CN116846628A - Resource access method and related equipment thereof - Google Patents
Resource access method and related equipment thereof Download PDFInfo
- Publication number
- CN116846628A CN116846628A CN202310783092.4A CN202310783092A CN116846628A CN 116846628 A CN116846628 A CN 116846628A CN 202310783092 A CN202310783092 A CN 202310783092A CN 116846628 A CN116846628 A CN 116846628A
- Authority
- CN
- China
- Prior art keywords
- target
- subsystem
- resource
- resource request
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 230000006870 function Effects 0.000 claims description 8
- 238000013475 authorization Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 abstract description 15
- 238000013473 artificial intelligence Methods 0.000 abstract description 7
- 238000012795 verification Methods 0.000 description 13
- 238000010586 diagram Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000004590 computer program Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the application belongs to the fields of artificial intelligence and financial science and technology, and relates to a resource access method, which comprises the steps of obtaining a target rule and sending the target rule to at least one subsystem; each of the at least one subsystem has stored therein an accessible resource; the target rule is used for generating a login-free token; when a target resource request is received, determining a target subsystem according to the target resource request; the target subsystem belongs to at least one subsystem; the target resource request is used for requesting the target subsystem to generate a login-free token according to the target rule; and sending a target resource request to the target subsystem, and receiving the login-free token from the target subsystem so as to facilitate the login-free token to access the target resource requested by the target resource request. The application also provides a resource access device, computer equipment and a storage medium. The method solves the problems of complicated steps and long time consumption in the current resource access process.
Description
Technical Field
The application relates to the field of artificial intelligence technology and financial science and technology, in particular to a resource access method and related equipment thereof.
Background
In the field of financial technology, there are a large number of protected resources, such as transactions, insurance, tax, credit, etc., and there are a large number of customer data that need privacy protection. When a conventional third party application accesses a protected resource on a resource server (the resource originates from a resource owner), it is common for the third party application to use credentials of the resource owner to authenticate on the resource server to obtain the resource. Thus, in order to provide the third party application with the rights of the protected resource, the resource owner needs to share the credentials with the third party application, which results in the third party application having too large rights for the protected resource, and even the resource owner losing control over the use time limit or the use range of the protected resource, and there is a higher financial risk.
The open authorization (Open Authorization, OAuth) can control rights such as the time limit and scope of access to the protected resource by the third party application by issuing an access token for the third party application. However, when accessing resources in a plurality of resource servers, each resource server needs to perform identity verification on an account corresponding to the third party application, and grant an access token according to an identity verification result and a temporary token, which is complicated in steps, takes longer time and has poor user experience.
Disclosure of Invention
The embodiment of the application aims to provide a resource access method and related equipment thereof, which are used for solving the problems of complicated steps and long time consumption in the current resource access process.
In order to solve the above technical problems, the embodiment of the present application provides a resource access method, which adopts the following technical scheme:
acquiring a target rule and sending the target rule to at least one subsystem; each subsystem of the at least one subsystem has stored therein accessible resources; the target rule is used for generating a login-free token; when a target resource request is received, determining a target subsystem according to the target resource request; the target subsystem belongs to the at least one subsystem; the target resource request is used for requesting a target subsystem to generate a login-free token according to the target rule; and sending the target resource request to the target subsystem, and receiving an login-free token from the target subsystem so as to facilitate the login-free token to access the target resource requested by the target resource request.
Further, the target resource request comprises a target callback address; the target callback address is the callback address of the subsystem to which the requested target resource belongs; the determining the target subsystem according to the target resource request comprises the following steps: obtaining a callback address corresponding to the at least one subsystem; and determining a target subsystem in the at least one subsystem according to the target callback address and the callback address corresponding to the at least one subsystem.
Further, the sending the target resource request to the target subsystem includes: and calling the target callback address by using a callback function, and sending the target resource request to the target subsystem.
Further, before sending the target rule to at least one subsystem, the method further comprises: and sending an authorization request to the at least one subsystem to obtain the access rights of the at least one subsystem.
Further, before sending the target resource request to the target subsystem, the method further includes: and acquiring login information of the user, and determining that the user is a resource authorized user according to the login information.
In order to solve the above technical problems, the embodiment of the present application further provides a resource access device, which adopts the following technical scheme:
the sending module is used for acquiring the target rule and sending the target rule to at least one subsystem; each subsystem of the at least one subsystem has stored therein accessible resources; the target rule is used for generating a login-free token; the determining module is used for determining a target subsystem according to the target resource request when the target resource request is received; the target subsystem belongs to the at least one subsystem; the target resource request is used for requesting a target subsystem to generate a login-free token according to the target rule; and the receiving module is used for sending the target resource request to the target subsystem and receiving an login-free token from the target subsystem so as to conveniently carry the login-free token to access the target resource requested by the target resource request.
Further, the determining module comprises an obtaining sub-module and a determining sub-module; the target resource request comprises a target callback address; the target callback address is the callback address of the subsystem to which the requested target resource belongs; the obtaining sub-module is used for obtaining the callback address corresponding to the at least one sub-system; the determining submodule is used for determining the target subsystem in the at least one subsystem according to the target callback address and the callback address corresponding to the at least one subsystem.
Further, the receiving module is further configured to call the target callback address by using a callback function, and send the target resource request to the target subsystem.
Further, the sending module is further configured to send an authorization request to the at least one subsystem to obtain an access right of the at least one subsystem.
Further, the determining module is further configured to obtain login information of a user, and determine that the user is a resource authorized user according to the login information.
In order to solve the above technical problem, an embodiment of the present application further provides a computer device, including a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the resource access method when executing the computer program.
In order to solve the above technical problem, an embodiment of the present application further provides a computer readable storage medium, where a computer program is stored, where the computer program implements the steps of the resource access method when executed by a processor.
Compared with the prior art, the embodiment of the application has the following main beneficial effects: and acquiring the target rule and transmitting the target rule to at least one subsystem. And then, when the target resource request is received, determining a target subsystem according to the target resource request. And finally, sending a target resource request to the target subsystem, and receiving the login-free token from the target subsystem so as to facilitate the access of the login-free token to the target resource requested by the target resource request. The target resource request is used for requesting the target subsystem to generate the login-free token according to the target rule. Therefore, the target subsystem can directly generate the login-free token according to the target rule sent by the resource access device, so that the problems that the steps are complicated and the time consumption is long are solved, and the user experience is improved because each resource server needs to carry out identity verification on the account corresponding to the third party application when accessing the resources in the plurality of resource servers.
Drawings
In order to more clearly illustrate the solution of the present application, a brief description will be given below of the drawings required for the description of the embodiments of the present application, it being apparent that the drawings in the following description are some embodiments of the present application, and that other drawings may be obtained from these drawings without the exercise of inventive effort for a person of ordinary skill in the art.
FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 is a flow chart of one embodiment of a method of resource access according to the present application;
FIG. 3 is a flow chart of one embodiment of step S22 of FIG. 2;
FIG. 4 is a schematic diagram of an embodiment of a resource access device in accordance with the present application;
FIG. 5 is a schematic diagram of one embodiment of the determination module shown in FIG. 4;
FIG. 6 is a schematic structural diagram of one embodiment of a computer device in accordance with the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the applications herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "comprising" and "having" and any variations thereof in the description of the application and the claims and the description of the drawings above are intended to cover a non-exclusive inclusion. The terms first, second and the like in the description and in the claims or in the above-described figures, are used for distinguishing between different objects and not necessarily for describing a sequential or chronological order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
In order to make the person skilled in the art better understand the solution of the present application, the technical solution of the embodiment of the present application will be clearly and completely described below with reference to the accompanying drawings.
As shown in fig. 1, a system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 is used as a medium to provide communication links between the terminal devices 101, 102, 103 and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may interact with the server 105 via the network 104 using the terminal devices 101, 102, 103 to receive or send messages or the like. Various communication client applications, such as a web browser application, a shopping class application, a search class application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablet computers, electronic book readers, MP3 players (Moving Picture Experts Group Audio Layer III, dynamic video expert compression standard audio plane 3), MP4 (Moving Picture Experts Group Audio Layer IV, dynamic video expert compression standard audio plane 4) players, laptop and desktop computers, and the like.
The server 105 may be a server providing various services, such as a background server providing support for pages displayed on the terminal devices 101, 102, 103.
It should be noted that, the resource access method provided in the embodiment of the present application may be applied to the server device 105, or may be applied to the terminal devices 101, 102, 103. The server device 105 and the terminal devices 101, 102, 103 may be collectively referred to as electronic devices. That is, the execution body of the resource access method provided in the embodiment of the present application may be a resource access device, and the resource access device may be the above-mentioned electronic device (such as the server device 105 or the terminal devices 101, 102, 103).
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow chart of one embodiment of a method of resource access according to the present application is shown. The resource access method comprises the following steps:
step S21, obtaining the target rule and sending the target rule to at least one subsystem.
Wherein each of the at least one subsystem has stored therein an accessible resource, and the target rule is used to generate the logon-free token. For example, the target rule may be an OAuth authentication rule.
Specifically, the resource access device firstly obtains callback addresses corresponding to at least one subsystem storing accessible resources, and then sends target rules to at least one subsystem according to the callback addresses, so that the subsystem can generate a login-free token when receiving a resource request.
Step S22, when the target resource request is received, determining a target subsystem according to the target resource request.
The target subsystem belongs to at least one subsystem, and the target resource request is used for requesting the target subsystem to generate the login-free token according to the target rule.
Specifically, the target resource request includes a target callback address, where the target callback address is a callback address of a subsystem to which the target resource requested belongs, and fig. 3 is a manner of determining the target subsystem according to the target resource request according to the embodiment of the present application, and includes the following steps:
step S221, obtaining a callback address corresponding to at least one subsystem.
Step S222, determining a target subsystem in at least one subsystem according to the target callback address and the callback address corresponding to the at least one subsystem.
Specifically, the callback address of the target is used for matching in the callback address corresponding to at least one subsystem, and the subsystem corresponding to the matched callback address is determined to be the target subsystem.
In this embodiment, the target subsystem is determined according to the target callback address in the target resource request, so that the login-free token generated by the target subsystem according to the target rule is acquired later, and the login-free token is used to access the target resource requested by the target resource request, so that the problem that when accessing the resources in a plurality of resource servers, each resource server needs to perform identity verification on the account corresponding to the third party application, which is complicated in steps and takes longer time is avoided, and the user experience is improved.
Step S23, a target resource request is sent to the target subsystem, and a login-free token from the target subsystem is received, so that the login-free token is carried to access the target resource requested by the target resource request.
Specifically, a callback function is used for calling a target callback address, and a target resource request is sent to a target subsystem. In this embodiment, the callback function can be used to call the target callback address, and a target resource request is sent to the target subsystem, so that the login-free token is obtained, the problem that when accessing resources in a plurality of resource servers, each resource server needs to perform identity verification on an account corresponding to a third party application, the steps are complicated and the time consumption is long is avoided, and the user experience is improved.
When the target subsystem receives the target resource request, the login-free token is generated according to the target rule received from the resource access device before and returned to the resource access device. When receiving the login-free token from the target subsystem, the resource access device returns the login-free token to the front end so that the front end carries the login-free token to access the target resource requested by the target resource request.
In this embodiment, the target rule is obtained and sent to at least one subsystem. And then, when the target resource request is received, determining a target subsystem according to the target resource request. And finally, sending a target resource request to the target subsystem, and receiving the login-free token from the target subsystem so as to facilitate the access of the login-free token to the target resource requested by the target resource request. The target resource request is used for requesting the target subsystem to generate the login-free token according to the target rule. Therefore, the target subsystem can directly generate the login-free token according to the target rule sent by the resource access device, so that the problems that the steps are complicated and the time consumption is long are solved, and the user experience is improved because each resource server needs to carry out identity verification on the account corresponding to the third party application when accessing the resources in the plurality of resource servers.
Optionally, before sending the target rule to the at least one subsystem, the resource access method further includes: an authorization request is sent to at least one subsystem to obtain access rights of the at least one subsystem. In this embodiment, the resource access device acquires the access right of at least one subsystem in advance, so that access failure caused by no access right of the subsystem is avoided, and user experience is improved.
Optionally, before sending the target resource request to the target subsystem, the resource access method further includes: and acquiring login information of the user, and determining that the user is a resource authorized user according to the login information.
In this embodiment, whether the user is a resource authorized user can be determined according to the login information of the user, and once the resource access device determines that the user is the resource authorized user, the subsystem does not verify the user identity any more, so that the problem that when accessing the resources in a plurality of resource servers, each resource server needs to verify the identity of an account corresponding to a third party application, which is complicated in steps and takes longer time is avoided, and user experience is improved.
The target resource in the application can be a data resource which needs to be protected in the field of financial science and technology, and a large amount of client data and transaction data have higher privacy in the fields of transaction, insurance, tax, credit and the like, and the data leakage can bring great financial risks. The resource access method of the application can realize the security of the target resource, and simultaneously avoid the problem of lower efficiency caused by the fact that each resource server needs to carry out identity verification on the account corresponding to the third party application when accessing the resources in a plurality of resource servers, thereby improving the user experience and verification efficiency and having better application prospect in the field of financial science and technology.
The embodiment of the application can acquire and process the related data based on the artificial intelligence technology. Among these, artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use knowledge to obtain optimal results.
Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a robot technology, a biological recognition technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and other directions.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by computer readable instructions stored in a computer readable storage medium that, when executed, may comprise the steps of the embodiments of the methods described above. The storage medium may be a nonvolatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a random access Memory (Random Access Memory, RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
With further reference to fig. 4, as an implementation of the method shown in fig. 2, the present application provides an embodiment of a resource access device, where the embodiment of the device corresponds to the embodiment of the method shown in fig. 2, and the device is particularly applicable to various electronic devices.
As shown in fig. 4, the resource access device 400 according to the present embodiment includes: a transmitting module 401, a determining module 402 and a receiving module 403. Wherein:
a sending module 401, configured to obtain a target rule, and send the target rule to at least one subsystem; each subsystem of the at least one subsystem has stored therein accessible resources; the target rule is used for generating a login-free token; a determining module 402, configured to determine, when a target resource request is received, a target subsystem according to the target resource request; the target subsystem belongs to the at least one subsystem; the target resource request is used for requesting a target subsystem to generate a login-free token according to the target rule; a receiving module 403, configured to send the target resource request to the target subsystem, and receive an login-free token from the target subsystem, so as to carry the login-free token to access the target resource requested by the target resource request.
In this embodiment, the target rule is obtained and sent to at least one subsystem. And then, when the target resource request is received, determining a target subsystem according to the target resource request. And finally, sending a target resource request to the target subsystem, and receiving the login-free token from the target subsystem so as to facilitate the access of the login-free token to the target resource requested by the target resource request. The target resource request is used for requesting the target subsystem to generate the login-free token according to the target rule. Therefore, the target subsystem can directly generate the login-free token according to the target rule sent by the resource access device, so that the problems that the steps are complicated and the time consumption is long are solved, and the user experience is improved because each resource server needs to carry out identity verification on the account corresponding to the third party application when accessing the resources in the plurality of resource servers.
In some alternative implementations of the present embodiment, referring to fig. 5, for a schematic structural diagram of one specific implementation of the determining module 402, the determining module 402 includes an obtaining submodule 4021 and a determining submodule 4022; the target resource request comprises a target callback address; the target callback address is the callback address of the subsystem to which the requested target resource belongs; the obtaining submodule 4021 is configured to obtain a callback address corresponding to the at least one subsystem; the determining submodule 4022 is configured to determine a target subsystem in the at least one subsystem according to the target callback address and a callback address corresponding to the at least one subsystem.
In this embodiment, the target subsystem is determined according to the target callback address in the target resource request, so that the login-free token generated by the target subsystem according to the target rule is acquired later, and the login-free token is used to access the target resource requested by the target resource request, so that the problem that when accessing the resources in a plurality of resource servers, each resource server needs to perform identity verification on the account corresponding to the third party application, which is complicated in steps and takes longer time is avoided, and the user experience is improved.
In some optional implementations of this embodiment, the receiving module 403 is further configured to call the target callback address using a callback function, and send the target resource request to the target subsystem.
In this embodiment, the callback function can be used to call the target callback address, and a target resource request is sent to the target subsystem, so that the login-free token is obtained, the problem that when accessing resources in a plurality of resource servers, each resource server needs to perform identity verification on an account corresponding to a third party application, the steps are complicated and the time consumption is long is avoided, and the user experience is improved.
In some optional implementations of this embodiment, the sending module 401 is further configured to send an authorization request to the at least one subsystem to obtain access rights of the at least one subsystem.
In this embodiment, the resource access device acquires the access right of at least one subsystem in advance, so that access failure caused by no access right of the subsystem is avoided, and user experience is improved.
In some optional implementations of this embodiment, the determining module 402 is further configured to obtain login information of a user, and determine that the user is a resource authorized user according to the login information.
In this embodiment, whether the user is a resource authorized user can be determined according to the login information of the user, and once the resource access device determines that the user is the resource authorized user, the subsystem does not verify the user identity any more, so that the problem that when accessing the resources in a plurality of resource servers, each resource server needs to verify the identity of an account corresponding to a third party application, which is complicated in steps and takes longer time is avoided, and user experience is improved.
In order to solve the technical problems, the embodiment of the application also provides computer equipment. Referring specifically to fig. 6, fig. 6 is a basic structural block diagram of a computer device according to the present embodiment.
The computer device 60 comprises a memory 61, a processor 62, a network interface 63 communicatively connected to each other via a system bus. It should be noted that only computer device 60 having components 61-63 is shown in the figures, but it should be understood that not all of the illustrated components are required to be implemented and that more or fewer components may be implemented instead. It will be appreciated by those skilled in the art that the computer device herein is a device capable of automatically performing numerical calculations and/or information processing in accordance with predetermined or stored instructions, the hardware of which includes, but is not limited to, microprocessors, application specific integrated circuits (Application Specific Integrated Circuit, ASICs), programmable gate arrays (fields-Programmable Gate Array, FPGAs), digital processors (Digital Signal Processor, DSPs), embedded devices, etc.
The computer equipment can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing equipment. The computer equipment can perform man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch pad or voice control equipment and the like.
The memory 61 includes at least one type of readable storage media including flash memory, hard disk, multimedia card, card memory (e.g., SD or DX memory, etc.), random Access Memory (RAM), static Random Access Memory (SRAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), programmable Read Only Memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the storage 61 may be an internal storage unit of the computer device 60, such as a hard disk or a memory of the computer device 60. In other embodiments, the memory 61 may also be an external storage device of the computer device 60, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the computer device 60. Of course, the memory 61 may also include both internal storage units of the computer device 60 and external storage devices. In this embodiment, the memory 61 is typically used to store an operating system and various application software installed on the computer device 60, such as computer readable instructions of a resource access method. Further, the memory 61 may be used to temporarily store various types of data that have been output or are to be output.
The processor 62 may be a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. The processor 62 is generally used to control the overall operation of the computer device 60. In this embodiment, the processor 62 is configured to execute computer readable instructions stored in the memory 61 or process data, such as computer readable instructions for executing the resource access method.
The network interface 63 may comprise a wireless network interface or a wired network interface, which network interface 63 is typically used to establish communication connections between the computer device 60 and other electronic devices.
In this embodiment, the target rule is obtained and sent to at least one subsystem. And then, when the target resource request is received, determining a target subsystem according to the target resource request. And finally, sending a target resource request to the target subsystem, and receiving the login-free token from the target subsystem so as to facilitate the access of the login-free token to the target resource requested by the target resource request. The target resource request is used for requesting the target subsystem to generate the login-free token according to the target rule. Therefore, the target subsystem can directly generate the login-free token according to the target rule sent by the resource access device, so that the problems that the steps are complicated and the time consumption is long are solved, and the user experience is improved because each resource server needs to carry out identity verification on the account corresponding to the third party application when accessing the resources in the plurality of resource servers.
The present application also provides another embodiment, namely, a computer-readable storage medium storing computer-readable instructions executable by at least one processor to cause the at least one processor to perform the steps of a resource access method as described above.
In this embodiment, the target rule is obtained and sent to at least one subsystem. And then, when the target resource request is received, determining a target subsystem according to the target resource request. And finally, sending a target resource request to the target subsystem, and receiving the login-free token from the target subsystem so as to facilitate the access of the login-free token to the target resource requested by the target resource request. The target resource request is used for requesting the target subsystem to generate the login-free token according to the target rule. Therefore, the target subsystem can directly generate the login-free token according to the target rule sent by the resource access device, so that the problems that the steps are complicated and the time consumption is long are solved, and the user experience is improved because each resource server needs to carry out identity verification on the account corresponding to the third party application when accessing the resources in the plurality of resource servers.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present application.
It is apparent that the above-described embodiments are only some embodiments of the present application, but not all embodiments, and the preferred embodiments of the present application are shown in the drawings, which do not limit the scope of the patent claims. This application may be embodied in many different forms, but rather, embodiments are provided in order to provide a thorough and complete understanding of the present disclosure. Although the application has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described in the foregoing description, or equivalents may be substituted for elements thereof. All equivalent structures made by the content of the specification and the drawings of the application are directly or indirectly applied to other related technical fields, and are also within the scope of the application.
Claims (10)
1. A method of resource access, comprising the steps of:
acquiring a target rule and sending the target rule to at least one subsystem; each subsystem of the at least one subsystem has stored therein accessible resources; the target rule is used for generating a login-free token;
when a target resource request is received, determining a target subsystem according to the target resource request; the target subsystem belongs to the at least one subsystem; the target resource request is used for requesting a target subsystem to generate a login-free token according to the target rule;
and sending the target resource request to the target subsystem, and receiving an login-free token from the target subsystem so as to facilitate the login-free token to access the target resource requested by the target resource request.
2. The resource access method of claim 1, wherein the target resource request includes a target callback address; the target callback address is the callback address of the subsystem to which the requested target resource belongs; the determining the target subsystem according to the target resource request comprises the following steps:
obtaining a callback address corresponding to the at least one subsystem;
and determining a target subsystem in the at least one subsystem according to the target callback address and the callback address corresponding to the at least one subsystem.
3. The resource access method of claim 2, wherein the sending the target resource request to the target subsystem comprises:
and calling the target callback address by using a callback function, and sending the target resource request to the target subsystem.
4. The resource access method of claim 1, wherein prior to transmitting the target rule to at least one subsystem, the method further comprises:
and sending an authorization request to the at least one subsystem to obtain the access rights of the at least one subsystem.
5. The resource access method of claim 1, wherein prior to sending the target resource request to the target subsystem, the method further comprises:
and acquiring login information of the user, and determining that the user is a resource authorized user according to the login information.
6. A resource access device, comprising the steps of:
the sending module is used for acquiring the target rule and sending the target rule to at least one subsystem; each subsystem of the at least one subsystem has stored therein accessible resources; the target rule is used for generating a login-free token;
the determining module is used for determining a target subsystem according to the target resource request when the target resource request is received; the target subsystem belongs to the at least one subsystem; the target resource request is used for requesting a target subsystem to generate a login-free token according to the target rule;
and the receiving module is used for sending the target resource request to the target subsystem and receiving an login-free token from the target subsystem so as to conveniently carry the login-free token to access the target resource requested by the target resource request.
7. The resource access device of claim 6, wherein the determination module comprises an acquisition sub-module and a determination sub-module;
the target resource request comprises a target callback address; the target callback address is the callback address of the subsystem to which the requested target resource belongs;
the obtaining sub-module is used for obtaining the callback address corresponding to the at least one sub-system;
the determining submodule is used for determining the target subsystem in the at least one subsystem according to the target callback address and the callback address corresponding to the at least one subsystem.
8. The resource access device of claim 7, wherein the resource access device,
and the receiving module is further used for calling the target callback address by using a callback function and sending the target resource request to the target subsystem.
9. A computer device comprising a memory having stored therein computer readable instructions which when executed by a processor implement the steps of the resource access method of any of claims 1 to 5.
10. A computer readable storage medium having stored thereon computer readable instructions which when executed by a processor implement the steps of the resource access method of any of claims 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310783092.4A CN116846628A (en) | 2023-06-29 | 2023-06-29 | Resource access method and related equipment thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310783092.4A CN116846628A (en) | 2023-06-29 | 2023-06-29 | Resource access method and related equipment thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116846628A true CN116846628A (en) | 2023-10-03 |
Family
ID=88162825
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310783092.4A Pending CN116846628A (en) | 2023-06-29 | 2023-06-29 | Resource access method and related equipment thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116846628A (en) |
-
2023
- 2023-06-29 CN CN202310783092.4A patent/CN116846628A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9894053B2 (en) | Method and system for authenticating service | |
CN114070583B (en) | Information access control method, device, computer equipment and medium | |
CN109359449B (en) | Authentication method, device, server and storage medium based on micro service | |
CN113259342A (en) | Login verification method, device, computer equipment and medium | |
CN114996675A (en) | Data query method and device, computer equipment and storage medium | |
CN117094729A (en) | Request processing method, device, computer equipment and storage medium | |
US8910260B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
CN116911572A (en) | Page automation assembly method, system, computer equipment and storage medium | |
CN116383787A (en) | Page creation method, page creation device, computer equipment and storage medium | |
CN115330396A (en) | Payment state acquisition method and device, computer equipment and storage medium | |
CN116846628A (en) | Resource access method and related equipment thereof | |
CN114444047A (en) | Identity authentication method, device, equipment and storage medium based on virtual reality | |
WO2015060950A1 (en) | Method and system for authenticating service | |
CN114221964A (en) | Access request processing method and device, computer equipment and storage medium | |
CN112905990A (en) | Access method, client, server and access system | |
CN115250200B (en) | Service authorization authentication method and related equipment thereof | |
CN117853163A (en) | Rights resource acquisition control method, device, equipment and storage medium thereof | |
CN115022308B (en) | Login method of remote system and related equipment thereof | |
CN117278263A (en) | Authentication processing method, authentication processing device, computer equipment and storage medium | |
CN117390241A (en) | Data display method, device, computer equipment and storage medium | |
CN116795511A (en) | Unique identifier generation method, device, computer equipment and storage medium | |
CN117278510A (en) | Message sending method, device, computer equipment and storage medium | |
CN117853246A (en) | Policy processing method, policy processing device, computer equipment and storage medium | |
CN117422523A (en) | Product online method and device, computer equipment and storage medium | |
CN117853241A (en) | Risk service provider identification method, apparatus, device and storage medium thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |