CN107835160A - Third party's user authen method based on Quick Response Code - Google Patents

Third party's user authen method based on Quick Response Code Download PDF

Info

Publication number
CN107835160A
CN107835160A CN201710985290.3A CN201710985290A CN107835160A CN 107835160 A CN107835160 A CN 107835160A CN 201710985290 A CN201710985290 A CN 201710985290A CN 107835160 A CN107835160 A CN 107835160A
Authority
CN
China
Prior art keywords
user
party
quick response
response code
certification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710985290.3A
Other languages
Chinese (zh)
Inventor
蒋晓宁
黄娇卿
陈乐�
陈一乐
吴小川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Gongshang University
Original Assignee
Zhejiang Gongshang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Gongshang University filed Critical Zhejiang Gongshang University
Priority to CN201710985290.3A priority Critical patent/CN107835160A/en
Publication of CN107835160A publication Critical patent/CN107835160A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides a kind of third party's user authen method based on Quick Response Code, and the user authen method includes:All user profile that the third party user corresponds to third-party application are obtained, the user profile identifies including user;The random identification generated according to server end produces Quick Response Code;Quick Response Code is scanned using the third-party application to obtain the user profile that user described in this certification identifies corresponding third party user;When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list to be authenticated to the third party user.The present invention can effectively utilize the user profile between different Mobile solutions.

Description

Third party's user authen method based on Quick Response Code
Technical field
The present invention relates to software technology field, more particularly to a kind of third party's user authen method based on Quick Response Code, one User login method of the kind based on third-party application.
Background technology
With the arrival in mobile Internet epoch, by means of authentication further welcome of mobile terminal, now by two Tie up code log in it is very more applied to actual situation, so the security and uniqueness that are logged on Quick Response Code are just more worth pass Note.In the prior art, the application program species of mobile terminal is various, the user identity for every kind of application program be all it is independent, Cause user frequently to carry out user authentication when using different Mobile solutions to log in user, cause user profile to repeatedly input, Information resources waste.
The content of the invention
The technical problem that technical solution of the present invention solves is how effectively to utilize user's letter between different Mobile solutions Breath.
In order to solve the above-mentioned technical problem, technical solution of the present invention provides a kind of third party user based on Quick Response Code and recognized Card method, including:
All user profile that the third party user corresponds to third-party application are obtained, the user profile is marked including user Know;
The random identification generated according to server end produces Quick Response Code;
Quick Response Code, which is scanned, using the third-party application identifies corresponding third party user to obtain user described in this certification User profile;
When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list with right The third party user is authenticated.
Optionally, all user profile that the acquisition third party user corresponds to third-party application include:
Based on the third-party application application user terminal platform;
Have the right to obtain the 3rd if the third party user uses the user terminal platform in the third-party application The user profile of square user.
Optionally, the user that the acquisition third party user corresponds to third-party application, which identifies, also to be included:Based on described Third-party application interface obtains the user profile that the third party user corresponds to third-party application.
Optionally, the random identification according to caused by server end and the user identify generation Quick Response Code and included:Recognize Random identification and the user identify and produce Quick Response Code according to caused by server end during card.
Optionally, the random identification generated according to server end, which produces Quick Response Code, includes:
Obtain the hyperlink request of the user profile;
Obtain random identification caused by server end and the verified link of the checking random identification and user's mark;
The Quick Response Code is formed based on the hyperlink request, random identification and verified link.
Optionally, the random identification has predetermined timeliness, and the user profile includes:Subscriber information message and user's mark Know, the subscriber information message comprises at least one kind in following information:The pet name, head portrait, sex, address, authority.
Optionally, the user of user profile acquired in when the random identification is effective, which identifies, inquires about legal use Family list to the third party user to be authenticated including:
The user that the random identification and this certification obtain is identified and bound, the random identification should for the third party With message subject of the subscription about certification;
The successful message of certification is uploaded to server end if user mark is present in the validated user list, otherwise The message of authentification failure is uploaded to server end.
Optionally, the user of user profile acquired in when the random identification is effective, which identifies, inquires about legal use Family list to the third party user to be authenticated including:
The user that the random identification and this certification obtain is identified and bound, the random identification should for the third party With message subject of the subscription about certification;
Continue to identify inquiry the described 3rd based on the user if user mark is present in the validated user list The logging status of square user;
If the logging status of the third party user is is not logged in, the upload successful message of certification to server end, otherwise The message of authentification failure is uploaded to server end.
Optionally, third party's user authen method based on Quick Response Code also includes:
The third party user is grouped with described in formation based on acquired all user profile and user's mark Validated user list.
In order to solve the above-mentioned technical problem, technical solution of the present invention additionally provides a kind of user based on third-party application and stepped on Recording method, including:
Logging request based on user's input produces Quick Response Code, Quick Response Code random identification according to caused by server end Produce, the Quick Response Code has the link that request accesses the third-party application user profile;
The Quick Response Code, which is scanned, using the third-party application identifies corresponding third party to obtain user described in this certification The user profile of user;
When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list with right The third party user is authenticated;
User profile of the user based on the third party user is logged in if certification success.
The beneficial effect of technical solution of the present invention comprises at least:
Technical solution of the present invention can utilize the user profile of third-party application, and generate Quick Response Code in client, use The barcode scanning function of third-party application, the 2 D code information of client is identified, judge that the third party uses by server end checking Whether family is validated user, so as to realize user authentication and user's login, energy that client is carried out based on third party's user profile The enough user profile effectively utilized between different Mobile solutions, realizes certification and login based on same subscriber information between apply more, Be greatly saved user it is more using when using user authentication and time for logging in, improve user profile use it is consistent Property and high efficiency.
Technical solution of the present invention can further improve client and be based on third-party application progress Quick Response Code login security And versatility, third-party application obtain user profile by scanning Quick Response Code, client request third-party application is based on third party User, which authorizes, to be logged in, and after third party user authorizes, the temporary receipt of third-party application mandate is used to third party user, third party Family obtains interface authority by temporary receipt and key, is opened in the 2 D code information of technical solution of the present invention comprising wechat flat Platform, server address, the unique mark of third party user, the special identifier symbol of Quick Response Code, based on the above, it may differ from existing The conventional two-dimensional code for having technology logs in content, by scanning Quick Response Code and licensing function, effectively improves testing for user profile The validity of card process, and improve the general popularity used.In the alternative of technical solution of the present invention, server End is also grouped to all third party users, to improve the degree of accuracy of user's identification.
In order to strengthen the security of the present invention, technical solution of the present invention also sets client to show two dimension by random identification Code exists ageing, and after a period of time, scanning Quick Response Code can be prompted Quick Response Code and fail, so as to cause login failure.This hair Bright technical scheme is searched in server end according to the unique mark of obtained third party user and judges whether this user is being allowed to In the user's group of login.Technical solution of the present invention also by setting checking user to identify the logging status of corresponding user, ensures one Although individual third party user can be suitably used for logging in a variety of clients simultaneously, but same client can only log in one.
The process of the Quick Response Code record information handled by technical solution of the present invention, to obtain in Quick Response Code record information The unique mark (i.e. described user's mark) of tripartite user and the special identifier symbol (i.e. described random identification) of Quick Response Code, them Two are bundled, and so as to which random identification is set as into third-party application subscription and the theme that gives out information, is realized certification and are logged in feelings The instant issue of condition is linked up.
Brief description of the drawings
The detailed description made by reading with reference to the following drawings to non-limiting example, other features of the invention, Objects and advantages will become more apparent upon:
A kind of third party's user authen method flow based on Quick Response Code that Fig. 1 is provided by technical solution of the present invention is illustrated Figure;
A kind of third party's user login method flow based on Quick Response Code that Fig. 2 is provided by technical solution of the present invention is illustrated Figure;
Fig. 3 is by a kind of third party's user authentication based on Quick Response Code that technical solution of the present invention provides and login method stream Journey schematic diagram;
Fig. 4 is that technical solution of the present invention realizes the concrete application process schematic that Quick Response Code third party safety certification logs in;
Fig. 5 is the concrete application process schematic of technical solution of the present invention server-side certificate after barcode scanning.
Embodiment
The mode that barcode scanning logs in the prior art is all very single and more independent, between different user information Verification process is all independent:
In user's barcode scanning logs in computer client practical application, two kinds of situations are primarily present at this stage:
For example the mobile phone app registered users of a street net can be with the street net of barcode scanning log-on webpage version, such case The certification and login of user profile are carried out inside application program, is not related to the certification and login of the user profile of applications;
Or a wechat app registered user can log in wechat client with barcode scanning;Wechat user can be logged in barcode scanning to be appointed The client of meaning, but whether it is a legal wechat user without certification that this client simply have authenticated barcode scanning user Whether the wechat user is allowed to log in this client, any wechat scanning input Quick Response Code, and does not have and identify this wechat Whether user is this website or the validated user of this client, in this case, user profile and its information between Verification process is separate, in the absence of any step flow for being mutually used in verification process.
Above-mentioned two situations generally existing, lack flexibility, security, potential safety hazard be present.
Technical solution of the present invention provides following examples, and relate to one kind can be based on third party user and its user profile The scheme of client user's certification and login is carried out, the mutual utilization of user profile between application program can be achieved, realizes that user believes Cease the user authentication between application program.
In order to preferably make technical scheme clearly show, the present invention is made below in conjunction with the accompanying drawings into one Walk explanation.
The specific embodiment of the present invention is illustrated below in conjunction with accompanying drawing.
Embodiment one
A kind of third party's user authen method based on Quick Response Code as shown in Figure 1, comprises the following steps:
Step S100, obtain all user profile that the third party user corresponds to third-party application, the user profile Identified including user;
Step S101, the random identification generated according to server end produce Quick Response Code;
Step S102, Quick Response Code is scanned using the third-party application to obtain described in this certification user and identifies corresponding the The user profile of tripartite user;
Step S103, when the random identification is effective, the user of user profile acquired in identifies inquiry validated user List to the third party user to be authenticated.
According to step S100, all user profile that the acquisition third party user corresponds to third-party application include:
Based on the third-party application application user terminal platform;
Have the right to obtain the 3rd if the third party user uses the user terminal platform in the third-party application The user profile of square user.
More specifically, above-mentioned steps S100 also includes:The third party is obtained based on the third-party application interface to use Family corresponds to the user profile of third-party application.Wherein described third-party application interface is based on user in the third-party application and held level with both hands What platform was carried out.
In the present embodiment, the user terminal may act as the client that user will actually log in.The client It is mobile terminal or the computer end of this application with user terminal.
According to step S101, the random identification according to caused by server end and the user identify and produce Quick Response Code bag Include:Random identification and the user identify and produce Quick Response Code according to caused by server end during certification.
According to step S101, the random identification generated according to server end, which produces Quick Response Code, to be included:
Obtain the hyperlink request of the user profile;
Obtain random identification caused by server end and the verified link of the checking random identification and user's mark;
The Quick Response Code is formed based on the hyperlink request, random identification and verified link.
According to step S102, the random identification has predetermined timeliness, and the user profile includes:Subscriber information message and User identifies, and the subscriber information message comprises at least one kind in following information:The pet name, head portrait, sex, address, authority.
According to step S103, the user of user profile acquired in when the random identification is effective identifies inquiry Validated user list to the third party user to be authenticated including:
The user that the random identification and this certification obtain is identified and bound, the random identification should for the third party With message subject of the subscription about certification;
The successful message of certification is uploaded to server end if user mark is present in the validated user list, otherwise The message of authentification failure is uploaded to server end.
It is described that other packet step acquisition, i.e. root can be passed through based on validated user list in above-mentioned process step The third party user is grouped according to acquired all user profile and user's mark to form the validated user row Table.
Being grouped step can use other flow to perform, and can also carry out performing simultaneously in above-mentioned steps S100.
In addition to realizing step S103 using above-mentioned implementing procedure, further detection certification user can also be increased and log in visitor The detection of family end uniqueness, to ensure that a user can only be logged in a client, it is ensured that the security of login with only One property, therefore, in other embodiments, according to step S03, described when the random identification is effective, user believes acquired in The user of breath identifies inquiry validated user list to be authenticated that following identifying procedure can also be included to the third party user:
The user that the random identification and this certification obtain is identified and bound, the random identification should for the third party With message subject of the subscription about certification;
Continue to identify inquiry the described 3rd based on the user if user mark is present in the validated user list The logging status of square user;
If the logging status of the third party user is is not logged in, the upload successful message of certification to server end, otherwise The message of authentification failure is uploaded to server end.
Above-mentioned massage pattern can use MQTT (Message Queuing Telemetry Transport, message queue Remote measurement is transmitted) agreement is transmitted, and the random identification can use UUID (Universally Unique Identifier, to lead to With unique identifier) to realize, user's mark can use OPENID (the digital identity identification framework of customer-centric) real It is existing.
Embodiment two
A kind of user login method based on third-party application as shown in Figure 2, comprises the following steps flow:
Step S200, the logging request based on user's input produce Quick Response Code, and the Quick Response Code produces according to server end Random identification produce, the Quick Response Code has the link that request accesses the third-party application user profile;
Step S201, the Quick Response Code is scanned using the third-party application to obtain user's mark pair described in this certification Answer the user profile of third party user;
Step S202, when the random identification is effective, the user of user profile acquired in identifies inquiry validated user List to the third party user to be authenticated;
Step S203, user profile of the user based on the third party user is logged in if certification success.
The specific implementation process of the related procedure step of the present embodiment refers to embodiment one, and here is omitted.
Embodiment three
A kind of user authen method based on third-party application as shown in Figure 3, shown third-party application is wechat program, It is based on wechat scanning and is authenticated, and to realize that user logs in, comprises the following steps flow:
Step S300, client is opened, using webservice connection servers end, before making server end and client Passage open.
Step S301, connected server produce a unique random number (random mark i.e. in above-described embodiment Know), and client is passed to, this is the special identifier symbol as Quick Response Code.
Step S302, client is using obtained special identifier symbol, plus server end address, wechat open platform A unique Quick Response Code is generated, is shown in customer terminal webpage.
Step S303, mobile wechat user, which opens to sweep, to be swept, and is parsed two-dimentional digital content, is obtained the letter that Quick Response Code is included Breath, including the special identifier symbol write in Quick Response Code, the wechat end subscriber information obtained according to wechat open platform, while again Connect the passage with server end.
Step S304, user profile and the special identifier symbol got is bundled, judged using server end, if To log in the validated user of client.
Step S305, in spite of success, the result information is transmitted by MQTT, based on special identifier symbol Topic, the result are the message that content uploading is the theme to MQTT servers, client subscription special identifier symbol, obtain the master The content of topic, judges whether the wechat user logins successfully in client, if client logins successfully, institute is functional to be opened Open, wechat end, which is shown, logins successfully the page, if failure, client and wechat end are prompted login failure simultaneously.
According to above-mentioned process step, wherein sending logging request connection server simultaneously, the content that Quick Response Code is parsed will Verified in server.Verification process comprises the following steps flow:
Step P1:Firstly the need of ensureing that Quick Response Code is effective, there is life in the special identifier symbol included in Quick Response Code In the cycle, it can be set according to requirement of each client to security, it is special in certain life cycle such as after 30s Identifier can fail, and so directly result in Quick Response Code failure, when wechat user sweeps Quick Response Code, can be prompted Quick Response Code failure, That is client login failure.
Step P2:If Quick Response Code is effective, then the special identifier symbol in 2 D code information, the generation Quick Response Code letter Breath, it is specially:The special random identifier of the server generation, is formed according to special identifier symbol and server address 2 D code information;The unique mark of barcode scanning user is obtained according to the 2 D code information, can be with according to the unique mark of user Judge this user whether in the queue for allowing to log in.
Step P3:According to the method for the present embodiment, the relation that each client is logged between wechat user is one-to-one , i.e., a WeChat ID can only log in a client, and according to described wechat user profile, we can look in server end To whether this wechat user has client login elsewhere, if so, then login failure;If no, logining successfully, Simultaneously the logging status of this user is set to log in, logined successfully, while the institute for opening client is functional.
If in the present embodiment, client logins successfully in step S305, can according to the unique mark of wechat user profile The user is found in server, logging status is arranged to log in
When closing client, client connection server end, according to unique mark (the i.e. above-mentioned reality of wechat user profile Apply user's mark in example), the user is found in server, logging status is arranged to be not logged in.
In technical solution of the present invention, due to special identifier symbol is added in Quick Response Code by above-described embodiment;This Be present fixed life cycle in identifier, will be failed within the specific time, so as to cause Quick Response Code to fail, to a certain degree On protect client log in security.In addition, technical solution of the present invention also adds block of state in the client, i.e., pair Whether the logging status in this client identifies the detection for carrying out logging status, energy by above-mentioned user profile and user to user Enough avoid multiple client while logged in using an account certification, ensure the security and login account and client of client Man-to-man relation before.
Application examples
Fig. 4 is that technical solution of the present invention realizes the concrete application process that Quick Response Code third party safety certification logs in.
The application examples realizes the Quick Response Code of mobile terminal third-party application scanning computer client, is obtained by wechat open platform The unique mark of third party user is taken, does not let off any possibility illegally logged in, computer client is logged in by authentication Process.
Above-mentioned represented third party user refers to wechat user in an application of the invention.
Above-mentioned represented wechat end refers to the wechat application of the mobile terminals such as mobile phone, flat board, and support, which is swept, sweeps function.
This specific implementation method is the interface opened based on wechat, can help to obtain unique mark of the wechat user of barcode scanning Know.
Above-mentioned embodiment is that two-dimentional code authentication is logged in be applied in the client of a processing infrared thermal imagery.
Wechat public platform exploitation refers to carry out business development for wechat public number, is Mobile solution, PC ends website, the public The exploitation of number third-party platform (public number network operator provides service for all trades and professions), wechat open platform please be go to access, tool Body includes following application flow:
Apply for a wechat certification public number;
The access of wechat public number micro- is held up into system;
In wechat public platform access server domain name;
Above-mentioned client, the service of connection server end are opened, server end produces random number UUID.
Client produces the composition of Quick Response Code, wherein Quick Response Code, refers to following example:
http://open.weixin.qq.com/connect/auth2.0/authorizeAppid=XX&red Irect_uri=http:// server authentication address/"+UUID+ ”s &reponse_type=code&scope=snsapi_ Userinfo&stat=0#wechat_redict.
Wechat scanning input Quick Response Code, initiate to obtain user information request to wechat open platform, if having focused on wechat public affairs Many numbers, it may appear that the user profile of acquisition whether is authorized, if being not concerned with that concern WeChat ID occurs and authorizing acquisition user's letter Breath, above-mentioned user profile, which includes, obtains OPENID (relative to the unique mark of each user of each public number) and user's money Expect (pet name, head portrait, state, province, city, sex, authority);
Wechat client barcode scanning simultaneously, connection server end authentication mechanism;
It is micro- to hold up from the background it can be seen that they are divided into packet, represented respectively by all users for paying close attention to this wechat public number Log in the validated user of client and illegal user.
Fig. 5 is the concrete application process of technical solution of the present invention server-side certificate after barcode scanning.
Server end checking mainly includes three aspects, with reference to Fig. 5, is specially:
1. judge whether UUID is expired, if expired, then directly the login failure page occur in public number, client is not Do any response.
2. if UUID is not expired, then binds OPENID and UUID, according to the above-mentioned user profile got, especially It is OPENID, judges this OPENID whether in the list of legal login user in server end, if not if, server end Theme using UUID as MQTT, 0 is content uploading to server, while wechat public number shows login failure.
3. if UUID does not have expired, OPENID searches this OPENID in the list of legal login user, by OPENID Logging status, if theme of the login service device end using UUID as MQTT, 0 be content uploading arrive server, while wechat public affairs Many numbers display login failures;If being not logged in, the theme using UUID as MQTT, 1 is content uploading to server.
The message that client subscription theme is UUID, once server end has the content uploading of identical theme, it is possible to quilt Client receives, and client judges whether to login successfully according to the content of reception, if it is 1 to receive content, client log in into Work(, logs in the pet name of entitled wechat user, while sends messages to server, and logging status corresponding to this UUID is to have logged in.
Connection server end while closing client, logging status corresponding to this UUID are to be not logged in.
The specific embodiment of the present invention is described above.It is to be appreciated that the invention is not limited in above-mentioned Particular implementation, those skilled in the art can make various deformations or amendments within the scope of the claims, this not shadow Ring the substantive content of the present invention.

Claims (10)

  1. A kind of 1. third party's user authen method based on Quick Response Code, it is characterised in that including:
    All user profile that the third party user corresponds to third-party application are obtained, the user profile identifies including user;
    The random identification generated according to server end produces Quick Response Code;
    Quick Response Code is scanned using the third-party application to obtain the use that user described in this certification identifies corresponding third party user Family information;
    When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list with to described Third party user is authenticated.
  2. 2. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described to obtain described the All user profile that tripartite user corresponds to third-party application include:
    Based on the third-party application application user terminal platform;
    Have the right to obtain third party use if the third party user uses the user terminal platform in the third-party application The user profile at family.
  3. 3. third party's user authen method based on Quick Response Code as claimed in claim 1 or 2, it is characterised in that the acquisition institute State third party user correspond to third-party application user mark also include:The described 3rd is obtained based on the third-party application interface Square user corresponds to the user profile of third-party application.
  4. 4. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described according to server Random identification caused by end and the user, which identify generation Quick Response Code, to be included:During certification according to caused by server end random identification And the user identifies and produces Quick Response Code.
  5. It is described to be generated according to server end 5. third party's user authen method based on Quick Response Code as described in claim 1 or 4 Random identification, which produces Quick Response Code, to be included:
    Obtain the hyperlink request of the user profile;
    Obtain random identification caused by server end and the verified link of the checking random identification and user's mark;
    The Quick Response Code is formed based on the hyperlink request, random identification and verified link.
  6. 6. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that the random identification tool There is predetermined timeliness, the user profile includes:Subscriber information message and user's mark, the subscriber information message comprise at least such as One kind in lower information:The pet name, head portrait, sex, address, authority.
  7. 7. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described described random The user of user profile acquired in identifies inquiry validated user list to be carried out to the third party user when identifying effective Certification includes:
    The user that the random identification and this certification obtain is identified and bound, the random identification is that the third-party application is ordered Read the message subject about certification;
    The successful message of certification is uploaded to server end if user mark is present in the validated user list, is otherwise uploaded The message of authentification failure is to server end.
  8. 8. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described described random The user of user profile acquired in identifies inquiry validated user list to be carried out to the third party user when identifying effective Certification includes:
    The user that the random identification and this certification obtain is identified and bound, the random identification is that the third-party application is ordered Read the message subject about certification;
    Continue to identify based on the user if user mark is present in the validated user list and inquire about third party's use The logging status at family;
    If the logging status of the third party user uploads the successful message of certification to server end, otherwise uploaded to be not logged in The message of authentification failure is to server end.
  9. 9. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that also include:
    It is described legal to be formed that the third party user is grouped based on acquired all user profile and user's mark User list.
  10. A kind of 10. user login method based on third-party application, it is characterised in that including:
    Logging request based on user's input produces Quick Response Code, and Quick Response Code random identification according to caused by server end is produced Raw, the Quick Response Code has the link that request accesses the third-party application user profile;
    The Quick Response Code, which is scanned, using the third-party application identifies corresponding third party user to obtain user described in this certification User profile;
    When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list with to described Third party user is authenticated;
    User profile of the user based on the third party user is logged in if certification success.
CN201710985290.3A 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code Pending CN107835160A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710985290.3A CN107835160A (en) 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710985290.3A CN107835160A (en) 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code

Publications (1)

Publication Number Publication Date
CN107835160A true CN107835160A (en) 2018-03-23

Family

ID=61648652

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710985290.3A Pending CN107835160A (en) 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code

Country Status (1)

Country Link
CN (1) CN107835160A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109902472A (en) * 2019-02-25 2019-06-18 山东浪潮通软信息科技有限公司 A method of personal information certification is extracted based on two dimensional code and wechat small routine
CN110119611A (en) * 2019-06-06 2019-08-13 宜春宜联科技有限公司 Login method, system and equipment
CN110298421A (en) * 2019-06-26 2019-10-01 云宝宝大数据产业发展有限责任公司 A kind of online generation, offline generation and the verification method and device of two dimensional code
WO2019218747A1 (en) * 2018-05-16 2019-11-21 阿里巴巴集团控股有限公司 Third party authorized login method and system
CN111193718A (en) * 2019-12-13 2020-05-22 航天信息股份有限公司 Safe login method and system based on third party authorization
CN113505249A (en) * 2021-04-29 2021-10-15 武汉北大高科软件股份有限公司 Method and device for binding information and data evidence
CN115422228A (en) * 2022-11-03 2022-12-02 四川蜀天信息技术有限公司 Account package management system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075864A (en) * 2007-07-16 2007-11-21 腾讯科技(深圳)有限公司 Method for synchronizing and processing data, customer terminal equipment and servo
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
US20160004855A1 (en) * 2014-07-03 2016-01-07 Alibaba Group Holding Limited Login using two-dimensional code

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075864A (en) * 2007-07-16 2007-11-21 腾讯科技(深圳)有限公司 Method for synchronizing and processing data, customer terminal equipment and servo
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
US20160004855A1 (en) * 2014-07-03 2016-01-07 Alibaba Group Holding Limited Login using two-dimensional code

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
伍华聪: "C#开发微信门户及应用(41)--基于微信开放平台的扫码登录处理", 《HTTPS://WWW.CNBLOGS.COM/WUHUACONG/P/5583389.HTML》 *
大圣非大圣: "扫码登录", 《HTTP://BLOG.CSDN.NET/JINGLIUSHENG/ARTICLE》 *
郭利敏等: "微信二维码用于图书馆读者身份认证的实践", 《现代图书情报技术》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019218747A1 (en) * 2018-05-16 2019-11-21 阿里巴巴集团控股有限公司 Third party authorized login method and system
TWI706265B (en) * 2018-05-16 2020-10-01 香港商阿里巴巴集團服務有限公司 Third-party authorized login method and system
CN109902472A (en) * 2019-02-25 2019-06-18 山东浪潮通软信息科技有限公司 A method of personal information certification is extracted based on two dimensional code and wechat small routine
CN110119611A (en) * 2019-06-06 2019-08-13 宜春宜联科技有限公司 Login method, system and equipment
CN110298421A (en) * 2019-06-26 2019-10-01 云宝宝大数据产业发展有限责任公司 A kind of online generation, offline generation and the verification method and device of two dimensional code
CN110298421B (en) * 2019-06-26 2023-11-03 云宝宝大数据产业发展有限责任公司 Online generation, offline generation and verification method and device for two-dimensional code
CN111193718A (en) * 2019-12-13 2020-05-22 航天信息股份有限公司 Safe login method and system based on third party authorization
CN113505249A (en) * 2021-04-29 2021-10-15 武汉北大高科软件股份有限公司 Method and device for binding information and data evidence
CN115422228A (en) * 2022-11-03 2022-12-02 四川蜀天信息技术有限公司 Account package management system
CN115422228B (en) * 2022-11-03 2023-01-03 四川蜀天信息技术有限公司 Account package management system

Similar Documents

Publication Publication Date Title
CN107835160A (en) Third party's user authen method based on Quick Response Code
CN105337949B (en) A kind of SSO authentication method, web server, authentication center and token verify center
CN105025041B (en) The methods, devices and systems that file uploads
CN105515783B (en) Identity identifying method, server and certification terminal
WO2017028804A1 (en) Web real-time communication platform authentication and access method and device
CN105871838B (en) A kind of log-in control method and customer center platform of third party's account
CN104901970B (en) A kind of Quick Response Code login method, server and system
CN105472052B (en) Cross-domain server login method and system
CN109618341A (en) A kind of digital signature authentication method, system, device and storage medium
CN114679293A (en) Access control method, device and storage medium based on zero trust security
CN105099707B (en) A kind of offline authentication method, server and system
WO2016173199A1 (en) Mobile application single sign-on method and device
CN107733861A (en) It is a kind of based on enterprise-level intranet and extranet environment without password login implementation method
CN104468531A (en) Authorization method, device and system for sensitive data
CN107070945A (en) Identity logs method and apparatus
CN104113549A (en) Platform authorization method, platform server side, application client side and system
CN104113552A (en) Platform authorization method, platform server side, application client side and system
CN104348777A (en) Method and system for controlling access of mobile terminal to third party server
CN106911684B (en) Authentication method and system
CN104113551A (en) Platform authorization method, platform server side, application client side and system
CN107016074B (en) Webpage loading method and device
CN104158802A (en) Platform authorization method, platform service side, application client side and system
CN105162604B (en) A kind of verification method, server and system based on characteristic image identification
CN105162773B (en) A kind of convenient login method of Web system based on mobile terminal
CN105162775A (en) Logging method and device of virtual machine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180323

RJ01 Rejection of invention patent application after publication