CN114338130A - Information processing method, device, server and storage medium - Google Patents
Information processing method, device, server and storage medium Download PDFInfo
- Publication number
- CN114338130A CN114338130A CN202111601243.7A CN202111601243A CN114338130A CN 114338130 A CN114338130 A CN 114338130A CN 202111601243 A CN202111601243 A CN 202111601243A CN 114338130 A CN114338130 A CN 114338130A
- Authority
- CN
- China
- Prior art keywords
- authorization
- client
- authorization code
- resource identifier
- preset resource
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000010365 information processing Effects 0.000 title description 8
- 238000003672 processing method Methods 0.000 title description 7
- 238000013475 authorization Methods 0.000 claims abstract description 398
- 238000012795 verification Methods 0.000 claims abstract description 107
- 238000000034 method Methods 0.000 claims abstract description 51
- 238000012545 processing Methods 0.000 claims abstract description 31
- 230000000977 initiatory effect Effects 0.000 claims description 13
- 230000004044 response Effects 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 4
- 230000005540 biological transmission Effects 0.000 abstract description 5
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The disclosure relates to a method, a device, a server and a storage medium for processing information, wherein the method comprises the following steps: acquiring verification information input by an account by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client; acquiring an authorization code corresponding to the redirection instruction under the condition that the verification information passes the verification; calling an authorization interface based on a preset resource identifier, and sending an authorization code to the client through the authorization interface; if an authorization token acquisition instruction sent by the client is received, acquiring a target authorization code in the authorization token acquisition instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code; the method and the device realize the verification of the account information and the generation of the authorization code, send the authorization code to the client through the preset resource identifier, do not need to transmit the authorization code in a skip mode, enhance the stability of the transmission of the authorization code and improve the processing efficiency of authorization.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method and an apparatus for processing information, a server, and a storage medium.
Background
With the development of internet technology, multiple application services can be authorized through the authority of one account to obtain corresponding service resources.
In the related art, oauth2.0 (an authorization mechanism) is usually adopted for service authorization, but in the authorization process, a client needs to perform multiple redirection jumps to acquire an authorization code sent by a server to complete acquisition of service permission, and under the condition of low network communication quality, connection loss and jumping incapability exist, so that the server cannot send the authorization code to the client, and authorization fails; the existing authorization process is also inefficient.
Disclosure of Invention
The present disclosure provides an information processing method, an information processing apparatus, a server, and a storage medium, so as to at least solve the problem in the related art that the authorization processing efficiency is still low. The technical scheme of the disclosure is as follows:
according to a first aspect of the embodiments of the present disclosure, there is provided an information processing method, including:
responding to a redirection instruction sent by a client, and acquiring verification information input by an account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
acquiring an authorization code corresponding to the redirection instruction under the condition that the verification information passes verification;
calling the authorization interface based on the preset resource identifier, and sending the authorization code to the client through the authorization interface;
and if an authorization token acquisition instruction sent by the client is received, acquiring a target authorization code in the authorization token acquisition instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
In an exemplary embodiment, the obtaining the authorization token further includes a target resource identifier, and the determining whether to send the authorization token to the client according to the target authorization code and the authorization code includes:
acquiring a target resource identifier carried in the authorization token acquisition instruction;
determining that the authorization token acquisition instruction is verified under the condition that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier;
generating an authorization token corresponding to the verification information of the account, and returning the authorization token to the client; the client is used for accessing authorized data according to the authorization token.
In an exemplary embodiment, the invoking the authorization interface based on the preset resource identifier, and the sending the authorization code to the client through the authorization interface includes:
the authorization code is used as an interface calling parameter and is filled into the preset resource identifier to obtain an updated preset resource identifier;
and initiating a request to an address corresponding to the updated preset resource identifier to call the authorization interface, so that the client acquires the authorization code through the authorization interface.
In an exemplary embodiment, after initiating a request to an address corresponding to the updated preset resource identifier, the method further includes:
receiving a request result returned by the address, wherein the request result carries a request result value;
and determining that the authorization code is successfully sent to the client under the condition that the request result value indicates that the client successfully obtains the authorization code.
In an exemplary embodiment, after receiving the request result returned by the address, the method further includes:
and under the condition that the request result value indicates that the client does not successfully acquire the authorization code, re-initiating a request to the address corresponding to the updated preset resource identifier at intervals of a preset time range until the request result value in the received request result indicates that the client successfully acquires the authorization code.
In an exemplary embodiment, after obtaining the verification information input by the account, the method further includes:
acquiring preset verification information of the account;
comparing the verification information with the preset verification information;
and if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
In an exemplary embodiment, the obtaining the authorization code corresponding to the redirection instruction includes:
retrieving a registration record matching the preset resource identifier from preset registration records;
and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
According to a second aspect of the embodiments of the present disclosure, there is provided an apparatus for processing information, including:
the instruction response unit is configured to execute a redirection instruction sent by the client side to acquire the verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
the authorization code generation unit is configured to acquire an authorization code corresponding to the redirection instruction under the condition that the verification information passes the verification;
an authorization code sending unit configured to execute calling the authorization interface based on the preset resource identifier, and send the authorization code to the client through the authorization interface;
and the authorization token sending unit is configured to execute, if an authorization token obtaining instruction sent by the client is received, obtaining a target authorization code in the authorization token obtaining instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, and the authorization token sending unit is configured to execute obtaining of the target resource identifier carried in the authorization token obtaining instruction; determining that the authorization token acquisition instruction is verified under the condition that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier; generating an authorization token corresponding to the verification information of the account, and returning the authorization token to the client; the client is used for accessing authorized data according to the authorization token.
In an exemplary embodiment, the authorization code sending unit is further configured to perform, using the authorization code as an interface call parameter, filling the preset resource identifier, and obtaining an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier to call the authorization interface, so that the client acquires the authorization code through the authorization interface.
In an exemplary embodiment, the authorization code sending unit is further configured to execute receiving a request result returned by the address, where the request result carries a request result value; and determining that the authorization code is successfully sent to the client under the condition that the request result value indicates that the client successfully obtains the authorization code.
In an exemplary embodiment, the authorization code sending unit is further configured to, when the request result value indicates that the client does not successfully obtain the authorization code, re-initiate a request to an address corresponding to the updated preset resource identifier at a preset time interval until a request result value in the received request result indicates that the client successfully obtains the authorization code.
In an exemplary embodiment, the instruction response unit is further configured to perform obtaining preset verification information of the account; comparing the verification information with the preset verification information; and if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
In an exemplary embodiment, the authorization code generation unit is configured to perform retrieving, from a preset registration record, a registration record matching the preset resource identifier; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
According to a third aspect of the embodiments of the present disclosure, there is provided a server, including:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement the method of processing information according to any one of the first aspect.
According to a fourth aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium, in which instructions, when executed by a processor of a server, enable the server to perform the method of processing information according to any one of the first aspects.
According to a fifth aspect of embodiments of the present disclosure, there is provided a computer program product comprising instructions which, when executed by a processor of a server, enable the server to perform the method of processing information according to any one of the first aspects.
The technical scheme provided by the embodiment of the disclosure at least brings the following beneficial effects: acquiring verification information input by an account by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client; acquiring an authorization code corresponding to the redirection instruction under the condition that the verification information passes the verification; calling an authorization interface based on a preset resource identifier, and sending an authorization code to the client through the authorization interface; if an authorization token acquisition instruction sent by a client is received, a target authorization code in the authorization token acquisition instruction is acquired, whether the authorization token is sent to the client is determined according to the target authorization code and the authorization code, account information is verified and the authorization code is generated, the authorization code is sent to the client through a preset resource identifier, the authorization code does not need to be transferred in a skip mode, the stability of authorization code transfer is enhanced, and the authorization processing efficiency is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure and are not to be construed as limiting the disclosure.
Fig. 1 is an application environment diagram illustrating a method of processing information according to an example embodiment.
FIG. 2 is a flow chart illustrating a method of processing information according to an example embodiment.
FIG. 3 is a flowchart illustrating steps for generating an authorization token corresponding to authentication information for an account and returning to a client according to an example embodiment.
Fig. 4 is a flowchart illustrating a step of sending an authorization code to a client through a preset resource identifier according to an exemplary embodiment.
Fig. 5 is a flowchart illustrating a method of processing still another information according to an example embodiment.
FIG. 6 is a block diagram illustrating an apparatus for processing information in accordance with an example embodiment.
FIG. 7 is a block diagram illustrating a server in accordance with an example embodiment.
Detailed Description
In order to make the technical solutions of the present disclosure better understood by those of ordinary skill in the art, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the accompanying drawings.
It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the disclosure described herein are capable of operation in sequences other than those illustrated or otherwise described herein. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
It should also be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) referred to in the present disclosure are both information and data that are authorized by the user or sufficiently authorized by various parties.
The information processing method provided by the present disclosure can be applied to the application environment shown in fig. 1. Wherein, the client 110 interacts with the server 120 through the network; the server 120 responds to the redirection instruction sent by the client 110 to acquire the verification information input by the account; the redirection instruction carries a preset resource identifier; the server 120 acquires an authorization code corresponding to the redirection instruction when the verification information passes the verification; the server 120 sends the authorization code to the client 110 through the preset resource identifier; the client 110 is configured to obtain an authorization token corresponding to the account according to the authorization code.
In particular, client 110 may install one or more applications, each of which may provide at least one account and associated functionality to a user. Part of application programs can also provide related authority of account information to other application programs on the premise of user authorization; for example, the account information of the application a may be associated with the application B, that is, the user does not need to register account information for each application when using the application, but authorizes some other applications to use the registered account information according to the registered account information, so as to improve convenience of using the application by the user.
The client 110 may be, but is not limited to, various smart phones, tablet computers, notebook computers, or the like, and the server 120 may be implemented by an independent server or a server cluster formed by a plurality of servers.
Fig. 2 is a flowchart illustrating a method for processing information according to an exemplary embodiment, and as shown in fig. 2, the method for processing information is used in the server 120, and includes the following steps.
In step S210, in response to a redirection instruction sent by the client, obtaining verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client.
Wherein, redirection (Redirect) is to Redirect a certain network request to other positions; for example, the page a is accessed, and after receiving the access request, the page a jumps to the interface B, that is, the redirection from the page a to the page B is realized.
The verification information is a protection measure for the information of the account user, and the verification information can be realized in various modes such as an account name, an account password, account registration time, account preset security problems and the like.
The preset Resource Identifier is a preset Uniform Resource Identifier (URI), and represents that each available Resource on the network, such as a document, an image, a video clip, a program, and the like, can be identified by the URI; the URI is usually composed of a naming mechanism of the resource, a host name for placing the resource and a name of the resource; the corresponding relation with the URI is a URL (Uniform Resource Locator), which can be understood as a subset of the URI, and in general, the URL is a character string describing information resources in a network space and is mainly used in various application programs and server programs; the URL can be used for describing various information resources in a uniform format, including files, addresses and directories of servers and the like, namely the URL is an implementation mode of URI concept.
The authorization interface may be an interface that is pre-specified by the client for obtaining the authorization code. The authorization interface may be associated with a preset resource identifier, e.g., a corresponding authorization interface may be determined or invoked based on the preset resource identifier.
Specifically, the client responds to the operation of the account, triggers and generates a redirection instruction; the client then sends the redirection instruction to the server, the server responds to the redirection instruction sent by the client, the server guides the account to the page corresponding to the redirection instruction, the account inputs the account verification information in the page, and the server verifies the information input by the account so as to confirm the identity of the account.
In step S220, in the case that the verification information passes the verification, an authorization code corresponding to the redirection instruction is acquired.
Wherein, the authorization code is a parameter required by an authorization mode in the OAuth2 standard; oauth2 is a standard for open authorization, which is intended to allow a user to allow a third party application to access a particular private resource of the user in a server, but may not provide the third party application with its account password in the server; the implementation of the OAuth2 standard is generally divided into four roles, Resource Owner: the resource owner, i.e., the account itself; resource Server: the resource server is used for storing and providing account information; client: third party application client and authorization Server: an authorization server, i.e. a server in the present disclosure.
Wherein the authorization code pattern is an authorization pattern in the OAuth2 standard, and the authorization code (code) ensures security of token.
Specifically, the server receives and responds to the verification information input by the account, and judges whether the client has the authority of acquiring the account authorization information; secondly, the server acquires the authorization code corresponding to the redirection instruction under the condition that the client side is determined to acquire the account authorization information. The authorization code may be obtained by the server according to the account information, or according to the resource to be accessed by the client, or according to a parameter preset with the resource to be accessed.
In step S230, the authorization interface is called based on the preset resource identifier, and the authorization code is sent to the client through the authorization interface.
The server can send the authorization code to the client through a preset resource identifier through an interface designed based on a RESTful architecture. REST (Representational State Transfer, Chinese means Representational State Transfer), which conforms to the constraint conditions and principles of REST and is called RESTful architecture; the RESTful architecture follows a uniform interface principle, the uniform interface comprises a group of limited predefined operations, and any resource is accessed by using the same interface when being transmitted by the RESTful architecture; the interface uses standard HTTP methods such as GET, PUT and POST, and follows the semantics of these methods.
In practical application, after obtaining the authorization code, the server may initiate a call to the authorization interface based on the preset resource identifier, and may further send the authorization to the client through the authorization interface. For example, the server may obtain the authorization code, then obtain the REST API URI preconfigured by the client, and attach the authorization code to a parameter of the preconfigured REST API URI as a code in the parameter; for example, a complete REST API URI is "https:// www.code.com/REST/getCodecode ═ ndlerjeew", where "ndlerjeew" is the authorization code appended to the REST API URI; the server uses a standard REST client to send a GET method request to the address, the server receives a returned structural body, the structural body comprises a result and a msg, and whether the client successfully receives the authorization code or not can be determined according to the values of the result and the msg in the structural body, namely whether the server successfully transmits the authorization code to the client or not.
The authorization code is attached to the REST API URI, and the authorization code is transmitted by initiating the request, so that the problem caused by transmitting the authorization code by executing redirection in the traditional oauth2 authorization mode is solved, and the processing efficiency of the authorization code is improved.
In step S240, if the authorization token obtaining instruction sent by the client is received, the target authorization code in the authorization token obtaining instruction is obtained, and whether to send the authorization token to the client is determined according to the target authorization code and the authorization code.
The authorization token is applied to the server by the back end through carrying an authorization code after the client receives the authorization code; after the client side applies for obtaining the authorization token through the authorization code, the client side can access the corresponding resource within a certain time through the authorization token or access the corresponding resource for a certain number of times; the specific use mode of the authorization token can be dynamically adjusted according to actual conditions.
In a specific implementation, after receiving the authorization code, the client may perform identity verification based on the authorization code, and obtain the authorization token from the server to access the corresponding resource. Specifically, the client may generate an authorization token acquisition instruction, add the currently obtained authorization code as the target authorization code to the authorization token acquisition instruction, and send the authorization token acquisition instruction to the server.
After receiving the authorization token obtaining instruction, the server may obtain the target authorization code in the instruction from the authorization token, and determine whether to send the authorization token to the client according to the target authorization code and the authorization code that has been sent to the client before, for example, the target authorization code and the client authorization code may be compared, and if it is determined that the target authorization code and the client authorization code are consistent after comparison, the server may send the authorization token to the client, or send the authorization token after further verification is performed on the basis. If the target authorization code is not consistent with the authorization code, the authorization token may not be sent to the client.
In the information processing method, verification information input by an account is acquired by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client; secondly, acquiring an authorization code corresponding to the redirection instruction under the condition that the verification information passes the verification, calling an authorization interface based on a preset resource identifier, and sending the authorization code to the client through the authorization interface; further, if an authorization token acquisition instruction sent by the client is received, a target authorization code in the authorization token acquisition instruction can be acquired, and whether the authorization token is sent to the client or not is determined according to the target authorization code and the authorization code; the account information is verified and the authorization code is generated, the authorization code is sent to the client through the authorization interface associated with the preset resource identifier, the authorization code does not need to be transmitted in a skipping mode, the transmission stability of the authorization code is enhanced, and the authorization processing efficiency is improved.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, as shown in fig. 3, in step S240, determining whether to send the authorization token to the client according to the target authorization code and the authorization code includes:
in step S310, the target resource identifier carried in the authorization token acquisition instruction is acquired.
The authorization token obtaining instruction is instruction information generated for further obtaining an authorization token after the client obtains the authorization code; the client can request the server to acquire the authorization token through the instruction, and the server needs to check whether the target resource identifier and the target authorization code in the authorization token acquisition instruction sent by the client are consistent with the resource identifier and the authorization code which are preset for the client.
In step S320, it is determined that the authorization token acquisition instruction is verified under the condition that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier.
Specifically, the server acquires a target authorization code and a target resource identifier carried in an authorization token acquisition instruction sent by the client from the authorization token acquisition instruction; matching the target authorization code and the target resource identifier according to the matching rule to obtain a matching result; the matching process is to judge the corresponding relationship between the target authorization code and the target resource identifier, and when the target authorization code is generated, the corresponding relationship between the preset resource identifier corresponding to the generated authorization code, that is, to determine the matching between the target resource identifier and the preset resource identifier by judging whether a-B is a '-B'.
If the matching result is that the target resource identifier is matched with the preset resource identifier, determining that the authorization token acquisition instruction passes verification; and if the matching result is that the target resource identifier is not matched with the preset resource identifier, determining that the authorization token acquisition instruction is not verified.
In step S330, an authorization token corresponding to the authentication information of the account is generated and returned to the client; the client is used for accessing the authorized data according to the authorization token.
Specifically, after determining that the authorization token acquisition instruction passes the verification, the server generates an authorization token corresponding to the verification information of the account, and returns the authorization token to the client; the client can access the authorized data by carrying the authorization token, the authorization token is equivalent to the authority for accessing the authorized data, and the client can access the authorized data within a preset time range.
According to the technical scheme provided by the embodiment of the disclosure, the verification process of the authorization token acquisition instruction is completed by judging whether the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier, the verification of the authorization token acquisition instruction is completed under the condition that account information is not leaked, and the safety of generating and issuing the authorization token is improved.
In an exemplary embodiment, as shown in fig. 4, in the step S230, invoking an authorization interface based on the preset resource identifier, and sending the authorization code to the client through the authorization interface includes:
in step S410, the authorization code is used as an interface call parameter, and the preset resource identifier is filled in to obtain the updated preset resource identifier.
In step S420, a request is initiated to an address corresponding to the updated preset resource identifier to call an authorization interface, so that the client obtains an authorization code through the authorization interface.
Specifically, after obtaining the authorization code, the server may use the authorization code as an interface call parameter to modify the preset resource identifier, where the process of modifying the preset resource identifier is equivalent to updating the preset resource identifier, that is, obtaining the updated preset resource identifier, and the updated preset resource identifier includes the authorization code. Because the server and the client construct the relevant interfaces based on the REATful architecture in advance, the server can call the authorization interface by initiating a request based on a GET method to the updated preset resource identifier, and the authorization code is transmitted through the authorization interface, so that the client can obtain the authorization code through the authorization interface, and the authorization code is sent to the client based on the preset resource identifier.
In the technical scheme, the authorization code can be sent to the client by calling and transferring the authorization code through the rest interface at the background based on the preset resource identifier, the client is not required to realize page redirection, page skipping is avoided by the scheme aiming at the condition that embedded addresses such as a mobile terminal and app cannot be redirected, the cross-platform capability of an authorization mode is greatly enhanced, and the condition that the user experience is influenced due to the fact that the redirected pages of the client are not uniform is also avoided. In addition, the technical scheme disclosed by the invention can also be compatible with a scheme of redirecting and transmitting the authorization code through the browser, and when the authorization code is transmitted, a URI redirecting mode can be used, the authorization code can also be transmitted through the scheme disclosed by the invention, and certainly, the authorization code can also be used at the same time.
According to the technical scheme provided by the embodiment of the disclosure, the client can acquire the authorization code through the authorization interface by initiating the request to the address corresponding to the updated preset resource identifier without adopting a mode of returning the authorization code by redirection in the related technology, so that steps and processes of redirection are reduced, and the authorization processing efficiency is improved.
In an exemplary embodiment, after initiating a request to an address corresponding to the updated preset resource identifier, the method further includes: receiving a request result returned by the address, wherein the request result carries a request result value; and determining that the authorization code is successfully sent to the client under the condition that the request result value indicates that the client successfully obtains the authorization code.
Specifically, after the server initiates a request to an address corresponding to the preset resource identifier through a GET method, the server receives a returned structure as a request result, where the request result includes result and msg information, the result information can be used as a request result value carried by the request result, if the result information is 1, the client successfully acquires the authorization code, and if the result information is other values, the client does not acquire the authorization code.
According to the technical scheme provided by the embodiment of the disclosure, whether the authorization code is successfully sent to the client can be determined by receiving the request result returned by the address, so that the server can acquire the receiving state of the client as soon as possible, different processing can be performed according to different receiving states, and the processing efficiency of the authorization code is improved.
In an exemplary embodiment, after receiving the request result returned by the address, the method further includes: and under the condition that the request result value indicates that the client does not successfully acquire the authorization code, re-initiating a request to the address corresponding to the updated preset resource identifier after a preset time interval until the request result value in the received request result indicates that the client successfully acquires the authorization code.
Specifically, if the client does not successfully acquire the authorization code, the server may retry the step of initiating the request to the address corresponding to the updated preset resource identifier, and the first retry and each subsequent retry may be separated by a preset time range, so as to ensure that the authorization code is transmitted on the premise that the request amount is not too large. In addition to the interval preset time range, the number of times of initiating requests to the address corresponding to the updated preset resource identifier can be set, so that the retry request is limited, and information redundancy is avoided.
According to the technical scheme provided by the embodiment of the disclosure, the request is sent to the address corresponding to the updated preset resource identifier again after the interval preset time range is set, so that the client can obtain the authorization code within a certain time range, the problem of unsuccessful single sending is avoided, and the sending efficiency of the authorization code is improved.
In an exemplary embodiment, after obtaining the verification information input by the account, the method further includes: acquiring preset verification information of an account; comparing the verification information with preset verification information; and if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
Specifically, the preset authentication information may be separately stored in a resource server different from the server, and the server may obtain the corresponding preset authentication information from the resource server after obtaining the authentication information of the account; and determining whether the verification information passes the verification according to the comparison result of the two verification information.
According to the technical scheme provided by the embodiment of the disclosure, the verification of the verification information is realized by acquiring the preset verification information of the account, and the safety of data in the verification process of the verification information is improved.
In an exemplary embodiment, obtaining the authorization code corresponding to the redirection instruction includes: retrieving a registration record matching the preset resource identifier from the preset registration record; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
Specifically, the authorization code may be obtained by registering in advance and leaving a preset registration record; the preset registration record can be a filing process performed on one or more parameters of a resource to be accessed, a right to be acquired, an object to be accessed and the like; if the registration record matched with the preset resource identifier is retrieved from the preset registration records, it indicates that the resource pointed by the preset resource identifier can be accessed, and the server can obtain the corresponding authorization code according to the registration record; if the registration record matched with the preset resource identifier is not retrieved from the preset registration records, the fact that the resource pointed by the preset resource identifier cannot be accessed is indicated, and the server can refuse the redirection instruction.
According to the technical scheme provided by the embodiment of the disclosure, the state of whether the resource can be accessed is predetermined through the preset registration record, so that the safety of resource storage and reading is improved.
In an exemplary embodiment, as shown in fig. 5, there is provided a further information processing method, including:
step S510, responding to a redirection instruction sent by the client, and acquiring verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client.
Step S520, acquiring preset verification information of the account; comparing the verification information with preset verification information; and if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
Step S530, in the case that the verification information passes the verification, retrieving a registration record matched with the preset resource identifier from the preset registration record; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
Step S540, the authorization code is used as an interface calling parameter, and a preset resource identifier is filled in to obtain an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier to call an authorization interface, so that the client acquires an authorization code through the authorization interface.
Step S550, receiving a request result returned by the address, wherein the request result carries a request result value; and determining that the authorization code is successfully sent to the client under the condition that the request result value indicates that the client successfully obtains the authorization code.
Step S560, responding to the authorization token obtaining instruction sent by the client, obtaining the target authorization code and the target resource identifier carried in the authorization token obtaining instruction; determining that the authorization token acquisition instruction passes verification under the condition that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier; generating an authorization token corresponding to the verification information of the account, and returning the authorization token to the client; the client is used for accessing the authorized data according to the authorization token.
According to the technical scheme provided by the embodiment of the disclosure, the verification information input by the account is acquired by responding to the redirection instruction sent by the client; the redirection instruction carries a preset resource identifier; secondly, acquiring an authorization code corresponding to the redirection instruction under the condition that the verification information passes the verification; finally, the authorization code is sent to the client through a preset resource identifier; the client is used for acquiring an authorization token corresponding to the account according to the authorization code; the method and the device have the advantages that the account information is verified and the authorization code is generated, the authorization code is sent to the client side through the preset resource identifier, the authorization code does not need to be transmitted in a skip mode, the stability of transmission of the authorization code is enhanced, and the processing efficiency of the authorization code is improved.
It should be understood that although the various steps in the flow charts of fig. 2-5 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-5 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps.
It is understood that the same/similar parts between the embodiments of the method described above in this specification can be referred to each other, and each embodiment focuses on the differences from the other embodiments, and it is sufficient that the relevant points are referred to the descriptions of the other method embodiments.
FIG. 6 is a block diagram illustrating an apparatus for processing information according to an example embodiment. Referring to fig. 6, the apparatus includes an instruction response unit 602, an authorization code generation unit 604, an authorization code transmission unit 606, and an authorization token transmission unit 608.
The instruction response unit 602 is configured to execute a redirection instruction sent by the client to acquire verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
the authorization code generating unit 604 is configured to execute, in a case that the verification information passes the verification, acquiring an authorization code corresponding to the redirection instruction;
the authorization code sending unit 606 is configured to execute calling an authorization interface based on a preset resource identifier, and send an authorization code to the client through the authorization interface;
the authorization token sending unit 608 is configured to execute, if an authorization token obtaining instruction sent by the client is received, obtaining a target authorization code in the authorization token obtaining instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, and the authorization token sending unit is configured to execute obtaining of the target resource identifier carried in the authorization token obtaining instruction; determining that the authorization token acquisition instruction passes verification under the condition that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier; generating an authorization token corresponding to the verification information of the account, and returning the authorization token to the client; the client is used for accessing the authorized data according to the authorization token.
In an exemplary embodiment, the authorization code sending unit 606 is further configured to perform, by taking the authorization code as an interface call parameter, filling the preset resource identifier, and obtaining an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier to call the authorization interface, so that the client acquires the authorization code through the authorization interface.
In an exemplary embodiment, the authorization code sending unit 606 is further configured to execute a request result returned by the receiving address, where the request result carries a request result value; and determining that the authorization code is successfully sent to the client under the condition that the request result value indicates that the client successfully obtains the authorization code.
In an exemplary embodiment, the authorization code sending unit 606 is further configured to, when the request result value indicates that the client does not successfully obtain the authorization code, re-initiate a request to the address corresponding to the updated preset resource identifier at a preset time interval until the request result value in the received request result indicates that the client successfully obtains the authorization code.
In an exemplary embodiment, the instruction responding unit 602 is further configured to perform obtaining preset authentication information of the account; comparing the verification information with preset verification information; and if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
In an exemplary embodiment, the authorization code generating unit 604 is configured to perform retrieving a registration record matching the preset resource identifier from the preset registration records; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
Fig. 7 is a block diagram illustrating an electronic device 700 for performing a method of processing information, according to an example embodiment. For example, the electronic device 700 may be a server. Referring to fig. 7, electronic device 700 includes a processing component 720 that further includes one or more processors, and memory resources, represented by memory 722, for storing instructions, such as applications, that are executable by processing component 720. The application programs stored in memory 722 may include one or more modules that each correspond to a set of instructions. Further, the processing component 720 is configured to execute instructions to perform the above-described methods.
The electronic device 700 may further include: a power component 724 is configured to perform power management for the electronic device 700, a wired or wireless network interface 726 is configured to connect the electronic device 700 to a network, and an input-output (I/O) interface 728. The electronic device 700 may operate based on an operating system stored in the memory 722, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, or the like.
In an exemplary embodiment, a computer-readable storage medium comprising instructions, such as the memory 722 comprising instructions, executable by a processor of the electronic device 700 to perform the above-described method is also provided. The storage medium may be a computer-readable storage medium, for example, a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
In an exemplary embodiment, a computer program product is also provided, which comprises instructions executable by a processor of the electronic device 700 to perform the above-described method.
It should be noted that the descriptions of the above-mentioned apparatus, server, computer-readable storage medium, computer program product, etc. according to the method embodiments may also include other embodiments, and specific implementations may refer to the descriptions of the related method embodiments, which are not described herein in detail.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (10)
1. A method for processing information, comprising:
responding to a redirection instruction sent by a client, and acquiring verification information input by an account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
acquiring an authorization code corresponding to the redirection instruction under the condition that the verification information passes verification;
calling the authorization interface based on the preset resource identifier, and sending the authorization code to the client through the authorization interface;
and if an authorization token acquisition instruction sent by the client is received, acquiring a target authorization code in the authorization token acquisition instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
2. The method according to claim 1, wherein the authorization token obtaining instruction further includes a target resource identifier, and the determining whether to send the authorization token to the client according to the target authorization code and the authorization code includes:
acquiring a target resource identifier carried in the authorization token acquisition instruction;
determining that the authorization token acquisition instruction is verified under the condition that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier;
generating an authorization token corresponding to the verification information of the account, and returning the authorization token to the client; the client is used for accessing authorized data according to the authorization token.
3. The method of claim 1, wherein the invoking the authorization interface based on the preset resource identifier, sending the authorization code to the client through the authorization interface, comprises:
the authorization code is used as an interface calling parameter and is filled into the preset resource identifier to obtain an updated preset resource identifier;
and initiating a request to an address corresponding to the updated preset resource identifier to call the authorization interface, so that the client acquires the authorization code through the authorization interface.
4. The method according to claim 3, further comprising, after initiating a request to an address corresponding to the updated preset resource identifier:
receiving a request result returned by the address, wherein the request result carries a request result value;
and determining that the authorization code is successfully sent to the client under the condition that the request result value indicates that the client successfully obtains the authorization code.
5. The method of claim 4, after receiving the request result returned by the address, further comprising:
and under the condition that the request result value indicates that the client does not successfully acquire the authorization code, re-initiating a request to the address corresponding to the updated preset resource identifier at intervals of a preset time range until the request result value in the received request result indicates that the client successfully acquires the authorization code.
6. The method of any one of claims 1 to 5, further comprising, after obtaining the verification information entered by the account:
acquiring preset verification information of the account;
comparing the verification information with the preset verification information;
and if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
7. An apparatus for processing information, comprising:
the instruction response unit is configured to execute a redirection instruction sent by the client side to acquire the verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
the authorization code generation unit is configured to acquire an authorization code corresponding to the redirection instruction under the condition that the verification information passes the verification;
an authorization code sending unit configured to execute calling the authorization interface based on the preset resource identifier, and send the authorization code to the client through the authorization interface;
and the authorization token sending unit is configured to execute, if an authorization token obtaining instruction sent by the client is received, obtaining a target authorization code in the authorization token obtaining instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
8. A server, comprising:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement a method of processing information as claimed in any one of claims 1 to 6.
9. A computer-readable storage medium, wherein instructions in the computer-readable storage medium, when executed by a processor of a server, enable the server to perform a method of processing information according to any one of claims 1 to 6.
10. A computer program product comprising instructions, characterized in that said instructions, when executed by a processor of a server, enable said server to carry out a method of processing information according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111601243.7A CN114338130B (en) | 2021-12-24 | 2021-12-24 | Information processing method, device, server and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111601243.7A CN114338130B (en) | 2021-12-24 | 2021-12-24 | Information processing method, device, server and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114338130A true CN114338130A (en) | 2022-04-12 |
| CN114338130B CN114338130B (en) | 2024-01-09 |
Family
ID=81013466
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111601243.7A Active CN114338130B (en) | 2021-12-24 | 2021-12-24 | Information processing method, device, server and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114338130B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116167036A (en) * | 2022-12-09 | 2023-05-26 | 支付宝(杭州)信息技术有限公司 | Digital image processing method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108463982A (en) * | 2015-11-16 | 2018-08-28 | 万事达卡国际股份有限公司 | Carry out the system and method for certification online user for authorization server safe to use |
| CN108733991A (en) * | 2017-04-19 | 2018-11-02 | 腾讯科技(深圳)有限公司 | Web application access method and device, storage medium |
| CN109286633A (en) * | 2018-10-26 | 2019-01-29 | 深圳市华云中盛科技有限公司 | Single sign-on method, device, computer equipment and storage medium |
| CN113691378A (en) * | 2021-08-24 | 2021-11-23 | 平安国际智慧城市科技股份有限公司 | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium |
-
2021
- 2021-12-24 CN CN202111601243.7A patent/CN114338130B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108463982A (en) * | 2015-11-16 | 2018-08-28 | 万事达卡国际股份有限公司 | Carry out the system and method for certification online user for authorization server safe to use |
| CN108733991A (en) * | 2017-04-19 | 2018-11-02 | 腾讯科技(深圳)有限公司 | Web application access method and device, storage medium |
| CN109286633A (en) * | 2018-10-26 | 2019-01-29 | 深圳市华云中盛科技有限公司 | Single sign-on method, device, computer equipment and storage medium |
| CN113691378A (en) * | 2021-08-24 | 2021-11-23 | 平安国际智慧城市科技股份有限公司 | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116167036A (en) * | 2022-12-09 | 2023-05-26 | 支付宝(杭州)信息技术有限公司 | Digital image processing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114338130B (en) | 2024-01-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3203709B1 (en) | Cloud service server and method for managing cloud service server | |
| JP4729651B2 (en) | Authentication apparatus, authentication method, and authentication program implementing the method | |
| US20230370464A1 (en) | Systems and methods for controlling sign-on to web applications | |
| US9674188B2 (en) | Techniques for authentication via a mobile device | |
| US8844013B2 (en) | Providing third party authentication in an on-demand service environment | |
| JP2011530740A (en) | Form entry and automatic password generation using digital ID | |
| US10694381B1 (en) | System and method for authentication and sharing of subscriber data | |
| WO2016025756A1 (en) | Form filling method and related terminal | |
| CN111034149A (en) | System and method for single ID service based on block chain | |
| CN109510799B (en) | Page display method, browser client, equipment and storage medium | |
| CN114338130B (en) | Information processing method, device, server and storage medium | |
| CN111241523B (en) | Authentication processing method, device, equipment and storage medium | |
| CN107343028B (en) | Communication method and system based on HTTP (hyper text transport protocol) | |
| CN113742702B (en) | Method, system, equipment and storage medium for secure access based on enterprise WeChat | |
| CN113411324B (en) | Method and system for realizing login authentication based on CAS and third-party server | |
| CN110941805B (en) | Identity authentication method and device | |
| CN114585055A (en) | Vehicle-mounted WiFi access method, vehicle controller, cloud server and mobile terminal | |
| WO2017173967A1 (en) | Redirection method, service provider, unstructured supplementary service data center, and system | |
| CN110324361A (en) | The method, apparatus of authentification of message calculates equipment and medium | |
| KR20150088657A (en) | System for servicing cloud streaming, method of servicing cloud streaming and server for the same | |
| US20230231848A1 (en) | System and method for authentication of interactive voice response service | |
| CN107766093A (en) | The sharing method and client of a kind of functional module | |
| CN115640590A (en) | Service processing method and device, electronic equipment and computer readable medium | |
| CN117221400A (en) | Application service access method, device, computer equipment and storage medium | |
| CN118118193A (en) | Cloud server login method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |