CN110445791B - Plug-in authentication method and device, and plug-in authentication information storage method and device - Google Patents
Plug-in authentication method and device, and plug-in authentication information storage method and device Download PDFInfo
- Publication number
- CN110445791B CN110445791B CN201910740670.XA CN201910740670A CN110445791B CN 110445791 B CN110445791 B CN 110445791B CN 201910740670 A CN201910740670 A CN 201910740670A CN 110445791 B CN110445791 B CN 110445791B
- Authority
- CN
- China
- Prior art keywords
- host
- information
- user
- plug
- identification information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The application provides a plug-in authentication method and device and a plug-in authentication information storage method and device, wherein the plug-in authentication method comprises the following steps: receiving identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in sent by the plug-in when the plug-in is started; sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a substance digital identification number CAS module; and when the received first verification result returned by the CAS module is successful, generating authentication success information when the plug-in is enabled by the identification information, the user identity identification information, the host characteristic information and/or the first verification result of the user and the host, and sending the authentication success information to the plug-in. The plug-in authentication method provided by the application can automatically authenticate the plug-in, and a user does not need to repeatedly input an account password, so that resource waste is avoided.
Description
Technical Field
The application relates to the technical field of data security, in particular to a plug-in authentication method and device and a plug-in authentication information storage method and device.
Background
In the Android development field, a large number of APPs adopt a 'comprehensive plug-in' scheme proposed by a RePlugin Team, and specifically, one Application (APP) consists of 1 host and n plug-ins. The host has the main functions of managing the installation, the uninstallation and the update of the plug-in; and the function of the plug-in is to realize a certain independent function module of App. When the App needs to add and update functions, a new plug-in or an updated plug-in is directly issued to the online.
Generally, the premise that the plug-in calls the interface to obtain updated plug-in data is that authentication of a host APP needs to be obtained through a server side, so that the plug-in as an independent functional module also needs to pass authentication in a manner similar to account login of the host APP.
However, each plug-in needs to be authenticated by inputting an account password by a user so as to achieve the purpose of adding and updating functions of the App, so that the updating process is complicated, and resources are repeatedly wasted.
Disclosure of Invention
In view of this, an object of the embodiments of the present application is to provide a method and an apparatus for authenticating a plug-in, and a method and an apparatus for storing plug-in authentication information, which can automatically authenticate a plug-in, and avoid wasting resources because a user does not need to repeatedly input an account password.
In a first aspect, an embodiment of the present application provides a plug-in authentication method, where the method includes:
receiving identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in sent by the plug-in when the plug-in is started;
sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a CAS (content based service) module to enable the CAS module to verify whether the identification information of the user and the host, the user identity identification information, the host characteristic information and the standard user and host identification information, the standard user identity identification information and the standard host characteristic information which are stored in the CAS module in advance are consistent or not;
and when the received first verification result returned by the CAS module is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, and sending the authentication success information to the plug-in.
With reference to the first aspect, an embodiment of the present application provides a first possible implementation manner of the first aspect, where after the received verification result returned by the CAS module is that verification is successful, before the authentication success information when the plug-in is enabled by generating the identification information of the user and the host, the user identity identification information, the host feature information, and/or the first verification result, the method further includes:
sending the host characteristic information to an application program manager so that the application program manager verifies whether the host characteristic information is consistent with standard host characteristic information stored in the application program manager in advance;
receiving a second verification result which is sent by the application program manager and is obtained by verifying the host characteristic information;
the generating authentication success information by using the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result includes:
and when the received second verification result sent by the application program manager is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result.
With reference to the first aspect, an embodiment of the present application provides a second possible implementation manner of the first aspect, where after sending the authentication success information to the plug-in, the method further includes:
receiving service request data sent by the plug-in;
and feeding back the service request data and returning the feedback data to the plug-in.
In a second aspect, an embodiment of the present application further provides a method for storing plug-in authentication information, where the method includes:
generating a host domain name request and sending the host domain name request to a host; so that the host sends host domain name information and user attribute information to the CAS module;
receiving identification information of the user and the host and the user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
With reference to the second aspect, an embodiment of the present application provides a first possible implementation manner of the second aspect, where before the generating, by the plugin, the host domain name request further includes:
receiving user information and password information sent by a host;
sending the user information and the password information to the CAS module;
and receiving user attribute information obtained by the CAS module after encoding the user information and the password information, and sending the user attribute information to the host.
In a third aspect, an embodiment of the present application further provides a plug-in authentication apparatus, where the apparatus includes:
the first receiving module is used for receiving identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in, which are sent by the plug-in when the plug-in is started;
the first sending module is used for sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a substance digital identification number CAS module so that the CAS module verifies whether the identification information of the user and the host, the user identity identification information, the host characteristic information and the standard user and host identification information, the standard user identity identification information and the standard host characteristic information which are stored in advance by the CAS module are consistent or not;
and the second sending module is used for generating authentication success information when the plug-in is started by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result when the received first verification result returned by the CAS module is successful, and sending the authentication success information to the plug-in.
With reference to the third aspect, an embodiment of the present application provides a first possible implementation manner of the third aspect, where the method further includes:
a third sending module, configured to send the host characteristic information to an application manager, so that the application manager verifies whether the host characteristic information is consistent with standard host characteristic information pre-stored in the application manager;
the second receiving module is used for receiving a second verification result which is sent by the application program manager and is obtained by verifying the host characteristic information;
when the second sending module generates authentication success information from the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, the second sending module includes:
and when the received second verification result sent by the application program manager is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result.
In a fourth aspect, an embodiment of the present application further provides a storage apparatus for plug-in authentication information, where the storage apparatus includes:
the generation module is used for generating a host domain name request and sending the host domain name request to a host; so that the host sends host domain name information and user attribute information to the CAS module;
a fourth sending module, configured to receive the identification information of the user and the host and the user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
In a fifth aspect, an embodiment of the present application further provides an electronic device, where the electronic device includes: a processor, a memory and a bus, wherein the memory stores machine-readable instructions executable by the processor, the processor and the memory communicate with each other through the bus when an electronic device runs, and the machine-readable instructions are executed by the processor to perform the steps of the plug-in authentication method according to any one of the first aspect, the first possible implementation manner of the first aspect, the second possible implementation manner of the first aspect, and the steps of the storage method of the plug-in authentication information according to any one of the second aspect, and the first possible implementation manner of the second aspect.
In a sixth aspect, this application provides a computer-readable storage medium, where the computer-readable storage medium stores thereon a computer program, and the computer program is executed by a processor to perform the steps of the plug-in authentication method according to any one of the first aspect, the first possible implementation manner of the first aspect, and the second possible implementation manner of the first aspect, and the steps of the storage method of the plug-in authentication information according to any one of the second aspect, and the first possible implementation manner of the second aspect.
The plug-in authentication method and device and the plug-in authentication information storage method and device provided by the embodiment of the application are provided, wherein the plug-in authentication method comprises the steps that when a service server receives a plug-in, identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in are sent by the plug-in; sending the identification information of the user and the host, the identification information of the user identity and the host characteristic information to a CAS module to ensure that the CAS module verifies whether the identification information of the user and the host, the identification information of the user identity, the host characteristic information and the standard identification information of the user and the host, and the standard host characteristic information which are pre-stored by the CAS module are consistent or not; and when the received first verification result returned by the CAS module is successful, generating authentication success information when the plug-in is enabled by the identification information, the user identity identification information, the host characteristic information and/or the first verification result of the user and the host, and sending the authentication success information to the plug-in. In the plug-in authentication method provided by the application, the service server sends the identification information of the user and the host, the identification information of the user identity and the host characteristic information corresponding to the plug-in to the CAS module, so that the CAS module verifies whether the identification information of the user and the host, the identification information of the user identity, the host characteristic information are consistent with the standard identification information of the user and the host, the standard identification information of the user and the host and the standard host characteristic information which are stored in the CAS module in advance, the process of automatically authenticating the plug-in is realized, and the updating process of the plug-in is simplified; and the user does not need to repeatedly input and input the account password, thereby avoiding the resource waste of a service server, a plug-in, a host and the like.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a flowchart illustrating a method for authenticating a plug-in provided by an embodiment of the present application;
FIG. 2 is a flow chart illustrating another plug-in authentication method provided by an embodiment of the present application;
fig. 3 is a flowchart illustrating a storage method of plug-in authentication information according to an embodiment of the present application;
fig. 4 is a flowchart illustrating another storage method of plug-in authentication information according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram illustrating a plug-in authentication device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram illustrating a storage apparatus for plug-in authentication information according to an embodiment of the present application;
fig. 7 shows a schematic structural diagram of an electronic device provided in an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application.
At present, the premise that a plug-in calling interface acquires updated plug-in data is that authentication of a host APP needs to be acquired through a server side, so that the plug-in as an independent functional module also passes authentication in a mode of requiring an account number similar to the host APP to log in. However, each plug-in needs to be authenticated by inputting an account password by a user so as to achieve the purpose of adding and updating functions of the App, so that the updating process is complicated, and resources are repeatedly wasted. In order to solve the above problems, the method and the device for authenticating the plug-in and the method and the device for storing the plug-in authentication information provided by the embodiment of the application can automatically authenticate the plug-in, and a user does not need to repeatedly input an account password, so that resource waste is avoided.
For the convenience of understanding the embodiments of the present application, a plug-in authentication method disclosed in the embodiments of the present application will be described in detail first.
As shown in fig. 1, a flowchart of a plug-in authentication method when a service server is used as an execution subject in the embodiment of the present application is shown, which includes the following specific steps:
s101, receiving identification information of the user and the host, user identity identification information and host characteristic information corresponding to the plug-in sent by the plug-in when the plug-in is started.
In a specific implementation, when the plug-in is started (including actions of using, updating and the like), the plug-in sends the identification information of the user and the host, the identification information of the user identity and the host characteristic information corresponding to the plug-in to the service server.
The identification information of the user and the host includes user information (e.g., account information, nickname information, ID number information, etc. of the user), password information, host domain name information (i.e., Application domain name), and the like.
S102, sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a CAS module to enable the CAS module to verify whether the identification information of the user and the host, the user identity identification information, the host characteristic information and the standard user and host identification information, the standard user identity identification information and the standard host characteristic information which are stored in the CAS module in advance are consistent or not.
In a specific implementation, after receiving the identification information of the user and the host, the user identification information, and the host characteristic information corresponding to the plug-in, the Service server sends the identification information of the user and the host, the user identification information, and the host characteristic information to a Chemical Abstracts Service (CAS) module.
The CAS module stores the identification information of standard users and hosts, the identification information of standard users and the characteristic information of standard hosts in advance, after the CAS module receives the identification information of the user and the host, the identification information of the user and the feature information of the host, respectively matching the identification information of the user and the host with the identification information of the standard user and the host, the identification information of the user and the standard user, the identification information of the host and the characteristic information of the standard user, judging whether the identification information of the user and the host is consistent with the identification information of the standard user and the host, whether the identification information of the user and the standard user is consistent with the identification information of the standard user, and whether the characteristic information of the host is consistent with the characteristic information of the standard host, and further, the identification information of the user and the host, the user identity identification information and the host characteristic information are verified, and a verification result is obtained.
When the identification information of the user and the host is consistent with the identification information of the standard user and the host, the user identity identification information is consistent with the standard user identity identification information, and the host characteristic information is consistent with the standard host characteristic information, the verification result is successful; and if the identification information of the user and the host is inconsistent with the identification information of the standard user and the host, and/or the user identity identification information is inconsistent with the standard user identity identification information, and/or the host characteristic information is inconsistent with the standard host characteristic information, the verification result is verification failure.
S103, when the received first verification result returned by the CAS module is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, and sending the authentication success information to the plug-in.
In a specific implementation, a first verification result is obtained after the CAS module completes verification, and if the first verification result is successful verification, that is, the identification information of the user and the host is consistent with the identification information of the standard user and the host, the user identity identification information and the standard user identity identification information, and the host characteristic information and the standard host characteristic information, the first verification result is sent to the service server.
And the service server generates authentication success information when the plug-in is enabled according to the received identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, and sends the authentication success information to the plug-in so as to enable the plug-in to be started.
The service server may generate the authentication success information when the plug-in is enabled only from the received identification information of the user and the host, the user identity identification information, and the host feature information, may also generate the authentication success information when the plug-in is enabled only from the first verification result, and may also generate the authentication success information when the plug-in is enabled from the received identification information of the user and the host, the user identity identification information, the host feature information, and the first verification result, which is not specifically limited in this embodiment of the application.
In another embodiment, the application manager may also store standard host feature information in advance, and after the received verification result returned by the CAS module is verification success, before the identification information of the user and the host, the user identity identification information, the host feature information, and/or the authentication success information when the first verification result generation plug-in is enabled, the service server may further send the host feature information to the application manager, so that the application manager verifies whether the host feature information is consistent with the standard host feature information stored in the application manager in advance, and similarly, if the host feature information is consistent with the standard host feature information, the second verification result is verification success; and if the host characteristic information is inconsistent with the standard host characteristic information, the second verification result is verification failure.
And after the application program manager obtains the second verification result, the application program manager sends the second verification result to the service server.
When the service server determines that the received second verification result sent by the application manager is successful in verification, the service server generates authentication success information when the plug-in is enabled from the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result, that is, only the received identification information of the user and the host, the user identity identification information and the host characteristic information are generated into the authentication success information when the plug-in is enabled, or only the first verification result and the second verification result are generated into the authentication success information when the plug-in is enabled, or the received identification information of the user and the host, the user identity identification information, the host characteristic information and the first verification result and the second verification result are generated into the authentication success information when the plug-in is enabled, and the like.
In addition, when the first verification result is obtained after the verification of the CAS module is completed and the verification fails, whether the current user has the access right of the plug-in can be judged according to the identification information of the user and the host, the user identity identification information and the host characteristic information, if the current user has the access right of the plug-in, a retry process can be provided, for example, a retry button is provided to guide the user to re-authenticate, and the like, so that the problem of the verification failure caused by the abnormality of the server or the network is avoided; if the current user does not have the access right of the plug-in, the service server can generate prompt information to prompt the user that the access right is not available.
It should be noted that, the pre-stored identification information of the standard user and the host, the identification information of the standard user, and the characteristic information of the standard host in the CAS module may set a certain validity period, and if it is determined that the current time point is outside the validity period corresponding to the pre-stored identification information of the standard user and the host, the identification information of the standard user, and the characteristic information of the standard host in the CAS module, the service server generates a corresponding error code for the invalidation of the pre-stored identification information of the standard user and the host, the identification information of the standard user, and the characteristic information of the standard host in the CAS module, and sends the error code to the plug-in, and controls to display an interface corresponding to the invalidation of the verification and provide a retry button to guide the user to re-authenticate.
In the plug-in authentication method provided by the application, the service server sends the identification information of the user and the host, the identification information of the user identity and the host characteristic information corresponding to the plug-in to the CAS module, so that the CAS module verifies whether the identification information of the user and the host, the identification information of the user identity, the host characteristic information are consistent with the standard identification information of the user and the host, the standard identification information of the user and the host and the standard host characteristic information which are stored in the CAS module in advance, the process of automatically authenticating the plug-in is realized, and the updating process of the plug-in is simplified; and the user does not need to repeatedly input and input the account password, thereby avoiding the resource waste of a service server, a plug-in, a host and the like.
After the successful authentication information is sent to the plug-in, that is, after the plug-in is successfully started, the service server will respond to the service data request of the plug-in, as shown in fig. 2, which is a flowchart of a method for the service server to respond to the service data request of the plug-in, wherein the specific steps are as follows:
s201, receiving service request data sent by a plug-in;
s202, feeding back the service request data and returning the feedback data to the plug-in.
In a specific implementation, after the service server sends the authentication success information to the plug-in, that is, after the plug-in is successfully started, the service server may receive the service request data sent by the plug-in, and perform feedback according to the service request data of the plug-in to obtain feedback data, and then return the feedback data to the plug-in.
As shown in fig. 3, a flowchart of a method for storing plug-in authentication information when a plug-in is taken as an execution subject in the embodiment of the present application is shown, which includes the following specific steps:
s301, generating a host domain name request and sending the host domain name request to a host; so that the host sends the host domain name information and the user attribute information to the CAS module;
s302, receiving identification information of the user and the host and user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
In specific implementation, the plug-in generates a host domain name request and sends the host domain name request to the host; after receiving the host domain name request, the host sends the host domain name information and the user attribute information to the CAS module; the CAS module encodes the received host domain name information and the user attribute information to obtain the identification information of the user and the host.
The CAS module returns the identification information of the user and the host to the host, and the host sends the identification information of the user and the host and the identification information of the user identity to the plug-in after receiving the identification information of the user and the host.
And the plug-in stores the received identification information of the user and the host and the user identity identification information so as to carry out authentication by utilizing the identification information of the user and the host and the user identity identification information when the plug-in is started subsequently.
Before the plug-in generates the host domain name request, it needs to register according to the method shown in fig. 4, wherein the specific steps are as follows:
s401, receiving user information and password information sent by a host;
s402, sending the user information and the password information to a CAS module;
s403, receiving user attribute information obtained by encoding the user information and the password information by the CAS module, and sending the user attribute information to the host.
In specific implementation, the host sends the user information and the password information received by the electronic device to the plug-in, the plug-in forwards the user information and the password information to the CAS module, the CAS module encodes the user information and the password information to obtain user attribute information, and the user attribute information is sent to the plug-in.
The plug-in forwards the user attribute information to the host to complete the registration.
Based on the same inventive concept, the embodiment of the present application further provides a plug-in authentication device corresponding to the plug-in authentication method, and since the principle of solving the problem of the device in the embodiment of the present application is similar to the plug-in authentication method in the embodiment of the present application, the implementation of the device may refer to the implementation of the method, and repeated details are not described again.
Referring to fig. 5, a plug-in authentication apparatus according to another embodiment of the present application includes:
a first receiving module 501, configured to receive, by a service server, identification information of a user and a host, user identity identification information, and host feature information corresponding to a plug-in, where the user and the host are sent by the plug-in when the plug-in is enabled;
a first sending module 502, configured to send the identification information of the user and the host, the user identity identification information, and the host feature information to a CAS module, so that the CAS module verifies whether the identification information of the user and the host, the user identity identification information, the host feature information, and the standard user and host identification information, standard user identity identification information, and standard host feature information, which are stored in advance by the CAS module, are consistent;
a second sending module 503, configured to, when the received first verification result returned by the CAS module is verification success, generate authentication success information when the plug-in is enabled from the identification information of the user and the host, the user identity identification information, the host feature information, and/or the first verification result, and send the authentication success information to the plug-in.
In one embodiment, the plug-in authentication apparatus further includes:
a third sending module 504, configured to send the host feature information to an application manager, so that the application manager verifies whether the host feature information is consistent with standard host feature information pre-stored in the application manager;
a second receiving module 505, configured to receive a second verification result obtained by verifying the host feature information, where the second verification result is sent by the application manager;
when the second sending module 503 generates the authentication success information from the identification information of the user and the host, the user identity identification information, the host characteristic information, and/or the first verification result, the method includes:
and when the received second verification result sent by the application program manager is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result.
In another embodiment, the plug-in authentication apparatus further includes:
a response module 506, configured to receive service request data sent by the plug-in;
and feeding back the service request data and returning the feedback data to the plug-in.
Based on the same inventive concept, the embodiment of the present application further provides a storage device for the plug-in authentication information corresponding to the storage method for the plug-in authentication information, and as the principle of solving the problem of the device in the embodiment of the present application is similar to the plug-in authentication method described above in the embodiment of the present application, the implementation of the device may refer to the implementation of the method, and repeated details are omitted.
Referring to fig. 6, a storage apparatus for plug-in authentication information according to another embodiment of the present application includes:
the generation module 601 is used for generating a host domain name request by a plug-in and sending the host domain name request to a host; so that the host sends host domain name information and user attribute information to the CAS module;
a fourth sending module 602, configured to receive the identification information of the user and the host and the user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
In another embodiment, the storage device for the plug-in authentication information further includes:
a registration module 603, configured to receive user information and password information sent by a host;
sending the user information and the password information to the CAS module;
and receiving user attribute information obtained by the CAS module after encoding the user information and the password information, and sending the user attribute information to the host.
Fig. 7 illustrates a structure of an electronic device 700 according to an embodiment of the present invention, where the electronic device 700 includes: at least one processor 701, at least one network interface 704 or other user interface 703, memory 705, at least one communication bus 702. A communication bus 702 is used to enable connective communication between these components. The electronic device 700 optionally contains a user interface 703 including a display (e.g., touchscreen, LCD, CRT, Holographic (Holographic) or projection (Projector), etc.), a keyboard or a pointing device (e.g., mouse, trackball (trackball), touch pad or touchscreen, etc.).
In some embodiments, memory 705 stores the following elements, executable modules or data structures, or a subset thereof, or an expanded set thereof:
an operating system 7051, which contains various system programs for implementing various basic services and for processing hardware-based tasks;
the application module 7052 contains various applications, such as a desktop (launcher), a Media Player (Media Player), a Browser (Browser), etc., for implementing various application services.
In an embodiment of the present invention, the processor 701 is configured to, by calling a program or instructions stored in the memory 705:
the method comprises the steps that when a service server receives a plug-in, identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in are sent by the plug-in;
sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a CAS (content based service) module to enable the CAS module to verify whether the identification information of the user and the host, the user identity identification information, the host characteristic information and the standard user and host identification information, the standard user identity identification information and the standard host characteristic information which are stored in the CAS module in advance are consistent or not;
and when the received first verification result returned by the CAS module is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, and sending the authentication success information to the plug-in.
Optionally, in the method executed by the processor 701, after the received verification result returned by the CAS module is verification success, before the authentication success information when the first verification result generation plug-in is enabled, the method further includes:
sending the host characteristic information to an application program manager so that the application program manager verifies whether the host characteristic information is consistent with standard host characteristic information stored in the application program manager in advance;
receiving a second verification result which is sent by the application program manager and is obtained by verifying the host characteristic information;
the generating authentication success information by using the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result includes:
and when the received second verification result sent by the application program manager is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result.
Optionally, in the method executed by the processor 701, after sending the authentication success information to the plug-in, the method further includes:
receiving service request data sent by the plug-in;
and feeding back the service request data and returning the feedback data to the plug-in.
Optionally, the processor 701 executes a method including:
the plug-in generates a host domain name request and sends the host domain name request to the host; so that the host sends host domain name information and user attribute information to the CAS module;
receiving identification information of the user and the host and the user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
Optionally, the method executed by the processor 701, before the plug-in generates the host domain name request, further includes:
receiving user information and password information sent by a host;
sending the user information and the password information to the CAS module;
and receiving user attribute information obtained by the CAS module after encoding the user information and the password information, and sending the user attribute information to the host.
The computer program product of the plug-in authentication method and apparatus provided in the embodiment of the present application includes a computer readable storage medium storing a program code, and instructions included in the program code may be used to execute the method in the foregoing method embodiment.
Specifically, the storage medium can be a general storage medium, such as a removable disk, a hard disk, and the like, and when a computer program on the storage medium is run, the plug-in authentication method can be executed, so that the plug-in can be automatically authenticated without the need of repeatedly inputting an account password by a user, and resource waste is avoided.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present application, and are used for illustrating the technical solutions of the present application, but not limiting the same, and the scope of the present application is not limited thereto, and although the present application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the exemplary embodiments of the present application, and are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (8)
1. A method for authenticating a plug-in, comprising:
receiving identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in sent by the plug-in when the plug-in is started; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host;
sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a CAS (content based service) module to enable the CAS module to verify whether the identification information of the user and the host, the user identity identification information, the host characteristic information and the standard user and host identification information, the standard user identity identification information and the standard host characteristic information which are stored in the CAS module in advance are consistent or not;
when the received first verification result returned by the CAS module is verification success, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, and sending the authentication success information to the plug-in;
after the received verification result returned by the CAS module is verification success, before the authentication success information when the first verification result generation plug-in is enabled, the method further includes:
sending the host characteristic information to an application program manager so that the application program manager verifies whether the host characteristic information is consistent with standard host characteristic information stored in the application program manager in advance;
receiving a second verification result which is sent by the application program manager and is obtained by verifying the host characteristic information;
the generating authentication success information by using the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result includes:
and when the received second verification result sent by the application program manager is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result.
2. The plugin authentication method according to claim 1, further comprising, after sending the authentication success information to the plugin:
receiving service request data sent by the plug-in;
and feeding back the service request data and returning the feedback data to the plug-in.
3. A method for storing plug-in authentication information is characterized by comprising the following steps:
generating a host domain name request and sending the host domain name request to a host; so that the host sends the host domain name information and the user attribute information to the CAS module;
receiving identification information of the user and the host and user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
4. The storage method according to claim 3, further comprising, before the plug-in generates the host domain name request:
receiving user information and password information sent by a host;
sending the user information and the password information to the CAS module;
and receiving user attribute information obtained by the CAS module after encoding the user information and the password information, and sending the user attribute information to the host.
5. A plug-in authentication apparatus, comprising:
the first receiving module is used for receiving identification information of a user and a host, user identity identification information and host characteristic information corresponding to the plug-in, which are sent by the plug-in when the plug-in is started; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host;
the first sending module is used for sending the identification information of the user and the host, the user identity identification information and the host characteristic information to a substance digital identification number CAS module so that the CAS module verifies whether the identification information of the user and the host, the user identity identification information, the host characteristic information and the standard user and host identification information, the standard user identity identification information and the standard host characteristic information which are stored in advance by the CAS module are consistent or not;
the second sending module is used for generating authentication success information when the plug-in is started by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result when the received first verification result returned by the CAS module is successful, and sending the authentication success information to the plug-in;
the plug-in authentication device further comprises:
a third sending module, configured to send the host characteristic information to an application manager, so that the application manager verifies whether the host characteristic information is consistent with standard host characteristic information pre-stored in the application manager;
the second receiving module is used for receiving a second verification result which is sent by the application program manager and is obtained by verifying the host characteristic information;
when the second sending module generates authentication success information from the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result, the second sending module includes:
and when the received second verification result sent by the application program manager is successful, generating authentication success information when the plug-in is enabled by the identification information of the user and the host, the user identity identification information, the host characteristic information and/or the first verification result and the second verification result.
6. An apparatus for storing plug-in authentication information, comprising:
the generation module is used for generating a host domain name request and sending the host domain name request to a host; so that the host sends the host domain name information and the user attribute information to the CAS module;
a fourth sending module, configured to receive the identification information of the user and the host and the user identity identification information sent by the host; the identification information of the user and the host is generated by the CAS module aiming at the host domain name information and the user attribute information sent by the host.
7. An electronic device, comprising: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating over the bus when the electronic device is operating, the machine-readable instructions when executed by the processor performing the steps of the plug-in authentication method according to any one of claims 1 to 4.
8. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when being executed by a processor, carries out the steps of the plug-in authentication method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910740670.XA CN110445791B (en) | 2019-08-12 | 2019-08-12 | Plug-in authentication method and device, and plug-in authentication information storage method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910740670.XA CN110445791B (en) | 2019-08-12 | 2019-08-12 | Plug-in authentication method and device, and plug-in authentication information storage method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110445791A CN110445791A (en) | 2019-11-12 |
| CN110445791B true CN110445791B (en) | 2021-07-27 |
Family
ID=68434744
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910740670.XA Active CN110445791B (en) | 2019-08-12 | 2019-08-12 | Plug-in authentication method and device, and plug-in authentication information storage method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110445791B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112260721B (en) * | 2020-10-21 | 2022-08-02 | 深圳创维-Rgb电子有限公司 | A-CAS communication circuit, control method and A-CAS communication device |
| CN113379418B (en) * | 2021-06-21 | 2024-04-05 | 上海盛付通电子支付服务有限公司 | Information verification method, device, medium and program product based on security plug-in |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101552676B (en) * | 2009-05-06 | 2012-12-05 | 阿里巴巴集团控股有限公司 | Host module legitimacy verification method, system and device using a card module |
| US8407461B2 (en) * | 2010-12-17 | 2013-03-26 | Oracle International Corporation | Plug-in system for software applications |
| US10581823B2 (en) * | 2016-03-21 | 2020-03-03 | Vmware, Inc. | Web client plugin manager in vCenter managed object browser |
| CN106709347B (en) * | 2016-11-25 | 2019-06-11 | 腾讯科技(深圳)有限公司 | Using the method and device of operation |
| CN108170485B (en) * | 2016-12-05 | 2021-06-11 | 腾讯科技(深圳)有限公司 | Plug-in loading method and device and mobile terminal |
| CN107911401B (en) * | 2017-08-04 | 2021-11-26 | 深圳壹账通智能科技有限公司 | Application plug-in extension function method and application server |
-
2019
- 2019-08-12 CN CN201910740670.XA patent/CN110445791B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN110445791A (en) | 2019-11-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6061364B2 (en) | Cloud-assisted methods and services for application security verification | |
| US10749679B2 (en) | Authentication and authorization using tokens with action identification | |
| CN106656944B (en) | Method and device for sliding verification of handheld mobile equipment | |
| KR20190014124A (en) | Two factor authentication | |
| CN111991813B (en) | Method and device for logging in game, electronic equipment and storage medium | |
| CN107835228B (en) | Instruction processing method and device based on dynamic generalized routing | |
| CN110445791B (en) | Plug-in authentication method and device, and plug-in authentication information storage method and device | |
| CN111176794A (en) | Container management method and device and readable storage medium | |
| US11409847B2 (en) | Source-based authentication for a license of a license data structure | |
| CN110781485A (en) | Single sign-on method and device | |
| US20190288856A1 (en) | Timestamped license data structure | |
| CN111259368A (en) | Method and equipment for logging in system | |
| CN114745156A (en) | Distributed single sign-on realization method and device, electronic equipment and storage medium | |
| US11244031B2 (en) | License data structure including license aggregation | |
| CN112291183B (en) | Account login method, system and related equipment | |
| JP5838248B1 (en) | System and method for providing a predetermined service to a user | |
| CN108052842B (en) | Signature data storage and verification method and device | |
| CN103873481A (en) | Verification method, open platform, server end and verification system | |
| US20180260541A1 (en) | License data structure including location-based application features | |
| CN111935107B (en) | Identity authentication method, device, system, electronic equipment and storage medium | |
| CN113015156A (en) | Mobile phone number batch binding changing method, terminal and computer readable storage medium | |
| CN114237678A (en) | Component updating method and device, storage medium and computer equipment | |
| CN113098975B (en) | Cross-platform application publishing method and device | |
| CN112311805B (en) | Login-free authentication processing method and device based on trusted execution environment | |
| CN116015710A (en) | Client automatic authentication login method, device, terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |