JP7310483B2 - Information processing device and program - Google Patents

Description

The present invention relates to an information processing device and program.

In patent document 1, the tenant information of the user authenticated in the first service system is acquired, the client registration is requested to the second service system, the client registration according to the request in the second service system, and the authenticated user group information to the first service system, the first service system stores the group information in association with the authenticated user's tenant information, and the second service system responds to an authentication request from the registered client. ID information including group information of the authenticated user is sent to the first service system, the existence of an account corresponding to the account indicated by the ID information is determined in the first service system, and if the account does not exist, a new account is created. A service providing system is disclosed.

JP 2016-57737 A

It is an object of the present invention to provide access permission information issued by an authorization server without updating the access permission information every time the user performs an operation within the valid period set in the access permission information issued by the authorization server. To provide an information processing device and a program capable of preventing a state in which a user operation can be performed beyond a valid period set to .

[Information processing device]
The present invention according to claim 1 comprises a memory and a processor,
The processor
receiving access permission information from an authorization server that permits user operations only within a preset validity period;
executing a process of updating the access permission information before the expiration date of the access permission information when a user operation is performed within the validity period of the received access permission information;
An information processing apparatus that cancels a user's login state after a preset period of time has elapsed since an operation by the user was performed.

According to a second aspect of the present invention, the information processing according to claim 1, wherein the processor cancels the logged-in state of the user after a period substantially equal to the valid period of the access permission information has elapsed after the user's operation. It is a device.

The present invention according to claim 3 is the information processing apparatus according to claim 1 or 2, wherein when the processor cancels the user's login state, the user's login state with respect to the authorization server is also canceled.

The present invention according to claim 4, wherein the processor
If there is a user operation within the validity period of the access permission information, a first timer set to a time period shorter than the period between the validity period of the access permission information and the current time is started, and the first timer is activated. When the set time is exceeded, updating the access permission information,
If there is a user operation within the validity period of the access permission information, a second timer is set for substantially the same time as the validity period of the access permission information, and if the second timer exceeds the set time, 2. The information processing apparatus according to claim 1, wherein the logged-in state of the user is cancelled.

The present invention according to claim 5 is the information processing apparatus according to claim 4, wherein the processor does not reset the first timer by a second or subsequent user operation within the validity period of the access permission information. .

According to a sixth aspect of the present invention, the processor resets the first timer using the current time when there is a second or subsequent user operation within the validity period of the access permission information. An information processing apparatus according to claim 4 .

[program]
In the present invention according to claim 7, the step of receiving, from an authorization server, access permission information permitting a user operation only within a preset valid period;
executing a process of updating the access permission information before the expiration date of the access permission information when a user operation is performed within the validity period of the received access permission information;
and canceling the logged-in state of the user after a preset period of time has elapsed since the user performed an operation.

According to the first aspect of the present invention, when a user operation is allowed within the valid period set in the access permission information issued by the authorization server, the access permission information is updated each time the user operates. Therefore, it is possible to provide an information processing apparatus capable of preventing a state in which user operations are possible beyond the effective period set in access permission information.

According to the second aspect of the present invention, it is possible to provide an information processing apparatus capable of matching a period during which user operations are permitted with a valid period set in access permission information issued by an authorization server. can.

According to the third aspect of the present invention, it is possible to provide an information processing apparatus capable of preventing the user's login state from remaining in the authorization server.

According to the fourth aspect of the present invention, when allowing a user to operate within the validity period set in the access permission information issued by the authorization server, the access permission information is updated each time the user operates. Therefore, it is possible to provide an information processing apparatus capable of preventing a state in which user operations are possible beyond the effective period set in access permission information.

According to the fifth aspect of the present invention, there is provided an information processing apparatus capable of suppressing the number of resets of the first timer compared to the case where the first timer is reset each time a user operation is performed. be able to.

According to the present invention of claim 6, the accuracy of the time set in the first timer is higher than in the case where the first timer is reset only at the time of the first user operation within the validity period of the access permission information. It is possible to provide an information processing apparatus capable of improving

According to the seventh aspect of the present invention, when allowing a user to operate within the validity period set in the access permission information issued by the authorization server, the access permission information is updated each time the user operates. Therefore, it is possible to provide a program capable of preventing a state in which user operation is possible beyond the validity period set in the access permission information.

It is a figure which shows the system configuration|structure of the joo processing system of one Embodiment of this invention. 4 is a sequence chart for explaining general processing of OAuth authentication; 4 is a sequence chart for explaining how the user has to re-login to the authorization server 10 due to the expiration of the access token. FIG. 10 is a timing chart showing how processing is performed when an access token is updated each time a user operation is performed; FIG. FIG. 11 is a sequence chart for explaining how communication is performed when an access token is updated each time a user operation is performed; FIG. FIG. 11 is a timing chart for explaining how the access token is automatically updated when there is at least one user operation within the validity period of the access token; FIG. 2 is a block diagram showing the hardware configuration of a cloud server 20 according to one embodiment of the present invention; FIG. 2 is a block diagram showing the functional configuration of a cloud server 20 according to one embodiment of the present invention; FIG. 4 is a flowchart for explaining schematic operations of the cloud server 20 in one embodiment of the present invention; 4 is a timing chart for explaining session management of the cloud server 20 in one embodiment of the present invention; FIG. 11 is a timing chart for explaining the state of processing when there is a user operation after one minute before the expiration of the access token. FIG. FIG. 10 is a timing chart for explaining how processing is performed when a page transition is first performed after login; FIG. FIG. 11 is a timing chart for explaining a state of processing when page transition is performed after activation of an automatic update timer 21; FIG.

Next, embodiments of the present invention will be described in detail with reference to the drawings.

FIG. 1 is a diagram showing the system configuration of an information processing system according to one embodiment of the present invention.

As shown in FIG. 1, the information processing system of one embodiment of the present invention has a configuration in which an authorization server 10, a cloud server 20, and a terminal device 40 are interconnected via the Internet 30. FIG.

Here, the authorization server 10 manages user information and has a function of issuing access tokens in OAuth authentication.

An access token is information indicating that the user has been authenticated by the authorization server 10, and is access permission information indicating that access by that user may be permitted. In other words, by presenting this access token, the user proves that he or she has been authenticated by the authorization server 10 .

The cloud server 20 is an information processing device for providing services to users via the Internet 30 . Note that in the present embodiment, a device setting backup service is provided in which setting information of various devices such as an image forming apparatus is received from a user and registered, and the registered setting information is transferred in response to a request from the user. Describe what you are offering.

Then, the user in this embodiment acquires the setting information of the image forming apparatus 50 from the terminal device 40 and registers it in the cloud server 20, or acquires the setting information registered in the cloud server 20 and uses the image forming apparatus. Processing such as restoring to 50 is performed. Note that the image forming apparatus 50 is a so-called multifunction device having multiple functions such as a printing function, a scanning function, a copying function, and a facsimile function.

Here, it is assumed that the user in this embodiment has registered with the authorization server 10 and has a user ID with respect to the authorization server 10 . However, it is assumed that this user has not registered as a user with the cloud server 20 .

Therefore, when using the device setting backup service provided by the cloud server 20, the user of the terminal device 40 uses OAuth authentication to log in to the authorization server 10 and have an access token issued. Present the received access token and log in to the cloud server 20. - 特許庁

General processing of this OAuth authentication will be described with reference to the sequence chart of FIG.

First, in step S101, when the user accesses the cloud server 20 from the terminal device 40, the cloud server 20 returns a URL for redirecting to the authorization server 10 in step S102.

Then, in step S103, the terminal device 40 accesses the authorization server 10 by accessing the redirected URL. As a result, the authorization server 10 returns a login screen to the terminal device 40 in step S104.

Then, in step S105, when the user logs in by entering the user ID and password on the login screen displayed on the terminal device 40, the authorization server 10 performs authentication using the entered user ID and password. If the authentication succeeds, the access token is returned to the terminal device 40 in step S106.

Then, the terminal device 40 presents the returned access token to the cloud server 20 in step S107. Then, in step S108, the cloud server 20 verifies whether or not the access token presented by the terminal device 40 is legitimately issued, based on electronic signature information or the like.

Then, when it is confirmed in this verification that the access token has been legitimately issued, the cloud server 20 presents this access token to the authorization server 10 in step S109.

Then, the authorization server 10 returns the user information associated with this access token to the cloud server 20 in step S110.

As a result, the cloud server 20 permits login to the terminal device 40 using the user information transmitted by the authorization server 10 in step S111.

The process of acquiring an access token by the cloud server 20 in this way is called Implicit Flow. , allow the user to log in and start a session.

Such access tokens have a validity period set from the viewpoint of security, and access tokens that have passed the validity period are invalidated. In consideration of security, it is preferable to set this effective period as short as possible. However, if the validity period is too short, the access token will become invalid immediately, and the user will need to log in to the authorization server 10 again to reissue the access token, which will degrade operability.

With reference to the sequence chart of FIG. 3, a description will be given of how the user must re-login to the authorization server 10 due to the expiration of the access token as described above.

Here, it is assumed that the user has logged into the cloud server 20 from the terminal device 40 through the process shown in FIG.

FIG. 3 shows a case where the expiration date of the issued access token has passed while the user is performing a user operation on the cloud server 20 from the terminal device 40 in step S201.

It is assumed that the user performs a user operation from the terminal device 40 to the cloud server 20 in step S202 after the expiration date of the access token has passed. Then, in step S203, the cloud server 20 returns an error notification on the grounds that the access token has expired.

Then, in step S204, the user accesses the authorization server 10 again from the terminal device 40 and logs in by entering the user ID and password.

Then, the authorization server 10 performs authentication using the entered user ID and password, and if the authentication succeeds, returns an access token to the terminal device 40 in step S205.

After that, the processing of steps S206 to S210 is the same as the processing of steps S107 to S111 in the sequence chart of FIG. 2, so the description thereof will be omitted.

In this way, when the validity period of the access token has expired and the access token becomes invalid, the user must log in to the authorization server 10 again to reissue the access token, which is troublesome. .

In such a web service via the Internet 30, control is performed such that the session is disconnected if there is no user operation, and the session continues while the user operation is being performed.

Therefore, in order to prevent the above-described troublesome work, it is conceivable to automatically update the access token each time a user operation occurs in the cloud server 20 .

The timing chart of FIG. 4 shows the state of processing when the access token is updated every time the user operates in this way.

In the following description, as an example, the validity period of the access token issued by the authorization server 10 is 30 minutes after it is issued.

Referring to FIG. 4, it can be seen that the user logs into the cloud server 20 at time t0. At this time t0, the validity period of the access talk is approximately 30 minutes.

Thereafter, at times t1, t2, and t3, when a user operation occurs, the cloud server 20 automatically updates the access token to the authorization server 10 each time. The access token remains valid for 1 minute.

In this way, when the validity period is set for the access token, from the viewpoint of security, it is ideal that the duration of the session in the cloud server 20 is the same as or shorter than the validity period of the access token.

In other words, if the same time as the validity period of the access token has passed since the user performed an operation, the session will be disconnected and the user's operation will be disabled, and the session will be maintained while the user is performing the operation. control is ideal.

In other words, under the conditions described above, the session is disconnected when 30 minutes have elapsed since there was no user operation, and the next user operation is performed before 30 minutes have elapsed since the user operation was performed. Ideally, it should be controlled so that the session is continued when it is interrupted.

Such control is realized by executing the processing shown in the timing chart of FIG.

However, by executing the process shown in FIG. 4, the process occurs every time the user operates between the cloud server 20 and the authorization server 40, resulting in complicated communication.

Specifically, as shown in the sequence chart of FIG. 5, when the user performs a user operation on the cloud server 20 from the terminal device 40 in step S301, the cloud server 20 causes the authorization server 10 to to request to update the access token. The authorization server 10 then reissues an access token based on this request, and transmits the reissued new access token in step S303.

Such processing similarly occurs in the user operations in steps S304 and S307. Therefore, when user operations are frequently performed, communication between the cloud server 20 and the authorization server 10 is also frequently performed, which increases the amount of communication and prevents efficient processing.

In order to prevent such adverse effects from occurring, if there is even one user operation within 30 minutes of the validity period of the access token, the fact that there was a user operation is remembered and the validity period of the access token is changed. It is also possible to perform processing such that update processing is performed immediately before the end of .

FIG. 6 shows an example of a timing chart when such processing is performed. In the timing chart shown in FIG. 6, since the user operation is performed at time t1, the access token is automatically updated at time t2 immediately before the validity period of the access token expires.

If such control is performed, even if user operations are frequently performed, automatic update of the access token only needs to be performed every 30 minutes.

However, referring to the timing chart of FIG. 6, although the user performed a user operation at time t1 immediately after login, but did not perform any user operation thereafter, the user operation continued for a maximum of about 60 minutes. has become possible.

In other words, although the validity period of the access token is 30 minutes, user operations are allowed for about 60 minutes after no user operations have been performed, which poses a problem from the security point of view.

Therefore, in the cloud server 20 of the present embodiment, by performing the processing described below, when allowing the user to operate within the validity period set in the access token issued by the authorization server 10, The access token is not automatically updated for each user operation, and it prevents the user operation from exceeding the valid period set in the access token.

Next, FIG. 7 shows the hardware configuration of the cloud server 20 in the information processing system of this embodiment.

As shown in FIG. 7, the cloud server 20 includes a CPU 11, a memory 12, a storage device 13 such as a hard disk drive, and a communication interface (IF) for transmitting and receiving data to and from an external device or the like via a network 30. ) 14, and a user interface (abbreviated as UI) device 15 including a touch panel or liquid crystal display and a keyboard. These components are connected to each other via a control bus 16 .

The CPU 11 executes predetermined processing based on a control program stored in the memory 12 or storage device 13 to control the operation of the cloud server 20 . In this embodiment, the CPU 11 reads and executes a control program stored in the memory 12 or the storage device 13. It is also possible to provide

FIG. 8 is a block diagram showing the functional configuration of the cloud server 20 realized by executing the above control program.

As shown in FIG. 8, the cloud server 20 of this embodiment includes a timer section 31, an access token update section 32, a data transmission/reception section 33, a control section 34, a user session management section 35, and a setting information storage. a portion 36;

The timer section 31 is provided with an automatic update timer 21 and a logout timer 22 . Here, the automatic update timer 21 is a timer for controlling the timing of updating the access token to the authorization server 10 . Also, the logout timer 22 is a timer for controlling the timing of disconnecting the session in the user's own device and logging out.

A general timer is configured so that a timer value corresponding to the time to be controlled is set, and the timer value is decremented as time passes, and an interrupt is generated when the timer value reaches zero. ing. However, the configuration of the timer is not limited to such a countdown timer, and any configuration that can measure whether or not the set time has elapsed may be used.

The data transmission/reception unit 33 transmits and receives data to and from the terminal device 40 and the authorization server 10 . When the authorization server 10 issues an access token, which is access permission information that permits user operations only within a preset validity period, the data transmission/reception unit 33 receives the issued access token from the authorization server 10. .

The access token update unit 32 executes processing for updating the access token before the expiration of the access token when a user operation is performed within the validity period of the access token received by the data transmission/reception unit 33 .

Specifically, when there is a user operation within the valid period of the access token, the access token update unit 32 sets the automatic update timer 21 to a time shorter than the period between the valid period of the access token and the current time. is activated, and when the timer value of the automatic update timer 21 exceeds the set time, the access token is updated.

Note that in the present embodiment, the access token update unit 32 does not reset the automatic update timer 21 depending on the second or later user operation within the validity period of the access token.

However, the access token update unit 32 may reset the automatic update timer 21 using the current time when there is a second or subsequent user operation within the validity period of the access token.

The user session management unit 35 cancels the login state of the user after a preset period of time has elapsed since the user performed an operation. Note that the user session management unit 35 cancels the login state of the user after a period of time that is substantially the same as the valid period of the access token has elapsed after the user's operation.

Specifically, if there is a user operation within the validity period of the access token, the user session management unit 35 resets the logout timer 22 to a time substantially equal to the validity period of the access token, and If the value exceeds the set time, cancel the login state of the user.

Furthermore, when the user's login state is canceled, the user session management unit 35 also cancels the user's login state with respect to the authorization server 10 .

The setting information storage unit 36 stores setting information registered by the user.

The control unit 34 performs various controls for providing the device setting backup service, and stores the setting information transferred from the terminal device 40 in the setting information storage unit 36 or stores it in the setting information storage unit 36. It performs control such as transmission of setting information to the terminal device 40 .

Next, a schematic operation of the cloud server 20 in this embodiment will be described with reference to the flowchart of FIG. In the following explanation, it is assumed that the validity period of the access token issued by the authorization server 10 is 30 minutes.

First, when a user logs in by OAuth authentication as described above, the user session management unit 35 sets a timer value corresponding to 30 minutes to the logout timer 22 in step S401.

Thereafter, when a user operation is performed in step S402, the user session management unit 35 resets the timer value corresponding to 30 minutes to the logout timer 22 in step S403. That is, each time the user operates, the timer value of the logout timer 22 is reset to a timer value corresponding to 30 minutes.

Then, in step S404, it is determined whether or not the automatic update timer 22 is in operation. Here, if the automatic update timer 22 is not activated in step S404, the access token update unit 32 determines in step S405 the time corresponding to the difference between the expiration date of the access token and the current time minus one minute. The timer value to be used is set and the automatic update timer 21 is started.

For example, if the difference between the expiration date of the access token and the current time is 15 minutes, the access token update unit 32 sets a timer value corresponding to 14 minutes, which is 1 minute from 15 minutes, and automatically updates the timer. Start 21. In other words, the automatic update timer 21 is set to a timer value corresponding to one minute before the expiration date of the access token.

Also, if the automatic update timer 22 is running in step S404, the access token update unit 32 does not perform any processing.

In other words, the access token updating unit 32 activates the automatic update timer 22 only when the first user operation is performed within the validity period of the access token.

When the timer value of the automatic update timer 21 exceeds the set time, specifically, when the set timer value becomes zero, the access token update unit 32 requests the authorization server 10 to update the access token. conduct.

Further, when the timer value of the logout timer 22 exceeds the set time, specifically, when the set timer value becomes zero, the user session management unit 35 cancels the user's login state and resumes the user's session. disconnect.

Session management of this embodiment by performing such processing will be described with reference to the timing chart of FIG.

First, it is assumed that the user logs into the cloud server 20 using the access token at time t0. In this state, a timer value corresponding to 30 minutes is set in the logout timer 22, and the validity period of the access token still remains 30 minutes.

After that, at time t1, when a user operation is performed, the access token update unit 32 sets a timer value corresponding to time T1 and activates the automatic update timer 21 .

Here, time T1 is set as: expiration date-current time-1 minute. For example, if a user operation is performed 15 minutes after login, a timer value corresponding to 14 minutes (=15 minutes−1 minute) is set in the automatic update timer 21 .

Further, the user session management unit 35 resets the logout timer 22 due to the user operation performed at time t1.

After that, when there is a user operation at time t2, the access token update unit 32 does not perform any processing on the automatic update timer 21 because the automatic update timer 21 is already running. However, the user session management unit 35 resets the logout timer 22 due to the user's operation.

By performing the above control, the automatic update timer 21 expires at time t3 (the timer value reaches zero or reaches the set time), and the access token update unit 32 updates the authorization server 10. Execute automatic update process of access token. Therefore, the validity period of the access token will be extended to the remaining 30 minutes, and the expiration date will be postponed.

However, if no user operation is performed after time t2, the logout timer 22 expires at time t4, and the user session management unit 35 cancels the user's login state and disconnects the session. That is, at time t4, 30 minutes after time t2 when the last user operation was performed, the user's login state is canceled and the session is disconnected.

As described above, in the cloud server 20 of the present embodiment, the access token is automatically updated only once one minute before the expiration date, regardless of how many user operations are performed within the validity period of the access token. Become. Furthermore, since the logout timer 22 is reset each time a user operation is performed, the user's login state is canceled when 30 minutes elapse after no user operation is performed.

Note that the access token updating unit 32 automatically updates the access token immediately if there is a user operation after one minute before the expiration of the access token. The state of the processing at this time will be described with reference to the timing chart of FIG.

In this case, as shown in FIG. 11, the access token is automatically updated at time t2 when the user's operation is performed, and the logout timer 22 is reset.

Here, the user accesses the cloud server 20 via the terminal device 40 and uses a Web UI (User Interface) to display and operate a Web page. Therefore, when the user performs a page transition to switch the displayed web page to another web page, the page transition may be treated as a user operation and similar processing may be performed.

Therefore, when a page transition occurs, the access token update unit 32 starts the automatic update timer 21 in the same manner as when a user operation is performed.

For example, the state of processing when a page transition is performed for the first time after login will be described with reference to the timing chart of FIG.

Referring to the timing chart of FIG. 12, page transition is performed at time t1. Therefore, the access token update unit 32 activates the automatic update timer 21 and sets the time obtained by subtracting one minute from the difference between the expiration date and the current time t1 to the automatic update timer 21 .

It should be noted that both the automatic update timer 21 and the logout timer 22 are initialized when the above page transition is performed. Therefore, the access token update unit 32 resets the time of the automatic update timer 21 even if the automatic update timer 21 is running when page transition occurs.

A state of processing when page transition is performed after activation of the automatic update timer 21 in this manner will be described with reference to the timing chart of FIG. 13 .

As shown in FIG. 13 , even when the automatic update timer 21 is activated by a user operation at time t1, when a page transition occurs at time t2, the access token update unit 32 sets the automatic update timer 21 reset the time of Specifically, the access token update unit 32 resets the automatic update timer 21 to the time T1 obtained by subtracting one minute from the difference between the expiration date of the access token and the time t2.

However, there is no change in the time t3 at which the automatic update timer 21 expires before and after the automatic update timer 21 is reset.

Further, the user session management unit 35 resets the time of the logout timer 22 due to the occurrence of the page transition at the time t2. Therefore, if no user operation or page transition is performed thereafter, the user's logged-in state is canceled at time t4.

In each of the above embodiments, the processor refers to a processor in a broad sense, such as a general-purpose processor (e.g. CPU: Central Processing Unit, etc.) or a dedicated processor (e.g. GPU: Graphics Processing Unit, ASIC: Application Specific Integrated Circuit, FPGA: Field Programmable Gate Array, programmable logic device, etc.).

Further, the operations of the processors in each of the above embodiments may be performed not only by one processor but also by the cooperation of a plurality of physically separated processors. Also, the order of each operation of the processor is not limited to the order described in each of the above embodiments, and may be changed as appropriate.

[Variation]
In the above embodiment, the case where the cloud server 20 provides the device setting backup service has been described, but the present invention is not limited to this, and the same applies to cases where the cloud server 20 provides various web services. The present invention can be applied to

10 authorization server 11 CPU
12 Memory 13 Storage Device 14 Communication Interface 15 User Interface Device 16 Control Bus 20 Cloud Server 21 Automatic Update Timer 22 Logout Timer 30 Internet 31 Timer Section 32 Access Token Update Section 33 Data Transmission/Reception Section 34 Control Section 35 User Session Management Section 36 Setting Information Storage unit 40 Terminal device 50 Image forming device

Claims (7)

with memory and processor
The processor
receiving access permission information from an authorization server that permits user operations only within a preset validity period;
executing a process of updating the access permission information before the expiration date of the access permission information when a user operation is performed within the validity period of the received access permission information;
canceling the login state of the user after a preset period of time has passed since the user performed an operation;
Information processing equipment. 2. The information processing apparatus according to claim 1, wherein the processor cancels the logged-in state of the user when substantially the same period as the valid period of the access permission information has elapsed since the user's operation. 3. The information processing apparatus according to claim 1, wherein when the processor cancels the login state of the user, the processor also cancels the login state of the user with respect to the authorization server. The processor
If there is a user operation within the validity period of the access permission information, a first timer set to a time period shorter than the period between the validity period of the access permission information and the current time is started, and the first timer is started. when the timer value exceeds the set time, updating the access permission information;
If there is a user operation within the validity period of the access permission information, a second timer is set to substantially the same time as the validity period of the access permission information, and the timer value of the second timer exceeds the set time. 2. The information processing apparatus according to claim 1, wherein the login state of the user is canceled when the user is logged in. 5. The information processing apparatus according to claim 4, wherein the processor does not reset the first timer by a second or subsequent user operation within the validity period of the access permission information. 5. The information processing apparatus according to claim 4, wherein the processor resets the first timer using the current time when there is a second or subsequent user operation within the validity period of the access permission information. a step of receiving from the authorization server access permission information that permits user operations only within a preset validity period;
executing a process of updating the access permission information before the expiration date of the access permission information when a user operation is performed within the validity period of the received access permission information;
a step of canceling the logged-in state of the user after a preset period of time has elapsed since the user performed an operation;
A program that causes a computer to run

Images