CN103475628A - Method and system for realizing safe micro-blog user resource access through third party interface - Google Patents
Method and system for realizing safe micro-blog user resource access through third party interface Download PDFInfo
- Publication number
- CN103475628A CN103475628A CN2012101869547A CN201210186954A CN103475628A CN 103475628 A CN103475628 A CN 103475628A CN 2012101869547 A CN2012101869547 A CN 2012101869547A CN 201210186954 A CN201210186954 A CN 201210186954A CN 103475628 A CN103475628 A CN 103475628A
- Authority
- CN
- China
- Prior art keywords
- party
- resource
- interface
- microblogging
- request message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a method and a system for realizing safe micro-blog user resource access through a third party interface. The method comprises the following steps: a third party interface is arranged and a micro-blog value-added service is customized in the third party interface; the third party interface judges a resource provider to which requested resource belongs according to a resource request of a third party application; when the resource provider is the third party interface, the third party interface returns resource of a corresponding micro-blog value-added service to the third party application; when the resource provider is a micro-blog platform, the third party interface transmits corresponding micro-blog resource returned by the micro-blog platform to the third party application; and when the resource provider is the third party interface and the micro-blog platform, the third party interface integrates and returns the resource of the corresponding micro-blog value-added service and the corresponding micro-blog resource returned by the micro-blog platform to the third party application. With the method and the system of the invention, micro-blog user group members can meet the diversity of the third party application, and development and maintenance costs of user resources are reduced.
Description
Technical field
The present invention relates to the resource access technical field, refer to especially a kind of by the method and system of third party's Interface realization microblog users resource security access.
Background technology
Open and be conducive to sharing of resource, open prerequisite must guarantee opening person, third party's application and user tripartite's safety.
A safety, open and easy standard that the mandate that the OAUTH agreement is user resources provides.With user resources authorization difference in the past, be, the mandate of OAUTH can not make the third party touch user's account (as user name and password), be that the third party just can apply for obtaining the mandate of these user resources without user's user name and password, so OAUTH is safe.The OAUTH agreement can allow third party's application access microblogging API (application programming interfaces safely, Application Program Interface), also can be described as the microblogging platform, obtain the mandate of user resources, be illustrated in figure 1 existing microblog users resource authorization Organization Chart.
In microblogging, because user resources all belong to the resource of microblogging platform, so the storage of resource and the form of expression have fixing constraint, and the customization of too many uniqueness can not be arranged.And the third party applies the characteristic that oneself need to be arranged, require the storage of resource and the form of expression must carry out the uniqueness customization.For example, the control that the application of the media class third party microblogging of regional A and regional B is propagated security audit, pass tethers is different.Again for example, to apply the mode that demand and administrative institute for resource take be also different for storage class application and Information Communication class.Therefore, the storage of microblog users resource and the form of expression can not have the customization of too many uniqueness, can not meet the diversity of third party's application.
For the problems referred to above, solution commonly used is at present: the microblogging platform helps the microblogging general version in some vertical fields of third party's application and development, and the developer, based on these microblogging general versions, is modified as third party's application of satisfactory correspondence.
But there are the following problems for aforesaid way:
1, with high costs.Be difficult to accomplish by the microblogging general version of all spectra exploitation complete, allow to develop complete, the cost of safeguarding for the microblogging platform is also very huge; In addition, the developer, based on developing on an existing finished product, is also that very large learning cost is arranged.
2, the developer can't utilize the resource in high in the clouds.For example, the developer need to the third party in a storage class of general version exploitation in certain field apply based on microblogging, if the microblogging platform is not supported corresponding data storage (microblogging only provides the storage of microblogging characteristic and calculates), the storage that the developer also can't utilize third-party server to rely on so, the storage resources of calculation server are developed third party's application of this storage class.
Summary of the invention
In view of this, it is a kind of by the method and system of third party's Interface realization microblog users resource security access that main purpose of the present invention is to provide, to solve in existing method when carrying out the microblog users resource access, because the developer is modified as the user resources exploitation that third party's application of satisfactory correspondence causes, the problem that maintenance cost is high based on the microblogging general version.
For achieving the above object, technical scheme of the present invention is achieved in that
The invention provides a kind of method of accessing by third party's Interface realization microblog users resource security, the method comprises: third party's interface is set, and customization microblogging value-added service in described third party's interface, the method also comprises:
Third party's interface is according to the resource provider under the resource of the resource request judgement request of third party's application;
When described resource provider is third party's interface, third party's interface returns to described third party's application by the resource of corresponding microblogging value-added service;
When described resource provider is the microblogging platform, the microblogging resource of the correspondence that third party's interface returns to the microblogging platform passes through described third party's application;
When described resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform is integrated, return to described third party's application.
After third party's interface is set, the method also comprises: relation that described third party's interface is applied with described third party respectively and described microblogging platform breaks the wall of mistrust.
Described third party's interface and described third party apply the relation that breaks the wall of mistrust, for:
The user's that the APPID that third party's application will be arranged with the microblogging platform and APPKEY and microblogging platform issue token and described third party's interface are shared, and third party's interface is trusted described third party's application; Perhaps, described APPID, the APPKEY that third party's interface issues according to the microblogging platform and token trust described third party's application.
Described third party's interface and the described microblogging platform relation that breaks the wall of mistrust, for: third party's interface at microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the microblogging platform relation that breaks the wall of mistrust.
The method also comprises: the application request that third party's application is initiated according to client, construct corresponding resource request message, and send to described third party's interface to initiate described resource request.
The method also comprises: described third party applies and uses described APPKEY and token to sign to the resource request message of structure.
When described resource provider is third party's interface, third party's interface returns to described third party's application by the resource of corresponding microblogging value-added service, comprising:
Described third party's interface verified resource request message, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, is verified;
Described third party's interface is searched the resource of corresponding microblogging value-added service in this locality according to resource request message, by resource response message, return to described third party's application.
When described resource provider is the microblogging platform, the microblogging resource of the correspondence that third party's interface returns to the microblogging platform passes through described third party's application, comprising:
Described third party's interface passes through described microblogging platform by described resource request message;
Described microblogging platform is searched corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
Described third party's interface passes through described third party's application by described resource response message.
When described resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform is integrated, return to described third party's application, comprising:
Described third party's interface is verified resource request message, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, be verified, and search the resource of corresponding microblogging value-added service in this locality;
Described third party's interface sends to described microblogging platform by described resource request message after using described ProxyAPPKEY to described resource request message signature;
Described microblogging platform is used described APPKEY, the token and the ProxyAPPKEY that self preserve to be verified described resource request message, when the described APPKEY, the token that self preserve and ProxyAPPKEY are consistent with the described APPKEY, the token that carry in described resource request message and ProxyAPPKEY respectively, be verified;
Described microblogging platform is searched corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
The microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform returns to described third party's application by described resource response message after being integrated.
It is a kind of by the system of third party's Interface realization microblog users resource security access that the present invention also provides, and this system comprises: module is set, and for third party's interface is set, and customization microblogging value-added service in described third party's interface; This system also comprises: third party's interface, third party's application server and microblogging platform, wherein:
Described third party's application server, for initiating resource request to described third party's interface; Also for receiving microblogging resource that described third party's interface returns and/or the resource of microblogging value-added service;
Described third party's interface, the resource provider under the resource of asking according to described resource request judgement for third party's interface;
Described third party's interface, also for when described resource provider is third party's interface, return to described third party's application server by the resource of corresponding microblogging value-added service; When described resource provider is the microblogging platform, the microblogging resource of the correspondence that described microblogging platform is returned passes through described third party's application server; When described resource provider is described third party's interface and described microblogging platform, after the microblogging resource of the correspondence that the resource of corresponding microblogging value-added service and described microblogging platform are returned is integrated, return to described third party's application server;
Described microblogging platform, for providing described microblogging resource to third party's interface.
Described third party's interface, also for respectively with described third party's application server and the described microblogging platform relation that breaks the wall of mistrust.
Described third party's interface, also, for basis and shared APPID, APPKEY and the token of described third party's application server, trust described third party's application server; Perhaps, APPID, the APPKEY issued according to described microblogging platform and token trust described third party's application server.
Described third party's interface, also at described microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the described microblogging platform relation that breaks the wall of mistrust.
Described third party's application server, also the application request for initiating according to client, construct corresponding resource request message, sends to described third party's interface to initiate described resource request.
Described third party's application server, also for being used described APPKEY and the token resource request message signature to structure.
Described third party's interface, also for resource request message is verified, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, be verified; And search the resource of corresponding microblogging value-added service in this locality according to resource request message, return to described third party's application server by resource response message.
Described third party's interface, also for passing through described resource request message on described microblogging platform;
Described microblogging platform, also for search corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
Described third party's interface, also for passing through described resource response message described third party's application server.
Described third party's interface, also for resource request message is verified, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, are verified, and search the resource of corresponding microblogging value-added service in this locality; Also, for after using described ProxyAPPKEY to described resource request message signature, described resource request message is sent to described microblogging platform;
Described microblogging platform, also for using described APPKEY, the token and the ProxyAPPKEY that self preserve to be verified described resource request message, when the described APPKEY, the token that self preserve and ProxyAPPKEY are consistent with the described APPKEY, the token that carry in described resource request message and ProxyAPPKEY respectively, be verified; And search corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
Described third party's interface, the microblogging resource of the correspondence of also returning for resource and the described microblogging platform of the microblogging value-added service by corresponding returns to described third party's application server by described resource response message after being integrated.
The method and system that the present invention accesses by third party's Interface realization microblog users resource security: between third party and microblogging platform, third party's interface is set, and customization microblogging value-added service in third party's interface.When the request user resources: third party's interface is according to the resource provider under the resource of the resource request judgement request of third party's application; When resource provider is third party's interface, third party's interface returns to third party's application by the resource of corresponding microblogging value-added service; When resource provider is the microblogging platform, the microblogging resource of the correspondence that third party's interface returns to the microblogging platform passes through third party's application; When resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform is integrated, return to third party's application.By the way, the service that can provide microblogging itself not provide to third party's application by third party's interface on the one hand, can also meet the variation of third party's application demand on the one hand, third party's application is without remaking any exploitation, directly to third party's interface and the required resource of microblogging platform request, get final product, reduced the development cost of resource; In addition, the microblogging general version data volume of the relative all spectra of value-added service reduces greatly, has reduced the maintenance cost of resource.
The accompanying drawing explanation
Fig. 1 is existing microblog users resource authorization Organization Chart;
Fig. 2 is microblog users resource authorization Organization Chart of the present invention;
Fig. 3 is the method flow schematic diagram that the present invention passes through the access of third party's Interface realization microblog users resource security;
The method flow schematic diagram that passes through the access of third party's Interface realization microblog users resource security that Fig. 4 is the embodiment of the present invention one;
The method flow schematic diagram that passes through the access of third party's Interface realization microblog users resource security that Fig. 5 is the embodiment of the present invention two;
The method flow schematic diagram that passes through the access of third party's Interface realization microblog users resource security that Fig. 6 is the embodiment of the present invention three.
Embodiment
The present invention realizes that the basic thought of the scheme of microblog users resource security access is: between microblogging platform and third party's application, increased third party's interface, also can be described as the third-party agent platform, realize the customization of the multiple value-added service of microblogging on third party's interface, the service that so can provide the microblogging platform originally can't provide, reduce the development cost of third party's application, also met the diversity of third party's application.Be illustrated in figure 2 the Organization Chart that the present invention realizes the access of microblog users resource security.
Organization Chart based on Fig. 2, realize the access of microblog users resource security, at first needs to set up the trust model between each side, concrete:
1, client layer trust model: the user belongs to the user of microblogging platform, so user's trusted source is the microblogging platform; When third party's application access user resources, the microblogging platform can point out the user whether to authorize this third party application, and the user is by after the mandate of microblogging platform, and the user will trust this third party's application simultaneously, both relations that break the wall of mistrust.
2, third party's application layer trust model: third party's application and microblogging platform have been arranged an APPID and APPKEY, both are signed to interaction message by APPKEY, relation breaks the wall of mistrust, the third party applies and trusts the microblogging platform thus, and the microblogging platform issues user's token (sign) to third party's application; When accessing the third party and apply, the user can carry the token of self, now, the token that third party application issues by the microblogging platform carries out verification, i.e. two token relatively to user identity, and if unanimously verification pass through, thereby this user is trusted in third party application, both relations that break the wall of mistrust.
3, third party's interface layer trust model: third party's interface can not destroy two of fronts trust model, and at first, the third-party agent layer need to be at microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the microblogging platform relation that breaks the wall of mistrust; Secondly, for the user, third party's interface is transparent, therefore relation will break the wall of mistrust between third party's application and third party's interface, two kinds of modes are specifically arranged: 1) third party's application and third party's interface are trusted fully, in such cases, token and third party's interface that the APPID that third party's application will be arranged with the microblogging platform and APPKEY and microblogging platform issue are shared, so, third party's interface is trusted third party's application, simultaneously, third party's interface also can imitate the behavior of third party's application fully, to the microblogging platform, initiates transparent calling; 2) third party's interface applies by microblogging platform and third party the relation that breaks the wall of mistrust, concrete: third party's interface is at microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the microblogging platform relation that breaks the wall of mistrust, so, the microblogging platform issues APPID, APPKEY and token to third party's interface, and APPID, the APPKEY that third party's interface issues according to the microblogging platform and token trust third party's application.
4, microblogging platform trust model: the microblogging platform has user's the information such as password, by these information, trusts the user; Trust third party's application by APPID and APPKEY; Trust third party's interface by ProxyAPPID and ProxyAPPKEY.
Trust model based on setting up, below describe the present invention in detail by the method for third party's Interface realization microblog users resource security access, as shown in Figure 3, comprising:
Step 301, arrange third party's interface, customization microblogging value-added service in described third party's interface.
In order to third party's application, to provide more service, the present invention is provided with third party's interface between third party and microblogging platform, also can be described as the third-party agent platform, can customize corresponding microblogging value-added service in this third party's interface according to the characteristic of third party's application, so, the service that can provide microblogging itself not provide to third party's application on the one hand, can also meet the variation of third party's application demand on the one hand, third party's application is without remaking any exploitation, directly to third party's interface and the required resource of microblogging platform request, get final product, reduced the development cost of resource, in addition, the microblogging general version data volume of the relative all spectra of value-added service reduces greatly, has reduced the maintenance cost of resource.
After being provided with third party's interface, third party's interface also needs respectively and third party's application and the microblogging platform relation that breaks the wall of mistrust, and as described in concrete word segment as corresponding as Fig. 2, repeats no more herein.
Step 302, third party's interface is according to the resource provider under the resource of the resource request judgement request of third party's application.
Concrete, being initiated as of resource request: the application request that third party's application is initiated according to client, construct corresponding resource request message, send to third party's interface to initiate resource request.
Step 3021, when resource provider is third party's interface, third party's interface returns to third party's application by the resource of corresponding microblogging value-added service, and the specific implementation of this step will illustrate by subsequent embodiment one;
Step 3022, when resource provider is the microblogging platform, the microblogging resource of the correspondence that third party's interface returns to the microblogging platform passes through third party's application, and the specific implementation of this step will illustrate by subsequent embodiment two;
Step 3023, when resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform is integrated, return to third party's application, the specific implementation of this step will illustrate by subsequent embodiment three.
In said method, the resource of described microblogging value-added service and microblogging resource all belong to the microblog users resource.
Below by specific embodiment, such scheme is described.
Embodiment mono-, user access the resource of third party's interface, and idiographic flow as shown in Figure 4, comprising:
Step 401, client is applied the initiation application request to the third party.
Step 402, third party's application is constructed resource request message according to application request, and uses token and APPKEY to sign to resource request message.
Step 403, third party's application sends to third party's interface by resource request message.
Step 404, third party's interface is verified resource request message, if the verification passes, performs step 405.
APPKEY and token that third party's interface is preserved according to self are verified resource request message: APPKEY and token that self is preserved compare with APPKEY and token that resource request message carries respectively, if all consistent, are verified.
Wherein, the APPKEY that third party's interface is preserved and token apply and appoint with the third party when breaking the wall of mistrust model, can be also that the microblogging platform issues.
Step 405, after third party's interface is verified resource request message, the local resource of search request, afterwards, return to resource response to third party's application, wherein carries the resource of request.
Step 406, third party's application is returned to resource response message to client, by client, to the user, provides service.
In this embodiment, the resource of third party's interface refers to the resource of the microblogging value-added service that third party's interface provides, and so-called value-added service is relative microblogging platform, refers to the service that the microblogging platform can not provide.Value-added service can be customized according to real needs, to meet the diversity of third party's application demand.
Embodiment bis-, user access the resource of microblogging platform, and idiographic flow as shown in Figure 5, comprising:
Step 501-step 503 is identical with step 401-403, repeats no more herein.
Step 504, due to the user by the resource request message request be the resource of microblogging platform, third party's interface is transparent for the user, can directly this resource request message directly be passed through to the microblogging platform.
Step 505, the microblogging platform is verified resource request message, if the verification passes, performs step 506.
APPKEY and token that the microblogging platform is preserved according to self are verified resource request message: APPKEY and token that self is preserved compare with APPKEY and token that resource request message carries respectively, if all consistent, are verified.
Wherein, the APPKEY that the microblogging platform is preserved when breaking the wall of mistrust model and third party's application negotiation good; Due to the user, be the user of microblogging platform in addition, the microblogging platform is preserved all information of this user, comprises token.
Step 506-507, after the microblogging platform is verified resource request message, return to resource response by third party's interface to third party's application, wherein carries the resource of request.
Step 508, third party's application is returned to resource response to client, by client, to the user, provides service.
Embodiment tri-, user access the 3rd interface and the related resource of microblogging platform, and as shown in Figure 6, this flow process comprises:
Step 601-603 is identical with step 401-403, repeats no more herein.
Step 604, third party's interface is verified (verification mode is with step 404) to resource request message, if the verification passes, the local resource of search request, and use ProxyAPPKEY signs for resource request message.
Step 605, third party's interface sends to the microblogging platform by resource request message.
Step 606, the microblogging platform is verified resource request message, concrete, token, the APPKEY that self is preserved, ProxyAPPKEY respectively with resource request message in token, APPKEY, ProxyAPPKEY compare, if all consistent, be verified the local resource of search request.
Step 607, the microblogging platform returns to resource response to third party's interface, wherein carries the resource of the microblogging platform of request.
Step 608, after third party's interface receives resource response, extract the resource of microblogging platform, and with step 604 in the resource of third party's interface of searching integrated.
Step 609, after third party's interface is implement resource integration, return to resource response to third party application, wherein carries third party's interface after integration and the resource of microblogging platform.
Step 610, third party's application is returned to resource response to client, by client, to the user, provides service.
In order to realize above-mentioned safety access method, it is a kind of by the system of third party's Interface realization microblogging resource security access that the present invention also provides, and comprising: module is set, and for third party's interface is set, and customization microblogging value-added service in third party's interface; This system also comprises: third party's interface, third party's application server and microblogging platform, wherein:
Third party's application server, for initiating resource request to third party's interface; Also for receiving microblogging resource that third party's interface returns and/or the resource of microblogging value-added service;
Third party's interface, for the resource provider under third party's interface resource that judgement is asked according to resource request;
Third party's interface, also for when resource provider is third party's interface, return to third party's application server by the resource of corresponding microblogging value-added service; When resource provider is the microblogging platform, the microblogging resource of the correspondence that the microblogging platform is returned passes through third party's application server; When resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that the resource of corresponding microblogging value-added service and microblogging platform are returned is integrated, return to third party's application server;
The microblogging platform, for providing the microblogging resource to third party's interface.
Third party's interface, also for respectively with third party's application server and the microblogging platform relation that breaks the wall of mistrust.
Third party's interface, also for basis and shared APPID, APPKEY and the token of third party's application server, trust third party's application server; Perhaps, the APPID issued according to the microblogging platform, APPKEY and token trust third party's application server.
Third party's interface, also at microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the microblogging platform relation that breaks the wall of mistrust.
Third party's application server, also the application request for initiating according to client, construct corresponding resource request message, sends to third party's interface to initiate resource request.
Third party's application server, also for being used APPKEY and the token resource request message signature to structure.
Third party's interface, also for resource request message is verified, when the APPKEY self preserved and token are consistent with the APPKEY carried in resource request message and token respectively, be verified; And search the resource of corresponding microblogging value-added service in this locality according to resource request message, return to third party's application server by resource response message.
Third party's interface, also for passing through resource request message on the microblogging platform;
The microblogging platform, also for search corresponding microblogging resource in this locality according to resource request message, and send to third party's interface by resource response message;
Third party's interface, also for passing through resource response message third party's application server.
Third party's interface, also for resource request message is verified, when the APPKEY self preserved and token are consistent with the APPKEY carried in resource request message and token respectively, are verified, and search the resource of corresponding microblogging value-added service in this locality; Also, for after using ProxyAPPKEY to the resource request message signature, resource request message is sent to the microblogging platform;
The microblogging platform, also for using APPKEY, the token and the ProxyAPPKEY that self preserve to be verified resource request message, when the APPKEY, the token that self preserve and ProxyAPPKEY are consistent with the APPKEY carried in resource request message, token and ProxyAPPKEY respectively, be verified; And search corresponding microblogging resource in this locality according to resource request message, and send to third party's interface by resource response message;
Third party's interface, the microblogging resource of the correspondence of also returning for resource and the microblogging platform of the microblogging value-added service by corresponding returns to third party's application server by resource response message after being integrated.
Above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.
Claims (18)
1. a method of accessing by third party's Interface realization microblog users resource security, is characterized in that, the method comprises: third party's interface is set, and customization microblogging value-added service in described third party's interface, the method also comprises:
Third party's interface is according to the resource provider under the resource of the resource request judgement request of third party's application;
When described resource provider is third party's interface, third party's interface returns to described third party's application by the resource of corresponding microblogging value-added service;
When described resource provider is the microblogging platform, the microblogging resource of the correspondence that third party's interface returns to the microblogging platform passes through described third party's application;
When described resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform is integrated, return to described third party's application.
2. according to claim 1 by the method for third party's Interface realization microblog users resource security access, it is characterized in that, after third party's interface is set, the method also comprises: relation that described third party's interface is applied with described third party respectively and described microblogging platform breaks the wall of mistrust.
3. according to claim 2 by the method for third party's Interface realization microblog users resource security access, it is characterized in that, described third party's interface and described third party apply the relation that breaks the wall of mistrust, for:
The user's that the APPID that third party's application will be arranged with the microblogging platform and APPKEY and microblogging platform issue token and described third party's interface are shared, and third party's interface is trusted described third party's application; Perhaps, described APPID, the APPKEY that third party's interface issues according to the microblogging platform and token trust described third party's application.
4. according to claim 2 by the method for third party's Interface realization microblog users resource security access, it is characterized in that, described third party's interface and the described microblogging platform relation that breaks the wall of mistrust, for: third party's interface at microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the microblogging platform relation that breaks the wall of mistrust.
5. described by the method for third party's Interface realization microblog users resource security access according to claim 3 or 4, it is characterized in that, the method also comprises: the application request that third party's application is initiated according to client, construct corresponding resource request message, send to described third party's interface to initiate described resource request.
6. want 5 described methods of accessing by third party's Interface realization microblog users resource security according to right, it is characterized in that, the method also comprises: described third party applies and uses described APPKEY and token to sign to the resource request message of structure.
7. want 6 described methods of accessing by third party's Interface realization microblog users resource security according to right, it is characterized in that, when described resource provider is third party's interface, third party's interface returns to described third party's application by the resource of corresponding microblogging value-added service, comprising:
Described third party's interface verified resource request message, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, is verified;
Described third party's interface is searched the resource of corresponding microblogging value-added service in this locality according to resource request message, by resource response message, return to described third party's application.
8. want 6 described methods of accessing by third party's Interface realization microblog users resource security according to right, it is characterized in that, when described resource provider is the microblogging platform, the microblogging resource of the correspondence that third party's interface returns to the microblogging platform passes through described third party's application, comprising:
Described third party's interface passes through described microblogging platform by described resource request message;
Described microblogging platform is searched corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
Described third party's interface passes through described third party's application by described resource response message.
9. want 6 described methods of accessing by third party's Interface realization microblog users resource security according to right, it is characterized in that, when described resource provider is third party's interface and microblogging platform, after the microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform is integrated, return to described third party's application, comprising:
Described third party's interface is verified resource request message, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, be verified, and search the resource of corresponding microblogging value-added service in this locality;
Described third party's interface sends to described microblogging platform by described resource request message after using described ProxyAPPKEY to described resource request message signature;
Described microblogging platform is used described APPKEY, the token and the ProxyAPPKEY that self preserve to be verified described resource request message, when the described APPKEY, the token that self preserve and ProxyAPPKEY are consistent with the described APPKEY, the token that carry in described resource request message and ProxyAPPKEY respectively, be verified;
Described microblogging platform is searched corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
The microblogging resource of the correspondence that third party's interface returns to the resource of corresponding microblogging value-added service and microblogging platform returns to described third party's application by described resource response message after being integrated.
10. a system of accessing by third party's Interface realization microblog users resource security, is characterized in that, this system comprises: module is set, and for third party's interface is set, and customization microblogging value-added service in described third party's interface; This system also comprises: third party's interface, third party's application server and microblogging platform, wherein:
Described third party's application server, for initiating resource request to described third party's interface; Also for receiving microblogging resource that described third party's interface returns and/or the resource of microblogging value-added service;
Described third party's interface, the resource provider under the resource of asking according to described resource request judgement for third party's interface;
Described third party's interface, also for when described resource provider is third party's interface, return to described third party's application server by the resource of corresponding microblogging value-added service; When described resource provider is the microblogging platform, the microblogging resource of the correspondence that described microblogging platform is returned passes through described third party's application server; When described resource provider is described third party's interface and described microblogging platform, after the microblogging resource of the correspondence that the resource of corresponding microblogging value-added service and described microblogging platform are returned is integrated, return to described third party's application server;
Described microblogging platform, for providing described microblogging resource to third party's interface.
11. by the system of third party's Interface realization microblog users resource security access, it is characterized in that according to claim 10, described third party's interface, also for respectively with described third party's application server and the described microblogging platform relation that breaks the wall of mistrust.
12. according to claim 11 is described, by the system of third party's Interface realization microblog users resource security access, it is characterized in that,
Described third party's interface, also, for basis and shared APPID, APPKEY and the token of described third party's application server, trust described third party's application server; Perhaps, APPID, the APPKEY issued according to described microblogging platform and token trust described third party's application server.
13. described by the system of third party's Interface realization microblog users resource security access according to claim 11, it is characterized in that, described third party's interface, also at described microblogging platform registration ProxyAPPID and ProxyAPPKEY, with the described microblogging platform relation that breaks the wall of mistrust.
14. according to claim 12 or 13 is described, by the system of third party's Interface realization microblog users resource security access, it is characterized in that,
Described third party's application server, also the application request for initiating according to client, construct corresponding resource request message, sends to described third party's interface to initiate described resource request.
15. it is characterized in that by the system of third party's Interface realization microblog users resource security access according to claim 14 is described, described third party's application server, also for being used described APPKEY and the token resource request message signature to structure.
16. according to claim 15 is described, by the system of third party's Interface realization microblog users resource security access, it is characterized in that,
Described third party's interface, also for resource request message is verified, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, be verified; And search the resource of corresponding microblogging value-added service in this locality according to resource request message, return to described third party's application server by resource response message.
17. according to claim 15 is described, by the system of third party's Interface realization microblog users resource security access, it is characterized in that,
Described third party's interface, also for passing through described resource request message on described microblogging platform;
Described microblogging platform, also for search corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
Described third party's interface, also for passing through described resource response message described third party's application server.
18. according to claim 15 is described, by the system of third party's Interface realization microblog users resource security access, it is characterized in that,
Described third party's interface, also for resource request message is verified, when the described APPKEY self preserved and token are consistent with the described APPKEY carried in described resource request message and token respectively, are verified, and search the resource of corresponding microblogging value-added service in this locality; Also, for after using described ProxyAPPKEY to described resource request message signature, described resource request message is sent to described microblogging platform;
Described microblogging platform, also for using described APPKEY, the token and the ProxyAPPKEY that self preserve to be verified described resource request message, when the described APPKEY, the token that self preserve and ProxyAPPKEY are consistent with the described APPKEY, the token that carry in described resource request message and ProxyAPPKEY respectively, be verified; And search corresponding microblogging resource in this locality according to resource request message, and send to described third party's interface by resource response message;
Described third party's interface, the microblogging resource of the correspondence of also returning for resource and the described microblogging platform of the microblogging value-added service by corresponding returns to described third party's application server by described resource response message after being integrated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210186954.7A CN103475628B (en) | 2012-06-07 | 2012-06-07 | The method and system that microblog users resource security is accessed is realized by third party's interface |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210186954.7A CN103475628B (en) | 2012-06-07 | 2012-06-07 | The method and system that microblog users resource security is accessed is realized by third party's interface |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103475628A true CN103475628A (en) | 2013-12-25 |
| CN103475628B CN103475628B (en) | 2017-08-15 |
Family
ID=49800326
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210186954.7A Active CN103475628B (en) | 2012-06-07 | 2012-06-07 | The method and system that microblog users resource security is accessed is realized by third party's interface |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103475628B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104918224A (en) * | 2014-03-14 | 2015-09-16 | 中国移动通信集团江苏有限公司 | Application service providing method and system and client service platform |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101272281A (en) * | 2008-04-22 | 2008-09-24 | 北京邮电大学 | System and method for providing network service relating to four parties |
| CN101296243A (en) * | 2008-06-26 | 2008-10-29 | 阿里巴巴集团控股有限公司 | Service integration platform system and method for providing internet service |
| US7945774B2 (en) * | 2008-04-07 | 2011-05-17 | Safemashups Inc. | Efficient security for mashups |
| CN102238007A (en) * | 2010-04-20 | 2011-11-09 | 阿里巴巴集团控股有限公司 | Method, device and system for acquiring session token of user by third-party application |
| CN102394887A (en) * | 2011-11-10 | 2012-03-28 | 杭州东信北邮信息技术有限公司 | OAuth protocol-based safety certificate method of open platform and system thereof |
| CN102413464A (en) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | GBA (General Bootstrapping Architecture)-based secret key negotiation system and method of telecommunication capability open platform |
| CN102438027A (en) * | 2012-01-17 | 2012-05-02 | 深圳市乐唯科技开发有限公司 | System and method for expanding extensible messaging and presence protocol (XMPP) server open platform |
-
2012
- 2012-06-07 CN CN201210186954.7A patent/CN103475628B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7945774B2 (en) * | 2008-04-07 | 2011-05-17 | Safemashups Inc. | Efficient security for mashups |
| CN101272281A (en) * | 2008-04-22 | 2008-09-24 | 北京邮电大学 | System and method for providing network service relating to four parties |
| CN101296243A (en) * | 2008-06-26 | 2008-10-29 | 阿里巴巴集团控股有限公司 | Service integration platform system and method for providing internet service |
| CN102238007A (en) * | 2010-04-20 | 2011-11-09 | 阿里巴巴集团控股有限公司 | Method, device and system for acquiring session token of user by third-party application |
| CN102394887A (en) * | 2011-11-10 | 2012-03-28 | 杭州东信北邮信息技术有限公司 | OAuth protocol-based safety certificate method of open platform and system thereof |
| CN102413464A (en) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | GBA (General Bootstrapping Architecture)-based secret key negotiation system and method of telecommunication capability open platform |
| CN102438027A (en) * | 2012-01-17 | 2012-05-02 | 深圳市乐唯科技开发有限公司 | System and method for expanding extensible messaging and presence protocol (XMPP) server open platform |
Non-Patent Citations (1)
| Title |
|---|
| E. HAMMER, ED: "The OAuth 2.0 Authorization Protocol draft-ietf-oauth-v2-25", 《NETWORK WORKING GROUP INTERNET-DRAFT》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104918224A (en) * | 2014-03-14 | 2015-09-16 | 中国移动通信集团江苏有限公司 | Application service providing method and system and client service platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103475628B (en) | 2017-08-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104871172B (en) | Equipment for connection allocates framework | |
| US10484385B2 (en) | Accessing an application through application clients and web browsers | |
| US10298591B2 (en) | Secure integration of independent cloud foundry applications in a fiori launchpad | |
| US9787659B2 (en) | Techniques for secure access management in virtual environments | |
| CN105359486B (en) | Resource is accessed using agent security | |
| US8752158B2 (en) | Identity management with high privacy features | |
| JP2020509475A (en) | Reliable login methods, servers, and systems | |
| CN105378768A (en) | Proximity and context aware mobile workspaces in enterprise systems | |
| CN109643242A (en) | Safe design and framework for multi-tenant HADOOP cluster | |
| CN105379223A (en) | Validating the identity of a mobile application for mobile application management | |
| CN107113302A (en) | Security and licensing architecture in multi-tenant computing system | |
| CN105247526A (en) | Providing an enterprise application store | |
| CN105247531A (en) | Providing managed browser | |
| CN104769908A (en) | LDAP-based multi-tenant in-cloud identity management system | |
| CN102986190A (en) | Resource access management | |
| CN106471783A (en) | Business system certification and mandate via gateway | |
| CN105989275B (en) | Method and system for certification | |
| WO2022247359A1 (en) | Cluster access method and apparatus, electronic device, and medium | |
| CN106559389A (en) | A kind of Service Source issue, call method, device, system and cloud service platform | |
| CN105262780A (en) | Authority control method and system | |
| CN105354482A (en) | Single sign-on method and device | |
| CN104580081A (en) | Integrated SSO (single sign on) system | |
| CN107634989A (en) | A kind of cloud wallet construction method and server | |
| US9886572B2 (en) | Lie vault | |
| US11627123B2 (en) | Techniques for simultaneously accessing multiple isolated systems while maintaining security boundaries |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |