CN111191200B - Three-party linkage authentication page display method and device and electronic equipment - Google Patents

Three-party linkage authentication page display method and device and electronic equipment Download PDF

Info

Publication number
CN111191200B
CN111191200B CN201911329340.8A CN201911329340A CN111191200B CN 111191200 B CN111191200 B CN 111191200B CN 201911329340 A CN201911329340 A CN 201911329340A CN 111191200 B CN111191200 B CN 111191200B
Authority
CN
China
Prior art keywords
user
information
service
party server
access request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911329340.8A
Other languages
Chinese (zh)
Other versions
CN111191200A (en
Inventor
赵立平
宋荣鑫
黄建庭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qilu Information Technology Co Ltd
Original Assignee
Beijing Qilu Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qilu Information Technology Co Ltd filed Critical Beijing Qilu Information Technology Co Ltd
Priority to CN201911329340.8A priority Critical patent/CN111191200B/en
Publication of CN111191200A publication Critical patent/CN111191200A/en
Application granted granted Critical
Publication of CN111191200B publication Critical patent/CN111191200B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/957Browsing optimisation, e.g. caching or content distillation
    • G06F16/9577Optimising the visualization of content, e.g. distillation of HTML documents

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a page display method, which comprises the following steps: the method comprises the steps that a third-party server obtains access request information, wherein the access request information comprises access service information and application server pass; the third party server sends a certification authentication request to the application server; the application server performs authentication and sends the authenticated user basic information to the third party server; the third party server generates page display content data based on the user basic information and the user access information and sends the page display content data to the user client; and the user client generates a display page according to the acquired page display content data. The invention provides safe and reliable information linkage interaction through the modes of one-time login of a user, authentication of an application server and modularization customization of a third party, clear identification and convenient and rapid customization information transmission, facilitates diversion monitoring, reduces the overall operation cost and improves the efficiency and the reliability.

Description

Three-party linkage authentication page display method and device and electronic equipment
Technical Field
The invention relates to the field of computer information processing, in particular to a three-party linkage authentication page display method, a three-party linkage authentication page display device, electronic equipment and a computer readable medium.
Background
With the prosperity of internet economy, an intermediate platform plays an increasing role as a main way of supply and demand interfacing and social interconnection. The intermediate platform provides open basic service for the suppliers through a unified business operation interface, and reserves the needed party for a plurality of suppliers, so that the supply and demand docking flow is simplified, and better user experience is brought to both the supply and demand parties.
In the prior art, a demander often needs to perform identity verification and interface skip for multiple times in order to acquire a service interface of the demander, the flow is long and is easy to be held by a malicious supplier, and uncontrollable threats are brought to the suppliers and the demander and an intermediate platform. In addition, different services and supply and demand parties lead to a lot of contents of different customization of page display time difference, such as customization according to the prior art, and the cost is huge, which is unfavorable for new access partners and later maintenance.
Disclosure of Invention
The invention aims to provide a page display method, a page display device and electronic equipment for three-party linkage authentication, which provide safe and reliable information linkage interaction, clear identification and convenient and quick customized information transmission through a mode of one-time login of a user, authentication of an application server and modularized customization of a third party, are convenient for diversion monitoring, reduce the overall operation cost and improve the efficiency and the reliability.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
In order to achieve the above purpose, one aspect of the present invention provides a method for displaying a three-party linked authentication page, comprising: the method comprises the steps that an application server performs parameter verification processing and communication certificate processing on acquired user access request information to generate access request information, and sends the access request information to a corresponding third party server, wherein the third party server acquires the access request information, and the access request information comprises access service information and application server communication certificate; the third party server sends a certification authentication request to the application server; the application server acquires a communication certificate sent by the third party server and performs memorability communication certificate authentication; the verification authentication is not obtained, and the display is ended by indicating that the access request is initiated by a non-declarative user or the access request information is illegally held by other people; the verification authentication is obtained by indicating that the verification is indeed initiated by the user, acquiring basic information of the authenticated user and identifying the authenticated user to acquire whether the user is a diversion user which is performed by an application server to an authentication initiation third party server; if the identity identification is really that the diversion user indicates that the related user information is sent to the third party server when diversion is carried out, and user basic information is not needed to be provided any more, only an authentication result is sent to the third party server; if the basic information of the user needs to be extracted for the non-diversion user, the basic information and the authentication result of the authenticated user are sent to the third party server; the third-party server is preset with elements and display rules for generating different service display pages; the third party server automatically configures and generates service display page content data suitable for the user according to the basic information of the user and the access service information of the user; the third party server directly transmits the service display page content data to the user; and the user client generates a display page according to the acquired page display content data.
According to a preferred embodiment of the present invention, the application server performs parameter verification and sign-on processing on the acquired user access request information, and sends the user access request to a corresponding third party server, and specifically includes: generating user access request information in response to the operation of the user on the client application, wherein the user access request information comprises access service information and user information; the application server performs parameter verification and communication certificate processing based on the acquired user information of the user access request information to form the application server communication certificate; and the application server sends the generated application server certification and the access service information to the third party server.
According to a preferred embodiment of the present invention, the access service information includes service type information, service flow information, service provider information, service product information, service stage information, and service data information.
According to a preferred embodiment of the present invention, the step of the application server sending the generated application server certificate and the access service information to the third party server further includes: constructing a mapping rule of the business content which the user requests to access and a business content storage address corresponding to the third-party server; the application server obtains a corresponding service content storage address of the third party server by utilizing the mapping rule according to the access request information of the user; and the application server sends the application server certification and the access service information to the storage address.
According to a preferred embodiment of the present invention, the preset elements and display rules for generating different service display pages include: the elements and the presentation rules are modified, added and deleted to generate a presentation page adapted to the new service based on the change of the service.
According to a preferred embodiment of the invention, the page comprises: html5 page.
According to a preferred embodiment of the present invention, the step of sending the user basic information to the third party server further includes, after desensitizing the user basic information, sending the user basic information to the third party server.
The second aspect of the present invention provides a three-party linked authentication page display device, which is characterized in that the device comprises:
the access request information acquisition module is arranged on a third party server and is used for generating access request information by carrying out parameter verification processing and communication certificate processing on the acquired user access request information through an application server, sending the access request information to a corresponding third party server, and acquiring the access request information by the third party server, wherein the access request information comprises access service information and application server communication certificate;
The authentication request module is arranged on the third-party server and is used for sending a certification authentication request to the application server;
the authentication module is arranged on the application server and is used for carrying out memorability verification authentication according to the communication verification and verification authentication request sent by the third party server by the application server; the verification authentication is not obtained, and the display is ended by indicating that the access request is initiated by a non-declarative user or the access request information is illegally held by other people; the verification authentication is obtained by indicating that the verification is indeed initiated by the user, acquiring basic information of the authenticated user and identifying the authenticated user to acquire whether the user is a diversion user which is performed by an application server to an authentication initiation third party server;
the information extraction and transmission module is arranged on the application server and is used for only transmitting an authentication result to the third party server if the identity identification is really that the diversion user indicates that the related user information is transmitted to the third party server when diversion is performed and user basic information is not required to be provided; if the basic information of the user needs to be extracted for the non-diversion user, the basic information and the authentication result of the authenticated user are sent to the third party server;
The page content generating and sending module is arranged on the third party server and is used for generating page display content data based on the basic information of the user and the access service information of the user and sending the page display content data to the user client, and specifically comprises the following steps: the material unit is used for storing and managing preset elements and display rules for generating different service display pages, and modifying, adding and deleting the elements and the display rules in the material unit so as to generate display pages suitable for new services based on service changes; the content generation unit is used for automatically configuring and generating service display page content suitable for the user according to the user basic information and the access service information; the sending unit is used for directly sending the service display page content to the user;
the display module is arranged at the user client and used for generating a display page according to the acquired page display content data.
According to a preferred embodiment of the present invention, further comprising: the user access request information acquisition module is arranged on the application server and is used for responding to the operation of the user on the client application to acquire user access request information, wherein the user access request information comprises access service information and user information; the pass card processing module is arranged on the application server and is used for performing parameter verification and pass card processing according to the user information to form the pass card of the application server; and the information sending module is arranged on the application server and used for sending the generated application server pass certificate and the access service information to the third party server.
According to a preferred embodiment of the present invention, the access service information includes service type information, service flow information, service provider information, service product information, service stage information, and service data information.
According to a preferred embodiment of the present invention, further comprising: the mapping rule module is arranged on the application server and is used for constructing and storing a mapping rule of the business content requested to be accessed by the user and the business content storage address corresponding to the third-party server; and the addressing module is arranged on the application server and is used for acquiring the service content storage address corresponding to the third party server by utilizing the mapping rule according to the access request information of the user.
According to a preferred embodiment of the present invention, the information extraction and transmission module further includes: the basic information extraction unit is used for acquiring user basic information passing authentication; the identity recognition unit is used for carrying out identity recognition according to the user basic information; and the sending unit is used for sending the user basic information to the third-party server when the user identification result is an unfinished user.
According to a preferred embodiment of the present invention, when the identity recognition unit recognizes that the user identity is a guided user, the user basic information transmission is not required.
According to a preferred embodiment of the present invention, the information extraction and transmission module further includes: and the desensitization unit is used for desensitizing the user basic information and then transmitting the user basic information to the third-party server.
According to a preferred embodiment of the present invention, the page content generating and transmitting module further includes: the material unit is used for storing and managing preset elements and display rules for generating different service display pages; the content generation unit is used for automatically configuring and generating service display page content suitable for the user according to the user basic information and the access service information; and the sending unit is used for directly sending the service display page content to the user.
According to a preferred embodiment of the invention, the material unit further comprises: the elements in the material unit and the presentation rules can be modified, added and deleted to generate a presentation page adapted to the new service based on the change of the service.
According to a preferred embodiment of the invention, the page further comprises an html5 page.
A third aspect of the present invention provides an electronic apparatus, wherein the electronic apparatus includes:
a processor; and a memory storing computer executable instructions that, when executed, cause the processor to perform the three-way linked authentication page presentation method described above.
A fourth aspect of the present invention provides a computer readable storage medium, where the computer readable storage medium stores one or more programs, which when executed by a processor, implement the three-way linked authentication page presentation method described above.
Drawings
In order to make the technical problems solved by the present invention, the technical means adopted and the technical effects achieved more clear, specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted, however, that the drawings described below are merely illustrative of exemplary embodiments of the present invention and that other embodiments of the present invention may be derived from these drawings by those skilled in the art without undue effort.
FIG. 1 is a block diagram illustrating a three-way interaction of a page presentation method, according to an example embodiment.
FIG. 2 is a flowchart illustrating the primary steps of a page presentation method, according to an exemplary embodiment.
Fig. 3 is a flowchart of main steps of a specific example of a page presentation method according to the present invention.
Fig. 4 is a block diagram showing a structure of a page display device according to an exemplary embodiment.
Fig. 5 is a block diagram illustrating the structure of an information extraction and transmission module according to an exemplary embodiment.
Fig. 6 is a block diagram illustrating the structure of a page content generation and transmission module according to an exemplary embodiment.
Fig. 7 is a block diagram of an exemplary embodiment of an electronic device according to the present invention.
Fig. 8 is a block diagram of a computer-readable medium shown according to an example embodiment.
Detailed Description
Exemplary embodiments of the present invention will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments can be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art. The same reference numerals in the drawings denote the same or similar elements, components or portions, and thus a repetitive description thereof will be omitted.
The features, structures, characteristics or other details described in a particular embodiment do not exclude that may be combined in one or more other embodiments in a suitable manner, without departing from the technical idea of the invention.
In the description of specific embodiments, features, structures, characteristics, or other details described in the present invention are provided to enable one skilled in the art to fully understand the embodiments. However, it is not excluded that one skilled in the art may practice the present invention without one or more of the specific features, structures, characteristics, or other details.
The flow diagrams depicted in the figures are exemplary only, and do not necessarily include all of the elements and operations/steps, nor must they be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the order of actual execution may be changed according to actual situations.
The block diagrams depicted in the figures are merely functional entities and do not necessarily correspond to physically separate entities. That is, the functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various devices, elements, components or portions, this should not be limited by these terms. These words are used to distinguish one from the other. For example, a first device may also be referred to as a second device without departing from the spirit of the invention.
The term "and/or" and/or "includes all combinations of any of the associated listed items and one or more.
FIG. 1 is a block diagram illustrating a three-way interaction of a page presentation method, according to an example embodiment.
The application comprises a client and a server, wherein the client application is deployed on the client of a user, and the client can initiate access or operation to the server application by operating the corresponding client application; the server-side application responds accordingly to the access or operation request sent by the client-side application.
As shown in fig. 1, in response to an operation of a user on a client 101 on a client application, the client application generates access request information, sends the access request information to a server application deployed on an application server 102, and the server application performs further processing based on the access request information and returns a processing result to the client application of the client 101.
Further, the application client deployed on the client 101 may display the third-party service content, where the third-party service is deployed on the third-party server 103, and the user may send an access request to the third-party server 103 by performing a corresponding operation on the client, or send an access request to the third-party server 103 through the application server 102.
FIG. 2 is a flowchart illustrating the primary steps of a page presentation method, according to an exemplary embodiment. As shown in fig. 2, the page display method of the three-party linkage authentication includes steps S201 to S211.
In step S201, user access request information is generated and transmitted
And generating user access request information in response to the operation of the user on the client application, wherein the user access request information comprises access service information and user information.
Further, the operation information of the user on the client application is recorded, and the operation information can include information generated by clicking, selecting, closing and deleting actions and information which is input by means of touch screens, keyboards, voices, actions and the like and is used for representing service attributes and/or user identity attributes.
The information of the service attribute includes, but is not limited to, service type information, service flow information, service provider information, service product information, service stage information and service data information. The user identity attribute information comprises a user account number, a password and the like.
And sending the generated user access request information to an application server.
In step S202, a verification process is performed
And the application server acquires the access request information of the user, and performs parameter verification processing and communication certificate processing on the access request information of the user.
The token is that the client frequently requests data from the server, the server frequently goes to the database to inquire the user name and the password, compares the user name and the password, judges whether the user name and the password are correct or not, and makes a corresponding prompt, and under the background, the interaction between the client and the server is facilitated. The pass (token) is a string of character strings generated by the server to be used as a token for the client to request, after the first login, the server generates a pass and returns the pass to the client, and the client only needs to carry the pass to request data, and does not need to carry the user name and the password again.
The method for processing the pass card generally comprises two methods, namely, using the equipment number/equipment mac address as the pass card; and secondly, using the session value as a pass.
In the first way, the client acquires the device number/mac address of the device at the time of login, and passes it as a parameter to the server. After the server receives the parameter, the parameter is received by a variable and is simultaneously stored in a database as a pass, the pass is set in the session, the client needs to intercept uniformly every time the client requests, the pass transmitted by the client is compared with the pass in the session of the server, and if the pass is the same, the pass is released, and if the pass is different, the rejection is carried out.
In the second mode, the client only needs to carry the user name and the password to log in, the client receives the user name and the password and judges the user name and the password, if the user name and the password are correct, the locally acquired sessionID is returned to the client as a Token, and the client only needs to take the request data.
And performing parameter verification processing and communication certificate processing according to the acquired user access request information generated and transmitted in the step S201.
In step S203, access request information is generated and transmitted
And generating access request information according to the user access request information and the communication certificate generated by the communication certificate processing.
The access request information may include, but is not limited to, service type information, service flow information, service provider information, service product information, service phase information, service data information, and a sign-on certificate.
And the application server sends the access request information to a third-party server corresponding to the user request service.
Further, the application server stores or sets a mapping rule of the specific service and the address of the third party server corresponding to the specific service, and sends the access request information to the third party server corresponding to the user request service based on the mapping rule.
In step S204, access request information is acquired
The third party server acquires the access request information generated by step S203.
In step S205, the authentication request is authenticated
And the third party server sends a certification authentication request to the application server according to the acquired access request information.
In step S206, authentication is passed
Based on the authentication request of the pass, the pass is obtained, and the application server remembers the pass authentication, which is sent by the third party server, in step S205, and the detailed manner can be seen from the description of the related technology in step S202.
If the pass authentication is not passed, indicating that the access request is initiated by a non-declarative user or the access request information is illegally held by others, ending the display step;
if the authentication of the pass card is obtained, the list clearly declares that the user initiates, and then the next step is entered;
in step S207, user basic information is acquired
For the user authenticated by step S206, the application server acquires its basic information and transmits the basic information to a third party server.
Further, the application server obtains the user basic information passing the authentication, and performs identity recognition on the user passing the authentication to obtain whether the user is a diversion user which is performed by the application server to the authentication initiating third party server.
If the identity recognition result is a diversion user initiated by the application server, indicating that the related user information is sent to the third party server when diversion is performed, no user basic information is needed to be provided, and only an authentication result is needed to be sent to the third party server;
and if the identity recognition result is a non-diversion user, extracting the basic information of the user, performing desensitization processing on the basic information, and transmitting the desensitized basic information of the user and the authentication result to a third-party server.
In step S208, presentation page content is generated
The third-party server is preset with page elements and configuration rules, wherein the page elements are basic elements for forming a display page, and can specifically comprise pictures, characters, audio, video, forms, frames and the like for forming the display page. The configuration rules may specifically include logic and parameters between page elements combined into a page.
The third party server obtains the user basic information extracted in the step S207, and generates presentation page content according to the access request information obtained in the step S203, where the presentation page content may be rendered by the presentation module to generate a presentation page.
The person or controller with management authority of the third party service can add, modify and delete preset page elements and configuration rules for generating a new display page.
In step S209, the presentation page content is acquired
And the third party server directly transmits the content of the display page generated in the step S208 to the user authenticated by the certification.
In step S210, a page is displayed
In step S209, the user client application that obtains the content of the presentation page performs rendering to generate the presentation page, and provides the presentation for the user.
In one exemplary embodiment, the page is an Html5 page. Those skilled in the art can use other page generation and presentation modes according to the method of the invention according to the actual use situation.
Examples:
fig. 3 is a flowchart of main steps of a specific example of a page presentation method according to the present invention.
The use scene displayed by the example is a display method of a user protocol when a user obtains a third-party financial service through a financial intermediate platform.
As shown in fig. 3, a financial service app is installed on a user's mobile phone, and the financial service app can provide financial products provided by a plurality of third-party financial service parties in addition to financial products provided by the app itself service provider. Further, the financial service app provides only financial products provided by a third party financial service side.
In response to a user's selection and input, the financial service app obtains access request first information of the user, where the access request first information may specifically include a service type of a financial product, a current service serial number, a service provider, a product identifier, and user information required by the financial product input by the user. Further, the access request first information further includes login information of the user.
And sending the first information of the access request of the user to a server of the financial service app through a mobile phone of the user, and performing parameter verification processing and login processing on the first information of the access request by the server of the financial service app to generate second information of the access request. The second information of the access request comprises the service type of the financial product, the current service serial number, the service provider, the product identifier, user information required by the financial product and the alliance token which are input by a user.
Based on the second information of the access request of the user, the financial service app redirects the address of the access request of the user according to the mapping rule of the request service and the address of the third party server, and sends the second information of the access request to the server of the third party financial service corresponding to the service, which is hereinafter referred to as the third party server.
And after the third party server acquires the second information of the access request, an authentication request and a user information acquisition request are sent to the financial service app server.
The financial service app authenticates the login token sent by the third party server, and if the authentication is not passed, the whole flow is terminated; if the authentication is passed, the type of the authenticated user is identified. The specific identification criteria is whether the user is a financial service app that directs the user to the third party service.
If the identity is identified as an unguided user, extracting the basic information of the user, performing desensitization treatment, and sending the information to a third-party server; the identity is identified as the diversion user, and because the information basic information is sent when the user is diversion, the user basic data is not required to be sent.
And the third-party server is stored with page elements for generating a protocol display page, and the page elements are combined to form a display rule of the page. And according to the authentication result, the third party server generates page content of the protocol display page according to the access request second information and the user basic information acquired or extracted from the third party server.
And directly sending the page content to the user, and rendering the mobile phone browser of the user on the h5 page of the third party for protocol viewing.
Further, a display protocol list can be generated according to the second information of the access request and the user basic information acquired or extracted from the second information, the user acquires the display protocol list and selects a required protocol, the third party server performs single protocol processing based on the operation of selecting the protocol by the user, generates single protocol display page content, and sends the single protocol display page content to the user for single page display.
By using the method provided by the invention, the safe and reliable information linkage interaction is provided by using the modes of one-time login of a user, authentication of an application server and modularized customization of a third party, clear and clear identification and convenient and rapid customization information transmission are realized, the flow guiding monitoring is facilitated, the overall operation cost is reduced, and the efficiency and the reliability are improved.
Those skilled in the art will appreciate that all or part of the steps implementing the above-described embodiments are implemented as a program (computer program) executed by a computer data processing apparatus. The above-described method provided by the present invention can be implemented when the computer program is executed. Moreover, the computer program may be stored in a computer readable storage medium, which may be a readable storage medium such as a magnetic disk, an optical disk, a ROM, a RAM, or a storage array composed of a plurality of storage media, for example, a magnetic disk or a tape storage array. The storage medium is not limited to a centralized storage, but may be a distributed storage, such as cloud storage based on cloud computing.
The following describes apparatus embodiments of the invention that may be used to perform method embodiments of the invention. Details described in the embodiments of the device according to the invention should be regarded as additions to the embodiments of the method described above; for details not disclosed in the embodiments of the device according to the invention, reference may be made to the above-described method embodiments.
Fig. 4 is a block diagram illustrating a page display device according to an exemplary embodiment.
As shown in fig. 4-6, the page presentation apparatus includes an application 41 provided at a user client, which has a presentation module 4101; a user access request information acquisition module 4201, a certification processing module 4202, a mapping rule module 4203, an addressing module 4204, an information transmission module 4205, an authentication module 4206, and an information extraction and transmission module 4207, which are provided in an application server; an access request information acquisition module 4301, an authentication request module 4302, and a page content generation and transmission module 4303, which are provided in a third-party server. Next, each module will be described based on the steps of using the present apparatus.
The user access request information obtaining module 4201 is configured to obtain user access request information in response to an operation of the user on the client application, where the user access request information includes access service information and user information. Further, the access service information includes service type information, service flow information, service provider information, service product information, service stage information, and service data information.
The pass processing module 4202 is configured to perform parameter verification and pass processing according to the user information acquired by the user access request information acquisition module 4201, so as to form the application server pass.
The mapping rule module 4203 is configured to construct and store a mapping rule for the service content requested to be accessed by the user and the service content storage address corresponding to the third party server.
And the addressing module 4204 is configured to obtain, according to the access request information of the user, a service content storage address corresponding to the third party server by using the mapping rule.
The information sending module 4205 is configured to send the generated application server certificate and the access service information to the third party server according to the address acquired by the addressing module 4202.
The access request information acquisition module 4301, configured to be disposed in a third party, is configured to acquire access request information sent by the information sending module, where the access request information includes access service information and application server certificate.
The authentication request module 4302 is configured to issue a certification authentication request to the application server based on the access request information.
An authentication module 4206, configured to perform authentication according to the authentication request.
The information extraction and sending module 4207 is configured to send the authenticated user basic information to the third party server.
Specifically, the information extraction and transmission module 4207 may specifically include a basic information extraction unit 501, an identification unit 502, a desensitization unit 503, and a transmission unit 504.
The basic information extraction unit 501 is configured to obtain user basic information that passes authentication.
The identity recognition unit 502 is configured to perform identity recognition according to the user basic information.
When the user identification result is that the user is not guided, the desensitization unit 503 desensitizes the user basic information, and sends the user basic information to a third party server through the sending unit 504.
When the user identification result is the guiding user, the authentication passing information is only needed to be sent to the third party server through the sending unit 504.
The page content generating and transmitting module 4303 is configured to generate page presentation content data based on the user basic information and the user access information, and transmit the page presentation content data to the user client.
Specifically, the page content generating and transmitting module 4303 may include a material unit 601, a content generating unit 602, and a transmitting unit 603.
The material unit 601 is configured to store and manage preset elements and display rules for generating display pages of different services, and modify, add and delete the elements and display rules in the material unit to generate display pages adapted to new services based on changes of the services.
A content generating unit 602, configured to automatically configure and generate service presentation page content adapted to the user according to the user basic information and the access service information;
And the sending unit 603 is configured to send the service presentation page content directly to the user.
The display module 4101 is disposed at the user client, and is configured to generate a display page according to the acquired page display content data.
It will be appreciated by those skilled in the art that the modules in the embodiments of the apparatus described above may be distributed in an apparatus as described, or may be distributed in one or more apparatuses different from the embodiments described above with corresponding changes. The modules of the above embodiments may be combined into one module, or may be further split into a plurality of sub-modules.
The following describes an embodiment of an electronic device according to the present invention, which may be regarded as a specific physical implementation of the above-described embodiment of the method and apparatus according to the present invention. Details described in relation to the embodiments of the electronic device of the present invention should be considered as additions to the embodiments of the method or apparatus described above; for details not disclosed in the embodiments of the electronic device of the present invention, reference may be made to the above-described method or apparatus embodiments.
Fig. 7 is a block diagram of an electronic device, according to an example embodiment.
An electronic device 700 according to such an embodiment of the present disclosure is described below with reference to fig. 7. The electronic device 700 shown in fig. 7 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present disclosure in any way.
As shown in fig. 7, the electronic device 700 is embodied in the form of a general purpose computing device. Components of electronic device 700 may include, but are not limited to: at least one processing unit 710, at least one memory unit 720, a bus 730 connecting the different system components (including the memory unit 720 and the processing unit 710), a display unit 740, and the like.
Wherein the storage unit stores program code executable by the processing unit 710 such that the processing unit 710 performs steps according to various exemplary embodiments of the present disclosure described in the above-described electronic prescription flow processing methods section of the present specification. For example, the processing unit 710 may perform the steps as shown in fig. 2.
The memory unit 720 may include readable media in the form of volatile memory units, such as Random Access Memory (RAM) 7201 and/or cache memory 7202, and may further include Read Only Memory (ROM) 7203.
The storage unit 720 may also include a program/utility 7204 having a set (at least one) of program modules 7205, such program modules 7205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
Bus 730 may be a bus representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 700 may also communicate with one or more external devices 800 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 700, and/or any device (e.g., router, modem, etc.) that enables the electronic device 700 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 750. Also, electronic device 700 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet, through network adapter 760. Network adapter 760 may communicate with other modules of electronic device 700 via bus 730. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 700, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the exemplary embodiments described herein may be implemented in software, or may be implemented in software in combination with necessary hardware. Thus, the technical solution according to the embodiments of the present invention may be embodied in the form of a software product, which may be stored in a computer readable storage medium (may be a CD-ROM, a usb disk, a mobile hard disk, etc.) or on a network, and includes several instructions to cause a computing device (may be a personal computer, a server, or a network device, etc.) to perform the above-mentioned method according to the present invention. The computer program, when executed by a data processing device, enables the computer readable medium to carry out the above-described method of the present invention.
The computer program may be stored on one or more computer readable media. The computer readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable storage medium may also be any readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
In summary, the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that some or all of the functionality of some or all of the components in accordance with embodiments of the present invention may be implemented in practice using a general purpose data processing device such as a microprocessor or Digital Signal Processor (DSP). The present invention can also be implemented as an apparatus or device program (e.g., a computer program and a computer program product) for performing a portion or all of the methods described herein. Such a program embodying the present invention may be stored on a computer readable medium, or may have the form of one or more signals. Such signals may be downloaded from an internet website, provided on a carrier signal, or provided in any other form.
The above-described specific embodiments further describe the objects, technical solutions and advantageous effects of the present invention in detail, and it should be understood that the present invention is not inherently related to any particular computer, virtual device or electronic apparatus, and various general-purpose devices may also implement the present invention. The foregoing description of the embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the invention.

Claims (10)

1. The three-party linkage authentication page display method is characterized by comprising the following steps of:
the method comprises the steps that an application server performs parameter verification processing and communication certificate processing on acquired user access request information to generate access request information, and sends the access request information to a corresponding third party server, wherein the third party server acquires the access request information, and the access request information comprises access service information and application server communication certificate;
the third party server sends a certification authentication request to the application server;
the application server acquires a communication certificate sent by the third party server and performs memorability communication certificate authentication;
the verification authentication is not obtained, and the display is ended by indicating that the access request is initiated by a non-declarative user or the access request information is illegally held by other people;
the verification authentication is obtained by indicating that the verification is indeed initiated by the user, acquiring basic information of the authenticated user and identifying the authenticated user to acquire whether the user is a diversion user which is performed by an application server to an authentication initiation third party server;
if the identity identification is really that the diversion user indicates that the related user information is sent to the third party server when diversion is carried out, and user basic information is not needed to be provided any more, only an authentication result is sent to the third party server;
If the basic information of the user needs to be extracted for the non-diversion user, the basic information and the authentication result of the authenticated user are sent to the third party server;
the third-party server is preset with elements and display rules for generating different service display pages; the third party server automatically configures and generates service display page content data suitable for the user according to the basic information of the user and the access service information of the user; the third party server directly transmits the service display page content data to the user;
and the user client generates a display page according to the acquired page display content data.
2. The method according to claim 1, wherein the application server performs parameter verification processing and communication verification processing on the acquired user access request information, and sends the user access request to a corresponding third party server, and specifically includes:
generating user access request information in response to the operation of the user on the client application, wherein the user access request information comprises access service information and user information;
the application server performs parameter verification and communication certificate processing based on the acquired user information of the user access request information to form the application server communication certificate;
And the application server sends the generated application server certification and the access service information to the third party server.
3. The method according to claim 1 or 2, wherein the access service information comprises service type information, service flow information, service provider information, service product information, service phase information, service data information.
4. The method of claim 2, wherein the step of the application server sending the generated application server pass and the access service information to the third party server further comprises:
constructing a mapping rule of the business content which the user requests to access and a business content storage address corresponding to the third-party server;
the application server obtains a corresponding service content storage address of the third party server by utilizing the mapping rule according to the access request information of the user;
and the application server sends the application server certification and the access service information to the storage address.
5. The method of claim 1, wherein the presetting of the elements and the presentation rules for generating different service presentation pages comprises: the elements and the presentation rules are modified, added and deleted to generate a presentation page adapted to the new service based on the change of the service.
6. The method of claim 1, wherein the presentation page comprises: html5 page.
7. The method of claim 5, wherein the transmitting the base information of the authenticated user and the authentication result to the third party server further comprises:
and desensitizing the user basic information and then sending the user basic information to the third-party server.
8. The utility model provides a three-party linkage authentication page display device which characterized in that includes:
the access request information acquisition module is arranged on a third party server and is used for generating access request information by carrying out parameter verification processing and communication certificate processing on the acquired user access request information through an application server, sending the access request information to a corresponding third party server, and acquiring the access request information by the third party server, wherein the access request information comprises access service information and application server communication certificate;
the authentication request module is arranged on the third-party server and is used for sending a certification authentication request to the application server;
the authentication module is arranged on the application server and is used for carrying out memorability verification authentication according to the communication verification and verification authentication request sent by the third party server by the application server; the verification authentication is not obtained, and the display is ended by indicating that the access request is initiated by a non-declarative user or the access request information is illegally held by other people; the verification authentication is obtained by indicating that the verification is indeed initiated by the user, acquiring basic information of the authenticated user and identifying the authenticated user to acquire whether the user is a diversion user which is performed by an application server to an authentication initiation third party server;
The information extraction and transmission module is arranged on the application server and is used for only transmitting an authentication result to the third party server if the identity identification is really that the diversion user indicates that the related user information is transmitted to the third party server when diversion is performed and user basic information is not required to be provided; if the basic information of the user needs to be extracted for the non-diversion user, the basic information and the authentication result of the authenticated user are sent to the third party server;
the page content generating and sending module is arranged on the third party server and is used for generating page display content data based on the basic information of the user and the access service information of the user and sending the page display content data to the user client, and specifically comprises the following steps: the material unit is used for storing and managing preset elements and display rules for generating different service display pages, and modifying, adding and deleting the elements and the display rules in the material unit so as to generate display pages suitable for new services based on service changes; the content generation unit is used for automatically configuring and generating service display page content suitable for the user according to the user basic information and the access service information; the sending unit is used for directly sending the service display page content to the user;
The display module is arranged at the user client and used for generating a display page according to the acquired page display content data.
9. An electronic device, wherein the electronic device comprises:
a processor; the method comprises the steps of,
a memory storing computer executable instructions that, when executed, cause the processor to perform the method of any of claims 1-7.
10. A computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement the method of any of claims 1-7.
CN201911329340.8A 2019-12-20 2019-12-20 Three-party linkage authentication page display method and device and electronic equipment Active CN111191200B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911329340.8A CN111191200B (en) 2019-12-20 2019-12-20 Three-party linkage authentication page display method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911329340.8A CN111191200B (en) 2019-12-20 2019-12-20 Three-party linkage authentication page display method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN111191200A CN111191200A (en) 2020-05-22
CN111191200B true CN111191200B (en) 2023-08-04

Family

ID=70705846

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911329340.8A Active CN111191200B (en) 2019-12-20 2019-12-20 Three-party linkage authentication page display method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN111191200B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112468535A (en) * 2020-10-22 2021-03-09 国网浙江省电力有限公司绍兴供电公司 Method, device and system for realizing safety type human-computer interaction service
CN113032749A (en) * 2021-03-03 2021-06-25 北京读我网络技术有限公司 Synchronous authentication method and device
CN113068055B (en) * 2021-03-15 2023-08-18 广州虎牙科技有限公司 Data transmission method, device, system, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016188256A1 (en) * 2016-01-25 2016-12-01 中兴通讯股份有限公司 Application access authentication method, system, apparatus and terminal
CN106446049A (en) * 2016-08-31 2017-02-22 腾讯科技(深圳)有限公司 Page data interaction apparatus and method
CN108021586A (en) * 2016-10-31 2018-05-11 阿里巴巴集团控股有限公司 A kind of page generation method and device
CN109194673A (en) * 2018-09-20 2019-01-11 江苏满运软件科技有限公司 Authentication method, system, equipment and storage medium based on authorized user message
CN109388917A (en) * 2018-10-12 2019-02-26 彩讯科技股份有限公司 Method for authenticating, device, equipment and the storage medium of hardware device
CN110213321A (en) * 2019-01-17 2019-09-06 腾讯云计算(北京)有限责任公司 The method, apparatus and electronic equipment of third party's service are provided in Internet application

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016188256A1 (en) * 2016-01-25 2016-12-01 中兴通讯股份有限公司 Application access authentication method, system, apparatus and terminal
CN106446049A (en) * 2016-08-31 2017-02-22 腾讯科技(深圳)有限公司 Page data interaction apparatus and method
CN108021586A (en) * 2016-10-31 2018-05-11 阿里巴巴集团控股有限公司 A kind of page generation method and device
CN109194673A (en) * 2018-09-20 2019-01-11 江苏满运软件科技有限公司 Authentication method, system, equipment and storage medium based on authorized user message
CN109388917A (en) * 2018-10-12 2019-02-26 彩讯科技股份有限公司 Method for authenticating, device, equipment and the storage medium of hardware device
CN110213321A (en) * 2019-01-17 2019-09-06 腾讯云计算(北京)有限责任公司 The method, apparatus and electronic equipment of third party's service are provided in Internet application

Also Published As

Publication number Publication date
CN111191200A (en) 2020-05-22

Similar Documents

Publication Publication Date Title
US10462118B2 (en) Systems and methods for login and authorization
CA2915619C (en) Method and apparatus for customized software development kit (sdk) generation
CN111191200B (en) Three-party linkage authentication page display method and device and electronic equipment
US10216943B2 (en) Dynamic security questions in electronic account management
US10742636B2 (en) OAuth2 SAML token service
US20230120160A1 (en) Authentication aggregator
JP2017045462A (en) System and method for authenticating user by using contact list
US20240185280A1 (en) Automated transactional offers using a browser extension
US20230244961A1 (en) Information support system using artificial intelligence
JP7397174B2 (en) System and method for mobile digital currency future exchange
US9886572B2 (en) Lie vault
CN108763881A (en) Method and apparatus for controlling user right
CN109690533A (en) Personalized search environment
US11734408B2 (en) Remapping of uniform resource locators for accessing network applications
US11340965B2 (en) Method and system for performing voice activated tasks
CN113420133B (en) Session processing method, device, equipment and storage medium
US11449186B2 (en) System and method for optimized generation of a single page application for multi-page applications
CN114816361A (en) Method, device, equipment, medium and program product for generating splicing project
CN112256760A (en) Data prediction method and device, computer equipment and storage medium
US9866562B2 (en) File and bit location authentication
CN110765445A (en) Method and device for processing request
WO2023010266A1 (en) Systems and methods for providing user guidance via workspace score
US11863673B1 (en) White-labeled data connections for multi-tenant cloud platforms
EP4350556A1 (en) Information verification method and apparatus
US20230359467A1 (en) Computing system and methods for prelaunching apps in virtual computing sessions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant