CN114338130B - Information processing method, device, server and storage medium - Google Patents
Information processing method, device, server and storage medium Download PDFInfo
- Publication number
- CN114338130B CN114338130B CN202111601243.7A CN202111601243A CN114338130B CN 114338130 B CN114338130 B CN 114338130B CN 202111601243 A CN202111601243 A CN 202111601243A CN 114338130 B CN114338130 B CN 114338130B
- Authority
- CN
- China
- Prior art keywords
- authorization
- client
- authorization code
- resource identifier
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000010365 information processing Effects 0.000 title claims description 10
- 238000003672 processing method Methods 0.000 title description 7
- 238000013475 authorization Methods 0.000 claims abstract description 415
- 238000012795 verification Methods 0.000 claims abstract description 124
- 238000000034 method Methods 0.000 claims abstract description 49
- 238000012545 processing Methods 0.000 claims abstract description 25
- 230000000977 initiatory effect Effects 0.000 claims description 16
- 230000004044 response Effects 0.000 claims description 8
- 230000005540 biological transmission Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011282 treatment Methods 0.000 description 1
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The disclosure relates to a method, a device, a server and a storage medium for processing information, wherein the method comprises the following steps: acquiring verification information input by an account by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client; under the condition that the verification information passes the verification, acquiring an authorization code corresponding to the redirection instruction; calling an authorization interface based on a preset resource identifier, and transmitting an authorization code to the client through the authorization interface; if an authorization token acquisition instruction sent by the client is received, acquiring a target authorization code in the authorization token acquisition instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code; the method and the device realize verification of account information and generation of authorization codes, send the authorization codes to the client through the preset resource identifier, and do not need to transmit the authorization codes in a jump mode, so that the stability of transmitting the authorization codes is enhanced, and the processing efficiency of authorization is improved.
Description
Technical Field
The disclosure relates to the field of computer technology, and in particular, to a method and a device for processing information, a server and a storage medium.
Background
With the development of internet technology, a plurality of application services can be authorized by the authority of one account so as to acquire corresponding service resources.
In the related art, oauth2.0 (an authorization mechanism) is generally adopted to authorize the service, but in the authorization process, the client needs to perform redirection and skip for multiple times to acquire the authorization code sent by the server to complete the acquisition of the service authority, and under the condition of low network communication quality, the situation that connection is lost and the service cannot skip possibly exists, so that the server cannot send the authorization code to the client, and the authorization fails; the existing authorization process is also inefficient.
Disclosure of Invention
The disclosure provides a method, a device, a server and a storage medium for processing information, so as to at least solve the problem that the authorization processing efficiency is low in the related art. The technical scheme of the present disclosure is as follows:
according to a first aspect of an embodiment of the present disclosure, there is provided a method for processing information, including:
responding to a redirection instruction sent by a client to acquire verification information input by an account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
Under the condition that the verification information passes verification, acquiring an authorization code corresponding to the redirection instruction;
invoking the authorization interface based on the preset resource identifier, and transmitting the authorization code to the client through the authorization interface;
and if an authorization token acquisition instruction sent by the client is received, acquiring a target authorization code in the authorization token acquisition instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, and the determining whether to send the authorization token to the client according to the target authorization code and the authorization code includes:
acquiring a target resource identifier carried in the authorization token acquisition instruction;
determining that the authorization token acquisition instruction passes verification under the condition that the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier;
generating an authorization token corresponding to the verification information of the account, and returning to the client; the client is used for accessing authorized data according to the authorization token.
In an exemplary embodiment, the invoking the authorization interface based on the preset resource identifier, and sending the authorization code to the client through the authorization interface includes:
filling the preset resource identifier with the authorization code as an interface calling parameter to obtain an updated preset resource identifier;
and initiating a request to an address corresponding to the updated preset resource identifier so as to call the authorization interface, so that the client side obtains the authorization code through the authorization interface.
In an exemplary embodiment, after initiating a request to an address corresponding to the updated preset resource identifier, the method further includes:
receiving a request result returned by the address, wherein the request result carries a request result value;
and under the condition that the request result value characterizes the client to successfully acquire the authorization code, determining that the authorization code is successfully transmitted to the client.
In an exemplary embodiment, after receiving the request result returned by the address, the method further includes:
and under the condition that the request result value represents that the client side does not successfully acquire the authorization code, initiating a request to an address corresponding to the updated preset resource identifier again after a preset time range is reserved until the request result value in the received request result represents that the client side successfully acquires the authorization code.
In an exemplary embodiment, after obtaining the verification information entered by the account, further comprising:
acquiring preset verification information of the account;
comparing the verification information with the preset verification information;
and if the verification information is consistent with the preset verification information, determining that the verification information passes verification.
In an exemplary embodiment, the acquiring the authorization code corresponding to the redirecting instruction includes:
retrieving a registration record matching the preset resource identifier from a preset registration record;
and under the condition that the registration record matched with the preset resource identifier exists, acquiring the authorization code corresponding to the redirection instruction according to the registration record.
According to a second aspect of the embodiments of the present disclosure, there is provided an information processing apparatus including:
the instruction response unit is configured to execute a redirection instruction sent by the client to acquire verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
an authorization code generation unit configured to perform, if the verification information passes verification, acquisition of an authorization code corresponding to the redirection instruction;
An authorization code transmitting unit configured to perform invoking the authorization interface based on the preset resource identifier, and transmit the authorization code to the client through the authorization interface;
and the authorization token sending unit is configured to execute the steps of obtaining a target authorization code in the authorization token obtaining instruction if receiving the authorization token obtaining instruction sent by the client, and determining whether to send the authorization token to the client according to the target authorization code and the authorization code.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, and the authorization token sending unit is configured to obtain the target resource identifier carried in the authorization token obtaining instruction; determining that the authorization token acquisition instruction passes verification under the condition that the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier; generating an authorization token corresponding to the verification information of the account, and returning to the client; the client is used for accessing authorized data according to the authorization token.
In an exemplary embodiment, the authorization code sending unit is further configured to perform filling the preset resource identifier with the authorization code as an interface call parameter to obtain an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier so as to call the authorization interface, so that the client side obtains the authorization code through the authorization interface.
In an exemplary embodiment, the authorization code sending unit is further configured to receive a request result returned by the address, where the request result carries a request result value; and under the condition that the request result value characterizes the client to successfully acquire the authorization code, determining that the authorization code is successfully transmitted to the client.
In an exemplary embodiment, the authorization code sending unit is further configured to perform, when the request result value indicates that the client side does not successfully obtain the authorization code, to initiate a request to an address corresponding to the updated preset resource identifier again after a preset time range is set, until a request result value in the received request result indicates that the client side successfully obtains the authorization code.
In an exemplary embodiment, the instruction response unit is further configured to perform obtaining preset verification information of the account; comparing the verification information with the preset verification information; and if the verification information is consistent with the preset verification information, determining that the verification information passes verification.
In an exemplary embodiment, the authorization code generation unit is configured to perform retrieving a registration record matching the preset resource identifier from a preset registration record; and under the condition that the registration record matched with the preset resource identifier exists, acquiring the authorization code corresponding to the redirection instruction according to the registration record.
According to a third aspect of embodiments of the present disclosure, there is provided a server comprising:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement the method of processing information according to any of the first aspects.
According to a fourth aspect of embodiments of the present disclosure, there is provided a computer readable storage medium, which when executed by a processor of a server, causes the server to perform the method of processing information according to any one of the first aspects.
According to a fifth aspect of embodiments of the present disclosure, there is provided a computer program product comprising instructions therein, which when executed by a processor of a server, enable the server to perform the method of processing information as described in any one of the first aspects.
The technical scheme provided by the embodiment of the disclosure at least brings the following beneficial effects: acquiring verification information input by an account by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client; under the condition that the verification information passes the verification, acquiring an authorization code corresponding to the redirection instruction; calling an authorization interface based on a preset resource identifier, and transmitting an authorization code to the client through the authorization interface; if an authorization token acquisition instruction sent by a client is received, a target authorization code in the authorization token acquisition instruction is acquired, whether the authorization token is sent to the client is determined according to the target authorization code and the authorization code, verification of account information is achieved, the authorization code is generated, the authorization code is sent to the client through a preset resource identifier, the authorization code is not required to be transferred in a jump mode, stability of authorization code transfer is enhanced, and authorization processing efficiency is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure and do not constitute an undue limitation on the disclosure.
Fig. 1 is an application environment diagram illustrating a method of processing information according to an exemplary embodiment.
Fig. 2 is a flow chart illustrating a method of processing information according to an exemplary embodiment.
Fig. 3 is a flowchart illustrating steps for generating an authorization token corresponding to authentication information for an account and returning to a client, according to an example embodiment.
Fig. 4 is a flowchart illustrating steps for transmitting an authorization code to a client through a preset resource identifier, according to an exemplary embodiment.
Fig. 5 is a flowchart illustrating yet another information processing method according to an exemplary embodiment.
Fig. 6 is a block diagram of an information processing apparatus according to an exemplary embodiment.
Fig. 7 is a block diagram of a server, according to an example embodiment.
Detailed Description
In order to enable those skilled in the art to better understand the technical solutions of the present disclosure, the technical solutions of the embodiments of the present disclosure will be clearly and completely described below with reference to the accompanying drawings.
It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the foregoing figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the disclosure described herein may be capable of operation in sequences other than those illustrated or described herein. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
It should be further noted that, the user information (including, but not limited to, user equipment information, user personal information, etc.) and the data (including, but not limited to, data for presentation, analyzed data, etc.) related to the present disclosure are information and data authorized by the user or sufficiently authorized by each party.
The information processing method provided by the disclosure can be applied to an application environment as shown in fig. 1. Wherein, the client 110 interacts with the server 120 through a network; the server 120 responds to the redirection instruction sent by the client 110 to acquire verification information input by the account; the redirection instruction carries a preset resource identifier; the server 120 acquires an authorization code corresponding to the redirection instruction in case that the verification information passes the verification; the server 120 sends the authorization code to the client 110 through a preset resource identifier; the client 110 is configured to obtain an authorization token corresponding to the account according to the authorization code.
In particular, client 110 may install one or more applications, each of which may provide at least one account number and related functionality to a user. The part of application programs can also provide relevant rights of account information for other application programs on the premise of user authorization; for example, the account information of the application a may be associated with the application B, that is, the user does not need to register account information for each application when using the application a, but authorizes other applications to use the registered account information according to one registered account information, so as to improve the convenience of using the application by the user.
The client 110 may be, but not limited to, various smartphones, tablet computers, notebook computers, etc., and the server 120 may be implemented by a stand-alone server or a server cluster formed by a plurality of servers.
Fig. 2 is a flowchart illustrating a method of processing information according to an exemplary embodiment, and as shown in fig. 2, the method of processing information is used in the server 120, and includes the following steps.
In step S210, in response to the redirection instruction sent by the client, acquiring verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client.
Wherein, redirection (Redirect) is to Redirect a network request to other locations; for example, access to the a page, the a page jumps to the B interface after receiving the access request, i.e. redirection from the a page to the B page is achieved.
The verification information is a measure for protecting information of the user of the account, and can be realized in various modes such as account name, account password, account registration time, account preset security problem and the like.
Wherein the preset resource identifier is a preset uniform resource identifier (Uniform Resource Identifier, URI), which indicates that each available resource on the network, such as a document, an image, a video clip, a program, etc., can be identified by the URI; URIs are usually composed of a naming mechanism of a resource, a host name of the resource and a name of the resource itself; in correspondence with the URI, there is a URL (Uniform Resource Locator ), which can be understood as a subset of the URI, and in colloquial terms, the URL is a character string describing information resources in network space, and is mainly used in various application programs and server programs; the URL may be used to describe various information resources in a uniform format, including files, addresses and directories of servers, etc., i.e., the URL is an implementation of the URI concept.
The authorization interface may be an interface pre-designated by the client for obtaining the authorization code. The authorization interface may be associated with a preset resource identifier, for example, a corresponding authorization interface may be determined or invoked based on the preset resource identifier.
Specifically, the client side responds to the operation of the account, and triggers and generates a redirection instruction; the client then sends the redirection instruction to the server, the server responds to the redirection instruction sent by the client, the account is guided to the page corresponding to the redirection instruction, the account inputs verification information of the account in the page, and the server verifies the information input by the account so as to confirm the identity of the account.
In step S220, in the case that the verification information passes the verification, an authorization code corresponding to the redirection instruction is acquired.
Wherein the authorization code is a parameter required by an authorization mode in the OAuth2 standard; oauth2 is a standard of open authorization, which aims to allow a third party application to access a specific private resource of the user in a certain server, but may not provide an account password of the user in the certain server to the third party application; implementation of the OAuth2 standard is typically divided into four roles, resource Owner: the resource owner, i.e., the account itself; resource Server: a resource server, i.e. for storing and providing account information; client: third party application client and Authorication Server: an authorization server, i.e., a server in the present disclosure.
Wherein the authorization code pattern (authorization code) is an authorization pattern in OAuth2 standard, and the authorization code (code) ensures the security of token.
Specifically, the server receives and responds to the verification information input by the account, and judges whether the client side has the authority to acquire the account authorization information; secondly, the server obtains the authorization code corresponding to the redirection instruction under the condition that the client side obtains the account authorization information. The server may acquire the authorization code according to account information, or acquire the authorization code according to a resource to be accessed by the client, or acquire or generate the authorization code according to a preset parameter of the resource to be accessed.
In step S230, the authorization interface is invoked based on a preset resource identifier, and an authorization code is sent to the client through the authorization interface.
The server can send the authorization code to the client through a preset resource identifier through an interface designed based on a RESTful architecture. REST (Representational State Transfer, chinese meaning representational state transfer), is called RESTful architecture, which conforms to the constraints and principles of REST; the RESTful architecture follows a unified interface principle, the unified interface comprises a group of limited predefined operations, and when any resource is transmitted through the RESTful architecture, the resource is accessed by using the same interface; the interface uses standard HTTP methods such as GET, PUT and POST and follows the semantics of these methods.
In practical application, after the server obtains the authorization code, the server can initiate the call to the authorization interface based on the preset resource identifier, and then the authorization can be sent to the client through the authorization interface. Specifically, for example, the server may obtain an authorization code, and then obtain a REST API URI preconfigured by the client, and attach the authorization code as a parameter of the preconfigured REST API URI, as a code in the parameter; for example, the complete REST API URI is "https:// www.code.com/REST/getcodec = ndlerjeew", where "ndlerjeew" is the authorization code appended to the REST API URI; the server uses the standard REST client to initiate a GET method request to the address, the server receives the returned structure body, the structure body comprises result and msg, and whether the client successfully receives the authorization code or not can be determined according to the values of result and msg in the structure body, namely whether the server successfully transmits the authorization code to the client or not.
The authorization code is attached to the REST API URI, and the authorization code is transferred in a request initiating mode, so that the problem caused by the fact that the authorization code is transferred by executing redirection in the traditional oauth2 authorization mode is avoided, and the processing efficiency of the authorization code is improved.
In step S240, if an authorization token acquisition instruction sent by the client is received, a target authorization code in the authorization token acquisition instruction is acquired, and whether to send the authorization token to the client is determined according to the target authorization code and the authorization code.
The authorization token is applied to the server at the back end by carrying the authorization code after the client receives the authorization code; after the client side obtains the authorization token through the authorization code application, the client side can access the corresponding resource in a certain time through the authorization token or access the corresponding resource for a certain number of times; the specific use mode of the authorization token can be dynamically adjusted according to actual conditions.
In a specific implementation, after receiving the authorization code, the client may perform identity verification based on the authorization code, and obtain the authorization token from the server to access the corresponding resource. Specifically, the client may generate an authorization token acquisition instruction, add the currently obtained authorization code thereof as a target authorization code to the authorization token acquisition instruction, and send the authorization token acquisition instruction to the server.
After receiving the authorization token acquisition instruction, the server may acquire the target authorization code in the instruction from the authorization token, and determine whether to send the authorization token to the client according to the target authorization code and the authorization code sent to the client before, for example, the target authorization code and the client authorization code may be compared, if the target authorization code and the client authorization code are consistent after the comparison, the authorization token may be sent to the client, or further verification is performed on the basis of the target authorization code and the authorization code. If the target authorization code does not correspond to the authorization code, the authorization token may not be sent to the client.
In the information processing method, verification information input by an account is obtained by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client; secondly, under the condition that the verification information passes verification, acquiring an authorization code corresponding to the redirection instruction, calling an authorization interface based on a preset resource identifier, and sending the authorization code to the client through the authorization interface; if an authorization token acquisition instruction sent by the client is received, a target authorization code in the authorization token acquisition instruction can be acquired, and whether the authorization token is sent to the client is determined according to the target authorization code and the authorization code; the method and the device realize verification of account information and generation of authorization codes, and send the authorization codes to the client through the authorization interface associated with the preset resource identifier without transmitting the authorization codes in a jump mode, so that the stability of transmitting the authorization codes is enhanced, and the processing efficiency of authorization is improved.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, as shown in fig. 3, and in step S240, determining whether to send the authorization token to the client according to the target authorization code and the authorization code includes:
In step S310, the target resource identifier carried in the authorization token acquisition instruction is acquired.
The authorization token acquisition instruction is instruction information generated by the client for further acquiring the authorization token after acquiring the authorization code; the client can request the server to acquire the authorization token through the instruction, and the server needs to check whether the target resource identifier and the target authorization code in the authorization token acquisition instruction sent by the client are consistent with the resource identifier and the authorization code which are set for the client in advance.
In step S320, in the case that the target authorization code matches the authorization code and the target resource identifier matches the preset resource identifier, it is determined that the authorization token acquisition instruction passes the verification.
Specifically, the server acquires a target authorization code and a target resource identifier carried in an authorization token acquisition instruction sent by the client from the authorization token acquisition instruction; matching the target authorization code and the target resource identifier according to a matching rule to obtain a matching result; the matching process is to judge whether the corresponding relation between the target authorization code and the target resource identifier is generated or not, namely, whether the A-B is A '-B' or not is judged to determine the matching of the target resource identifier and the preset resource identifier.
If the matching result is that the target resource identifier is matched with the preset resource identifier, determining that the authorization token acquisition instruction passes verification; if the matching result is that the target resource identifier is not matched with the preset resource identifier, determining that the authorization token acquisition instruction is not verified.
In step S330, an authorization token corresponding to the authentication information of the account is generated and returned to the client; the client is used for accessing the authorized data according to the authorization token.
Specifically, after determining that the authorization token acquisition instruction passes the verification, the server generates an authorization token corresponding to the verification information of the account, and returns the authorization token to the client; the client can access the authorized data by carrying the authorization token, the authorization token is equivalent to the authority for accessing the authorized data, and the client can access the authorized data within a preset time range.
According to the technical scheme provided by the embodiment of the disclosure, the verification process of the authorization token acquisition instruction is completed by judging whether the target authorization code is matched with the authorization code or not and whether the target resource identifier is matched with the preset resource identifier, the verification of the authorization token acquisition instruction is completed under the condition that account information cannot be revealed, and the security of generation and issuing of the authorization token is improved.
In an exemplary embodiment, as shown in fig. 4, the step S230, which invokes an authorization interface based on a preset resource identifier, sends an authorization code to the client through the authorization interface, includes:
in step S410, the authorization code is used as an interface call parameter, and the preset resource identifier is filled in to obtain an updated preset resource identifier.
In step S420, a request is initiated to an address corresponding to the updated preset resource identifier to invoke the authorization interface, so that the client obtains the authorization code through the authorization interface.
Specifically, after the server obtains the authorization code, the authorization code can be used as an interface call parameter to modify the preset resource identifier, and the process of modifying the preset resource identifier is equivalent to updating the preset resource identifier, namely, the updated preset resource identifier is obtained, and meanwhile, the updated preset resource identifier contains the authorization code. Because the server and the client both construct related interfaces based on REATful architecture in advance, the server can call the authorization interface by initiating a request based on a GET method to the updated preset resource identifier, and the client can acquire the authorization code through the authorization interface by transmitting the authorization code through the authorization interface, thereby realizing that the client sends the authorization code to the client based on the preset resource identifier.
In the technical scheme of the disclosure, since the reset interface is used for transferring in the background based on the preset resource identifier, the authorization code is sent to the client without the client to redirect the page, and the page jump is avoided according to the situation that the embedded addresses of the mobile terminal, the app and the like cannot be redirected, the cross-platform capability of the authorization mode is greatly enhanced, and meanwhile, the situation that the page redirected by the client is good and uneven and the user experience is influenced is avoided. In addition, the technical scheme of the disclosure can also be compatible with a scheme of redirecting and transmitting the authorization code through a browser, and when the authorization code is transmitted, a redirecting URI mode can be used, the authorization code can be transmitted through the scheme of the disclosure, and of course, the authorization code can also be simultaneously used.
According to the technical scheme provided by the embodiment of the disclosure, the client can acquire the authorization code through the authorization interface by initiating the request to the address corresponding to the updated preset resource identifier, and the mode that the authorization code needs to be redirected and returned in the related technology is not needed, so that the redirecting steps and flows are reduced, and the authorization processing efficiency is improved.
In an exemplary embodiment, after the request is initiated to the address corresponding to the updated preset resource identifier, the method further includes: receiving a request result returned by the address, wherein the request result carries a request result value; and under the condition that the request result value represents that the client side successfully acquires the authorization code, determining that the authorization code is successfully transmitted to the client side.
Specifically, after the server initiates a request to an address corresponding to a preset resource identifier through a GET method, the server receives a returned structure body as a request result, wherein the request result comprises result information and msg information, the result information can be used as a request result value carried by the request result, if the result information is 1, the client side successfully obtains an authorization code, and if the result information is other values, the client side does not obtain the authorization code.
According to the technical scheme provided by the embodiment of the disclosure, whether the authorization code is successfully sent to the client can be determined through the request result returned by the receiving address, so that the server can acquire the receiving state of the client as soon as possible, different treatments can be made according to different receiving states, and the processing efficiency of the authorization code is improved.
In an exemplary embodiment, after receiving the request result returned by the address, the method further includes: under the condition that the request result value represents that the client side does not successfully acquire the authorization code, initiating a request to an address corresponding to the updated preset resource identifier again after a preset time range is reserved until the request result value in the received request result represents that the client side successfully acquires the authorization code.
Specifically, if the client does not successfully acquire the authorization code, the server may retry the step of initiating the request to the address corresponding to the updated preset resource identifier, where the first retry and each subsequent retry may be separated by a preset time range, so as to ensure that the authorization code is transmitted on the premise that the request amount is not excessive. In addition to the interval preset time range, the number of times of initiating the request to the address corresponding to the updated preset resource identifier can be set, so as to limit the repeated request and avoid information redundancy.
According to the technical scheme provided by the embodiment of the disclosure, the request is initiated to the address corresponding to the updated preset resource identifier again after the preset time range is set, so that the client can acquire the authorization code within a certain time range, the problem that single transmission is unsuccessful is avoided, and the transmission efficiency of the authorization code is improved.
In an exemplary embodiment, after obtaining the verification information entered by the account, further comprising: acquiring preset verification information of an account; comparing the verification information with preset verification information; if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
Specifically, the preset verification information can be separately stored in a resource server different from the server, and the server can acquire corresponding preset verification information from the resource server after acquiring the verification information of the account; and determining whether the verification information passes verification according to the comparison result of the two verification information.
According to the technical scheme provided by the embodiment of the disclosure, verification of verification information is achieved by acquiring the preset verification information of the account, and the safety of data in the verification process of the verification information is improved.
In an exemplary embodiment, obtaining an authorization code corresponding to a redirect instruction includes: retrieving a registration record matching the preset resource identifier from the preset registration record; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
Specifically, the authorization code can be obtained by registering in advance to leave a preset registration record; the preset registration record can be a recording process carried out on one or more parameters of the resource to be accessed, the right to be acquired, the object to be accessed and the like; if a registration record matched with the preset resource identifier is retrieved from the preset registration record, the server can acquire a corresponding authorization code according to the registration record, wherein the resource pointed by the preset resource identifier can be accessed; if the registration record matched with the preset resource identifier is not retrieved in the preset registration record, the fact that the resource pointed by the preset resource identifier cannot be accessed is indicated, and the server can reject the redirection instruction.
According to the technical scheme provided by the embodiment of the disclosure, the state of whether the resource can be accessed is determined in advance through the preset registration record, so that the safety of resource storage and reading is improved.
In an exemplary embodiment, as shown in fig. 5, there is provided a further information processing method, including:
step S510, responding to a redirection instruction sent by a client, and acquiring verification information input by an account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client.
Step S520, obtaining preset verification information of an account; comparing the verification information with preset verification information; if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
Step S530, in the case that the verification information passes the verification, retrieving a registration record matched with the preset resource identifier from the preset registration record; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
Step S540, filling the preset resource identifier with the authorization code as an interface call parameter to obtain an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier to call the authorization interface, so that the client obtains the authorization code through the authorization interface.
Step S550, receiving a request result returned by the address, wherein the request result carries a request result value; and under the condition that the request result value represents that the client side successfully acquires the authorization code, determining that the authorization code is successfully transmitted to the client side.
Step S560, responding to the authorization token acquisition instruction sent by the client, and acquiring a target authorization code and a target resource identifier carried in the authorization token acquisition instruction; under the condition that the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier, determining that the authorization token acquisition instruction passes verification; generating an authorization token corresponding to the verification information of the account, and returning to the client; the client is used for accessing the authorized data according to the authorization token.
According to the technical scheme provided by the embodiment of the disclosure, verification information input by an account is obtained by responding to a redirection instruction sent by a client; the redirection instruction carries a preset resource identifier; secondly, under the condition that the verification information passes verification, acquiring an authorization code corresponding to the redirection instruction; finally, the authorization code is sent to the client through a preset resource identifier; the client is used for acquiring an authorization token corresponding to the account according to the authorization code; the method and the device realize verification of account information and generation of authorization codes, and send the authorization codes to the client through the preset resource identifier without transmitting the authorization codes in a jump mode, so that stability of authorization code transmission is enhanced, and processing efficiency of the authorization codes is improved.
It should be understood that, although the steps in the flowcharts of fig. 2-5 are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in fig. 2-5 may include multiple steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor does the order in which the steps or stages are performed necessarily performed in sequence, but may be performed alternately or alternately with at least a portion of the steps or stages in other steps or other steps.
It should be understood that the same/similar parts of the embodiments of the method described above in this specification may be referred to each other, and each embodiment focuses on differences from other embodiments, and references to descriptions of other method embodiments are only needed.
Fig. 6 is a block diagram of an information processing apparatus according to an exemplary embodiment. Referring to fig. 6, the apparatus includes an instruction response unit 602, an authorization code generation unit 604, an authorization code transmission unit 606, and an authorization token transmission unit 608.
The instruction response unit 602 is configured to execute a redirection instruction sent by the client to obtain verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
the authorization code generation unit 604 is configured to obtain an authorization code corresponding to the redirection instruction when the verification information passes verification;
the authorization code sending unit 606 is configured to execute calling of an authorization interface based on a preset resource identifier, and send an authorization code to the client through the authorization interface;
the authorization token sending unit 608 is configured to perform, if an authorization token obtaining instruction sent by the client is received, obtaining a target authorization code in the authorization token obtaining instruction, and determining whether to send the authorization token to the client according to the target authorization code and the authorization code.
In an exemplary embodiment, the authorization token obtaining instruction further includes a target resource identifier, and the authorization token sending unit is configured to perform obtaining of the target resource identifier carried in the authorization token obtaining instruction; under the condition that the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier, determining that the authorization token acquisition instruction passes verification; generating an authorization token corresponding to the verification information of the account, and returning to the client; the client is used for accessing the authorized data according to the authorization token.
In an exemplary embodiment, the authorization code sending unit 606 is further configured to perform filling the preset resource identifier with the authorization code as an interface call parameter, to obtain an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier so as to call the authorization interface, so that the client side obtains the authorization code through the authorization interface.
In an exemplary embodiment, the authorization code sending unit 606 is further configured to execute a request result returned by the receiving address, where the request result carries a request result value; and under the condition that the request result value represents that the client side successfully acquires the authorization code, determining that the authorization code is successfully transmitted to the client side.
In an exemplary embodiment, the authorization code sending unit 606 is further configured to perform, in a case where the request result value indicates that the client does not successfully obtain the authorization code, reinitiating the request to the address corresponding to the updated preset resource identifier after a preset time range is set, until the request result value in the received request result indicates that the client successfully obtains the authorization code.
In an exemplary embodiment, the instruction response unit 602 is further configured to perform obtaining preset verification information of the account; comparing the verification information with preset verification information; if the verification information is consistent with the preset verification information, determining that the verification information passes the verification.
In an exemplary embodiment, the authorization code generation unit 604 is configured to perform retrieving a registration record matching the preset resource identifier from the preset registration records; and under the condition that the registration record matched with the preset resource identifier exists, acquiring an authorization code corresponding to the redirection instruction according to the registration record.
The specific manner in which the various modules perform the operations in the apparatus of the above embodiments have been described in detail in connection with the embodiments of the method, and will not be described in detail herein.
Fig. 7 is a block diagram of an electronic device 700 for performing a processing method of information, according to an example embodiment. For example, the electronic device 700 may be a server. Referring to fig. 7, the electronic device 700 includes a processing component 720 that further includes one or more processors, and memory resources represented by a memory 722, for storing instructions, such as applications, executable by the processing component 720. The application program stored in memory 722 may include one or more modules that each correspond to a set of instructions. Further, the processing component 720 is configured to execute instructions to perform the above-described methods.
The electronic device 700 may further include: the power component 724 is configured to perform power management of the electronic device 700, the wired or wireless network interface 726 is configured to connect the electronic device 700 to a network, and the input output (I/O) interface 728. The electronic device 700 may operate based on an operating system stored in memory 722, such as Windows Server, mac OS X, unix, linux, freeBSD, or the like.
In an exemplary embodiment, a computer-readable storage medium is also provided, such as memory 722, including instructions executable by a processor of electronic device 700 to perform the above-described method. The storage medium may be a computer readable storage medium, for example, a ROM, random Access Memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.
In an exemplary embodiment, a computer program product is also provided, comprising instructions executable by a processor of the electronic device 700 to perform the above-described method.
It should be noted that the descriptions of the foregoing apparatus, the server, the computer readable storage medium, the computer program product, and the like according to the method embodiments may further include other implementations, and specific implementation manners may refer to descriptions of related method embodiments, which are not described herein in detail.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (16)
1. A method of processing information, comprising:
responding to a redirection instruction sent by a client to acquire verification information input by an account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
under the condition that the verification information passes verification, acquiring an authorization code corresponding to the redirection instruction;
invoking the authorization interface based on the preset resource identifier, and transmitting the authorization code to the client through the authorization interface;
and if an authorization token acquisition instruction sent by the client is received, acquiring a target authorization code in the authorization token acquisition instruction, and determining whether to send an authorization token to the client according to the target authorization code and the authorization code.
2. The method of claim 1, wherein the authorization token acquisition instruction further includes a target resource identifier, and wherein the determining whether to send an authorization token to the client based on the target authorization code and the authorization code comprises:
acquiring a target resource identifier carried in the authorization token acquisition instruction;
Determining that the authorization token acquisition instruction passes verification under the condition that the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier;
generating an authorization token corresponding to the verification information of the account, and returning to the client; the client is used for accessing authorized data according to the authorization token.
3. The method of claim 1, wherein the invoking the authorization interface based on the preset resource identifier, transmitting the authorization code to the client through the authorization interface, comprises:
filling the preset resource identifier with the authorization code as an interface calling parameter to obtain an updated preset resource identifier;
and initiating a request to an address corresponding to the updated preset resource identifier so as to call the authorization interface, so that the client side obtains the authorization code through the authorization interface.
4. A method according to claim 3, further comprising, after initiating a request to an address corresponding to the updated preset resource identifier:
receiving a request result returned by the address, wherein the request result carries a request result value;
And under the condition that the request result value characterizes the client to successfully acquire the authorization code, determining that the authorization code is successfully transmitted to the client.
5. The method of claim 4, further comprising, after receiving the request result returned by the address:
and under the condition that the request result value represents that the client side does not successfully acquire the authorization code, initiating a request to an address corresponding to the updated preset resource identifier again after a preset time range is reserved until the request result value in the received request result represents that the client side successfully acquires the authorization code.
6. The method of any one of claims 1 to 5, further comprising, after obtaining the account-entered authentication information:
acquiring preset verification information of the account;
comparing the verification information with the preset verification information;
and if the verification information is consistent with the preset verification information, determining that the verification information passes verification.
7. The method according to any one of claims 1 to 5, wherein the obtaining an authorization code corresponding to the redirect instruction comprises:
retrieving a registration record matching the preset resource identifier from a preset registration record;
And under the condition that the registration record matched with the preset resource identifier exists, acquiring the authorization code corresponding to the redirection instruction according to the registration record.
8. An information processing apparatus, comprising:
the instruction response unit is configured to execute a redirection instruction sent by the client to acquire verification information input by the account; the redirection instruction carries a preset resource identifier, and the preset resource identifier is associated with an authorization interface corresponding to the client;
an authorization code generation unit configured to perform, if the verification information passes verification, acquisition of an authorization code corresponding to the redirection instruction;
an authorization code transmitting unit configured to perform invoking the authorization interface based on the preset resource identifier, and transmit the authorization code to the client through the authorization interface;
and the authorization token sending unit is configured to execute the steps of obtaining a target authorization code in the authorization token obtaining instruction if receiving the authorization token obtaining instruction sent by the client, and determining whether to send the authorization token to the client according to the target authorization code and the authorization code.
9. The apparatus according to claim 8, wherein the authorization token acquiring instruction further includes a target resource identifier, and the authorization token transmitting unit is configured to perform acquiring the target resource identifier carried in the authorization token acquiring instruction; determining that the authorization token acquisition instruction passes verification under the condition that the target authorization code is matched with the authorization code and the target resource identifier is matched with the preset resource identifier; generating an authorization token corresponding to the verification information of the account, and returning to the client; the client is used for accessing authorized data according to the authorization token.
10. The apparatus according to claim 8, wherein the authorization code sending unit is further configured to perform filling the preset resource identifier with the authorization code as an interface call parameter to obtain an updated preset resource identifier; and initiating a request to an address corresponding to the updated preset resource identifier so as to call the authorization interface, so that the client side obtains the authorization code through the authorization interface.
11. The apparatus according to claim 10, wherein the authorization code sending unit is further configured to perform receiving a request result returned by the address, where the request result carries a request result value; and under the condition that the request result value characterizes the client to successfully acquire the authorization code, determining that the authorization code is successfully transmitted to the client.
12. The apparatus according to claim 11, wherein the authorization code sending unit is further configured to perform, when the request result value indicates that the client does not successfully acquire the authorization code, reinitiating a request to an address corresponding to the updated preset resource identifier after a preset time range is set, until a request result value in the received request result indicates that the client successfully acquires the authorization code.
13. The apparatus according to any one of claims 8 to 12, wherein the instruction response unit is further configured to perform acquiring preset authentication information of the account; comparing the verification information with the preset verification information; and if the verification information is consistent with the preset verification information, determining that the verification information passes verification.
14. The apparatus according to any one of claims 8 to 12, wherein the authorization code generation unit is configured to perform retrieving a registration record matching the preset resource identifier from a preset registration record; and under the condition that the registration record matched with the preset resource identifier exists, acquiring the authorization code corresponding to the redirection instruction according to the registration record.
15. A server, comprising:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement the method of processing information as claimed in any one of claims 1 to 7.
16. A computer readable storage medium, characterized in that instructions in the computer readable storage medium, when executed by a processor of a server, enable the server to perform the method of processing information according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111601243.7A CN114338130B (en) | 2021-12-24 | 2021-12-24 | Information processing method, device, server and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111601243.7A CN114338130B (en) | 2021-12-24 | 2021-12-24 | Information processing method, device, server and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114338130A CN114338130A (en) | 2022-04-12 |
| CN114338130B true CN114338130B (en) | 2024-01-09 |
Family
ID=81013466
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111601243.7A Active CN114338130B (en) | 2021-12-24 | 2021-12-24 | Information processing method, device, server and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114338130B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116167036A (en) * | 2022-12-09 | 2023-05-26 | 支付宝(杭州)信息技术有限公司 | Digital image processing method and device |
| CN116340914A (en) * | 2022-12-21 | 2023-06-27 | 北京光线传媒股份有限公司 | Film and television asset management system and method based on digital storage interaction |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108463982A (en) * | 2015-11-16 | 2018-08-28 | 万事达卡国际股份有限公司 | Carry out the system and method for certification online user for authorization server safe to use |
| CN108733991A (en) * | 2017-04-19 | 2018-11-02 | 腾讯科技(深圳)有限公司 | Web application access method and device, storage medium |
| CN109286633A (en) * | 2018-10-26 | 2019-01-29 | 深圳市华云中盛科技有限公司 | Single sign-on method, device, computer equipment and storage medium |
| CN113691378A (en) * | 2021-08-24 | 2021-11-23 | 平安国际智慧城市科技股份有限公司 | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium |
-
2021
- 2021-12-24 CN CN202111601243.7A patent/CN114338130B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108463982A (en) * | 2015-11-16 | 2018-08-28 | 万事达卡国际股份有限公司 | Carry out the system and method for certification online user for authorization server safe to use |
| CN108733991A (en) * | 2017-04-19 | 2018-11-02 | 腾讯科技(深圳)有限公司 | Web application access method and device, storage medium |
| CN109286633A (en) * | 2018-10-26 | 2019-01-29 | 深圳市华云中盛科技有限公司 | Single sign-on method, device, computer equipment and storage medium |
| CN113691378A (en) * | 2021-08-24 | 2021-11-23 | 平安国际智慧城市科技股份有限公司 | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114338130A (en) | 2022-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11706218B2 (en) | Systems and methods for controlling sign-on to web applications | |
| EP3203709B1 (en) | Cloud service server and method for managing cloud service server | |
| US9450954B2 (en) | Form filling with digital identities, and automatic password generation | |
| CN107070945B (en) | Identity login method and equipment | |
| CN106716960B (en) | User authentication method and system | |
| US20140007205A1 (en) | No-Click Log-In Access to User's Web Account Using a Mobile Device | |
| US8516239B2 (en) | Virtual authentication proxy server and terminal authentication server | |
| JP4729651B2 (en) | Authentication apparatus, authentication method, and authentication program implementing the method | |
| CN114338130B (en) | Information processing method, device, server and storage medium | |
| CN115021991A (en) | Single sign-on for unmanaged mobile devices | |
| CN103051630A (en) | Method, device and system for implementing authorization of third-party application based on open platform | |
| JP4960738B2 (en) | Authentication system, authentication method, and authentication program | |
| CN106453414A (en) | Third party login authentication method and system, proxy server and client | |
| US9680814B2 (en) | Method, device, and system for registering terminal application | |
| CN112261011A (en) | Cloud desktop authentication method based on two-dimensional code recognition | |
| CN111241523B (en) | Authentication processing method, device, equipment and storage medium | |
| CN109510799B (en) | Page display method, browser client, equipment and storage medium | |
| CN102065063A (en) | WEB authentication device, system and method | |
| CN113411324A (en) | Method and system for realizing login authentication based on CAS and third-party server | |
| CN117251837A (en) | System access method and device, electronic equipment and storage medium | |
| CN112560006A (en) | Single sign-on method and system under multi-application system | |
| CN113742702B (en) | Method, system, equipment and storage medium for secure access based on enterprise WeChat | |
| CN114338078A (en) | CS client login method and device | |
| CN114386010A (en) | Application login method and device, electronic equipment and storage medium | |
| CN114143030B (en) | Verification processing method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |