CN112506678A - RPC remote calling method, system and storage medium based on authentication and authorization - Google Patents

RPC remote calling method, system and storage medium based on authentication and authorization Download PDF

Info

Publication number
CN112506678A
CN112506678A CN202011445222.6A CN202011445222A CN112506678A CN 112506678 A CN112506678 A CN 112506678A CN 202011445222 A CN202011445222 A CN 202011445222A CN 112506678 A CN112506678 A CN 112506678A
Authority
CN
China
Prior art keywords
authority
authentication
caller
interface
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011445222.6A
Other languages
Chinese (zh)
Inventor
隆少华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An International Smart City Technology Co Ltd
Original Assignee
Ping An International Smart City Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An International Smart City Technology Co Ltd filed Critical Ping An International Smart City Technology Co Ltd
Priority to CN202011445222.6A priority Critical patent/CN112506678A/en
Publication of CN112506678A publication Critical patent/CN112506678A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/54Indexing scheme relating to G06F9/54
    • G06F2209/544Remote

Abstract

The embodiment of the invention discloses an RPC remote calling method, a system and a storage medium based on authentication and authorization, which relate to the technical field of system security. The embodiment of the invention provides a centralized authentication and authorization platform, which is convenient for unified management, has finer authentication granularity and improves the safety in the RPC remote call process.

Description

RPC remote calling method, system and storage medium based on authentication and authorization
Technical Field
The invention relates to the technical field of system security, in particular to an RPC remote call method and system based on authentication and authorization and a storage medium.
Background
RPC (Remote Procedure Call) is a framework that solves the intercommunication between applications deployed in the same wlan. In a general process of calling an interface through RPC, an interface is defined by a service provider, a Jar packet of the interface is issued into a local area network, the interface is realized in a project, and finally the interface and a corresponding implementation class are exposed to the outside through an API provided by the RPC. Because all the Jar coordinates in the local area network are in an exposed state, if the coordinates of the Jar package are obtained, the Jar package issued in the local area network can be introduced into a project to complete RPC calling, and the process has great potential safety hazard problems.
The existing technical scheme generally adopts the technical scheme that a unique identity AppId is distributed to each caller, each caller transmits a timestamp, a 32-bit random number and a client digital signature c _ sign to a provider when calling an interface, when receiving a request for calling the interface, a service provider firstly judges whether the request time is legal according to the timestamp, then obtains parameters sent by the caller client, recombines to obtain a digital signature s _ sign to obtain a character string representing the unique identity of the caller, and the service provider realizes the authentication of a calling authority by comparing whether the digital signature c _ sign and the digital signature s _ sign correspond to each other. However, in this scheme, the service provider performs authority authentication, which is not convenient for uniform management of the calling authority of the caller, and the existing calling method only solves the problem of authority authentication, but does not solve the authority problem of calling an interface and some method in the interfaces.
Disclosure of Invention
The embodiment of the invention provides an RPC remote calling method, an RPC remote calling system and a RPC remote calling storage medium based on authentication and authorization, and aims to solve the problem that the authority of calling an interface and a method in the interface is not solved in the related technology.
In a first aspect, an embodiment of the present invention provides an RPC remote invocation method based on authentication and authorization, where the method is applied to a first server, a second server, and a third server, where the first server is a caller of an invocation interface, the second server is an authorization platform, and the third server is a service provider providing an interface, and includes: if the caller needs to call a method corresponding to an interface of an application, the caller sends a filing request corresponding to the application to the authorization platform; the authorization platform authenticates and records the record request sent by the calling party to obtain record information; the caller sends a call request corresponding to the application to the service provider, the call request comprising a method call request for calling a method in an interface; the service provider sends an authentication request for performing authority authentication on the calling request of the caller to the authorization platform; the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface; if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider
In a second aspect, an embodiment of the present invention provides an RPC remote call system based on authentication and authorization, including: a first sending unit, configured to send a filing request corresponding to an application to the authorization platform by the caller if the caller needs to call a method corresponding to an interface of the application; the authentication unit is used for the authorization platform to authenticate and record the record request sent by the calling party so as to obtain record information; a second issuing unit configured to issue, to the service provider, a call request corresponding to the application, the call request including a method call request for calling a method in an interface; a third sending unit, configured to send, to the authorization platform, an authentication request for performing authority authentication on the call request of the caller by the service provider; the first authentication feedback unit is used for the authorization platform to perform authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feed the authority authentication result back to the service provider, wherein the authority authentication comprises the authority of determining the caller to call the interface and the authority of calling the method in the interface; and the obtaining unit is used for obtaining the method in the interface corresponding to the application provided by the service provider by the caller if the authority authentication result is that the authentication is passed.
In a third aspect, an embodiment of the present invention provides an RPC remote call system based on authentication and authorization, which is characterized by including a first server, a second server, and a third server, where the first server, the second server, and the third server each include a memory and a processor, where the memory stores a computer program, and the processors of the first server, the second server, and the third server implement the method together when executing the computer program.
In a fourth aspect, embodiments of the present invention provide a storage medium storing a computer program which, when executed by at least one processor, may implement the method as described above.
The embodiment of the invention provides an RPC remote calling method, a system and a storage medium based on authentication and authorization, based on the method, if a caller sends a filing request corresponding to an application to an authorization platform before formally sending the calling request, the authorization platform carries out authentication filing on the filing request sent by the caller to obtain filing information, when the caller formally sends the calling request corresponding to the application to a service provider, the service provider sends an authentication request to the authorization platform, the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, if the authority authentication result passes the authentication, the caller retrieves the method in the interface provided by the service provider corresponding to the application. According to the technical scheme of the embodiment of the application, the authorization platform provides a centralized authentication and authorization platform, unified management is facilitated, method-level authentication and authorization of the method in the application call interface are achieved, the authentication granularity is finer, and safety in the RPC remote call process is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic view of an application scenario of an RPC remote call method based on authentication and authorization according to an embodiment of the present invention;
FIG. 2 is a schematic flowchart of an RPC remote call method based on authentication and authorization according to an embodiment of the present invention;
FIG. 3 is a schematic sub-flow diagram of an RPC remote call method based on authentication and authorization according to an embodiment of the present invention;
FIG. 4 is a schematic view of another sub-flow of the RPC remote call method based on authentication and authorization provided by the embodiment of the present invention;
FIG. 5 is another schematic flow chart of an RPC remote call method based on authentication and authorization according to an embodiment of the present invention;
fig. 6 is a schematic flowchart of the RPC remote call method based on authentication and authorization applied to the second server according to the embodiment of the present invention;
fig. 7 is a schematic sub-flow chart of the RPC remote call method based on authentication and authorization applied to the second server according to the embodiment of the present invention;
fig. 8 is another sub-flowchart diagram illustrating the application of the RPC remote call method based on authentication and authorization provided by the embodiment of the present invention to the second server;
FIG. 9 is a schematic block diagram of an RPC remote Call System based on authentication and authorization in accordance with the present invention;
FIG. 10 is a schematic block diagram of an authentication unit of the RPC remote Call System based on authentication and authorization of the present invention;
FIG. 11 is a schematic block diagram of a first authentication feedback unit of the RPC remote call system based on authentication and authorization according to the present invention;
FIG. 12 is another schematic block diagram of the first authentication feedback unit of the RPC remote Call System based on authentication and authorization of the present invention;
FIG. 13 is a schematic block diagram of the RPC remote call system based on authentication and authorization applied to a second server side;
FIG. 14 is a schematic block diagram of an authentication registration unit applied to a second server side of the RPC remote call system based on authentication and authorization of the present invention;
FIG. 15 is a schematic block diagram of a second authentication feedback unit applied to a second server side of the RPC remote call system based on authentication and authorization of the present invention; and
FIG. 16 is a schematic block diagram of a computer device provided by an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
Referring to fig. 1, fig. 1 is a schematic view of an application scenario of an RPC remote call method based on authentication and authorization according to an embodiment of the present invention. The RPC remote calling method based on authentication and authorization can be applied to a server, for example, the RPC remote calling method based on authentication and authorization can be applied to a server, and comprises a first server 10, a second server 20 and a third server 30, wherein the first server 10 is a caller for calling an interface, the second server 20 is an authorization platform, and the third server 30 is a service provider for providing the interface. The RPC remote calling method based on authentication and authorization is realized through software installed on the server side, so that the safety of a calling interface and a method in the calling interface is improved in the RPC remote process. The following describes the method in detail by taking an example in which the authentication and authorization-based RPC remote call method is applied to the first server 10, the second server 20, and the third server 30.
As shown in fig. 2, a flowchart of an authentication and authorization-based RPC remote call method according to an embodiment of the present invention includes the following steps S110 to S160:
s110, if the caller needs to call a method corresponding to an interface of an application, the caller sends a filing request corresponding to the application to the authorization platform.
In an embodiment, in the RPC remote process, if an application of a caller needs to obtain a certain method in an interface provided by a service provider, the caller needs to send a filing request corresponding to the application to the authorization platform before the caller sends a call request for calling the interface and the certain method in the interface to the service provider.
S120, the authorization platform authenticates and records the record request sent by the calling party to obtain record information.
In an embodiment, after the caller sends the filing request, the authorization platform authenticates and records the filing request to obtain filing information. The authorization platform determines the identity of the application of the calling party, and configures the calling authority of the application by acquiring the identity of the application so as to acquire and store preset interface authority information and preset method authority information of the application corresponding to the calling party as the filing information. When the caller calls the method in the interface to the service provider again with the same application, the record request does not need to be sent again, and the record pressure of the authorization platform is further reduced. When the caller calls methods in the interface to the service provider for a different application, the caller needs to issue a docketing request to the authorization platform before issuing a call request for the current application.
S130, the caller sends a call request corresponding to the application to the service provider, wherein the call request comprises a method call request for calling a method in an interface.
In an embodiment, after the authorization platform authenticates and records the record request sent by the caller to obtain record information, the caller formally sends a call request corresponding to the application to the service provider, the call request includes a method call request for calling a method in an interface, and the caller pairs the application and the method in the interface by acquiring the method in the interface provided by the service provider to perform communication transmission in an RPC remote process.
S140, the service provider sends an authentication request for performing authority authentication on the calling request of the caller to the authorization platform.
In an embodiment, after the service provider obtains that the caller sends a call request corresponding to the application, the service provider sends, to the authorization platform, an authentication request for performing authority authentication on the call request of the caller, so as to request the authorization platform to perform the authority authentication.
S150, the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the record information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface.
In an embodiment, when the authorization platform authenticates and records the record request to obtain record information, the authorization platform obtains an identity of the application for identifying the caller and an authority of the application for calling the method in the interface, and when the authorization platform obtains the authentication request sent by the service provider, the authorization platform identifies the identity of the application for the caller and obtains a calling authority of the application according to the record information, performs authority authentication on the calling request of the caller to obtain an authority authentication result, and feeds the authority authentication result back to the service provider, where the authority authentication includes determining the authority of the caller for calling the interface and the authority for calling the method in the interface.
S160, if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider.
In an embodiment, the service provider obtains the authority authentication result fed back by the authorization platform, if the authority authentication result is that the authorization platform passes the authentication, the caller obtains the method in the interface corresponding to the application provided by the service provider, and the application of the caller successfully calls the method in the interface. The application is paired with the method in the interface to perform communication transmission in an RPC remote procedure.
In an embodiment, as shown in fig. 3, the specific step of step S120 includes steps S121 to S123.
S121, according to the filing request, allocating an AppId corresponding to the application and a private key bound with the AppId to the calling party.
S122, signing the private key to generate an authentication character indicating the unique identity information of the application.
S123, configuring interface authority information and method authority information corresponding to the application of the calling party, binding the interface authority information and the method authority information with the authentication character, and storing the interface authority information and the method authority information in the authorization platform to serve as record information.
In an embodiment, when the caller sends the dockee request, the caller obtains an AppId corresponding to the application and a private key bound to the AppId, which are distributed by an authorization platform, the authorization platform signs the private key to generate an authentication character indicating unique identity information of the application, and the authorization platform configures interface authority information and method authority information corresponding to the application for the caller and binds the authentication character and saves the authentication character in the authorization platform as dockee information. The record information comprises the authentication character, preset interface authority information corresponding to the application and preset method authority information, and is the record information. The authentication character is used to cause the authorization platform and the service provider to identify the application of the caller. The preset interface permission information and the preset method permission information are set by the authorization platform according to a preset configuration permission of the authorization platform, for example, the authorization platform can configure the calling permission of the similar application similar to the application as the preset interface permission and the preset method permission of the application according to the preset configuration permission. The authorization platform may change the preset interface permission and the preset method permission, if the preset interface permission and the preset method permission change, for example, if the authorization platform and/or the service provider obtains information that the application of the caller is an insecure application, the authorization platform changes the invocation permission of the application of the caller, or if the authorization platform and/or the service provider obtains information that all applications of the caller are insecure applications, the authorization platform may uniformly change the invocation permission of all applications of the caller.
In one embodiment, as shown in fig. 4, the step S150 includes steps S151 to S155.
S151, acquiring an authentication request which is sent by the service provider and used for carrying out authority authentication on the calling request of the caller.
S152, judging whether the application of the calling party has the authority of calling the interface or not according to preset interface authority information. If the application of the caller has the authority to call the interface, step S153 is performed, and if the application of the caller does not have the authority to call the interface, step S156 is performed.
S153, if the application of the calling party has the authority of calling the interface, judging whether the application of the calling party has the authority of calling the method according to preset method authority information. If the application of the caller has the authority to call the method, step S154 is performed, and if the application of the caller does not have the authority to call the method, step S157 is performed.
S154, if the application of the caller has the authority to call the method, judging that the authority authentication result of the authority authentication of the call request of the caller is authentication passing.
And S155, feeding back the authority authentication result to the service provider.
In an embodiment, when the service provider sends an authentication request for performing authority authentication on the call request of the caller to the authorization platform, the authorization platform obtains the authentication request and performs authority authentication on the call request according to the application filing information. And judging whether the application of the calling party has the authority of calling the interface or not according to preset interface authority information. If the application of the caller has the authority to call the interface, judging whether the application of the caller has the authority to call the method according to preset method authority information. And if the application of the caller has the authority to call the method, judging that the authority authentication result of the authority authentication of the call request of the caller is authentication passing. The authorization platform feeds back the authentication result to the service provider to enable the service provider to confirm whether to provide the method in the interface to the caller. The authorization platform provides a centralized authentication and authorization platform for setting and uniformly managing the calling authority of the caller, and can change the calling authority of the application of the caller at any time to ensure the safety of the application. Meanwhile, when the operation authority of a changer of the calling authority in the authorization platform is controlled, the historical record of the changing operation can be traced, and the safety of the method in the calling interface is further improved.
In an embodiment, as shown in fig. 4, the specific step of step S140 further includes steps S156 to S157.
S156, if the application of the caller does not have the authority of calling the interface, the authorization platform sends a first preset prompt message to the caller.
S157, if the application of the caller has the authority to call the method, the authorization platform sends a second preset prompt message to the caller.
In an embodiment, when an authentication request for performing authority authentication on the call request of the caller sent by the service provider is obtained, whether the application of the caller has the authority to call the interface is judged according to preset interface authority information, if the application of the caller does not have the authority to call the interface, for example, the authority of the authorization platform changes the authority of call interfaces of all applications of the caller, and after the change, the application of the caller does not have the authority to call the interface, the authorization platform sends first preset prompt information to the caller, for example, the first preset prompt information is 'no authority to call the interface'. When the authority configuration center of the authorization platform judges that the application of the caller has the authority to call the interface, whether the application of the caller has the authority to call the method is judged, if the application of the caller does not have the authority to call the method is judged, for example, the authority of the authorization platform changes the authority of the methods in the call interfaces of all the applications of the caller, and after the change, the application of the caller does not have the authority to call the method, the authorization platform sends a second preset prompt message to the caller, for example, the second preset prompt message is 'no authority to call the method'. The authorization platform sends the first preset prompt message or the second preset prompt message to the caller, and simultaneously feeds back an authentication result of the first preset prompt message or the second preset prompt message to the service provider, so that the service provider does not provide the method in the interface to be called by the application to ensure the safety of the service provider.
In the method provided by the present invention, as shown in fig. 5, if the caller first sends a docketing request corresponding to the application to the authorization platform before formally sending a call request, the authorization platform authenticates and records the recording request sent by the calling party to obtain recording information, when the caller formally issues a call request corresponding to the application to the service provider, the service provider sends an authentication request to the authorization platform, and the authorization platform sends the authentication request and the filing information to the service provider, performing authority authentication on the calling request of the caller to obtain an authority authentication result and feeding back the authority authentication result to the service provider, if the authority authentication result is that the authentication is passed, the caller retrieves the method in the interface provided by the service provider corresponding to the application. According to the technical scheme of the embodiment of the application, the authorization platform provides a centralized authentication and authorization platform, unified management is facilitated, method-level authentication and authorization of the method in the application call interface are achieved, the authentication granularity is finer, and safety in the RPC remote call process is improved.
The method and the system can be applied to smart government affairs/smart city management/smart community/smart security/smart logistics/smart medical treatment/smart education/smart environment protection/smart traffic scenes, for example, when the method in the interface provided by the service provider needs to be called in the RPC remote process in the scenes, the safety of the method in the calling interface is enhanced, and therefore the construction of a smart city is promoted.
Fig. 6 is a flowchart illustrating that the RPC remote call method based on authentication and authorization provided by the embodiment of the present invention is applied to a second server. As shown in FIG. 6, the RPC remote call method based on authentication and authorization of the present embodiment includes steps S210-S240. The method is applied in the second server 20.
S210, if the caller needs to call a method corresponding to an interface of an application, the authorization platform receives a filing request corresponding to the application sent by the caller.
S220, the authorization platform authenticates and records the record request sent by the calling party to obtain record information.
S230, when the caller sends a call request corresponding to the application to the service provider, the authorization platform receives an authentication request sent by the service provider for performing authority authentication on the call request of the caller, where the call request includes a method call request for calling a method in an interface.
S240, the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the record information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface; and if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider.
In an embodiment, as shown in fig. 7, the specific step of step S210 includes steps S211 to S213.
S211, distributing an AppId corresponding to the application and a private key bound with the AppId for the calling party according to the filing request;
s212, signing the private key to generate an authentication character indicating the unique identity information of the application;
s213, configuring interface authority information and method authority information corresponding to the application of the calling party, binding the interface authority information and the method authority information with the authentication character, and storing the interface authority information and the method authority information in the authorization platform as record information.
In an embodiment, as shown in fig. 8, the step S240 includes steps S241 to S245.
S241, judging whether the application of the calling party has the authority of calling the interface or not according to preset interface authority information. If the application of the caller has the authority to call the interface, step S242 is performed, and if the application of the caller does not have the authority to call the interface, step S244 is performed.
S242, if the application of the calling party has the authority of calling the interface, judging whether the application of the calling party has the authority of calling the method. If the application of the caller has the authority to call the method, step S243 is performed, and if the application of the caller does not have the authority to call the method, step S245 is performed.
S243, if the application of the caller has the authority to call the method, judging that the authority authentication result of the authority authentication of the call request of the caller is authentication passing.
S244, if the application of the caller does not have the authority of calling the interface, sending a first preset prompt message to the caller.
S245, if the application of the caller does not have the authority of calling the method, sending second preset prompt information to the caller.
It should be noted that, as can be clearly understood by those skilled in the art, the specific implementation steps of the authentication and authentication-based RPC remote call method applied to the second server may refer to the corresponding descriptions in the foregoing method embodiments, and for convenience and brevity of description, no further description is provided herein.
FIG. 9 is a schematic block diagram of an authentication and authorization-based RPC remote Call System 100 according to an embodiment of the present invention. As shown in fig. 9, the system 100 includes a first server 10, a second server 20, and a third server 30, where the first server 10 is a caller for calling an interface, the first server 10 includes a first sending unit 101, a second sending unit 102, and an obtaining unit 103, the second server 20 is an authorization platform, the second server 20 includes an authentication unit 201 and a first authentication feedback unit 202, the third server 30 is a service provider for providing an interface, and the third server 30 includes a third sending unit 301. Specifically, the method comprises the following steps:
the first sending unit 101 is configured to send a filing request corresponding to an application to the authorization platform if the caller needs to call a method of an interface corresponding to the application.
The authorization platform of the authentication unit 201 authenticates and records the record request sent by the caller to obtain record information.
The second issuing unit 102 is configured to issue, to the service provider, a call request corresponding to the application, where the call request includes a method call request for calling a method in an interface.
The third issuing unit 301 is configured to issue, to the authorization platform, an authentication request for performing authority authentication on the invocation request of the caller, by the service provider.
The first authentication feedback unit 202 is configured to perform, by the authorization platform, authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result, and feed back the authority authentication result to the service provider, where the authority authentication includes determining an authority of the caller to invoke the interface and an authority of invoking a method in the interface.
The obtaining unit 103 is configured to, if the permission authentication result is that authentication is passed, obtain, by the caller, the method in the interface corresponding to the application provided by the service provider.
In some embodiments, for example, in this embodiment, referring to fig. 10, the authentication unit 201 includes an acquiring subunit 2011, a first signature generating subunit 2012, and a saving setting subunit 2013.
The obtaining subunit 2011 is configured to, according to the filing request, allocate an app id corresponding to the application and a private key bound to the app id to the caller.
The first signature generation subunit 2012 is configured to sign the private key to generate an authentication character indicating unique identity information of the application.
The saving setting subunit 2013 is configured to configure interface authority information and method authority information corresponding to the application of the caller, and bind the interface authority information and the method authority information with the authentication character and save the binding information in the authorization platform as record information.
In some embodiments, for example, in the present embodiment, referring to fig. 11, the first authentication feedback unit 202 includes a first issuing sub-unit 2021, a first determining sub-unit 2022, a second determining sub-unit 2023, a first determining sub-unit 2024, and a feedback sub-unit 2025.
The first issuing subunit 2021 is configured to acquire an authentication request issued by the service provider to authenticate the authority of the invocation request of the caller.
The first determining subunit 2022 is configured to determine whether the application of the caller has the authority to call the interface according to preset interface authority information.
The second determining subunit 2023 is configured to determine, according to preset method permission information, whether the application of the caller has the permission to call the method if the application of the caller has the permission to call the interface.
The first determining subunit 2024 is configured to determine, if the application of the caller has the authority to call the method, that an authority authentication result of performing authority authentication on the call request of the caller is authentication pass.
The feedback subunit 2025 is configured to feed back the right authentication result to the service provider.
In some embodiments, for example, in the present embodiment, referring to fig. 12, the first authentication feedback unit 202 further includes a second issuing subunit 2026 and a third issuing subunit 2027.
The second issuing subunit 2026 is configured to, if the application of the caller does not have the authority to invoke the interface, issue a first preset prompt message to the caller by the authorization platform.
The third issuing subunit 2027 is configured to, if the application of the caller does not have the authority to invoke the method, issue a second preset prompt message to the caller by the authorization platform.
It should be noted that, as can be clearly understood by those skilled in the art, the specific implementation process of the RPC remote call system 100 based on authentication and authorization and each unit may refer to the corresponding description in the foregoing method embodiment, and for convenience and brevity of description, no further description is provided herein.
Fig. 13 is a schematic block diagram of the authentication and authorization-based RPC remote call system 400 applied to the second server 20 according to the embodiment of the present invention. As shown in FIG. 13, the present invention also provides an RPC remote call system 400 based on authentication and authorization corresponding to the above RPC remote call method based on authentication and authorization. The authentication and authorization based RPC remote Call System 400, which includes units for performing the authentication and authorization based RPC remote Call method described above, may be configured in the second server side 20. Specifically, referring to fig. 13, the RPC remote call system 400 based on authentication and authorization includes a first receiving unit 401, an authentication registration unit 402, a second receiving unit 403, and a second authentication feedback unit 404.
The first receiving unit 401 is configured to receive, if the caller needs to call a method of an interface corresponding to an application, a filing request corresponding to the application sent by the caller by the authorization platform;
the authentication and record unit 402 is configured to perform authentication and record on the record request issued by the caller to obtain record information.
The second receiving unit 403 is configured to, when the caller issues a call request corresponding to the application to the service provider, receive, by the authorization platform, an authentication request issued by the service provider for performing authority authentication on the call request of the caller, where the call request includes a method call request for calling a method in an interface;
the second authentication feedback unit 404 is configured to perform, by the authorization platform, authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result, and feed back the authority authentication result to the service provider, where the authority authentication includes determining an authority of the caller to invoke the interface and an authority of invoking a method in the interface; and if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider.
In some embodiments, for example, in this embodiment, referring to fig. 15, the authentication and registration unit 402 includes an assigning subunit 4021, a second signature generating subunit 4022, and a configuration saving subunit 4023.
The allocating subunit 4021 is configured to allocate, according to the docketing request, an app id corresponding to the application and a private key bound to the app id for the caller;
the second signature generation subunit 4022 is configured to sign the private key to generate an authentication character indicating unique identity information of the application;
the configuration saving subunit 4023 is configured to configure interface authority information and method authority information corresponding to the application of the caller, and bind and save the interface authority information and method authority information with the authentication character in the authorization platform as filing information.
In some embodiments, for example, in this embodiment, referring to fig. 14, the second authentication feedback unit 404 includes a third judgment sub-unit 4041, a fourth judgment sub-unit 4042, and a second judgment sub-unit 4043.
The third determining subunit 4041 is configured to determine, according to preset interface permission information, whether the application of the calling party has a permission to call the interface;
the fourth determining subunit 4042 is configured to determine, according to preset method permission information, whether the application of the caller has a permission to call the method if the application of the caller has the permission to call the interface;
the second determining subunit 4043 is configured to determine, if the application of the caller has the authority to call the method, that an authority authentication result of performing authority authentication on the call request of the caller is that authentication is passed.
It should be noted that, as can be clearly understood by those skilled in the art, the specific implementation processes of the authentication and authorization-based RPC remote call system 400 and each unit may refer to the corresponding descriptions in the foregoing method embodiments, and for convenience and brevity of description, no further description is provided herein.
The authentication and authorization-based RPC remote call system described above may be implemented in the form of a computer program that may run on a computer device as shown in fig. 16.
Referring to fig. 16, fig. 16 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 500 may be the first server side, the second server side or the third server side.
Referring to fig. 16, the computer device 500 includes a processor 502, memory, and a network interface 505 connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.
The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer programs 5032 comprise program instructions that, when executed, cause the processor 502 to perform an authentication and authorization based RPC remote call method.
The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.
The internal memory 504 provides an environment for the computer program 5032 in the non-volatile storage medium 503 to run, and when the computer program 5032 on the first server side, the second server side or the third server side is executed by the processor 502, the processors 502 may be enabled to jointly execute an RPC remote call method based on authentication and authorization.
The network interface 505 is used for network communication with other devices. Those skilled in the art will appreciate that the architecture shown in fig. 15 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing device 500 to which the disclosed aspects apply, as a particular computing device 500 may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In this embodiment, the processor 502 of the first server is configured to run the computer program 5032 stored in the memory, so as to implement the following steps: if the caller needs to call a method corresponding to an interface of an application, the caller sends a filing request corresponding to the application to the authorization platform.
In this embodiment, the processor 502 of the second server is configured to run the computer program 5032 stored in the memory, so as to implement the following steps: and the authorization platform authenticates and records the record request sent by the calling party to obtain record information.
In this embodiment, the processor 502 of the first server is configured to run the computer program 5032 stored in the memory, so as to implement the following steps: the caller issues a call request corresponding to the application to the service provider, the call request including a method call request for calling a method in an interface.
In this embodiment, the processor 502 of the third server is configured to run the computer program 5032 stored in the memory, so as to implement the following steps: and the service provider sends an authentication request for performing authority authentication on the calling request of the caller to the authorization platform.
The processor 502 at the second server side is configured to run the computer program 5032 stored in the memory to implement the following steps: and the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface.
The processor 502 of the first server is configured to run the computer program 5032 stored in the memory to implement the following steps: and if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider.
In this embodiment, when implementing the step of authenticating and recording the recording request sent by the caller by the authorization platform to obtain the recording information, the processor 502 at the second server specifically implements the following steps: according to the filing request, allocating an AppId corresponding to the application and a private key bound with the AppId to the calling party; signing the private key to generate an authentication character indicating unique identity information of the application; configuring interface authority information and method authority information corresponding to the application of the calling party, binding the interface authority information and the method authority information with the authentication character, and storing the interface authority information and the method authority information in the authorization platform as record information.
In this embodiment, when the authorization platform implements the authorization to perform the authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result and feed the authority authentication result back to the service provider, the authority authentication includes the following steps of determining the authority of the caller to invoke the interface and the authority to invoke the method in the interface: acquiring an authentication request which is sent by the service provider and used for carrying out authority authentication on the calling request of the caller; judging whether the application of the calling party has the authority of calling the interface or not according to preset interface authority information; if the application of the calling party has the authority to call the interface, judging whether the application of the calling party has the authority to call the method according to preset method authority information; if the application of the caller has the authority to call the method, judging that the authority authentication result of the authority authentication of the call request of the caller is authentication pass; and feeding back the authority authentication result to the service provider.
In this embodiment, when the authorization platform implements the authorization to perform the authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result and feed the authority authentication result back to the service provider, the authority authentication includes the following steps of determining the authority of the caller to invoke the interface and the authority to invoke the method in the interface: if the application of the caller does not have the authority of calling the interface, the authorization platform sends a first preset prompt message to the caller; and if the application of the caller does not have the authority of calling the method, the authorization platform sends second preset prompt information to the caller.
It should be understood that in the embodiment of the present Application, the Processor 502 may be a Central Processing Unit (CPU), and the Processor 502 may also be other general-purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
It will be understood by those skilled in the art that all or part of the flow of the method implementing the above embodiments may be accomplished by generating request-related hardware through a computer program. The computer program includes program instructions, and the computer program may be stored in a storage medium, which is a computer-readable storage medium. The program instructions are executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.
Accordingly, the present invention also provides a storage medium. The storage medium may be a computer-readable storage medium. The storage media provided by the present invention store computer programs that when executed by processors, respectively, collectively implement the various embodiments of the authentication and authorization-based RPC remote Call method described above.
The storage medium may be a usb disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk, which can store various computer readable storage media.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, various elements or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be merged, divided and deleted according to actual needs. In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium, and including several requests for generating a request to enable a computer device (which may be a personal computer, a terminal, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. The utility model provides a RPC remote calling method based on authentication and authentication, is applied to RPC remote calling system, RPC remote calling system includes first server end, second server end and third server end, first server end is the caller of calling interface, the second server end is an authorization platform, the third server end is for providing the service provider of interface, a serial communication port, the method includes:
if the caller needs to call a method corresponding to an interface of an application, the caller sends a filing request corresponding to the application to the authorization platform;
the authorization platform authenticates and records the record request sent by the calling party to obtain record information;
the caller sends a call request corresponding to the application to the service provider, the call request comprising a method call request for calling a method in an interface;
the service provider sends an authentication request for performing authority authentication on the calling request of the caller to the authorization platform;
the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface;
and if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider.
2. The RPC remote invocation method based on authentication and authorization as claimed in claim 1, wherein the step of the authorization platform authenticating and filing the filing request issued by the caller to obtain filing information comprises:
according to the filing request, allocating an AppId corresponding to the application and a private key bound with the AppId to the calling party;
signing the private key to generate an authentication character indicating unique identity information of the application;
configuring interface authority information and method authority information corresponding to the application of the calling party, binding the interface authority information and the method authority information with the authentication character, and storing the interface authority information and the method authority information in the authorization platform as record information.
3. The RPC remote invocation method based on authentication and authorization as claimed in claim 1, wherein the step of the authorization platform performing authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result and feeding back the authority authentication result to the service provider comprises:
acquiring an authentication request which is sent by the service provider and used for carrying out authority authentication on the calling request of the caller;
judging whether the application of the calling party has the authority of calling the interface or not according to preset interface authority information;
if the application of the calling party has the authority to call the interface, judging whether the application of the calling party has the authority to call the method according to preset method authority information;
if the application of the caller has the authority to call the method, judging that the authority authentication result of the authority authentication of the call request of the caller is authentication pass;
and feeding back the authority authentication result to the service provider.
4. The RPC remote invocation method based on authentication and authorization as claimed in claim 3, wherein the step of the authorization platform performing authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result and feeding back the authority authentication result to the service provider further comprises:
if the application of the caller does not have the authority of calling the interface, the authorization platform sends a first preset prompt message to the caller;
and if the application of the caller does not have the authority of calling the method, the authorization platform sends second preset prompt information to the caller.
5. The utility model provides a RPC remote calling method based on authentication and authentication, the method is applied to the second server side in the RPC remote calling system, the second server side is an authorization platform, RPC remote calling system still includes first server side and third server side, first server side is the caller of calling interface, the third server side is the service provider who provides the interface, its characterized in that, the method includes:
if the caller needs to call a method corresponding to an interface of an application, the authorization platform receives a filing request corresponding to the application sent by the caller;
the authorization platform authenticates and records the record request sent by the calling party to obtain record information;
when the caller sends a call request corresponding to the application to the service provider, the authorization platform receives an authentication request sent by the service provider for performing authority authentication on the call request of the caller, wherein the call request comprises a method call request for calling a method in an interface;
the authorization platform carries out authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feeds the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface; and if the authority authentication result is that the authentication is passed, the caller acquires the method in the interface corresponding to the application provided by the service provider.
6. The RPC remote invocation method based on authentication and authorization as claimed in claim 5, wherein said step of authenticating and filing said filing request issued by said caller to obtain filing information comprises:
according to the filing request, allocating an AppId corresponding to the application and a private key bound with the AppId to the calling party;
signing the private key to generate an authentication character indicating unique identity information of the application;
configuring interface authority information and method authority information corresponding to the application of the calling party, binding the interface authority information and the method authority information with the authentication character, and storing the interface authority information and the method authority information in the authorization platform as record information.
7. The RPC remote invocation method based on authentication and authorization as claimed in claim 5, wherein the step of the authorization platform performing authority authentication on the invocation request of the caller according to the authentication request and the docketing information to obtain an authority authentication result and feeding back the authority authentication result to the service provider comprises:
judging whether the application of the calling party has the authority of calling the interface or not according to preset interface authority information;
if the application of the calling party has the authority to call the interface, judging whether the application of the calling party has the authority to call the method according to preset method authority information;
and if the application of the caller has the authority to call the method, judging that the authority authentication result of the authority authentication of the call request of the caller is authentication passing.
8. An RPC remote call system based on authentication and authorization, comprising: the system comprises a first sending unit, a second sending unit and an obtaining unit which are configured at a first server end, an authentication unit and a first authentication feedback unit which are configured at a second server end, and a third sending unit which is configured at a third server end, wherein the first server end is a caller for calling an interface, the second server end is an authorization platform, and the third server end is a service provider for providing an interface, wherein:
the first sending unit is used for sending a filing request corresponding to an application to the authorization platform by the calling party if the calling party needs to call a method corresponding to an interface of the application;
the authentication unit is used for the authorization platform to authenticate and record the record request sent by the calling party so as to obtain record information;
the second issuing unit is used for the caller to issue a call request corresponding to the application to the service provider, wherein the call request comprises a method call request for calling a method in an interface;
the third sending unit is used for sending an authentication request for performing authority authentication on the calling request of the calling party to the authorization platform by the service provider;
the first authentication feedback unit is used for the authorization platform to perform authority authentication on the calling request of the caller according to the authentication request and the filing information to obtain an authority authentication result and feed the authority authentication result back to the service provider, wherein the authority authentication comprises the authority for determining the caller to call the interface and the authority for calling the method in the interface;
the obtaining unit is configured to obtain, by the caller, the method in the interface corresponding to the application provided by the service provider if the permission authentication result is that authentication is passed.
9. An RPC remote calling system based on authentication and authorization, which comprises a first server side, a second server side and a third server side, wherein the first server side, the second server side and the third server side all comprise a memory and a processor, the memory stores a computer program, and the processors of the first server side, the second server side and the third server side jointly realize the method of any one of claims 1-4 when executing the respective computer program.
10. A computer-readable storage medium, characterized in that the storage medium stores a computer program which, when executed by at least one processor, implements the method of any one of claims 1-7.
CN202011445222.6A 2020-12-08 2020-12-08 RPC remote calling method, system and storage medium based on authentication and authorization Pending CN112506678A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011445222.6A CN112506678A (en) 2020-12-08 2020-12-08 RPC remote calling method, system and storage medium based on authentication and authorization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011445222.6A CN112506678A (en) 2020-12-08 2020-12-08 RPC remote calling method, system and storage medium based on authentication and authorization

Publications (1)

Publication Number Publication Date
CN112506678A true CN112506678A (en) 2021-03-16

Family

ID=74971162

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011445222.6A Pending CN112506678A (en) 2020-12-08 2020-12-08 RPC remote calling method, system and storage medium based on authentication and authorization

Country Status (1)

Country Link
CN (1) CN112506678A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666387A (en) * 2022-03-25 2022-06-24 广州方硅信息技术有限公司 Interface management system, method, storage medium and computer device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130019289A1 (en) * 2011-07-14 2013-01-17 Docusign, Inc. Online signature identity and verification in community
CN107493286A (en) * 2017-08-23 2017-12-19 杭州安恒信息技术有限公司 A kind of RPC remote procedure calling (PRC) methods based on secure authentication
CN110493237A (en) * 2019-08-26 2019-11-22 深圳前海环融联易信息科技服务有限公司 Identity management method, device, computer equipment and storage medium
CN111095865A (en) * 2019-07-02 2020-05-01 阿里巴巴集团控股有限公司 System and method for issuing verifiable claims
CN111754216A (en) * 2020-06-19 2020-10-09 多加网络科技(北京)有限公司 Automatic switching method for payment link
CN111858089A (en) * 2020-06-29 2020-10-30 北京百度网讯科技有限公司 Method and device for calling Ether house node

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130019289A1 (en) * 2011-07-14 2013-01-17 Docusign, Inc. Online signature identity and verification in community
CN107493286A (en) * 2017-08-23 2017-12-19 杭州安恒信息技术有限公司 A kind of RPC remote procedure calling (PRC) methods based on secure authentication
CN111095865A (en) * 2019-07-02 2020-05-01 阿里巴巴集团控股有限公司 System and method for issuing verifiable claims
CN110493237A (en) * 2019-08-26 2019-11-22 深圳前海环融联易信息科技服务有限公司 Identity management method, device, computer equipment and storage medium
CN111754216A (en) * 2020-06-19 2020-10-09 多加网络科技(北京)有限公司 Automatic switching method for payment link
CN111858089A (en) * 2020-06-29 2020-10-30 北京百度网讯科技有限公司 Method and device for calling Ether house node

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王东;樊燕红;: "公安警务综合认证鉴权服务中心的设计与实现", 信息技术与信息化, no. 06 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666387A (en) * 2022-03-25 2022-06-24 广州方硅信息技术有限公司 Interface management system, method, storage medium and computer device

Similar Documents

Publication Publication Date Title
US9860234B2 (en) Bundled authorization requests
US9565178B2 (en) Using representational state transfer (REST) for consent management
CN106657130B (en) MQTT-based access authentication method and equipment
US10891383B2 (en) Validating computer resource usage
US8763089B2 (en) Flexible authentication and authorization mechanism
US20150365399A1 (en) Method and apparatus for sharing server resources using a local group
CN110213276B (en) Authorization verification method under micro-service architecture, server, terminal and medium
KR102336553B1 (en) How to manage nicknames and devices
CN111556006A (en) Third-party application system login method, device, terminal and SSO service platform
US20160021113A1 (en) Techniques for secure debugging and monitoring
WO2015042349A1 (en) Multiple resource servers with single, flexible, pluggable oauth server and oauth-protected restful oauth consent management service, and mobile application single sign on oauth service
WO2020173019A1 (en) Access certificate verification method and device, computer equipment and storage medium
CN111526111B (en) Control method, device and equipment for logging in light application and computer storage medium
US11102204B1 (en) Agreement and enforcement of rules for a shared resource
WO2016134482A1 (en) License management for device management system
CN112506678A (en) RPC remote calling method, system and storage medium based on authentication and authorization
CN111404794B (en) CAN bus network sharing system and method based on virtualization
CN112532604B (en) Cache access control method and device, computer equipment and storage medium
CN113946815B (en) Authorization method for federal learning and privacy computation
CN116761168A (en) Method, system and electronic equipment for distributing network slices
CN116049860A (en) Access control method, device, computer equipment and storage medium
CN117040930A (en) Resource processing method, device, product, equipment and medium of block chain network
CN115766123A (en) Data cross-domain authorization method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination