CN109033774A - Acquisition, the method, apparatus of feedback user resource and electronic equipment - Google Patents
Acquisition, the method, apparatus of feedback user resource and electronic equipment Download PDFInfo
- Publication number
- CN109033774A CN109033774A CN201811015333.6A CN201811015333A CN109033774A CN 109033774 A CN109033774 A CN 109033774A CN 201811015333 A CN201811015333 A CN 201811015333A CN 109033774 A CN109033774 A CN 109033774A
- Authority
- CN
- China
- Prior art keywords
- resource
- target user
- default
- application
- token
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a kind of acquisition, the method, apparatus of feedback user resource and electronic equipments, the method for obtaining user resources can send the authorization requests of the access authority of the default resource for target user described in request to target user, and the default resource is stored in the Resource Server of default social application;It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;Based on the authorized certificate, the authorization message of the default resource is obtained to the certificate server application of the default social application, the authorization message includes the identity of token and the target user;Based on the token and the identity, accesses the Resource Server and obtain the default resource.
Description
Technical field
This application involves field of computer technology, more particularly to feedback, the method, apparatus of acquisition user resources and electronics to set
It is standby.
Background technique
With the progress of science and technology, more and more tissues or mechanism provide a user clothes by network service platform
Business.For example, insurance company, which often passes through network service platform, accepts traffic accident Claims Resolution case, and in accident responsibility clearly situation
Under, need responsible party that itself is committed to the network service platform of insurance company to the related certificate information without duty side.
However, in this case, not only needing responsible party to collect the certificate information of itself in advance, it is also necessary to which responsible party is prior
Collect the related certificate information without duty side, it means that submitting related certificate information to the network service platform of insurance company
In the process, the resources such as some privacies of no duty side and sensitive information will be leaked to responsible party.
Summary of the invention
The embodiment of the present application provides a kind of method, apparatus and electronic equipment fed back, obtain user resources, to protect use
The resource at family is not leaked.
In order to solve the above technical problems, the embodiment of the present application is achieved in that
In a first aspect, proposing a kind of method for obtaining user resources, which comprises
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
Second aspect proposes a kind of method of feedback user resource, which comprises
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
The third aspect, proposes a kind of device for obtaining user resources, and described device includes:
Authorization requests sending module, for sending authorization requests to target user, the authorization requests are used for request
The access authority of the default resource of the target user, the default resource are stored in the Resource Server of default social application
In;
Authorized certificate receiving module, for receive target user confirmation authorize the authorization fed back after the permission with
Card;
Authorization message application module, for being based on the authorized certificate, to the certificate server of the default social application
Application obtains the authorization message of the default resource, and the authorization message includes the identity of token and the target user;
Source obtaining module accesses the Resource Server and obtains institute for being based on the token and the identity
State default resource.
Fourth aspect, proposes a kind of device of feedback user resource, and described device includes:
First request receiving module, for receiving the authorization message application request of third-party application transmission, the authorization letter
Authorized certificate is carried in breath application request, the authorized certificate is that target user confirms that the third-party application has the mesh
Mark the voucher of the access authority of the default resource of user;
Authorization message sending module, for believing to third-party application feedback for obtaining the authorization of the default resource
Breath, the authorization message includes the identity of token and the target user;
Second request receiving module, the resource acquisition request sent for receiving the third-party application, the resource obtain
It takes in request and carries the token and the identity;
Resource feedback module, for being based on the token and the identity, to described in third-party application feedback
Default resource.
5th aspect, proposes a kind of electronic equipment, comprising:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed
It manages device and executes following operation:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
6th aspect, proposes a kind of computer readable storage medium, the computer-readable recording medium storage one
Or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that the electricity
Sub- equipment executes following operation:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
7th aspect, proposes a kind of electronic equipment, comprising:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed
It manages device and executes following operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
Eighth aspect proposes a kind of computer readable storage medium, the computer-readable recording medium storage one
Or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that the electricity
Sub- equipment executes following operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
As can be seen from the technical scheme provided by the above embodiments of the present application, scheme provided by the embodiments of the present application at least have as
Lower a kind of technical effect: since third-party application can pass through access preset in the case where target user authorizes access authority
The Resource Server of social application can obtain the pre-stored default resource of target user, without other people manually to
The default resource of third-party application submission target user.It can thus be avoided the default resource of target user different personnel it
Between the case where transmitting, and then the resources such as individual privacy and sensitive information that can protect target user are not leaked.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present application, constitutes part of this application, this Shen
Illustrative embodiments and their description please are not constituted an undue limitation on the present application for explaining the application.In the accompanying drawings:
Fig. 1 is one of the flow diagram of method for the acquisition user resources that this specification embodiment provides.
Fig. 2 is the configuration diagram of the method for the acquisition user resources that this specification embodiment provides.
Fig. 3 is the two of the flow diagram of the method for the acquisition user resources that this specification embodiment provides.
Fig. 4 is the flow diagram of the method for the feedback user resource that this specification embodiment provides.
Fig. 5 is the structural schematic diagram for a kind of electronic equipment that this specification embodiment provides.
Fig. 6 is the structural schematic diagram for another electronic equipment that this specification embodiment provides.
Fig. 7 is the structural schematic diagram of the device for the acquisition user resources that this specification embodiment provides.
Fig. 8 is the structural schematic diagram of the device for the feedback user resource that this specification embodiment provides.
Specific embodiment
To keep the purposes, technical schemes and advantages of the application clearer, below in conjunction with the application specific embodiment and
Technical scheme is clearly and completely described in corresponding attached drawing.Obviously, described embodiment is only the application one
Section Example, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not doing
Every other embodiment obtained under the premise of creative work out, shall fall in the protection scope of this application.
In order to protect the resource of user not to be leaked, this specification embodiment provide it is a kind of obtain user resources method and
Device and a kind of method and device of feedback user resource.Wherein, a kind of method and device obtaining user resources can answer
In third-party application for needing to obtain user resources, for example, can be applied to need to obtain the related certificate letter without duty side
In insurance company's network service platform of breath.Wherein, a kind of method and device of feedback user resource can be using default social activity
In, for example, can be applied to wechat, Alipay etc. in the application of social functions.
A kind of method of 1 to Fig. 3 acquisition user resources provided this specification embodiment carries out detailed with reference to the accompanying drawing
Thin explanation.
As shown in Figure 1, a kind of method for acquisition user resources that this specification embodiment provides, can be applied to third party
Using this method may include steps of:
Step 102 sends authorization requests to target user, and the authorization requests are for target user's described in request
The access authority of default resource, the default resource are stored in the Resource Server of default social application.
Target user can be the user for needing that default resource is submitted to third-party application, for example, this specification background skill
In traffic accident described in art without duty side.
Third-party application, such as can be the network service platform of insurance company.
Default resource, can be any cost for needing target user to submit to third-party application, such as can be needs
The related certificate information that target user submits to the network service platform of insurance company.Wherein, the related certificate information of no duty side,
Such as can be ID card information without duty side, driver's license information, etc..
Default social application, can be any application with social functions.Optionally, social application is preset, can be
Social application with open platform, for example, the wechat with public platform, has the Alipay, etc. of life number.
In one example, " sending authorization requests to target user " in step 101 may include: by using to target
Family sends short message or by sending information to the instant messaging account of target user, to send authorization requests to target user.Example
Such as, the link that guidance user authorizes the access authority can be sent to target user by short message, target user clicks the chain
After connecing, it can choose whether to authorize the access authority.
In another example, " the sending authorization requests to target user " in step 101 may include: directly by upper
It states default social application and sends the authorization requests to the target user, the target user is the registration of the social application
User.
Optionally, in a kind of specific embodiment of the example, by the default social application to the target
Before user sends the authorization requests, method shown in FIG. 1 can also include: to register the public in the default social application
It is raw can to register an Alipay for example, it is assumed that default social application is Alipay on the open platform of Alipay for service number
Living number;On this basis, the authorization requests are sent to the target user above by above-mentioned default social application, can wrap
It includes: the authorization requests is sent to the target user by the public service number, such as by Alipay life number to mesh
It marks user and pushes the authorization requests.
Further, before sending the authorization requests to the target user by the default social application,
Method shown in FIG. 1 can also include: the account for obtaining target user and registering in the social application, for example, obtaining target
The account that user registers in Alipay, the account are usually the cell-phone number of target user.On this basis, above by described
Public service number sends the authorization requests to the target user, may include: by the public service number, to the mesh
The account for marking user sends the authorization requests, such as sends the authorization requests to the Alipay account of target user.
The authorized certificate fed back after the access authority is authorized in step 104, reception target user's confirmation.
Wherein, authorized certificate can be authorization code.It is appreciated that when target user confirmation authorize above-mentioned access authority it
Afterwards, default social application can generate an authorization code accordingly.
Step 106 is based on the authorized certificate, obtains to the certificate server application of the default social application described pre-
If the authorization message of resource, the authorization message includes the identity of token and the target user.
In this step, authorized certificate can be sent to the certificate server of default social application by third-party application, benefit
Authorized information is replaced from the certificate server with authorized certificate.Correspondingly, in one embodiment, presetting social activity
The certificate server of application can safeguard the corresponding relationship of identity (Identity, the ID) and token of a target user
Table, when certificate server determines that third-party application has the access authority for the default resource for obtaining target user according to authorized certificate
When, third-party application is fed back to using token and its corresponding identity as authorization message.
Step 108 is based on the token and the identity, accesses the Resource Server and obtains the default money
Source.
As an example, step 108 may include: and be obtained based on the token and accessed the pre- of the Resource Server
If the permission of interface, the default resource is stored under the preset interface;Based on the identity, it is described pre- to obtain access
If the permission of the default resource under interface;It accesses the preset interface and obtains the default resource.
Above-mentioned steps 102 to step 108 can be realized based on open protocol OAuth (Open Authorization).Under
Face combines Fig. 2, the certification for obtaining the authorization of target user to third-party application in the embodiment of the present invention, obtaining default social application
The authorization message of server issues, and be illustrated using the principle that authorization message obtains default resource.
It is as shown in Figure 2: 1. resource owner of the client 11 (Client) of third-party application 1 to default social application 2
(Resource Owner) 21 (target user) sends authorization requests (Authorization Request), the authorization requests
The access authority of default resource for target user described in request, the default resource are stored in default social application 2
Resource Server 23 in;2. target user 21 agrees to authorize access authority described in third-party application 1, and default social application 2
Authorized certificate (Authorization Grant) is fed back to the client 11 of third-party application 1;3. the client of third-party application 1
It is obtained according to the authorized certificate to the application of the certificate server (Authorization Server) 22 of default social application 2 at end 11
Authorization message is taken, which includes the ID of token (Access Token) and target user;4. certificate server 22 is to upper
It states after authorized certificate is verified, sends authorization message to the client 11 of third-party application 1;5. the client of third-party application 1
End 11 sends resource inquiry request, the resource query to the Resource Server (Resource Server) 23 of default social application 1
Token and the ID of target user are carried in request;6. Resource Server 23 confirms third party according to token and the ID of target user
When there is above-mentioned access authority using 1, open preset interface to the client 11 of third-party application 1, and pass through preset interface to
The client 11 of third-party application 1 feeds back default resource.
It should be noted that in practical applications, the certificate server 22 and Resource Server 23 for presetting social application 1 can
To be same server, it is also possible to different servers, but the function to be realized of the two can be by presetting social application 1
Different business domain realize.For example, presetting the certificate information that resource is target user, money when default social application is Alipay
The process that source server 23 feeds back default resource can be realized by the member domain of Alipay, because in the corresponding server in member domain
Save the certificate informations such as the identification card number of target user;And certificate server 22 carries out purview certification and feeds back authorization message
Process can be realized by the open platform of Alipay.
Certainly, in practical applications, default social application can also specially establish a certificate library, and third-party application can be with
Default resource is obtained by accessing the certificate library.
The method for a kind of acquisition user resources that embodiment shown in FIG. 1 provides, since third-party application can be in target
In the case that user authorizes access authority, it is pre- that target user can be obtained by the Resource Server of access preset social application
The default resource first stored manually submits the default resource of target user without other people to third-party application.Therefore, may be used
The case where being transmitted between different personnel to avoid the default resource of target user, and then can protect of target user
The resources such as people's privacy and sensitive information are not leaked.
In order to it is clearer understand this specification embodiment provide a kind of acquisition user resource method, below with reference to
Fig. 3 is illustrated by taking the related certificate information without duty side that the network service platform of insurance company obtains in traffic accident as an example.
As shown in figure 3, in this embodiment, third-party application is that the network service platform of insurance company (is managed for convenience
Solution, in Fig. 3 with insurance company 5 instead of), preset social application be Alipay 4, target user be traffic accident in nothing
Duty side 6, the default resource for needing to obtain are the related certificate information without duty side 6, obtain the stream of the associated part information of target user
Journey is triggered by the responsible party 3 in traffic accident.Also, in this embodiment, insurance company 5 can be accessed by Alipay 4.
As shown in figure 3, a kind of method for acquisition user resources that this specification embodiment provides, may include walking as follows
It is rapid:
Responsible party 3 in step 31, traffic accident selects insurance company 5 in the insurance service of Alipay 4, and fills in nothing
The Alipay account (such as filling in the cell-phone number without duty side 6) of duty side 6.
Step 32, operation of the Alipay 4 based on responsible party 3 are reported a case to the security authorities to insurance company 5.
Step 33,5 auditing duty side 3 of insurance company pass through the material of reporting a case to the security authorities that Alipay 4 is submitted, and are leading to after the approval
It crosses Alipay 4 and sends authorization requests to without duty side 6, the authorization requests are used for related certificate information of the request without duty side 6
Access authority, the related certificate information of no duty side 6 is stored in the Resource Server of Alipay 4.
Step 34 is agreed to authorize access authority described in insurance company 5 without duty side 6.
Step 35, Alipay 4 generate authorized certificate and feed back to insurance company 5.
Step 36, insurance company 5 are based on the authorized certificate, obtain authorization letter to the certificate server application of Alipay 4
Breath, authorization message includes token and the ID without duty side 6.
Step 37, Alipay 4 certificate server feed back the authorization message to insurance company 5.
The Resource Server of the ID of step 38, insurance company 5 based on the token in authorization message, access Alipay 4 obtain
Related certificate information without duty side 6.
Step 39, Alipay 4 Resource Server to insurance company 5 feed back the related certificate information without duty side 6.
The method for a kind of acquisition user resources that embodiment shown in Fig. 3 provides, since insurance company 5 can be without duty side
In the case that 6 authorize access authority, the Resource Server by accessing Alipay 4 can obtain the related certificate without duty side 6
Information manually submits the related certificate information of responsible party 6 without responsible party 3 to insurance company 5.It can thus be avoided
Related certificate information without duty side 6 is leaked to responsible party 3, protects the resources such as individual privacy and the sensitive information without duty side 6
Safety.
It is that a kind of explanation of method for obtaining user resources is provided this specification above, this specification is provided below
A kind of method of feedback user resource is introduced.
As shown in figure 4, a kind of method for feedback user resource that this specification embodiment provides, can be applied to default society
Application is handed over, this method may include:
Step 402 receives the authorization message application request that third-party application is sent, and takes in the authorization message application request
With authorized certificate, the authorized certificate is that target user confirms that the third-party application has the default money of the target user
The voucher of the access authority in source.
For example, the certificate server of Alipay can receive the authorization message Shen that the network service platform of insurance company is sent
It please request.
Step 404 feeds back the authorization message for obtaining the default resource, the authorization letter to the third-party application
Breath includes the identity of token and the target user.
For example, the certificate server of Alipay can be described pre- for obtaining to the network service platform of insurance company feedback
If the authorization message of resource.
Step 406 receives the resource acquisition request that the third-party application is sent, and carries in the resource acquisition request
The token and the identity.
For example, the resource acquisition that the network service platform that the Resource Server of Alipay can receive insurance company is sent is asked
It asks.
Step 408 is based on the token and the identity, feeds back the default resource to the third-party application.
For example, the Resource Server of Alipay can feed back the default resource to the network service platform of insurance company.
In a specific embodiment, step 408 be may include: and be opened based on the token to the third-party application
The access authority of the preset interface of the Resource Server is put, the default resource is stored under the preset interface;Based on institute
Identity is stated, to the permission of the default resource under preset interface described in the third-party application open visit;Pass through institute
It states preset interface and feeds back the default resource to the third-party application.
It should be noted that in the present embodiment, step 402 and step 404 can be taken by the certification for presetting social application
Business device (the open platform business domains that can correspond to default social application) executes, and step 406 and step 408 can be by default social activities
The Resource Server (the member domain that can correspond to default social application) of application executes, and the certificate server of default social application
It can be same server with Resource Server, be also possible to different servers.
The method for a kind of feedback user resource that embodiment shown in Fig. 4 provides, due to presetting the resource clothes of social application
Business device can be used in the case where third-party application obtains the access authority that target user authorizes to third-party application feedback target
Family is stored in the default resource on the Resource Server of default social application, manually mentions to third-party application without other people
Hand over the default resource of target user.It can thus be avoided the case where default resource of target user is transmitted between different personnel
Occur, and then the resources such as individual privacy and sensitive information that can protect target user are not leaked.
It is that the explanation of a kind of method of feedback user resource is provided this specification above, this specification is provided below
Electronic equipment is introduced.
Fig. 5 is the structural schematic diagram for the electronic equipment that one embodiment of this specification provides.Referring to FIG. 5, in hardware
Level, the electronic equipment include processor, optionally further comprising internal bus, network interface, memory.Wherein, memory can
It can include memory, such as high-speed random access memory (Random-Access Memory, RAM), it is also possible to further include non-easy
The property lost memory (non-volatile memory), for example, at least 1 magnetic disk storage etc..Certainly, which is also possible to
Including hardware required for other business.
Processor, network interface and memory can be connected with each other by internal bus, which can be ISA
(Industry Standard Architecture, industry standard architecture) bus, PCI (Peripheral
Component Interconnect, Peripheral Component Interconnect standard) bus or EISA (Extended Industry Standard
Architecture, expanding the industrial standard structure) bus etc..The bus can be divided into address bus, data/address bus, control always
Line etc..Only to be indicated with a four-headed arrow in Fig. 5, it is not intended that an only bus or a type of convenient for indicating
Bus.
Memory, for storing program.Specifically, program may include program code, and said program code includes calculating
Machine operational order.Memory may include memory and nonvolatile memory, and provide instruction and data to processor.
Processor is from the then operation into memory of corresponding computer program is read in nonvolatile memory, in logical layer
The device for obtaining user resources is formed on face.Processor executes the program that memory is stored, and is specifically used for executing following behaviour
Make:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
The method of acquisition user resources disclosed in the above-mentioned embodiment illustrated in fig. 1 such as this specification can be applied to shown in Fig. 5
Processor in, or realized by processor.Processor may be a kind of IC chip, the processing capacity with signal.
During realization, each step of the above method can pass through the integrated logic circuit or software form of the hardware in processor
Instruction complete.Above-mentioned processor can be general processor, including central processing unit (Central Processing
Unit, CPU), network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital
Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit,
ASIC), field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic
Device, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute this specification one or more
Disclosed each method, step and logic diagram in embodiment.General processor can be microprocessor or the processor
It can be any conventional processor etc..The step of method in conjunction with disclosed in this specification one or more embodiment, can be straight
Connect and be presented as that hardware decoding processor executes completion, or in decoding processor hardware and software module combination executed
At.Software module can be located at random access memory, and flash memory, read-only memory, programmable read only memory or electrically-erasable can
In the storage medium of this fields such as programmable memory, register maturation.The storage medium is located at memory, and processor reads storage
Information in device, in conjunction with the step of its hardware completion above method.
The method that electronic equipment shown in fig. 5 can also carry out the acquisition user resources of Fig. 1, this specification are no longer superfluous herein
It states.
Fig. 6 is the structural schematic diagram for the electronic equipment that another embodiment of this specification provides.Equipment shown in fig. 6 with
Electronic equipment shown in fig. 5 the difference is that, processor executes the program stored of memory, and be specifically used for executing with
Lower operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
The method that electronic equipment shown in fig. 6 can also carry out the feedback user resource of Fig. 4, this specification are no longer superfluous herein
It states.
Certainly, other than software realization mode, other implementations are not precluded in the electronic equipment of this specification, such as
Logical device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each
Logic unit is also possible to hardware or logical device.
This specification embodiment also proposed a kind of computer readable storage medium, the computer-readable recording medium storage
One or more programs, the one or more program include instruction, and the instruction is when by the portable electric including multiple application programs
When sub- equipment executes, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 1, and be specifically used for executing following
Operation:
Authorization requests, default resource of the authorization requests for target user described in request are sent to target user
Access authority, the default resource is stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the default resource is obtained to the certificate server application of the default social application
Authorization message, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
In another embodiment, this specification embodiment also proposed a kind of computer readable storage medium, the computer
Readable storage medium storing program for executing stores one or more programs, which includes instruction, and it is included multiple answer which, which works as,
When being executed with the portable electronic device of program, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 1, and
Specifically for executing following operation:
The authorization message application request that third-party application is sent is received, carries authorization in the authorization message application request
Voucher, the authorized certificate are that target user confirms that the third-party application has the access of the default resource of the target user
The voucher of permission;
The authorization message for obtaining the default resource is fed back to the third-party application, the authorization message includes enabling
The identity of board and the target user;
The resource acquisition request that the third-party application is sent is received, carries the token in the resource acquisition request
With the identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
A kind of device of the acquisition user resources provided below this specification is illustrated.
Fig. 7 is the structural schematic diagram of the device 700 for the acquisition user resources that this specification provides.Referring to FIG. 7, in one kind
In Software Implementation, the device 700 of user resources is obtained can include: authorization requests sending module 701, authorized certificate receive mould
Block 702, authorization message application module 703 and source obtaining module 704.
Authorization requests sending module 701, for sending authorization requests to target user, the authorization requests are obtained for requesting
The access authority of the default resource of the target user is taken, the default resource is stored in the Resource Server of default social application
In.
Optionally, in one example, authorization requests sending module 701 can be used for by sending short message to target user
Or by sending information to the instant messaging account of target user, to send authorization requests to target user.
Optionally, in another example, authorization requests sending module 701 can be used for through above-mentioned default social application
The authorization requests are sent to the target user, the target user is the registration user of the social application.
Further, on the basis of the example, the device 700 for obtaining user resources can also include: registration module, use
In before sending the authorization requests to the target user by the default social application, in the default social application
Middle registration public service number.Correspondingly, authorization requests sending module 701, can be used for through the public service number to the mesh
It marks user and sends the authorization requests, such as the authorization requests are pushed to target user by Alipay life number.
Further, on the basis of the example, the device 700 for obtaining user resources can also include: acquisition module,
For before sending the authorization requests to the target user by the default social application, obtaining target user in institute
State the account registered in social application.Correspondingly, authorization requests sending module 701, can be used for through the public service number, to
The account of the target user sends the authorization requests.
Authorized certificate receiving module 702 authorizes the authorization fed back after the permission for receiving target user's confirmation
Voucher.
Authorization message application module 703, for being based on the authorized certificate, to the authentication service of the default social application
Device application obtains the authorization message of the default resource, and the authorization message includes token and the identity mark of the target user
Know.
Source obtaining module 704 accesses the Resource Server and obtains for being based on the token and the identity
The default resource.
As a specific example, source obtaining module 704 can be used for being obtained based on the token and being accessed the money
The permission of the preset interface of source server is stored with the default resource under the preset interface;Based on the identity, obtain
Take the permission for accessing the default resource under the preset interface;It accesses the preset interface and obtains the default resource.
The device 700 for a kind of acquisition user resources that embodiment shown in Fig. 7 provides, since third-party application can be in mesh
In the case that mark user authorizes access authority, target user can be obtained by the Resource Server of access preset social application
Pre-stored default resource manually submits the default resource of target user without other people to third-party application.Therefore,
The case where being transmitted between different personnel to avoid the default resource of target user, and then can protect target user's
The resources such as individual privacy and sensitive information are not leaked.
It should be noted that the method that the device 700 for obtaining user resources can be realized the embodiment of the method for Fig. 1, specifically
The method that can refer to the acquisition user resources of embodiment illustrated in fig. 1, repeats no more.
Fig. 8 is the structural schematic diagram of the device 800 for the feedback user resource that this specification provides.Referring to FIG. 8, in one kind
In Software Implementation, the device 800 of feedback user resource can include: the first request receiving module 801, authorization message send mould
Block 802, the second request receiving module 803 and resource feedback module 804.
First request receiving module 801, for receiving the authorization message application request of third-party application transmission, the authorization
Authorized certificate is carried in information applications request, the authorized certificate is that target user confirms the third-party application with described
The voucher of the access authority of the default resource of target user.
Authorization message sending module 802, for feeding back to the third-party application for obtaining awarding for the default resource
Information is weighed, the authorization message includes the identity of token and the target user.
Second request receiving module 803, the resource acquisition request sent for receiving the third-party application, the resource
The token and the identity are carried in acquisition request.
Resource feedback module 804 feeds back institute to the third-party application for being based on the token and the identity
State default resource.
In a specific embodiment, resource feedback module 804 can be used for based on the token, to the third party
Using the access authority of the preset interface of the opening Resource Server, the default resource is stored under the preset interface;
Based on the identity, to the permission of the default resource under preset interface described in the third-party application open visit;
The default resource is fed back to the third-party application by the preset interface.
The device 800 for a kind of feedback user resource that embodiment shown in Fig. 8 provides, due to presetting the resource of social application
Server can be in the case where third-party application obtains the access authority that target user authorizes, to third-party application feedback target
User is stored in the default resource on the Resource Server of default social application, without other people manually to third-party application
Submit the default resource of target user.It can thus be avoided the feelings that the default resource of target user is transmitted between different personnel
Condition occurs, and then the resources such as individual privacy and sensitive information that can protect target user are not leaked.
It should be noted that the method that the device 800 for obtaining user resources can be realized the embodiment of the method for Fig. 4, specifically
The method that can refer to the acquisition user resources of embodiment illustrated in fig. 4, repeats no more.
In short, being not intended to limit the protection of this specification the foregoing is merely the preferred embodiment of this specification
Range.With within principle, made any modification, changes equivalent replacement all spirit in this specification one or more embodiment
Into etc., it should be included within the protection scope of this specification one or more embodiment.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be used
Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment
The combination of equipment.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.When not limiting more, the element that is limited by sentence "including a ...", it is not excluded that in the mistake including the element
There is also other identical elements in journey, method, commodity or equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
Claims (13)
1. a kind of method for obtaining user resources, which comprises
Authorization requests, visit of the authorization requests for the default resource of target user described in request are sent to target user
Ask that permission, the default resource are stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the access authority;
Based on the authorized certificate, the authorization of the default resource is obtained to the certificate server application of the default social application
Information, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
2. described to send authorization requests to target user according to the method described in claim 1, wherein, comprising:
The authorization requests are sent to the target user by the default social application, the target user is the social activity
The registration user of application.
3. according to the method described in claim 2, sending institute to the target user by the default social application described
Before stating authorization requests, the method also includes:
Public service number is registered in the default social application;
It is wherein, described that the authorization requests are sent to the target user by the default social application, comprising:
The authorization requests are sent to the target user by the public service number.
4. according to the method described in claim 3, it is described by the public service number to the target user send described in
Before authorization requests, the method also includes:
Obtain the account that the target user registers in the default social application;
It is wherein, described that the authorization requests are sent to the target user by the public service number, comprising:
By the public service number, the authorization requests are sent to the account of the target user.
5. method according to claim 1-4, wherein it is described to be based on the token and the identity, it visits
Ask that the Resource Server obtains the default resource, comprising:
Based on the token, the permission for accessing the preset interface of the Resource Server is obtained, is stored under the preset interface
The default resource;
Based on the identity, the permission for accessing the default resource under the preset interface is obtained;
It accesses the preset interface and obtains the default resource.
6. a kind of method of feedback user resource, which comprises
Receive the authorization message application request that third-party application is sent, carried in the authorization message application request authorization with
Card, the authorized certificate are that target user confirms that the third-party application has the access right of the default resource of the target user
The voucher of limit;
Feed back the authorization message for obtaining the default resource to the third-party application, the authorization message include token and
The identity of the target user;
The resource acquisition request that the third-party application is sent is received, carries the token and institute in the resource acquisition request
State identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
7. it is described to be based on the token and the identity according to the method described in claim 6, wherein, to the third
Fang Yingyong feeds back the default resource, comprising:
Based on the token, the access authority of the preset interface of the Resource Server is opened to the third-party application, it is described
The default resource is stored under preset interface;
Based on the identity, to the power of the default resource under preset interface described in the third-party application open visit
Limit;
The default resource is fed back to the third-party application by the preset interface.
8. a kind of device for obtaining user resources, described device include:
Authorization requests sending module, for sending authorization requests to target user, the authorization requests are for described in request
The access authority of the default resource of target user, the default resource are stored in the Resource Server of default social application;
Authorized certificate receiving module authorizes the authorized certificate fed back after the permission for receiving target user's confirmation;
Authorization message application module, for being based on the authorized certificate, the certificate server application to the default social application
The authorization message of the default resource is obtained, the authorization message includes the identity of token and the target user;
It is described pre- to access the Resource Server acquisition for being based on the token and the identity for source obtaining module
If resource.
9. a kind of device of feedback user resource, described device include:
First request receiving module, for receiving the authorization message application request of third-party application transmission, the authorization message Shen
Authorized certificate is carried in please requesting, the authorized certificate is that target user confirms that the third-party application is used with the target
The voucher of the access authority of the default resource at family;
Authorization message sending module, for feeding back the authorization message for obtaining the default resource to the third-party application,
The authorization message includes the identity of token and the target user;
Second request receiving module, the resource acquisition request sent for receiving the third-party application, the resource acquisition are asked
The token and the identity are carried in asking;
Resource feedback module, it is described default to third-party application feedback for being based on the token and the identity
Resource.
10. a kind of electronic equipment, comprising:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the processor when executed
Execute following operation:
Authorization requests, visit of the authorization requests for the default resource of target user described in request are sent to target user
Ask that permission, the default resource are stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the permission;
Based on the authorized certificate, the authorization of the default resource is obtained to the certificate server application of the default social application
Information, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
11. a kind of computer readable storage medium, the computer-readable recording medium storage one or more program, described one
A or multiple programs are when the electronic equipment for being included multiple application programs executes, so that the electronic equipment executes following behaviour
Make:
Authorization requests, visit of the authorization requests for the default resource of target user described in request are sent to target user
Ask that permission, the default resource are stored in the Resource Server of default social application;
It receives target user's confirmation and authorizes the authorized certificate fed back after the permission;
Based on the authorized certificate, the authorization of the default resource is obtained to the certificate server application of the default social application
Information, the authorization message include the identity of token and the target user;
Based on the token and the identity, accesses the Resource Server and obtain the default resource.
12. a kind of electronic equipment, comprising:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the processor when executed
Execute following operation:
Receive the authorization message application request that third-party application is sent, carried in the authorization message application request authorization with
Card, the authorized certificate are that target user confirms that the third-party application has the access right of the default resource of the target user
The voucher of limit;
Feed back the authorization message for obtaining the default resource to the third-party application, the authorization message include token and
The identity of the target user;
The resource acquisition request that the third-party application is sent is received, carries the token and institute in the resource acquisition request
State identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
13. a kind of computer readable storage medium, the computer-readable recording medium storage one or more program, described one
A or multiple programs are when the electronic equipment for being included multiple application programs executes, so that the electronic equipment executes following behaviour
Make:
Receive the authorization message application request that third-party application is sent, carried in the authorization message application request authorization with
Card, the authorized certificate are that target user confirms that the third-party application has the access right of the default resource of the target user
The voucher of limit;
Feed back the authorization message for obtaining the default resource to the third-party application, the authorization message include token and
The identity of the target user;
The resource acquisition request that the third-party application is sent is received, carries the token and institute in the resource acquisition request
State identity;
Based on the token and the identity, the default resource is fed back to the third-party application.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811015333.6A CN109033774B (en) | 2018-08-31 | 2018-08-31 | Method and device for acquiring and feeding back user resources and electronic equipment |
| TW108122339A TWI704470B (en) | 2018-08-31 | 2019-06-26 | Method, device and electronic equipment for acquiring and returning user resources |
| PCT/CN2019/096267 WO2020042791A1 (en) | 2018-08-31 | 2019-07-17 | Method and device for acquiring and feeding back user resource, and electronic apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811015333.6A CN109033774B (en) | 2018-08-31 | 2018-08-31 | Method and device for acquiring and feeding back user resources and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109033774A true CN109033774A (en) | 2018-12-18 |
| CN109033774B CN109033774B (en) | 2020-08-07 |
Family
ID=64623310
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811015333.6A Active CN109033774B (en) | 2018-08-31 | 2018-08-31 | Method and device for acquiring and feeding back user resources and electronic equipment |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN109033774B (en) |
| TW (1) | TWI704470B (en) |
| WO (1) | WO2020042791A1 (en) |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109976914A (en) * | 2019-04-01 | 2019-07-05 | 北京百度网讯科技有限公司 | Method and apparatus for controlling resource access |
| CN110348195A (en) * | 2019-05-24 | 2019-10-18 | 深圳壹账通智能科技有限公司 | Data certificate authority method, apparatus, computer equipment and storage medium |
| WO2020042791A1 (en) * | 2018-08-31 | 2020-03-05 | 阿里巴巴集团控股有限公司 | Method and device for acquiring and feeding back user resource, and electronic apparatus |
| CN111064708A (en) * | 2019-11-25 | 2020-04-24 | 精硕科技(北京)股份有限公司 | Authorization authentication configuration method, authorization authentication device and electronic equipment |
| CN111159693A (en) * | 2019-12-28 | 2020-05-15 | 西安精雕软件科技有限公司 | Electronic equipment permission verification method, device and system and readable medium |
| CN111222973A (en) * | 2020-01-03 | 2020-06-02 | 深圳市思凯科技开发有限公司 | Information processing system and method |
| CN111241555A (en) * | 2019-12-30 | 2020-06-05 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111294515A (en) * | 2020-02-25 | 2020-06-16 | 维沃软件技术有限公司 | Image acquisition method and first electronic device |
| CN111327582A (en) * | 2019-08-22 | 2020-06-23 | 刘高峰 | Authorization method, device and system based on OAuth protocol |
| CN111639319A (en) * | 2020-06-02 | 2020-09-08 | 北京字节跳动网络技术有限公司 | User resource authorization method, device and computer readable storage medium |
| CN111753291A (en) * | 2020-06-18 | 2020-10-09 | 支付宝(杭州)信息技术有限公司 | Application container creating method, device and equipment |
| CN111814186A (en) * | 2020-07-13 | 2020-10-23 | 四川虹魔方网络科技有限公司 | Menu authority access control method of intelligent equipment operation platform |
| CN111861611A (en) * | 2019-05-19 | 2020-10-30 | 北京骑胜科技有限公司 | Resource processing method and device based on block chain, electronic equipment and storage medium |
| CN112016065A (en) * | 2019-05-31 | 2020-12-01 | 杭州海康威视数字技术股份有限公司 | Dual-user authentication method and device |
| CN112084527A (en) * | 2020-08-18 | 2020-12-15 | 中国银联股份有限公司 | Data storage and acquisition method, device, equipment and medium |
| CN112085419A (en) * | 2020-09-25 | 2020-12-15 | 中国建设银行股份有限公司 | Resource acquisition method, device and equipment |
| WO2021003751A1 (en) * | 2019-07-11 | 2021-01-14 | 深圳市鹰硕技术有限公司 | Single-account multi-identity login method and apparatus, server, and storage medium |
| CN112241544A (en) * | 2020-10-27 | 2021-01-19 | 北京百家科技集团有限公司 | Business system, access method, device, computer equipment and storage medium |
| CN112989380A (en) * | 2021-03-18 | 2021-06-18 | 深圳前海微众银行股份有限公司 | Resource exchange processing method, device, equipment and storage medium |
| CN113312653A (en) * | 2021-06-25 | 2021-08-27 | 中国农业银行股份有限公司 | Open platform authentication and authorization method, device and storage medium |
| CN113328971A (en) * | 2020-02-28 | 2021-08-31 | 中国移动通信集团福建有限公司 | Access resource authentication method and device and electronic equipment |
| CN113382024A (en) * | 2021-08-12 | 2021-09-10 | 阿里云计算有限公司 | Rotation method of credential, computing device and storage medium |
| CN113743882A (en) * | 2021-08-02 | 2021-12-03 | 深圳兆日科技股份有限公司 | Resource management method, device, equipment and storage medium |
| CN114546316A (en) * | 2022-02-18 | 2022-05-27 | 阿里巴巴(中国)有限公司 | Information processing method, device, equipment and storage medium based on interactive whiteboard |
| CN114666126A (en) * | 2022-03-21 | 2022-06-24 | 阿里云计算有限公司 | Resource management method, device, server and system |
| CN114978551A (en) * | 2022-06-14 | 2022-08-30 | 中国电信股份有限公司 | Access token issuing method, access token acquiring method, device, system, equipment and medium |
| CN115118697A (en) * | 2022-06-27 | 2022-09-27 | 北京爱奇艺科技有限公司 | Resource access authority activation method and device |
| CN114978673B (en) * | 2022-05-19 | 2023-07-04 | 中国联合网络通信集团有限公司 | User authority authentication method and device, electronic equipment and storage medium |
| CN116702100A (en) * | 2022-10-21 | 2023-09-05 | 荣耀终端有限公司 | Authority management method and electronic equipment |
| WO2024156197A1 (en) * | 2023-01-29 | 2024-08-02 | 中国银联股份有限公司 | Privacy computing system, method and apparatus, device, and medium |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102638473A (en) * | 2012-05-04 | 2012-08-15 | 盛趣信息技术(上海)有限公司 | User data authorization method, device and system |
| CN102938757A (en) * | 2011-08-15 | 2013-02-20 | 中兴通讯股份有限公司 | Method for sharing user data in network and identity provider |
| CN103220261A (en) * | 2012-01-21 | 2013-07-24 | 华为技术有限公司 | Proxy method, device and system of open authentication application program interface |
| CN103327100A (en) * | 2013-06-21 | 2013-09-25 | 华为技术有限公司 | Resource processing method and site server |
| EP2765529A1 (en) * | 2013-02-12 | 2014-08-13 | Canon Europa N.V. | A method of authenticating a user of a peripheral apparatus, a peripheral apparatus, and a system for authenticating a user of a peripheral apparatus |
| CN104144158A (en) * | 2013-05-08 | 2014-11-12 | 国际商业机器公司 | Policy-based automated consent method and device |
| CN104869102A (en) * | 2014-02-24 | 2015-08-26 | 腾讯科技(北京)有限公司 | Authorization method, device and system based on xAuth protocols |
| EP2925037A1 (en) * | 2014-03-28 | 2015-09-30 | Nxp B.V. | NFC-based authorization of access to data from a third party device |
| CN105207974A (en) * | 2014-06-18 | 2015-12-30 | 中国电信股份有限公司 | Method for realizing user resource differentiated openness, platform, application and system |
| CN105681259A (en) * | 2014-11-20 | 2016-06-15 | 中兴通讯股份有限公司 | Open authorization method and apparatus and open platform |
| CN106230838A (en) * | 2016-08-04 | 2016-12-14 | 中国银联股份有限公司 | A kind of third-party application accesses the method and apparatus of resource |
| CN106295394A (en) * | 2016-07-22 | 2017-01-04 | 飞天诚信科技股份有限公司 | Resource authorization method and system and authorization server and method of work |
| CN108011862A (en) * | 2016-10-31 | 2018-05-08 | 中兴通讯股份有限公司 | The mandate of mirror image warehouse, access, management method and server and client side |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9532222B2 (en) * | 2010-03-03 | 2016-12-27 | Duo Security, Inc. | System and method of notifying mobile devices to complete transactions after additional agent verification |
| CN102546534A (en) * | 2010-12-15 | 2012-07-04 | 上海杉达学院 | Auto-distributive system for access permissions |
| CN103220344B (en) * | 2013-03-29 | 2016-08-31 | 新浪技术(中国)有限公司 | Microblogging licenses method and system |
| CN104869175B (en) * | 2015-06-16 | 2018-07-27 | 腾讯科技(北京)有限公司 | Cross-platform account resource-sharing implementation method, apparatus and system |
| CN106330813A (en) * | 2015-06-16 | 2017-01-11 | 华为技术有限公司 | Method, device and system for processing authorization |
| CN106341234B (en) * | 2015-07-17 | 2020-09-11 | 华为技术有限公司 | Authorization method and device |
| TWI620087B (en) * | 2017-02-15 | 2018-04-01 | 財團法人資訊工業策進會 | Authorization server, authorization method and computer program product thereof |
| CN109033774B (en) * | 2018-08-31 | 2020-08-07 | 阿里巴巴集团控股有限公司 | Method and device for acquiring and feeding back user resources and electronic equipment |
-
2018
- 2018-08-31 CN CN201811015333.6A patent/CN109033774B/en active Active
-
2019
- 2019-06-26 TW TW108122339A patent/TWI704470B/en active
- 2019-07-17 WO PCT/CN2019/096267 patent/WO2020042791A1/en active Application Filing
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938757A (en) * | 2011-08-15 | 2013-02-20 | 中兴通讯股份有限公司 | Method for sharing user data in network and identity provider |
| CN103220261A (en) * | 2012-01-21 | 2013-07-24 | 华为技术有限公司 | Proxy method, device and system of open authentication application program interface |
| CN102638473A (en) * | 2012-05-04 | 2012-08-15 | 盛趣信息技术(上海)有限公司 | User data authorization method, device and system |
| EP2765529A1 (en) * | 2013-02-12 | 2014-08-13 | Canon Europa N.V. | A method of authenticating a user of a peripheral apparatus, a peripheral apparatus, and a system for authenticating a user of a peripheral apparatus |
| CN104144158A (en) * | 2013-05-08 | 2014-11-12 | 国际商业机器公司 | Policy-based automated consent method and device |
| CN103327100A (en) * | 2013-06-21 | 2013-09-25 | 华为技术有限公司 | Resource processing method and site server |
| CN104869102A (en) * | 2014-02-24 | 2015-08-26 | 腾讯科技(北京)有限公司 | Authorization method, device and system based on xAuth protocols |
| EP2925037A1 (en) * | 2014-03-28 | 2015-09-30 | Nxp B.V. | NFC-based authorization of access to data from a third party device |
| CN105207974A (en) * | 2014-06-18 | 2015-12-30 | 中国电信股份有限公司 | Method for realizing user resource differentiated openness, platform, application and system |
| CN105681259A (en) * | 2014-11-20 | 2016-06-15 | 中兴通讯股份有限公司 | Open authorization method and apparatus and open platform |
| CN106295394A (en) * | 2016-07-22 | 2017-01-04 | 飞天诚信科技股份有限公司 | Resource authorization method and system and authorization server and method of work |
| CN106230838A (en) * | 2016-08-04 | 2016-12-14 | 中国银联股份有限公司 | A kind of third-party application accesses the method and apparatus of resource |
| CN108011862A (en) * | 2016-10-31 | 2018-05-08 | 中兴通讯股份有限公司 | The mandate of mirror image warehouse, access, management method and server and client side |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020042791A1 (en) * | 2018-08-31 | 2020-03-05 | 阿里巴巴集团控股有限公司 | Method and device for acquiring and feeding back user resource, and electronic apparatus |
| CN109976914A (en) * | 2019-04-01 | 2019-07-05 | 北京百度网讯科技有限公司 | Method and apparatus for controlling resource access |
| CN111861611B (en) * | 2019-05-19 | 2024-05-28 | 北京骑胜科技有限公司 | Resource processing method and device based on block chain, electronic equipment and storage medium |
| CN111861611A (en) * | 2019-05-19 | 2020-10-30 | 北京骑胜科技有限公司 | Resource processing method and device based on block chain, electronic equipment and storage medium |
| CN110348195A (en) * | 2019-05-24 | 2019-10-18 | 深圳壹账通智能科技有限公司 | Data certificate authority method, apparatus, computer equipment and storage medium |
| CN112016065A (en) * | 2019-05-31 | 2020-12-01 | 杭州海康威视数字技术股份有限公司 | Dual-user authentication method and device |
| CN112016065B (en) * | 2019-05-31 | 2023-10-10 | 杭州海康威视数字技术股份有限公司 | Dual-user authentication method and device |
| WO2021003751A1 (en) * | 2019-07-11 | 2021-01-14 | 深圳市鹰硕技术有限公司 | Single-account multi-identity login method and apparatus, server, and storage medium |
| CN111327582A (en) * | 2019-08-22 | 2020-06-23 | 刘高峰 | Authorization method, device and system based on OAuth protocol |
| CN111064708A (en) * | 2019-11-25 | 2020-04-24 | 精硕科技(北京)股份有限公司 | Authorization authentication configuration method, authorization authentication device and electronic equipment |
| CN111064708B (en) * | 2019-11-25 | 2022-05-17 | 北京秒针人工智能科技有限公司 | Authorization authentication method and device and electronic equipment |
| CN111159693A (en) * | 2019-12-28 | 2020-05-15 | 西安精雕软件科技有限公司 | Electronic equipment permission verification method, device and system and readable medium |
| CN111241555B (en) * | 2019-12-30 | 2022-07-12 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111241555A (en) * | 2019-12-30 | 2020-06-05 | 北京顺达同行科技有限公司 | Access method and device for simulating user login, computer equipment and storage medium |
| CN111222973A (en) * | 2020-01-03 | 2020-06-02 | 深圳市思凯科技开发有限公司 | Information processing system and method |
| CN111222973B (en) * | 2020-01-03 | 2023-02-10 | 深圳市思凯科技开发有限公司 | Information processing system and method |
| CN111294515B (en) * | 2020-02-25 | 2021-07-16 | 维沃软件技术有限公司 | Image acquisition method and first electronic device |
| CN111294515A (en) * | 2020-02-25 | 2020-06-16 | 维沃软件技术有限公司 | Image acquisition method and first electronic device |
| CN113328971A (en) * | 2020-02-28 | 2021-08-31 | 中国移动通信集团福建有限公司 | Access resource authentication method and device and electronic equipment |
| CN111639319A (en) * | 2020-06-02 | 2020-09-08 | 北京字节跳动网络技术有限公司 | User resource authorization method, device and computer readable storage medium |
| CN111639319B (en) * | 2020-06-02 | 2023-04-25 | 抖音视界有限公司 | User resource authorization method, device and computer readable storage medium |
| CN111753291A (en) * | 2020-06-18 | 2020-10-09 | 支付宝(杭州)信息技术有限公司 | Application container creating method, device and equipment |
| CN111753291B (en) * | 2020-06-18 | 2023-03-10 | 支付宝(杭州)信息技术有限公司 | Application container creating method, device and equipment |
| CN111814186A (en) * | 2020-07-13 | 2020-10-23 | 四川虹魔方网络科技有限公司 | Menu authority access control method of intelligent equipment operation platform |
| CN112084527A (en) * | 2020-08-18 | 2020-12-15 | 中国银联股份有限公司 | Data storage and acquisition method, device, equipment and medium |
| CN112085419A (en) * | 2020-09-25 | 2020-12-15 | 中国建设银行股份有限公司 | Resource acquisition method, device and equipment |
| CN112241544B (en) * | 2020-10-27 | 2023-10-31 | 北京百家科技集团有限公司 | Service system, access method, access device, computer equipment and storage medium |
| CN112241544A (en) * | 2020-10-27 | 2021-01-19 | 北京百家科技集团有限公司 | Business system, access method, device, computer equipment and storage medium |
| CN112989380A (en) * | 2021-03-18 | 2021-06-18 | 深圳前海微众银行股份有限公司 | Resource exchange processing method, device, equipment and storage medium |
| CN113312653A (en) * | 2021-06-25 | 2021-08-27 | 中国农业银行股份有限公司 | Open platform authentication and authorization method, device and storage medium |
| CN113743882A (en) * | 2021-08-02 | 2021-12-03 | 深圳兆日科技股份有限公司 | Resource management method, device, equipment and storage medium |
| CN113382024A (en) * | 2021-08-12 | 2021-09-10 | 阿里云计算有限公司 | Rotation method of credential, computing device and storage medium |
| CN113382024B (en) * | 2021-08-12 | 2021-12-21 | 阿里云计算有限公司 | Rotation method of credential, computing device and storage medium |
| CN114546316A (en) * | 2022-02-18 | 2022-05-27 | 阿里巴巴(中国)有限公司 | Information processing method, device, equipment and storage medium based on interactive whiteboard |
| CN114666126A (en) * | 2022-03-21 | 2022-06-24 | 阿里云计算有限公司 | Resource management method, device, server and system |
| CN114666126B (en) * | 2022-03-21 | 2024-06-07 | 阿里云计算有限公司 | Resource management method, device, server and system |
| CN114978673B (en) * | 2022-05-19 | 2023-07-04 | 中国联合网络通信集团有限公司 | User authority authentication method and device, electronic equipment and storage medium |
| CN114978551A (en) * | 2022-06-14 | 2022-08-30 | 中国电信股份有限公司 | Access token issuing method, access token acquiring method, device, system, equipment and medium |
| CN114978551B (en) * | 2022-06-14 | 2024-02-06 | 中国电信股份有限公司 | Access token issuing method, access token obtaining method, access token issuing device, access token obtaining system, access token issuing equipment and access token issuing medium |
| CN115118697B (en) * | 2022-06-27 | 2024-04-26 | 北京爱奇艺科技有限公司 | Method and device for activating resource access rights |
| CN115118697A (en) * | 2022-06-27 | 2022-09-27 | 北京爱奇艺科技有限公司 | Resource access authority activation method and device |
| CN116702100B (en) * | 2022-10-21 | 2024-04-16 | 荣耀终端有限公司 | Authority management method and electronic equipment |
| CN116702100A (en) * | 2022-10-21 | 2023-09-05 | 荣耀终端有限公司 | Authority management method and electronic equipment |
| WO2024156197A1 (en) * | 2023-01-29 | 2024-08-02 | 中国银联股份有限公司 | Privacy computing system, method and apparatus, device, and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020042791A1 (en) | 2020-03-05 |
| CN109033774B (en) | 2020-08-07 |
| TW202011244A (en) | 2020-03-16 |
| TWI704470B (en) | 2020-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109033774A (en) | Acquisition, the method, apparatus of feedback user resource and electronic equipment | |
| US10367796B2 (en) | Methods and apparatus for recording a change of authorization state of one or more authorization agents | |
| CN110086768B (en) | Service processing method and device | |
| CN111191268B (en) | Storage method, device and equipment capable of verifying statement | |
| US10540515B2 (en) | Consumer and brand owner data management tools and consumer privacy tools | |
| CN100566248C (en) | Digital signature guarantees system, method and apparatus | |
| US9825917B2 (en) | System and method of dynamic issuance of privacy preserving credentials | |
| CN111401902A (en) | Service processing method, device and equipment based on block chain | |
| CN112333198A (en) | Secure cross-domain login method, system and server | |
| JP5720831B2 (en) | Personal information management apparatus, service providing apparatus, program, personal information management method, verification method, and personal information verification system for preventing falsification of personal information and denial of distribution of personal information | |
| US20220321357A1 (en) | User credential control system and user credential control method | |
| KR20070120125A (en) | Network commercial transactions | |
| JP2005531822A (en) | Enhanced privacy protection for identity verification over data communications networks | |
| JP2006502456A (en) | Privacy and identity verification information in data communication networks | |
| JP5403481B2 (en) | Personal information management device for preventing falsification of personal information and denial of distribution of personal information | |
| US8312262B2 (en) | Management of signing privileges for a cryptographic signing service | |
| CN109992976A (en) | Access credentials verification method, device, computer equipment and storage medium | |
| CN106549919B (en) | Information registration and authentication method and device | |
| WO2019007336A2 (en) | Data processing method, apparatus and device | |
| JP2009175910A (en) | Right transfer system, right transfer method and right transfer program | |
| WO2019175427A1 (en) | Method, device and medium for protecting work based on blockchain | |
| CN114519206A (en) | Method for anonymously signing electronic contract and signature system | |
| JP5084468B2 (en) | Authority delegation system, authority delegation method, and authority delegation program | |
| Hölzl et al. | Real-world identification: towards a privacy-aware mobile eID for physical and offline verification | |
| JP2010152492A (en) | Device, system, and method for providing personal information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200923 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman, British Islands Patentee after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman, British Islands Patentee before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200923 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman, British Islands Patentee after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before: Alibaba Group Holding Ltd. |