Summary of the invention
The embodiment of the present application provides a kind of method, apparatus and electronic equipment fed back, obtain user resources, to protect use
The resource at family is not leaked.
In order to solve the above technical problems, the embodiment of the present application is achieved in that
In a first aspect, proposing a kind of method for obtaining user resources, which comprises
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
Second aspect proposes a kind of method of feedback user resource, which comprises
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
The third aspect, proposes a kind of device for obtaining user resources, and described device includes:
Authorization requests sending module, for sending authorization requests to target user, the authorization requests are used for request
The access authority of the default resource of the target user, the default resource are stored in the Resource Server of default social application
In;
Authorized certificate receiving module, for receive target user confirmation authorize the authorization fed back after the permission with
Card;
Authorization message application module, for being based on the authorized certificate, to the certificate server of the default social application
Application obtains the authorization message of the default resource, and the authorization message includes the identity of token and the target user;
Source obtaining module accesses the Resource Server and obtains institute for being based on the token and the identity
State default resource.
Fourth aspect, proposes a kind of device of feedback user resource, and described device includes:
First request receiving module, for receiving the authorization message application request of third-party application transmission, the authorization letter
Authorized certificate is carried in breath application request, the authorized certificate is that target user confirms that the third-party application has the mesh
Mark the voucher of the access authority of the default resource of user;
Authorization message sending module, for believing to third-party application feedback for obtaining the authorization of the default resource
Breath, the authorization message includes the identity of token and the target user;
Second request receiving module, the resource acquisition request sent for receiving the third-party application, the resource obtain
It takes in request and carries the token and the identity;
Resource feedback module, for being based on the token and the identity, to described in third-party application feedback
Default resource.
5th aspect, proposes a kind of electronic equipment, comprising:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed
It manages device and executes following operation:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
6th aspect, proposes a kind of computer readable storage medium, the computer-readable recording medium storage one
Or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that the electricity
Sub- equipment executes following operation:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
7th aspect, proposes a kind of electronic equipment, comprising:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed
It manages device and executes following operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
Eighth aspect proposes a kind of computer readable storage medium, the computer-readable recording medium storage one
Or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that the electricity
Sub- equipment executes following operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
As can be seen from the technical scheme provided by the above embodiments of the present application, scheme provided by the embodiments of the present application at least have as
Lower a kind of technical effect: since third-party application can pass through access preset in the case where target user authorizes access authority
The Resource Server of social application can obtain the pre-stored default resource of target user, without other people manually to
The default resource of third-party application submission target user.It can thus be avoided the default resource of target user different personnel it
Between the case where transmitting, and then the resources such as individual privacy and sensitive information that can protect target user are not leaked.
Specific embodiment
To keep the purposes, technical schemes and advantages of the application clearer, below in conjunction with the application specific embodiment and
Technical scheme is clearly and completely described in corresponding attached drawing.Obviously, described embodiment is only the application one
Section Example, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not doing
Every other embodiment obtained under the premise of creative work out, shall fall in the protection scope of this application.
In order to protect the resource of user not to be leaked, this specification embodiment provide it is a kind of obtain user resources method and
Device and a kind of method and device of feedback user resource.Wherein, a kind of method and device obtaining user resources can answer
In third-party application for needing to obtain user resources, for example, can be applied to need to obtain the related certificate letter without duty side
In insurance company's network service platform of breath.Wherein, a kind of method and device of feedback user resource can be using default social activity
In, for example, can be applied to wechat, Alipay etc. in the application of social functions.
A kind of method of 1 to Fig. 3 acquisition user resources provided this specification embodiment carries out detailed with reference to the accompanying drawing
Thin explanation.
As shown in Figure 1, a kind of method for acquisition user resources that this specification embodiment provides, can be applied to third party
Using this method may include steps of:
Step 102 sends authorization requests to target user, and the authorization requests are for target user's described in request
The access authority of default resource, the default resource are stored in the Resource Server of default social application.
Target user can be the user for needing that default resource is submitted to third-party application, for example, this specification background skill
In traffic accident described in art without duty side.
Third-party application, such as can be the network service platform of insurance company.
Default resource, can be any cost for needing target user to submit to third-party application, such as can be needs
The related certificate information that target user submits to the network service platform of insurance company.Wherein, the related certificate information of no duty side,
Such as can be ID card information without duty side, driver's license information, etc..
Default social application, can be any application with social functions.Optionally, social application is preset, can be
Social application with open platform, for example, the wechat with public platform, has the Alipay, etc. of life number.
In one example, " sending authorization requests to target user " in step 101 may include: by using to target
Family sends short message or by sending information to the instant messaging account of target user, to send authorization requests to target user.Example
Such as, the link that guidance user authorizes the access authority can be sent to target user by short message, target user clicks the chain
After connecing, it can choose whether to authorize the access authority.
In another example, " the sending authorization requests to target user " in step 101 may include: directly by upper
It states default social application and sends the authorization requests to the target user, the target user is the registration of the social application
User.
Optionally, in a kind of specific embodiment of the example, by the default social application to the target
Before user sends the authorization requests, method shown in FIG. 1 can also include: to register the public in the default social application
It is raw can to register an Alipay for example, it is assumed that default social application is Alipay on the open platform of Alipay for service number
Living number;On this basis, the authorization requests are sent to the target user above by above-mentioned default social application, can wrap
It includes: the authorization requests is sent to the target user by the public service number, such as by Alipay life number to mesh
It marks user and pushes the authorization requests.
Further, before sending the authorization requests to the target user by the default social application,
Method shown in FIG. 1 can also include: the account for obtaining target user and registering in the social application, for example, obtaining target
The account that user registers in Alipay, the account are usually the cell-phone number of target user.On this basis, above by described
Public service number sends the authorization requests to the target user, may include: by the public service number, to the mesh
The account for marking user sends the authorization requests, such as sends the authorization requests to the Alipay account of target user.
The authorized certificate fed back after the access authority is authorized in step 104, reception target user's confirmation.
Wherein, authorized certificate can be authorization code.It is appreciated that when target user confirmation authorize above-mentioned access authority it
Afterwards, default social application can generate an authorization code accordingly.
Step 106 is based on the authorized certificate, obtains to the certificate server application of the default social application described pre-
If the authorization message of resource, the authorization message includes the identity of token and the target user.
In this step, authorized certificate can be sent to the certificate server of default social application by third-party application, benefit
Authorized information is replaced from the certificate server with authorized certificate.Correspondingly, in one embodiment, presetting social activity
The certificate server of application can safeguard the corresponding relationship of identity (Identity, the ID) and token of a target user
Table, when certificate server determines that third-party application has the access authority for the default resource for obtaining target user according to authorized certificate
When, third-party application is fed back to using token and its corresponding identity as authorization message.
Step 108 is based on the token and the identity, accesses the Resource Server and obtains the default money
Source.
As an example, step 108 may include: and be obtained based on the token and accessed the pre- of the Resource Server
If the permission of interface, the default resource is stored under the preset interface;Based on the identity, it is described pre- to obtain access
If the permission of the default resource under interface;It accesses the preset interface and obtains the default resource.
Above-mentioned steps 102 to step 108 can be realized based on open protocol OAuth (Open Authorization).Under
Face combines Fig. 2, the certification for obtaining the authorization of target user to third-party application in the embodiment of the present invention, obtaining default social application
The authorization message of server issues, and be illustrated using the principle that authorization message obtains default resource.
It is as shown in Figure 2: 1. resource owner of the client 11 (Client) of third-party application 1 to default social application 2
(Resource Owner) 21 (target user) sends authorization requests (Authorization Request), the authorization requests
The access authority of default resource for target user described in request, the default resource are stored in default social application 2
Resource Server 23 in;2. target user 21 agrees to authorize access authority described in third-party application 1, and default social application 2
Authorized certificate (Authorization Grant) is fed back to the client 11 of third-party application 1;3. the client of third-party application 1
It is obtained according to the authorized certificate to the application of the certificate server (Authorization Server) 22 of default social application 2 at end 11
Authorization message is taken, which includes the ID of token (Access Token) and target user;4. certificate server 22 is to upper
It states after authorized certificate is verified, sends authorization message to the client 11 of third-party application 1;5. the client of third-party application 1
End 11 sends resource inquiry request, the resource query to the Resource Server (Resource Server) 23 of default social application 1
Token and the ID of target user are carried in request;6. Resource Server 23 confirms third party according to token and the ID of target user
When there is above-mentioned access authority using 1, open preset interface to the client 11 of third-party application 1, and pass through preset interface to
The client 11 of third-party application 1 feeds back default resource.
It should be noted that in practical applications, the certificate server 22 and Resource Server 23 for presetting social application 1 can
To be same server, it is also possible to different servers, but the function to be realized of the two can be by presetting social application 1
Different business domain realize.For example, presetting the certificate information that resource is target user, money when default social application is Alipay
The process that source server 23 feeds back default resource can be realized by the member domain of Alipay, because in the corresponding server in member domain
Save the certificate informations such as the identification card number of target user;And certificate server 22 carries out purview certification and feeds back authorization message
Process can be realized by the open platform of Alipay.
Certainly, in practical applications, default social application can also specially establish a certificate library, and third-party application can be with
Default resource is obtained by accessing the certificate library.
The method for a kind of acquisition user resources that embodiment shown in FIG. 1 provides, since third-party application can be in target
In the case that user authorizes access authority, it is pre- that target user can be obtained by the Resource Server of access preset social application
The default resource first stored manually submits the default resource of target user without other people to third-party application.Therefore, may be used
The case where being transmitted between different personnel to avoid the default resource of target user, and then can protect of target user
The resources such as people's privacy and sensitive information are not leaked.
In order to it is clearer understand this specification embodiment provide a kind of acquisition user resource method, below with reference to
Fig. 3 is illustrated by taking the related certificate information without duty side that the network service platform of insurance company obtains in traffic accident as an example.
As shown in figure 3, in this embodiment, third-party application is that the network service platform of insurance company (is managed for convenience
Solution, in Fig. 3 with insurance company 5 instead of), preset social application be Alipay 4, target user be traffic accident in nothing
Duty side 6, the default resource for needing to obtain are the related certificate information without duty side 6, obtain the stream of the associated part information of target user
Journey is triggered by the responsible party 3 in traffic accident.Also, in this embodiment, insurance company 5 can be accessed by Alipay 4.
As shown in figure 3, a kind of method for acquisition user resources that this specification embodiment provides, may include walking as follows
It is rapid:
Responsible party 3 in step 31, traffic accident selects insurance company 5 in the insurance service of Alipay 4, and fills in nothing
The Alipay account (such as filling in the cell-phone number without duty side 6) of duty side 6.
Step 32, operation of the Alipay 4 based on responsible party 3 are reported a case to the security authorities to insurance company 5.
Step 33,5 auditing duty side 3 of insurance company pass through the material of reporting a case to the security authorities that Alipay 4 is submitted, and are leading to after the approval
It crosses Alipay 4 and sends authorization requests to without duty side 6, the authorization requests are used for related certificate information of the request without duty side 6
Access authority, the related certificate information of no duty side 6 is stored in the Resource Server of Alipay 4.
Step 34 is agreed to authorize access authority described in insurance company 5 without duty side 6.
Step 35, Alipay 4 generate authorized certificate and feed back to insurance company 5.
Step 36, insurance company 5 are based on the authorized certificate, obtain authorization letter to the certificate server application of Alipay 4
Breath, authorization message includes token and the ID without duty side 6.
Step 37, Alipay 4 certificate server feed back the authorization message to insurance company 5.
The Resource Server of the ID of step 38, insurance company 5 based on the token in authorization message, access Alipay 4 obtain
Related certificate information without duty side 6.
Step 39, Alipay 4 Resource Server to insurance company 5 feed back the related certificate information without duty side 6.
The method for a kind of acquisition user resources that embodiment shown in Fig. 3 provides, since insurance company 5 can be without duty side
In the case that 6 authorize access authority, the Resource Server by accessing Alipay 4 can obtain the related certificate without duty side 6
Information manually submits the related certificate information of responsible party 6 without responsible party 3 to insurance company 5.It can thus be avoided
Related certificate information without duty side 6 is leaked to responsible party 3, protects the resources such as individual privacy and the sensitive information without duty side 6
Safety.
It is that a kind of explanation of method for obtaining user resources is provided this specification above, this specification is provided below
A kind of method of feedback user resource is introduced.
As shown in figure 4, a kind of method for feedback user resource that this specification embodiment provides, can be applied to default society
Application is handed over, this method may include:
Step 402 receives the authorization message application request that third-party application is sent, and takes in the authorization message application request
With authorized certificate, the authorized certificate is that target user confirms that the third-party application has the default money of the target user
The voucher of the access authority in source.
For example, the certificate server of Alipay can receive the authorization message Shen that the network service platform of insurance company is sent
It please request.
Step 404 feeds back the authorization message for obtaining the default resource, the authorization letter to the third-party application
Breath includes the identity of token and the target user.
For example, the certificate server of Alipay can be described pre- for obtaining to the network service platform of insurance company feedback
If the authorization message of resource.
Step 406 receives the resource acquisition request that the third-party application is sent, and carries in the resource acquisition request
The token and the identity.
For example, the resource acquisition that the network service platform that the Resource Server of Alipay can receive insurance company is sent is asked
It asks.
Step 408 is based on the token and the identity, feeds back the default resource to the third-party application.
For example, the Resource Server of Alipay can feed back the default resource to the network service platform of insurance company.
In a specific embodiment, step 408 be may include: and be opened based on the token to the third-party application
The access authority of the preset interface of the Resource Server is put, the default resource is stored under the preset interface;Based on institute
Identity is stated, to the permission of the default resource under preset interface described in the third-party application open visit;Pass through institute
It states preset interface and feeds back the default resource to the third-party application.
It should be noted that in the present embodiment, step 402 and step 404 can be taken by the certification for presetting social application
Business device (the open platform business domains that can correspond to default social application) executes, and step 406 and step 408 can be by default social activities
The Resource Server (the member domain that can correspond to default social application) of application executes, and the certificate server of default social application
It can be same server with Resource Server, be also possible to different servers.
The method for a kind of feedback user resource that embodiment shown in Fig. 4 provides, due to presetting the resource clothes of social application
Business device can be used in the case where third-party application obtains the access authority that target user authorizes to third-party application feedback target
Family is stored in the default resource on the Resource Server of default social application, manually mentions to third-party application without other people
Hand over the default resource of target user.It can thus be avoided the case where default resource of target user is transmitted between different personnel
Occur, and then the resources such as individual privacy and sensitive information that can protect target user are not leaked.
It is that the explanation of a kind of method of feedback user resource is provided this specification above, this specification is provided below
Electronic equipment is introduced.
Fig. 5 is the structural schematic diagram for the electronic equipment that one embodiment of this specification provides.Referring to FIG. 5, in hardware
Level, the electronic equipment include processor, optionally further comprising internal bus, network interface, memory.Wherein, memory can
It can include memory, such as high-speed random access memory (Random-Access Memory, RAM), it is also possible to further include non-easy
The property lost memory (non-volatile memory), for example, at least 1 magnetic disk storage etc..Certainly, which is also possible to
Including hardware required for other business.
Processor, network interface and memory can be connected with each other by internal bus, which can be ISA
(Industry Standard Architecture, industry standard architecture) bus, PCI (Peripheral
Component Interconnect, Peripheral Component Interconnect standard) bus or EISA (Extended Industry Standard
Architecture, expanding the industrial standard structure) bus etc..The bus can be divided into address bus, data/address bus, control always
Line etc..Only to be indicated with a four-headed arrow in Fig. 5, it is not intended that an only bus or a type of convenient for indicating
Bus.
Memory, for storing program.Specifically, program may include program code, and said program code includes calculating
Machine operational order.Memory may include memory and nonvolatile memory, and provide instruction and data to processor.
Processor is from the then operation into memory of corresponding computer program is read in nonvolatile memory, in logical layer
The device for obtaining user resources is formed on face.Processor executes the program that memory is stored, and is specifically used for executing following behaviour
Make:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
The method of acquisition user resources disclosed in the above-mentioned embodiment illustrated in fig. 1 such as this specification can be applied to shown in Fig. 5
Processor in, or realized by processor.Processor may be a kind of IC chip, the processing capacity with signal.
During realization, each step of the above method can pass through the integrated logic circuit or software form of the hardware in processor
Instruction complete.Above-mentioned processor can be general processor, including central processing unit (Central Processing
Unit, CPU), network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital
Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit,
ASIC), field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic
Device, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute this specification one or more
Disclosed each method, step and logic diagram in embodiment.General processor can be microprocessor or the processor
It can be any conventional processor etc..The step of method in conjunction with disclosed in this specification one or more embodiment, can be straight
Connect and be presented as that hardware decoding processor executes completion, or in decoding processor hardware and software module combination executed
At.Software module can be located at random access memory, and flash memory, read-only memory, programmable read only memory or electrically-erasable can
In the storage medium of this fields such as programmable memory, register maturation.The storage medium is located at memory, and processor reads storage
Information in device, in conjunction with the step of its hardware completion above method.
The method that electronic equipment shown in fig. 5 can also carry out the acquisition user resources of Fig. 1, this specification are no longer superfluous herein
It states.
Fig. 6 is the structural schematic diagram for the electronic equipment that another embodiment of this specification provides.Equipment shown in fig. 6 with
Electronic equipment shown in fig. 5 the difference is that, processor executes the program stored of memory, and be specifically used for executing with
Lower operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
The method that electronic equipment shown in fig. 6 can also carry out the feedback user resource of Fig. 4, this specification are no longer superfluous herein
It states.
Certainly, other than software realization mode, other implementations are not precluded in the electronic equipment of this specification, such as
Logical device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each
Logic unit is also possible to hardware or logical device.
This specification embodiment also proposed a kind of computer readable storage medium, the computer-readable recording medium storage
One or more programs, the one or more program include instruction, and the instruction is when by the portable electric including multiple application programs
When sub- equipment executes, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 1, and be specifically used for executing following
Operation:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
In another embodiment, this specification embodiment also proposed a kind of computer readable storage medium, the computer
Readable storage medium storing program for executing stores one or more programs, which includes instruction, and it is included multiple answer which, which works as,
When being executed with the portable electronic device of program, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 1, and
Specifically for executing following operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
A kind of device of the acquisition user resources provided below this specification is illustrated.
Fig. 7 is the structural schematic diagram of the device 700 for the acquisition user resources that this specification provides.Referring to FIG. 7, in one kind
In Software Implementation, the device 700 of user resources is obtained can include: authorization requests sending module 701, authorized certificate receive mould
Block 702, authorization message application module 703 and source obtaining module 704.
Authorization requests sending module 701, for sending authorization requests to target user, the authorization requests are obtained for requesting
The access authority of the default resource of the target user is taken, the default resource is stored in the Resource Server of default social application
In.
Optionally, in one example, authorization requests sending module 701 can be used for by sending short message to target user
Or by sending information to the instant messaging account of target user, to send authorization requests to target user.
Optionally, in another example, authorization requests sending module 701 can be used for through above-mentioned default social application
The authorization requests are sent to the target user, the target user is the registration user of the social application.
Further, on the basis of the example, the device 700 for obtaining user resources can also include: registration module, use
In before sending the authorization requests to the target user by the default social application, in the default social application
Middle registration public service number.Correspondingly, authorization requests sending module 701, can be used for through the public service number to the mesh
It marks user and sends the authorization requests, such as the authorization requests are pushed to target user by Alipay life number.
Further, on the basis of the example, the device 700 for obtaining user resources can also include: acquisition module,
For before sending the authorization requests to the target user by the default social application, obtaining target user in institute
State the account registered in social application.Correspondingly, authorization requests sending module 701, can be used for through the public service number, to
The account of the target user sends the authorization requests.
Authorized certificate receiving module 702 authorizes the authorization fed back after the permission for receiving target user's confirmation
Voucher.
Authorization message application module 703, for being based on the authorized certificate, to the authentication service of the default social application
Device application obtains the authorization message of the default resource, and the authorization message includes token and the identity mark of the target user
Know.
Source obtaining module 704 accesses the Resource Server and obtains for being based on the token and the identity
The default resource.
As a specific example, source obtaining module 704 can be used for being obtained based on the token and being accessed the money
The permission of the preset interface of source server is stored with the default resource under the preset interface;Based on the identity, obtain
Take the permission for accessing the default resource under the preset interface;It accesses the preset interface and obtains the default resource.
The device 700 for a kind of acquisition user resources that embodiment shown in Fig. 7 provides, since third-party application can be in mesh
In the case that mark user authorizes access authority, target user can be obtained by the Resource Server of access preset social application
Pre-stored default resource manually submits the default resource of target user without other people to third-party application.Therefore,
The case where being transmitted between different personnel to avoid the default resource of target user, and then can protect target user's
The resources such as individual privacy and sensitive information are not leaked.
It should be noted that the method that the device 700 for obtaining user resources can be realized the embodiment of the method for Fig. 1, specifically
The method that can refer to the acquisition user resources of embodiment illustrated in fig. 1, repeats no more.
Fig. 8 is the structural schematic diagram of the device 800 for the feedback user resource that this specification provides.Referring to FIG. 8, in one kind
In Software Implementation, the device 800 of feedback user resource can include: the first request receiving module 801, authorization message send mould
Block 802, the second request receiving module 803 and resource feedback module 804.
First request receiving module 801, for receiving the authorization message application request of third-party application transmission, the authorization
Authorized certificate is carried in information applications request, the authorized certificate is that target user confirms the third-party application with described
The voucher of the access authority of the default resource of target user.
Authorization message sending module 802, for feeding back to the third-party application for obtaining awarding for the default resource
Information is weighed, the authorization message includes the identity of token and the target user.
Second request receiving module 803, the resource acquisition request sent for receiving the third-party application, the resource
The token and the identity are carried in acquisition request.
Resource feedback module 804 feeds back institute to the third-party application for being based on the token and the identity
State default resource.
In a specific embodiment, resource feedback module 804 can be used for based on the token, to the third party
Using the access authority of the preset interface of the opening Resource Server, the default resource is stored under the preset interface;
Based on the identity, to the permission of the default resource under preset interface described in the third-party application open visit;
The default resource is fed back to the third-party application by the preset interface.
The device 800 for a kind of feedback user resource that embodiment shown in Fig. 8 provides, due to presetting the resource of social application
Server can be in the case where third-party application obtains the access authority that target user authorizes, to third-party application feedback target
User is stored in the default resource on the Resource Server of default social application, without other people manually to third-party application
Submit the default resource of target user.It can thus be avoided the feelings that the default resource of target user is transmitted between different personnel
Condition occurs, and then the resources such as individual privacy and sensitive information that can protect target user are not leaked.
It should be noted that the method that the device 800 for obtaining user resources can be realized the embodiment of the method for Fig. 4, specifically
The method that can refer to the acquisition user resources of embodiment illustrated in fig. 4, repeats no more.
In short, being not intended to limit the protection of this specification the foregoing is merely the preferred embodiment of this specification
Range.With within principle, made any modification, changes equivalent replacement all spirit in this specification one or more embodiment
Into etc., it should be included within the protection scope of this specification one or more embodiment.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be used
Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment
The combination of equipment.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.When not limiting more, the element that is limited by sentence "including a ...", it is not excluded that in the mistake including the element
There is also other identical elements in journey, method, commodity or equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.