CN112685703A - Authorization method, device and system - Google Patents
Authorization method, device and system Download PDFInfo
- Publication number
- CN112685703A CN112685703A CN202011608360.1A CN202011608360A CN112685703A CN 112685703 A CN112685703 A CN 112685703A CN 202011608360 A CN202011608360 A CN 202011608360A CN 112685703 A CN112685703 A CN 112685703A
- Authority
- CN
- China
- Prior art keywords
- user
- authorization
- social application
- application server
- user equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 222
- 238000000034 method Methods 0.000 title claims abstract description 66
- 238000012546 transfer Methods 0.000 claims description 8
- 230000008520 organization Effects 0.000 claims description 4
- 230000002452 interceptive effect Effects 0.000 claims description 2
- 230000004044 response Effects 0.000 claims description 2
- 230000001960 triggered effect Effects 0.000 claims 2
- 238000012545 processing Methods 0.000 abstract description 14
- 238000004891 communication Methods 0.000 abstract description 12
- 230000006870 function Effects 0.000 description 13
- 230000008569 process Effects 0.000 description 12
- 230000003993 interaction Effects 0.000 description 10
- 238000004590 computer program Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 101150053844 APP1 gene Proteins 0.000 description 5
- 101100189105 Homo sapiens PABPC4 gene Proteins 0.000 description 5
- 102100039424 Polyadenylate-binding protein 4 Human genes 0.000 description 5
- 238000007726 management method Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application provides an authorization method, equipment and a system, which can utilize messages sent by a social application to authorize a third-party system, because the social application is a common application type, users generally use the social application to carry out daily communication, a social application server can preset processing logic, and when a first user with initial authority sends an authorization message to a second user by using the social application, the third-party system is automatically informed to grant corresponding target authority to the second user, an authorization flow is integrated into a conventional communication function of the social application, and a brand-new authorization mode among the users is provided. Therefore, the second user can directly obtain the corresponding target authority, the authority can be used in the same way as the first user, and meanwhile, the phenomenon that the user sends the visualized certificate information can be avoided, and the safety is improved.
Description
Technical Field
The present application relates to the field of information technologies, and in particular, to an authorization method, device, and system.
Background
With the development of internet technology, more and more systems can electronically grant corresponding rights to users of their services, so that the users can use the services provided by the systems. For example, in the field of logistics, if a user a needs to go to an express delivery cabinet to pick up stored articles, the logistics system firstly opens a picking right for the user a, so that the user a can use the identity of the user a and open the express delivery cabinet to pick up the articles in a code scanning manner. However, when the user a wants another user B to help take the goods, the user B does not have the corresponding authority, and cannot directly use the identity of the user B to scan the code to open the express delivery cabinet.
For such a situation, the current solution is that the logistics system generates customized credential information, such as a pickup code composed of characters, based on the authority of the user a, the credential information is sent to the user B by the user a, and the user B opens the express cabinet to pick up the goods by manually inputting the pickup code. Although the problem that the user B cannot take the place of the express delivery cabinet can be solved in the mode, in the whole process, the voucher information is directly exposed to the outside in a plaintext mode, and any person can open the express delivery cabinet after obtaining the voucher information, so that the safety is poor, the risk that articles are falsely taken exists, and for the user B, manual input is needed when the voucher information is used, the operation is complicated, and the physical examination is poor.
Disclosure of Invention
An object of the present application is to provide an authorization method, device and system.
To achieve the above object, some embodiments of the present application provide an authorization method at a first user equipment, where the method includes:
the first user equipment sends an authorization message to second user equipment through a social application server, so that when the social application server detects that the first user equipment sends the authorization message to the second user equipment through the social application server, the social application server provides authority related parameters of the authorization message to a third-party system, and triggers the social application server to obtain an authorization success receipt returned by the third-party system, wherein the first user corresponding to the first user equipment already obtains an initial authority of the third-party system, the authorization success receipt is generated after the third-party system grants a target authority to the second user corresponding to the second user equipment according to the authority related parameters, and the target authority is smaller than or equal to the initial authority.
Some embodiments of the present application further provide an authorization method at a social application server side, where the method includes:
when the social application server detects that the first user equipment sends an authorization message to the second user equipment through the social application server, the social application server provides authority related parameters of the authorization message to a third-party system, and a first user corresponding to the first user equipment already obtains an initial authority of the third-party system;
the social application server obtains an authorization success receipt returned by the third-party system, wherein the authorization success receipt is generated after the third-party system grants a target authority to a second user corresponding to the second user equipment according to the authority related parameters, and the target authority is smaller than or equal to an initial authority;
and after obtaining the successful response receipt of the authorization, the social application server sends the authorization message to the second user equipment.
Some embodiments of the present application further provide an authorization method at a third-party system side, where the method includes:
the third-party system grants an initial permission to the first user;
the third-party system acquires authority related parameters of the authorization message sent by the social application server, wherein the authority related parameters are provided by the social application server when detecting that first user equipment corresponding to the first user sends the authorization message to second user equipment through the social application server;
the third-party system grants a target permission to a second user corresponding to the second user equipment according to the permission related parameters and generates a successful authorization receipt, wherein the target permission is less than or equal to the initial permission;
and the third-party system sends an authorization success receipt to the social application server, so that the social application server sends the authorization message to the second user equipment after obtaining the authorization success receipt.
Furthermore, a computing device is provided in an embodiment of the present application, the device comprising a memory for storing computer-readable instructions and a processor for executing the computer-readable instructions, wherein the computer-readable instructions, when executed by the processor, trigger the device to perform the authorization method.
Embodiments of the present application also provide a computer readable medium having stored thereon computer readable instructions executable by a processor to implement the authorization method.
An embodiment of the present application further provides an authorization system, where the system includes:
the third-party system is used for granting an initial permission to the first user, acquiring permission related parameters of the authorization message sent by the social application server, granting a target permission to a second user corresponding to the second user equipment according to the permission related parameters, generating an authorization success receipt, and sending the authorization success receipt to the social application server, wherein the target permission is smaller than or equal to the initial permission;
the first user equipment sends an authorization message to the second user equipment through the social application server;
the social application server is used for providing the permission related parameters of the authorization message to a third-party system when detecting that the first user equipment sends the authorization message to the second user equipment through the social application server, acquiring an authorization success receipt returned by the third-party system, and sending the authorization message to the second user equipment after acquiring the authorization success receipt;
and the second user equipment acquires the authorization message through the social application server.
In the authorization scheme provided by the embodiment of the application, after the third-party system grants the initial authority to the first user, a first user device corresponding to a first user can send an authorization message to a second user device through a social application server, the social application server provides authority related parameters of the authorization message to a third-party system when detecting that the first user device sends the authorization message to the second user device through the social application server, the third-party system grants the target permission to the second user corresponding to the second user equipment according to the permission related parameters and generates an authorization success receipt, after the social application server obtains the authorization success receipt, the authorization message may be sent to the second user device, so that the second user may know that he or she obtains the target permission through the authorization message received by the second user device. Because the social application is a common application type, users generally use the social application to perform daily communication, the social application server can preset processing logic, and when detecting that a first user with an initial permission sends an authorization message to a second user by using the social application, a third-party system is automatically notified to grant a corresponding target permission to the second user, and an authorization process is integrated into a conventional communication function of the social application, so that a brand-new authorization mode among the users is provided. Because the second user can directly obtain the corresponding target authority, the second user can use the authority in the same way as the first user, and simultaneously can avoid the transmission of the visualized certificate information between the users, thereby improving the safety.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
fig. 1 is a diagram of an interaction process between participants when implementing the authorization method according to an embodiment of the present application;
fig. 2 is an interaction process between the participants when another authorization method is implemented in the embodiment of the present application;
fig. 3 is a schematic structural diagram of a computing device for implementing the authorization method according to an embodiment of the present application;
the same or similar reference numbers in the drawings identify the same or similar elements.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In a typical configuration of the present application, the terminal, the devices serving the network each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device.
The embodiment of the application provides an authorization method, the method utilizes a message sent by a social application to authorize a third-party system, the social application is a common application type, users generally use the social application to carry out daily communication, a social application server can preset processing logic, when a first user with initial authority sends an authorization message to a second user by using the social application, the third-party system is automatically notified to grant corresponding target authority to the second user, an authorization process is integrated into a conventional communication function of the social application, and a brand-new authorization mode among the users is provided. Therefore, the second user can directly obtain the corresponding target authority, the authority can be used in the same way as the first user, and meanwhile, the phenomenon that the user sends the visualized certificate information can be avoided, and the safety is improved.
The first user equipment and the second user equipment are respectively used by the first user and the second user, and include but are not limited to various terminal devices such as a computer, a mobile phone, a tablet computer, and a smart watch, a client program of a social application is run on the terminal devices to complete corresponding processing and interaction logic between the terminal devices and the user and other devices, the social application server may include but is not limited to a network host, a single network server, a plurality of network server sets, or a computer set based on Cloud Computing, and the like, where a Cloud is formed by a large number of hosts or network servers based on Cloud Computing (Cloud Computing), where Cloud Computing is one type of distributed Computing, and is a virtual computer formed by a group of loosely coupled computer sets. And a server program of the social application can be run in the server device to complete corresponding processing and interaction logic among other devices. The third-party system is any service system capable of providing the user with the authority, for example, a logistics management system capable of providing the user with the authority to open an express cabinet, a resource management system capable of providing the user with the authority to download, and the like.
Fig. 1 shows an interaction process between various parties when implementing the authorization method according to an embodiment of the present application, where the interaction process involves an authorization system composed of parties, such as a first user device 110, a second user device 120, a social application server 130, and a third-party system 140, and includes at least the following processing steps:
step S101, a third-party system grants an initial permission to a first user, so that the first user corresponding to first user equipment obtains the initial permission of the third-party system before authorizing a second user. Taking the logistics management system providing the authority to open the express cabinet as the third-party system as an example, if a courier puts a certain express of the first user into the express cabinet, the authority to open the express cabinet can be opened for the first user according to the express receiving flow, and at this time, the first user can obtain the initial authority distributed by the third-party system. For example, in this embodiment, the initial right obtained by the first user may be a right to open a courier cabinet numbered S1-08 within 7 days.
Step S102, the first user equipment sends an authorization message to the second user equipment through the social application server.
The first user equipment is terminal equipment used by the first user and running social application, the first user can log in a social application client program running on any terminal equipment through a social application account of the first user, and the terminal equipment is the first user equipment at the moment. For example, a certain user a logs in a client APP1 of a social application on his mobile phone through a mobile phone number as an account, and then sends an authorization message to a second user through the APP1, in the interaction process, the user a is a first user, and the mobile phone used by the user a is first user equipment.
The authorization message is used for granting a target authority within a range to a second user using second user equipment, and the authority range of the target authority is smaller than or equal to an original authority originally owned by the first user because the target authority is from the first user. For example, if the initial right obtained by the first user is a right to open a courier cabinet with the number of S1-08 within 7 days, the range of the target right granted by the authorization message to the second user is at most equal to the range of the initial right, such as a right to open a courier cabinet with the number of S1-08 within 2 days, but a right to open the courier cabinet within 8 days cannot be granted to the second user.
The form of the authorization message conforms to the message form in the social application, and the specific form may be a message form commonly used in the social application, such as text, voice, link, etc., for example, the first user may send a text message "allow to open express locker # S1-08 of XXX system within 3 days" to the second user in the social application APP1 as the authorization message authorizing the second user, or may also send a link containing specific content to the second user in the social application APP1 as the authorization message authorizing the second user. Alternatively, the authorization message may also be in a form that the social application and the third-party system have agreed in advance, such as a notification message including agreed parameters, where the agreed parameters may be an identifier of the third-party system, an authority token, holder (i.e., first user) information, a digital signature, and the like.
Before the first user equipment sends the authorization message to the second user equipment through the social application server, the authorization mode information of the authorization message can be flexibly determined according to the needs of an actual scene. The authorization method information may include the following: sharing rights, temporary authorization, or transferring rights. The sharing authority refers to the fact that the initial authority owned by the first user is completely provided for the second user to use, and the target authority obtained by the second user is the same as the initial authority at the moment; temporary authorization means that a first user provides an initial right owned by the first user to a second user in a limited manner, for example, the scope of right, the lifetime, whether the second user can be authorized again, and the like can be limited, and the target right obtained by the second user is smaller than the initial right; the transfer permission means that the first user transfers the initial permission that the first user owns to the second user, and the first user does not own the initial permission any more after the transfer, for example, after the first user authorizes the second user in a manner of transferring permission, the second user can obtain the target permission the same as the initial permission, but the first user does not own the initial permission any more thereafter.
In some implementations of the present application, the first user device may also determine the second user in the set of candidate users before sending the authorization message to the second user device through the social application server. The candidate user set is a set of users that can be selected as an authorization object, and in this embodiment, the candidate user set may include one or a combination of more than one of the following:
a friend user of the first user. The friend user is a user who establishes a friend relationship with the first user in the social application. The friend relationship refers to a specific social relationship among users in the social application, and according to different social applications, the friend relationship may have various different concrete expression forms, such as mutual attention among users, mutual addition among users as contacts, and the like, and may be managed and provided by a social application server.
Member users belonging to an organization to which the first user belongs within the social application. The affiliated organization in the social application refers to a group including a plurality of users in the social application, and similarly, according to the difference of the social application, the affiliated organization may have various different concrete forms, such as a chat group, a conference group, an affiliated unit, and the like, and may be managed and provided by the social application server.
A user obtaining permission from a third party system. The third-party system may provide the permitted users to the social application in advance through a white list or a black list, so that the first user device may obtain the corresponding candidate user set before sending the authorization message through the social application. For example, the third-party system may record account information of some users in the social application in a white list in advance, and provide the white list to the social application server, so that the first user device may obtain a candidate user set before sending the authorization message through the social application, where the user list in the candidate user set is the user list in the white list, so that the first user device may determine the candidate user set from the candidate user set. The blacklist may be used for combining other user sets, for example, after a user in the blacklist is removed from friend users of a first user, the remaining friend users are used as a candidate user set.
Therefore, based on one or more combinations, the scheme in the embodiment of the present application may provide multiple forms of candidate user sets, and the finally determined second user may be one user or multiple users, such as selecting a part or all of the candidate user sets.
In order to improve the use experience of the first user, when the first user equipment determines the second user in the candidate user set, a selection interface related to the candidate user set may be displayed in the interactive interface, so that the first user may input a selection operation based on the selection interface, thereby enabling the first user equipment to acquire the selection operation of the first user in the selection interface, and determine the second user in the candidate user set according to the selection operation.
Step S103, when the social application server detects that the first user equipment sends the authorization message to the second user equipment through the social application server, the social application server provides the authority related parameters of the authorization message to a third-party system.
In an actual scenario, in the above interaction process, since the social application is used to send the authorization message, and the transmission of the authorization message is implemented by the social application server that provides a service for a related function of the social application, when detecting that the first user equipment sends the authorization message to the second user equipment through the social application server, the social application server may provide, based on the authorization message, the permission-related parameter of the authorization message to the third-party system.
The permission related parameters of the authorization message are used for determining the related information of the authorization, so that the third-party system can grant corresponding target permission to the second user according to the permission related parameters. For example, the information related to the authority may at least include a provider of the authority, a recipient of the authority, authority content, and the like, if the provider of the authority is user a, the recipient of the authority is user B, and the authority content is an express delivery cabinet with a serial number of S1-08 opened within 2 days in the logistics management system S, the parameters related to the authority may be transmitted between the social application server and the third-party system in any agreed form.
In addition, the specific content of the information related to the permission can also be set according to the needs of the actual scene, for example, besides the above information, the information related to the permission can also include authorization mode information, so that a third-party system can perform different processing on the permission according to the authorization mode. It will be understood by those skilled in the art that the specific contents of the above-mentioned right related information are only examples, and other forms existing or coming out later based on similar principles, if applicable to the present application, should be included in the protection scope of the present application and are included herein by reference.
Since the authorization message conforms to the message form used by the social application for interaction. Therefore, the social application server can determine whether the message belongs to an authorization message for authorization between users based on detection of the message when the message between users is received. In an actual scenario, the format of the authorization message may be agreed in advance, and whether the authorization message belongs to the authorization message is determined by detecting the format of the message, for example, a special mark such as "#####" is added at the start position of the text message, audio information with specific content is added at the start position of the voice message, or a preset mark is added in the notification message. By identifying these formatted indicia, it is possible to determine whether the format of the message meets the requirements, and thereby determine whether a message is a normal message or an authorized message between users.
Step S104, the third-party system obtains the authority related parameters of the authorization message sent by the social application server.
And step S105, the third-party system grants a target permission to the second user corresponding to the second user equipment according to the permission related parameters and generates a successful authorization receipt.
Taking the foregoing scenario as an example, if the provider of the right in the right related information is user a, the recipient of the right is user B, and the content of the right is an express delivery cabinet with a serial number of S1-08 opened within 2 days in the logistics management system S, at this time, the third party system may first query the initial right owned by the right provider (i.e., the first user) of the current authorization, and perform subsequent authorization processing if the range of the initial right is greater than or equal to the target right to be granted, grant the target right to the right recipient (i.e., the second user), and generate a successful receipt of authorization.
In an actual scenario, if the third-party system determines that the authorization mode information of the authorization message is the transfer authority after granting the target authority to the second user corresponding to the second user device according to the authority-related parameter, the initial authority of the first user may be cancelled. At this point, the second user may obtain the same target rights as the initial rights, but the first user thereafter no longer possesses the initial rights.
If the range of the initial authority of the authority provider is smaller than the target authority to be granted or the target authority is not covered, subsequent authorization processing is not performed, so that the problem of safety is avoided. For example, if the user a has an initial right of opening a courier cabinet with the number of S1-08 within 7 days, and the authorization message sent by the user a wants to grant the user B a target right of opening a courier cabinet with the number of S1-08 within 10 days or an courier cabinet with the number of S1-11 within 7 days, since the initial right of the user a has been exceeded, the third-party system does not grant the target right to the user B, and an authorization failure receipt may be generated at the same time.
Step S106, the third-party system sends an authorization success receipt to the social application server.
Step S107, the social application server obtains an authorization success receipt returned by the third-party system.
Step S108, the social application server sends the authorization message to the second user equipment. Therefore, the first user can finish the authorization of the second user by sending the message in the social application, the authorization process is integrated into the conventional communication function of the social application, a brand-new authorization mode among the users is provided, the second user can directly obtain the corresponding target authority, the authority can be used in the same mode as the first user, the phenomenon that the user sends the visualized certificate information is avoided, and the safety is improved. By taking a scene of taking the express delivery as an example, after the scheme provided by the application is adopted, when a user A needs to ask a user B to take the express delivery, the user A can send a message to the user B through the social application APP1 to complete the granting of the article receiving permission, and at the moment, the user B can directly use the account number of the user B to scan the code to open the express delivery cabinet to take the delivery, and the user B does not need to communicate with the user A to obtain the delivery code and then open the express delivery cabinet to take the delivery by inputting the delivery code.
In an actual scenario, if the authorization failure receipt generated by the third-party system is received, the authorization failure receipt may also be sent to the social application server, and after receiving the authorization failure receipt, the social application server does not send the authorization message to the second user equipment any more, but may notify the second user of the authorization failure by sending a notification.
In some embodiments of the present application, another authorization method is provided, an interaction flow of the method is shown in fig. 2, and includes the following processing steps:
step S201, the third-party system grants an initial permission to the first user, so that the first user corresponding to the first user device already obtains the initial permission of the third-party system before authorizing the second user.
Step S202, the third-party system sends a notification request to the social application server.
Step S203, the social application server sends an authorization notification to the first user equipment according to the notification request of the third-party system.
Wherein the authorization notification is for the first user to notify that they have obtained initial rights. In a practical scenario, a service interface provided by the social application server may be invoked by a third-party system through a notification request, such that the social application server sends an authorization notification to the user device. For example, in an actual scenario, the third-party system may have a corresponding social principal object, such as a public number, an applet, and the like, in a social application, and the third-party system may call a service interface to send an authorization notification to the first user by using the social principal object.
Step S204, the first user equipment receives the authorization notification and sends an authorization message to the second user equipment through the social application server based on the authorization notification.
In a practical scenario, the first user may forward the authorization notification as an authorization message to the second user in the social application to enable the sending of the authorization message. For example, after receiving the authorization notification in the social application, the first user may operate the outgoing call operation menu by pressing for a long time, select a forwarding option therein, and then select the second user as a target for forwarding, thereby sending the authorization message to the second user device through the social application server.
In some embodiments of the application, the authorization notification may be an operation entry for a user to input authorization manner information, for example, a pop-up link page may be clicked or an interface displayed as operable may be clicked, and the first user device may complete sending of the authorization message according to an input operation of the user based on the operation entry. For example, after clicking the authorization notification, the first user may jump to a page, a candidate user set available for authorization may be selected in the page, the first user may select a second user that needs to be authorized this time by checking a list in the candidate user set, and after the selection is completed, clicking a confirmation button may automatically send an authorization message to the corresponding second user device through the social application server.
The authorization notification may also be used to select authorization method information of the authorization message in the operation entry provided by the authorization notification, and at this time, the first user equipment may determine authorization method information of the authorization message according to an input operation of the user based on the operation entry, including the aforementioned sharing right, temporary authorization, transfer right, or the like, so that the grant of the right is more flexible, and requirements of different application scenarios are met. In addition, the first user may also set the authorization manner information by replying to the authorization notification in the social application, for example, the authorization notification may provide a plurality of selectable options, and inform the user to reply different contents to correspond to different selection results, for example, reply 1 indicates sharing rights, reply 2+ restriction conditions of authorization indicates temporary authorization, reply 3 indicates transfer rights, and the like, so that the first user may set the authorization manner information by replying to different contents in the social application.
Step S205, when detecting that the first user equipment sends an authorization message to the second user equipment through the social application server, the social application server provides the permission-related parameter of the authorization message to a third-party system.
Step S206, the third-party system obtains the permission-related parameter of the authorization message sent by the social application server.
And step S207, the third-party system grants a target permission to the second user corresponding to the second user equipment according to the permission related parameters and generates a successful authorization receipt.
Step S208, the third-party system sends an authorization success receipt to the social application server.
Step S209, the social application server obtains an authorization success receipt returned by the third-party system.
Step S210, the social application server sends the authorization message to the second user equipment.
Based on the same inventive concept, the embodiment of the present application further provides a computing device, where the computing device may be configured to implement an authorization function of the first user device, the social application server, or the third-party system, and the method corresponding to the computing device may be an authorization method implemented in the first user device, the social application server, or the third-party system in the foregoing embodiment, and a principle of solving the problem is similar to that of the method. The device comprises a memory for storing computer program instructions and a processor for executing the computer program instructions, wherein the computer program instructions, when executed by the processor, trigger the device to perform the aforementioned method of implementing the authorization.
Fig. 3 shows a structure of a device suitable for implementing the method and/or technical solution in the embodiment of the present application, and the device 300 includes a Central Processing Unit (CPU)301, which can execute various suitable actions and processes according to a program stored in a Read Only Memory (ROM) 302 or a program loaded from a storage portion 308 into a Random Access Memory (RAM) 303. In the RAM303, various programs and data necessary for system operation are also stored. The CPU 301, ROM 302, and RAM303 are connected to each other via a bus 304. An Input/Output (I/O) interface 305 is also connected to bus 304.
The following components are connected to the I/O interface 305: an input portion 306 including a keyboard, a mouse, a touch screen, a microphone, an infrared sensor, and the like; an output section 307 including a Display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), an LED Display, an OLED Display, and the like, and a speaker; a storage section 308 comprising one or more computer-readable media such as a hard disk, optical disk, magnetic disk, semiconductor memory, or the like; and a communication section 309 including a Network interface card such as a LAN (Local Area Network) card, a modem, or the like. The communication section 309 performs communication processing via a network such as the internet.
In particular, the methods and/or embodiments in the embodiments of the present application may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. The computer program performs the above-described functions defined in the method of the present application when executed by the Central Processing Unit (CPU) 301.
It should be noted that the computer readable medium described herein can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart or block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer-readable medium carries one or more computer-readable instructions executable by a processor to implement the methods and/or aspects of the embodiments of the present application as described above.
To sum up, in the solutions provided in some embodiments of the present application, the message sent by the social application may be used to authorize the third-party system, because the social application is a common application type, users generally use the social application to perform daily communication, the social application server may set processing logic in advance, and when it is detected that a first user with an initial permission sends an authorization message to a second user by using the social application, the third-party system is automatically notified to grant a corresponding target permission to the second user, and an authorization process is integrated into a conventional communication function of the social application, thereby providing a new authorization manner among users. Therefore, the second user can directly obtain the corresponding target authority, the authority can be used in the same way as the first user, and meanwhile, the phenomenon that the user sends the visualized certificate information can be avoided, and the safety is improved.
It should be noted that the present application may be implemented in software and/or a combination of software and hardware, for example, implemented using Application Specific Integrated Circuits (ASICs), general purpose computers or any other similar hardware devices. In some embodiments, the software programs of the present application may be executed by a processor to implement the above steps or functions. Likewise, the software programs (including associated data structures) of the present application may be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the apparatus claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
Claims (14)
1. A method of authorization, wherein the method comprises:
the method comprises the steps that a first user device sends an authorization message to a second user device through a social application server, so that when the social application server detects that the first user device sends the authorization message to the second user device through the social application server, authority related parameters of the authorization message are provided for a third-party system, the social application server is triggered to obtain an authorization success receipt returned by the third-party system, wherein a first user corresponding to the first user device already obtains an initial authority of the third-party system, the authorization success receipt is generated after the third-party system grants a target authority to the second user corresponding to the second user device according to the authority related parameters, and the target authority is smaller than or equal to the initial authority.
2. The method of claim 1, wherein the first user device sending the authorization message to the second user device through the social application server comprises:
the first user equipment receives an authorization notification, wherein the authorization notification is sent by a social application server according to a notification request of the third-party system;
the first user device sends an authorization message to a second user device through the social application server based on the authorization notification.
3. The method of claim 1, wherein prior to the first user device sending the authorization message to the second user device through the social application server, further comprising:
the first user equipment determines authorization mode information of an authorization message, wherein the authorization mode information is sharing authority, temporary authorization or transfer authority.
4. The method of claim 3, wherein the determining, by the first user equipment, the authorization manner information of the authorization message comprises:
the method comprises the steps that first user equipment receives an authorization notification before sending an authorization message to second user equipment through a social application server, wherein the authorization notification is sent by the social application server according to a notification request of a third-party system and comprises an operation entrance for a user to input authorization mode information;
and the first user equipment determines the authorization mode information of the authorization message according to the input operation of the user based on the operation entrance.
5. The method of claim 1, wherein prior to the first user device sending the authorization message to the second user device through the social application server, further comprising:
the first user equipment determines a second user in a candidate user set, wherein the candidate user set comprises one or more of the following combinations:
a friend user of the first user;
member users belonging to an organization to which the first user belongs within the social application;
a user obtaining permission from a third party system.
6. The method of claim 5, wherein the first user device determining the second user in the set of candidate users comprises:
the first user equipment displays a selection interface related to the candidate user set in the interactive interface;
and the first user equipment acquires the selection operation of the first user in the selection interface and determines a second user in the candidate user set according to the selection operation.
7. A method of authorization, wherein the method comprises:
when the social application server detects that the first user equipment sends an authorization message to the second user equipment through the social application server, the social application server provides authority related parameters of the authorization message to a third-party system, and a first user corresponding to the first user equipment already obtains an initial authority of the third-party system;
the social application server obtains an authorization success receipt returned by the third-party system, wherein the authorization success receipt is generated after the third-party system grants a target authority to a second user corresponding to the second user equipment according to the authority related parameters, and the target authority is smaller than or equal to an initial authority;
and after obtaining the successful response receipt of the authorization, the social application server sends the authorization message to the second user equipment.
8. The method of claim 7, wherein, prior to detecting that the first user device sends an authorization message to a second user device through the social application server, the social application server further comprises:
and the social application server sends an authorization notification to the first user equipment according to the notification request of the third-party system, so that the first user equipment sends an authorization message to the second user equipment through the social application server based on the authorization notification, wherein the authorization notification is used for prompting the initial permission which is obtained by the first user and granted by the third-party system.
9. A method of authorization, wherein the method comprises:
the third-party system grants an initial permission to the first user;
the third-party system acquires authority related parameters of the authorization message sent by the social application server, wherein the authority related parameters are provided by the social application server when detecting that first user equipment corresponding to the first user sends the authorization message to second user equipment through the social application server;
the third-party system grants a target permission to a second user corresponding to the second user equipment according to the permission related parameters and generates a successful authorization receipt, wherein the target permission is less than or equal to the initial permission;
and the third-party system sends an authorization success receipt to the social application server, so that the social application server sends the authorization message to the second user equipment after obtaining the authorization success receipt.
10. The method of claim 9, wherein after assigning the initial privilege to the first user by the third-party system, further comprising:
and the third-party system sends a notification request to the social application server so that the social application server sends an authorization notification to first user equipment corresponding to the first user, and the first user equipment is triggered to send an authorization message to second user equipment through the social application server based on the authorization notification.
11. The method of claim 9, wherein after the third-party system grants the target permission to the second user corresponding to the second user device according to the permission-related parameter, the method further comprises:
and if the third-party system determines that the authorization mode information of the authorization message is the transfer authority, canceling the initial authority of the first user.
12. A computing device comprising a memory for storing computer readable instructions and a processor for executing the computer readable instructions, wherein the computer readable instructions, when executed by the processor, trigger the device to perform the method of any of claims 1 to 11.
13. A computer readable medium having computer readable instructions stored thereon which are executable by a processor to implement the method of any one of claims 1 to 11.
14. An authorization system, wherein the system comprises:
the third-party system is used for granting an initial permission to the first user, acquiring permission related parameters of the authorization message sent by the social application server, granting a target permission to a second user corresponding to the second user equipment according to the permission related parameters, generating an authorization success receipt, and sending the authorization success receipt to the social application server, wherein the target permission is smaller than or equal to the initial permission;
the first user equipment sends an authorization message to the second user equipment through the social application server;
the social application server is used for providing the permission related parameters of the authorization message to a third-party system when detecting that the first user equipment sends the authorization message to the second user equipment through the social application server, acquiring an authorization success receipt returned by the third-party system, and sending the authorization message to the second user equipment after acquiring the authorization success receipt;
and the second user equipment acquires the authorization message through the social application server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011608360.1A CN112685703A (en) | 2020-12-29 | 2020-12-29 | Authorization method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011608360.1A CN112685703A (en) | 2020-12-29 | 2020-12-29 | Authorization method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112685703A true CN112685703A (en) | 2021-04-20 |
Family
ID=75454903
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011608360.1A Pending CN112685703A (en) | 2020-12-29 | 2020-12-29 | Authorization method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112685703A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110119931A (en) * | 2019-05-17 | 2019-08-13 | 合肥美的智能科技有限公司 | Authorize the method and system, server and machine readable storage medium for picking |
| CN111062654A (en) * | 2019-11-27 | 2020-04-24 | 坎德拉(深圳)科技创新有限公司 | Method for taking delivered parts |
| CN111724109A (en) * | 2020-06-05 | 2020-09-29 | 上海掌门科技有限公司 | Method, equipment and system for realizing extraction of logistics objects |
| CN111784263A (en) * | 2020-07-28 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Authorization processing method and device and logistics object processing method and device |
-
2020
- 2020-12-29 CN CN202011608360.1A patent/CN112685703A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110119931A (en) * | 2019-05-17 | 2019-08-13 | 合肥美的智能科技有限公司 | Authorize the method and system, server and machine readable storage medium for picking |
| CN111062654A (en) * | 2019-11-27 | 2020-04-24 | 坎德拉(深圳)科技创新有限公司 | Method for taking delivered parts |
| CN111724109A (en) * | 2020-06-05 | 2020-09-29 | 上海掌门科技有限公司 | Method, equipment and system for realizing extraction of logistics objects |
| CN111784263A (en) * | 2020-07-28 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Authorization processing method and device and logistics object processing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109831456B (en) | Message pushing method, device, equipment and storage medium | |
| US10587591B2 (en) | Generating a password | |
| US10063547B2 (en) | Authorization authentication method and apparatus | |
| WO2017084290A1 (en) | Public account two-dimensional code generation method and server, and public account following method, server and terminal | |
| WO2021218613A1 (en) | Mail processing method and apparatus, electronic device and storage medium | |
| US11658963B2 (en) | Cooperative communication validation | |
| US11316818B1 (en) | Context-based consolidation of communications across different communication platforms | |
| CN113591439B (en) | Information interaction method and device, electronic equipment and storage medium | |
| CN104793870A (en) | Data sharing method and device | |
| CN112769684B (en) | Method and device for adding friends | |
| JP2022130673A (en) | Methods and apparatuses for managing external approval provisioning and external messaging communication requests in group-based communication system | |
| US9516009B2 (en) | Authenticating redirection service | |
| US20220394002A1 (en) | Information exchange method and apparatus, electronic device, and storage medium | |
| JP2023162267A (en) | Interaction method, device, and electronic apparatus | |
| CN110113246B (en) | Method for protecting conversation privacy | |
| CN113961836A (en) | Page jump method and device, electronic equipment and storage medium | |
| CN112311750B (en) | Interaction method and device and electronic equipment | |
| CN112286632A (en) | Cloud platform, cloud platform management method and device, electronic equipment and storage medium | |
| CN111054079A (en) | Information query method and device, electronic equipment and storage medium | |
| CN112685703A (en) | Authorization method, device and system | |
| CN107920012B (en) | Instant communication message storage method and device | |
| CN112346615A (en) | Information processing method and device | |
| CN114827060A (en) | Interaction method and device and electronic equipment | |
| CN113420133A (en) | Session processing method, device, equipment and storage medium | |
| CN111786936A (en) | Method and device for authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210420 |
|
| RJ01 | Rejection of invention patent application after publication |