CN114143053A - Third-party service login method and device, terminal equipment and storage medium - Google Patents
Third-party service login method and device, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN114143053A CN114143053A CN202111404483.8A CN202111404483A CN114143053A CN 114143053 A CN114143053 A CN 114143053A CN 202111404483 A CN202111404483 A CN 202111404483A CN 114143053 A CN114143053 A CN 114143053A
- Authority
- CN
- China
- Prior art keywords
- party service
- user
- target
- token
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000012795 verification Methods 0.000 claims abstract description 47
- 230000006870 function Effects 0.000 claims abstract description 24
- 230000009191 jumping Effects 0.000 claims abstract description 13
- 230000008569 process Effects 0.000 claims description 27
- 238000004590 computer program Methods 0.000 claims description 14
- 238000007726 management method Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000001960 triggered effect Effects 0.000 description 3
- 239000008186 active pharmaceutical agent Substances 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention discloses a third-party service login method, a third-party service login device, terminal equipment and a storage medium, wherein the method comprises the steps of registering a third-party service; logging in a user and generating a cloud platform token of the user according to a login request of the user; when a user calls a target third-party service, jumping to the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service; if the verification is successful, returning authentication passing information to the target third-party service so that the target third-party service completes the login of the user according to the authentication passing information; and calling the target third-party service to realize corresponding functions according to the third-party service use instruction sent by the user. The embodiment of the invention solves the technical problems that in the prior art, a user cannot log in and manage a SaaS service system and a cloud application in a multi-cloud management platform in a unified manner, so that the logging operation is complex and the efficiency is low.
Description
Technical Field
The embodiment of the application relates to the field of multi-cloud platforms, in particular to a third-party service login method, a third-party service login device, terminal equipment and a storage medium.
Background
At present, with the continuous development of scientific technology, cloud computing technology is also increasingly advanced. Applications of many enterprises on the market are already in the cloud, and the enterprises support the operation of self business by using cloud services provided by a plurality of cloud vendors and deploying a Software-as-a-Service (SaaS-a-Service) Service system on the cloud services.
In the process of using the cloud service, an enterprise needs to use a multi-cloud management platform to manage cloud services of different cloud manufacturers, but because a self-SaaS service system of the enterprise is not connected to the multi-element management platform, in the actual use process, a user needs to log in the SaaS service system and the cloud application respectively, and then manages the SaaS service system and the cloud application respectively, the SaaS service system and the cloud application cannot be logged in and managed in a unified manner in the multi-cloud management platform, and therefore the login operation is complex and the efficiency is low.
Disclosure of Invention
The embodiment of the invention provides a third-party service login method, a third-party service login device, terminal equipment and a storage medium, and solves the technical problems that in the prior art, a user cannot uniformly log in and manage a SaaS service system and a cloud application in a multi-cloud management platform, so that the login operation is complex and the efficiency is low.
In a first aspect, an embodiment of the present invention provides a third party service login method, including the following steps:
registering a third party service;
logging in a user and generating a cloud platform token of the user according to a login request of the user;
when the user calls a target third-party service, jumping to the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service;
if the verification is successful, returning authentication passing information to the target third-party service so that the target third-party service completes the login of the user according to the authentication passing information;
and calling the target third-party service to realize a corresponding function according to the third-party service using instruction sent by the user.
Preferably, the specific process of registering the third-party service is as follows:
receiving access information of a third-party service, registering the third-party service according to the access information, and generating identification information of the third-party service.
Preferably, when the user invokes the target third-party service, the specific process of jumping to the target third-party service and taking the cloud platform token as the third-party service token to be verified is as follows:
and calling the target third-party service in an Http calling mode according to a service calling instruction sent by the user, and using the cloud platform token as a third-party service token to be verified, wherein the service calling instruction comprises identification information of the target third-party service.
Preferably, the specific process of verifying the third-party service token according to the verification request of the target third-party service is as follows:
and judging whether the third-party service token is the cloud platform token of the user or not according to the verification request of the target third-party service.
Preferably, the authentication passing information includes identification information of the target third-party service and pre-stored user identification information of the user.
Preferably, the specific process of enabling the target third-party service to complete the login of the user according to the authentication passing information is as follows:
and the target third-party service determines that the third-party service token passes verification according to the identification information in the authentication passing information, acquires the user information of the user according to the user identification information, and creates and logs in the user according to the user information.
Preferably, the specific process of calling the target third-party service to implement the corresponding function according to the third-party service use instruction sent by the user is as follows:
and calling an interface of the target third-party service according to the third-party service use instruction sent by the user so as to enable the target third-party service to realize a corresponding function.
In a second aspect, an embodiment of the present invention provides a third-party service login apparatus, including a service registration module, a token generation module, a verification module, a user login module, and a service invocation module;
the service registration module is used for registering third-party services;
the token generation module is used for logging in a user and generating a cloud platform token of the user according to a login request of the user;
the verification module is used for jumping to a target third-party service when the user calls the target third-party service, using the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service;
the user login module is used for returning authentication passing information to the target third-party service if the verification is successful, so that the target third-party service completes the login of the user according to the authentication passing information;
the service calling module is used for calling the target third-party service according to a third-party service using instruction sent by the user so as to realize a corresponding function.
In a third aspect, an embodiment of the present invention provides a terminal device, where the terminal device includes a processor and a memory;
the memory is used for storing a computer program and transmitting the computer program to the processor;
the processor is configured to execute the third party service login method according to the instructions in the computer program.
In a fourth aspect, an embodiment of the present invention provides a storage medium storing computer-executable instructions, which when executed by a computer processor, are configured to perform a third party service login method as described in the first aspect.
In the foregoing, an embodiment of the present invention provides a third-party service login method, an apparatus, a terminal device, and a storage medium, where the method includes registering a third-party service; logging in a user and generating a cloud platform token of the user according to a login request of the user; when a user calls a target third-party service, jumping to the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service; if the verification is successful, returning authentication passing information to the target third-party service so that the target third-party service completes the login of the user according to the authentication passing information; and calling the target third-party service to realize corresponding functions according to the third-party service use instruction sent by the user.
According to the embodiment of the invention, when a user logs in the multi-cloud platform, the multi-cloud platform can generate the cloud platform token of the user, and when a subsequent user calls a target third-party service, the cloud platform token is used as a third-party service token to be verified, and the multi-cloud platform verifies the third-party service token; if the verification is successful, the target third-party service can complete the login of the user on the system of the target third-party service, so that the user can log in the third-party service through the multi-cloud platform, the user can access cloud resources of various cloud manufacturers and the third-party service system of the enterprise without inputting the password again as long as one set of user name and password is used, the complexity of frequent login operation of the user is reduced, and the technical problems that the login operation is complex and the efficiency is low because the user cannot uniformly log in and manage the SaaS service system and the cloud application in the multi-cloud management platform in the prior art are solved.
Drawings
Fig. 1 is a flowchart of a third party service login method according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of interaction between a multi-cloud platform and a third-party service according to an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a third party service login device according to an embodiment of the present invention.
Fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present invention.
Detailed Description
The following description and the annexed drawings set forth in detail certain illustrative embodiments of the application so as to enable those skilled in the art to practice them. The examples merely typify possible variations. Individual components and functions are optional unless explicitly required, and the sequence of operations may vary. Portions and features of some embodiments may be included in or substituted for those of others. The scope of the embodiments of the present application includes the full ambit of the claims, as well as all available equivalents of the claims. Embodiments may be referred to herein, individually or collectively, by the term "invention" merely for convenience and without intending to voluntarily limit the scope of this application to any single invention or inventive concept if more than one is in fact disclosed. Herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, or terminal apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed. The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the structures, products and the like disclosed by the embodiments, the description is relatively simple because the structures, the products and the like correspond to the parts disclosed by the embodiments, and the relevant parts can be just described by referring to the method part.
Example one
As shown in fig. 1, fig. 1 is a flowchart of a third party service login method according to an embodiment of the present invention. The third-party service login method provided by the embodiment of the invention can be executed by third-party service login equipment, the third-party service login equipment can be realized in a software and/or hardware mode, and the third-party service login equipment can be composed of two or more physical entities or one physical entity. For example, the third-party service login device may be a computer, an upper computer, a tablet, a server, or the like. The method comprises the following steps:
In this embodiment, first, the third-party service needs to be registered on the multi-cloud platform, so that the third-party service is accessed to the multi-cloud platform, and the multi-cloud platform can call the third-party service. In one embodiment, the third party service is a SaaS service.
In one embodiment, the specific process of registering the third party service is as follows:
and receiving access information of the third-party service, registering the third-party service according to the access information, and generating identification information of the third-party service.
If the third-party service needs to be accessed to the multi-cloud platform, self access information needs to be provided for the multi-cloud platform, after the multi-cloud platform receives the access information, the third-party service is registered according to the access information, and identification information of the third-party service is generated, wherein the identification information is a unique identification of the third-party service on the multi-cloud platform. Illustratively, in one embodiment, the third-party service is a SaaS service, the access information includes a system access address, a port, a SaaS service system name and the like, the multi-cloud platform registers the third-party service after receiving the access information, generates identification information apppid of the third-party service, stores the access information in a database in a JSON form, and stores access requirements adaptable to different SaaS service systems in the JSON form.
Illustratively, in one embodiment the access information for a third party service: after submitting a system access address, a port and a SaaS service system name, storing the system access address, the port and the SaaS service system name in a JSON form as follows:
{"AppAppId":"18dca19c5dba42afae4c08d3a970770a","AppAddress":"http://StoreSystemAddress:5000","AppName":"StoreSystemName"}
wherein, AppAddress is a system access address, and AppName is a SaaS service system name.
And 102, logging in a user and generating a cloud platform token of the user according to the login request of the user.
When a user logs in the multi-cloud platform, the multi-cloud platform receives a login request of the user, and the multi-cloud platform logs in the user according to the login request and generates a cloud platform token of the user on the multi-cloud platform.
And 103, when the user calls the target third-party service, jumping to the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service.
After a user logs in a multi-cloud platform, when the user needs to use a target third-party service, the user can jump to the target third-party service by clicking the target third-party service on a display interface of the multi-cloud platform, in the process of jumping to the target third-party service, a cloud platform token of the user on the multi-cloud platform is used as a third-party service token to be verified, after the target third-party service is called, a verification request is sent to the multi-cloud platform, and the multi-cloud platform verifies the third-party service token according to the verification request sent by the target third-party service. In one embodiment, the target third party service calls the multi-cloud platform in an Http call mode to send a verification request to the multi-cloud platform, so that the multi-cloud platform is triggered to verify the third party service token to be verified.
On the basis of the embodiment, when the user calls the target third-party service, the user jumps to the target third-party service, and the specific process of taking the cloud platform token as the third-party service token to be verified is as follows:
and calling the target third-party service in an Http calling mode according to a service calling instruction sent by the user, and taking the cloud platform token as a third-party service token to be verified, wherein the service calling instruction comprises identification information of the target third-party service.
In one embodiment, when a user needs to call a target third-party service, a service call instruction is sent to the multi-cloud platform, and the service call instruction includes identification information of the target third-party service. For example, after the user clicks the target third-party service on the display interface of the multi-cloud platform, the multi-cloud platform receives a service call instruction including the identification information of the target third-party service. And after receiving the service calling instruction, the multi-cloud platform calls the target third-party service in an Http calling mode according to the identification information in the service calling instruction, and takes the cloud platform token of the user as a third-party service token to be verified in the calling process.
For example, in one embodiment, the target SaaS service is called by the multi-cloud platform in the Http call form as follows: jumping to a target SaaS service in an Http calling mode, wherein the calling address is in an Http:// StoreSystemAddresstoken ═ Cmptoken & appId ═ ApAppId mode.
The method comprises the steps of obtaining a target SaaS service system, wherein the StoreSystemAddress is an access address of the target SaaS service system, the Cmptoken is a cloud platform token of a user on a multi-cloud platform, the token is a SaaS service system token to be verified, the ApApApAppId is a unique identifier of the target SaaS service system on the multi-cloud platform, and the appId is an identifier of the SaaS service system to be called. In the process of calling the target SaaS service, token is cmptogen, and appId is set.
On the basis of the above embodiment, the specific process of verifying the third-party service token according to the verification request of the target third-party service is as follows:
and judging whether the third-party service token is the cloud platform token of the user or not according to the verification request of the target third-party service.
After the target third-party service is called, the multi-cloud platform needs to be triggered to check the third-party service token to be checked, after the multi-cloud platform is triggered, whether the third-party service token to be checked is the cloud platform token of the user generated by the self system is judged, if yes, the checking is successful, and if not, the checking is failed. In one embodiment, the target SaaS service calls the multi-cloud platform in an Http format, so that the multi-cloud platform checks the third-party service token, and the specific call address is as follows:
http://CmpAddress/verifyTokentoken=Cmptoken;
the method comprises the steps that CmpAddress is an access address of a multi-cloud platform, verifyToken is a method for verifying a token of the multi-cloud platform, the multi-cloud platform verifies the third-party service token by judging whether the third-party service token is a cloud platform token Cmptoken of a user on the multi-cloud platform, if yes, the verification is passed, and if not, the verification is not passed.
And step 104, if the verification is successful, returning authentication passing information to the target third-party service so that the target third-party service completes the login of the user according to the authentication passing information.
And if the multi-cloud platform successfully verifies the third-party token, sending authentication passing information to the target third-party service, confirming that the third-party service token passes the verification after the target third-party service receives the authentication passing information, acquiring the user information of the user currently logged in the multi-cloud platform, creating the user, and completing the login process of the user.
In one embodiment, the authentication pass information includes identification information of the target third party service and pre-stored user identification information of the user.
And if the multi-cloud platform passes the verification of the third-party service token, sending authentication passing information to the target third-party service, wherein the authentication passing information comprises identification information of the target third-party service calling the multi-cloud platform and user identification information of a user currently logging in the multi-cloud platform. The user identification information is stored on the multi-cloud platform in advance, and is generated when the user registers on the multi-cloud platform, so that the user identification information can be understood as a unique certificate for distinguishing different users.
On the basis of the above embodiment, the specific process of completing the login of the user by the target third-party service according to the authentication passing information is as follows:
and the target third-party service determines that the third-party service token passes verification according to the identification information in the authentication passing information, acquires the user information of the user according to the user identification information, and creates and logs in the user according to the user information.
In this embodiment, after receiving the authentication passing information, the target third-party service determines that the third-party service token of the target third-party service passes the verification according to the identification information in the authentication passing information, and then, may obtain the pre-stored user information from the cloud platform according to the user identification information in the verification passing information. In one embodiment, the user identification information is a user ID, the user information includes, but is not limited to, a user ID, a user name, a user role, a role identifier, a department, a unit, a phone, and the like, the user information is provided by the user when the user registers with the multi-cloud platform, and the multi-cloud platform stores the user information.
After the target third-party service acquires the corresponding user information, the corresponding user is created in the system according to the user information, synchronization from the user on the multi-cloud platform to the target third-party service is completed, after the synchronization is completed, the user is logged in according to the user identification information, and at the moment, the process that the user logs in the target third-party service from the multi-cloud platform is completed.
And 105, calling a target third-party service to realize a corresponding function according to a third-party service use instruction sent by the user.
After the target third-party service logs in the user on the system of the user, the user can use the target third-party service on the multi-cloud platform. When a user needs to use a target third-party service, a third-party service using instruction is sent to the multi-cloud platform, and after the multi-cloud platform receives the third-party service using instruction, the target third-party service is called according to the third-party service instruction, so that the third-party service completes corresponding functions, and interaction between the multi-cloud platform and the third-party service is shown in fig. 2.
In one embodiment, the specific process of calling the target third-party service to implement the corresponding function according to the third-party service use instruction sent by the user is as follows:
and calling an interface of the target third-party service according to the third-party service use instruction sent by the user so as to enable the target third-party service to realize a corresponding function.
And after receiving a third-party service use instruction sent by the user, the multi-cloud platform calls an interface of the target third-party service, so that the target third-party service can realize the function operated by the user. In one embodiment, the multi-cloud platform directly calls interfaces of packaged functions/functions of each large SaaS service system by using RESTful APIs conforming to the REST design style to complete corresponding functions.
The RESTful API is defined from three aspects:
resource address: URIs, such as: http:// CmpAddress/StoreSysteme/create _ dir
Resource of transmission: the Web service accepts and returns internet media types such as: JSON, XML, etc.
The operation on the resource: a series of request methods (e.g., POST, GET, PUT, or DELETE) supported by the Web service on the resource.
Illustratively, when a directory is newly added to the enterprise network disk, the request message style and the response message style are as follows:
(1) request message style
POSThttp://CmpAddress/StoreSystem/create_dir
<Createdirxmlns="http://CmpAddress/StoreSystem/">
<DirName>testCreateDir/</DirName>
<AppAppId>18dca19c5dba42afae4c08d3a970770a</AppAppId></Createdir>
(2) Responding to message patterns
HTTP/1.1Status:201Created。
In one embodiment, the user information dispersed in each third-party service can be integrated and stored in the multi-cloud platform, the multi-cloud platform and the user information can be managed, what kind of audit is needed when what kind of operation is performed on the attributes of the user is specified, the user process is managed in a unified mode, and when a certain employee leaves the job or adjusts the job, all third-party services can be adjusted through one-time configuration.
In the foregoing, an embodiment of the present invention provides a third-party service login method, where when a user logs in a multi-cloud platform, the multi-cloud platform generates a cloud platform token of the user, and when a subsequent user invokes a target third-party service, the cloud platform token is used as a third-party service token to be verified, so as to verify the third-party service token; if the verification is successful, the target third-party service can complete the login of the user on the system of the target third-party service, so that the user can log in the third-party service through the multi-cloud platform, the user can access cloud resources of various cloud manufacturers and the third-party service system of the enterprise without inputting the password again as long as one set of user name and password is used, and the complexity of frequent login operation of the user is reduced; the technical problems that in the prior art, a user cannot uniformly log in and manage a SaaS service system and a cloud application in a multi-cloud management platform, and accordingly log-in operation is complex and efficiency is low are solved.
Example two
As shown in fig. 3, fig. 3 is a schematic structural diagram of a third-party service login apparatus according to an embodiment of the present invention, including a service registration module 201, a token generation module 202, a verification module 203, a user login module 204, and a service invocation module 205;
the service registration module 201 is used for registering a third-party service;
the token generation module 202 is configured to log in a user and generate a cloud platform token of the user according to a login request of the user;
the verification module 203 is used for jumping to a target third-party service when a user calls the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service;
the user login module 204 is configured to, if the verification is successful, return authentication passing information to the target third-party service, so that the target third-party service completes login of the user according to the authentication passing information;
the service invoking module 205 is configured to invoke a target third-party service according to a third-party service usage instruction sent by a user to implement a corresponding function.
On the basis of the foregoing embodiment, the service registration module 201 is configured to register a third-party service specifically as follows:
the access information is used for receiving the access information of the third-party service, registering the third-party service according to the access information and generating the identification information of the third-party service.
On the basis of the foregoing embodiment, the verification module 203 is configured to jump to the target third-party service when the user invokes the target third-party service, and taking the cloud platform token as the third-party service token to be verified specifically includes:
the cloud platform token is used for calling a target third-party service in an Http calling mode according to a service calling instruction sent by a user, and the cloud platform token is used as a third-party service token to be verified, wherein the service calling instruction comprises identification information of the target third-party service.
On the basis of the foregoing embodiment, the verifying module 203 is configured to verify, according to the verification request of the target third-party service, the third-party service token specifically by:
and the third-party service token is used for judging whether the third-party service token is the cloud platform token of the user according to the verification request of the target third-party service.
On the basis of the above embodiment, the authentication passing information includes identification information of the target third-party service and user identification information of the user stored in advance.
On the basis of the foregoing embodiment, the user login module 204 is configured to enable the target third-party service to complete the login of the user according to the authentication passing information specifically as follows:
and the third-party service token authentication server is used for enabling the target third-party service to determine that the third-party service token passes the authentication according to the identification information in the authentication passing information, acquiring the user information of the user according to the user identification information, and creating and logging in the user according to the user information.
On the basis of the foregoing embodiment, the service invoking module 205 is configured to invoke the target third-party service according to the third-party service usage instruction sent by the user to implement the corresponding function specifically as:
and the interface is used for calling the target third-party service according to the third-party service use instruction sent by the user so as to enable the target third-party service to realize the corresponding function.
EXAMPLE III
The present embodiment further provides a terminal device, as shown in fig. 4, a terminal device 30, where the terminal device includes a processor 300 and a memory 301;
the memory 301 is used for storing a computer program 302 and transmitting the computer program 302 to the processor;
the processor 300 is configured to execute the steps of one third party service login method embodiment described above according to the instructions in the computer program 302.
Illustratively, the computer program 302 may be partitioned into one or more modules/units that are stored in the memory 301 and executed by the processor 300 to accomplish the present application. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution process of the computer program 302 in the terminal device 30.
The terminal device 30 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The terminal device 30 may include, but is not limited to, a processor 300 and a memory 301. Those skilled in the art will appreciate that fig. 4 is merely an example of the terminal device 30, and does not constitute a limitation of the terminal device 30, and may include more or less components than those shown, or combine some of the components, or different components, for example, the terminal device 30 may further include an input-output device, a network access device, a bus, etc.
The Processor 300 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 301 may be an internal storage unit of the terminal device 30, such as a hard disk or a memory of the terminal device 30. The memory 301 may also be an external storage terminal device of the terminal device 30, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the terminal device 30. Further, the memory 301 may also include both an internal storage unit and an external storage device of the terminal device 30. The memory 301 is used for storing the computer program and other programs and data required by the terminal device 30. The memory 301 may also be used to temporarily store data that has been output or is to be output.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing computer programs.
Example four
Embodiments of the present invention also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a third-party service login method, including the steps of:
registering a third party service;
logging in a user and generating a cloud platform token of the user according to a login request of the user;
when a user calls a target third-party service, jumping to the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service;
if the verification is successful, returning authentication passing information to the target third-party service so that the target third-party service completes the login of the user according to the authentication passing information;
and calling the target third-party service to realize corresponding functions according to the third-party service use instruction sent by the user.
It should be noted that the foregoing is only a preferred embodiment of the present invention and the technical principles applied. Those skilled in the art will appreciate that the embodiments of the present invention are not limited to the specific embodiments described herein, and that various obvious changes, adaptations, and substitutions are possible, without departing from the scope of the embodiments of the present invention. Therefore, although the embodiments of the present invention have been described in more detail through the above embodiments, the embodiments of the present invention are not limited to the above embodiments, and many other equivalent embodiments may be included without departing from the concept of the embodiments of the present invention, and the scope of the embodiments of the present invention is determined by the scope of the appended claims.
Claims (10)
1. A third party service login method is characterized by comprising the following steps:
registering a third party service;
logging in a user and generating a cloud platform token of the user according to a login request of the user;
when the user calls a target third-party service, jumping to the target third-party service, taking the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service;
if the verification is successful, returning authentication passing information to the target third-party service so that the target third-party service completes the login of the user according to the authentication passing information;
and calling the target third-party service to realize a corresponding function according to the third-party service using instruction sent by the user.
2. The third party service login method according to claim 1, wherein the specific process of registering the third party service is as follows:
receiving access information of a third-party service, registering the third-party service according to the access information, and generating identification information of the third-party service.
3. The third-party service login method according to claim 2, wherein when the user invokes the target third-party service, jumping to the target third-party service, and a specific process of taking the cloud platform token as the third-party service token to be verified is as follows:
and calling the target third-party service in an Http calling mode according to a service calling instruction sent by the user, and using the cloud platform token as a third-party service token to be verified, wherein the service calling instruction comprises identification information of the target third-party service.
4. The third party service login method according to claim 1, wherein the specific process of verifying the third party service token according to the verification request of the target third party service comprises:
and judging whether the third-party service token is the cloud platform token of the user or not according to the verification request of the target third-party service.
5. The third party service login method of claim 1, wherein the authentication passing information comprises identification information of the target third party service and pre-stored user identification information of the user.
6. The method according to claim 5, wherein the specific process of completing the login of the user by the target third-party service according to the authentication passing information comprises:
and the target third-party service determines that the third-party service token passes verification according to the identification information in the authentication passing information, acquires the user information of the user according to the user identification information, and creates and logs in the user according to the user information.
7. A third party service login method according to any one of claims 1 to 6, wherein the specific process of invoking the target third party service to realize the corresponding function according to the third party service usage instruction sent by the user is as follows:
and calling an interface of the target third-party service according to the third-party service use instruction sent by the user so as to enable the target third-party service to realize a corresponding function.
8. A third-party service login device is characterized by comprising a service registration module, a token generation module, a verification module, a user login module and a service calling module;
the service registration module is used for registering third-party services;
the token generation module is used for logging in a user and generating a cloud platform token of the user according to a login request of the user;
the verification module is used for jumping to a target third-party service when the user calls the target third-party service, using the cloud platform token as a third-party service token to be verified, and verifying the third-party service token according to a verification request of the target third-party service;
the user login module is used for returning authentication passing information to the target third-party service if the verification is successful, so that the target third-party service completes the login of the user according to the authentication passing information;
the service calling module is used for calling the target third-party service according to a third-party service using instruction sent by the user so as to realize a corresponding function.
9. A terminal device, characterized in that the terminal device comprises a processor and a memory;
the memory is used for storing a computer program and transmitting the computer program to the processor;
the processor is configured to execute a third party service login method according to any one of claims 1-7 according to instructions in the computer program.
10. A storage medium storing computer-executable instructions for performing a third party service login method as claimed in any one of claims 1 to 7 when executed by a computer processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111404483.8A CN114143053A (en) | 2021-11-24 | 2021-11-24 | Third-party service login method and device, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111404483.8A CN114143053A (en) | 2021-11-24 | 2021-11-24 | Third-party service login method and device, terminal equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114143053A true CN114143053A (en) | 2022-03-04 |
Family
ID=80391236
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111404483.8A Pending CN114143053A (en) | 2021-11-24 | 2021-11-24 | Third-party service login method and device, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114143053A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114726632A (en) * | 2022-04-14 | 2022-07-08 | 天工信创(广州)信息科技有限公司 | Login method, device, storage medium and processor |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070880A (en) * | 2017-02-16 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | A kind of method and system of single-sign-on, a kind of authentication center's server |
| CN109815656A (en) * | 2018-12-11 | 2019-05-28 | 平安科技(深圳)有限公司 | Login authentication method, device, equipment and computer readable storage medium |
| CN111556006A (en) * | 2019-12-31 | 2020-08-18 | 远景智能国际私人投资有限公司 | Third-party application system login method, device, terminal and SSO service platform |
| CN112417425A (en) * | 2020-12-03 | 2021-02-26 | 腾讯科技(深圳)有限公司 | Equipment authentication method, device, system, terminal equipment and storage medium |
-
2021
- 2021-11-24 CN CN202111404483.8A patent/CN114143053A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070880A (en) * | 2017-02-16 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | A kind of method and system of single-sign-on, a kind of authentication center's server |
| CN109815656A (en) * | 2018-12-11 | 2019-05-28 | 平安科技(深圳)有限公司 | Login authentication method, device, equipment and computer readable storage medium |
| CN111556006A (en) * | 2019-12-31 | 2020-08-18 | 远景智能国际私人投资有限公司 | Third-party application system login method, device, terminal and SSO service platform |
| CN112417425A (en) * | 2020-12-03 | 2021-02-26 | 腾讯科技(深圳)有限公司 | Equipment authentication method, device, system, terminal equipment and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114726632A (en) * | 2022-04-14 | 2022-07-08 | 天工信创(广州)信息科技有限公司 | Login method, device, storage medium and processor |
| CN114726632B (en) * | 2022-04-14 | 2024-04-05 | 广州鑫景信息科技服务有限公司 | Login method, login equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11888838B2 (en) | System and method for single sign-on technical support access to tenant accounts and data in a multi-tenant platform | |
| CN108733991B (en) | Webpage application access method and device and storage medium | |
| CN106575305B (en) | Services within a reverse proxy server | |
| WO2021216346A1 (en) | Authenticating access to computing resources | |
| US20060195816A1 (en) | Methods and systems for implementing on-line financial institution services via a single platform | |
| US10116642B2 (en) | Identity management over multiple identity providers | |
| US9342333B2 (en) | Backend custom code extensibility | |
| US10162952B2 (en) | Security model for network information service | |
| US10656939B2 (en) | Modeling lifetime of hybrid software application using application manifest | |
| CN113938886B (en) | Identity authentication platform testing method, device, equipment and storage medium | |
| WO2022134186A1 (en) | Smart contract calling method and apparatus for blockchains, server, and storage medium | |
| CN111367821A (en) | Software testing method and system | |
| CN115695012A (en) | Login request processing method and device, electronic equipment and storage medium | |
| US7363487B2 (en) | Method and system for dynamic client authentication in support of JAAS programming model | |
| CN114143053A (en) | Third-party service login method and device, terminal equipment and storage medium | |
| US11113357B2 (en) | Method and system for onboarding a virtual network function package utilized by one or more network services | |
| US11256661B1 (en) | User programmatic interface for supporting data access control in a database system | |
| WO2023092316A1 (en) | Third-party service login method and apparatus, terminal device, and storage medium | |
| CN112925589B (en) | Calling method and device of expansion interface | |
| CN110602218A (en) | Method and related device for assembling cloud service in user-defined manner | |
| CN113395326B (en) | Network service-based login method, device and computer-readable storage medium | |
| CN115412294A (en) | Platform service-based access method and device, storage medium and electronic equipment | |
| CN114677138A (en) | Data processing method, data processing equipment and computer readable storage medium | |
| CN110784551A (en) | Data processing method, device, equipment and medium based on multiple tenants | |
| CN114398082B (en) | Compatible operation method and device for frame type block chain application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220304 |