WO2014201931A1 - Resource processing method and site server - Google Patents

Resource processing method and site server Download PDF

Info

Publication number
WO2014201931A1
WO2014201931A1 PCT/CN2014/077963 CN2014077963W WO2014201931A1 WO 2014201931 A1 WO2014201931 A1 WO 2014201931A1 CN 2014077963 W CN2014077963 W CN 2014077963W WO 2014201931 A1 WO2014201931 A1 WO 2014201931A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
site server
authorization
request
user
Prior art date
Application number
PCT/CN2014/077963
Other languages
French (fr)
Chinese (zh)
Inventor
陆多俊
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2014201931A1 publication Critical patent/WO2014201931A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to the field of communications and Internet technologies, and in particular, to a resource processing method and a site server. Background technique
  • Resource sharing and sharing are two basic needs of Internet users.
  • the sharing is that the resource owner pushes its own resources to other users. For example, if user A is authorized by B, the content of the network disk can be pushed to the network disk of user B.
  • a share is a user requesting authorization from another user to request the user to access the private resources of the requested user. For example, if user A is authorized by B, he can browse the content of the network disk of B.
  • the core of these two requirements is how to realize resource authorization between users and the process of resource exchange between users.
  • the requesting user and the requested user can be located at different service site servers, and the exchanged resources are located on the two service site servers.
  • For sharing the resources are located on the requesting user's service site server.
  • For sharing the resources are located in the requested user. On the service site server. In particular, the requesting user and the requested user can also be located on the same service site server.
  • OAuth development authorization
  • the resource requester initiates an authorization request to the resource owner
  • the resource requester initiates a resource access authorization request to the authorization server, and submits an authorization result obtained from the resource owner, and the authorization result is generally an authorization code;
  • the resource requester carries the access token to access the resource server.
  • the resource server determines whether the resource requester has access to the restricted resource according to whether the access token is legal.
  • the authorization server and the resource server may be a server;
  • OAuth 2.0 does not support resource owner offline authorization.
  • Oauth 2.0 only defines cross-site resource access authorization between users, and no resource sharing mechanism is defined. Summary of the invention
  • the present invention provides a resource processing method and a site server to solve the existing OAuth 2.0 specification in the prior art, does not support resource owner or manager offline authorization, and Oauth 2.0 only defines a cross between users. Station resource access authorization, there is no problem defining the resource sharing mechanism.
  • the present invention provides a resource processing method, where the method includes: receiving, by a first site server, a resource processing request sent by a requesting user of the first site server, where the resource processing request carries a second An address of the site server and an account of the requested user of the second site server; generating the resource authorization request according to the resource processing request, and sending the resource authorization request to the second site server; After the requested user allows the authorization, the resource authorization response sent by the second site server is received, and resource processing is performed according to the resource authorization response.
  • the resource processing request is a resource sharing request, where the resource authorization request carries an initial serial number, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
  • the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and the receiving the second site server
  • the resource authorization response is sent, and the resource processing is performed according to the resource authorization response.
  • the first site server receives the resource authorization response sent by the second site server by using the callback URL, and responds by using the resource authorization.
  • the resource sharing URL in the requesting, the sharing resource of the requesting user is sent to the second site server, so that the requested user obtains the shared resource from the second site server and shares the shared resource.
  • the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries an initial serial number, The shared resource information, the account number of the requested user, the callback URL, and the identity password of the first site server.
  • the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and the receiving the second site server And sending the resource authorization response according to the resource authorization response, where the first site server receives the resource authorization response sent by the second site server by using the callback URL, and receives the request.
  • the user's resource gets the request, it passes The resource sharing URL in the resource authorization response sends a resource acquisition request carrying the authorization token to the second site server; receiving the shared resource of the requested user sent by the second site server, And sending the shared resource to the requesting user, so that the requesting user acquires the shared resource.
  • the present invention provides a resource processing method, where the method includes: receiving, by a second site server, a resource authorization request sent by a first site server, where the resource authorization request is received by the first site server according to After the resource processing request sent by the requesting user by the first site server, the authorization request of the requested user for the second site server generated according to the resource processing request; when the second site server pairs the After the server is authenticated, the resource authorization request is sent to the requested user; the authorization confirmation information sent by the requesting user is received, and the resource authorization for the first site server is generated according to the authorization confirmation information. Responding to, and sending the resource authorization response to the first site server, where the first site server performs resource processing according to the resource authorization response.
  • the resource processing request is a resource sharing request, where the resource authorization request carries a unique transaction ID, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
  • the authorization confirmation information is that the requesting user allows authorization, and the generating, according to the authorization confirmation information, the first The resource authorization of the site server is generated, and the resource authorization response is sent to the first site server, specifically: after the requested user allows authorization, the second site server generates a checkpoint according to the authorization confirmation information.
  • a resource authorization response Determining, by the first site server, a resource authorization response, where the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL;
  • the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries an initial serial number, The shared resource information, the account number of the requested user, the callback URL, and the identity password of the first site server.
  • the authorization confirmation information is an authorization permission for the requesting user, and the generating, by the authorization confirmation information, the first The resource authorization of the site server is generated, and the resource authorization response is sent to the first site server, which is specifically: after the requested user allows authorization, the second site server generates a pair according to the authorization confirmation information.
  • a resource authorization response of the first site server includes an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; Transmitting, by the first site server, a resource acquisition request that carries the authorization token, and after verifying the authorization token, sending the shared resource of the requested user to the first site server, so as to enable the The first site server sends the shared resource to the requesting user.
  • the present invention provides a site server, where the site server includes: a receiving unit, configured to receive a resource processing request sent by a requesting user of a first site server, where the resource processing request carries a second site And the first processing unit is configured to receive the resource processing request from the receiving unit, And generating, by the resource processing request, the resource authorization request, and sending the resource authorization request to the second site server; and the second processing unit is configured to: after the requested user allows authorization, receive the The resource authorization response sent by the second site server, and the resource processing is performed according to the resource authorization response.
  • the resource processing request is a resource sharing request, where the resource authorization request carries an initial serial number, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
  • the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number
  • the second processing unit is further configured to: Receiving, by the second site server, a resource authorization response sent by the callback URL, and sending the shared resource of the requesting user to the second site server by using the resource sharing URL in the resource authorization response, to And causing the requested user to acquire the shared resource from the second site server and share the shared resource.
  • the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, and the resource authorization request Carrying an initial serial number, the shared resource information, an account of the requested user, a callback URL, and an identity password of the first site server.
  • the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and the receiving the second site server Sending a resource authorization response
  • the second processing unit is further configured to receive a resource authorization response sent by the second site server by using the callback URL, and when receiving the resource acquisition request of the requesting user, Sending, by the resource sharing URL in the resource authorization response, a resource acquisition request carrying the authorization token to the second site server, and receiving a resource acquisition response sent by the second site server, and acquiring the resource A response is sent to the requesting user to cause the requesting user to acquire the shared resource of the requested user.
  • the present invention provides a site server, where the site server includes: a receiving unit, configured to receive a resource authorization request sent by a first site server, where the resource authorization request is received by the first site server according to After the resource processing request sent by the requesting user of the first site server, the authorization request of the requested user for the second site server generated according to the resource processing request; the sending unit, configured to use the first After the site server performs the authentication, the resource authorization request is sent to the requested user; the processing unit is configured to receive the authorization confirmation information sent by the requesting user, and generate, according to the authorization confirmation information, the first site. Responding to the resource authorization of the server, and sending the resource authorization response to the first site server, where the first site server performs resource processing according to the resource authorization response.
  • the resource processing request is a resource sharing request, where the resource authorization request carries an initial serial number, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
  • the authorization confirmation information is authorized for the requesting user
  • the processing unit is further configured to: when the requested user allows After the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, where the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and Sending a resource authorization response to the first site server; and receiving, by the first site server, the shared resource of the requesting user sent by the resource sharing URL in the resource authorization response, so that the The requested user obtains the shared resource and shares the shared resource.
  • the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries a unique transaction ID and a The shared resource information, the account number of the requested user, the callback URL, and the identity password of the first site server.
  • the authorization confirmation information is authorized for the requesting user
  • the processing unit is further configured to: when the requested user allows After the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, where the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and Transmitting a URL to the first site server to send a resource authorization response; and, after receiving the resource acquisition request that is sent by the first site server and carrying the authorization token, and verifying the authorization token, The first site server returns a shared resource of the requested user, so that the first site server sends the shared resource to the requesting user.
  • the first site server receives the resource processing request sent by the requesting user, generates a resource authorization request according to the resource processing request, and sends the resource authorization request to the second site server, when After the second site server authenticates the first site server, the resource authorization request is sent to the requested user.
  • the second site server receives the authorization confirmation information sent by the requesting user, and generates the authorization confirmation information according to the authorization. Responding to the resource authorization of the first site server, and sending the resource authorization response to the first site server.
  • the first site server After receiving the resource authorization response sent by the second site server, the first site server performs resource processing according to the resource authorization response, thereby implementing Resource processing between different site servers, and can be widely used for sharing and sharing resources such as cross-site network disks, microblogs, SNS contacts, conferences/schedules, and the like.
  • FIG. 1 is a flowchart of a resource processing method according to Embodiment 1 of the present invention.
  • FIG. 2 is a flowchart of a resource processing method according to Embodiment 2 of the present invention
  • 3 is a schematic diagram of a resource processing method according to Embodiment 3 of the present invention
  • FIG. 4 is a schematic diagram of a resource processing method according to Embodiment 4 of the present invention.
  • FIG. 5 is a schematic diagram of a site server according to Embodiment 5 of the present invention.
  • FIG. 6 is a schematic diagram of a site server according to Embodiment 6 of the present invention.
  • FIG. 7 is a schematic diagram of a site server according to Embodiment 7 of the present invention.
  • FIG. 8 is a schematic diagram of a site server according to Embodiment 8 of the present invention. detailed description
  • the present invention discloses a resource processing method and a site server.
  • the first site server receives a resource processing request sent by a requesting user, the resource processing request includes a resource sharing request and a resource sharing request, and generates a resource authorization request according to the resource processing request, and Sending the resource authorization request to the second site server, and after the second site server authenticates the first site server, sending the resource authorization request to the requested user, and after requesting the user to approve the authorization, the second site server receives the request.
  • the resource processing includes resource sharing and resource sharing, thereby implementing resource processing between different site servers, including but not limited to: sounds that can be stored in the computer: Video, pictures, text and various forms of documents.
  • the method of the embodiment of the present invention can be widely applied to sharing and sharing resources of a cross-site network disk, a microblog, an SNS contact, a conference/schedule, and the like, and an authorization method between the second site server and the requested user,
  • the two-site server can select its authorization mode according to the communication mode between itself and the requested user.
  • the first site server and the second site server in the embodiments of the present invention refer to servers that belong to different owners or are managed by different owners, and the server includes one or more resource servers and/or portal servers.
  • the different site servers typically have different domain names or network identities.
  • FIG. 1 is a flowchart of a resource processing method according to Embodiment 1 of the present invention. As shown in the figure, this is The example specifically includes the following steps:
  • Step 110 The first site server receives a resource processing request of the requesting user of the first site server.
  • the received resource processing request carries the address of the second site server and the account of the requested user of the second site server.
  • the first site server is the site server where the requesting user is located, and the second site server is the site server where the requested user is located.
  • the requesting user A of the first site server logs in to the first site server and initiates a resource processing request to the requested user B of the second site server.
  • the resource processing request includes a resource sharing request or a resource sharing request.
  • the requesting user A of the first site server is simply referred to as user A
  • the requested user B of the second site server is referred to as user B.
  • the other embodiments are the same, and are not described again.
  • User A When the user needs to send a resource sharing request to User B, User A selects its resource on the first site server and shares the resource with User B who has an account on the second site server. At this time, User A only needs to know the account of User B and the address of the second site server where User B is located. For example, the information of the user B that the user A knows is: account_of_b@www.sitey.com, and the first site server determines, according to the information, the object of the resource sharing, that is, the account of the user B is account_of-b, and the user B is located. The address of the second site server is www.sitey.com.
  • user A selects the resource shared by user B on the second site server.
  • the user A in addition to knowing the account of the user B and the address of the second site server where the user B is located, the user A must also know the resource name of the sharable resource, and the user B may disclose the user B to the user A in multiple channels.
  • the name of the sharable resource For example, user B can send the shareable resource path to user A in the email, microblog, and instant chat tool, where the second site server provides the shared resource path mode provided by user B as follows:
  • Step 120 The first site server generates a resource authorization request according to the resource processing request, and sends the resource authorization request to the second site server, where the first site server sends the resource to the second site server according to the address of the second site server.
  • Authorization request Specifically, when the resource processing request of the user A is a resource sharing request, the first site server where the user A is located sends a resource authorization request to the second site server according to the address of the second site server that is carried by the resource sharing request, and the resource is requested.
  • the authorization request carries the initial serial number, shared resource information, user B's account number, callback Uniform Resource Locator (URL), and the identity code of the first site server.
  • the sharing resource information includes one or more of the following information: sharing a resource name, sharing a resource content size, sharing a resource type, and sharing a resource format.
  • the resource sharing request carries the shared resource information of the user B in addition to the address of the second site server and the account of the user B, so the user A
  • the first site server sends a resource authorization request to the second site server according to the address of the second site server that is carried by the resource sharing request, and the resource authorization request carries the initial serial number, the shared resource name of the user B, and the user B. Account number, callback URL, and identity password for the first site server.
  • the shared resource information includes one or more of the following information: a shared resource name, a shared resource content size, a shared resource type, and a shared resource format.
  • the initial serial number is a serial number that uniquely identifies the current resource authorization request, and may also be referred to as a unique transaction ID.
  • Step 130 After the user B permits the authorization, the first site server receives the resource authorization response sent by the second site server, and performs resource processing according to the resource authorization response.
  • the resource authorization response of the second site server returning to the first site server includes an authorization token, a resource sharing URL, and an initial serial number, when the first site server receives the second site server and sends the message through the callback URL.
  • the user A's shared resource is sent to the second site server through the resource sharing URL carried in the resource authorization response, so that the user B obtains the user A's shared resource from the second site server and shares the shared resource.
  • the resource authorization response of the second site server returning to the first site server includes an authorization token, a resource sharing URL, and an initial serial number, when the first site server receives the second site server and sends the message through the callback URL.
  • the resource authorization response is received, and the resource acquisition request sent by the user A is received, the resource sharing request carrying the authorization token is sent to the second site server by using the resource sharing URL carried in the resource authorization response;
  • the first site server receives the resource acquisition response sent by the second site server, and sends the resource acquisition response to the user A, so that the user A obtains the sharing of the user B. Resources.
