to the application program in described second terminal.
4. method according to claim 3, it is characterized in that, described message push server is also for after the registration request receiving the transmission of the application program in described second terminal, preserve user account information presence in the application, described registration request comprises identification information and the user account information of application program.
5. method according to claim 1, is characterized in that, utilize message push passage by described authorization requests information pushing to before the application program in the second terminal, described method also comprises:
Obtain the user account information in described authorization requests information;
Set up the transient node corresponding to described user account information.
6. method according to claim 5, is characterized in that, after the Authorization result information corresponding with described user account information that the described application program of reception returns, before described Authorization result information is sent to described first terminal, described method also comprises:
According to described Authorization result information searching to corresponding described transient node, change the licensing status information of described transient node according to described Authorization result information.
7. method according to claim 6, is characterized in that, described described authorization message is sent to described first terminal, comprising:
When described first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding described transient node, and described licensing status information is sent to described first terminal.
8. method according to claim 1, is characterized in that, utilize message push passage by described authorization requests information pushing to the application program in the second terminal after, described method also comprises:
Send to described first terminal and wait for authorization message, be switched to make described first terminal and wait for mandate interface.
9. method according to claim 1, is characterized in that, when described Authorization result information is for allowing authorization message, after described Authorization result information is sent to described first terminal, described method also comprises:
When again receiving the executable operations request that first terminal sends, in described executable operations request, also comprising described Authorization result information, allowing described first terminal to continue executable operations.
10. utilize application program to realize a device of authorizing, it is characterized in that, described device comprises:
First receiving element, for receiving the executable operations request that first terminal sends, described executable operations request comprises user account information;
Determining unit, for determining that executable operations needs to carry out Authorized operation;
Generation unit, for when described determining unit determination executable operations needs to carry out Authorized operation, generate authorization requests information, described authorization requests information comprises described user account information;
Push unit, for utilizing message push passage by described authorization requests information pushing to the application program in the second terminal;
Second receiving element, for receiving the Authorization result information corresponding with described user account information that described application program returns;
First transmitting element, for sending to described first terminal by described Authorization result information.
11. devices according to claim 10, is characterized in that, also comprise the equipment identification information of described first terminal and the IP address of described first terminal in described executable operations request;
Described determining unit comprises:
First judgment sub-unit, for judging that according to the equipment identification information of described first terminal whether described first terminal is common equipment corresponding to described user account information;
Second judgment sub-unit, for judging that whether the IP address of described first terminal is common IP address corresponding to described user account information;
Determine subelement, if be no for the judged result of described first judgment sub-unit, described second judgment sub-unit, then determine that executable operations needs to carry out Authorized operation.
12. devices according to claim 10, is characterized in that, described message push passage is message push server, described push unit specifically for:
The identification information of application program in the second terminal and described authorization requests information is sent to described message push server, to make described message push server when determining that described user account information is online in described application program, push described authorization requests information to the application program in described second terminal.
13. devices according to claim 12, it is characterized in that, described message push server is also for after the registration request receiving the transmission of the application program in described second terminal, preserve user account information presence in the application, described registration request comprises identification information and the user account information of application program.
14. devices according to claim 10, is characterized in that, described device also comprises:
Obtain unit, for obtaining the user account information in described authorization requests information;
Set up unit, for setting up the transient node corresponding to described user account information.
15. devices according to claim 14, is characterized in that, described device also comprises:
Changing unit, for according to the described transient node of described Authorization result information searching to correspondence, changes the licensing status information of described transient node according to described Authorization result information.
16. devices according to claim 15, is characterized in that, described first transmitting element specifically for:
When described first terminal adopts the mode of poll to inquire about Authorization result, find the licensing status information of corresponding described transient node, and described licensing status information is sent to described first terminal.
17. devices according to claim 10, is characterized in that, described device also comprises:
Second transmitting element, waits for authorization message for sending to described first terminal, is switched to waits for mandate interface to make described first terminal.
18. devices according to claim 10, is characterized in that, when described Authorization result information is for allowing authorization message, described device also comprises:
Allowing unit, for when again receiving the executable operations request that first terminal sends, in described executable operations request, also comprising described Authorization result information, allow described first terminal to continue executable operations.
19. 1 kinds utilize application program to realize the system of authorizing, and it is characterized in that, described system comprises:
First terminal, the second terminal and authorization server;
Described first terminal, for sending executable operations request to described authorization server, receives the Authorization result information that described authorization server sends;
Described second terminal, for receiving the authorization requests information of described authorization server push, sends described Authorization result information to described authorization server;
Described authorization server is that a kind of application program that utilizes described in claim 10-18 realizes the device of authorizing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410376681.1A CN105306210B (en) | 2014-08-01 | 2014-08-01 | Method, device and system for realizing authorization by using application program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410376681.1A CN105306210B (en) | 2014-08-01 | 2014-08-01 | Method, device and system for realizing authorization by using application program |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105306210A true CN105306210A (en) | 2016-02-03 |
| CN105306210B CN105306210B (en) | 2020-06-23 |
Family
ID=55203008
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410376681.1A Active CN105306210B (en) | 2014-08-01 | 2014-08-01 | Method, device and system for realizing authorization by using application program |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105306210B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106599722A (en) * | 2016-12-14 | 2017-04-26 | 北京奇虎科技有限公司 | Intelligent terminal and application program authority control method and device thereof, and server |
| CN107133512A (en) * | 2017-03-14 | 2017-09-05 | 万达百汇科技(深圳)有限公司 | POS terminal control method and device |
| CN107911352A (en) * | 2017-11-06 | 2018-04-13 | 湖南红手指信息技术有限公司 | A kind of authorization method of cloud mobile phone |
| CN108600153A (en) * | 2018-03-05 | 2018-09-28 | 北京小米移动软件有限公司 | Verification method and device |
| CN109981528A (en) * | 2017-12-27 | 2019-07-05 | 航天信息股份有限公司 | A method of protection user information safety |
| CN110276184A (en) * | 2019-06-28 | 2019-09-24 | 北京金山云网络技术有限公司 | A kind of cloud computing resources authorization method and device |
| CN111062026A (en) * | 2019-12-11 | 2020-04-24 | 维沃移动通信有限公司 | Verification information sharing method and electronic equipment |
| CN112016074A (en) * | 2020-09-09 | 2020-12-01 | 政采云有限公司 | Reverse authorization login method, device and medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103248489A (en) * | 2013-05-17 | 2013-08-14 | 刘琦 | Method for realizing client login through intelligent terminal, server and intelligent terminal |
| CN103618606A (en) * | 2013-11-26 | 2014-03-05 | 觅林网络科技(上海)有限公司 | App login method verified through short message |
| US20140090028A1 (en) * | 2012-09-27 | 2014-03-27 | Canon Kabushiki Kaisha | Image forming apparatus, method for controlling image forming apparatus, and storage medium therefor |
-
2014
- 2014-08-01 CN CN201410376681.1A patent/CN105306210B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140090028A1 (en) * | 2012-09-27 | 2014-03-27 | Canon Kabushiki Kaisha | Image forming apparatus, method for controlling image forming apparatus, and storage medium therefor |
| CN103248489A (en) * | 2013-05-17 | 2013-08-14 | 刘琦 | Method for realizing client login through intelligent terminal, server and intelligent terminal |
| CN103618606A (en) * | 2013-11-26 | 2014-03-05 | 觅林网络科技(上海)有限公司 | App login method verified through short message |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106599722A (en) * | 2016-12-14 | 2017-04-26 | 北京奇虎科技有限公司 | Intelligent terminal and application program authority control method and device thereof, and server |
| CN107133512A (en) * | 2017-03-14 | 2017-09-05 | 万达百汇科技(深圳)有限公司 | POS terminal control method and device |
| CN107133512B (en) * | 2017-03-14 | 2020-07-28 | 万达百汇科技(深圳)有限公司 | POS terminal control method and device |
| CN107911352A (en) * | 2017-11-06 | 2018-04-13 | 湖南红手指信息技术有限公司 | A kind of authorization method of cloud mobile phone |
| CN109981528A (en) * | 2017-12-27 | 2019-07-05 | 航天信息股份有限公司 | A method of protection user information safety |
| CN108600153A (en) * | 2018-03-05 | 2018-09-28 | 北京小米移动软件有限公司 | Verification method and device |
| CN110276184A (en) * | 2019-06-28 | 2019-09-24 | 北京金山云网络技术有限公司 | A kind of cloud computing resources authorization method and device |
| CN111062026A (en) * | 2019-12-11 | 2020-04-24 | 维沃移动通信有限公司 | Verification information sharing method and electronic equipment |
| CN112016074A (en) * | 2020-09-09 | 2020-12-01 | 政采云有限公司 | Reverse authorization login method, device and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105306210B (en) | 2020-06-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI672648B (en) | Business process method and device, data share system, and storage medium | |
| CN105306210A (en) | Method, device and system for realizing authorization through application | |
| CN104753943B (en) | The log-in control method of third party's account and device | |
| CN103051630B (en) | Method, the Apparatus and system of third-party application mandate is realized based on open platform | |
| CN111556006B (en) | Third-party application system login method, device, terminal and SSO service platform | |
| US9866556B2 (en) | Common internet file system proxy authentication of multiple servers | |
| CN111917773B (en) | Service data processing method and device and server | |
| US9124569B2 (en) | User authentication in a cloud environment | |
| CN109347835A (en) | Information transferring method, client, server and computer readable storage medium | |
| JP2019075161A (en) | Service processing method, device, and server | |
| US20210014061A1 (en) | Identity proofing offering for customers and non-customers | |
| WO2020140407A1 (en) | Cloud security-based cloud desktop login method, device, equipment and storage medium | |
| CN103905399B (en) | A kind of method and apparatus that account number logs in management | |
| CN103916244A (en) | Verification method and device | |
| CN104917766A (en) | Security authentication method for two-dimension code | |
| CN104954330A (en) | Method of accessing data resources, device and system | |
| WO2015117351A1 (en) | Wifi connection method, device and system, and computer storage medium | |
| CN111444551B (en) | Account registration and login method and device, electronic equipment and readable storage medium | |
| CN108234124A (en) | Auth method, device and system | |
| CN105450592A (en) | Safety verification method and device, server and terminal | |
| CN104935435A (en) | Login methods, terminal and application server | |
| CN102347964B (en) | Log in the method for website, system, information aggregation platform and website | |
| CN108156169A (en) | Account login validation method, system and computer readable storage medium | |
| CN106331042A (en) | Single sign-on method and device for heterogeneous user system | |
| CN105306485A (en) | Network access authentication methods, authentication server and authentication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |