CN105897668A - Third party account authorization method, device, server and system - Google Patents
Third party account authorization method, device, server and system Download PDFInfo
- Publication number
- CN105897668A CN105897668A CN201510694688.2A CN201510694688A CN105897668A CN 105897668 A CN105897668 A CN 105897668A CN 201510694688 A CN201510694688 A CN 201510694688A CN 105897668 A CN105897668 A CN 105897668A
- Authority
- CN
- China
- Prior art keywords
- authorization
- party
- user account
- application
- account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a third party account authorization method, device, server and system. The method comprises the following steps: an authorization request of a third party application is responded to; if a user account which is bound in advance is set, an authorization code of the user account which is bound in advance is obtained and sent to a user center, an access token of the authorization code is obtained from the user center, the access token and the user account are sent to the server, user information of the user account is obtained from the server after the access token passes verification, and the user information is called back to the third party application. According to the third party account authorization method, device, server and system, a solution that the account which is bound in advance can be authorized to the third party application is provided; the third party application is enabled to gain authorization of the safe account, and therefore the third party application can use the safe account to conduct all kinds of sensitive operations such as fee paying operation and the like.
Description
Technical field
The present invention relates to account management correlative technology field, particularly a kind of third party account authorized party
Method, equipment, server and system thereof.
Background technology
Smart mobile phone, refers to as PC, has independent operating system, independent fortune
Row space, can be installed voluntarily by user software, play, the third party service provider such as navigation provides
Program, it is possible to realize the type of cell phone that wireless network accesses by mobile communication network.
The software run in smart mobile phone is referred to as application (App), can be intelligence hand by App
Machine brings very many functions.
User account is for identifying user identity, the most how to ensure the safety of user account very
Important.Prior art is generally adopted by user account is saved in server, and user is when logging in
Verified by user cipher.
But, when user account is too much, it is it is difficult to ensure that the security of its account, therefore App
It is difficult with account and carry out sensitive operation, such as, pay paying etc..
Summary of the invention
Based on this, it is necessary to be difficult to ensure that the technical problem of the security of account for prior art,
A kind of third party's account authorization method, equipment, server and system thereof are provided.
The present invention provides a kind of third party's account authorization method, including:
Third party's authorization response step, including: the authorization requests of response third-party application;
Authorization code obtaining step, including: if provided, with the user account bound in advance, then obtain pass
Authorization code in the described user account bound in advance;
Access token obtaining step, including: described authorization code is sent to customer center, from described
Customer center obtains the access token about described authorization code;
User profile obtaining step, including: described access token and user account are sent to service
Device, from described server obtain after described access token is verified about described user account
User profile;
Information readjustment step, including: described user profile is pulled back to described third-party application.
Further, described acquisition is about the authorization code of the described user account bound in advance, specifically
Including:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close
Authorization code in the described user account bound in advance.
Further, described authorization code obtaining step, also include: without the use bound in advance
Family account, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key
Login page;
Obtain described server user account and user cipher are verified after returned about institute
State the authorization code of user account, perform access token obtaining step, described user account and described use
Family password is obtained by the reception of described login page by described server.
Further, in described access token obtaining step, obtain after described access token with described
User account association preserves;
Described third party's authorization response step, specifically includes:
When in response to the authorization requests of third-party application, close with described user account if preserved
The access token that UNPROFOR is deposited, the most directly performs described user profile obtaining step, otherwise performs described
Authorization code obtaining step.
Further, described information readjustment step, specifically include:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Further, described third party's authorization response step, specifically include: display authorization page,
The authorization requests of the third-party application that response is triggered by described authorization page, described authorization page is adopted
Generate based on Android system with Java, and the display resource of described authorization page is from Java storehouse
Form preserve at least one resource file, and each described resource file resource file mark adopt
Obtain from the R file that Android system is provided with the reflex mechanism of Java.
The present invention provides a kind of third party's account authorization method, including:
Access token receiving step, including: receive the access token from equipment and user account,
Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with
User account time obtain about the authorization code of the described user account bound in advance, and award described
Weighted code sends to customer center, acquires the visit about described authorization code from described customer center
Ask token;
User profile forwarding step, including: described access token is verified, if described visit
Ask that token authentication passes through, then the user profile about described user account sent to described equipment,
Described user profile is used for pulling back to described third-party application by described equipment.
Further, also include, authorization code forwarding step;
Described authorization code forwarding step, including:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent
Mark and application key, described application identities and described application key are the institute acquired in described equipment
State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in
The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment
Authorization code about described user account.
The present invention provides a kind of third party's account authorisation device, including:
Third party's authorization response module, is used for: the authorization requests of response third-party application;
Authorization code acquisition module, is used for: if provided, with the user account bound in advance, then obtain pass
Authorization code in the described user account bound in advance;
Access token acquisition module, is used for: send described authorization code to customer center, from described
Customer center obtains the access token about described authorization code;
User profile acquisition module, is used for: described access token and user account are sent to service
Device, from described server obtain after described access token is verified about described user account
User profile;
Information callback module, is used for: described user profile is pulled back to described third-party application.
Further, described acquisition is about the authorization code of the described user account bound in advance, specifically
For:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close
Authorization code in the described user account bound in advance.
Further, described authorization code acquisition module, it is additionally operable to: without the use bound in advance
Family account, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key
Login page;
Obtain described server user account and user cipher are verified after returned about institute
State the authorization code of user account, perform access token acquisition module, described user account and described use
Family password is obtained by the reception of described login page by described server.
Further, in described access token acquisition module, obtain after described access token with described
User account association preserves;
Described third party's authorization response module, specifically for:
When in response to the authorization requests of third-party application, close with described user account if preserved
The access token that UNPROFOR is deposited, the most directly performs described user profile acquisition module, otherwise performs described
Authorization code acquisition module.
Further, described information callback module, specifically for:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Further, described third party's authorization response module, specifically for: display authorization page,
The authorization requests of the third-party application that response is triggered by described authorization page, described authorization page is adopted
Generate based on Android system with Java, and the display resource of described authorization page is from Java storehouse
Form preserve at least one resource file, and each described resource file resource file mark adopt
Obtain from the R file that Android system is provided with the reflex mechanism of Java.
The present invention provides a kind of third party's account authorization server, including:
Access token receiver module, is used for: receive the access token from equipment and user account,
Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with
User account time obtain about the authorization code of the described user account bound in advance, and award described
Weighted code sends to customer center, acquires the visit about described authorization code from described customer center
Ask token;
User profile sending module, is used for: verify described access token, if described visit
Ask that token authentication passes through, then the user profile about described user account sent to described equipment,
Described user profile is used for pulling back to described third-party application by described equipment.
Further, also include, authorization code sending module;
Described authorization code sending module, is used for:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent
Mark and application key, described application identities and described application key are the institute acquired in described equipment
State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in
The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment
Authorization code about described user account.
The present invention provides a kind of third party's account authoring system, including: equipment end and server end;
Described equipment end, including:
Equipment end third party's authorization response module, is used for: the authorization requests of response third-party application;
Equipment end authorization code acquisition module, is used for: if provided, with the user account bound in advance, then
Obtain the authorization code about the described user account bound in advance;
Equipment end access token acquisition module, is used for: send described authorization code to customer center,
The access token about described authorization code is obtained from described customer center;
Equipment end user profile acquisition module, is used for: described access token and user account are sent
To server, obtain the user profile about described user account from described server;
Equipment end information callback module, is used for: described user profile pulls back to described third party should
With;
Described server end, including:
Server end access token receiver module, is used for: receive from equipment access token and
User account;
Server-side user information sending module, is used for: verify described access token, as
The most described access token is verified, then send the user profile about described user account to institute
State equipment.
The present invention uses by providing a kind of third-party application that can the account bound in advance be licensed to
Scheme so that third-party application can obtain the mandate of this secured account numbers, so that third party
Application can use this secured account numbers to carry out various sensitive operation, such as, pay paying etc..
Accompanying drawing explanation
Fig. 1 is the workflow diagram that the present invention is applied to a kind of third party's account authorization method of equipment;
Fig. 2 is the workflow that the present invention is applied to a kind of third party's account authorization method of server
Figure;
Fig. 3 is the construction module figure of the present invention a kind of third party account authorisation device;
Fig. 4 is the device structure schematic diagram of preferred embodiment;
Fig. 5 is the construction module figure of the present invention a kind of third party account authorization server;
Fig. 6 is the server architecture schematic diagram of preferred embodiment;
Fig. 7 is the construction module figure of the present invention a kind of third party account authoring system;
Fig. 8 is the work for the equipment of user bound account in advance of highly preferred embodiment of the present invention
Flow chart.
Detailed description of the invention
The present invention will be further described in detail with specific embodiment below in conjunction with the accompanying drawings.
It is illustrated in figure 1 the workflow diagram of the present invention a kind of third party account authorization method, including:
Step S101, including: the authorization requests of response third-party application;
Step S102, including: if provided, with the user account bound in advance, then obtain about described
The authorization code of the user account bound in advance;
Step S103, including: described authorization code is sent to customer center, from described customer center
Obtain the access token about described authorization code;
Step S104, including: described access token and user account are sent to server, from institute
State server and obtain the user's letter about described user account after described access token is verified
Breath;
Step S105, including: described user profile is pulled back to described third-party application.
The method of the present invention can use SDK (Software Development
Ki t, sdk) form be supplied to software developer.The software application that software developer is developed,
I.e. third-party application, by calling the function request mandate that sdk is provided, triggers step S101,
Thus respond authorization requests.In step S102, obtain the authorization code of the user account bound in advance,
And this authorization code is sent to the customer center for realizing the integrated management to user profile, this use
Center, family can be with equipment one, it is also possible to be and server one, it is also possible to be specific installation.
Step S103 gets access token, and is sent to server by access token, owing to being sent out
Send is access token, and therefore it can hide authorization code well, it is to avoid authorization code is illegally accessed.
In step S104, server i.e. returns relevant user profile after verifying access token, this use
The call back function that family information is provided by third-party application pulls back to third-party application.
Due to the fact that the user account of employing is bound in advance, therefore its security is higher, from
And make third-party application that this user account can be used to realize various sensitive operation, such as pay and pay
Take.
Wherein in an embodiment, described acquisition is awarded about the described user account bound in advance
Weighted code, specifically includes:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close
Authorization code in the described user account bound in advance.
The application identities of third-party application is verified by the present embodiment further with application key, with
Ensure that this third-party application has corresponding authority to obtain the mandate of the user account bound in advance
Code, thus improve safety further.
Wherein in an embodiment, described step S102, also include: without binding in advance
User account, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key
Login page;
Obtain described server user account and user cipher are verified after returned about institute
State the authorization code of user account, perform step S103, described user account and described user cipher by
Described server is received by described login page and obtains.
The present embodiment increases not have the support of user bound account in advance, if i.e. user employing
Be that a binding in advance has the equipment of user account, then it can obtain authorization code the most in a device,
But, if user does not use binding in advance to have the equipment of user account, then it can be by setting
Standby game server and then obtain authorization code, server is to the application identities of third-party application and application
Key carries out verifying to guarantee that it has enough authorities.
Wherein in an embodiment, in described step S103, obtain after described access token with institute
State user account association to preserve;
Described step S101, specifically includes:
When in response to the authorization requests of third-party application, close with described user account if preserved
The access token that UNPROFOR is deposited, the most directly performs described step S104, otherwise performs described step S102.
In the present embodiment, for having been achieved with the user account of user profile, can directly use
Existing access token, thus reduce steps flow chart, improve the acquisition speed of user profile so that
User obtains more preferable Consumer's Experience.
Wherein in an embodiment, described step S105, specifically include:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
The present embodiment is adjusted back by Hash encapsulation, thus improves readjustment speed.Preferably, adopt
With hash map, i.e. user profile is packaged by HashMap mode.
Wherein in an embodiment, described step S101, specifically include: display authorization page,
The authorization requests of the third-party application that response is triggered by described authorization page, described authorization page is adopted
Generate based on Android system with Java, and the display resource of described authorization page is from Java storehouse
Form preserve at least one resource file, and each described resource file resource file mark adopt
Obtain from the R file that Android system is provided with the reflex mechanism of Java.
Android system, i.e. android system, when using java to develop, wherein have one
R file, i.e. R.Java file, it is used for preserving resource file, but, due to same jar bag
In can not have two R files simultaneously, therefore, the resource file of the present embodiment is with l ibrary's
Form provides, and by former R file, the resource file mark of all resource files, i.e. resource is civilian
Part id uses reflex mechanism to obtain, so that this sdk can be smoothly by Java developer
Call.
It is illustrated in figure 2 the workflow diagram of the present invention a kind of third party account authorization method, including:
Step S201, including: receive the access token from equipment and user account, described visit
Ask the token authorization requests by described equipment response third-party application, be provided with the user bound in advance
Obtain the authorization code about the described user account bound in advance during account, and described authorization code is sent out
After delivering to customer center, acquire the access token about described authorization code from described customer center;
Step S202, including: described access token is verified, if described access token is tested
Card passes through, then send the user profile about described user account to described equipment, described user
Information is used for pulling back to described third-party application by described equipment.
The present embodiment is applied in server, and server returns user after verifying access token
The user profile of account.
Wherein in an embodiment, also include, authorization code forwarding step;
Described authorization code forwarding step, including:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent
Mark and application key, described application identities and described application key are the institute acquired in described equipment
State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in
The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment
Authorization code about described user account.
The step process of the present embodiment user is when using the equipment of user bound account the most in advance
Log on request, and return corresponding authorization code.
It is illustrated in figure 8 the equipment for user bound account in advance of highly preferred embodiment of the present invention
Workflow diagram, equipment is mobile phone, specifically includes:
When developer uses sdk provided by the present invention, it is necessary first in server application mandate
Application identities (appid), application key (appsecret), openid and secret_key.
Step S801, appid, appsecret are passed to be placed in mobile phone rom act on behalf of agent,
If appid with appsecret is proved to be successful, directly open login interface, carry out authorizing login,
Login successfully the authorization code (code) acquisition returned by agent, specifically:
Openid Yu secret_key is passed to the GuideActivity of agent, according to
StartActivityForResult deactivation is built in inside mobile phone rom
The com.letv.android.agent.GuideActivity page, if this page mandate successfully can
Code is returned by Intent by onActivityResult, after getting code, adjusts
The accesstoken of user is exchanged for getAccessToken (code);
Step S802, is sent to customer center by http, customer center further according to this authorization code,
To should authorization code user access token (accesstoken) return, specifically:
By appid incoming for developer, appsecrect, authorization code code, loopback address combination,
Become a json word string, sent by the POST of HttpClient
GetAccessTokenFromServer asks customer center, then uses RequestCallback
Interface readjustment get the Json field of return from customer center, it is resolved with JSONObject,
Get accesstoken, uid field;
Step S803, by accesstoken, obtains the accounts information of user, specifically:
By incoming to accesstoken, uid getUserBasicInfo method,
In getUserBasicInfo method, appid, uid, accesstoken, uid are combined into one
Individual json character string, in like manner sends according to the Get of HttpClient
GetUserBasicInfoFromServer asks, and obtains the essential information of user, return information bag
Include: uid, nickname, accesstoken, file_300*300, file_200*200,
file_70*70、file_50*50。
Then these information are combined in callback interface;
Step S804, after obtaining user profile, by the shareprefer of android, will
The storage such as accesstoken and uid, nickname is to locally stored, using uid as major key,
If clicking directly on login according to history, then can get the user's letter in all shareprefer
Breath, is shown, then gets the accesstoken of user according to this user profile, then perform
Step S803, gets user profile, information is adjusted back away.
Step S805, the callback interface provided by sdk, is entered information back to third-party application
Row accounts information processes, and user profile is packaged into HashMap by callback interface, and then developer is direct
Directly HashMap object can be operated, specifically:
Its encapsulation format is:
HashMap<String, Object>userInfo=new HashMap<String,
Object>()
UserInfo.put (" letv_uid " ,/* user uid* /);
UserInfo.put (" nickname " ,/* pet name * /);
UserInfo.put (" access_token " ,/* authorizes access token* /);
UserInfo.put (" file_300*300 " ,/* 300*300 head portrait * /);
UserInfo.put (" file_200*200 " ,/* 200*200 head portrait * /);
UserInfo.put (" file_70*70 " ,/* 70*70 head portrait * /);
UserInfo.put (" file_50*50 " ,/* 50*50 head portrait * /);
Then this HashMap object is directly adjusted back to developer.
The equipment for non-predetermined user bound account of highly preferred embodiment of the present invention, specifically includes:
Calling the login page of html5, input account, with password, is clicked on and is logged in, after logining successfully
Can return authorization code code in loopback address, follow-up with for user bound account in advance
The workflow of equipment is identical, i.e. consistent with step S802-S805, the generation of its login page,
Specific as follows:
According to appid, appsecret and loopback address, spell out one and adjusted the url logged in,
Its form is as follows:
"https://aaa.xxx.com/oauthopen/authorize?Scope=user_basic_
Show&display=mobile&client_id="
+AccountOathSDK.appid+
" &force_login=1&state=&response_type=code&cl ient_secret="
+ AccountOathSDK.appsecret+ " &redirect_uri="+
AccountOathSDK.redirect_uri;
Then this login page is opened by the loadurl of WebView, if logged on success,
Then authorization code code can be attached to after loopback address redirect_uri, as
https://aaa.xxx.com/oauth_default.html?Code=1, then passes through WebView
OnPageFinish method, code value can be truncated to, by incoming for this value
In getAccessToken (code).
The sdk of preferred embodiment directly accesses with R file in jar due to resource file
Have conflict, so the reflex mechanism that the access of all resource files all uses java obtains.Tool
Body provides a Mresource class with according to resources-type class name (className) and resource literary composition
Part name (name) obtains resource file id.
One getIdByName (Context context, String can be provided in Mresource
ClassName, String name), the method can be according to className and id title name
Obtain the id of correspondence.The R literary composition of correspondence first can be reflected according to bag name (package name)
Part, then ergodic classes in this R file, if finding this resources-type, then this resources-type in right
The id corresponding to name value directly return.
It is illustrated in figure 3 the construction module figure of the present invention a kind of third party account authorisation device, including:
Third party's authorization response module 301, is used for: the authorization requests of response third-party application;
Authorization code acquisition module 302, is used for: if provided, with the user account bound in advance, then obtain
Authorization code about the described user account bound in advance;
Access token acquisition module 303, is used for: send described authorization code to customer center, from institute
State customer center and obtain the access token about described authorization code;
User profile acquisition module 304, is used for: described access token and user account are sent to clothes
Business device, from described server obtain after described access token is verified about described user's account
Number user profile;
Information callback module 305, is used for: described user profile is pulled back to described third-party application.
Wherein in an embodiment, described acquisition is awarded about the described user account bound in advance
Weighted code, specifically for:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close
Authorization code in the described user account bound in advance.
Wherein in an embodiment, described authorization code acquisition module 302, it is additionally operable to: without
The user account bound in advance, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key
Login page;
Obtain described server user account and user cipher are verified after returned about institute
State the authorization code of user account, perform access token acquisition module, described user account and described use
Family password is obtained by the reception of described login page by described server.
Wherein in an embodiment, in described access token acquisition module 303, obtain described visit
Preservation is associated with described user account after asking token;
Described third party's authorization response module 301, specifically for:
When in response to the authorization requests of third-party application, close with described user account if preserved
The access token that UNPROFOR is deposited, the most directly performs described user profile acquisition module 304, otherwise performs institute
State authorization code acquisition module 302.
Wherein in an embodiment, described information callback module 305, specifically for:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Wherein in an embodiment, described third party's authorization response module 301, specifically for: aobvious
Show authorization page, the authorization requests of the third-party application that response is triggered, institute by described authorization page
Stating authorization page uses Java to generate based on Android system, and the display resource of described authorization page is come
From at least one resource file preserved with Java storehouse form, and the resource of each described resource file
File identification uses the reflex mechanism of Java to obtain from the R file that Android system is provided.
Be illustrated in figure 4 the structured flowchart of the equipment of the present invention, its specifically include that processor 401,
Memory 402, communications component 403 and display screen 404 etc..In general, the equipment of the present invention is excellent
Elect smart mobile phone, panel computer and intelligent television etc. as.
Memory 402 wherein stores the specific code of preceding method, processor 401 specifically holds
OK, authorize interface by display screen 404 display, and sent out to server by communications component 403
Send access token and user account, and receive user profile and pass through processor 401 and pull back to the
Tripartite applies.
It is illustrated in figure 5 the construction module figure of the present invention a kind of third party account authorization server, bag
Include:
Access token receiver module 501, is used for: receive the access token from equipment and user's account
Number, described access token, by the authorization requests of described equipment response third-party application, is being provided with in advance
The authorization code about the described user account bound in advance is obtained during the user account bound, and by institute
State authorization code to send to customer center, acquire about described authorization code from described customer center
Access token;
User profile sending module 502, is used for: verify described access token, if described
Access token is verified, then send the user profile about described user account to described equipment,
Described user profile is used for pulling back to described third-party application by described equipment.
Wherein in an embodiment, also include, authorization code sending module;
Described authorization code sending module, is used for:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent
Mark and application key, described application identities and described application key are the institute acquired in described equipment
State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in
The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment
Authorization code about described user account.
It is illustrated in figure 6 the structured flowchart of the server of the present invention.Server can be a computer,
Can also be the cluster that formed of multiple computers, it specifically includes that processor 601, memory 602
And communications component 603 etc..
Memory 602 wherein stores the specific code of preceding method, processor 601 specifically holds
OK, receive, by communications component 603, access token and the user account that equipment sends, and by processing
Device 601 is inquired about after obtaining user profile from memory 602, by communications component 603 to equipment
Return user profile.
It is illustrated in figure 7 the construction module figure of the present invention a kind of third party account authoring system, including:
Equipment end 71 and server end 72;
Described equipment end 71, including:
Equipment end third party's authorization response module 711, is used for: the authorization requests of response third-party application;
Equipment end authorization code acquisition module 712, is used for: if provided, with the user account bound in advance,
Then obtain the authorization code about the described user account bound in advance;
Equipment end access token acquisition module 713, is used for: send described authorization code to customer center,
The access token about described authorization code is obtained from described customer center;
Equipment end user profile acquisition module 714, is used for: described access token and user account are sent out
Deliver to server, obtain the user profile about described user account from described server;
Equipment end information callback module 715, is used for: described user profile is pulled back to described third party
Application;
Described server end 72, including:
Server end access token receiver module 721, is used for: receive the access token from equipment
And user account;
Server-side user information sending module 722, is used for: verify described access token,
If described access token is verified, then the user profile about described user account is sent extremely
Described equipment.
Embodiment described above only have expressed the several embodiments of the present invention, and its description is the most concrete
In detail, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.Should be understood that
It is, for the person of ordinary skill of the art, without departing from the inventive concept of the premise,
Can also make some deformation and improvement, these broadly fall into protection scope of the present invention.Therefore, originally
The protection domain of patent of invention should be as the criterion with claims.
Claims (17)
1. third party's account authorization method, it is characterised in that including:
Third party's authorization response step, including: the authorization requests of response third-party application;
Authorization code obtaining step, including: if provided, with the user account bound in advance, then obtain pass
Authorization code in the described user account bound in advance;
Access token obtaining step, including: described authorization code is sent to customer center, from described
Customer center obtains the access token about described authorization code;
User profile obtaining step, including: described access token and user account are sent to service
Device, from described server obtain after described access token is verified about described user account
User profile;
Information readjustment step, including: described user profile is pulled back to described third-party application.
Third party's account authorization method the most according to claim 1, it is characterised in that described
Obtain the authorization code about the described user account bound in advance, specifically include:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close
Authorization code in the described user account bound in advance.
Third party's account authorization method the most according to claim 1, it is characterised in that described
Authorization code obtaining step, also includes: without the user account bound in advance, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key
Login page;
Obtain described server user account and user cipher are verified after returned about institute
State the authorization code of user account, perform access token obtaining step, described user account and described use
Family password is obtained by the reception of described login page by described server.
Third party's account authorization method the most according to claim 1, it is characterised in that described
In access token obtaining step, after obtaining described access token, associate preservation with described user account;
Described third party's authorization response step, specifically includes:
When in response to the authorization requests of third-party application, close with described user account if preserved
The access token that UNPROFOR is deposited, the most directly performs described user profile obtaining step, otherwise performs described
Authorization code obtaining step.
Third party's account authorization method the most according to claim 1, it is characterised in that described
Information readjustment step, specifically includes:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Third party's account authorization method the most according to claim 1, it is characterised in that described
Third party's authorization response step, specifically includes: display authorization page, response is by described authorization page
The authorization requests of the third-party application triggered, described authorization page uses Java based on Android system
Generate, and the display resource of described authorization page is from least one money preserved with Java storehouse form
Source file, and the reflex mechanism of the resource file mark employing Java of each described resource file is from peace
The R file that tall and erect system is provided obtains.
7. third party's account authorization method, it is characterised in that including:
Access token receiving step, including: receive the access token from equipment and user account,
Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with
User account time obtain about the authorization code of the described user account bound in advance, and award described
Weighted code sends to customer center, acquires the visit about described authorization code from described customer center
Ask token;
User profile forwarding step, including: described access token is verified, if described visit
Ask that token authentication passes through, then the user profile about described user account sent to described equipment,
Described user profile is used for pulling back to described third-party application by described equipment.
Third party's account authorization method the most according to claim 7, it is characterised in that also wrap
Include, authorization code forwarding step;
Described authorization code forwarding step, including:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent
Mark and application key, described application identities and described application key are the institute acquired in described equipment
State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in
The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment
Authorization code about described user account.
9. third party's account authorisation device, it is characterised in that including:
Third party's authorization response module, is used for: the authorization requests of response third-party application;
Authorization code acquisition module, is used for: if provided, with the user account bound in advance, then obtain pass
Authorization code in the described user account bound in advance;
Access token acquisition module, is used for: send described authorization code to customer center, from described
Customer center obtains the access token about described authorization code;
User profile acquisition module, is used for: described access token and user account are sent to service
Device, from described server obtain after described access token is verified about described user account
User profile;
Information callback module, is used for: described user profile is pulled back to described third-party application.
Third party's account authorisation device the most according to claim 9, it is characterised in that institute
State and obtain the authorization code about the described user account bound in advance, specifically for:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close
Authorization code in the described user account bound in advance.
11. third party's account authorisation device according to claim 9, it is characterised in that institute
State authorization code acquisition module, be additionally operable to: without the user account bound in advance, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key
Login page;
Obtain described server user account and user cipher are verified after returned about institute
State the authorization code of user account, perform access token acquisition module, described user account and described use
Family password is obtained by the reception of described login page by described server.
12. third party's account authorisation device according to claim 9, it is characterised in that institute
State in access token acquisition module, after obtaining described access token, associate preservation with described user account;
Described third party's authorization response module, specifically for:
When in response to the authorization requests of third-party application, close with described user account if preserved
The access token that UNPROFOR is deposited, the most directly performs described user profile acquisition module, otherwise performs described
Authorization code acquisition module.
13. third party's account authorisation device according to claim 9, it is characterised in that institute
State information callback module, specifically for:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
14. third party's account authorisation device according to claim 9, it is characterised in that institute
State third party's authorization response module, specifically for: display authorization page, response is by described mandate page
The authorization requests of the third-party application that face is triggered, described authorization page uses Java based on Android system
System generates, and the display resource of described authorization page is from least one preserved with Java storehouse form
Resource file, and each described resource file resource file mark use Java reflex mechanism from
The R file that Android system is provided obtains.
15. 1 kinds of third party's account authorization servers, it is characterised in that including:
Access token receiver module, is used for: receive the access token from equipment and user account,
Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with
User account time obtain about the authorization code of the described user account bound in advance, and award described
Weighted code sends to customer center, acquires the visit about described authorization code from described customer center
Ask token;
User profile sending module, is used for: verify described access token, if described visit
Ask that token authentication passes through, then the user profile about described user account sent to described equipment,
Described user profile is used for pulling back to described third-party application by described equipment.
16. third party's account authorization servers according to claim 15, it is characterised in that
Also include, authorization code sending module;
Described authorization code sending module, is used for:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent
Mark and application key, described application identities and described application key are the institute acquired in described equipment
State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in
The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment
Authorization code about described user account.
17. 1 kinds of third party's account authoring systems, including: equipment end and server end;
Described equipment end, including:
Equipment end third party's authorization response module, is used for: the authorization requests of response third-party application;
Equipment end authorization code acquisition module, is used for: if provided, with the user account bound in advance, then
Obtain the authorization code about the described user account bound in advance;
Equipment end access token acquisition module, is used for: send described authorization code to customer center,
The access token about described authorization code is obtained from described customer center;
Equipment end user profile acquisition module, is used for: described access token and user account are sent
To server, obtain the user profile about described user account from described server;
Equipment end information callback module, is used for: described user profile pulls back to described third party should
With;
Described server end, including:
Server end access token receiver module, is used for: receive from equipment access token and
User account;
Server-side user information sending module, is used for: verify described access token, as
The most described access token is verified, then send the user profile about described user account to institute
State equipment.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510694688.2A CN105897668A (en) | 2015-10-22 | 2015-10-22 | Third party account authorization method, device, server and system |
| PCT/CN2016/088564 WO2017067227A1 (en) | 2015-10-22 | 2016-07-05 | Third party account number authorisation method, device, server, and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510694688.2A CN105897668A (en) | 2015-10-22 | 2015-10-22 | Third party account authorization method, device, server and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105897668A true CN105897668A (en) | 2016-08-24 |
Family
ID=57001786
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510694688.2A Pending CN105897668A (en) | 2015-10-22 | 2015-10-22 | Third party account authorization method, device, server and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105897668A (en) |
| WO (1) | WO2017067227A1 (en) |
Cited By (39)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106534072A (en) * | 2016-10-13 | 2017-03-22 | 腾讯科技(深圳)有限公司 | User information authorization method, apparatus, equipment and system |
| CN106790122A (en) * | 2016-12-27 | 2017-05-31 | 努比亚技术有限公司 | A kind of login method when terminal, server and access application |
| CN107147647A (en) * | 2017-05-11 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of webpage authorization method and device |
| CN107277067A (en) * | 2017-08-11 | 2017-10-20 | 四川长虹电器股份有限公司 | Third party system docking calculation based on unitized overall development person's account |
| CN107896227A (en) * | 2017-12-14 | 2018-04-10 | 珠海格力电器股份有限公司 | A kind of data calling method, device and device data cloud platform |
| WO2018068682A1 (en) * | 2016-10-14 | 2018-04-19 | 中国银联股份有限公司 | Intelligent automobile payment system and payment method |
| CN108234401A (en) * | 2016-12-15 | 2018-06-29 | 腾讯科技(深圳)有限公司 | A kind of method and device to operation system mandate |
| CN108347471A (en) * | 2018-01-02 | 2018-07-31 | 武汉斗鱼网络科技有限公司 | Obtain the method, apparatus and system of third party's user information |
| CN108476226A (en) * | 2016-12-22 | 2018-08-31 | 华为技术有限公司 | application program authorization method, terminal and server |
| CN108683648A (en) * | 2018-05-02 | 2018-10-19 | 珠海横琴盛达兆业科技投资有限公司 | A method of based on realizing secure communication by constantly converting identifying code between wechat small routine and server |
| CN109190352A (en) * | 2018-07-03 | 2019-01-11 | 阿里巴巴集团控股有限公司 | A kind of authorization text Accuracy Verification method and apparatus |
| CN109218298A (en) * | 2018-09-04 | 2019-01-15 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | A kind of application data access method and system |
| CN109274726A (en) * | 2018-08-31 | 2019-01-25 | 阿里巴巴集团控股有限公司 | Binding, moving method and device calculate equipment and storage medium |
| CN109388917A (en) * | 2018-10-12 | 2019-02-26 | 彩讯科技股份有限公司 | Method for authenticating, device, equipment and the storage medium of hardware device |
| CN109474600A (en) * | 2018-11-20 | 2019-03-15 | 麒麟合盛网络技术股份有限公司 | A kind of account binding method, system, device and its equipment |
| CN109660487A (en) * | 2017-10-10 | 2019-04-19 | 武汉斗鱼网络科技有限公司 | Authorization method, storage medium, electronic equipment and system based on H5 webpage |
| CN109962911A (en) * | 2019-02-19 | 2019-07-02 | 深圳点猫科技有限公司 | A kind of method and electronic equipment obtaining user information by small routine |
| CN110166461A (en) * | 2019-05-24 | 2019-08-23 | 中国银联股份有限公司 | User's unifying identifier processing method, device, equipment and storage medium |
| CN110336720A (en) * | 2019-06-29 | 2019-10-15 | 华为技术有限公司 | Apparatus control method and equipment |
| CN110414207A (en) * | 2019-07-31 | 2019-11-05 | 咪付(深圳)网络技术有限公司 | APP interface authority control method |
| CN110677248A (en) * | 2019-10-30 | 2020-01-10 | 宁波奥克斯电气股份有限公司 | Safe binding method and system based on narrowband Internet of things |
| CN110856145A (en) * | 2019-10-23 | 2020-02-28 | 杭州博联智能科技股份有限公司 | IOT device and user binding method, device and medium based on near field authentication |
| CN110990796A (en) * | 2019-11-26 | 2020-04-10 | 广州至真信息科技有限公司 | Application processing method and device, application server and storage medium |
| CN111177690A (en) * | 2019-12-31 | 2020-05-19 | 中国工商银行股份有限公司 | Two-dimensional code scanning login method and device |
| CN111193691A (en) * | 2018-11-15 | 2020-05-22 | 中国电信股份有限公司 | Authorization method, system and related equipment |
| CN111193725A (en) * | 2019-12-20 | 2020-05-22 | 北京淇瑀信息科技有限公司 | Configuration-based combined login method and device and computer equipment |
| CN111241555A (en) * | 2019-12-30 | 2020-06-05 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111835677A (en) * | 2019-04-17 | 2020-10-27 | 北京世纪好未来教育科技有限公司 | User information acquisition method and device and computer storage medium |
| CN111861457A (en) * | 2020-06-28 | 2020-10-30 | 中国银联股份有限公司 | Payment token application method, device, system and server |
| CN112738143A (en) * | 2019-10-14 | 2021-04-30 | 华为技术有限公司 | Account number binding method, device and system |
| CN113435898A (en) * | 2021-07-09 | 2021-09-24 | 支付宝(杭州)信息技术有限公司 | Data processing method and system |
| CN113660100A (en) * | 2021-10-21 | 2021-11-16 | 飞天诚信科技股份有限公司 | Method, system and electronic equipment for generating soft token seed |
| CN113766496A (en) * | 2021-08-30 | 2021-12-07 | 青岛海尔科技有限公司 | Cross-platform binding method and system of intelligent equipment and related equipment |
| CN113824618A (en) * | 2021-09-16 | 2021-12-21 | 珠海格力电器股份有限公司 | Cross-platform equipment network distribution method, second party platform and first party platform |
| CN114189362A (en) * | 2021-11-23 | 2022-03-15 | 中国银联股份有限公司 | Account login method, terminal, server, system and medium |
| CN114338224A (en) * | 2022-01-17 | 2022-04-12 | 广东好太太智能家居有限公司 | Intelligent hardware cross-platform control method and system |
| CN115412331A (en) * | 2022-08-25 | 2022-11-29 | 聚好看科技股份有限公司 | Application login method, electronic equipment and server |
| WO2023030014A1 (en) * | 2021-08-31 | 2023-03-09 | 青岛海尔科技有限公司 | Method and system for binding smart device, and related device |
| CN117240608A (en) * | 2023-11-10 | 2023-12-15 | 腾讯科技(深圳)有限公司 | Login authorization method, login authorization device, computer equipment and storage medium |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109474662B (en) * | 2018-09-25 | 2023-04-07 | 中国平安人寿保险股份有限公司 | Product data publishing method and device, computer equipment and storage medium |
| CN112039826B (en) * | 2019-06-03 | 2023-05-30 | 北京京东尚科信息技术有限公司 | Login method and device applied to applet end, electronic equipment and readable medium |
| CN111756753B (en) * | 2020-06-28 | 2022-09-23 | 中国平安财产保险股份有限公司 | Authority verification method and system |
| CN111970298B (en) * | 2020-08-26 | 2024-01-05 | 腾讯科技(深圳)有限公司 | Application access method and device, storage medium and computer equipment |
| CN112464175A (en) * | 2020-11-11 | 2021-03-09 | 中国建设银行股份有限公司 | Script auditing and executing method, system, equipment and storage medium |
| CN114697056A (en) * | 2020-12-28 | 2022-07-01 | 航天信息股份有限公司 | Login method and device of billing system, storage medium and electronic equipment |
| CN112738805B (en) * | 2020-12-30 | 2022-12-06 | 青岛海尔科技有限公司 | Device control method and apparatus, storage medium, and electronic device |
| CN112887298B (en) * | 2021-01-22 | 2022-08-30 | 湖南金鹰卡通传媒有限公司 | Multi-account system management data synchronization method, storage medium and system |
| CN112953965B (en) * | 2021-03-18 | 2022-11-01 | 杭州网易云音乐科技有限公司 | Client login method and system, client, medium and computing device |
| CN113516376A (en) * | 2021-06-23 | 2021-10-19 | 广东博力威科技股份有限公司 | Battery management system and terminal equipment |
| CN113746857B (en) * | 2021-09-09 | 2023-04-18 | 深圳市腾讯网域计算机网络有限公司 | Login method, device, equipment and computer readable storage medium |
| CN114553433B (en) * | 2022-02-15 | 2023-09-08 | 网易(杭州)网络有限公司 | Third party platform access method and device, electronic equipment and medium |
| CN114331402B (en) * | 2022-03-01 | 2022-07-08 | 飞狐信息技术(天津)有限公司 | Cash withdrawal method and device |
| CN114640472A (en) * | 2022-03-22 | 2022-06-17 | 湖南快乐阳光互动娱乐传媒有限公司 | Protected resource data acquisition method and device and unified open platform |
| CN115102711B (en) * | 2022-05-09 | 2024-01-02 | 支付宝(杭州)信息技术有限公司 | Information authorization method, device and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103067381A (en) * | 2012-12-26 | 2013-04-24 | 百度在线网络技术(北京)有限公司 | Third-party service login method, login system and login device by means of platform-party account |
| CN103888451A (en) * | 2014-03-10 | 2014-06-25 | 百度在线网络技术(北京)有限公司 | Method, device and system for certification authorization |
| CN104753672A (en) * | 2013-12-30 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Account authentication method, account authentication device and terminal |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8959347B2 (en) * | 2011-08-29 | 2015-02-17 | Salesforce.Com, Inc. | Methods and systems of data security in browser storage |
| CN104917721B (en) * | 2014-03-10 | 2019-05-07 | 腾讯科技(北京)有限公司 | Authorization method, device and system based on oAuth agreement |
-
2015
- 2015-10-22 CN CN201510694688.2A patent/CN105897668A/en active Pending
-
2016
- 2016-07-05 WO PCT/CN2016/088564 patent/WO2017067227A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103067381A (en) * | 2012-12-26 | 2013-04-24 | 百度在线网络技术(北京)有限公司 | Third-party service login method, login system and login device by means of platform-party account |
| CN104753672A (en) * | 2013-12-30 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Account authentication method, account authentication device and terminal |
| CN103888451A (en) * | 2014-03-10 | 2014-06-25 | 百度在线网络技术(北京)有限公司 | Method, device and system for certification authorization |
Non-Patent Citations (1)
| Title |
|---|
| 勒布兰克: "《社交应用编程》", 30 June 2013 * |
Cited By (65)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106534072A (en) * | 2016-10-13 | 2017-03-22 | 腾讯科技(深圳)有限公司 | User information authorization method, apparatus, equipment and system |
| CN106534072B (en) * | 2016-10-13 | 2019-12-10 | 腾讯科技(深圳)有限公司 | user information authorization method, device, equipment and system |
| WO2018068682A1 (en) * | 2016-10-14 | 2018-04-19 | 中国银联股份有限公司 | Intelligent automobile payment system and payment method |
| CN108234401B (en) * | 2016-12-15 | 2020-09-11 | 腾讯科技(深圳)有限公司 | Method and device for authorizing service system |
| CN108234401A (en) * | 2016-12-15 | 2018-06-29 | 腾讯科技(深圳)有限公司 | A kind of method and device to operation system mandate |
| US11233649B2 (en) | 2016-12-22 | 2022-01-25 | Huawei Technologies Co., Ltd. | Application program authorization method, terminal, and server |
| CN108476226B (en) * | 2016-12-22 | 2021-06-22 | 华为技术有限公司 | Application program authorization method, terminal and server |
| CN108476226A (en) * | 2016-12-22 | 2018-08-31 | 华为技术有限公司 | application program authorization method, terminal and server |
| CN106790122A (en) * | 2016-12-27 | 2017-05-31 | 努比亚技术有限公司 | A kind of login method when terminal, server and access application |
| CN107147647A (en) * | 2017-05-11 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of webpage authorization method and device |
| CN107147647B (en) * | 2017-05-11 | 2021-01-08 | 腾讯科技(深圳)有限公司 | Webpage authorization method and device |
| CN107277067B (en) * | 2017-08-11 | 2020-10-23 | 四川长虹电器股份有限公司 | Third-party system docking method based on unified developer account |
| CN107277067A (en) * | 2017-08-11 | 2017-10-20 | 四川长虹电器股份有限公司 | Third party system docking calculation based on unitized overall development person's account |
| CN109660487A (en) * | 2017-10-10 | 2019-04-19 | 武汉斗鱼网络科技有限公司 | Authorization method, storage medium, electronic equipment and system based on H5 webpage |
| CN107896227A (en) * | 2017-12-14 | 2018-04-10 | 珠海格力电器股份有限公司 | A kind of data calling method, device and device data cloud platform |
| CN108347471A (en) * | 2018-01-02 | 2018-07-31 | 武汉斗鱼网络科技有限公司 | Obtain the method, apparatus and system of third party's user information |
| CN108683648A (en) * | 2018-05-02 | 2018-10-19 | 珠海横琴盛达兆业科技投资有限公司 | A method of based on realizing secure communication by constantly converting identifying code between wechat small routine and server |
| CN109190352A (en) * | 2018-07-03 | 2019-01-11 | 阿里巴巴集团控股有限公司 | A kind of authorization text Accuracy Verification method and apparatus |
| CN109274726B (en) * | 2018-08-31 | 2020-07-07 | 阿里巴巴集团控股有限公司 | Binding method, migration method, binding device, migration device, computing equipment and storage medium |
| CN109274726A (en) * | 2018-08-31 | 2019-01-25 | 阿里巴巴集团控股有限公司 | Binding, moving method and device calculate equipment and storage medium |
| CN109218298A (en) * | 2018-09-04 | 2019-01-15 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | A kind of application data access method and system |
| CN109388917B (en) * | 2018-10-12 | 2022-03-18 | 彩讯科技股份有限公司 | Hardware equipment authentication method, device, equipment and storage medium |
| CN109388917A (en) * | 2018-10-12 | 2019-02-26 | 彩讯科技股份有限公司 | Method for authenticating, device, equipment and the storage medium of hardware device |
| CN111193691A (en) * | 2018-11-15 | 2020-05-22 | 中国电信股份有限公司 | Authorization method, system and related equipment |
| CN109474600B (en) * | 2018-11-20 | 2021-06-18 | 麒麟合盛网络技术股份有限公司 | Account binding method, system, device and equipment |
| CN109474600A (en) * | 2018-11-20 | 2019-03-15 | 麒麟合盛网络技术股份有限公司 | A kind of account binding method, system, device and its equipment |
| CN109962911A (en) * | 2019-02-19 | 2019-07-02 | 深圳点猫科技有限公司 | A kind of method and electronic equipment obtaining user information by small routine |
| CN111835677A (en) * | 2019-04-17 | 2020-10-27 | 北京世纪好未来教育科技有限公司 | User information acquisition method and device and computer storage medium |
| CN111835677B (en) * | 2019-04-17 | 2022-03-22 | 北京世纪好未来教育科技有限公司 | User information acquisition method and device and computer storage medium |
| CN110166461A (en) * | 2019-05-24 | 2019-08-23 | 中国银联股份有限公司 | User's unifying identifier processing method, device, equipment and storage medium |
| CN110166461B (en) * | 2019-05-24 | 2022-09-20 | 中国银联股份有限公司 | User unified identification processing method, device, equipment and storage medium |
| CN110336720B (en) * | 2019-06-29 | 2021-08-20 | 华为技术有限公司 | Equipment control method and equipment |
| CN110336720A (en) * | 2019-06-29 | 2019-10-15 | 华为技术有限公司 | Apparatus control method and equipment |
| CN110414207A (en) * | 2019-07-31 | 2019-11-05 | 咪付(深圳)网络技术有限公司 | APP interface authority control method |
| CN112738143A (en) * | 2019-10-14 | 2021-04-30 | 华为技术有限公司 | Account number binding method, device and system |
| CN112738143B (en) * | 2019-10-14 | 2022-05-10 | 华为技术有限公司 | Account number binding method, device and system |
| CN110856145A (en) * | 2019-10-23 | 2020-02-28 | 杭州博联智能科技股份有限公司 | IOT device and user binding method, device and medium based on near field authentication |
| CN110856145B (en) * | 2019-10-23 | 2023-04-18 | 杭州博联智能科技股份有限公司 | IOT (Internet of things) equipment and user binding method, equipment and medium based on near field authentication |
| CN110677248B (en) * | 2019-10-30 | 2022-09-30 | 宁波奥克斯电气股份有限公司 | Safe binding method and system based on narrowband Internet of things |
| CN110677248A (en) * | 2019-10-30 | 2020-01-10 | 宁波奥克斯电气股份有限公司 | Safe binding method and system based on narrowband Internet of things |
| CN110990796A (en) * | 2019-11-26 | 2020-04-10 | 广州至真信息科技有限公司 | Application processing method and device, application server and storage medium |
| CN111193725B (en) * | 2019-12-20 | 2022-04-05 | 北京淇瑀信息科技有限公司 | Configuration-based combined login method and device and computer equipment |
| CN111193725A (en) * | 2019-12-20 | 2020-05-22 | 北京淇瑀信息科技有限公司 | Configuration-based combined login method and device and computer equipment |
| CN111241555B (en) * | 2019-12-30 | 2022-07-12 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111241555A (en) * | 2019-12-30 | 2020-06-05 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111177690A (en) * | 2019-12-31 | 2020-05-19 | 中国工商银行股份有限公司 | Two-dimensional code scanning login method and device |
| CN111177690B (en) * | 2019-12-31 | 2022-07-05 | 中国工商银行股份有限公司 | Two-dimensional code scanning login method and device |
| CN111861457A (en) * | 2020-06-28 | 2020-10-30 | 中国银联股份有限公司 | Payment token application method, device, system and server |
| WO2022001176A1 (en) * | 2020-06-28 | 2022-01-06 | 中国银联股份有限公司 | Method for applying for payment token, apparatus, system, and server |
| CN111861457B (en) * | 2020-06-28 | 2023-02-21 | 中国银联股份有限公司 | Payment token application method, device, system and server |
| CN113435898A (en) * | 2021-07-09 | 2021-09-24 | 支付宝(杭州)信息技术有限公司 | Data processing method and system |
| CN113435898B (en) * | 2021-07-09 | 2022-06-14 | 支付宝(杭州)信息技术有限公司 | Data processing method and system |
| CN113766496A (en) * | 2021-08-30 | 2021-12-07 | 青岛海尔科技有限公司 | Cross-platform binding method and system of intelligent equipment and related equipment |
| CN113766496B (en) * | 2021-08-30 | 2024-01-26 | 青岛海尔科技有限公司 | Cross-platform binding method and system for intelligent equipment and related equipment |
| WO2023030014A1 (en) * | 2021-08-31 | 2023-03-09 | 青岛海尔科技有限公司 | Method and system for binding smart device, and related device |
| CN113824618A (en) * | 2021-09-16 | 2021-12-21 | 珠海格力电器股份有限公司 | Cross-platform equipment network distribution method, second party platform and first party platform |
| CN113660100A (en) * | 2021-10-21 | 2021-11-16 | 飞天诚信科技股份有限公司 | Method, system and electronic equipment for generating soft token seed |
| CN113660100B (en) * | 2021-10-21 | 2022-01-18 | 飞天诚信科技股份有限公司 | Method, system and electronic equipment for generating soft token seed |
| CN114189362B (en) * | 2021-11-23 | 2023-12-19 | 中国银联股份有限公司 | Account login method, terminal, server, system and medium |
| CN114189362A (en) * | 2021-11-23 | 2022-03-15 | 中国银联股份有限公司 | Account login method, terminal, server, system and medium |
| CN114338224A (en) * | 2022-01-17 | 2022-04-12 | 广东好太太智能家居有限公司 | Intelligent hardware cross-platform control method and system |
| CN114338224B (en) * | 2022-01-17 | 2024-04-12 | 广东好太太智能家居有限公司 | Cross-platform control method and system for intelligent hardware |
| CN115412331A (en) * | 2022-08-25 | 2022-11-29 | 聚好看科技股份有限公司 | Application login method, electronic equipment and server |
| CN117240608A (en) * | 2023-11-10 | 2023-12-15 | 腾讯科技(深圳)有限公司 | Login authorization method, login authorization device, computer equipment and storage medium |
| CN117240608B (en) * | 2023-11-10 | 2024-03-29 | 腾讯科技(深圳)有限公司 | Login authorization method, login authorization device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017067227A1 (en) | 2017-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105897668A (en) | Third party account authorization method, device, server and system | |
| US11206247B2 (en) | System and method for providing controlled application programming interface security | |
| CN111131242B (en) | Authority control method, device and system | |
| CN107018119B (en) | Identity verification system, method and platform | |
| US8719905B2 (en) | Secure and efficient login and transaction authentication using IPhones™ and other smart mobile communication devices | |
| US9548975B2 (en) | Authentication method, authentication system, and service delivery server | |
| US8918853B2 (en) | Method and system for automatic recovery from lost security token on embedded device | |
| US10445487B2 (en) | Methods and apparatus for authentication of joint account login | |
| CN106716960B (en) | User authentication method and system | |
| WO2016188256A1 (en) | Application access authentication method, system, apparatus and terminal | |
| JP2015062129A (en) | Flexible quasi-out-of-band authentication structure | |
| JP2016521899A (en) | Two-factor authentication | |
| CN102281311A (en) | Method, system and device for implementing network service based on open application programming interface | |
| CN106911714B (en) | Mobile application single sign-on method based on interprocess communication for Android device | |
| CN106953831A (en) | A kind of authorization method of user resources, apparatus and system | |
| CN106034134A (en) | Method and device and auxiliary method and device for implementing identity authentication request in webpage application | |
| CN106161475B (en) | Method and device for realizing user authentication | |
| US20220327536A1 (en) | Account binding method and apparatus, computer device, and storage medium | |
| CN105577619B (en) | Client login method, client and system | |
| CN107241329A (en) | Account login process method and device | |
| CN106878244B (en) | Authenticity certification information providing method and device | |
| JP6737532B2 (en) | Authentication method | |
| CN113626840A (en) | Interface authentication method and device, computer equipment and storage medium | |
| CN112968892A (en) | Information verification method, device, computing equipment and medium | |
| CA2844888A1 (en) | System and method of extending a host website |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160824 |