CN111818088A - Authorization mode management method and device, computer equipment and readable storage medium - Google Patents

Authorization mode management method and device, computer equipment and readable storage medium Download PDF

Info

Publication number
CN111818088A
CN111818088A CN202010739585.4A CN202010739585A CN111818088A CN 111818088 A CN111818088 A CN 111818088A CN 202010739585 A CN202010739585 A CN 202010739585A CN 111818088 A CN111818088 A CN 111818088A
Authority
CN
China
Prior art keywords
authorization
party application
request
portal
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010739585.4A
Other languages
Chinese (zh)
Inventor
刘晓轩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Smart Technology Co Ltd
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010739585.4A priority Critical patent/CN111818088A/en
Publication of CN111818088A publication Critical patent/CN111818088A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention relates to the field of computer security, and discloses an authorization mode management method, an authorization mode management device, computer equipment and a readable storage medium, wherein the authorization mode management method comprises the following steps: verifying the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect to a network address corresponding to the redirection resource locator in the portal authorization request, and sending the authorization code to a third-party application; or the third authorization request is verified and an authorization code is generated, so that the third-party application redirects the page of the third-party application to the network address corresponding to the redirection resource locator in the third authorization request, and the authorization code is sent to the third-party application; and obtaining a token request generated by the third-party application according to the verification authorization code, sending an access token to the third-party application, receiving an information request sent by the third-party application, and sending resource information to the third-party application. The invention improves the convenience of the user for using the third-party application, ensures the safety of the account name and the account password of the user and ensures the information safety of the user.

Description

Authorization mode management method and device, computer equipment and readable storage medium
Technical Field
The present invention relates to the technical field of security protection of computer security, and in particular, to an authorization mode management method, an authorization mode management apparatus, a computer device, and a readable storage medium.
Background
With the rapid development of the internet, more and more product services are provided for users, the users need to access the resources on different applications, and if the users need to access the resources of the users, the users need to provide different accounts and passwords to the corresponding product services, so that the users need to enter corresponding resource information in each third-party website respectively, and the third-party applications can realize some customized functions.
In order to solve the problems, the current user adopts an authorization mode, so that a third-party website accesses resource information stored in a resource server of an application by the user on the premise of user authorization; however, the current authorization mode often causes that a third party application easily steals other data (even including account information and account password of a user in the application) in a resource server while acquiring resource information, thereby posing a great threat to user information security.
Disclosure of Invention
The invention aims to provide an authorization mode management method, an authorization mode management device, computer equipment and a readable storage medium, which are used for solving the problems that a third party is easy to steal other data in a resource server while acquiring resource information by using a current authorization mode in the prior art, and great threat is caused to user information security; the method and the system can be applied to intelligent government affair scenes, and therefore construction of intelligent cities is promoted.
In order to achieve the above object, the present invention provides an authorization schema management method, including:
receiving a portal authorization request sent by a user side through a login portal system, checking the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect to a network address corresponding to a redirection resource locator in the portal authorization request according to the authorization code, and sending the authorization code to a third-party application; the redirection resource locator is a network address which is defined in a portal system in advance by a third-party application; or
Receiving a third authorization request sent by a user side through accessing a login page of a third-party application, verifying the third authorization request and generating an authorization code, redirecting the page of the third-party application to a network address corresponding to a redirection resource locator in the third authorization request according to the authorization code, and sending the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the third authorization request;
the method comprises the steps of obtaining a token request generated by a third party application in a network address according to a verification authorization code, sending an access token to the third party application according to the token request, receiving an information request with the access token sent by the third party application, and sending resource information to the third party application according to the information request.
In the above solution, the step of verifying the portal authorization request and sending an authorization code to the portal system includes:
judging whether a portal token exists in the portal authorization request or not; if yes, calling a portal login component in the portal system; if not, ending;
verifying the portal token through the portal login component, and judging whether the portal token passes the verification; and if the verification is passed, obtaining account information sent by the portal login component, generating an authorization code according to the account information through an open authorization module, and sending the authorization code to the portal system.
In the foregoing solution, the step of verifying the third authorization request and generating an authorization code includes:
calling an authorization server of the authorized application, and acquiring account information according to the user ID in the third authorization request; calling the authorization server to verify the confidential information; judging whether the account secret information passes verification; and if the verification is passed, generating an authorization code according to the account secret information through the open authorization module.
In the foregoing solution, the step of sending an access token to the third-party application according to the token request includes:
obtaining a token request generated by the third-party application, and calling a preset open authorization module to verify an authorization code in the token request;
determining whether the authorization code passes verification; and if the verification is passed, calling a preset token generator to generate an access token according to the token request.
In the above solution, the step of receiving an information request with the access token sent by a third party application, and sending resource information to the third party application according to the information request includes:
receiving an information request with the access token sent by the third-party application, extracting the access token in the information request, and calling a preset open authorization module to verify the access token;
judging whether the access token passes the verification; if the verification is passed, calling a resource server to extract resource information corresponding to the information request and sending the resource information to the third-party application;
after the resource server is called to extract the resource information corresponding to the information request and send the resource information to the third-party application, the method further comprises the following steps:
and uploading the resource information to a block chain.
In the foregoing solution, after sending the resource information to the third-party application according to the information request, the method may further include:
receiving a third-party authorization request sent by a user side through a third-party application, checking the third-party authorization request, sending an authorization code to the supplementary third-party application, controlling the supplementary third-party application to redirect to a network address corresponding to a redirection resource locator in the supplementary third-party authorization request according to the authorization code, and sending the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the supplementary third party application.
In the foregoing scheme, after sending the authorization code to the third-party application, the method may further include:
the method comprises the steps of obtaining a token request generated by a supplementary third-party application in a network address according to a verification authorization code, sending an access token to the supplementary third-party application according to the token request, receiving an information request with the access token sent by the supplementary third-party application, and sending resource information to the supplementary third-party application according to the information request.
In order to achieve the above object, the present invention further provides an authorization schema management apparatus, including:
the portal authorization redirection module is used for receiving a portal authorization request sent by a user side through logging in a portal system, checking the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect a network address corresponding to a redirection resource locator in the portal authorization request according to the authorization code, and sending the authorization code to a third-party application; the redirection resource locator is a network address which is defined in a portal system in advance by a third-party application; or
The third-party authorization redirection module is used for receiving a third authorization request sent by a user side through accessing a login page of a third-party application, verifying the third authorization request and generating an authorization code, redirecting the page of the third-party application to a network address corresponding to a redirection resource locator in the third authorization request according to the authorization code, and sending the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the third authorization request;
the token resource management module is used for acquiring a token request generated by a third-party application in the network address according to a verification authorization code, sending an access token to the third-party application according to the token request, receiving an information request with the access token sent by the third-party application, and sending resource information to the third-party application according to the information request.
To achieve the above object, the present invention further provides a computer device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor of the computer device implements the steps of the authorization pattern management method when executing the computer program.
To achieve the above object, the present invention further provides a computer-readable storage medium, which stores a computer program, and the storage medium stores the computer program, and when the computer program is executed by a processor, the computer program implements the steps of the authorization pattern management method.
The authorization mode management method, the authorization mode management device, the computer equipment and the readable storage medium provided by the invention have the advantages that a user does not need to register a new user in third-party application when using the third-party application, and the third-party application can obtain the resource information of the user on the authorized application on the premise that the third-party application cannot obtain the account name and the account password registered by the user in the portal system, so that the convenience of the user using the third-party application is improved, the safety of the account name and the account password of the user is ensured, and the technical effect of ensuring the safety of the user information is further realized.
Drawings
FIG. 1 is a flowchart of a first embodiment of an authorization schema management method according to the present invention;
FIG. 2 is a schematic diagram of an environment application of scenario 1 in an authorization mode management method according to a second embodiment of the authorization mode management method of the present invention;
FIG. 3 is a schematic diagram of an environment application of scenario 2 in an authorization schema management method according to a second embodiment of the authorization schema management method of the present invention;
FIG. 4 is a flowchart of a specific method of an authorization schema management method according to a second embodiment of the authorization schema management method of the present invention;
FIG. 5 is a flowchart of verifying the portal authorization request and forwarding the portal authorization request to the portal system according to the second embodiment of the authorization schema management method of the present invention;
fig. 6 is a flowchart of verifying the third authorization request and generating an authorization code in the second embodiment of the authorization pattern management method according to the present invention;
FIG. 7 is a flowchart of sending an access token to the third-party application according to the token request in the second embodiment of the authorization schema management method of the present invention;
fig. 8 is a flowchart of receiving an information request with the access token sent by a third-party application and sending resource information to the third-party application according to the information request in the second embodiment of the authorization schema management method according to the present invention;
FIG. 9 is a flowchart of the authorization schema management method of the second embodiment of the present invention for sending an access token to the supplemental third party application in response to the token request;
FIG. 10 is a flowchart of a second embodiment of an authorization schema management method according to the present invention, wherein the second embodiment of the authorization schema management method receives an information request with the access token sent by a supplementary third-party application, and sends resource information to the supplementary third-party application according to the information request;
FIG. 11 is a schematic diagram of program modules of a third embodiment of an authorization mode management device according to the present invention;
fig. 12 is a schematic diagram of a hardware structure of a computer device according to a fourth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The following examples are now provided:
the first embodiment is as follows:
referring to fig. 1, a method for managing an authorization scheme of the present embodiment includes:
s101: receiving a portal authorization request sent by a user side through logging in a portal system, checking the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect to a network address corresponding to a redirection resource locator (redirect url) in the portal authorization request according to the authorization code, and sending the authorization code to a third-party application; the redirection resource locator is a network address which is defined in a portal system in advance by a third-party application, so that a user can jump to a page corresponding to the redirection resource locator in the portal system through the network address; or
S102: receiving a third authorization request sent by a user side through accessing a login page of a third-party application, verifying the third authorization request and generating an authorization code, redirecting the page of the third-party application to a network address corresponding to a redirection resource locator (redirect url) in the third authorization request according to the authorization code, and sending the authorization code to the third-party application; the redirection resource locator is a network address predefined by the third authorization request, so that the user can jump to a page corresponding to the redirection resource locator through the network address.
S103: the method comprises the steps of obtaining a token request generated by a third party application in a network address according to a verification authorization code, sending an access token to the third party application according to the token request, receiving an information request with the access token sent by the third party application, and sending resource information to the third party application according to the information request.
In an exemplary embodiment: scene 1: when a user browses a certain portal website (portal system), a third-party application accessed to the portal website is accessed through an authorization mode, and the third-party application needs to use resource information of the user during operation, so that how to access the resource information of the user in the portal website can be achieved without registering a new user in the third-party application and on the premise that the third-party application cannot obtain an account name and an account password registered in the portal website, so that the third-party service can provide a customized function for the user.
In order to realize the above scenario, the portal authorization request sent by the portal system is checked and an authorization code is sent to the portal system, the portal system is controlled to redirect the network address corresponding to the redirection resource locator (redirect url) in the portal authorization request according to the authorization code, and the authorization code is sent to the third-party application, so that the user end can access the third-party application through an authorization mode in the portal system, the third-party application can perform authorization operation on the page corresponding to the network address as jumping to the network address for generating the token request, when receiving the authorization code, the third-party application generates a token request in the network address according to the authorization operation and according to the authorization code, acquires the token request, and sends an access token to the third-party application according to the token request, and receiving an information request with the access token sent by a third party application, and sending resource information in a resource server to the third party application according to the information request.
Scene 2: when a user browses a certain third-party application, resource information of the user on the authorized application needs to be used, so that how to realize the purpose that a new user does not need to be registered in the third-party application and the third-party application can obtain the resource information of the user on the authorized application on the premise that the third-party application cannot obtain an account name and an account password registered in a portal system by the user is ensured, so that a customized function is provided for the user.
In order to implement the above scenario, the third authorization request is checked and an authorization code is generated, the third-party application redirects a page of the third-party application to a network address corresponding to a redirection resource locator (redirect url) in the third authorization request according to the authorization code, and the authorization code is sent to the third-party application, the third-party application jumps to the network address for generating the token request, so that the user can perform an authorization operation on the page corresponding to the network address, when receiving the authorization code, the third-party application generates a token request according to the authorization code in the network address according to the authorization operation, obtains the token request generated by the third-party application, sends an access token to the third-party application according to the token request, and receives an information request with the access token sent by the third-party application, and sending resource information to the third-party application according to the information request.
Therefore, the authorization mode management method provided by the application not only enables the third-party application to be authorized to obtain the resource information in the resource server of the portal system when the user accesses the third-party application accessing the portal system, but also enables the third-party application to be authorized to obtain the resource information of the resource server in the authorized application when the user accesses the third-party application, and meets the application of various authorization mode scenes.
Meanwhile, when the user uses the third-party application, a new user does not need to be registered in the third-party application, and the third-party application can obtain the resource information of the user on the authorized application on the premise that the account name and the account password registered by the user in the portal system cannot be obtained, so that the convenience of the user using the third-party application is improved, the safety of the user account name and the account password is ensured, and the technical effect of ensuring the safety of the user information is further realized.
The method and the system can be applied to intelligent government affair scenes, and therefore construction of intelligent cities is promoted.
Example two:
the embodiment is a specific application scenario of the first embodiment, and the method provided by the present invention can be more clearly and specifically explained through the embodiment.
Next, in a server running an authorization mode management method, verifying the portal authorization request/third authorization request, sending an authorization code to the portal system/third-party application, controlling the portal system/third-party application to redirect to a corresponding network address, and sending the authorization code to the third-party application; and generating a token request, and sending resource information to a third party application according to an information request with the access token sent by the third party application as an example, to specifically describe the method provided by the embodiment. It should be noted that the present embodiment is only exemplary, and does not limit the protection scope of the embodiments of the present invention.
Embodiment two shows the following scenario:
scene 1: when a user browses a certain portal website (portal system), a third-party application accessed to the portal website is accessed through an authorization mode, and the third-party application needs to use resource information of the user during operation, so that how to access the resource information of the user in the portal website can be achieved without registering a new user in the third-party application and on the premise that the third-party application cannot obtain an account name and an account password registered in the portal website, so that the third-party service can provide a customized function for the user.
Scene 2: when a user browses a certain third-party application, resource information of the user on the authorized application needs to be used, so that how to realize the purpose that a new user does not need to be registered in the third-party application and the third-party application can obtain the resource information of the user on the authorized application on the premise that the third-party application cannot obtain an account name and an account password registered in a portal system by the user is ensured, so that a customized function is provided for the user.
Fig. 2 schematically shows an environment application diagram of scenario 1 in the authorization schema management method according to the second embodiment of the present application.
Fig. 3 schematically shows an environment application diagram of scenario 2 in the authorization schema management method according to the second embodiment of the present application.
In an exemplary embodiment, the server 2 in which the authorization mode management method is located is respectively connected with the portal system 3, the third-party application 4 and the authorized application 5 through a network, and meanwhile, the server 2 is also connected with and supplements the third-party application through the network; the server 2 may provide services through one or more networks, which may include various network devices, such as routers, switches, multiplexers, hubs, modems, bridges, repeaters, firewalls, proxy devices, and/or the like. The network may include physical links, such as coaxial cable links, twisted pair cable links, fiber optic links, combinations thereof, and/or the like. The network 3 may include wireless links, such as cellular links, satellite links, Wi-Fi links, and/or the like; the portal system 3, third party application 4, authorizeable application 5, and supplemental third party application may be servers running application programs.
Fig. 4 is a flowchart of a specific method of an authorization schema management method according to an embodiment of the present invention, where the method specifically includes steps S201 to S205.
S201: receiving a portal authorization request sent by a user side through logging in a portal system, checking the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect to a network address corresponding to a redirection resource locator (redirect url) in the portal authorization request according to the authorization code, and sending the authorization code to a third-party application; the redirection resource locator is a network address defined in the portal system in advance by a third-party application, so that a user can jump to a page corresponding to the redirection resource locator in the portal system through the network address.
In order to enable the user end to access the third party application in the portal system through the authorization mode, for example: when a user browses a certain portal website (portal system), a third-party application accessing the website is accessed through an authorization mode, in the step, the portal authorization request sent by the portal system is checked, an authorization code is sent to the portal system, the portal system is controlled to redirect to a network address corresponding to a redirection resource locator (redirect url) in the portal authorization request according to the authorization code, and the authorization code is sent to the third-party application.
In this embodiment, the portal authorization request includes: a portal token, a user ID, a redirection resource locator, a return type.
The portal token is a string of character strings generated by authenticating the account and the password of the portal system when the authorization server sends the portal authorization request to the portal system for the first time, so that when the portal system sends the portal authorization request to the authorization server again, the portal system only needs to carry the portal token without carrying the account and the password of the portal system again.
In a preferred embodiment, referring to fig. 5, the step of verifying the portal authorization request and sending an authorization code to the portal system comprises:
s201-1: judging whether a portal token exists in the portal authorization request or not;
since the portal token is issued to the portal system by the authorization server in advance, the step can judge whether the portal token exists by comparing the portal token in the portal authorization request with the token in the preset portal token database.
S201-2: if yes, calling a portal login component in the portal system;
if the portal system exists, the portal system is indicated to be authenticated by the authorization server through the account number password.
S201-3: if not, the process is finished.
If not, the authorization server does not perform post password authentication on the portal system, so the method is finished and the next step is refused.
S201-4: verifying the portal token through the portal login component, and judging whether the portal token passes the verification;
in this embodiment, the portal token is generated by the portal login component according to the account information, the user name, the defined key, and the expiration time, and therefore, the portal login component obtains the account information corresponding to the portal token according to the portal token.
S201-5: and if the verification is passed, obtaining account information sent by the portal login component, generating an authorization code according to the account information through an open authorization module, and sending the authorization code to the portal system.
If the verification is passed, the account information corresponding to the verification is obtained through the portal token.
S201-6: if the verification is not passed, ending;
if not, this indicates that the portal token is expired or that the defined key has been changed, and therefore, the portal token will no longer be applicable.
The open authorization module obtains an authorization code corresponding to the account information from a preset portal authorization server as an authorization certificate (such as code) according to the account information sent by the portal login component.
In the above steps, the user side sends the portal token through the portal system, the authorization server of the application verifies the portal token, and if the portal token passes the verification, the authorization server sends an authorization code to the third-party organization, wherein the authorization code is the third-party application which is approved by the authorization server that the user side has the right to access the portal system through the portal system; controlling the portal system to redirect to a network address corresponding to a redirection resource locator (redirect url) in a portal authorization request according to the authorization code through a control portal system, and sending the authorization code to a third-party application; the redirection resource locator is a network address defined in advance in the portal system by the third-party application, so that a user can jump to a page corresponding to the redirection resource locator through the network address in the portal system, and at the moment, the page corresponding to the network address is displayed on the portal system.
It should be noted that the open authorization module is a computer module running oauth 2.0.
S202: receiving a third authorization request sent by a user side through accessing a login page of a third-party application, verifying the third authorization request and generating an authorization code, redirecting the page of the third-party application to a network address corresponding to a redirection resource locator (redirect url) in the third authorization request according to the authorization code, and sending the authorization code to the third-party application;
the redirection resource locator is a network address predefined by the third authorization request, so that the user can jump to a page corresponding to the redirection resource locator through the network address.
To ensure that the user end can access the third-party application through the authorization mode, for example: in the step, the third authorization request is verified and an authorization code is generated through the third authorization request, the third party application redirects the page of the third party application to the network address corresponding to the redirection resource locator (redirect url) in the third authorization request according to the authorization code, and the authorization code is sent to the third party application.
In this embodiment, the third authorization request includes: user ID, redirection resource locator, return type.
In a preferred embodiment, referring to fig. 6, the step of verifying the third authorization request and generating an authorization code includes:
s202-1: and calling an authorization server of the authorized application, and acquiring account information according to the user ID in the third authorization request.
In this step, the confidential information includes: account name, account password; the authorization log-in component records account information used by the user to log in the authorized application.
Illustratively, if the current user is already logged in to the authorizeable application, such as: and when the current user side logs in the QQ or the WeChat or the microblog, directly calling an authorized login component in an authorization server where the QQ or the WeChat or the microblog is located to extract the account name and the account password corresponding to the user ID in the third authorization request.
If the current user is not logged in the authorized application, such as: and when the user does not log in the QQ, or the WeChat or the microblog at the same time when accessing the third-party application, calling the authorization login component to send an authorization login page to the user side, and filling the account name and the account password in the authorization login page by the user side.
S202-2: calling an authorization server to verify the confidential information;
s202-3: judging whether the account secret information passes verification;
s202-4: if the account information passes the verification, generating an authorization code according to the account information through an open authorization module;
s202-5: if the verification is not passed, the method is ended.
In this embodiment, account information and an account password of an authorized application for a user to log in are recorded in the authorization server, and this step determines whether the account information is consistent with the account information and the account password in the authorization server to verify the account information, and if so, indicates that the account information passes verification, and if not, indicates that the account information fails verification.
In this step, the open authorization module obtains an authorization code corresponding to the account information from a preset portal authorization server as an authorization certificate (e.g., code) according to the account information sent by the portal login component.
In the above steps, the user side sends the portal token through the portal system, the authorization server of the application verifies the portal token, and if the portal token passes the verification, the authorization server sends an authorization code to the third-party organization, wherein the authorization code is the third-party application which is approved by the authorization server that the user side has the right to access the portal system through the portal system; controlling the portal system to redirect to a network address corresponding to a redirection resource locator (redirect url) in a portal authorization request according to the authorization code through a control portal system, and sending the authorization code to a third-party application; the redirection resource locator is a network address defined in advance in the portal system by the third-party application, so that a user can jump to a page corresponding to the redirection resource locator through the network address in the portal system, and at the moment, the page corresponding to the network address is displayed on the portal system.
S203: the method comprises the steps of obtaining a token request generated by a third party application in a network address according to a verification authorization code, sending an access token to the third party application according to the token request, receiving an information request with the access token sent by the third party application, and sending resource information to the third party application according to the information request.
In order to enable a user end not to register a new user in a third-party application and ensure that the third-party application cannot obtain an account name and an account password registered by the user in a portal system (such as a portal website) and an authorized application (such as QQ, WeChat and microblog), in the step, the third-party application jumps to a network address for generating a token request, so that the third-party application generates the token request in the network address according to an authorization code when receiving the authorization code, and the token request at least comprises: authorization code, third party ID, redirection resource locator, authorization type. Further, a token request generated by a third-party application is obtained, an access token is sent to the third-party application according to the token request, an information request with the access token sent by the third-party application is received, and resource information is sent to the third-party application according to the information request.
In a preferred embodiment, referring to fig. 7, the step of sending an access token to the third party application according to the token request includes:
s203-1: obtaining a token request generated by the third-party application, and calling a preset open authorization module to verify an authorization code in the token request;
s203-2: determining whether the authorization code passes verification;
s203-3: and if the verification is passed, calling a preset token generator to generate an access token according to the token request.
In this step, the token generator may generate the access token by calculating the authorization code, the third party ID, the redirection resource locator, and the authorization type in the token request, and since the token generator is in the prior art, the generation process of the token is not described herein again.
S203-4: if the verification is not passed, the method is ended.
In this embodiment, the access token may be an original access token (access _ token) or a refresh access token (refresh _ token), and is sent to the third-party application.
In a preferred embodiment, referring to fig. 8, the step of receiving an information request with the access token sent by a third-party application, and sending resource information to the third-party application according to the information request includes:
s203-5: receiving an information request with the access token sent by the third-party application, extracting the access token in the information request, and calling a preset open authorization module to verify the access token;
s203-6: judging whether the access token passes the verification;
s203-7: if the verification is passed, calling a resource server to extract resource information corresponding to the information request and sending the resource information to the third-party application;
s203-8: and if the verification is not passed, ending.
It should be noted that the open authorization module is a computer module running oauth 2.0.
Preferably, after the resource server is called to extract the resource information corresponding to the information request and send the resource information to the third-party application, the method further includes:
and uploading the resource information to a block chain.
It should be noted that: and obtaining corresponding digest information based on the resource information, specifically, obtaining the digest information by hashing xx, for example, by using a sha256s algorithm. Uploading summary information to the blockchain can ensure the safety and the fair transparency of the user. The user equipment can download the summary information from the blockchain so as to verify whether the resource information is tampered. The blockchain referred to in this example is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm, and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
S204: receiving a third-party authorization request sent by a user side through a third-party application, checking the third-party authorization request, sending an authorization code to the supplementary third-party application, controlling the supplementary third-party application to redirect to a network address corresponding to a redirection resource locator (redirect url) in the supplementary third-party authorization request according to the authorization code, and sending the authorization code to the third-party application; the redirection resource locator is a network address predefined by the supplementary third-party application, so that a user can jump to a page corresponding to the redirection resource locator through the network address in the supplementary third-party application.
In order to enable the user end to access the supplementary third-party application in the third-party application through the authorization mode, for example: when a user browses a certain third-party application, a supplementary third-party application accessed to the third-party application is accessed through an authorization mode, the third-party authorization request sent by the third-party application is checked, an authorization code is sent to the third-party application, the supplementary third-party application is controlled to redirect to a network address corresponding to a redirection resource locator (redirect url) in the supplementary third-party authorization request according to the authorization code, and the authorization code is sent to the third-party application.
In this embodiment, the third party authorization request includes: an access token, a user ID, a redirection resource locator, a return type.
S205: the method comprises the steps of obtaining a token request generated by a supplementary third-party application in a network address according to a verification authorization code, sending an access token to the supplementary third-party application according to the token request, receiving an information request with the access token sent by the supplementary third-party application, and sending resource information to the supplementary third-party application according to the information request.
In order to enable a user end to not register a new user on a supplementary third-party application accessed in the third-party application and ensure that the supplementary third-party application cannot obtain an account name and an account password registered by the user in an authorization server (such as QQ, WeChat and microblog), in the step, the supplementary third-party application jumps to a network address for generating a token request, so that when the third-party application receives an authorization code, the token request is generated in the network address according to the authorization code, and the token request at least comprises: an authorization code, a supplemental third party ID, a redirection resource locator, an authorization type. Further, a token request generated by a supplementary third-party application is obtained, an access token is sent to the supplementary third-party application according to the token request, an information request with the access token sent by the supplementary third-party application is received, and resource information is sent to the supplementary third-party application according to the information request.
In a preferred embodiment, referring to fig. 9, the step of sending an access token to the supplementary third party application according to the token request includes:
s205-1: obtaining a token request generated by the supplementary third-party application, and calling a preset open authorization module to verify an authorization code in the token request;
s205-2: determining whether the authorization code passes verification;
s205-3: and if the verification is passed, calling a preset token generator to generate an access token according to the token request.
In this step, the token generator may generate the access token by calculating the authorization code, the supplementary third party ID, the redirection resource locator, and the authorization type in the token request, and since the token generator is in the prior art, the generation process of the token is not described herein again.
S205-4: if the verification is not passed, the method is ended.
In this embodiment, the access token may be an original access token (access _ token) or a refresh access token (refresh _ token), and is sent to the third-party application.
In a preferred embodiment, referring to fig. 10, receiving an information request with the access token sent by a supplementary third-party application, and sending resource information to the supplementary third-party application according to the information request includes:
s205-5: receiving an information request with the access token sent by the supplementary third-party application, extracting the access token in the information request, and calling a preset open authorization module to verify the access token;
s205-6: judging whether the access token passes the verification;
s205-7: if the verification is passed, calling a resource server to extract resource information corresponding to the information request and sending the resource information to the supplementary third-party application;
s205-8: and if the verification is not passed, ending.
Example three:
referring to fig. 11, an authorization mode management device 1 of the present embodiment includes:
the portal authorization redirection module 11 is configured to receive a portal authorization request sent by a user end through logging in a portal system, check the portal authorization request, send an authorization code to the portal system, control the portal system to redirect a network address corresponding to a redirection resource locator in the portal authorization request according to the authorization code, and send the authorization code to a third-party application; the redirection resource locator is a network address which is defined in a portal system in advance by a third-party application; or
The third-party authorization redirection module 12 is configured to receive a third authorization request sent by a user side through accessing a login page of a third-party application, verify the third authorization request and generate an authorization code, redirect the page of the third-party application to a network address corresponding to a redirection resource locator in the third authorization request according to the authorization code, and send the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the third authorization request;
the token resource management module 13 is configured to obtain a token request generated by the third-party application in the network address according to the verification authorization code, send an access token to the third-party application according to the token request, receive an information request with the access token sent by the third-party application, and send resource information to the third-party application according to the information request.
Optionally, the authorization mode management apparatus 1 further includes:
a supplementary third-party authorization redirection module 14, configured to receive a third-party authorization request sent by a user through a third-party application, check the third-party authorization request, send an authorization code to the supplementary third-party application, control the supplementary third-party application to redirect, according to the authorization code, a network address corresponding to a redirection resource locator (redirect) in the supplementary third-party authorization request, and send the authorization code to the third-party application; the redirection resource locator is a network address predefined by the supplementary third-party application, so that a user can jump to a page corresponding to the redirection resource locator through the network address in the supplementary third-party application.
Optionally, the authorization mode management apparatus 1 further includes:
the supplementary token resource management module 15 is configured to obtain a token request generated by the supplementary third-party application in the network address according to the verification authorization code, send an access token to the supplementary third-party application according to the token request, receive an information request with the access token sent by the supplementary third-party application, and send resource information to the supplementary third-party application according to the information request.
The technical scheme is applied to the field of security protection of computer security, and controls the portal system to redirect to the network address corresponding to the redirection resource locator in the portal authorization request and send the authorization code to a third party application by checking the portal authorization request and sending the authorization code to the portal system; or the third authorization request is verified and an authorization code is generated, so that the third-party application redirects the page of the third-party application to the network address corresponding to the redirection resource locator in the third authorization request, and the authorization code is sent to the third-party application; the method comprises the steps of obtaining a token request generated by a third-party application according to a verification authorization code, sending an access token to the third-party application, receiving an information request sent by the third-party application, sending resource information to the third-party application, obtaining resource information in a portal system or an authorized application registered and authenticated by a user for the third-party application, carrying out access control, and constructing an access rule enabling the third-party application to obtain the resource information of the user on the authorized application on the premise that the account name and the account password registered in the portal system by the user cannot be obtained by the third-party application.
Example four:
in order to achieve the above object, the present invention further provides a computer device 6, where components of the authorization mode management apparatus 1 according to the third embodiment may be distributed in different computer devices, and the computer device 6 may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a rack server (including an independent server or a server cluster formed by multiple application servers) that executes a program. The computer device of the embodiment at least includes but is not limited to: a memory 61, a processor 62, which may be communicatively coupled to each other via a system bus, as shown in fig. 12. It should be noted that fig. 12 only shows a computer device with components, but it should be understood that not all of the shown components are required to be implemented, and more or fewer components may be implemented instead.
In the present embodiment, the memory 61 (i.e., a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the memory 61 may be an internal storage unit of the computer device, such as a hard disk or a memory of the computer device. In other embodiments, the memory 61 may also be an external storage device of the computer device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), or the like, provided on the computer device. Of course, the memory 61 may also include both internal and external storage devices of the computer device. In this embodiment, the memory 61 is generally used for storing an operating system and various application software installed in the computer device, such as the program code of the authorization mode management apparatus in the third embodiment. Further, the memory 61 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 62 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 62 is typically used to control the overall operation of the computer device. In this embodiment, the processor 62 is configured to run program codes stored in the memory 61 or process data, for example, run the authorization mode management device, so as to implement the authorization mode management methods of the first and second embodiments.
Example five:
to achieve the above objects, the present invention also provides a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App application store, etc., on which a computer program is stored, which when executed by a processor 62, implements corresponding functions. The computer readable storage medium of this embodiment is used for storing an authorization pattern management apparatus, and when executed by the processor 62, implements the authorization pattern management method of the first embodiment and the second embodiment.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. An authorization schema management method, comprising:
receiving a portal authorization request sent by a user side through a login portal system, checking the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect to a network address corresponding to a redirection resource locator in the portal authorization request according to the authorization code, and sending the authorization code to a third-party application; the redirection resource locator is a network address which is defined in a portal system in advance by a third-party application; or
Receiving a third authorization request sent by a user side through accessing a login page of a third-party application, verifying the third authorization request and generating an authorization code, redirecting the page of the third-party application to a network address corresponding to a redirection resource locator in the third authorization request according to the authorization code, and sending the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the third authorization request;
the method comprises the steps of obtaining a token request generated by a third party application in a network address according to a verification authorization code, sending an access token to the third party application according to the token request, receiving an information request with the access token sent by the third party application, and sending resource information to the third party application according to the information request.
2. The authorization schema management method of claim 1, wherein the steps of verifying the portal authorization request and sending an authorization code to the portal system comprise:
judging whether a portal token exists in the portal authorization request or not; if yes, calling a portal login component in the portal system; if not, ending;
verifying the portal token through the portal login component, and judging whether the portal token passes the verification; and if the verification is passed, obtaining account information sent by the portal login component, generating an authorization code according to the account information through an open authorization module, and sending the authorization code to the portal system.
3. The authorization pattern management method according to claim 1, wherein the step of verifying the third authorization request and generating an authorization code comprises:
calling an authorization server of the authorized application, and acquiring account information according to the user ID in the third authorization request; calling the authorization server to verify the confidential information; judging whether the account secret information passes verification; and if the verification is passed, generating an authorization code according to the account secret information through the open authorization module.
4. The authorization pattern management method according to claim 1, characterized in that the step of sending an access token to the third-party application according to the token request comprises:
obtaining a token request generated by the third-party application, and calling a preset open authorization module to verify an authorization code in the token request;
determining whether the authorization code passes verification; and if the verification is passed, calling a preset token generator to generate an access token according to the token request.
5. The authorization mode management method according to claim 1, wherein the step of receiving an information request with the access token from a third party application, and sending resource information to the third party application according to the information request comprises:
receiving an information request with the access token sent by the third-party application, extracting the access token in the information request, and calling a preset open authorization module to verify the access token;
judging whether the access token passes the verification; if the verification is passed, calling a resource server to extract resource information corresponding to the information request and sending the resource information to the third-party application;
after the resource server is called to extract the resource information corresponding to the information request and send the resource information to the third-party application, the method further comprises the following steps:
and uploading the resource information to a block chain.
6. The authorization schema management method according to claim 1, after sending the resource information to the third-party application according to the information request, further comprising:
receiving a third-party authorization request sent by a user side through a third-party application, checking the third-party authorization request, sending an authorization code to the supplementary third-party application, controlling the supplementary third-party application to redirect to a network address corresponding to a redirection resource locator in the supplementary third-party authorization request according to the authorization code, and sending the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the supplementary third party application.
7. The authorization mode management method according to claim 6, wherein after sending the authorization code to the third-party application, further comprising:
the method comprises the steps of obtaining a token request generated by a supplementary third-party application in a network address according to a verification authorization code, sending an access token to the supplementary third-party application according to the token request, receiving an information request with the access token sent by the supplementary third-party application, and sending resource information to the supplementary third-party application according to the information request.
8. An authorization schema management apparatus, comprising:
the portal authorization redirection module is used for receiving a portal authorization request sent by a user side through logging in a portal system, checking the portal authorization request, sending an authorization code to the portal system, controlling the portal system to redirect a network address corresponding to a redirection resource locator in the portal authorization request according to the authorization code, and sending the authorization code to a third-party application; the redirection resource locator is a network address which is defined in a portal system in advance by a third-party application; or
The third-party authorization redirection module is used for receiving a third authorization request sent by a user side through accessing a login page of a third-party application, verifying the third authorization request and generating an authorization code, redirecting the page of the third-party application to a network address corresponding to a redirection resource locator in the third authorization request according to the authorization code, and sending the authorization code to the third-party application; wherein the redirection resource locator is a network address predefined by the third authorization request;
the token resource management module is used for acquiring a token request generated by a third-party application in the network address according to a verification authorization code, sending an access token to the third-party application according to the token request, receiving an information request with the access token sent by the third-party application, and sending resource information to the third-party application according to the information request.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the authorization pattern management method according to any of claims 1 to 7 are implemented by the processor of the computer device when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, the computer program stored in the computer-readable storage medium, when being executed by a processor, implementing the steps of the authorization pattern management method according to any one of claims 1 to 7.
CN202010739585.4A 2020-07-28 2020-07-28 Authorization mode management method and device, computer equipment and readable storage medium Pending CN111818088A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010739585.4A CN111818088A (en) 2020-07-28 2020-07-28 Authorization mode management method and device, computer equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010739585.4A CN111818088A (en) 2020-07-28 2020-07-28 Authorization mode management method and device, computer equipment and readable storage medium

Publications (1)

Publication Number Publication Date
CN111818088A true CN111818088A (en) 2020-10-23

Family

ID=72864153

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010739585.4A Pending CN111818088A (en) 2020-07-28 2020-07-28 Authorization mode management method and device, computer equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN111818088A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112507334A (en) * 2021-02-02 2021-03-16 布比(北京)网络技术有限公司 Illegal access detection method, device, system, electronic equipment and storage medium
CN112565293A (en) * 2020-12-23 2021-03-26 平安养老保险股份有限公司 Information security management method and device, computer equipment and readable storage medium
CN112613073A (en) * 2020-12-28 2021-04-06 中国农业银行股份有限公司 Open platform authentication and authorization method and device
CN112667987A (en) * 2020-12-30 2021-04-16 江苏达科信息科技有限公司 Big data access authorization method, device and storage medium
CN113553572A (en) * 2021-07-02 2021-10-26 深圳追一科技有限公司 Resource information acquisition method and device, computer equipment and storage medium
CN113569179A (en) * 2021-07-26 2021-10-29 城云科技(中国)有限公司 Subsystem access method and device based on unified website
CN117708862A (en) * 2024-02-05 2024-03-15 支付宝(杭州)信息技术有限公司 Authorization information generation method, device, equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106295394A (en) * 2016-07-22 2017-01-04 飞天诚信科技股份有限公司 Resource authorization method and system and authorization server and method of work
CN111131242A (en) * 2019-12-24 2020-05-08 北京格林威尔科技发展有限公司 Authority control method, device and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106295394A (en) * 2016-07-22 2017-01-04 飞天诚信科技股份有限公司 Resource authorization method and system and authorization server and method of work
CN111131242A (en) * 2019-12-24 2020-05-08 北京格林威尔科技发展有限公司 Authority control method, device and system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112565293A (en) * 2020-12-23 2021-03-26 平安养老保险股份有限公司 Information security management method and device, computer equipment and readable storage medium
CN112613073A (en) * 2020-12-28 2021-04-06 中国农业银行股份有限公司 Open platform authentication and authorization method and device
CN112667987A (en) * 2020-12-30 2021-04-16 江苏达科信息科技有限公司 Big data access authorization method, device and storage medium
CN112507334A (en) * 2021-02-02 2021-03-16 布比(北京)网络技术有限公司 Illegal access detection method, device, system, electronic equipment and storage medium
CN113553572A (en) * 2021-07-02 2021-10-26 深圳追一科技有限公司 Resource information acquisition method and device, computer equipment and storage medium
CN113569179A (en) * 2021-07-26 2021-10-29 城云科技(中国)有限公司 Subsystem access method and device based on unified website
CN117708862A (en) * 2024-02-05 2024-03-15 支付宝(杭州)信息技术有限公司 Authorization information generation method, device, equipment and storage medium
CN117708862B (en) * 2024-02-05 2024-05-14 支付宝(杭州)信息技术有限公司 Authorization information generation method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN111756753B (en) Authority verification method and system
CN111818088A (en) Authorization mode management method and device, computer equipment and readable storage medium
US11165579B2 (en) Decentralized data authentication
CN101771532B (en) Method, device and system for realizing resource sharing
CA2448853C (en) Methods and systems for authentication of a user for sub-locations of a network location
CN112671720B (en) Token construction method, device and equipment for cloud platform resource access control
CN111355726B (en) Identity authorization login method and device, electronic equipment and storage medium
CN110535884B (en) Method, device and storage medium for cross-enterprise inter-system access control
US10601809B2 (en) System and method for providing a certificate by way of a browser extension
CN109962892A (en) A kind of authentication method and client, server logging in application
CN115022047A (en) Account login method and device based on multi-cloud gateway, computer equipment and medium
CN113411324B (en) Method and system for realizing login authentication based on CAS and third-party server
CN112149068A (en) Access-based authorization verification method, information generation method and device, and server
CN102694776A (en) Authentication system and method based on dependable computing
CN112699404A (en) Method, device and equipment for verifying authority and storage medium
CN112565293A (en) Information security management method and device, computer equipment and readable storage medium
CN108600266B (en) Statement filtering authentication method and system
KR101637155B1 (en) A system providing trusted identity management service using trust service device and its methods of operation
CN115208669B (en) Distributed identity authentication method and system based on blockchain technology
CN113055186B (en) Cross-system service processing method, device and system
KR20190114424A (en) Method for sso service through blockchain, and terminal and server using the same
CN113765876A (en) Report processing software access method and device
CN111404946A (en) Browser-based account authentication method and server
CN112134705A (en) Data authentication method and device, storage medium and electronic device
CN115190483B (en) Method and device for accessing network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20201023

WD01 Invention patent application deemed withdrawn after publication