CN113761498A - Third party login information hosting method, system, equipment and storage medium - Google Patents
Third party login information hosting method, system, equipment and storage medium Download PDFInfo
- Publication number
- CN113761498A CN113761498A CN202111050930.4A CN202111050930A CN113761498A CN 113761498 A CN113761498 A CN 113761498A CN 202111050930 A CN202111050930 A CN 202111050930A CN 113761498 A CN113761498 A CN 113761498A
- Authority
- CN
- China
- Prior art keywords
- party
- login information
- server
- login
- current application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Abstract
The application provides a third party login information hosting method, a system, equipment and a storage medium, and when the current application is logged in, a third party login request is firstly obtained; acquiring historical login information according to the third party request; judging whether a third party login record exists according to historical login information; if yes, sending a third party login information access request to the hosting server; receiving a third party login information ciphertext sent by a hosting server; decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, wherein the third party login information comprises an account and a password; and automatically logging in the current application according to the third party logging information. If no third-party login record exists, the third-party login record indicates that the third-party server needs to be authorized and authenticated for the first time, and login information after authentication can be encrypted and stored through the escrow server, so that the security is high, and the third-party server is not relied on.
Description
Technical Field
The present application relates to the field of third party login technologies, and in particular, to a method, a system, a device, and a storage medium for third party login information hosting.
Background
The third party login refers to a function of completing login or registration of own application by using an existing account number and a password of a user on a third party platform by using an authorization protocol and an authorization mode which are mutually agreed. For example, when a user needs to watch a complete video and must log in when browsing a video website, the user can use a third-party account and a password such as WeChat, QQ or microblog to log in quickly, and the processes of logging in and registering on the video website are avoided or simplified.
However, fast login through a third-party account is easily restricted by a third party, and when a third-party system has a problem, the third-party system is affected jointly, and the security is low, so that the third-party system is easily attacked by a malicious website.
Therefore, the application provides a third party login information hosting method, a third party login information hosting system, a third party login information hosting device and a storage medium.
Disclosure of Invention
An object of the embodiments of the present application is to provide a method, a system, a device, and a storage medium for third party login information hosting, so as to solve the problem that security is poor and is restricted by a third party. The specific technical scheme is as follows:
in a first aspect, a third party login information hosting method is provided, which is applied to a current application server, and the method includes:
acquiring a third party login request;
acquiring historical login information according to the third party request;
judging whether a third party login record exists according to the historical login information;
if yes, sending a third party login information access request to the hosting server;
receiving a third party login information ciphertext sent by a hosting server;
decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, wherein the third party login information comprises an account and a password;
and automatically logging in the current application according to the third party logging information.
Optionally, the method further comprises:
if the historical login information does not have a third party login record, sending a third party login information authorization request to a third party server;
receiving an authorization code returned by the third-party server;
sending a first login information access request to a third-party server according to the authorization code;
receiving an access token sent by a third-party server;
sending a second login information access request to a third-party server according to the access token;
and receiving third party login information sent by the third party server.
Optionally, the method further comprises:
and encrypting the third party login information and storing the encrypted third party login information into the escrow server.
Optionally, the method further comprises:
and if the login is failed based on the third party login information of the hosting server, re-sending a third party login information authorization request to the third party server.
In a second aspect, the present application provides a third party login information hosting method, which is applied to a third party server, and the method includes:
receiving a login information authorization request sent by a third-party server and sent by a current application server;
jumping to a third-party client login page in response to the request;
acquiring third party login information input by a user on a third party client login page;
generating an authorization code according to the login information;
returning the authorization code to the current application server;
receiving a first login information access request sent by a current application server;
performing identity authentication according to the first login information access request;
after the verification is successful, sending an access token to the current application server;
receiving a second login information access request sent by the current application server;
and sending login information to the current application server according to the second login information access request.
In a third aspect, the present application provides a third party login information hosting system, which is applied to a current application server, and the system includes:
the first acquisition unit is used for acquiring a third party login request;
the second acquisition unit is used for acquiring historical login information according to the third party request;
the judging unit is used for judging whether the third party login record exists according to the historical login information;
the first sending unit is used for sending a third party login information access request to the hosting server;
the first receiving unit is used for receiving a third party login information ciphertext sent by the escrow server;
the decryption unit is used for decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, and the third party login information comprises an account and a password;
and the login unit is used for automatically logging in the current application according to the third party login information.
In a fourth aspect, the present application provides a third party login information hosting system, which is applied to a third party server, and the system includes:
the second receiving unit is used for receiving a login information authorization request sent by the current application server and sent by the third-party server;
the jumping unit is used for responding to the request and jumping to a login page of the third-party client;
the third acquisition unit is used for acquiring third party login information input by a user on a third party client login page;
the generating unit is used for generating an authorization code according to the login information;
a returning unit, configured to return the authorization code to the current application server;
the third receiving unit is used for receiving the first login information access request sent by the current application server;
the authentication unit is used for performing identity authentication according to the first login information access request;
the second sending unit is used for sending the access token to the current application server after the verification is successful;
the fourth receiving unit is used for receiving a second login information access request sent by the current application server;
and the third sending unit is used for sending the login information to the current application server according to the second login information access request.
In a fifth aspect, the present application provides an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any one of the first and second aspects when executing a program stored in the memory.
In a sixth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the method steps of any one of the first and second aspects.
In a seventh aspect, there is provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the third party login information hosting methods described above.
The embodiment of the application has the following beneficial effects:
the embodiment of the application provides a third party login information hosting method, and when a current application is logged in, a third party login request is firstly obtained; acquiring historical login information according to the third party request; judging whether a third party login record exists according to historical login information; if yes, the third party login information access request is sent to the hosting server, and if not, the third party login information access request is sent to the hosting server; receiving a third party login information ciphertext sent by a hosting server; decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, wherein the third party login information comprises an account and a password; and automatically logging in the current application according to the third party logging information. If no third-party login record exists, the third-party login record indicates that the third-party server needs to be logged in for the first time, the authorized authentication of the third-party server needs to be acquired, the login information after the first authentication can be encrypted and stored through the escrow server, the security is high, the third-party server does not depend on the third-party server, and if the third-party server has a problem, the current application login cannot be influenced.
Of course, not all advantages described above need to be achieved at the same time in the practice of any one product or method of the present application.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a flowchart of a third party login information hosting method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a third party login information hosting device according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A detailed description will be given below, with reference to a specific implementation manner, of a third party login information hosting method provided in an embodiment of the present application, as shown in fig. 1, applied to a current application server, and specifically includes the following steps:
step S101: and acquiring a third party login request.
Step S102: and acquiring historical login information according to the third party request.
Step S103: and judging whether the third party login record exists according to the historical login information.
Step S104: and if so, sending a third party login information access request to the hosting server.
Step S105: and receiving a third party login information ciphertext sent by the escrow server.
Step S106: and decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, wherein the third party login information comprises an account and a password.
Step S107: and automatically logging in the current application according to the third party logging information.
Optionally, the method further comprises:
if the historical login information does not have a third party login record, sending a third party login information authorization request to a third party server;
receiving an authorization code returned by the third-party server;
sending a first login information access request to a third-party server according to the authorization code;
receiving an access token sent by a third-party server;
sending a second login information access request to a third-party server according to the access token;
and receiving third party login information sent by the third party server.
Optionally, the method further comprises:
and encrypting the third party login information and storing the encrypted third party login information into the escrow server.
Optionally, the method further comprises:
and if the login is failed based on the third party login information of the hosting server, re-sending a third party login information authorization request to the third party server.
Based on the same inventive concept, the application provides a third party login information hosting method, which is applied to a third party server, and the method comprises the following steps:
receiving a login information authorization request sent by a third-party server and sent by a current application server;
jumping to a third-party client login page in response to the request;
acquiring third party login information input by a user on a third party client login page;
generating an authorization code according to the login information;
returning the authorization code to the current application server;
receiving a first login information access request sent by a current application server;
performing identity authentication according to the first login information access request;
after the verification is successful, sending an access token to the current application server;
receiving a second login information access request sent by the current application server;
and sending login information to the current application server according to the second login information access request.
Based on the same inventive concept, the present application provides a third party login information hosting system, as shown in fig. 2, applied to a current application server, the system including:
a first obtaining unit 201, configured to obtain a third party login request.
A second obtaining unit 202, configured to obtain history login information according to the third party request.
A judging unit 203, configured to judge whether there is the third party login record according to the history login information.
A first sending unit 204, configured to send a third party login information access request to the hosted server.
The first receiving unit 205 is configured to receive a third party login information ciphertext sent by the hosted server.
The decryption unit 206 is configured to decrypt the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, where the third party login information includes an account and a password.
And a login unit 207, configured to automatically login to the current application according to the third party login information.
In a fourth aspect, the present application provides a third party login information hosting system, which is applied to a third party server, and the system includes:
the second receiving unit is used for receiving a login information authorization request sent by the current application server and sent by the third-party server;
the jumping unit is used for responding to the request and jumping to a login page of the third-party client;
the third acquisition unit is used for acquiring third party login information input by a user on a third party client login page;
the generating unit is used for generating an authorization code according to the login information;
a returning unit, configured to return the authorization code to the current application server;
the third receiving unit is used for receiving the first login information access request sent by the current application server;
the authentication unit is used for performing identity authentication according to the first login information access request;
the second sending unit is used for sending the access token to the current application server after the verification is successful;
the fourth receiving unit is used for receiving a second login information access request sent by the current application server;
and the third sending unit is used for sending the login information to the current application server according to the second login information access request.
Based on the same technical concept, the embodiment of the present invention further provides an electronic device, as shown in fig. 3, including a processor 301, a communication interface 302, a memory 303, and a communication bus 304, where the processor 301, the communication interface 302, and the memory 303 complete mutual communication through the communication bus 304,
a memory 303 for storing a computer program;
the processor 301 is configured to implement the third party login information hosting method when executing the program stored in the memory 303, and includes:
the communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In another embodiment of the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of any of the above third party login information hosting methods.
In yet another embodiment of the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the third party login information hosting methods of the above embodiments.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is merely exemplary of the present application and is presented to enable those skilled in the art to understand and practice the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. A third party login information hosting method is applied to a current application server, and the method comprises the following steps:
acquiring a third party login request;
acquiring historical login information according to the third party request;
judging whether a third party login record exists according to the historical login information;
if yes, sending a third party login information access request to the hosting server;
receiving a third party login information ciphertext sent by a hosting server;
decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, wherein the third party login information comprises an account and a password;
and automatically logging in the current application according to the third party logging information.
2. The method of claim 1, further comprising:
if the historical login information does not have a third party login record, sending a third party login information authorization request to a third party server;
receiving an authorization code returned by the third-party server;
sending a first login information access request to a third-party server according to the authorization code;
receiving an access token sent by a third-party server;
sending a second login information access request to a third-party server according to the access token;
and receiving third party login information sent by the third party server.
3. The method of claim 2, further comprising:
and encrypting the third party login information and storing the encrypted third party login information into the escrow server.
4. The method of claim 2, further comprising:
and if the login is failed based on the third party login information of the hosting server, re-sending a third party login information authorization request to the third party server.
5. A third party login information hosting method is applied to a third party server, and the method comprises the following steps:
receiving a login information authorization request sent by a third-party server and sent by a current application server;
jumping to a third-party client login page in response to the request;
acquiring third party login information input by a user on a third party client login page;
generating an authorization code according to the login information;
returning the authorization code to the current application server;
receiving a first login information access request sent by a current application server;
performing identity authentication according to the first login information access request;
after the verification is successful, sending an access token to the current application server;
receiving a second login information access request sent by the current application server;
and sending login information to the current application server according to the second login information access request.
6. A third party login information hosting system, applied to a current application server, the system comprising:
the first acquisition unit is used for acquiring a third party login request;
the second acquisition unit is used for acquiring historical login information according to the third party request;
the judging unit is used for judging whether the third party login record exists according to the historical login information;
the first sending unit is used for sending a third party login information access request to the hosting server;
the first receiving unit is used for receiving a third party login information ciphertext sent by the escrow server;
the decryption unit is used for decrypting the third party login information ciphertext based on a preset decryption algorithm to obtain third party login information, and the third party login information comprises an account and a password;
and the login unit is used for automatically logging in the current application according to the third party login information.
7. A third party login information hosting system, applied to a third party server, the system comprising:
the second receiving unit is used for receiving a login information authorization request sent by the current application server and sent by the third-party server;
the jumping unit is used for responding to the request and jumping to a login page of the third-party client;
the third acquisition unit is used for acquiring third party login information input by a user on a third party client login page;
the generating unit is used for generating an authorization code according to the login information;
a returning unit, configured to return the authorization code to the current application server;
the third receiving unit is used for receiving the first login information access request sent by the current application server;
the authentication unit is used for performing identity authentication according to the first login information access request;
the second sending unit is used for sending the access token to the current application server after the verification is successful;
the fourth receiving unit is used for receiving a second login information access request sent by the current application server;
and the third sending unit is used for sending the login information to the current application server according to the second login information access request.
8. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any one of claims 1 to 5 when executing a program stored in the memory.
9. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of the claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111050930.4A CN113761498A (en) | 2021-09-08 | 2021-09-08 | Third party login information hosting method, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111050930.4A CN113761498A (en) | 2021-09-08 | 2021-09-08 | Third party login information hosting method, system, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113761498A true CN113761498A (en) | 2021-12-07 |
Family
ID=78793972
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111050930.4A Pending CN113761498A (en) | 2021-09-08 | 2021-09-08 | Third party login information hosting method, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113761498A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114499975A (en) * | 2021-12-28 | 2022-05-13 | 北京深思数盾科技股份有限公司 | Method for verifying login server, server and storage medium |
| CN115982748A (en) * | 2023-03-20 | 2023-04-18 | 中国信息通信研究院 | Method, device and equipment for safely controlling data resource hosting based on block chain |
-
2021
- 2021-09-08 CN CN202111050930.4A patent/CN113761498A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114499975A (en) * | 2021-12-28 | 2022-05-13 | 北京深思数盾科技股份有限公司 | Method for verifying login server, server and storage medium |
| CN114499975B (en) * | 2021-12-28 | 2023-05-26 | 北京深盾科技股份有限公司 | Verification method for login server, server and storage medium |
| CN115982748A (en) * | 2023-03-20 | 2023-04-18 | 中国信息通信研究院 | Method, device and equipment for safely controlling data resource hosting based on block chain |
| CN115982748B (en) * | 2023-03-20 | 2023-08-15 | 中国信息通信研究院 | Method, device and equipment for safely controlling data resource hosting based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10666642B2 (en) | System and method for service assisted mobile pairing of password-less computer login | |
| US10445487B2 (en) | Methods and apparatus for authentication of joint account login | |
| US10218701B2 (en) | System and method for securing account access by verifying account with email provider | |
| TW201507430A (en) | Authentication and authorization with a bundled token | |
| US20160381001A1 (en) | Method and apparatus for identity authentication between systems | |
| US10362055B2 (en) | System and methods for active brute force attack protection | |
| CN112583607A (en) | Equipment access management method, device, system and storage medium | |
| US11409861B2 (en) | Passwordless authentication | |
| CN113761498A (en) | Third party login information hosting method, system, equipment and storage medium | |
| WO2022001717A1 (en) | Blockchain-based user information processing method and system | |
| CN111669351B (en) | Authentication method, service server, client and computer readable storage medium | |
| CN109286620B (en) | User right management method, system, device and computer readable storage medium | |
| CN111565179B (en) | Identity verification method and device, electronic equipment and storage medium | |
| CN110704820A (en) | Login processing method and device, electronic equipment and computer readable storage medium | |
| CN115695012A (en) | Login request processing method and device, electronic equipment and storage medium | |
| CN110445768B (en) | Login method and device and electronic equipment | |
| CN111259368A (en) | Method and equipment for logging in system | |
| CN108390878B (en) | Method and device for verifying network request security | |
| US9154497B1 (en) | Maintaining accountability of a shared password among multiple users | |
| CN111510288B (en) | Key management method, electronic device and storage medium | |
| CN112948857A (en) | Document processing method and device | |
| CN110034922B (en) | Request processing method, processing device, request verification method and verification device | |
| CN111355583B (en) | Service providing system, method, device, electronic equipment and storage medium | |
| CN116248351A (en) | Resource access method and device, electronic equipment and storage medium | |
| CN114021093A (en) | Information processing method and system and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |