Specific implementation mode
Downloaded data, works of the general PC as user's routine office work are consulted since user often accesses website up in PC
Tool, especially as common PC, the sensitive information of third party's account and password as user oneself can't be grown on PC
Phase makes the third party's account of oneself be online, and third party's account can be Alipay account, QQ accounts, wechat account here
Number, microblog account etc., the third party's account of oneself can be just logged in when only in need.So being authorized to when user accesses some
When website needs to log in, third party's account is selected to log in, needs to jump to third party website and log in the third party's account of oneself
Number and password authorized, then jumping back to this be authorized to website, at this moment this be authorized to website show user logged in.It is right
For user, operating process is comparatively laborious, reduces the experience of user.
In view of the above problems, this specification embodiment provides the following technical solutions:
When authorized website monitors third party's account register triggering of user, it is authorized to website generation and third
The corresponding Quick Response Code of square account, and show the Quick Response Code to user, user is using third party's client scan Quick Response Code, and really
After recognizing mandate, authorized website can show that user has logged in.
As user private tool, such as mobile phone, tablet used in everyday etc., user can install respectively terminal in terminal
Third party's client of kind various kinds, such as QQ clients, wechat client, Alipay client, use above-mentioned institute for convenience
The third party's client said, user can be such that the third party's account of oneself is online for a long time, for a user, only
The two-dimensional code scanning function that third party's client carries in using terminal is needed, goes to scan the Quick Response Code that authorized website is shown,
And authorized website can be logged in after confirming mandate.The operating process for thereby simplifying user improves the experience of user.
In the embodiment of this specification, third party authorize log in flow be related to third client, third party's service end,
Be authorized to website, third party's client can be mounted in the application program in terminal, as Alipay client, QQ clients,
Wechat client, microblogging client etc., authorized website can be the current arbitrary website for supporting third party's account to log in, such as new
The websites such as unrestrained microblogging, Taobao, Baidu, third party's service end can be the forms of a specific server or server cluster,
Third client can be communicated with third party's service end, third party's service end with authorized website by various forms of real-time performances
Connection, this specification are not construed as limiting this.
In order to make those skilled in the art more fully understand the technical solution in this specification embodiment, below in conjunction with this
Attached drawing in specification embodiment is described in detail the technical solution in this specification embodiment, it is clear that described
Embodiment is only a part of the embodiment of this specification, instead of all the embodiments.The embodiment of base in this manual,
The every other embodiment that those of ordinary skill in the art are obtained, should all belong to the range of protection.
This specification embodiment is authorized to website by showing Quick Response Code to user, is stepped on for scanning input Quick Response Code mandate
Record, the technical solution that specific this specification embodiment provides are as follows:
As shown in Figure 1, authorizing the interaction schematic diagram of login method, this method for the third party that this specification embodiment provides
It may comprise steps of:
S101 is authorized to website and generates when authorized website monitors third party's account register triggering of user
Quick Response Code corresponding with third party's account;
Currently authorized website is to reduce the user being lost in by registration, gradually support user using third party's account into
Row log in, it is meant that be authorized to website allow user need not register account number, can be logged in using third party's account.Here
Tripartite's account can be QQ accounts as stated above, wechat account, Alipay account, microblog account etc., and user is logging in
When being authorized to website, any one can be selected to be authorized to third party's account that website is supported and logged in.When user's selection the
When tripartite's account logs in authorized website, authorized website can generate the URL for obtaining authorization code according to oAuth agreements, and
The URL is generated into Quick Response Code corresponding with the selected third party's account of user.
Here oAuth agreements provide safety, open and easy standard for the mandate of user resources.With with
Past authorization the difference is that will not make is authorized to the account information that website touches user, for example, the account of user and
Password, that is, being authorized to website can apply for obtaining the mandate of the user resources without using the account and password of user.
As an example, when user selects Alipay account to log in the forum website of current accessed, forum website will
URL is generated according to oAuth agreements, and the URL is generated into Quick Response Code, the Quick Response Code and the selected Alipay account pair of user
It answers.
S102 is authorized to website and shows the Quick Response Code to user;
Be authorized to website generate the corresponding Quick Response Code of selected third party's account when logging in authorized website with user it
Afterwards, it needs to show the Quick Response Code to user, wherein showing that there are many kinds of the realization methods of the Quick Response Code, this specification is real to user
It applies example and a kind of realization method is provided, it is notable that this specification embodiment is only to do to show to one of which realization method
Example property explanation, be not limit how to user show Quick Response Code.
One of which shows that the realization method of Quick Response Code is to user:It is authorized to website in generation and user's login to be authorized to
When website after the corresponding Quick Response Code of selected third party's account, the Quick Response Code is showed into user in the form of dialog box,
A dialog box that can be optionally stretched is popped up in current page, the Quick Response Code is in the dialog box middle position, as shown in Figure 2.
Particularly can be that life cycle is arranged in the dialog box, after some time has elapsed, which can disappear automatically.
S103, when the two-dimensional code scanning of third party's client monitors to user operates triggering, the identification of third party's client
The Quick Response Code prompts the user whether to authorize;
User is carried after seeing authorized website displaying Quick Response Code using the third party's client installed in terminal
Scanning function scans the Quick Response Code, and the two-dimensional code scanning operation triggering of third party's client monitors to user identifies and is authorized to net
The Quick Response Code shown of standing prompts the user whether to authorize after identification Quick Response Code success.As an example, user utilizes mobile phone
The Quick Response Code for the scanning function scanning forum website displaying that the Alipay client of upper installation carries, Alipay client monitors arrive
The two-dimensional code scanning operation triggering of user, can identify the Quick Response Code in Current Scan region, user can be prompted after identifying successfully
Whether authorize.
Special, the Quick Response Code due to being authorized to website generation logs in selected third party when being authorized to website with user
Account corresponds to, and user can select corresponding third party's client to go to scan the Quick Response Code, inevitably, user under normal circumstances
It is possible that other third party's clients go to scan the Quick Response Code in using terminal.For this special circumstances, this specification is real
The URL for generating the Quick Response Code can be shown by applying example on the subscriber terminal, but can't prompt the user whether to authorize, and can not also be continued
Follow-up process.As an example, user selects Alipay account to log in forum website, and forum website generates and Alipay account
Corresponding Quick Response Code, user can select the Alipay client in terminal to go to scan the Quick Response Code under normal circumstances, but user has
The wechat client in terminal may be selected to go to scan the Quick Response Code, will be shown on corresponding user terminal and generate the Quick Response Code
URL, can't prompt the user whether to authorize, except non-user gravity treatment selection terminal on Alipay client go scanning two dimension
Otherwise code means that third party authorizes login failure.
S104, when third party's client monitors to user license confirmation operate triggering when, third party's service end with awarded
Power carries out third party's authorization identifying between website;
User is after using the success of third party's client scan Quick Response Code, and confirmation is authorized to being authorized to website,
Third party's client sends identified two dimension to third party's service end when monitoring above-mentioned user's license confirmation operation triggering
Code information, after receiving identified 2 D code information, progress third party awards between third party's service end and authorized website
Weigh certification.
After user confirms to being authorized to website mandate, third party's client sends identified two to third party's service end
Code information is tieed up, which includes but not limited to loopback address information.
Third party's client to third party's service end in addition to sending 2 D code information, it is also necessary to send other message.Example
Such as, it on the one hand needs to send user to third party's service end and confirms authorization message, user's license confirmation information is for informing the
Tripartite services end subscriber and has been acknowledged mandate, can carry out third party's authorization identifying with authorized website;On the other hand need to
Third party's service end sends the information such as third party's client identification and the user account currently logged in third party's client,
In order to subsequently be authorized to website when asking user information, the corresponding user information of the user account is returned at third party's service end
Back to authorized website.As an example, Alipay client is logged in by self ID and currently in Alipay client
Alipay account is sent to Alipay server-side, so that forum website is when asking user information, which is corresponded to
User information return to forum website.
Third party's authorization identifying is carried out between third party's service end and authorized website, detailed process was as shown in figure 3, should
Third party's authorization identifying flow may comprise steps of:
Step S104a, after receiving identified 2 D code information, according to the readjustment carried on the Quick Response Code identified
The authorization code of generation is sent to authorized website by address information, third party's service end;
Third party's service end can be authorized according to the loopback address information carried on Quick Response Code, the loopback address information
The authorization code of generation is sent to authorized website by the IP address information of website.The authorization code that third party's service end generates has
The term of validity of certain time, within the effective time, for the authority checking to being authorized to website, it is meant that in the effective time
Interior authorized website needs to be verified to third party's service end using the authorization code, and authorization token is obtained after being verified,
Authorization token can be as a kind of voucher authorized to being authorized to website later.The authorization code can be Any Digit and/or word
The combination of symbol, length are not construed as limiting.
As an example, the authorization code of generation is sent to forum's net by Alipay server-side according to loopback address information
It stands, which is as0123, and the term of validity of the authorization code is 1 minute.
Step S104b, authorized website receives the authorization code, and the authorization code by being received is sent out to third party's service end
Send the request for obtaining authorization token;
Due to authorization code as to be authorized to website authorize a kind of verification, be authorized to website receive authorization code it
Afterwards, it goes to obtain authorization token by the authorization code.
Authorization token serve not only as obtain user information one of which foundation and third party's service end to be authorized to net
Stand authorize a kind of voucher, authorization token can be the combination of Any Digit and/or character, and length is not construed as limiting.For example, awarding
It can be 1234asdf45 to weigh token.
As an example, forum website is after receiving authorization code, within the effective time of the authorization code, forum's net
It stands and sends the request of acquisition authorization token to Alipay server-side by the authorization code, Alipay server-side carries out the authorization code
After being verified, authorization token is returned to forum website for verification.
Step S104c is authorized to website and receives the authorization token that third party's service end returns;
Step S104d is authorized to website to third party's service after the authorization token for receiving the return of third party's service end
End sends the request for obtaining user's unique mark;
It needs to obtain user information due to being authorized to website, user information includes but not limited to:User's pet name uses account
Picture, user good friend etc..Therefore it is authorized to website after receiving authorization token, needs that acquisition user is further gone uniquely to mark
Know, the user identifier is as the one of which foundation for obtaining user information.
Step S104e is authorized to website and receives user's unique mark that third party's service end returns;
It, will be with third party after third party's service termination receives the request for acquisition user's unique mark that authorized website is sent
The corresponding user's unique mark of user account that client is sent returns to authorized website.
Step S104f is authorized to website and is obtained to the transmission of third party's service end by authorization token and user's unique mark
Take the request of user information;
Authorization token and user's unique mark are authorized to website and are receiving mandate as the foundation for obtaining user information
After token and user's unique mark, user information can be obtained according to authorization token and user's unique mark.As one
A example, forum website are obtained by authorization token 1234asdf45 and user's unique mark 1236 to the transmission of Alipay server-side
Take the request of the user informations such as the family pet name, user's head portrait, user good friend.
Step S104g is authorized to website and receives the user information that third party's service end returns.
Third party's service end receives the request for being authorized to the acquisition user information that website is sent, according to authorization token and use
Family unique mark determines user information, which is returned to authorized website, is authorized to website and is receiving third party
After the user information that server-side returns, so far third party's authorization identifying passes through.
S105 after third party's authorization identifying passes through between third party's service end and authorized website, is authorized to website
Third party authorizes and logins successfully.
Be authorized to website receive third party's service end return user information after, it is meant that third party's service end with
Third party's authorization identifying passes through between being authorized to website, is authorized to website third party mandate and logins successfully, user can awarded
It weighs website and carries out subsequent operation, such as access downloaded data etc..
On the basis of above-described embodiment, shown in Figure 4, this specification embodiment can further include:
S106, after third party's authorization identifying passes through between third party's service end and authorized website, third party's service
End will authorize successful message to be sent to third party's client;
Third party's client after receiving the message, authorizes successfully to user's displaying.
After user information is returned to authorized website by third party's service end, it is meant that third party's authorization identifying is logical
It crosses, third party's service end will authorize successful message to be sent to third party's client, be awarded from third party's client to user's displaying
It weighs successfully, and then user can go to be authorized to the subsequent operation of website progress.
It is used by the description of the above-mentioned technical solution to this specification embodiment when user is logged in using third party's account
The scanning function that family is carried by third party's client in terminal scans the Quick Response Code for being authorized to website displaying, is awarded in confirmation
It can be logged in after power.
Using the technical solution that this specification embodiment provides, avoids user from jumping to third party website and log in oneself the
Tripartite's account and password authorize, and for a user, simplify operating process, improve the experience of user.
In order to illustrate more clearly of the scheme of this specification embodiment, separately below again from unilateral angle, to execution
Method illustrates:
For third party's client, need executing for task mainly as follows:
Step a is identified when the two-dimensional code scanning of third party's client monitors to user operates triggering and is authorized to website institute
The Quick Response Code of displaying prompts the user whether to authorize;
Step b is sent when the license confirmation of third party's client monitors to user operates triggering to third party's service end
The 2 D code information identified so that third party's service end is after receiving the 2 D code information, with authorized website into
Row third party's authorization identifying.
For third party's service end, need executing for task mainly as follows:
Step A receives the 2 D code information that third party's client is sent;
Step B takes after the 2 D code information for receiving the transmission of third party's client according on the Quick Response Code identified
The authorization code of generation is sent to authorized website by the loopback address information of band;
Step C receives the request for being authorized to the acquisition authorization token that website is sent by the authorization code, and returns to mandate
Token;
Step D receives the request for being authorized to acquisition user's unique mark that website is sent, and returns to user's unique mark;
Step E receives the acquisition user information for being authorized to that website is sent by authorization token and user's unique mark
Request, and return to user information.
For being authorized to website, need the main task executed as follows:
Step 1, it when authorized website monitors third party's account register triggering of user, generates and the third
The corresponding Quick Response Code of square account;
Step 2, the Quick Response Code is shown to user;
Step 3, the authorization code that third party's service end is sent is received, and the authorization code by being received is to third party's service end
Send the request for obtaining authorization token;
Step 4, the authorization token that third party's service end returns is received, and in the mandate for receiving the return of third party's service end
After token, the request for obtaining user's unique mark is sent to third party's service end;
Step 5, user's unique mark that third party's service end returns is received;
Step 6, it is sent to third party's service end by authorization token and user's unique mark and obtains asking for user information
It asks;
Step 7, the user information that third party's service end returns is received, third party authorizes and logins successfully.
About third party's client, third party's service end, the unilateral execution method details for being authorized to website, before may refer to
The description of face embodiment, which is not described herein again.
Corresponding to above method embodiment, this specification embodiment also provides a kind of third party's mandate entering device, application
It is shown in Figure 5 in third party's client, may include:Quick Response Code identification module 510, information sending module 520.
Quick Response Code identification module 510 is used for when the two-dimensional code scanning of third party's client monitors to user operates triggering,
Identification is authorized to the Quick Response Code that website is shown, prompts the user whether to authorize;
Information sending module 520, for when the operation of the license confirmation of third party's client monitors to user triggers, to the
Tripartite's server-side sends identified 2 D code information, so that third party's service end is after receiving the 2 D code information,
Third party's authorization identifying is carried out with authorized website.
This specification embodiment also provides a kind of third party's mandate entering device, is applied to third party's service end, referring to Fig. 6
It is shown, may include:Information receiving module 610, authentication module 620.
Information receiving module 610, the 2 D code information for receiving the transmission of third party's client;
Authentication module 620, for receive third party's client transmission 2 D code information after, with authorized website
Carry out third party's authorization identifying.
This specification embodiment also provides a kind of third party's mandate login system, which may include:Third party client
End, third party's service end and authorized website.
When be authorized to website monitor user third party's account register triggering when, be authorized to website generate with it is described
The corresponding Quick Response Code of third party's account;
It is authorized to website and shows the Quick Response Code to user;
When the two-dimensional code scanning of third party's client monitors to user operates triggering, third party's client identification described two
Code is tieed up, prompts the user whether to authorize;
When the license confirmation of third party's client monitors to user operates triggering, third party's service end and authorized website
Between carry out third party's authorization identifying;
After third party's authorization identifying passes through between third party's service end and authorized website, it is authorized to website third party
Mandate logins successfully.
The function of modules and the realization process of effect specifically refer to and correspond to step in the above method in above-mentioned apparatus
Realization process, details are not described herein.
It is used by the description of the above-mentioned technical solution to this specification embodiment when user is logged in using third party's account
The scanning function that family is carried by third party's client in terminal scans the Quick Response Code for being authorized to website displaying, is awarded in confirmation
It can be logged in after power.
Using the technical solution that this specification embodiment provides, avoids user from jumping to third party website and log in oneself the
Tripartite's account and password authorize, and for a user, simplify operating process, improve the experience of user.
This specification embodiment also provides a kind of computer equipment, as shown in fig. 7, the equipment may include:Processor
710, memory 720, input/output interface 730, communication interface 740 and bus 750.Wherein processor 710, memory 720,
Input/output interface 730 and communication interface 740 pass through the communication connection between the realization of bus 750 inside equipment.
General CPU (Central Processing Unit, central processing unit), microprocessor may be used in processor 710
Device, application specific integrated circuit (Application Specific Integrated Circuit, ASIC) or one or
The modes such as multiple integrated circuits are realized, for executing relative program, to realize technical solution that this specification embodiment is provided.
ROM (Read Only Memory, read-only memory), RAM (Random Access may be used in memory 720
Memory, random access memory), static storage device, the forms such as dynamic memory realize.Memory 720 can store
Operating system and other applications are realizing technical solution that this specification embodiment is provided by software or firmware
When, relevant program code is stored in memory 720, and is executed by processor 710 to call.
Input/output interface 730 is for connecting input/output module, to realize information input and output.Input and output/
Module can be used as component Configuration (not shown) in a device, can also be external in equipment to provide corresponding function.Wherein
Input equipment may include keyboard, mouse, touch screen, microphone, various kinds of sensors etc., output equipment may include display,
Loud speaker, vibrator, indicator light etc..
Communication interface 740 is used for connection communication module (not shown), to realize the communication of this equipment and other equipment
Interaction.Wherein communication module can be realized by wired mode (such as USB, cable etc.) and be communicated, can also be wirelessly
(such as mobile network, WIFI, bluetooth etc.) realizes communication.
Bus 750 includes an access, in various components (such as processor 710, memory 720, the input/output of equipment
Interface 730 and communication interface 740) between transmit information.
It should be noted that although above equipment illustrates only processor 710, memory 720, input/output interface
730, communication interface 740 and bus 750, but in specific implementation process, which can also include realizing normal operation
Necessary other assemblies.In addition, it will be appreciated by those skilled in the art that, can also only include to realize in above equipment
Component necessary to this specification example scheme, without including all components shown in figure.
This specification embodiment also provides a kind of computer readable storage medium, is stored thereon with computer program, the journey
Realize that third party above-mentioned authorizes login method when sequence is executed by processor.This method includes at least:
When the two-dimensional code scanning of third party's client monitors to user operates triggering, identifies and be authorized to what website was shown
Quick Response Code prompts the user whether to authorize;
When the license confirmation of third party's client monitors to user operates triggering, sends and identified to third party's service end
2 D code information carry out third with authorized website so that third party's service end is after receiving the 2 D code information
Square authorization identifying.
This specification embodiment also provides a kind of computer readable storage medium, is stored thereon with computer program, the journey
Realize that third party above-mentioned authorizes login method when sequence is executed by processor.This method includes at least:
Receive the 2 D code information that third party's client is sent;
After the 2 D code information for receiving the transmission of third party's client, carries out third party's mandate with authorized website and recognize
Card.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology realizes information storage.Information can be computer-readable instruction, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), fast flash memory bank or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storages, magnetic tape cassette, tape magnetic disk storage or other magnetic storage apparatus
Or any other non-transmission medium, it can be used for storage and can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as data-signal and carrier wave of modulation.
As seen through the above description of the embodiments, those skilled in the art can be understood that this specification
Embodiment can add the mode of required general hardware platform to realize by software.Based on this understanding, this specification is implemented
Substantially the part that contributes to existing technology can be expressed in the form of software products the technical solution of example in other words,
The computer software product can be stored in a storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions are making
It is each to obtain computer equipment (can be personal computer, server or the network equipment etc.) execution this specification embodiment
Method described in certain parts of a embodiment or embodiment.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can
To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment
The combination of arbitrary several equipment.
Each embodiment in this specification is described in a progressive manner, identical similar portion between each embodiment
Point just to refer each other, and each embodiment focuses on the differences from other embodiments.Especially for device reality
For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method
Part explanation.The apparatus embodiments described above are merely exemplary, wherein described be used as separating component explanation
Module may or may not be physically separated, can be each module when implementing this specification example scheme
Function realize in the same or multiple software and or hardware.Can also select according to the actual needs part therein or
Person's whole module achieves the purpose of the solution of this embodiment.Those of ordinary skill in the art are not the case where making the creative labor
Under, you can to understand and implement.
The above is only the specific implementation mode of this specification embodiment, it is noted that for the general of the art
For logical technical staff, under the premise of not departing from this specification embodiment principle, several improvements and modifications can also be made, this
A little improvements and modifications also should be regarded as the protection domain of this specification embodiment.