  • the first site server receives a resource processing request sent by the requesting user, the resource processing request includes a resource sharing request and a resource sharing request, and generates a resource authorization request according to the resource processing request, and The resource authorization request is sent to the second site server.
  • the resource authorization request is sent to the requested user, and when the requested user agrees to authorize, the second site server sends the second site server.
  • the resource processing is performed according to the resource authorization response, and the resource processing includes resource sharing and resource sharing, thereby realizing resource processing between different site servers.
  • FIG. 2 is a flowchart of a resource processing method according to Embodiment 2 of the present invention. As shown in the figure, the embodiment specifically includes the following steps:
  • Step 210 The second site server receives the resource authorization request sent by the first site server.
  • the resource authorization request is an authorization request of the requested user of the second site server generated according to the resource processing request after the first site server receives the resource processing request sent by the user of the first site server.
  • the first site server is the site server where the requesting user is located
  • the second site server is the site server where the requested user is located.
  • Step 220 After the second site server authenticates the first site server, send the received resource authorization request to the requested user.
  • the second site server may authenticate the first site server according to the identity code of the first site server carried in the resource authorization request.
  • the second site server sends the received resource authorization request to the user B according to the registered user account of the requested user, that is, the user B on the own site server.
  • the mouth There are many ways to send it, than the mouth:
  • the resource authorization request is sent by means of email; if the user B is registered with the mobile phone number, the resource authorization request is sent by sending the short message or the multimedia message;
  • the resource authorization request is sent by sending a system message
  • the resource authorization request is sent in the manner of sending the message in the station.
  • Step 230 the second site server receives the authorization confirmation information sent by the requesting user, according to the The authorization confirmation information generates a resource authorization response to the first site server, and sends the resource authorization response to the first site server, where the first site server performs resource processing according to the resource authorization response.
  • the resource processing request sent by the requesting user of the first site server is divided into two types: a resource sharing request and a resource sharing request.
  • the resource processing method provided by the embodiment of the present invention is specifically:
  • the first site server When the resource processing request sent by the requesting user of the first site server is a resource sharing request, the first site server generates a resource authorization request for the requested user of the second site server according to the resource sharing request, which carries the unique Transaction ID, shared resource information, the account of the requested user, the callback URL, and the identity password of the first site server.
  • the second site server After receiving the resource authorization request, the second site server sends the resource authorization request to the requested user after authenticating the first site server according to the identity password of the first site server carried in the resource authorization request;
  • the second site server receives the authorization confirmation information sent by the requesting user, the authorization confirmation information indicating that the requesting user has allowed the authorization, and after the requested user permits the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, the resource authorization The response includes an authorization token, a resource sharing URL, an initial serial number, and a resource authorization response is sent to the first site server via a callback URL.
  • the first site server when the resource processing request sent by the requesting user of the first site server is a resource sharing request, the first site server generates a resource authorization request for the requested user of the second site server according to the resource sharing request, which carries the unique a transaction ID, the shared resource information, an account of the requested user, a callback URL, and an identity password of the first site server.
  • the second site server After receiving the resource authorization request, the second site server sends the resource authorization request to the requested user after authenticating the first site server according to the identity password of the first site server carried in the resource authorization request;
  • the second site server receives the authorization confirmation information sent by the requesting user, the authorization confirmation information indicating that the requesting user has allowed the authorization, and after the requested user allows the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information,
  • the resource authorization response includes an authorization token,
  • the resource share URL, the initial serial number, and the resource 4 authorized response is sent to the first site server through the callback URL.
  • the second site server receives the resource authorization request sent by the first site server, and after the second site server authenticates the first site server, sends the resource authorization request to the requested request. Receiving, by the user, the authorization confirmation information sent by the requested user, and generating a resource authorization response to the first site server according to the authorization confirmation information, and sending the resource authorization response to the first site server, where the first site server is configured according to the The resource authorization response performs resource processing, and the resource processing includes resource sharing or resource sharing, thereby realizing resource processing between different site servers.
  • FIG. 3 is a schematic diagram of a resource processing method according to Embodiment 3 of the present invention.
  • This embodiment is a cross-site resource sharing between users. It is assumed that the requesting user Bob and the requested user Alice have accounts on the network disk server X (ie, the first site server) and the network disk server Y (ie, the second site server), respectively, and the account names are Bob and Alice, respectively. Bob selects some of the contents of his network disk and shares it with Alice. After Alice agrees to authorize, Bob transfers the contents of the network disk to Alice's network disk.
  • the embodiment specifically includes the following steps:
  • Step 310 Request the user Bob to send a resource processing request to the first site server. among them,
  • Step 320 The network disk server X parses the shared object of the Bob, constructs a resource authorization request sent to the network disk server Y, and sends the resource authorization request to the network disk server.
  • the resource authorization request includes: an initial serial number (transld), a shared resource name, a shared user account (alice), a callback URL, and an identity password (password) of the network disk server X.
  • information such as the size, type, format, and the like of the shared resource content may be added.
  • Step 330 the network disk server Y sends Alice a request authorization email to Alice registered mailbox, for example, alice(g).exa. mplemail.com, and sends a consent authorization link in the cow, when Alice clicks the link, then Triggered to the network disk server Y, indicating that Alice agreed to the authorization.
  • the request authorization process is completed in the form of sending an email.
  • the request authorization process is not limited to mail, but can also be completed in the form of short messages, in-site notifications, and the like.
  • Step 340 when Alice logs in to her mailbox, browses the request authorization email, selects consent or does not agree to the authorization; if Alice agrees to authorize, click the consent link to trigger to the network disk server Y;
  • Step 350 The network disk server Y generates a resource authorization response for the network disk server X.
  • the resource authorization response includes an authorization token (Access Token), a resource sharing URL, an initial serial number, and the resource authorization response is returned to the network disk server X.
  • the authorization token also includes its validity period.
  • Step 360 The network disk server X uploads the content shared by the Bob to the network disk server Y, and carries the authorization token in step 350.
  • Step 370 when Alice logs in to the network disk to serve its Y, it can browse and download the content shared by Bob.
  • FIG. 4 is a schematic diagram of a resource processing method according to Embodiment 4 of the present invention.
  • This embodiment is a cross-site resource sharing between users. It is assumed that the requesting user Bob and the requested user Alice have accounts on the network disk server X (ie, the first site server) and the network disk server Y (ie, the second site server), respectively, and the account names are bob and alice, respectively.
  • Bob knows Alice's shareable resource name: alice@www.sitey.com/networkdisk/sharedPhotos.
  • Bob requests Alice to share resources on the network server.
  • the network disk server X requests the network disk server Y to authorize, Y requests the Alice authorization by means of a message, for example, an email (email), a short message, a station notification, a system message, etc., and when Alice agrees to authorize, Alice's network disk
  • a message for example, an email (email), a short message, a station notification, a system message, etc.
  • Alice agrees to authorize, Alice's network disk
  • the resource sharing path, together with the authorization token (Access Token) is called back to the network disk server X.
  • Bob can browse Alice's shared resources through the network disk server X.
  • the embodiment specifically includes the following steps:
  • Step 410 Bob initiates a resource sharing request after logging in to the network disk server X by using the terminal device.
  • the resource authorization request includes: an initial serial number (transld), a shared resource name (/networkdisk/sharedPhotos), a shared user account (alice), a callback URL, and an identity password (password) of the network disk server X.
  • information such as the size, type, format, and the like of the shared resource content may be added;
  • the request authorization process is completed in the form of sending an email.
  • the request authorization process is not limited to mail, but can also be completed in the form of short messages, in-site notifications, and the like.
  • Step 440 after Alice logs in to his mailbox, browses the request authorization email, selects consent or does not agree to the authorization;
  • Step 450 Alice agrees to authorize, clicks the consent link, triggers to the network disk server Y;
  • Step 460 The network disk server Y generates a resource authorization response for the network disk server X.
  • the resource authorization response includes an authorization token (Access Token), a resource sharing URL, an initial serial number, and the resource authorization response is returned to the network disk server X.
  • the authorization token also includes its validity period.
  • step 470 Bob queries the network disk server X for the shared resource, and X lists the shared resource list that has been authorized.
  • Step 480 When Bob browses the authorized shared resource, the network disk server X acquires the shared resource from the resource sharing URL provided by the network disk server Y, and carries an access token (Access Token). The network disk server Y needs to verify the validity of the Access Token carried by the network disk server X. If it passes, it returns the shared resource to the network disk server X.
  • an access token Access Token
  • FIG. 5 is a schematic diagram of a site server according to Embodiment 5 of the present invention.
  • the site server is a site server where the requesting user is located, and is defined as a first site server for performing the resource processing methods provided in Embodiments 1 to 4 of the present invention.
  • the embodiment of the present invention specifically includes: a receiving unit 51, a first processing unit 52, and a second processing unit 53.
  • the receiving unit 51 is configured to receive a resource processing request sent by the requesting user of the first site server, where the resource processing request carries an address of the second site server and an account of the requested user of the second site server, and the The resource processing request is transmitted to the first processing unit 52; the first processing unit 52 is configured to receive the resource processing request from the receiving unit, generate the resource authorization request according to the resource processing request, and authorize the resource Sending a request to the second site server; the second processing unit 53 is configured to: after the requested user allows authorization, receive a resource authorization response sent by the second site server, and perform resource processing according to the resource authorization response. .
  • the resource processing request is a resource sharing request
  • the resource authorization is requested.
  • the request carries a unique transaction ID, shared resource information, an account of the requested user, a callback Uniform Resource Locator URL, and an identity password of the first site server.
  • the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number.
  • the second processing unit 53 is further configured to receive a resource authorization response sent by the second site server by using the callback URL, and authorize the resource by using the resource. Transmitting, by the resource sharing URL in the response, the shared resource of the requesting user to the second site server, so that the requested user obtains the shared resource from the second site server and shares the shared resource .
  • the resource processing request is a resource sharing request
  • the resource sharing request further carries a shared resource name of the requested user
  • the resource authorization request carries a unique transaction ID and the shared resource information.
  • the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and the receiving the resource authorization response sent by the second site server, where the second processing unit 53 is further configured to receive the second site server.
  • the resource authorization response sent by the callback URL and when the resource acquisition request of the requesting user is received, the resource sharing URL in the resource authorization response is sent to the second site server to carry the authorization order.
  • a resource acquisition request of the card and receiving a resource acquisition response sent by the second site server, and sending the resource acquisition response to the requesting user, so that the requesting user acquires the shared resource of the requested user.
  • the site server receives the resource processing request sent by the requesting user, the resource processing request includes a resource sharing request and a resource sharing request, and generates a resource authorization request according to the resource processing request, and sends the resource authorization request.
  • the resource processing includes resource sharing and resource sharing, thereby realizing resource processing between different site servers, and can be widely applied to cross-site network disks, microblogs, SNS contacts, conferences/ Sharing and sharing of resources such as schedules.
  • FIG. 6 is a schematic diagram of a site server according to Embodiment 6 of the present invention.
  • the site server is a site server where the requested user is located, and is defined as a second site server, and is used to perform the resource processing method provided in Embodiments 1 to 4 of the present invention.
  • the embodiment of the present invention specifically includes: a receiving unit 61, a sending unit 62, and a processing unit 63.
  • the receiving unit 61 is configured to receive a resource authorization request sent by the first site server, where the resource authorization request is after the first site server receives the resource processing request sent by the user of the first site server, according to the The resource processing request generates an authorization request for the requested user of the second site server; the sending unit 62 is configured to send the resource authorization request to the requested user after authenticating the first site server; the processing unit 63 is configured to receive the authorization confirmation information sent by the requesting user, generate a resource authorization response to the first site server according to the authorization confirmation information, and send the resource authorization response to the first site. And a server, configured to perform resource processing according to the resource authorization response by the first site server. The sending unit 62 is further configured to send the resource authorization request to the requested user after performing identity verification on the first site server according to the identity password of the first site server.
  • the resource processing request is a resource sharing request, where the resource authorization request carries a unique transaction ID, shared resource information, an account of the requested user, a callback uniform resource locator URL, and the first The identity password of the site server.
  • the authorization confirmation information is that the requesting user allows the authorization
  • the processing unit 63 is further configured to: after the requested user allows the authorization, the second site server generates, according to the authorization confirmation information, the first site.
  • the resource authorization response including an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; and receiving the first site And the server shares the shared resource of the requesting user sent by the resource sharing URL in the resource authorization response, so that the requested user acquires the shared resource and shares the shared resource.
  • the resource processing request is a resource sharing request
  • the resource sharing request further carries a shared resource name of the requested user
  • the resource authorization request carries a unique transaction ID and the shared resource information.
  • the authorization confirmation information is that the requesting user allows the authorization
  • the processing unit 63 is further configured to: after the requested user allows the authorization, the second site server generates, according to the authorization confirmation information, the first site.
  • the resource authorization response including an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; and, when receiving the first a resource acquisition request sent by the site server carrying the authorization token, and performing the authorization token After the verification, the shared resource of the requested user is sent to the first site server, so that the first site server sends the shared resource to the requesting user.
  • the second site server provided by the embodiment of the present invention receives the resource authorization request sent by the first site server, and sends the resource authorization request to the requested user after the second site server authenticates the first site server. And receiving the authorization confirmation information sent by the requested user, and generating a resource authorization response to the first site server according to the authorization confirmation information, and sending the resource authorization response to the first site server, where the first site server is authorized according to the resource
  • the resource processing includes resource sharing or resource sharing, thereby realizing resource processing between different site servers, and can be widely applied to sharing resources of cross-site network disks, microblogs, SNS contacts, conferences/schedules, and the like. And sharing, while expanding the authorization method between the second site server and the requested user, the second site server can select its authorization mode according to the communication mode between itself and the requested user.
  • FIG. 7 is a schematic diagram of a site server according to Embodiment 7 of the present invention.
  • the site server is a site server where the requesting user is located, and is defined as a first site server for performing the resource processing methods provided in Embodiments 1 to 4 of the present invention.
  • the first site server provided in this embodiment includes: a site server port 71, a processor 72, and a memory 77.
  • the site server bus 74 is used to connect the site server port 71, the processor 72, and the memory 77.
  • the site server port 71 can be connected to the requesting user and the second site server where the requested user is located, respectively.
  • the memory 77 can be a persistent storage such as a hard disk drive and a flash memory having a software module and a device driver.
  • the software modules are capable of executing the various functional modules of the above described method of the present invention; the device drivers can be network and interface drivers.
  • FIG. 8 is a schematic diagram of a site server according to Embodiment 8 of the present invention.
  • the site server is a site server where the requested user is located, and is defined as a second site server for performing the resource processing methods provided by the first to fourth embodiments of the present invention.
  • the first site server provided in this embodiment includes: a site server port 81, a processor 82, and a memory 88.
  • the site server bus 84 is used to connect to the site server port 81, processor 82, and memory 88.
  • the site server port 81 can be respectively associated with the requesting user and the requested user.
  • the site server is connected.
  • Memory 88 can be a persistent storage, such as a hard drive and flash memory, with software modules and device drivers in memory 88.
  • the software modules are capable of executing the various functional modules of the above described method of the present invention; the device drivers can be network and interface drivers.
  • the steps of a method or algorithm described in connection with the embodiments disclosed herein may be implemented in hardware, a software module executed by a processor, or a combination of both.
  • the software module can be placed in random access memory (RAM), memory, read only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or technical field. Any other form of storage medium known.

Abstract

A resource processing method and a site server. The method comprises the following steps: a first site server receiving a resource processing request sent by a requesting user of the first site server, the resource processing request carrying an address of a second site server and an account number of a requested user of the second site server; generating a resource grant request according to the resource processing request, and sending the resource grant request to the second site server; and when the requested user allows a grant, receiving a resource grant response sent by the second site server, and performing resource processing according to the resource grant response. Therefore, the present invention implements resource processing between different site servers, and can be widely applied to sharing of resources such as a cross-site network disk, micro blog, a social networking site (SNS) contact, a conference, and an agenda.

Description

资源处理方法和站点服务器 技术领域  Resource processing method and site server
本发明涉及通信和互联网技术领域, 尤其涉及一种资源处理方法和站点 服务器。 背景技术  The present invention relates to the field of communications and Internet technologies, and in particular, to a resource processing method and a site server. Background technique
资源分享和共享是互联网用户的两项基本需求。分享是资源所有者将自 己的资源推送给其他用户, 例如, 用户 A在得到 B的授权情况下, 可以将其 网盘内容推送到用户 B的网盘中。 共享是一个用户请求其他用户授权, 以使 得请求用户访问被请求用户的私有资源。 例如, 用户 A在得到 B的授权情况 下, 可以浏览 B的网盘内容。 其中, 这两个需求的核心在于如何实现用户之 间的资源授权, 以及用户之间的资源交换过程。 一般情况, 请求用户和被请 求用户可以位于不同的服务站点服务器, 交换的资源位于这两个服务站点服 务器上, 对于分享, 资源位于请求用户的服务站点服务器上, 对于共享, 资 源位于被请求用户的服务站点服务器上。 特别地, 请求用户和被请求用户也 可以位于同一个服务站点服务器。  Resource sharing and sharing are two basic needs of Internet users. The sharing is that the resource owner pushes its own resources to other users. For example, if user A is authorized by B, the content of the network disk can be pushed to the network disk of user B. A share is a user requesting authorization from another user to request the user to access the private resources of the requested user. For example, if user A is authorized by B, he can browse the content of the network disk of B. Among them, the core of these two requirements is how to realize resource authorization between users and the process of resource exchange between users. In general, the requesting user and the requested user can be located at different service site servers, and the exchanged resources are located on the two service site servers. For sharing, the resources are located on the requesting user's service site server. For sharing, the resources are located in the requested user. On the service site server. In particular, the requesting user and the requested user can also be located on the same service site server.
目前, 现有的开发授权(OAuth )技术可以用来解决资源请求者在授权 后, 访问资源所有者在资源服务器上的资源。 其过程一般为:  Currently, the existing development authorization (OAuth) technology can be used to solve the resource requester's access to the resource owner's resources on the resource server after authorization. The process is generally:
( 1 ) 资源请求者向资源所有者发起授权请求;  (1) The resource requester initiates an authorization request to the resource owner;
( 2 ) 资源所有者同意授权请求, 给资源请求者返回授权结果;  (2) The resource owner agrees to the authorization request and returns the authorization result to the resource requester;
( 3 ) 资源请求者向授权服务器发起资源访问授权请求, 并提交从资源 所有者得到的授权结果, 该授权结果一般是一个授权码;  (3) The resource requester initiates a resource access authorization request to the authorization server, and submits an authorization result obtained from the resource owner, and the authorization result is generally an authorization code;
( 4 )授权服务器验证授权结果, 如果合法, 给资源请求者返回资源访 问令牌;  (4) authorizing the server to verify the authorization result, and if it is legal, returning the resource access token to the resource requester;
( 5 ) 资源请求者携带访问令牌访问资源服务器。 资源服务器根据访问 令牌是否合法, 判断是否给资源请求者权限访问受限资源。 实现上, 授权服 务器和资源服务器可能是一个服务器;  (5) The resource requester carries the access token to access the resource server. The resource server determines whether the resource requester has access to the restricted resource according to whether the access token is legal. In practice, the authorization server and the resource server may be a server;
但是,现有 OAuth2.0规范, 不支持资源所有者离线授权。 另夕卜, Oauth2.0 只定义了用户之间的跨站资源访问授权, 没有定义资源分享机制。 发明内容 However, the existing OAuth 2.0 specification does not support resource owner offline authorization. In addition, Oauth 2.0 only defines cross-site resource access authorization between users, and no resource sharing mechanism is defined. Summary of the invention
本发明提供了一种资源处理方法和站点服务器, 以解决现有技术中的现 有 OAuth2.0规范, 不支持资源所有者或者管理者离线授权, 以及 Oauth2.0 只定义了用户之间的跨站资源访问授权, 没有定义资源分享机制的问题。  The present invention provides a resource processing method and a site server to solve the existing OAuth 2.0 specification in the prior art, does not support resource owner or manager offline authorization, and Oauth 2.0 only defines a cross between users. Station resource access authorization, there is no problem defining the resource sharing mechanism.
在第一方面, 本发明提供了一种资源处理方法, 所述方法包括: 第一站 点服务器接收所述第一站点服务器的请求用户发送的资源处理请求, 所述资 源处理请求中携带有第二站点服务器的地址和所述第二站点服务器的被请 求用户的账号; 根据所述资源处理请求生成所述资源授权请求, 并将所述资 源授权请求发送给所述第二站点服务器; 当所述被请求用户允许授权后, 接 收所述第二站点服务器发送的资源授权响应, 并根据所述资源授权响应进行 资源处理。  In a first aspect, the present invention provides a resource processing method, where the method includes: receiving, by a first site server, a resource processing request sent by a requesting user of the first site server, where the resource processing request carries a second An address of the site server and an account of the requested user of the second site server; generating the resource authorization request according to the resource processing request, and sending the resource authorization request to the second site server; After the requested user allows the authorization, the resource authorization response sent by the second site server is received, and resource processing is performed according to the resource authorization response.
在第一种可能的实现方式中, 所述资源处理请求为资源分享请求, 所述 资源授权请求携带有初始流水号、 分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的身份密码。  In a first possible implementation manner, the resource processing request is a resource sharing request, where the resource authorization request carries an initial serial number, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
结合第一方面的第一种可能的实现方式, 在第二种可能的实现方式中, 所述资源授权响应包括授权令牌、 资源分享 URL、 初始流水号, 所述接收所 述第二站点服务器发送的资源授权响应, 并根据所述资源授权响应进行资源 处理具体为: 所述第一站点服务器接收所述第二站点服务器通过所述回调 URL发送的资源授权响应 ,并通过所述资源授权响应中的所述资源分享 URL 将所述请求用户的分享资源发送给所述第二站点服务器, 以使所述被请求用 户从所述第二站点服务器获取所述分享资源并分享所述分享资源。  With reference to the first possible implementation manner of the first aspect, in a second possible implementation manner, the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and the receiving the second site server The resource authorization response is sent, and the resource processing is performed according to the resource authorization response. The first site server receives the resource authorization response sent by the second site server by using the callback URL, and responds by using the resource authorization. The resource sharing URL in the requesting, the sharing resource of the requesting user is sent to the second site server, so that the requested user obtains the shared resource from the second site server and shares the shared resource.
在第三种可能的实现方式中, 所述资源处理请求为资源共享请求, 所述 资源共享请求还携带有所述被请求用户的共享资源名称, 所述资源授权请求 携带有初始流水号、 所述共享资源信息、 所述被请求用户的账号、 回调 URL 和所述第一站点服务器的身份密码。  In a third possible implementation manner, the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries an initial serial number, The shared resource information, the account number of the requested user, the callback URL, and the identity password of the first site server.
结合第一方面的第三种可能的实现方式, 在第四种可能的实现方式中, 所述资源授权响应包括授权令牌、 资源共享 URL、 初始流水号, 所述接收所 述第二站点服务器发送的资源授权响应, 并根据所述资源授权响应进行资源 处理具体为: 所述第一站点服务器接收到所述第二站点服务器通过所述回调 URL发送的资源授权响应,且接收到所述请求用户的资源获取请求时,通过 所述资源授权响应中的所述资源分享 URL向所述第二站点服务器发送携带 有所述授权令牌的资源获取请求; 接收所述第二站点服务器发送的所述被请 求用户的共享资源, 并将所述共享资源发送给所述请求用户, 以使所述请求 用户获取所述共享资源。 With reference to the third possible implementation of the first aspect, in a fourth possible implementation, the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and the receiving the second site server And sending the resource authorization response according to the resource authorization response, where the first site server receives the resource authorization response sent by the second site server by using the callback URL, and receives the request. When the user's resource gets the request, it passes The resource sharing URL in the resource authorization response sends a resource acquisition request carrying the authorization token to the second site server; receiving the shared resource of the requested user sent by the second site server, And sending the shared resource to the requesting user, so that the requesting user acquires the shared resource.
在第二方面, 本发明提供了一种资源处理方法, 所述方法包括: 第二站 点服务器接收第一站点服务器发送的资源授权请求, 所述资源授权请求是所 述第一站点服务器根据接收到所述第一站点服务器的请求用户发送的资源 处理请求后,根据所述资源处理请求生成的针对所述第二站点服务器的被请 求用户的授权请求; 当所述第二站点服务器对所述第一站点服务器进行身份 验证后, 将所述资源授权请求发送给所述被请求用户; 接收所述请求用户发 送的授权确认信息,根据所述授权确认信息生成对所述第一站点服务器的资 源授权响应, 并将所述资源授权响应发送给所述第一站点服务器, 用以所述 第一站点服务器根据所述资源授权响应进行资源处理。  In a second aspect, the present invention provides a resource processing method, where the method includes: receiving, by a second site server, a resource authorization request sent by a first site server, where the resource authorization request is received by the first site server according to After the resource processing request sent by the requesting user by the first site server, the authorization request of the requested user for the second site server generated according to the resource processing request; when the second site server pairs the After the server is authenticated, the resource authorization request is sent to the requested user; the authorization confirmation information sent by the requesting user is received, and the resource authorization for the first site server is generated according to the authorization confirmation information. Responding to, and sending the resource authorization response to the first site server, where the first site server performs resource processing according to the resource authorization response.
在第一种可能的实现方式中, 所述资源处理请求为资源分享请求, 所述 资源授权请求携带有唯一事务 ID、 分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的身份密码。  In a first possible implementation manner, the resource processing request is a resource sharing request, where the resource authorization request carries a unique transaction ID, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
结合第二方面的第一种可能的实现方式, 在第二种可能的实现方式中, 所述授权确认信息为所述请求用户允许授权, 所述根据所述授权确认信息生 成对所述第一站点服务器的资源授权响, 并将所述资源授权响应发送给所述 第一站点服务器具体为: 当所述被请求用户允许授权后, 所述第二站点服务 器根据所述授权确认信息生成对所述第一站点服务器的资源授权响应, 所述 资源授权响应包括授权令牌、 资源分享 URL、 初始流水号, 并通过所述回调 URL向所述第一站点服务器发送资源授权响应;接收所述第一站点服务器通 过所述资源授权响应中的所述资源分享 URL发送的所述请求用户的分享资 源, 以使所述被请求用户获取所述分享资源并分享所述分享资源。  With reference to the first possible implementation manner of the second aspect, in a second possible implementation manner, the authorization confirmation information is that the requesting user allows authorization, and the generating, according to the authorization confirmation information, the first The resource authorization of the site server is generated, and the resource authorization response is sent to the first site server, specifically: after the requested user allows authorization, the second site server generates a checkpoint according to the authorization confirmation information. Determining, by the first site server, a resource authorization response, where the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; The shared resource of the requesting user sent by the site server through the resource sharing URL in the resource authorization response, so that the requested user acquires the shared resource and shares the shared resource.
在第三种可能的实现方式中, 所述资源处理请求为资源共享请求, 所述 资源共享请求还携带有所述被请求用户的共享资源名称, 所述资源授权请求 携带有初始流水号、 所述共享资源信息、 所述被请求用户的账号、 回调 URL 和所述第一站点服务器的身份密码。 结合第二方面的第三种可能的实现方式, 在第四种可能的实现方式中, 所述授权确认信息为所述请求用户允许授权, 所述根据所述授权确认信息生 成对所述第一站点服务器的资源授权响, 并将所述资源授权响应发送给所述 第一站点服务器应具体为: 当所述被请求用户允许授权后, 所述第二站点服 务器根据所述授权确认信息生成对所述第一站点服务器的资源授权响应, 所 述资源授权响应包括授权令牌、 资源共享 URL、 初始流水号, 并通过所述回 调 URL向所述第一站点服务器发送资源授权响应; 当接收所述第一站点服 务器发送的携带有所述授权令牌的资源获取请求 , 并对所述授权令牌进行验 证后, 向所述第一站点服务器发送所述被请求用户的共享资源, 以使所述第 一站点服务器将所述共享资源发送给所述请求用户。 In a third possible implementation manner, the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries an initial serial number, The shared resource information, the account number of the requested user, the callback URL, and the identity password of the first site server. With reference to the third possible implementation manner of the second aspect, in a fourth possible implementation manner, the authorization confirmation information is an authorization permission for the requesting user, and the generating, by the authorization confirmation information, the first The resource authorization of the site server is generated, and the resource authorization response is sent to the first site server, which is specifically: after the requested user allows authorization, the second site server generates a pair according to the authorization confirmation information. a resource authorization response of the first site server, the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; Transmitting, by the first site server, a resource acquisition request that carries the authorization token, and after verifying the authorization token, sending the shared resource of the requested user to the first site server, so as to enable the The first site server sends the shared resource to the requesting user.
在第三方面, 本发明提供了一种站点服务器, 所述站点服务器包括: 接 收单元, 用于接收第一站点服务器的请求用户发送的资源处理请求, 所述资 源处理请求中携带有第二站点服务器的地址和所述第二站点服务器的被请 求用户的账号, 以及将所述资源处理请求传输给第一处理单元; 第一处理单 元, 用于从所述接收单元接收所述资源处理请求, 根据所述资源处理请求生 成所述资源授权请求, 并将所述资源授权请求发送给所述第二站点服务器; 第二处理单元, 用于当所述被请求用户允许授权后, 接收所述第二站点服务 器发送的资源授权响应, 并根据所述资源授权响应进行资源处理。  In a third aspect, the present invention provides a site server, where the site server includes: a receiving unit, configured to receive a resource processing request sent by a requesting user of a first site server, where the resource processing request carries a second site And the first processing unit is configured to receive the resource processing request from the receiving unit, And generating, by the resource processing request, the resource authorization request, and sending the resource authorization request to the second site server; and the second processing unit is configured to: after the requested user allows authorization, receive the The resource authorization response sent by the second site server, and the resource processing is performed according to the resource authorization response.
在第一种可能的实现方式中, 所述资源处理请求为资源分享请求, 所述 资源授权请求携带有初始流水号、 分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的身份密码。  In a first possible implementation manner, the resource processing request is a resource sharing request, where the resource authorization request carries an initial serial number, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
结合第三方面的第一种可能的实现方式, 在第二种可能的实现方式中, 所述资源授权响应包括授权令牌、 资源分享 URL、 初始流水号, 所述第二处 理单元还用于接收所述第二站点服务器通过所述回调 URL发送的资源授权 响应, 并通过所述资源授权响应中的所述资源分享 URL将所述请求用户的 分享资源发送给所述第二站点服务器, 以使所述被请求用户从所述第二站点 服务器获取所述分享资源并分享所述分享资源。  With reference to the first possible implementation manner of the third aspect, in a second possible implementation manner, the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, where the second processing unit is further configured to: Receiving, by the second site server, a resource authorization response sent by the callback URL, and sending the shared resource of the requesting user to the second site server by using the resource sharing URL in the resource authorization response, to And causing the requested user to acquire the shared resource from the second site server and share the shared resource.
在第三种可能的实现方式中, 所述资源处理请求为资源共享请求, 所述 资源共享请求还携带有所述被请求用户的共享资源名称, 所述资源授权请求 携带有初始流水号、 所述共享资源信息、 所述被请求用户的账号、 回调 URL 和所述第一站点服务器的身份密码。 In a third possible implementation, the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, and the resource authorization request Carrying an initial serial number, the shared resource information, an account of the requested user, a callback URL, and an identity password of the first site server.
结合第三方面的第三种可能的实现方式, 在第四种可能的实现方式中, 所述资源授权响应包括授权令牌、 资源共享 URL、 初始流水号, 所述接收所 述第二站点服务器发送的资源授权响应, 所述第二处理单元还用于接收到所 述第二站点服务器通过所述回调 URL发送的资源授权响应, 且接收到所述 请求用户的资源获取请求时,通过所述资源授权响应中的所述资源分享 URL 向所述第二站点服务器发送携带有所述授权令牌的资源获取请求 , 以及接收 所述第二站点服务器发送的资源获取响应, 并将所述资源获取响应发送给所 述请求用户, 以使所述请求用户获取所述被请求用户的共享资源。  With the third possible implementation of the third aspect, in a fourth possible implementation, the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and the receiving the second site server Sending a resource authorization response, the second processing unit is further configured to receive a resource authorization response sent by the second site server by using the callback URL, and when receiving the resource acquisition request of the requesting user, Sending, by the resource sharing URL in the resource authorization response, a resource acquisition request carrying the authorization token to the second site server, and receiving a resource acquisition response sent by the second site server, and acquiring the resource A response is sent to the requesting user to cause the requesting user to acquire the shared resource of the requested user.
在第四方面, 本发明提供了一种站点服务器, 所述站点服务器包括: 接 收单元, 用于接收第一站点服务器发送的资源授权请求, 所述资源授权请求 是所述第一站点服务器根据接收到所述第一站点服务器的请求用户发送的 资源处理请求后,根据所述资源处理请求生成的针对所述第二站点服务器的 被请求用户的授权请求; 发送单元, 用于对所述第一站点服务器进行身份验 证后, 将所述资源授权请求发送给所述被请求用户; 处理单元, 用于接收所 述请求用户发送的授权确认信息,根据所述授权确认信息生成对所述第一站 点服务器的资源授权响应, 并将所述资源授权响应发送给所述第一站点服务 器, 用以所述第一站点服务器根据所述资源授权响应进行资源处理。  In a fourth aspect, the present invention provides a site server, where the site server includes: a receiving unit, configured to receive a resource authorization request sent by a first site server, where the resource authorization request is received by the first site server according to After the resource processing request sent by the requesting user of the first site server, the authorization request of the requested user for the second site server generated according to the resource processing request; the sending unit, configured to use the first After the site server performs the authentication, the resource authorization request is sent to the requested user; the processing unit is configured to receive the authorization confirmation information sent by the requesting user, and generate, according to the authorization confirmation information, the first site. Responding to the resource authorization of the server, and sending the resource authorization response to the first site server, where the first site server performs resource processing according to the resource authorization response.
在第一种可能的实现方式中, 所述资源处理请求为资源分享请求, 所述 资源授权请求携带有初始流水号、 分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的身份密码。  In a first possible implementation manner, the resource processing request is a resource sharing request, where the resource authorization request carries an initial serial number, shared resource information, an account of the requested user, a callback uniform resource locator URL, and The identity password of the first site server.
结合第四方面的第一种可能的实现方式, 在第二种可能的实现方式中, 所述授权确认信息为所述请求用户允许授权, 所述处理单元还用于当所述被 请求用户允许授权后, 所述第二站点服务器根据所述授权确认信息生成对所 述第一站点服务器的资源授权响应, 所述资源授权响应包括授权令牌、 资源 分享 URL、 初始流水号, 并通过所述回调 URL向所述第一站点服务器发送 资源授权响应; 以及, 接收所述第一站点服务器通过所述资源授权响应中的 所述资源分享 URL发送的所述请求用户的分享资源, 以使所述被请求用户 获取所述分享资源并分享所述分享资源。 在第三种可能的实现方式中, 所述资源处理请求为资源共享请求, 所述 资源共享请求还携带有所述被请求用户的共享资源名称, 所述资源授权请求 携带有唯一事务 ID、所述共享资源信息、所述被请求用户的账号、回调 URL 和所述第一站点服务器的身份密码。 With reference to the first possible implementation manner of the fourth aspect, in a second possible implementation manner, the authorization confirmation information is authorized for the requesting user, and the processing unit is further configured to: when the requested user allows After the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, where the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and Sending a resource authorization response to the first site server; and receiving, by the first site server, the shared resource of the requesting user sent by the resource sharing URL in the resource authorization response, so that the The requested user obtains the shared resource and shares the shared resource. In a third possible implementation manner, the resource processing request is a resource sharing request, where the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries a unique transaction ID and a The shared resource information, the account number of the requested user, the callback URL, and the identity password of the first site server.
结合第一方面的第三种可能的实现方式, 在第四种可能的实现方式中, 所述授权确认信息为所述请求用户允许授权, 所述处理单元还用于当所述被 请求用户允许授权后, 所述第二站点服务器根据所述授权确认信息生成对所 述第一站点服务器的资源授权响应, 所述资源授权响应包括授权令牌、 资源 共享 URL、 初始流水号, 并通过所述回调 URL向所述第一站点服务器发送 资源授权响应; 以及, 当接收所述第一站点服务器发送的携带有所述授权令 牌的资源获取请求, 并对所述授权令牌进行验证后, 向所述第一站点服务器 返回所述被请求用户的共享资源, 以使所述第一站点服务器将所述共享资源 发送给所述请求用户。  In conjunction with the third possible implementation of the first aspect, in a fourth possible implementation, the authorization confirmation information is authorized for the requesting user, and the processing unit is further configured to: when the requested user allows After the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, where the resource authorization response includes an authorization token, a resource sharing URL, an initial serial number, and Transmitting a URL to the first site server to send a resource authorization response; and, after receiving the resource acquisition request that is sent by the first site server and carrying the authorization token, and verifying the authorization token, The first site server returns a shared resource of the requested user, so that the first site server sends the shared resource to the requesting user.
通过应用本发明公开的资源处理方法和站点服务器, 第一站点服务器接 收请求用户发送的资源处理请求, 并根据资源处理请求生成资源授权请求, 以及将资源授权请求发送给第二站点服务器, 当第二站点服务器对第一站点 服务器进行身份验证后, 将资源授权请求发送给被请求用户, 当请求用户同 意授权后, 则第二站点服务器接收请求用户发送的授权确认信息, 并根据授 权确认信息生成对第一站点服务器的资源授权响应, 并将资源授权响应发送 给第一站点服务器, 第一站点服务器接收第二站点服务器发送的资源授权响 应后, 根据该资源授权响应进行资源处理, 从而实现了不同站点服务器间的 资源处理, 并可以广泛应用于跨站网盘、 微博、 SNS联系人、 会议 /日程等 资源的分享和共享。 附图说明  By applying the resource processing method and the site server disclosed by the present invention, the first site server receives the resource processing request sent by the requesting user, generates a resource authorization request according to the resource processing request, and sends the resource authorization request to the second site server, when After the second site server authenticates the first site server, the resource authorization request is sent to the requested user. When the requesting user agrees to the authorization, the second site server receives the authorization confirmation information sent by the requesting user, and generates the authorization confirmation information according to the authorization. Responding to the resource authorization of the first site server, and sending the resource authorization response to the first site server. After receiving the resource authorization response sent by the second site server, the first site server performs resource processing according to the resource authorization response, thereby implementing Resource processing between different site servers, and can be widely used for sharing and sharing resources such as cross-site network disks, microblogs, SNS contacts, conferences/schedules, and the like. DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对实 施例或现有技术描述中所需要使用的附图作简单地介绍, 显而易见地, 下面 描述中的附图仅仅是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性劳动性的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any inventive labor.
图 1为本发明实施例一提供的资源处理方法的流程图;  FIG. 1 is a flowchart of a resource processing method according to Embodiment 1 of the present invention;
图 2为本发明实施例二提供的资源处理方法的流程图; 图 3为本发明实施例三提供的资源处理方法的示意图; 2 is a flowchart of a resource processing method according to Embodiment 2 of the present invention; 3 is a schematic diagram of a resource processing method according to Embodiment 3 of the present invention;
图 4为本发明实施例四提供的资源处理方法的示意图;  4 is a schematic diagram of a resource processing method according to Embodiment 4 of the present invention;
图 5为本发明实施例五提供的站点服务器的示意图;  5 is a schematic diagram of a site server according to Embodiment 5 of the present invention;
图 6为本发明实施例六提供的站点服务器的示意图;  6 is a schematic diagram of a site server according to Embodiment 6 of the present invention;
图 7为本发明实施例七提供的站点服务器的示意图;  7 is a schematic diagram of a site server according to Embodiment 7 of the present invention;
图 8为本发明实施例八提供的站点服务器的示意图。 具体实施方式  FIG. 8 is a schematic diagram of a site server according to Embodiment 8 of the present invention. detailed description
为使本发明实施例的目的、 技术方案和优点更加清楚, 下面将结合本发 明实施例中的附图, 对本发明实施例中的技术方案进行清楚、 完整地描述, 显然, 所描述的实施例是本发明一部分实施例, 而不是全部的实施例。 基于 本发明中的实施例, 本领域普通技术人员在没有作出创造性劳动前提下所获 得的所有其他实施例, 都属于本发明保护的范围。  The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is a partial embodiment of the invention, and not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
本发明公开了一种资源处理方法和站点服务器, 第一站点服务器接收请 求用户发送的资源处理请求, 该资源处理请求包括资源分享请求和资源共享 请求, 并根据资源处理请求生成资源授权请求, 以及将资源授权请求发送给 第二站点服务器, 当第二站点服务器对第一站点服务器进行身份验证后, 将 资源授权请求发送给被请求用户, 当请求用户同意授权后, 则第二站点服务 器接收请求用户发送的授权确认信息, 并根据授权确认信息生成对第一站点 服务器的资源授权响应, 并将资源授权响应发送给第一站点服务器, 第一站 点服务器接收第二站点服务器发送的资源授权响应后,根据该资源授权响应 进行资源处理, 该资源处理包括资源分享和资源共享, 从而实现了不同站点 服务器间的资源处理,所述资源包括但不限于可存储在计算机中的:音视频, 图片, 文字以及各种形式的文件。 本发明实施例的方法可以广泛应用于跨站 网盘、 微博、 SNS 联系人、 会议 /日程等资源的分享和共享, 同时扩展了第 二站点服务器和被请求用户之间的授权方法, 第二站点服务器可以根据自身 与被请求用户之间的通信方式来选择其授权方式。本发明实施例所述的第一 站点服务器和第二站点服务器, 是指归属不同所有者, 或者由不同所有人管 理的服务器, 所述服务器包括一个或者多个资源服务器和 /或者门户服务器 等, 所述不同的站点服务器通常具有不同的域名或者网络标识。  The present invention discloses a resource processing method and a site server. The first site server receives a resource processing request sent by a requesting user, the resource processing request includes a resource sharing request and a resource sharing request, and generates a resource authorization request according to the resource processing request, and Sending the resource authorization request to the second site server, and after the second site server authenticates the first site server, sending the resource authorization request to the requested user, and after requesting the user to approve the authorization, the second site server receives the request. And the authorization confirmation information sent by the user, and generating a resource authorization response to the first site server according to the authorization confirmation information, and sending the resource authorization response to the first site server, where the first site server receives the resource authorization response sent by the second site server Resource processing according to the resource authorization response, the resource processing includes resource sharing and resource sharing, thereby implementing resource processing between different site servers, including but not limited to: sounds that can be stored in the computer: Video, pictures, text and various forms of documents. The method of the embodiment of the present invention can be widely applied to sharing and sharing resources of a cross-site network disk, a microblog, an SNS contact, a conference/schedule, and the like, and an authorization method between the second site server and the requested user, The two-site server can select its authorization mode according to the communication mode between itself and the requested user. The first site server and the second site server in the embodiments of the present invention refer to servers that belong to different owners or are managed by different owners, and the server includes one or more resource servers and/or portal servers. The different site servers typically have different domain names or network identities.
图 1为本发明实施例一提供的资源处理方法的流程图。 如图所示, 本实 施例具体包括以下步骤: FIG. 1 is a flowchart of a resource processing method according to Embodiment 1 of the present invention. As shown in the figure, this is The example specifically includes the following steps:
步骤 110, 第一站点服务器接收该第一站点服务器的请求用户的资源处 理请求。 其中, 接收到的资源处理请求中携带有第二站点服务器的地址、 以 及第二站点服务器的被请求用户的账号。 其中, 第一站点服务器是请求用户 所在的站点服务器, 第二站点服务器是被请求用户所在的站点服务器。  Step 110: The first site server receives a resource processing request of the requesting user of the first site server. The received resource processing request carries the address of the second site server and the account of the requested user of the second site server. The first site server is the site server where the requesting user is located, and the second site server is the site server where the requested user is located.
具体地, 第一站点服务器的请求用户 A登录第一站点服务器, 并发起向 第二站点服务器的被请求用户 B的资源处理请求。该资源处理请求包括资源 分享请求或资源共享请求。在本实施例中, 第一站点服务器的请求用户 A简 称为用户 A, 第二站点服务器的被请求用户 B简称为用户 B, 其他实施例与 此相同, 不再赘述。  Specifically, the requesting user A of the first site server logs in to the first site server and initiates a resource processing request to the requested user B of the second site server. The resource processing request includes a resource sharing request or a resource sharing request. In this embodiment, the requesting user A of the first site server is simply referred to as user A, and the requested user B of the second site server is referred to as user B. The other embodiments are the same, and are not described again.
当用户需要向用户 B发送资源分享请求时, 用户 A会选择其在第一站 点服务器上的资源, 并将该资源分享给在第二站点服务器上具有账户的用户 B。这时,用户 A只需要获知用户 B的账号以及用户 B所在的第二站点服务 器 的 地址 。 比 如 , 用 户 A 获知 的 用 户 B 的 信 息 为 : account_of_b@www.sitey.com , 则第一站点服务器根据该信息确定资源分享 的对象即用户 B的账号为 account— of— b, 以及用户 B所在的第二站点服务器 的地址为 www.sitey.com。  When the user needs to send a resource sharing request to User B, User A selects its resource on the first site server and shares the resource with User B who has an account on the second site server. At this time, User A only needs to know the account of User B and the address of the second site server where User B is located. For example, the information of the user B that the user A knows is: account_of_b@www.sitey.com, and the first site server determines, according to the information, the object of the resource sharing, that is, the account of the user B is account_of-b, and the user B is located. The address of the second site server is www.sitey.com.
当用户需要向用户 B发送资源共享请求时, 用户 A会选择共享用户 B 在第二站点服务器上的资源。 这时, 用户 A除了需要知道用户 B的账号以 及用户 B所在的第二站点服务器的地址之外,还必须知道可共享资源的资源 名称, 而用户 B可能以多种渠道向用户 A透露用户 B的可共享资源名称。 比如, 用户 B可以在电子邮件、 微博、 即时聊天工具中, 将可共享资源路径 发给用户 A, 其中, 第二站点服务器对用户 B提供的共享资源路径方式示例 下:  When the user needs to send a resource sharing request to user B, user A selects the resource shared by user B on the second site server. At this time, in addition to knowing the account of the user B and the address of the second site server where the user B is located, the user A must also know the resource name of the sharable resource, and the user B may disclose the user B to the user A in multiple channels. The name of the sharable resource. For example, user B can send the shareable resource path to user A in the email, microblog, and instant chat tool, where the second site server provides the shared resource path mode provided by user B as follows:
account— of— b@www. sitey.com/networkdisk/sharedPhoto。 从该共享资源路 径中还可以确定用户 B的账号为 account— of— b, 以及用户 B所在的第二站点 月良务器的地址为 www.sitey.com。  Account— of — b@www. sitey.com/networkdisk/sharedPhoto. From the shared resource path, it is also determined that the account of user B is account-of-b, and the address of the second-site server where user B is located is www.sitey.com.
步骤 120, 第一站点服务器根据资源处理请求生成资源授权请求, 并将 资源授权请求发送给所述第二站点服务器, 其中, 第一站点服务器根据第二 站点服务器的地址向第二站点服务器发送资源授权请求。 具体地, 当用户 A的资源处理请求为资源分享请求时, 用户 A所在的 第一站点服务器根据资源分享请求携带的第二站点服务器的地址向该第二 站点服务器发送资源授权请求, 且该资源授权请求携带有初始流水号、 分享 资源信息、用户 B的账号、 回调统一资源定位符(Uniform Resource Locator, URL )和第一站点服务器的身份密码。 其中, 分享资源信息包括以下信息的 一种或多种: 分享资源名称、 分享资源内容大小、 分享资源类型、 以及分享 资源格式等信息。 Step 120: The first site server generates a resource authorization request according to the resource processing request, and sends the resource authorization request to the second site server, where the first site server sends the resource to the second site server according to the address of the second site server. Authorization request. Specifically, when the resource processing request of the user A is a resource sharing request, the first site server where the user A is located sends a resource authorization request to the second site server according to the address of the second site server that is carried by the resource sharing request, and the resource is requested. The authorization request carries the initial serial number, shared resource information, user B's account number, callback Uniform Resource Locator (URL), and the identity code of the first site server. The sharing resource information includes one or more of the following information: sharing a resource name, sharing a resource content size, sharing a resource type, and sharing a resource format.
另外, 当用户 A的资源处理请求为资源共享请求时,该资源共享请求除 了携带有, 第二站点服务器的地址和用户 B 的账号之外, 还携带有用户 B 的共享资源信息,故用户 A所在的第一站点服务器根据资源分享请求携带的 第二站点服务器的地址向该第二站点服务器发送资源授权请求,且该资源授 权请求携带有初始流水号、 用户 B的共享资源名称、 用户 B的账号、 回调 URL和第一站点服务器的身份密码。其中,共享资源信息包括以下信息的一 种或多种: 共享资源名称、 共享资源内容大小、 共享资源类型、 以及共享资 源格式等信息。另夕卜,初始流水号是唯一地标识本次资源授权请求的流水号, 也可称为唯一事务 ID。  In addition, when the resource processing request of the user A is a resource sharing request, the resource sharing request carries the shared resource information of the user B in addition to the address of the second site server and the account of the user B, so the user A The first site server sends a resource authorization request to the second site server according to the address of the second site server that is carried by the resource sharing request, and the resource authorization request carries the initial serial number, the shared resource name of the user B, and the user B. Account number, callback URL, and identity password for the first site server. The shared resource information includes one or more of the following information: a shared resource name, a shared resource content size, a shared resource type, and a shared resource format. In addition, the initial serial number is a serial number that uniquely identifies the current resource authorization request, and may also be referred to as a unique transaction ID.
步骤 130, 当用户 B允许授权后, 第一站点服务器接收第二站点服务器 发送的资源授权响应, 并根据该资源授权响应进行资源处理。  Step 130: After the user B permits the authorization, the first site server receives the resource authorization response sent by the second site server, and performs resource processing according to the resource authorization response.
具体地, 对于分享来说, 第二站点服务器返回第一站点服务器的资源授 权响应包括授权令牌、 资源分享 URL、 初始流水号, 当第一站点服务器接收 到第二站点服务器通过回调 URL发送的资源授权响应后, 再通过资源授权 响应中携带的资源分享 URL将用户 A的分享资源发送给第二站点服务器, 以使用户 B从第二站点服务器获取用户 A的分享资源并分享该分享资源。  Specifically, for sharing, the resource authorization response of the second site server returning to the first site server includes an authorization token, a resource sharing URL, and an initial serial number, when the first site server receives the second site server and sends the message through the callback URL. After the resource authorization response, the user A's shared resource is sent to the second site server through the resource sharing URL carried in the resource authorization response, so that the user B obtains the user A's shared resource from the second site server and shares the shared resource.
同理, 对于共享来说, 第二站点服务器返回第一站点服务器的资源授权 响应包括授权令牌、 资源共享 URL、 初始流水号, 当第一站点服务器接收到 第二站点服务器通过回调 URL发送的资源授权响应, 且接收到用户 A发送 的资源获取请求时, 通过资源授权响应中携带的资源分享 URL向第二站点 服务器发送携带有授权令牌的资源获取请求; 经过第二站点服务器对授权令 牌验证通过后, 第一站点服务器会接收到第二站点服务器发送的资源获取响 应, 并将该资源获取响应发送给用户 A, 以使用户 A获取所用户 B的共享 资源。 Similarly, for sharing, the resource authorization response of the second site server returning to the first site server includes an authorization token, a resource sharing URL, and an initial serial number, when the first site server receives the second site server and sends the message through the callback URL. When the resource authorization response is received, and the resource acquisition request sent by the user A is received, the resource sharing request carrying the authorization token is sent to the second site server by using the resource sharing URL carried in the resource authorization response; After the card verification is passed, the first site server receives the resource acquisition response sent by the second site server, and sends the resource acquisition response to the user A, so that the user A obtains the sharing of the user B. Resources.
因此, 本发明实施例提供的资源处理方法, 第一站点服务器接收请求用 户发送的资源处理请求, 该资源处理请求包括资源分享请求和资源共享请 求, 并根据资源处理请求生成资源授权请求, 以及将资源授权请求发送给第 二站点服务器, 当第二站点服务器对第一站点服务器进行身份验证后, 将资 源授权请求发送给被请求用户, 当被请求用户同意授权后, 接收第二站点服 务器发送的资源授权响应后, 并根据该资源授权响应进行资源处理, 该资源 处理包括资源分享和资源共享, 从而实现了不同站点服务器间的资源处理。  Therefore, the resource processing method provided by the embodiment of the present invention, the first site server receives a resource processing request sent by the requesting user, the resource processing request includes a resource sharing request and a resource sharing request, and generates a resource authorization request according to the resource processing request, and The resource authorization request is sent to the second site server. After the second site server authenticates the first site server, the resource authorization request is sent to the requested user, and when the requested user agrees to authorize, the second site server sends the second site server. After the resource authorization response, the resource processing is performed according to the resource authorization response, and the resource processing includes resource sharing and resource sharing, thereby realizing resource processing between different site servers.
图 2为本发明实施例二提供的资源处理方法的流程图。 如图所示, 本实 施例具体包括以下步骤:  FIG. 2 is a flowchart of a resource processing method according to Embodiment 2 of the present invention. As shown in the figure, the embodiment specifically includes the following steps:
步骤 210, 第二站点服务器接收第一站点服务器发送的资源授权请求。 其中, 资源授权请求是第一站点服务器根据接收到第一站点服务器的请求用 户发送的资源处理请求后,根据资源处理请求生成的针对述第二站点服务器 的被请求用户的授权请求。 在这里, 第一站点服务器是请求用户所在的站点 服务器, 第二站点服务器是被请求用户所在的站点服务器。  Step 210: The second site server receives the resource authorization request sent by the first site server. The resource authorization request is an authorization request of the requested user of the second site server generated according to the resource processing request after the first site server receives the resource processing request sent by the user of the first site server. Here, the first site server is the site server where the requesting user is located, and the second site server is the site server where the requested user is located.
步骤 220, 当所述第二站点服务器对所述第一站点服务器进行身份验证 后, 将接收到的资源授权请求发送给被请求用户。 其中, 第二站点服务器可 以根据资源授权请求中携带的第一站点服务器的身份密码对第一站点服务 器进行身份验证。  Step 220: After the second site server authenticates the first site server, send the received resource authorization request to the requested user. The second site server may authenticate the first site server according to the identity code of the first site server carried in the resource authorization request.
具体地,第二站点服务器根据其被请求用户即用户 B在自身站点服务器 上的注册账号, 将接收到的资源授权请求发送用户 B。 其发送方式有很多, 比 ^口:  Specifically, the second site server sends the received resource authorization request to the user B according to the registered user account of the requested user, that is, the user B on the own site server. There are many ways to send it, than the mouth:
如果用户 B注册的是 Email, 就以 Email的方式发送资源授权请求; 如果用户 B注册的是手机号码,就以下发短信或彩信的方式发送资源授 权请求;  If the user B is registered with the email, the resource authorization request is sent by means of email; if the user B is registered with the mobile phone number, the resource authorization request is sent by sending the short message or the multimedia message;
如果用户 B注册的是即时聊天服务器,就以发系统消息的方式发送资源 授权请求;  If the user B is registered as a live chat server, the resource authorization request is sent by sending a system message;
如果用户 B注册的是 BBS站点服务器、 微博服务器等, 就以发站内消 息的方式发送资源授权请求。  If the user B is registered with the BBS site server, the microblog server, etc., the resource authorization request is sent in the manner of sending the message in the station.
步骤 230, 第二站点服务器接收请求用户发送的授权确认信息, 根据该 授权确认信息生成对第一站点服务器的资源授权响应, 并将该资源授权响应 发送给第一站点服务器, 用以第一站点服务器根据所述资源授权响应进行资 源处理。 Step 230, the second site server receives the authorization confirmation information sent by the requesting user, according to the The authorization confirmation information generates a resource authorization response to the first site server, and sends the resource authorization response to the first site server, where the first site server performs resource processing according to the resource authorization response.
上述步骤 210中, 第一站点服务器的请求用户发送的资源处理请求分为 两种: 资源分享请求和资源共享请求。 则本发明实施例提供的资源处理方法 具体为:  In the above step 210, the resource processing request sent by the requesting user of the first site server is divided into two types: a resource sharing request and a resource sharing request. The resource processing method provided by the embodiment of the present invention is specifically:
( 1 ) 当第一站点服务器的请求用户发送的资源处理请求为资源分享请 求时, 第一站点服务器根据该资源分享请求生成针对第二站点服务器的被请 求用户的资源授权请求, 其携带有唯一事务 ID、 分享资源信息、被请求用户 的账号、 回调 URL和第一站点服务器的身份密码。  (1) When the resource processing request sent by the requesting user of the first site server is a resource sharing request, the first site server generates a resource authorization request for the requested user of the second site server according to the resource sharing request, which carries the unique Transaction ID, shared resource information, the account of the requested user, the callback URL, and the identity password of the first site server.
当第二站点服务器接收到资源授权请求后 ,根据该资源授权请求中携带 的第一站点服务器的身份密码对第一站点服务器进行身份验证后, 将该资源 授权请求发送给被请求用户;  After receiving the resource authorization request, the second site server sends the resource authorization request to the requested user after authenticating the first site server according to the identity password of the first site server carried in the resource authorization request;
接收请求用户发送的授权确认信息, 该授权确认信息说明请求用户已经 允许授权, 当被请求用户允许授权后, 第二站点服务器根据授权确认信息生 成对第一站点服务器的资源授权响应, 该资源授权响应包括授权令牌、 资源 分享 URL、 初始流水号, 并通过回调 URL向所述第一站点服务器发送资源 授权响应。  Receiving the authorization confirmation information sent by the requesting user, the authorization confirmation information indicating that the requesting user has allowed the authorization, and after the requested user permits the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, the resource authorization The response includes an authorization token, a resource sharing URL, an initial serial number, and a resource authorization response is sent to the first site server via a callback URL.
接收第一站点服务器通过资源授权响应中的资源分享 URL发送的请求 用户的分享资源, 以使被请求用户获取该分享资源并进行分享。  Receiving, by the first site server, the shared resource of the request sent by the resource sharing URL in the resource authorization response, so that the requested user obtains the shared resource and shares the same.
( 2 ) 当第一站点服务器的请求用户发送的资源处理请求为资源共享请 求时, 第一站点服务器根据该资源共享请求生成针对第二站点服务器的被请 求用户的资源授权请求, 其携带有唯一事务 ID、 所述共享资源信息、 所述被 请求用户的账号、 回调 URL和所述第一站点服务器的身份密码。  (2) when the resource processing request sent by the requesting user of the first site server is a resource sharing request, the first site server generates a resource authorization request for the requested user of the second site server according to the resource sharing request, which carries the unique a transaction ID, the shared resource information, an account of the requested user, a callback URL, and an identity password of the first site server.
当第二站点服务器接收到资源授权请求后 ,根据该资源授权请求中携带 的第一站点服务器的身份密码对第一站点服务器进行身份验证后, 将该资源 授权请求发送给被请求用户;  After receiving the resource authorization request, the second site server sends the resource authorization request to the requested user after authenticating the first site server according to the identity password of the first site server carried in the resource authorization request;
接收请求用户发送的授权确认信息, 该授权确认信息说明请求用户已经 允许授权, 当所述被请求用户允许授权后, 第二站点服务器根据授权确认信 息生成对第一站点服务器的资源授权响应, 该资源授权响应包括授权令牌、 资源共享 URL、 初始流水号, 并通过回调 URL向述第一站点服务器发送资 源 4受权响应。 Receiving the authorization confirmation information sent by the requesting user, the authorization confirmation information indicating that the requesting user has allowed the authorization, and after the requested user allows the authorization, the second site server generates a resource authorization response to the first site server according to the authorization confirmation information, The resource authorization response includes an authorization token, The resource share URL, the initial serial number, and the resource 4 authorized response is sent to the first site server through the callback URL.
当接收第一站点服务器发送的携带有授权令牌的资源获取请求 , 并对授 权令牌进行验证后, 向第一站点服务器发送被请求用户的共享资源, 以使第 一站点服务器将共享资源发送给请求用户,从而请求用户能够获得被请求用 户的共享资源。  After receiving the resource acquisition request that is sent by the first site server and carrying the authorization token, and verifying the authorization token, sending the shared resource of the requested user to the first site server, so that the first site server sends the shared resource. The requesting user is given, thereby requesting the user to obtain the shared resources of the requested user.
因此, 本发明实施例提供的资源处理方法, 第二站点服务器接收第一站 点服务器发送的资源授权请求, 当第二站点服务器对第一站点服务器进行身 份验证后, 将资源授权请求发送给被请求用户, 并接收被请求用户发送的授 权确认信息, 并根据授权确认信息生成对第一站点服务器的资源授权响应, 并将资源授权响应发送给第一站点服务器, 用以第一站点服务器根据所述资 源授权响应进行资源处理, 该资源处理包括资源分享或资源共享, 从而实现 了不同站点服务器间的资源处理。  Therefore, in the resource processing method provided by the embodiment of the present invention, the second site server receives the resource authorization request sent by the first site server, and after the second site server authenticates the first site server, sends the resource authorization request to the requested request. Receiving, by the user, the authorization confirmation information sent by the requested user, and generating a resource authorization response to the first site server according to the authorization confirmation information, and sending the resource authorization response to the first site server, where the first site server is configured according to the The resource authorization response performs resource processing, and the resource processing includes resource sharing or resource sharing, thereby realizing resource processing between different site servers.
图 3为本发明实施例三提供的资源处理方法的示意图。该实施例为用户 之间的跨站资源分享。 其中, 假设请求用户 Bob和被请求用户 Alice分别在 网盘服务器 X (即第一站点服务器)和网盘服务器 Y (即第二站点服务器) 上有帐户, 账号名称分别是 Bob和 Alice。 Bob选择其网盘中的部分内容, 分享给 Alice , 在 Alice同意授权后, Bob将网盘中内容被传送到 Alice的网 盘中。 如图所示, 本实施例具体包括以下步骤:  FIG. 3 is a schematic diagram of a resource processing method according to Embodiment 3 of the present invention. This embodiment is a cross-site resource sharing between users. It is assumed that the requesting user Bob and the requested user Alice have accounts on the network disk server X (ie, the first site server) and the network disk server Y (ie, the second site server), respectively, and the account names are Bob and Alice, respectively. Bob selects some of the contents of his network disk and shares it with Alice. After Alice agrees to authorize, Bob transfers the contents of the network disk to Alice's network disk. As shown in the figure, the embodiment specifically includes the following steps:
步骤 310 , 请求用户 Bob向第一站点服务器发送资源处理请求。 其中, Step 310: Request the user Bob to send a resource processing request to the first site server. among them,
Bob 使用终端设备登陆网盘服务器 X 后, 需要选择部分网盘内容分享给 Alice , 其分享对象为 alice@www.sitey.com。 After Bob uses the terminal device to log in to the network disk server X, he needs to select some of the network disk contents to share with Alice, and the sharing object is alice@www.sitey.com.
步骤 320 , 网盘服务器 X, 解析 Bob的分享对象, 构造发给网盘服务器 Y的资源授权请求, 并将该资源授权请求发给网盘服务器丫。 其中, 资源授 权请求包括: 初始流水号 (transld ),分享资源名称、 分享用户账号( alice )、 回调 URL、 网盘服务器 X的身份密码(password )。 另外, 为了传输考虑, 还可以附加上分享资源内容的大小、 类型、 格式等信息。  Step 320: The network disk server X parses the shared object of the Bob, constructs a resource authorization request sent to the network disk server Y, and sends the resource authorization request to the network disk server. The resource authorization request includes: an initial serial number (transld), a shared resource name, a shared user account (alice), a callback URL, and an identity password (password) of the network disk server X. In addition, for transmission considerations, information such as the size, type, format, and the like of the shared resource content may be added.
步骤 330 ,网盘服务器 Y给 Alice发送请求授权邮件给 Alice注册的邮箱, 例如, alice(g).exa. mplemail.com , 并在该由 牛中发送同意授权链接, 当 Alice 点击链接后, 则触发到网盘服务器 Y, 表示 Alice同意了授权。 在本实施例 中, 该请求授权过程是以发送邮件的形式完成的。 但是, 该请求授权过程并 不局限于邮件, 还可以是短信, 站内通知等形式完成。 Step 330, the network disk server Y sends Alice a request authorization email to Alice registered mailbox, for example, alice(g).exa. mplemail.com, and sends a consent authorization link in the cow, when Alice clicks the link, then Triggered to the network disk server Y, indicating that Alice agreed to the authorization. In this embodiment The request authorization process is completed in the form of sending an email. However, the request authorization process is not limited to mail, but can also be completed in the form of short messages, in-site notifications, and the like.
步骤 340 , 当 Alice登陆她的邮箱后, 浏览请求授权邮件, 选择同意或 者不同意授权; 若 Alice同意授权, 点击同意链接, 触发到网盘服务器 Y;  Step 340, when Alice logs in to her mailbox, browses the request authorization email, selects consent or does not agree to the authorization; if Alice agrees to authorize, click the consent link to trigger to the network disk server Y;
步骤 350 , 网盘服务器 Y为网盘服务器 X生成资源授权响应, 该资源授 权响应包括授权令牌 ( Access Token )、 资源分享 URL、 初始流水号, 并将该 资源授权响应回调给网盘服务器 X。 其中, 授权令牌还包括其有效期。  Step 350: The network disk server Y generates a resource authorization response for the network disk server X. The resource authorization response includes an authorization token (Access Token), a resource sharing URL, an initial serial number, and the resource authorization response is returned to the network disk server X. . The authorization token also includes its validity period.
步骤 360 , 网盘服务器 X将 Bob分享的内容上传给网盘服务器 Y, 并携 带有步骤 350中的授权令牌。  Step 360: The network disk server X uploads the content shared by the Bob to the network disk server Y, and carries the authorization token in step 350.
步骤 370 , 当 Alice之后登陆网盘服务其 Y时, 可以浏览下载 Bob分享 内容。  Step 370, when Alice logs in to the network disk to serve its Y, it can browse and download the content shared by Bob.
图 4为本发明实施例四提供的资源处理方法的示意图。该实施例为用户 之间的跨站资源共享。 其中, 假设请求用户 Bob和被请求用户 Alice分别在 网盘服务器 X (即第一站点服务器)上和网盘服务器 Y (即第二站点服务器) 上有帐户,账号名称分别是 bob和 alice。 Bob知道 Alice的可共享资源名称: alice@www.sitey.com/networkdisk/sharedPhotos。 Bob在网盘月良务器 X上请求 Alice共享资源。 网盘服务器 X请求网盘服务器 Y授权, Y以消息的方式, 比如, 邮件(Email )、 短信、 站内通知、 系统留言等方式, 请求 Alice授权, 当 Alice同意授权后,Υ将 Alice的网盘资源共享路径,连同授权令牌( Access Token ) —起回调给网盘服务器 X。 最后, Bob可以通过网盘服务器 X浏览 Alice的共享资源。 如图所示, 本实施例具体包括以下步骤:  FIG. 4 is a schematic diagram of a resource processing method according to Embodiment 4 of the present invention. This embodiment is a cross-site resource sharing between users. It is assumed that the requesting user Bob and the requested user Alice have accounts on the network disk server X (ie, the first site server) and the network disk server Y (ie, the second site server), respectively, and the account names are bob and alice, respectively. Bob knows Alice's shareable resource name: alice@www.sitey.com/networkdisk/sharedPhotos. Bob requests Alice to share resources on the network server. The network disk server X requests the network disk server Y to authorize, Y requests the Alice authorization by means of a message, for example, an email (email), a short message, a station notification, a system message, etc., and when Alice agrees to authorize, Alice's network disk The resource sharing path, together with the authorization token (Access Token), is called back to the network disk server X. Finally, Bob can browse Alice's shared resources through the network disk server X. As shown in the figure, the embodiment specifically includes the following steps:
步骤 410 , Bob使用终端设备登陆网盘服务器 X后,发起资源共享请求。  Step 410: Bob initiates a resource sharing request after logging in to the network disk server X by using the terminal device.
Alice 在网盘服务器 Y 上的共享资源, 比如,
Figure imgf000015_0001
Alice's shared resources on the network disk server Y, for example,
Figure imgf000015_0001
Y的资源授权请求, 并将该资源授权请求发给网盘服务器丫。 其中, 资源授 权 请 求 包 括 : 初 始 流 水 号 ( transld ) , 共 享 资 源 名 称 ( /networkdisk/sharedPhotos ), 共享用户账号( alice )、 回调 URL、 网盘服务 器 X的身份密码(password )。 另外, 为了传输考虑, 还可以附加上共享资 源内容的大小、 类型、 格式等信息; 步骤 430 ,网盘服务器 Υ给 Alice发送请求授权邮件给 Alice注册的邮箱 , 例如, alice@examplemail.como 并在邮件中发送同意授权链接, 当 Alice点 击链接, 触发到网盘服务器 Y, 表示 Alice同意了授权。 在本实施例中, 该 请求授权过程是以发送邮件的形式完成的。 但是, 该请求授权过程并不局限 于邮件, 还可以是短信, 站内通知等形式完成。 Y's resource authorization request, and the resource authorization request is sent to the network disk server. The resource authorization request includes: an initial serial number (transld), a shared resource name (/networkdisk/sharedPhotos), a shared user account (alice), a callback URL, and an identity password (password) of the network disk server X. In addition, for transmission considerations, information such as the size, type, format, and the like of the shared resource content may be added; Step 430: The network disk server sends Alice a request authorization email to Alice's registered email address, for example, alice@examplemail.como and sends a consent authorization link in the email. When Alice clicks the link, it triggers the network disk server Y, indicating that Alice agrees. Authorized. In this embodiment, the request authorization process is completed in the form of sending an email. However, the request authorization process is not limited to mail, but can also be completed in the form of short messages, in-site notifications, and the like.
步骤 440, Alice登陆其邮箱后, 浏览请求授权邮件, 选择同意或者不同 意授权;  Step 440, after Alice logs in to his mailbox, browses the request authorization email, selects consent or does not agree to the authorization;
步骤 450, Alice同意授权, 点击同意链接, 触发到网盘服务器 Y;  Step 450, Alice agrees to authorize, clicks the consent link, triggers to the network disk server Y;
步骤 460, 网盘服务器 Y为网盘服务器 X生成资源授权响应, 该资源授 权响应包括授权令牌 ( Access Token )、 资源共享 URL、 初始流水号, 并将该 资源授权响应回调给网盘服务器 X。 其中, 授权令牌还包括其有效期。  Step 460: The network disk server Y generates a resource authorization response for the network disk server X. The resource authorization response includes an authorization token (Access Token), a resource sharing URL, an initial serial number, and the resource authorization response is returned to the network disk server X. . The authorization token also includes its validity period.
步骤 470, Bob向网盘服务器 X查询共享的资源, X列出当前已经授权 过的共享资源列表。  In step 470, Bob queries the network disk server X for the shared resource, and X lists the shared resource list that has been authorized.
步骤 480, 当 Bob浏览已经授权的共享资源时, 网盘服务器 X从网盘服 务器 Y提供的资源共享 URL获取共享资源, 并且携带有授权令牌 ( Access Token )。 网盘服务器 Y要对网盘服务器 X携带的 Access Token做合法性校 验, 如果通过, 则给网盘服务器 X返回共享资源。  Step 480: When Bob browses the authorized shared resource, the network disk server X acquires the shared resource from the resource sharing URL provided by the network disk server Y, and carries an access token (Access Token). The network disk server Y needs to verify the validity of the Access Token carried by the network disk server X. If it passes, it returns the shared resource to the network disk server X.
图 5为本发明实施例五提供的站点服务器的示意图。 该站点服务器是请 求用户所在的站点服务器, 被定义为第一站点服务器, 用于执行本发明实施 例一至四提供的资源处理方法。 如图所示, 本发明实施例具体包括: 接收单 元 51、 第一处理单元 52和第二处理单元 53。  FIG. 5 is a schematic diagram of a site server according to Embodiment 5 of the present invention. The site server is a site server where the requesting user is located, and is defined as a first site server for performing the resource processing methods provided in Embodiments 1 to 4 of the present invention. As shown in the figure, the embodiment of the present invention specifically includes: a receiving unit 51, a first processing unit 52, and a second processing unit 53.
接收单元 51用于接收第一站点服务器的请求用户发送的资源处理请求, 所述资源处理请求中携带有第二站点服务器的地址和所述第二站点服务器 的被请求用户的账号, 以及将所述资源处理请求传输给第一处理单元 52; 第 一处理单元 52用于从所述接收单元接收所述资源处理请求, 根据所述资源 处理请求生成所述资源授权请求, 并将所述资源授权请求发送给所述第二站 点服务器; 第二处理单元 53用于当所述被请求用户允许授权后, 接收所述 第二站点服务器发送的资源授权响应, 并根据所述资源授权响应进行资源处 理。  The receiving unit 51 is configured to receive a resource processing request sent by the requesting user of the first site server, where the resource processing request carries an address of the second site server and an account of the requested user of the second site server, and the The resource processing request is transmitted to the first processing unit 52; the first processing unit 52 is configured to receive the resource processing request from the receiving unit, generate the resource authorization request according to the resource processing request, and authorize the resource Sending a request to the second site server; the second processing unit 53 is configured to: after the requested user allows authorization, receive a resource authorization response sent by the second site server, and perform resource processing according to the resource authorization response. .
在一个实施例中, 所述资源处理请求为资源分享请求, 所述资源授权请 求携带有唯一事务 ID、 分享资源信息、 所述被请求用户的账号、 回调统一资 源定位符 URL和所述第一站点服务器的身份密码。 所述资源授权响应包括 授权令牌、 资源分享 URL、 初始流水号, 第二处理单元 53还用于接收所述 第二站点服务器通过所述回调 URL发送的资源授权响应, 并通过所述资源 授权响应中的所述资源分享 URL将所述请求用户的分享资源发送给所述第 二站点服务器, 以使所述被请求用户从所述第二站点服务器获取所述分享资 源并分享所述分享资源。 In an embodiment, the resource processing request is a resource sharing request, and the resource authorization is requested. The request carries a unique transaction ID, shared resource information, an account of the requested user, a callback Uniform Resource Locator URL, and an identity password of the first site server. The resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number. The second processing unit 53 is further configured to receive a resource authorization response sent by the second site server by using the callback URL, and authorize the resource by using the resource. Transmitting, by the resource sharing URL in the response, the shared resource of the requesting user to the second site server, so that the requested user obtains the shared resource from the second site server and shares the shared resource .
另一个实施例中, 所述资源处理请求为资源共享请求, 所述资源共享请 求还携带有所述被请求用户的共享资源名称, 所述资源授权请求携带有唯一 事务 ID、 所述共享资源信息、 所述被请求用户的账号、 回调 URL和所述第 一站点服务器的身份密码。所述资源授权响应包括授权令牌、资源共享 URL、 初始流水号, 所述接收所述第二站点服务器发送的资源授权响应, 第二处理 单元 53还用于接收到所述第二站点服务器通过所述回调 URL发送的资源授 权响应, 且接收到所述请求用户的资源获取请求时, 通过所述资源授权响应 中的所述资源分享 URL向所述第二站点服务器发送携带有所述授权令牌的 资源获取请求, 以及接收所述第二站点服务器发送的资源获取响应, 并将所 述资源获取响应发送给所述请求用户, 以使所述请求用户获取所述被请求用 户的共享资源。  In another embodiment, the resource processing request is a resource sharing request, and the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries a unique transaction ID and the shared resource information. The account of the requested user, the callback URL, and the identity password of the first site server. The resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and the receiving the resource authorization response sent by the second site server, where the second processing unit 53 is further configured to receive the second site server. The resource authorization response sent by the callback URL, and when the resource acquisition request of the requesting user is received, the resource sharing URL in the resource authorization response is sent to the second site server to carry the authorization order. a resource acquisition request of the card, and receiving a resource acquisition response sent by the second site server, and sending the resource acquisition response to the requesting user, so that the requesting user acquires the shared resource of the requested user.
因此, 本发明实施例提供的站点服务器, 通过接收请求用户发送的资源 处理请求, 该资源处理请求包括资源分享请求和资源共享请求, 并根据资源 处理请求生成资源授权请求, 以及将资源授权请求发送给第二站点服务器, 当第二站点服务器对第一站点服务器进行身份验证后,将资源授权请求发送 给被请求用户, 当请求用户同意授权后, 接收第二站点服务器发送的资源授 权响应后, 并根据该资源授权响应进行资源处理, 该资源处理包括资源分享 和资源共享, 从而实现了不同站点服务器间的资源处理, 并可以广泛应用于 跨站网盘、 微博、 SNS联系人、 会议 /日程等资源的分享和共享。  Therefore, the site server provided by the embodiment of the present invention receives the resource processing request sent by the requesting user, the resource processing request includes a resource sharing request and a resource sharing request, and generates a resource authorization request according to the resource processing request, and sends the resource authorization request. Giving the second site server, after the second site server authenticates the first site server, sending a resource authorization request to the requested user, and after receiving the resource authorization response sent by the second site server, after requesting the user to approve the authorization, And performing resource processing according to the resource authorization response, the resource processing includes resource sharing and resource sharing, thereby realizing resource processing between different site servers, and can be widely applied to cross-site network disks, microblogs, SNS contacts, conferences/ Sharing and sharing of resources such as schedules.
图 6为本发明实施例六提供的站点服务器的示意图。 该站点服务器是被 请求用户所在的站点服务器, 被定义为第二站点服务器, 用于执行本发明实 施例一至四提供的资源处理方法。 如图所示, 本发明实施例具体包括: 接收 单元 61、 发送单元 62和处理单元 63。 接收单元 61 用于接收第一站点服务器发送的资源授权请求, 所述资源 授权请求是所述第一站点服务器根据接收到所述第一站点服务器的请求用 户发送的资源处理请求后,根据所述资源处理请求生成的针对所述第二站点 服务器的被请求用户的授权请求; 发送单元 62用于对所述第一站点服务器 进行身份验证后,将所述资源授权请求发送给所述被请求用户; 处理单元 63 用于接收所述请求用户发送的授权确认信息 ,根据所述授权确认信息生成对 所述第一站点服务器的资源授权响应, 并将所述资源授权响应发送给所述第 一站点服务器, 用以所述第一站点服务器根据所述资源授权响应进行资源处 理。 其中, 所述发送单元 62还用于根据所述第一站点服务器的身份密码对 所述第一站点服务器进行身份验证后, 将所述资源授权请求发送给所述被请 求用户。 FIG. 6 is a schematic diagram of a site server according to Embodiment 6 of the present invention. The site server is a site server where the requested user is located, and is defined as a second site server, and is used to perform the resource processing method provided in Embodiments 1 to 4 of the present invention. As shown in the figure, the embodiment of the present invention specifically includes: a receiving unit 61, a sending unit 62, and a processing unit 63. The receiving unit 61 is configured to receive a resource authorization request sent by the first site server, where the resource authorization request is after the first site server receives the resource processing request sent by the user of the first site server, according to the The resource processing request generates an authorization request for the requested user of the second site server; the sending unit 62 is configured to send the resource authorization request to the requested user after authenticating the first site server The processing unit 63 is configured to receive the authorization confirmation information sent by the requesting user, generate a resource authorization response to the first site server according to the authorization confirmation information, and send the resource authorization response to the first site. And a server, configured to perform resource processing according to the resource authorization response by the first site server. The sending unit 62 is further configured to send the resource authorization request to the requested user after performing identity verification on the first site server according to the identity password of the first site server.
在一个实施例中, 所述资源处理请求为资源分享请求, 所述资源授权请 求携带有唯一事务 ID、 分享资源信息、 所述被请求用户的账号、 回调统一资 源定位符 URL和所述第一站点服务器的身份密码。 所述授权确认信息为所 述请求用户允许授权, 所述处理单元 63还用于当所述被请求用户允许授权 后, 所述第二站点服务器根据所述授权确认信息生成对所述第一站点服务器 的资源授权响应, 所述资源授权响应包括授权令牌、 资源分享 URL、 初始流 水号, 并通过所述回调 URL向所述第一站点服务器发送资源授权响应; 以 及,接收所述第一站点服务器通过所述资源授权响应中的所述资源分享 URL 发送的所述请求用户的分享资源, 以使所述被请求用户获取所述分享资源并 分享所述分享资源。  In an embodiment, the resource processing request is a resource sharing request, where the resource authorization request carries a unique transaction ID, shared resource information, an account of the requested user, a callback uniform resource locator URL, and the first The identity password of the site server. The authorization confirmation information is that the requesting user allows the authorization, and the processing unit 63 is further configured to: after the requested user allows the authorization, the second site server generates, according to the authorization confirmation information, the first site. a resource authorization response of the server, the resource authorization response including an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; and receiving the first site And the server shares the shared resource of the requesting user sent by the resource sharing URL in the resource authorization response, so that the requested user acquires the shared resource and shares the shared resource.
另一个实施例中, 所述资源处理请求为资源共享请求, 所述资源共享请 求还携带有所述被请求用户的共享资源名称, 所述资源授权请求携带有唯一 事务 ID、 所述共享资源信息、 所述被请求用户的账号、 回调 URL和所述第 一站点服务器的身份密码。 所述授权确认信息为所述请求用户允许授权, 所 述处理单元 63还用于当所述被请求用户允许授权后, 所述第二站点服务器 根据所述授权确认信息生成对所述第一站点服务器的资源授权响应, 所述资 源授权响应包括授权令牌、 资源共享 URL、 初始流水号, 并通过所述回调 URL向所述第一站点服务器发送资源授权响应; 以及, 当接收所述第一站点 服务器发送的携带有所述授权令牌的资源获取请求, 并对所述授权令牌进行 验证后, 向所述第一站点服务器发送所述被请求用户的共享资源, 以使所述 第一站点服务器将所述共享资源发送给所述请求用户。 In another embodiment, the resource processing request is a resource sharing request, and the resource sharing request further carries a shared resource name of the requested user, where the resource authorization request carries a unique transaction ID and the shared resource information. The account of the requested user, the callback URL, and the identity password of the first site server. The authorization confirmation information is that the requesting user allows the authorization, and the processing unit 63 is further configured to: after the requested user allows the authorization, the second site server generates, according to the authorization confirmation information, the first site. a resource authorization response of the server, the resource authorization response including an authorization token, a resource sharing URL, an initial serial number, and sending a resource authorization response to the first site server by using the callback URL; and, when receiving the first a resource acquisition request sent by the site server carrying the authorization token, and performing the authorization token After the verification, the shared resource of the requested user is sent to the first site server, so that the first site server sends the shared resource to the requesting user.
因此, 本发明实施例提供的第二站点服务器, 通过接收第一站点服务器 发送的资源授权请求, 当第二站点服务器对第一站点服务器进行身份验证 后, 将资源授权请求发送给被请求用户, 并接收被请求用户发送的授权确认 信息, 并根据授权确认信息生成对第一站点服务器的资源授权响应, 并将资 源授权响应发送给第一站点服务器, 用以第一站点服务器根据所述资源授权 响应进行资源处理, 该资源处理包括资源分享或资源共享, 从而实现了不同 站点服务器间的资源处理,并可以广泛应用于跨站网盘、微博、 SNS联系人、 会议 /日程等资源的分享和共享,同时扩展了第二站点服务器和被请求用户之 间的授权方法, 第二站点服务器可以根据自身与被请求用户之间的通信方式 来选择其授权方式。  Therefore, the second site server provided by the embodiment of the present invention receives the resource authorization request sent by the first site server, and sends the resource authorization request to the requested user after the second site server authenticates the first site server. And receiving the authorization confirmation information sent by the requested user, and generating a resource authorization response to the first site server according to the authorization confirmation information, and sending the resource authorization response to the first site server, where the first site server is authorized according to the resource In response to resource processing, the resource processing includes resource sharing or resource sharing, thereby realizing resource processing between different site servers, and can be widely applied to sharing resources of cross-site network disks, microblogs, SNS contacts, conferences/schedules, and the like. And sharing, while expanding the authorization method between the second site server and the requested user, the second site server can select its authorization mode according to the communication mode between itself and the requested user.
图 7为本发明实施例七提供的站点服务器的示意图。 该站点服务器是请 求用户所在的站点服务器, 被定义为第一站点服务器, 用于执行本发明实施 例一至四提供的资源处理方法。 如图所示, 本实施例提供的第一站点服务器 包括: 站点服务器端口 71、 处理器 72和存储器 77。 站点服务器总线 74用 于连接站点服务器端口 71、 处理器 72和存储器 77。  FIG. 7 is a schematic diagram of a site server according to Embodiment 7 of the present invention. The site server is a site server where the requesting user is located, and is defined as a first site server for performing the resource processing methods provided in Embodiments 1 to 4 of the present invention. As shown, the first site server provided in this embodiment includes: a site server port 71, a processor 72, and a memory 77. The site server bus 74 is used to connect the site server port 71, the processor 72, and the memory 77.
所述站点服务器端口 71 可以分别与请求用户、 被请求用户所在的第二 站点服务器相连接。  The site server port 71 can be connected to the requesting user and the second site server where the requested user is located, respectively.
存储器 77可以是永久存储器, 例如硬盘驱动器和闪存, 存储器 77中具 有软件模块和设备驱动程序。软件模块能够执行本发明上述方法的各种功能 模块; 设备驱动程序可以是网络和接口驱动程序。  The memory 77 can be a persistent storage such as a hard disk drive and a flash memory having a software module and a device driver. The software modules are capable of executing the various functional modules of the above described method of the present invention; the device drivers can be network and interface drivers.
在启动时, 这些软件组件被加载到存储器 77中, 然后被处理器 72访问 并执行如图 1至图 4所示的方法。  At startup, these software components are loaded into memory 77 and then accessed by processor 72 and executed as shown in Figures 1-4.
图 8为本发明实施例八提供的站点服务器的示意图。 该站点服务器是被 请求用户所在的站点服务器, 被定义为第二站点服务器, 用于执行本发明实 施例一至四提供的资源处理方法。 如图所示, 本实施例提供的第一站点服务 器包括: 站点服务器端口 81、 处理器 82和存储器 88。 站点服务器总线 84 用于连接站点服务器端口 81、 处理器 82和存储器 88。  FIG. 8 is a schematic diagram of a site server according to Embodiment 8 of the present invention. The site server is a site server where the requested user is located, and is defined as a second site server for performing the resource processing methods provided by the first to fourth embodiments of the present invention. As shown in the figure, the first site server provided in this embodiment includes: a site server port 81, a processor 82, and a memory 88. The site server bus 84 is used to connect to the site server port 81, processor 82, and memory 88.
所述站点服务器端口 81 可以分别与请求用户、 被请求用户所在的第二 站点服务器相连接。 The site server port 81 can be respectively associated with the requesting user and the requested user. The site server is connected.
存储器 88可以是永久存储器, 例如硬盘驱动器和闪存, 存储器 88中具 有软件模块和设备驱动程序。软件模块能够执行本发明上述方法的各种功能 模块; 设备驱动程序可以是网络和接口驱动程序。  Memory 88 can be a persistent storage, such as a hard drive and flash memory, with software modules and device drivers in memory 88. The software modules are capable of executing the various functional modules of the above described method of the present invention; the device drivers can be network and interface drivers.
在启动时, 这些软件组件被加载到存储器 88中, 然后被处理器 82访问 并执行如图 1至图 4所示的方法。 专业人员应该还可以进一步意识到, 结合本文中所公开的实施例描述的 各示例的单元及算法步骤, 能够以电子硬件、 计算机软件或者二者的结合来 实现, 为了清楚地说明硬件和软件的可互换性, 在上述说明中已经按照功能 一般性地描述了各示例的组成及步骤。 这些功能究竟以硬件还是软件方式来 执行, 取决于技术方案的特定应用和设计约束条件。 专业技术人员可以对每 个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为 超出本发明的范围。  At startup, these software components are loaded into memory 88 and then accessed by processor 82 and executed as shown in Figures 1-4. A person skilled in the art should further appreciate that the elements and algorithm steps of the various examples described in connection with the embodiments disclosed herein can be implemented in electronic hardware, computer software, or a combination of both, in order to clearly illustrate hardware and software. Interchangeability, the composition and steps of the various examples have been generally described in terms of function in the above description. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods for implementing the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present invention.
结合本文中所公开的实施例描述的方法或算法的步骤可以用硬件、处理 器执行的软件模块, 或者二者的结合来实施。 软件模块可以置于随机存储器 ( RAM ), 内存、 只读存储器 (ROM )、 电可编程 ROM、 电可擦除可编程 ROM, 寄存器、 硬盘、 可移动磁盘、 CD-ROM、 或技术领域内所公知的任意 其它形式的存储介质中。  The steps of a method or algorithm described in connection with the embodiments disclosed herein may be implemented in hardware, a software module executed by a processor, or a combination of both. The software module can be placed in random access memory (RAM), memory, read only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or technical field. Any other form of storage medium known.
以上所述的具体实施方式, 对本发明的目的、 技术方案和有益效果进行 了进一步详细说明, 所应理解的是, 以上所述仅为本发明的具体实施方式而 已, 并不用于限定本发明的保护范围, 凡在本发明的精神和原则之内, 所做 的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。  The above described embodiments of the present invention are further described in detail, and the embodiments of the present invention are intended to be illustrative only. The scope of the protection, any modifications, equivalents, improvements, etc., made within the spirit and scope of the invention are intended to be included within the scope of the invention.

Claims

权 利 要 求 Rights request
1、 一种资源处理方法, 其特征在于, 所述方法包括: 1. A resource processing method, characterized in that the method includes:
第一站点服务器接收所述第一站点服务器的请求用户发送的资源处理 请求, 所述资源处理请求中携带有第二站点服务器的地址和所述第二站点服 务器的被请求用户的账号; The first site server receives a resource processing request sent by the requesting user of the first site server, where the resource processing request carries the address of the second site server and the account number of the requested user of the second site server;
根据所述资源处理请求生成所述资源授权请求, 并将所述资源授权请求 发送给所述第二站点服务器; Generate the resource authorization request according to the resource processing request, and send the resource authorization request to the second site server;
当所述被请求用户允许授权后,接收所述第二站点服务器发送的资源授 权响应, 并根据所述资源授权响应进行资源处理。 After the requested user allows authorization, the resource authorization response sent by the second site server is received, and resource processing is performed according to the resource authorization response.
2、 根据权利要求 1所述的资源处理方法, 其特征在于, 所述资源处理 请求为资源分享请求,所述资源授权请求携带有初始流水号、分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的 身份密码。 2. The resource processing method according to claim 1, characterized in that, the resource processing request is a resource sharing request, and the resource authorization request carries an initial serial number, shared resource information, the account number of the requested user, Call back the Uniform Resource Locator URL and the identity password of the first site server.
3、 根据权利要求 2所述的资源处理方法, 其特征在于, 所述资源授权 响应包括授权令牌、 资源分享 URL、 初始流水号, 所述接收所述第二站点服 务器发送的资源授权响应, 并根据所述资源授权响应进行资源处理具体为: 所述第一站点服务器接收所述第二站点服务器通过所述回调 URL发送的 资源授权响应, 并通过所述资源授权响应中的所述资源分享 URL将所述请求 用户的分享资源发送给所述第二站点服务器, 以使所述被请求用户从所述第 二站点服务器获取所述分享资源并分享所述分享资源。 3. The resource processing method according to claim 2, wherein the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and the receiving the resource authorization response sent by the second site server, And performing resource processing according to the resource authorization response is specifically: the first site server receives the resource authorization response sent by the second site server through the callback URL, and shares the resource through the resource authorization response The URL sends the shared resources of the requesting user to the second site server, so that the requested user obtains the shared resources from the second site server and shares the shared resources.
4、 根据权利要求 1所述的资源处理方法, 其特征在于, 所述资源处理 请求为资源共享请求, 所述资源共享请求还携带有所述被请求用户的共享资 源名称, 所述资源授权请求携带有初始流水号、 所述共享资源信息、 所述被 请求用户的账号、 回调 URL和所述第一站点服务器的身份密码。 4. The resource processing method according to claim 1, wherein the resource processing request is a resource sharing request, and the resource sharing request also carries the shared resources of the requested user. The source name, the resource authorization request carries the initial serial number, the shared resource information, the account number of the requested user, the callback URL and the identity password of the first site server.
5、 根据权利要求 4所述的资源处理方法, 其特征在于, 所述资源授权 响应包括授权令牌、 资源共享 URL、 初始流水号, 所述接收所述第二站点服 务器发送的资源授权响应, 并根据所述资源授权响应进行资源处理具体为: 所述第一站点服务器接收到所述第二站点服务器通过所述回调 URL发送 的资源授权响应, 且接收到所述请求用户的资源获取请求时, 通过所述资源 授权响应中的所述资源分享 URL向所述第二站点服务器发送携带有所述授权 令牌的资源获取请求; 5. The resource processing method according to claim 4, wherein the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and the receiving the resource authorization response sent by the second site server, And performing resource processing based on the resource authorization response is specifically: when the first site server receives the resource authorization response sent by the second site server through the callback URL, and receives a resource acquisition request from the requesting user , sending a resource acquisition request carrying the authorization token to the second site server through the resource sharing URL in the resource authorization response;
接收所述第二站点服务器发送的所述被请求用户的共享资源, 并将所述 共享资源发送给所述请求用户, 以使所述请求用户获取所述共享资源。 Receive the shared resources of the requested user sent by the second site server, and send the shared resources to the requesting user, so that the requesting user obtains the shared resources.
6、 一种资源处理方法, 其特征在于, 所述方法包括: 6. A resource processing method, characterized in that the method includes:
第二站点服务器接收第一站点服务器发送的资源授权请求, 所述资源授 权请求是所述第一站点服务器根据接收到所述第一站点服务器的请求用户 发送的资源处理请求后,根据所述资源处理请求生成的针对所述第二站点服 务器的被请求用户的授权请求; The second site server receives the resource authorization request sent by the first site server. The resource authorization request is the resource processing request sent by the first site server based on the request of the first site server. processing an authorization request generated by the request for the requested user of the second site server;
当所述第二站点服务器对所述第一站点服务器进行身份验证后,将所述 资源授权请求发送给所述被请求用户; After the second site server authenticates the first site server, sends the resource authorization request to the requested user;
接收所述请求用户发送的授权确认信息,根据所述授权确认信息生成对 所述第一站点服务器的资源授权响应, 并将所述资源授权响应发送给所述第 一站点服务器, 用以所述第一站点服务器根据所述资源授权响应进行资源处 理。 Receive the authorization confirmation information sent by the requesting user, generate a resource authorization response to the first site server based on the authorization confirmation information, and send the resource authorization response to the first site server for the purpose of The first site server performs resource processing according to the resource authorization response.
7、 根据权利要求 6所述的资源处理方法, 其特征在于, 所述资源处理 请求为资源分享请求,所述资源授权请求携带有唯一事务 ID、分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的 身份密码。 7. The resource processing method according to claim 6, wherein the resource processing request is a resource sharing request, and the resource authorization request carries a unique transaction ID, shared resource information, the account number of the requested user, Call back the Uniform Resource Locator URL and the identity password of the first site server.
8、 根据权利要求 7所述的资源处理方法, 其特征在于, 所述授权确认 信息为所述请求用户允许授权, 所述根据所述授权确认信息生成对所述第一 站点服务器的资源授权响, 并将所述资源授权响应发送给所述第一站点服务 器具体为: 8. The resource processing method according to claim 7, wherein the authorization confirmation information is that the requesting user allows authorization, and the resource authorization response to the first site server is generated based on the authorization confirmation information. , and send the resource authorization response to the first site server as follows:
当所述被请求用户允许授权后, 所述第二站点服务器根据所述授权确认 信息生成对所述第一站点服务器的资源授权响应, 所述资源授权响应包括授 权令牌、 资源分享 URL、 初始流水号, 并通过所述回调 URL向所述第一站点 服务器发送资源授权响应; When the requested user allows authorization, the second site server generates a resource authorization response to the first site server based on the authorization confirmation information. The resource authorization response includes an authorization token, a resource sharing URL, an initial Serial number, and send a resource authorization response to the first site server through the callback URL;
接收所述第一站点服务器通过所述资源授权响应中的所述资源分享 URL 发送的所述请求用户的分享资源, 以使所述被请求用户获取所述分享资源并 分享所述分享资源。 Receive the shared resources of the requesting user sent by the first site server through the resource sharing URL in the resource authorization response, so that the requested user obtains the shared resources and shares the shared resources.
9、 根据权利要求 6所述的资源处理方法, 其特征在于, 所述资源处理 请求为资源共享请求, 所述资源共享请求还携带有所述被请求用户的共享资 源名称, 所述资源授权请求携带有初始流水号、 所述共享资源信息、 所述被 请求用户的账号、 回调 URL和所述第一站点服务器的身份密码。 9. The resource processing method according to claim 6, characterized in that: the resource processing request is a resource sharing request, the resource sharing request also carries the shared resource name of the requested user, and the resource authorization request It carries the initial serial number, the shared resource information, the account number of the requested user, the callback URL and the identity password of the first site server.
10、 根据权利要求 9所述的资源处理方法, 其特征在于, 所述授权确 认信息为所述请求用户允许授权, 所述根据所述授权确认信息生成对所述第 一站点服务器的资源授权响, 并将所述资源授权响应发送给所述第一站点服 务器应具体为: 10. The resource processing method according to claim 9, characterized in that: the authorization confirmation information is that the requesting user allows authorization, and the resource authorization response to the first site server is generated based on the authorization confirmation information. , and send the resource authorization response to the first site server The server should be specifically:
当所述被请求用户允许授权后, 所述第二站点服务器根据所述授权确认 信息生成对所述第一站点服务器的资源授权响应, 所述资源授权响应包括授 权令牌、 资源共享 URL、 初始流水号, 并通过所述回调 URL向所述第一站点 服务器发送资源授权响应; When the requested user allows authorization, the second site server generates a resource authorization response to the first site server based on the authorization confirmation information. The resource authorization response includes an authorization token, a resource sharing URL, an initial Serial number, and send a resource authorization response to the first site server through the callback URL;
当接收所述第一站点服务器发送的携带有所述授权令牌的资源获取请 求, 并对所述授权令牌进行验证后, 向所述第一站点服务器发送所述被请求 用户的共享资源, 以使所述第一站点服务器将所述共享资源发送给所述请求 用户。 When receiving the resource acquisition request carrying the authorization token sent by the first site server and verifying the authorization token, sending the shared resources of the requested user to the first site server, So that the first site server sends the shared resource to the requesting user.
11、 根据权利要求 7至 10任一项所述的资源处理方法, 其特征在于, 所述第二站点服务器对所述第一站点服务器进行身份验证具体为: 11. The resource processing method according to any one of claims 7 to 10, characterized in that the identity verification performed by the second site server on the first site server is specifically:
所述第二站点服务器根据所述第一站点服务器的身份密码对所述第一 站点服务器进行身份验证。 The second site server performs identity verification on the first site server based on the identity password of the first site server.
12、 一种站点服务器, 其特征在于, 所述站点服务器包括: 12. A site server, characterized in that, the site server includes:
接收单元, 用于接收第一站点服务器的请求用户发送的资源处理请求, 所述资源处理请求中携带有第二站点服务器的地址和所述第二站点服务器 的被请求用户的账号, 以及将所述资源处理请求传输给第一处理单元; 第一处理单元, 用于从所述接收单元接收所述资源处理请求, 根据所述 资源处理请求生成所述资源授权请求, 并将所述资源授权请求发送给所述第 二站点服务器; A receiving unit configured to receive a resource processing request sent by a requesting user of the first site server, where the resource processing request carries the address of the second site server and the account number of the requested user of the second site server, and transfer the request to the resource processing request. The resource processing request is transmitted to the first processing unit; the first processing unit is configured to receive the resource processing request from the receiving unit, generate the resource authorization request according to the resource processing request, and send the resource authorization request Sent to the second site server;
第二处理单元, 用于当所述被请求用户允许授权后, 接收所述第二站点 服务器发送的资源授权响应, 并根据所述资源授权响应进行资源处理。 The second processing unit is configured to receive the resource authorization response sent by the second site server after the requested user allows authorization, and perform resource processing according to the resource authorization response.
1 3、 根据权利要求 12所述的站点服务器, 其特征在于, 所述资源处理 请求为资源分享请求,所述资源授权请求携带有初始流水号、分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的 身份密码。 1 3. The site server according to claim 12, characterized in that, the resource processing request is a resource sharing request, and the resource authorization request carries an initial serial number, shared resource information, the account number of the requested user, Call back the Uniform Resource Locator URL and the identity password of the first site server.
14、 根据权利要求 1 3所述的站点服务器, 其特征在于, 所述资源授权 响应包括授权令牌、 资源分享 URL、 初始流水号, 所述第二处理单元还用于 接收所述第二站点服务器通过所述回调 URL发送的资源授权响应, 并通过所 述资源授权响应中的所述资源分享 URL将所述请求用户的分享资源发送给所 述第二站点服务器, 以使所述被请求用户从所述第二站点服务器获取所述分 享资源并分享所述分享资源。 14. The site server according to claim 13, characterized in that, the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and the second processing unit is also used to receive the second site The server sends the resource authorization response through the callback URL, and sends the shared resources of the requesting user to the second site server through the resource sharing URL in the resource authorization response, so that the requested user Obtain the shared resources from the second site server and share the shared resources.
15、 根据权利要求 12所述的站点服务器, 其特征在于, 所述资源处理 请求为资源共享请求, 所述资源共享请求还携带有所述被请求用户的共享资 源名称, 所述资源授权请求携带有初始流水号、 所述共享资源信息、 所述被 请求用户的账号、 回调 URL和所述第一站点服务器的身份密码。 15. The site server according to claim 12, wherein the resource processing request is a resource sharing request, the resource sharing request also carries the shared resource name of the requested user, and the resource authorization request carries There is an initial serial number, the shared resource information, the account of the requested user, the callback URL and the identity password of the first site server.
16、 根据权利要求 15所述的站点服务器, 其特征在于, 所述资源授权 响应包括授权令牌、 资源共享 URL、 初始流水号, 所述接收所述第二站点服 务器发送的资源授权响应, 所述第二处理单元还用于接收到所述第二站点服 务器通过所述回调 URL发送的资源授权响应, 且接收到所述请求用户的资源 获取请求时, 通过所述资源授权响应中的所述资源分享 URL向所述第二站点 服务器发送携带有所述授权令牌的资源获取请求, 以及接收所述第二站点服 务器发送的资源获取响应, 并将所述资源获取响应发送给所述请求用户, 以 使所述请求用户获取所述被请求用户的共享资源。 16. The site server according to claim 15, wherein the resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and receiving the resource authorization response sent by the second site server, The second processing unit is also configured to receive a resource authorization response sent by the second site server through the callback URL, and when receiving a resource acquisition request from the requesting user, pass the resource authorization response in the resource authorization response. The resource sharing URL sends a resource acquisition request carrying the authorization token to the second site server, receives a resource acquisition response sent by the second site server, and sends the resource acquisition response to the requesting user. , so that the requesting user obtains the shared resources of the requested user.
17、 一种站点服务器, 其特征在于, 所述站点服务器包括: 接收单元, 用于接收第一站点服务器发送的资源授权请求, 所述资源授 权请求是所述第一站点服务器根据接收到所述第一站点服务器的请求用户 发送的资源处理请求后,根据所述资源处理请求生成的针对所述第二站点服 务器的被请求用户的授权请求; 17. A site server, characterized in that, the site server includes: a receiving unit, configured to receive a resource authorization request sent by the first site server, where the resource authorization request is received by the first site server. After the resource processing request sent by the requesting user of the first site server, an authorization request for the requested user of the second site server is generated based on the resource processing request;
发送单元, 用于对所述第一站点服务器进行身份验证后, 将所述资源授 权请求发送给所述被请求用户; A sending unit, configured to send the resource authorization request to the requested user after authenticating the first site server;
处理单元, 用于接收所述请求用户发送的授权确认信息, 根据所述授权 确认信息生成对所述第一站点服务器的资源授权响应, 并将所述资源授权响 应发送给所述第一站点服务器, 用以所述第一站点服务器根据所述资源授权 响应进行资源处理。 A processing unit configured to receive authorization confirmation information sent by the requesting user, generate a resource authorization response to the first site server based on the authorization confirmation information, and send the resource authorization response to the first site server. , used by the first site server to perform resource processing according to the resource authorization response.
18、 根据权利要求 17所述的站点服务器, 其特征在于, 所述资源处理 请求为资源分享请求,所述资源授权请求携带有初始流水号、分享资源信息、 所述被请求用户的账号、 回调统一资源定位符 URL和所述第一站点服务器的 身份密码。 18. The site server according to claim 17, characterized in that, the resource processing request is a resource sharing request, and the resource authorization request carries an initial serial number, shared resource information, the account number of the requested user, and a callback Uniform Resource Locator URL and the identity password of the first site server.
19、 根据权利要求 18所述的站点服务器, 其特征在于, 所述授权确认 信息为所述请求用户允许授权, 所述处理单元还用于当所述被请求用户允许 授权后, 所述第二站点服务器根据所述授权确认信息生成对所述第一站点服 务器的资源授权响应, 所述资源授权响应包括授权令牌、 资源分享 URL、 初 始流水号, 并通过所述回调 URL向所述第一站点服务器发送资源授权响应; 以及, 接收所述第一站点服务器通过所述资源授权响应中的所述资源分享 URL发送的所述请求用户的分享资源, 以使所述被请求用户获取所述分享资 源并分享所述分享资源。 19. The site server according to claim 18, wherein the authorization confirmation information indicates that the requesting user allows authorization, and the processing unit is also configured to: when the requested user allows authorization, the second The site server generates a resource authorization response to the first site server based on the authorization confirmation information. The resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and sends a request to the first site server through the callback URL. The site server sends a resource authorization response; and, receives the shared resource of the requesting user sent by the first site server through the resource sharing URL in the resource authorization response, so that the requested user obtains the share capital source and share said shared resources.
20、 根据权利要求 17所述的站点服务器, 其特征在于, 所述资源处理 请求为资源共享请求, 所述资源共享请求还携带有所述被请求用户的共享资 源名称, 所述资源授权请求携带有唯一事务 ID、 所述共享资源信息、 所述被 请求用户的账号、 回调 URL和所述第一站点服务器的身份密码。 20. The site server according to claim 17, wherein the resource processing request is a resource sharing request, the resource sharing request also carries the shared resource name of the requested user, and the resource authorization request carries There is a unique transaction ID, the shared resource information, the account of the requested user, the callback URL and the identity password of the first site server.
21、 根据权利要求 20所述的站点服务器, 其特征在于, 所述授权确认 信息为所述请求用户允许授权, 所述处理单元还用于当所述被请求用户允许 授权后, 所述第二站点服务器根据所述授权确认信息生成对所述第一站点服 务器的资源授权响应, 所述资源授权响应包括授权令牌、 资源共享 URL、 初 始流水号, 并通过所述回调 URL向所述第一站点服务器发送资源授权响应; 以及, 当接收所述第一站点服务器发送的携带有所述授权令牌的资源获取请 求, 并对所述授权令牌进行验证后, 向所述第一站点服务器返回所述被请求 用户的共享资源, 以使所述第一站点服务器将所述共享资源发送给所述请求 用户。 21. The site server according to claim 20, wherein the authorization confirmation information indicates that the requesting user allows authorization, and the processing unit is also configured to: when the requested user allows authorization, the second The site server generates a resource authorization response to the first site server based on the authorization confirmation information. The resource authorization response includes an authorization token, a resource sharing URL, and an initial serial number, and sends a request to the first site server through the callback URL. The site server sends a resource authorization response; and, after receiving the resource acquisition request carrying the authorization token sent by the first site server and verifying the authorization token, return to the first site server The shared resources of the requested user, so that the first site server sends the shared resources to the requesting user.
22、 根据权利要求 18至 21所述的站点服务器, 其特征在于, 所述发 送单元还用于根据所述第一站点服务器的身份密码对所述第一站点服务器 进行身份验证后, 将所述资源授权请求发送给所述被请求用户。 22. The site server according to claims 18 to 21, characterized in that, the sending unit is further configured to authenticate the first site server according to the identity password of the first site server, and then send the The resource authorization request is sent to the requested user.
PCT/CN2014/077963 2013-06-21 2014-05-21 Resource processing method and site server WO2014201931A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310250202.7 2013-06-21
CN201310250202.7A CN103327100B (en) 2013-06-21 2013-06-21 Resource processing method and site server

Publications (1)

Publication Number Publication Date
WO2014201931A1 true WO2014201931A1 (en) 2014-12-24

Family

ID=49195621

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/077963 WO2014201931A1 (en) 2013-06-21 2014-05-21 Resource processing method and site server

Country Status (2)

Country Link
CN (1) CN103327100B (en)
WO (1) WO2014201931A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017036146A1 (en) * 2015-08-31 2017-03-09 索尼公司 Method for authorizing access and apparatus using the method
US20210365579A1 (en) * 2016-09-13 2021-11-25 Salesforce.Com, Inc. Providing web application components within remote systems

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475743B (en) * 2013-09-30 2018-01-23 广州博冠信息科技有限公司 A kind of method, apparatus and system for cloud service
CN104580117B (en) * 2013-10-28 2018-07-27 深圳市腾讯计算机系统有限公司 Auth method, apparatus and system
US9525705B2 (en) * 2013-11-15 2016-12-20 Oracle International Corporation System and method for managing tokens authorizing on-device operations
CN104794606A (en) * 2014-01-20 2015-07-22 琉璃奥图码科技股份有限公司 Event prompting system, event prompting method and situation playing unit
CN104954330B (en) * 2014-03-27 2018-03-16 华为软件技术有限公司 A kind of methods, devices and systems to be conducted interviews to data resource
CN104092778A (en) * 2014-07-28 2014-10-08 北京联时空网络通信设备有限公司 Data processing method and device for web service
CN104125290A (en) * 2014-08-05 2014-10-29 奥盈琦信信息技术(上海)有限公司 System and method for realizing collection, management and authorization of personal big data
CN106534280B (en) * 2016-10-25 2019-12-03 Oppo广东移动通信有限公司 Data sharing method and device
CN106506521B (en) * 2016-11-28 2020-08-07 腾讯科技(深圳)有限公司 Resource access control method and device
CN108616762B (en) * 2016-12-12 2019-11-19 视联动力信息技术股份有限公司 A kind of sharing method and view networked server of view networked server
CN108494821B (en) * 2018-02-12 2019-06-11 刘志鹏 The integrated method for opening image of Dropbox
CN109033774B (en) * 2018-08-31 2020-08-07 阿里巴巴集团控股有限公司 Method and device for acquiring and feeding back user resources and electronic equipment
CN109981685A (en) * 2019-04-15 2019-07-05 苏州麦迪斯顿医疗科技股份有限公司 Data transmission system and method
CN111510455B (en) * 2020-04-16 2022-06-10 神州数码融信软件有限公司 Request message authentication and data transmission method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102457507A (en) * 2010-10-29 2012-05-16 中兴通讯股份有限公司 Secure sharing method, device and system for cloud computing resources
CN102664933A (en) * 2012-04-06 2012-09-12 中国联合网络通信集团有限公司 User authorization method, application terminal, open platform and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7668939B2 (en) * 2003-12-19 2010-02-23 Microsoft Corporation Routing of resource information in a network
CN102195957B (en) * 2010-03-19 2014-03-05 华为技术有限公司 Resource sharing method, device and system
US8931034B2 (en) * 2010-06-25 2015-01-06 Telefonaktiebolaget L M Ericsson (Publ) System, method, and policy engine for granting temporary access to electronic content

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102457507A (en) * 2010-10-29 2012-05-16 中兴通讯股份有限公司 Secure sharing method, device and system for cloud computing resources
CN102664933A (en) * 2012-04-06 2012-09-12 中国联合网络通信集团有限公司 User authorization method, application terminal, open platform and system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017036146A1 (en) * 2015-08-31 2017-03-09 索尼公司 Method for authorizing access and apparatus using the method
US11134069B2 (en) 2015-08-31 2021-09-28 Sony Corporation Method for authorizing access and apparatus using the method
US20210365579A1 (en) * 2016-09-13 2021-11-25 Salesforce.Com, Inc. Providing web application components within remote systems

Also Published As

Publication number Publication date
CN103327100A (en) 2013-09-25
CN103327100B (en) 2017-04-19

Similar Documents

Publication Publication Date Title
WO2014201931A1 (en) Resource processing method and site server
US20220239637A1 (en) Secure authentication for accessing remote resources
US10136315B2 (en) Password-less authentication system, method and device
US9866556B2 (en) Common internet file system proxy authentication of multiple servers
US9923906B2 (en) System, method and computer program product for access authentication
CN104954330B (en) A kind of methods, devices and systems to be conducted interviews to data resource
CN113347206B (en) Network access method and device
US9584615B2 (en) Redirecting access requests to an authorized server system for a cloud service
US20110225637A1 (en) Authentication and authorization of user and access to network resources using openid
US11658963B2 (en) Cooperative communication validation
WO2015196908A1 (en) Service processing method, terminal, server and system
JP2015529905A (en) Authorization method, apparatus, and system
EP2518972A1 (en) System and method for device addressing
US9525848B2 (en) Domain trusted video network
US11611551B2 (en) Authenticate a first device based on a push message to a second device
CN112612985A (en) Websocket-based multi-user and multi-type message pushing system and method
US20240039739A1 (en) Automation of user identity using network protocol providing secure granting or revocation of secured access rights
WO2008071109A1 (en) A method and system for realizing the third-party mail account management
KR101824562B1 (en) Gateway and method for authentication
JP2017523508A (en) Secure integrated cloud storage
WO2012097728A1 (en) Method and device for proxy access of open platform
WO2017185934A1 (en) Management device and method for managing device
US9742776B2 (en) Contact identification validation via social invitation
KR101642665B1 (en) Direct electronic mail
WO2015021842A1 (en) Method and apparatus of accessing ott application and method and apparatus of pushing message by server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14814279

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14814279

Country of ref document: EP

Kind code of ref document: A1