CN105897668A - Third party account authorization method, device, server and system - Google Patents

Third party account authorization method, device, server and system Download PDF

Info

Publication number
CN105897668A
CN105897668A CN201510694688.2A CN201510694688A CN105897668A CN 105897668 A CN105897668 A CN 105897668A CN 201510694688 A CN201510694688 A CN 201510694688A CN 105897668 A CN105897668 A CN 105897668A
Authority
CN
China
Prior art keywords
authorization
party
user account
application
account
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510694688.2A
Other languages
Chinese (zh)
Inventor
牛云飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Leshi Zhixin Electronic Technology Tianjin Co Ltd
Original Assignee
Leshi Zhixin Electronic Technology Tianjin Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Leshi Zhixin Electronic Technology Tianjin Co Ltd filed Critical Leshi Zhixin Electronic Technology Tianjin Co Ltd
Priority to CN201510694688.2A priority Critical patent/CN105897668A/en
Priority to PCT/CN2016/088564 priority patent/WO2017067227A1/en
Publication of CN105897668A publication Critical patent/CN105897668A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a third party account authorization method, device, server and system. The method comprises the following steps: an authorization request of a third party application is responded to; if a user account which is bound in advance is set, an authorization code of the user account which is bound in advance is obtained and sent to a user center, an access token of the authorization code is obtained from the user center, the access token and the user account are sent to the server, user information of the user account is obtained from the server after the access token passes verification, and the user information is called back to the third party application. According to the third party account authorization method, device, server and system, a solution that the account which is bound in advance can be authorized to the third party application is provided; the third party application is enabled to gain authorization of the safe account, and therefore the third party application can use the safe account to conduct all kinds of sensitive operations such as fee paying operation and the like.

Description

A kind of third party's account authorization method, equipment, server and system thereof
Technical field
The present invention relates to account management correlative technology field, particularly a kind of third party account authorized party Method, equipment, server and system thereof.
Background technology
Smart mobile phone, refers to as PC, has independent operating system, independent fortune Row space, can be installed voluntarily by user software, play, the third party service provider such as navigation provides Program, it is possible to realize the type of cell phone that wireless network accesses by mobile communication network.
The software run in smart mobile phone is referred to as application (App), can be intelligence hand by App Machine brings very many functions.
User account is for identifying user identity, the most how to ensure the safety of user account very Important.Prior art is generally adopted by user account is saved in server, and user is when logging in Verified by user cipher.
But, when user account is too much, it is it is difficult to ensure that the security of its account, therefore App It is difficult with account and carry out sensitive operation, such as, pay paying etc..
Summary of the invention
Based on this, it is necessary to be difficult to ensure that the technical problem of the security of account for prior art, A kind of third party's account authorization method, equipment, server and system thereof are provided.
The present invention provides a kind of third party's account authorization method, including:
Third party's authorization response step, including: the authorization requests of response third-party application;
Authorization code obtaining step, including: if provided, with the user account bound in advance, then obtain pass Authorization code in the described user account bound in advance;
Access token obtaining step, including: described authorization code is sent to customer center, from described Customer center obtains the access token about described authorization code;
User profile obtaining step, including: described access token and user account are sent to service Device, from described server obtain after described access token is verified about described user account User profile;
Information readjustment step, including: described user profile is pulled back to described third-party application.
Further, described acquisition is about the authorization code of the described user account bound in advance, specifically Including:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close Authorization code in the described user account bound in advance.
Further, described authorization code obtaining step, also include: without the use bound in advance Family account, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key Login page;
Obtain described server user account and user cipher are verified after returned about institute State the authorization code of user account, perform access token obtaining step, described user account and described use Family password is obtained by the reception of described login page by described server.
Further, in described access token obtaining step, obtain after described access token with described User account association preserves;
Described third party's authorization response step, specifically includes:
When in response to the authorization requests of third-party application, close with described user account if preserved The access token that UNPROFOR is deposited, the most directly performs described user profile obtaining step, otherwise performs described Authorization code obtaining step.
Further, described information readjustment step, specifically include:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Further, described third party's authorization response step, specifically include: display authorization page, The authorization requests of the third-party application that response is triggered by described authorization page, described authorization page is adopted Generate based on Android system with Java, and the display resource of described authorization page is from Java storehouse Form preserve at least one resource file, and each described resource file resource file mark adopt Obtain from the R file that Android system is provided with the reflex mechanism of Java.
The present invention provides a kind of third party's account authorization method, including:
Access token receiving step, including: receive the access token from equipment and user account, Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with User account time obtain about the authorization code of the described user account bound in advance, and award described Weighted code sends to customer center, acquires the visit about described authorization code from described customer center Ask token;
User profile forwarding step, including: described access token is verified, if described visit Ask that token authentication passes through, then the user profile about described user account sent to described equipment, Described user profile is used for pulling back to described third-party application by described equipment.
Further, also include, authorization code forwarding step;
Described authorization code forwarding step, including:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent Mark and application key, described application identities and described application key are the institute acquired in described equipment State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment Authorization code about described user account.
The present invention provides a kind of third party's account authorisation device, including:
Third party's authorization response module, is used for: the authorization requests of response third-party application;
Authorization code acquisition module, is used for: if provided, with the user account bound in advance, then obtain pass Authorization code in the described user account bound in advance;
Access token acquisition module, is used for: send described authorization code to customer center, from described Customer center obtains the access token about described authorization code;
User profile acquisition module, is used for: described access token and user account are sent to service Device, from described server obtain after described access token is verified about described user account User profile;
Information callback module, is used for: described user profile is pulled back to described third-party application.
Further, described acquisition is about the authorization code of the described user account bound in advance, specifically For:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close Authorization code in the described user account bound in advance.
Further, described authorization code acquisition module, it is additionally operable to: without the use bound in advance Family account, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key Login page;
Obtain described server user account and user cipher are verified after returned about institute State the authorization code of user account, perform access token acquisition module, described user account and described use Family password is obtained by the reception of described login page by described server.
Further, in described access token acquisition module, obtain after described access token with described User account association preserves;
Described third party's authorization response module, specifically for:
When in response to the authorization requests of third-party application, close with described user account if preserved The access token that UNPROFOR is deposited, the most directly performs described user profile acquisition module, otherwise performs described Authorization code acquisition module.
Further, described information callback module, specifically for:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Further, described third party's authorization response module, specifically for: display authorization page, The authorization requests of the third-party application that response is triggered by described authorization page, described authorization page is adopted Generate based on Android system with Java, and the display resource of described authorization page is from Java storehouse Form preserve at least one resource file, and each described resource file resource file mark adopt Obtain from the R file that Android system is provided with the reflex mechanism of Java.
The present invention provides a kind of third party's account authorization server, including:
Access token receiver module, is used for: receive the access token from equipment and user account, Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with User account time obtain about the authorization code of the described user account bound in advance, and award described Weighted code sends to customer center, acquires the visit about described authorization code from described customer center Ask token;
User profile sending module, is used for: verify described access token, if described visit Ask that token authentication passes through, then the user profile about described user account sent to described equipment, Described user profile is used for pulling back to described third-party application by described equipment.
Further, also include, authorization code sending module;
Described authorization code sending module, is used for:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent Mark and application key, described application identities and described application key are the institute acquired in described equipment State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment Authorization code about described user account.
The present invention provides a kind of third party's account authoring system, including: equipment end and server end;
Described equipment end, including:
Equipment end third party's authorization response module, is used for: the authorization requests of response third-party application;
Equipment end authorization code acquisition module, is used for: if provided, with the user account bound in advance, then Obtain the authorization code about the described user account bound in advance;
Equipment end access token acquisition module, is used for: send described authorization code to customer center, The access token about described authorization code is obtained from described customer center;
Equipment end user profile acquisition module, is used for: described access token and user account are sent To server, obtain the user profile about described user account from described server;
Equipment end information callback module, is used for: described user profile pulls back to described third party should With;
Described server end, including:
Server end access token receiver module, is used for: receive from equipment access token and User account;
Server-side user information sending module, is used for: verify described access token, as The most described access token is verified, then send the user profile about described user account to institute State equipment.
The present invention uses by providing a kind of third-party application that can the account bound in advance be licensed to Scheme so that third-party application can obtain the mandate of this secured account numbers, so that third party Application can use this secured account numbers to carry out various sensitive operation, such as, pay paying etc..
Accompanying drawing explanation
Fig. 1 is the workflow diagram that the present invention is applied to a kind of third party's account authorization method of equipment;
Fig. 2 is the workflow that the present invention is applied to a kind of third party's account authorization method of server Figure;
Fig. 3 is the construction module figure of the present invention a kind of third party account authorisation device;
Fig. 4 is the device structure schematic diagram of preferred embodiment;
Fig. 5 is the construction module figure of the present invention a kind of third party account authorization server;
Fig. 6 is the server architecture schematic diagram of preferred embodiment;
Fig. 7 is the construction module figure of the present invention a kind of third party account authoring system;
Fig. 8 is the work for the equipment of user bound account in advance of highly preferred embodiment of the present invention Flow chart.
Detailed description of the invention
The present invention will be further described in detail with specific embodiment below in conjunction with the accompanying drawings.
It is illustrated in figure 1 the workflow diagram of the present invention a kind of third party account authorization method, including:
Step S101, including: the authorization requests of response third-party application;
Step S102, including: if provided, with the user account bound in advance, then obtain about described The authorization code of the user account bound in advance;
Step S103, including: described authorization code is sent to customer center, from described customer center Obtain the access token about described authorization code;
Step S104, including: described access token and user account are sent to server, from institute State server and obtain the user's letter about described user account after described access token is verified Breath;
Step S105, including: described user profile is pulled back to described third-party application.
The method of the present invention can use SDK (Software Development Ki t, sdk) form be supplied to software developer.The software application that software developer is developed, I.e. third-party application, by calling the function request mandate that sdk is provided, triggers step S101, Thus respond authorization requests.In step S102, obtain the authorization code of the user account bound in advance, And this authorization code is sent to the customer center for realizing the integrated management to user profile, this use Center, family can be with equipment one, it is also possible to be and server one, it is also possible to be specific installation. Step S103 gets access token, and is sent to server by access token, owing to being sent out Send is access token, and therefore it can hide authorization code well, it is to avoid authorization code is illegally accessed. In step S104, server i.e. returns relevant user profile after verifying access token, this use The call back function that family information is provided by third-party application pulls back to third-party application.
Due to the fact that the user account of employing is bound in advance, therefore its security is higher, from And make third-party application that this user account can be used to realize various sensitive operation, such as pay and pay Take.
Wherein in an embodiment, described acquisition is awarded about the described user account bound in advance Weighted code, specifically includes:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close Authorization code in the described user account bound in advance.
The application identities of third-party application is verified by the present embodiment further with application key, with Ensure that this third-party application has corresponding authority to obtain the mandate of the user account bound in advance Code, thus improve safety further.
Wherein in an embodiment, described step S102, also include: without binding in advance User account, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key Login page;
Obtain described server user account and user cipher are verified after returned about institute State the authorization code of user account, perform step S103, described user account and described user cipher by Described server is received by described login page and obtains.
The present embodiment increases not have the support of user bound account in advance, if i.e. user employing Be that a binding in advance has the equipment of user account, then it can obtain authorization code the most in a device, But, if user does not use binding in advance to have the equipment of user account, then it can be by setting Standby game server and then obtain authorization code, server is to the application identities of third-party application and application Key carries out verifying to guarantee that it has enough authorities.
Wherein in an embodiment, in described step S103, obtain after described access token with institute State user account association to preserve;
Described step S101, specifically includes:
When in response to the authorization requests of third-party application, close with described user account if preserved The access token that UNPROFOR is deposited, the most directly performs described step S104, otherwise performs described step S102.
In the present embodiment, for having been achieved with the user account of user profile, can directly use Existing access token, thus reduce steps flow chart, improve the acquisition speed of user profile so that User obtains more preferable Consumer's Experience.
Wherein in an embodiment, described step S105, specifically include:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
The present embodiment is adjusted back by Hash encapsulation, thus improves readjustment speed.Preferably, adopt With hash map, i.e. user profile is packaged by HashMap mode.
Wherein in an embodiment, described step S101, specifically include: display authorization page, The authorization requests of the third-party application that response is triggered by described authorization page, described authorization page is adopted Generate based on Android system with Java, and the display resource of described authorization page is from Java storehouse Form preserve at least one resource file, and each described resource file resource file mark adopt Obtain from the R file that Android system is provided with the reflex mechanism of Java.
Android system, i.e. android system, when using java to develop, wherein have one R file, i.e. R.Java file, it is used for preserving resource file, but, due to same jar bag In can not have two R files simultaneously, therefore, the resource file of the present embodiment is with l ibrary's Form provides, and by former R file, the resource file mark of all resource files, i.e. resource is civilian Part id uses reflex mechanism to obtain, so that this sdk can be smoothly by Java developer Call.
It is illustrated in figure 2 the workflow diagram of the present invention a kind of third party account authorization method, including:
Step S201, including: receive the access token from equipment and user account, described visit Ask the token authorization requests by described equipment response third-party application, be provided with the user bound in advance Obtain the authorization code about the described user account bound in advance during account, and described authorization code is sent out After delivering to customer center, acquire the access token about described authorization code from described customer center;
Step S202, including: described access token is verified, if described access token is tested Card passes through, then send the user profile about described user account to described equipment, described user Information is used for pulling back to described third-party application by described equipment.
The present embodiment is applied in server, and server returns user after verifying access token The user profile of account.
Wherein in an embodiment, also include, authorization code forwarding step;
Described authorization code forwarding step, including:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent Mark and application key, described application identities and described application key are the institute acquired in described equipment State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment Authorization code about described user account.
The step process of the present embodiment user is when using the equipment of user bound account the most in advance Log on request, and return corresponding authorization code.
It is illustrated in figure 8 the equipment for user bound account in advance of highly preferred embodiment of the present invention Workflow diagram, equipment is mobile phone, specifically includes:
When developer uses sdk provided by the present invention, it is necessary first in server application mandate Application identities (appid), application key (appsecret), openid and secret_key.
Step S801, appid, appsecret are passed to be placed in mobile phone rom act on behalf of agent, If appid with appsecret is proved to be successful, directly open login interface, carry out authorizing login, Login successfully the authorization code (code) acquisition returned by agent, specifically:
Openid Yu secret_key is passed to the GuideActivity of agent, according to StartActivityForResult deactivation is built in inside mobile phone rom The com.letv.android.agent.GuideActivity page, if this page mandate successfully can Code is returned by Intent by onActivityResult, after getting code, adjusts The accesstoken of user is exchanged for getAccessToken (code);
Step S802, is sent to customer center by http, customer center further according to this authorization code, To should authorization code user access token (accesstoken) return, specifically:
By appid incoming for developer, appsecrect, authorization code code, loopback address combination, Become a json word string, sent by the POST of HttpClient GetAccessTokenFromServer asks customer center, then uses RequestCallback Interface readjustment get the Json field of return from customer center, it is resolved with JSONObject, Get accesstoken, uid field;
Step S803, by accesstoken, obtains the accounts information of user, specifically:
By incoming to accesstoken, uid getUserBasicInfo method, In getUserBasicInfo method, appid, uid, accesstoken, uid are combined into one Individual json character string, in like manner sends according to the Get of HttpClient GetUserBasicInfoFromServer asks, and obtains the essential information of user, return information bag Include: uid, nickname, accesstoken, file_300*300, file_200*200, file_70*70、file_50*50。
Then these information are combined in callback interface;
Step S804, after obtaining user profile, by the shareprefer of android, will The storage such as accesstoken and uid, nickname is to locally stored, using uid as major key, If clicking directly on login according to history, then can get the user's letter in all shareprefer Breath, is shown, then gets the accesstoken of user according to this user profile, then perform Step S803, gets user profile, information is adjusted back away.
Step S805, the callback interface provided by sdk, is entered information back to third-party application Row accounts information processes, and user profile is packaged into HashMap by callback interface, and then developer is direct Directly HashMap object can be operated, specifically:
Its encapsulation format is:
HashMap<String, Object>userInfo=new HashMap<String, Object>()
UserInfo.put (" letv_uid " ,/* user uid* /);
UserInfo.put (" nickname " ,/* pet name * /);
UserInfo.put (" access_token " ,/* authorizes access token* /);
UserInfo.put (" file_300*300 " ,/* 300*300 head portrait * /);
UserInfo.put (" file_200*200 " ,/* 200*200 head portrait * /);
UserInfo.put (" file_70*70 " ,/* 70*70 head portrait * /);
UserInfo.put (" file_50*50 " ,/* 50*50 head portrait * /);
Then this HashMap object is directly adjusted back to developer.
The equipment for non-predetermined user bound account of highly preferred embodiment of the present invention, specifically includes:
Calling the login page of html5, input account, with password, is clicked on and is logged in, after logining successfully Can return authorization code code in loopback address, follow-up with for user bound account in advance The workflow of equipment is identical, i.e. consistent with step S802-S805, the generation of its login page, Specific as follows:
According to appid, appsecret and loopback address, spell out one and adjusted the url logged in, Its form is as follows:
"https://aaa.xxx.com/oauthopen/authorize?Scope=user_basic_ Show&display=mobile&client_id="
+AccountOathSDK.appid+ " &force_login=1&state=&response_type=code&cl ient_secret="
+ AccountOathSDK.appsecret+ " &redirect_uri="+ AccountOathSDK.redirect_uri;
Then this login page is opened by the loadurl of WebView, if logged on success, Then authorization code code can be attached to after loopback address redirect_uri, as https://aaa.xxx.com/oauth_default.html?Code=1, then passes through WebView OnPageFinish method, code value can be truncated to, by incoming for this value In getAccessToken (code).
The sdk of preferred embodiment directly accesses with R file in jar due to resource file Have conflict, so the reflex mechanism that the access of all resource files all uses java obtains.Tool Body provides a Mresource class with according to resources-type class name (className) and resource literary composition Part name (name) obtains resource file id.
One getIdByName (Context context, String can be provided in Mresource ClassName, String name), the method can be according to className and id title name Obtain the id of correspondence.The R literary composition of correspondence first can be reflected according to bag name (package name) Part, then ergodic classes in this R file, if finding this resources-type, then this resources-type in right The id corresponding to name value directly return.
It is illustrated in figure 3 the construction module figure of the present invention a kind of third party account authorisation device, including:
Third party's authorization response module 301, is used for: the authorization requests of response third-party application;
Authorization code acquisition module 302, is used for: if provided, with the user account bound in advance, then obtain Authorization code about the described user account bound in advance;
Access token acquisition module 303, is used for: send described authorization code to customer center, from institute State customer center and obtain the access token about described authorization code;
User profile acquisition module 304, is used for: described access token and user account are sent to clothes Business device, from described server obtain after described access token is verified about described user's account Number user profile;
Information callback module 305, is used for: described user profile is pulled back to described third-party application.
Wherein in an embodiment, described acquisition is awarded about the described user account bound in advance Weighted code, specifically for:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close Authorization code in the described user account bound in advance.
Wherein in an embodiment, described authorization code acquisition module 302, it is additionally operable to: without The user account bound in advance, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key Login page;
Obtain described server user account and user cipher are verified after returned about institute State the authorization code of user account, perform access token acquisition module, described user account and described use Family password is obtained by the reception of described login page by described server.
Wherein in an embodiment, in described access token acquisition module 303, obtain described visit Preservation is associated with described user account after asking token;
Described third party's authorization response module 301, specifically for:
When in response to the authorization requests of third-party application, close with described user account if preserved The access token that UNPROFOR is deposited, the most directly performs described user profile acquisition module 304, otherwise performs institute State authorization code acquisition module 302.
Wherein in an embodiment, described information callback module 305, specifically for:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Wherein in an embodiment, described third party's authorization response module 301, specifically for: aobvious Show authorization page, the authorization requests of the third-party application that response is triggered, institute by described authorization page Stating authorization page uses Java to generate based on Android system, and the display resource of described authorization page is come From at least one resource file preserved with Java storehouse form, and the resource of each described resource file File identification uses the reflex mechanism of Java to obtain from the R file that Android system is provided.
Be illustrated in figure 4 the structured flowchart of the equipment of the present invention, its specifically include that processor 401, Memory 402, communications component 403 and display screen 404 etc..In general, the equipment of the present invention is excellent Elect smart mobile phone, panel computer and intelligent television etc. as.
Memory 402 wherein stores the specific code of preceding method, processor 401 specifically holds OK, authorize interface by display screen 404 display, and sent out to server by communications component 403 Send access token and user account, and receive user profile and pass through processor 401 and pull back to the Tripartite applies.
It is illustrated in figure 5 the construction module figure of the present invention a kind of third party account authorization server, bag Include:
Access token receiver module 501, is used for: receive the access token from equipment and user's account Number, described access token, by the authorization requests of described equipment response third-party application, is being provided with in advance The authorization code about the described user account bound in advance is obtained during the user account bound, and by institute State authorization code to send to customer center, acquire about described authorization code from described customer center Access token;
User profile sending module 502, is used for: verify described access token, if described Access token is verified, then send the user profile about described user account to described equipment, Described user profile is used for pulling back to described third-party application by described equipment.
Wherein in an embodiment, also include, authorization code sending module;
Described authorization code sending module, is used for:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent Mark and application key, described application identities and described application key are the institute acquired in described equipment State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment Authorization code about described user account.
It is illustrated in figure 6 the structured flowchart of the server of the present invention.Server can be a computer, Can also be the cluster that formed of multiple computers, it specifically includes that processor 601, memory 602 And communications component 603 etc..
Memory 602 wherein stores the specific code of preceding method, processor 601 specifically holds OK, receive, by communications component 603, access token and the user account that equipment sends, and by processing Device 601 is inquired about after obtaining user profile from memory 602, by communications component 603 to equipment Return user profile.
It is illustrated in figure 7 the construction module figure of the present invention a kind of third party account authoring system, including: Equipment end 71 and server end 72;
Described equipment end 71, including:
Equipment end third party's authorization response module 711, is used for: the authorization requests of response third-party application;
Equipment end authorization code acquisition module 712, is used for: if provided, with the user account bound in advance, Then obtain the authorization code about the described user account bound in advance;
Equipment end access token acquisition module 713, is used for: send described authorization code to customer center, The access token about described authorization code is obtained from described customer center;
Equipment end user profile acquisition module 714, is used for: described access token and user account are sent out Deliver to server, obtain the user profile about described user account from described server;
Equipment end information callback module 715, is used for: described user profile is pulled back to described third party Application;
Described server end 72, including:
Server end access token receiver module 721, is used for: receive the access token from equipment And user account;
Server-side user information sending module 722, is used for: verify described access token, If described access token is verified, then the user profile about described user account is sent extremely Described equipment.
Embodiment described above only have expressed the several embodiments of the present invention, and its description is the most concrete In detail, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.Should be understood that It is, for the person of ordinary skill of the art, without departing from the inventive concept of the premise, Can also make some deformation and improvement, these broadly fall into protection scope of the present invention.Therefore, originally The protection domain of patent of invention should be as the criterion with claims.

Claims (17)

1. third party's account authorization method, it is characterised in that including:
Third party's authorization response step, including: the authorization requests of response third-party application;
Authorization code obtaining step, including: if provided, with the user account bound in advance, then obtain pass Authorization code in the described user account bound in advance;
Access token obtaining step, including: described authorization code is sent to customer center, from described Customer center obtains the access token about described authorization code;
User profile obtaining step, including: described access token and user account are sent to service Device, from described server obtain after described access token is verified about described user account User profile;
Information readjustment step, including: described user profile is pulled back to described third-party application.
Third party's account authorization method the most according to claim 1, it is characterised in that described Obtain the authorization code about the described user account bound in advance, specifically include:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close Authorization code in the described user account bound in advance.
Third party's account authorization method the most according to claim 1, it is characterised in that described Authorization code obtaining step, also includes: without the user account bound in advance, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key Login page;
Obtain described server user account and user cipher are verified after returned about institute State the authorization code of user account, perform access token obtaining step, described user account and described use Family password is obtained by the reception of described login page by described server.
Third party's account authorization method the most according to claim 1, it is characterised in that described In access token obtaining step, after obtaining described access token, associate preservation with described user account;
Described third party's authorization response step, specifically includes:
When in response to the authorization requests of third-party application, close with described user account if preserved The access token that UNPROFOR is deposited, the most directly performs described user profile obtaining step, otherwise performs described Authorization code obtaining step.
Third party's account authorization method the most according to claim 1, it is characterised in that described Information readjustment step, specifically includes:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
Third party's account authorization method the most according to claim 1, it is characterised in that described Third party's authorization response step, specifically includes: display authorization page, response is by described authorization page The authorization requests of the third-party application triggered, described authorization page uses Java based on Android system Generate, and the display resource of described authorization page is from least one money preserved with Java storehouse form Source file, and the reflex mechanism of the resource file mark employing Java of each described resource file is from peace The R file that tall and erect system is provided obtains.
7. third party's account authorization method, it is characterised in that including:
Access token receiving step, including: receive the access token from equipment and user account, Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with User account time obtain about the authorization code of the described user account bound in advance, and award described Weighted code sends to customer center, acquires the visit about described authorization code from described customer center Ask token;
User profile forwarding step, including: described access token is verified, if described visit Ask that token authentication passes through, then the user profile about described user account sent to described equipment, Described user profile is used for pulling back to described third-party application by described equipment.
Third party's account authorization method the most according to claim 7, it is characterised in that also wrap Include, authorization code forwarding step;
Described authorization code forwarding step, including:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent Mark and application key, described application identities and described application key are the institute acquired in described equipment State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment Authorization code about described user account.
9. third party's account authorisation device, it is characterised in that including:
Third party's authorization response module, is used for: the authorization requests of response third-party application;
Authorization code acquisition module, is used for: if provided, with the user account bound in advance, then obtain pass Authorization code in the described user account bound in advance;
Access token acquisition module, is used for: send described authorization code to customer center, from described Customer center obtains the access token about described authorization code;
User profile acquisition module, is used for: described access token and user account are sent to service Device, from described server obtain after described access token is verified about described user account User profile;
Information callback module, is used for: described user profile is pulled back to described third-party application.
Third party's account authorisation device the most according to claim 9, it is characterised in that institute State and obtain the authorization code about the described user account bound in advance, specifically for:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are verified, if the verification passes, obtains and close Authorization code in the described user account bound in advance.
11. third party's account authorisation device according to claim 9, it is characterised in that institute State authorization code acquisition module, be additionally operable to: without the user account bound in advance, then:
Obtain application identities and the application key of described third-party application;
Described application identities and described application key are sent to server;
Show that described server is returned after verifying described application identities and described application key Login page;
Obtain described server user account and user cipher are verified after returned about institute State the authorization code of user account, perform access token acquisition module, described user account and described use Family password is obtained by the reception of described login page by described server.
12. third party's account authorisation device according to claim 9, it is characterised in that institute State in access token acquisition module, after obtaining described access token, associate preservation with described user account;
Described third party's authorization response module, specifically for:
When in response to the authorization requests of third-party application, close with described user account if preserved The access token that UNPROFOR is deposited, the most directly performs described user profile acquisition module, otherwise performs described Authorization code acquisition module.
13. third party's account authorisation device according to claim 9, it is characterised in that institute State information callback module, specifically for:
Described third-party application is pulled back to after described user profile is carried out Hash encapsulation.
14. third party's account authorisation device according to claim 9, it is characterised in that institute State third party's authorization response module, specifically for: display authorization page, response is by described mandate page The authorization requests of the third-party application that face is triggered, described authorization page uses Java based on Android system System generates, and the display resource of described authorization page is from least one preserved with Java storehouse form Resource file, and each described resource file resource file mark use Java reflex mechanism from The R file that Android system is provided obtains.
15. 1 kinds of third party's account authorization servers, it is characterised in that including:
Access token receiver module, is used for: receive the access token from equipment and user account, Described access token, by the authorization requests of described equipment response third-party application, is bound in advance being provided with User account time obtain about the authorization code of the described user account bound in advance, and award described Weighted code sends to customer center, acquires the visit about described authorization code from described customer center Ask token;
User profile sending module, is used for: verify described access token, if described visit Ask that token authentication passes through, then the user profile about described user account sent to described equipment, Described user profile is used for pulling back to described third-party application by described equipment.
16. third party's account authorization servers according to claim 15, it is characterised in that Also include, authorization code sending module;
Described authorization code sending module, is used for:
When the equipment that receives judges not have the user account with described apparatus bound, the application sent Mark and application key, described application identities and described application key are the institute acquired in described equipment State application identities and the application key of third-party application;
If described application identities and described application key authentication are passed through, return to described equipment and log in The page, and obtain user account and user cipher by described login page;
If described user account and described user cipher are verified, then return to described equipment Authorization code about described user account.
17. 1 kinds of third party's account authoring systems, including: equipment end and server end;
Described equipment end, including:
Equipment end third party's authorization response module, is used for: the authorization requests of response third-party application;
Equipment end authorization code acquisition module, is used for: if provided, with the user account bound in advance, then Obtain the authorization code about the described user account bound in advance;
Equipment end access token acquisition module, is used for: send described authorization code to customer center, The access token about described authorization code is obtained from described customer center;
Equipment end user profile acquisition module, is used for: described access token and user account are sent To server, obtain the user profile about described user account from described server;
Equipment end information callback module, is used for: described user profile pulls back to described third party should With;
Described server end, including:
Server end access token receiver module, is used for: receive from equipment access token and User account;
Server-side user information sending module, is used for: verify described access token, as The most described access token is verified, then send the user profile about described user account to institute State equipment.
CN201510694688.2A 2015-10-22 2015-10-22 Third party account authorization method, device, server and system Pending CN105897668A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510694688.2A CN105897668A (en) 2015-10-22 2015-10-22 Third party account authorization method, device, server and system
PCT/CN2016/088564 WO2017067227A1 (en) 2015-10-22 2016-07-05 Third party account number authorisation method, device, server, and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510694688.2A CN105897668A (en) 2015-10-22 2015-10-22 Third party account authorization method, device, server and system

Publications (1)

Publication Number Publication Date
CN105897668A true CN105897668A (en) 2016-08-24

Family

ID=57001786

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510694688.2A Pending CN105897668A (en) 2015-10-22 2015-10-22 Third party account authorization method, device, server and system

Country Status (2)

Country Link
CN (1) CN105897668A (en)
WO (1) WO2017067227A1 (en)

Cited By (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106534072A (en) * 2016-10-13 2017-03-22 腾讯科技(深圳)有限公司 User information authorization method, apparatus, equipment and system
CN106790122A (en) * 2016-12-27 2017-05-31 努比亚技术有限公司 A kind of login method when terminal, server and access application
CN107147647A (en) * 2017-05-11 2017-09-08 腾讯科技(深圳)有限公司 A kind of webpage authorization method and device
CN107277067A (en) * 2017-08-11 2017-10-20 四川长虹电器股份有限公司 Third party system docking calculation based on unitized overall development person's account
CN107896227A (en) * 2017-12-14 2018-04-10 珠海格力电器股份有限公司 Data calling method and device and equipment data cloud platform
WO2018068682A1 (en) * 2016-10-14 2018-04-19 中国银联股份有限公司 Intelligent automobile payment system and payment method
CN108234401A (en) * 2016-12-15 2018-06-29 腾讯科技(深圳)有限公司 A kind of method and device to operation system mandate
CN108347471A (en) * 2018-01-02 2018-07-31 武汉斗鱼网络科技有限公司 Obtain the method, apparatus and system of third party's user information
CN108476226A (en) * 2016-12-22 2018-08-31 华为技术有限公司 application program authorization method, terminal and server
CN108683648A (en) * 2018-05-02 2018-10-19 珠海横琴盛达兆业科技投资有限公司 A method of based on realizing secure communication by constantly converting identifying code between wechat small routine and server
CN109190352A (en) * 2018-07-03 2019-01-11 阿里巴巴集团控股有限公司 A kind of authorization text Accuracy Verification method and apparatus
CN109218298A (en) * 2018-09-04 2019-01-15 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of application data access method and system
CN109274726A (en) * 2018-08-31 2019-01-25 阿里巴巴集团控股有限公司 Binding, moving method and device calculate equipment and storage medium
CN109388917A (en) * 2018-10-12 2019-02-26 彩讯科技股份有限公司 Method for authenticating, device, equipment and the storage medium of hardware device
CN109474600A (en) * 2018-11-20 2019-03-15 麒麟合盛网络技术股份有限公司 A kind of account binding method, system, device and its equipment
CN109660487A (en) * 2017-10-10 2019-04-19 武汉斗鱼网络科技有限公司 Authorization method, storage medium, electronic equipment and system based on H5 webpage
CN109962911A (en) * 2019-02-19 2019-07-02 深圳点猫科技有限公司 A kind of method and electronic equipment obtaining user information by small routine
CN110166461A (en) * 2019-05-24 2019-08-23 中国银联股份有限公司 User's unifying identifier processing method, device, equipment and storage medium
CN110336720A (en) * 2019-06-29 2019-10-15 华为技术有限公司 Apparatus control method and equipment
CN110414207A (en) * 2019-07-31 2019-11-05 咪付(深圳)网络技术有限公司 APP interface authority control method
CN110677248A (en) * 2019-10-30 2020-01-10 宁波奥克斯电气股份有限公司 Safe binding method and system based on narrowband Internet of things
CN110856145A (en) * 2019-10-23 2020-02-28 杭州博联智能科技股份有限公司 IOT device and user binding method, device and medium based on near field authentication
CN110990796A (en) * 2019-11-26 2020-04-10 广州至真信息科技有限公司 Application processing method and device, application server and storage medium
CN111177690A (en) * 2019-12-31 2020-05-19 中国工商银行股份有限公司 Two-dimensional code scanning login method and device
CN111193725A (en) * 2019-12-20 2020-05-22 北京淇瑀信息科技有限公司 Configuration-based combined login method and device and computer equipment
CN111193691A (en) * 2018-11-15 2020-05-22 中国电信股份有限公司 Authorization method, system and related equipment
CN111241555A (en) * 2019-12-30 2020-06-05 北京顺达同行科技有限公司 Access method and device for simulating user login, computer equipment and storage medium
CN111835677A (en) * 2019-04-17 2020-10-27 北京世纪好未来教育科技有限公司 User information acquisition method and device and computer storage medium
CN111861457A (en) * 2020-06-28 2020-10-30 中国银联股份有限公司 Payment token application method, device, system and server
CN112738143A (en) * 2019-10-14 2021-04-30 华为技术有限公司 Account number binding method, device and system
CN113435898A (en) * 2021-07-09 2021-09-24 支付宝(杭州)信息技术有限公司 Data processing method and system
CN113660100A (en) * 2021-10-21 2021-11-16 飞天诚信科技股份有限公司 Method, system and electronic equipment for generating soft token seed
CN113766496A (en) * 2021-08-30 2021-12-07 青岛海尔科技有限公司 Cross-platform binding method and system of intelligent equipment and related equipment
CN113824618A (en) * 2021-09-16 2021-12-21 珠海格力电器股份有限公司 Cross-platform equipment network distribution method, second party platform and first party platform
CN114189362A (en) * 2021-11-23 2022-03-15 中国银联股份有限公司 Account login method, terminal, server, system and medium
CN114338224A (en) * 2022-01-17 2022-04-12 广东好太太智能家居有限公司 Intelligent hardware cross-platform control method and system
CN115412331A (en) * 2022-08-25 2022-11-29 聚好看科技股份有限公司 Application login method, electronic equipment and server
WO2023030014A1 (en) * 2021-08-31 2023-03-09 青岛海尔科技有限公司 Method and system for binding smart device, and related device
CN117240608A (en) * 2023-11-10 2023-12-15 腾讯科技(深圳)有限公司 Login authorization method, login authorization device, computer equipment and storage medium

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109474662B (en) * 2018-09-25 2023-04-07 中国平安人寿保险股份有限公司 Product data publishing method and device, computer equipment and storage medium
CN112039826B (en) * 2019-06-03 2023-05-30 北京京东尚科信息技术有限公司 Login method and device applied to applet end, electronic equipment and readable medium
CN111756753B (en) * 2020-06-28 2022-09-23 中国平安财产保险股份有限公司 Authority verification method and system
CN111970298B (en) * 2020-08-26 2024-01-05 腾讯科技(深圳)有限公司 Application access method and device, storage medium and computer equipment
CN112464175A (en) * 2020-11-11 2021-03-09 中国建设银行股份有限公司 Script auditing and executing method, system, equipment and storage medium
CN114697056B (en) * 2020-12-28 2024-10-25 航天信息股份有限公司 Login method and device of billing system, storage medium and electronic equipment
CN112738805B (en) * 2020-12-30 2022-12-06 青岛海尔科技有限公司 Device control method and apparatus, storage medium, and electronic device
CN112887298B (en) * 2021-01-22 2022-08-30 湖南金鹰卡通传媒有限公司 Multi-account system management data synchronization method, storage medium and system
CN112953965B (en) * 2021-03-18 2022-11-01 杭州网易云音乐科技有限公司 Client login method and system, client, medium and computing device
CN113516376A (en) * 2021-06-23 2021-10-19 广东博力威科技股份有限公司 Battery management system and terminal equipment
CN113746857B (en) * 2021-09-09 2023-04-18 深圳市腾讯网域计算机网络有限公司 Login method, device, equipment and computer readable storage medium
CN114185702B (en) * 2021-12-13 2024-09-17 中国平安财产保险股份有限公司 Cross-platform calling method, device and equipment for shared application and storage medium
CN114553433B (en) * 2022-02-15 2023-09-08 网易(杭州)网络有限公司 Third party platform access method and device, electronic equipment and medium
CN114331402B (en) * 2022-03-01 2022-07-08 飞狐信息技术(天津)有限公司 Cash withdrawal method and device
CN114640472A (en) * 2022-03-22 2022-06-17 湖南快乐阳光互动娱乐传媒有限公司 Protected resource data acquisition method and device and unified open platform
CN115102711B (en) * 2022-05-09 2024-01-02 支付宝(杭州)信息技术有限公司 Information authorization method, device and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
CN103888451A (en) * 2014-03-10 2014-06-25 百度在线网络技术(北京)有限公司 Method, device and system for certification authorization
CN104753672A (en) * 2013-12-30 2015-07-01 腾讯科技(深圳)有限公司 Account authentication method, account authentication device and terminal

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8959347B2 (en) * 2011-08-29 2015-02-17 Salesforce.Com, Inc. Methods and systems of data security in browser storage
CN104917721B (en) * 2014-03-10 2019-05-07 腾讯科技(北京)有限公司 Authorization method, device and system based on oAuth agreement

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
CN104753672A (en) * 2013-12-30 2015-07-01 腾讯科技(深圳)有限公司 Account authentication method, account authentication device and terminal
CN103888451A (en) * 2014-03-10 2014-06-25 百度在线网络技术(北京)有限公司 Method, device and system for certification authorization

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
勒布兰克: "《社交应用编程》", 30 June 2013 *

Cited By (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106534072A (en) * 2016-10-13 2017-03-22 腾讯科技(深圳)有限公司 User information authorization method, apparatus, equipment and system
CN106534072B (en) * 2016-10-13 2019-12-10 腾讯科技(深圳)有限公司 user information authorization method, device, equipment and system
WO2018068682A1 (en) * 2016-10-14 2018-04-19 中国银联股份有限公司 Intelligent automobile payment system and payment method
CN108234401B (en) * 2016-12-15 2020-09-11 腾讯科技(深圳)有限公司 Method and device for authorizing service system
CN108234401A (en) * 2016-12-15 2018-06-29 腾讯科技(深圳)有限公司 A kind of method and device to operation system mandate
US11233649B2 (en) 2016-12-22 2022-01-25 Huawei Technologies Co., Ltd. Application program authorization method, terminal, and server
CN108476226A (en) * 2016-12-22 2018-08-31 华为技术有限公司 application program authorization method, terminal and server
CN108476226B (en) * 2016-12-22 2021-06-22 华为技术有限公司 Application program authorization method, terminal and server
CN106790122A (en) * 2016-12-27 2017-05-31 努比亚技术有限公司 A kind of login method when terminal, server and access application
CN107147647A (en) * 2017-05-11 2017-09-08 腾讯科技(深圳)有限公司 A kind of webpage authorization method and device
CN107147647B (en) * 2017-05-11 2021-01-08 腾讯科技(深圳)有限公司 Webpage authorization method and device
CN107277067B (en) * 2017-08-11 2020-10-23 四川长虹电器股份有限公司 Third-party system docking method based on unified developer account
CN107277067A (en) * 2017-08-11 2017-10-20 四川长虹电器股份有限公司 Third party system docking calculation based on unitized overall development person's account
CN109660487A (en) * 2017-10-10 2019-04-19 武汉斗鱼网络科技有限公司 Authorization method, storage medium, electronic equipment and system based on H5 webpage
CN107896227A (en) * 2017-12-14 2018-04-10 珠海格力电器股份有限公司 Data calling method and device and equipment data cloud platform
CN108347471A (en) * 2018-01-02 2018-07-31 武汉斗鱼网络科技有限公司 Obtain the method, apparatus and system of third party's user information
CN108683648A (en) * 2018-05-02 2018-10-19 珠海横琴盛达兆业科技投资有限公司 A method of based on realizing secure communication by constantly converting identifying code between wechat small routine and server
CN109190352A (en) * 2018-07-03 2019-01-11 阿里巴巴集团控股有限公司 A kind of authorization text Accuracy Verification method and apparatus
CN109274726B (en) * 2018-08-31 2020-07-07 阿里巴巴集团控股有限公司 Binding method, migration method, binding device, migration device, computing equipment and storage medium
CN109274726A (en) * 2018-08-31 2019-01-25 阿里巴巴集团控股有限公司 Binding, moving method and device calculate equipment and storage medium
CN109218298A (en) * 2018-09-04 2019-01-15 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of application data access method and system
CN109388917B (en) * 2018-10-12 2022-03-18 彩讯科技股份有限公司 Hardware equipment authentication method, device, equipment and storage medium
CN109388917A (en) * 2018-10-12 2019-02-26 彩讯科技股份有限公司 Method for authenticating, device, equipment and the storage medium of hardware device
CN111193691A (en) * 2018-11-15 2020-05-22 中国电信股份有限公司 Authorization method, system and related equipment
CN109474600B (en) * 2018-11-20 2021-06-18 麒麟合盛网络技术股份有限公司 Account binding method, system, device and equipment
CN109474600A (en) * 2018-11-20 2019-03-15 麒麟合盛网络技术股份有限公司 A kind of account binding method, system, device and its equipment
CN109962911A (en) * 2019-02-19 2019-07-02 深圳点猫科技有限公司 A kind of method and electronic equipment obtaining user information by small routine
CN111835677A (en) * 2019-04-17 2020-10-27 北京世纪好未来教育科技有限公司 User information acquisition method and device and computer storage medium
CN111835677B (en) * 2019-04-17 2022-03-22 北京世纪好未来教育科技有限公司 User information acquisition method and device and computer storage medium
CN110166461A (en) * 2019-05-24 2019-08-23 中国银联股份有限公司 User's unifying identifier processing method, device, equipment and storage medium
CN110166461B (en) * 2019-05-24 2022-09-20 中国银联股份有限公司 User unified identification processing method, device, equipment and storage medium
CN110336720B (en) * 2019-06-29 2021-08-20 华为技术有限公司 Equipment control method and equipment
CN110336720A (en) * 2019-06-29 2019-10-15 华为技术有限公司 Apparatus control method and equipment
US12058145B2 (en) 2019-06-29 2024-08-06 Huawei Technologies Co., Ltd. Device control method and device
CN110414207A (en) * 2019-07-31 2019-11-05 咪付(深圳)网络技术有限公司 APP interface authority control method
CN112738143B (en) * 2019-10-14 2022-05-10 华为技术有限公司 Account number binding method, device and system
CN112738143A (en) * 2019-10-14 2021-04-30 华为技术有限公司 Account number binding method, device and system
CN110856145A (en) * 2019-10-23 2020-02-28 杭州博联智能科技股份有限公司 IOT device and user binding method, device and medium based on near field authentication
CN110856145B (en) * 2019-10-23 2023-04-18 杭州博联智能科技股份有限公司 IOT (Internet of things) equipment and user binding method, equipment and medium based on near field authentication
CN110677248A (en) * 2019-10-30 2020-01-10 宁波奥克斯电气股份有限公司 Safe binding method and system based on narrowband Internet of things
CN110677248B (en) * 2019-10-30 2022-09-30 宁波奥克斯电气股份有限公司 Safe binding method and system based on narrowband Internet of things
CN110990796A (en) * 2019-11-26 2020-04-10 广州至真信息科技有限公司 Application processing method and device, application server and storage medium
CN111193725B (en) * 2019-12-20 2022-04-05 北京淇瑀信息科技有限公司 Configuration-based combined login method and device and computer equipment
CN111193725A (en) * 2019-12-20 2020-05-22 北京淇瑀信息科技有限公司 Configuration-based combined login method and device and computer equipment
CN111241555A (en) * 2019-12-30 2020-06-05 北京顺达同行科技有限公司 Access method and device for simulating user login, computer equipment and storage medium
CN111241555B (en) * 2019-12-30 2022-07-12 北京顺达同行科技有限公司 Access method and device for simulating user login, computer equipment and storage medium
CN111177690A (en) * 2019-12-31 2020-05-19 中国工商银行股份有限公司 Two-dimensional code scanning login method and device
CN111177690B (en) * 2019-12-31 2022-07-05 中国工商银行股份有限公司 Two-dimensional code scanning login method and device
CN111861457B (en) * 2020-06-28 2023-02-21 中国银联股份有限公司 Payment token application method, device, system and server
WO2022001176A1 (en) * 2020-06-28 2022-01-06 中国银联股份有限公司 Method for applying for payment token, apparatus, system, and server
CN111861457A (en) * 2020-06-28 2020-10-30 中国银联股份有限公司 Payment token application method, device, system and server
CN113435898A (en) * 2021-07-09 2021-09-24 支付宝(杭州)信息技术有限公司 Data processing method and system
CN113435898B (en) * 2021-07-09 2022-06-14 支付宝(杭州)信息技术有限公司 Data processing method and system
CN113766496A (en) * 2021-08-30 2021-12-07 青岛海尔科技有限公司 Cross-platform binding method and system of intelligent equipment and related equipment
CN113766496B (en) * 2021-08-30 2024-01-26 青岛海尔科技有限公司 Cross-platform binding method and system for intelligent equipment and related equipment
WO2023030014A1 (en) * 2021-08-31 2023-03-09 青岛海尔科技有限公司 Method and system for binding smart device, and related device
CN113824618A (en) * 2021-09-16 2021-12-21 珠海格力电器股份有限公司 Cross-platform equipment network distribution method, second party platform and first party platform
CN113660100B (en) * 2021-10-21 2022-01-18 飞天诚信科技股份有限公司 Method, system and electronic equipment for generating soft token seed
CN113660100A (en) * 2021-10-21 2021-11-16 飞天诚信科技股份有限公司 Method, system and electronic equipment for generating soft token seed
CN114189362A (en) * 2021-11-23 2022-03-15 中国银联股份有限公司 Account login method, terminal, server, system and medium
CN114189362B (en) * 2021-11-23 2023-12-19 中国银联股份有限公司 Account login method, terminal, server, system and medium
CN114338224B (en) * 2022-01-17 2024-04-12 广东好太太智能家居有限公司 Cross-platform control method and system for intelligent hardware
CN114338224A (en) * 2022-01-17 2022-04-12 广东好太太智能家居有限公司 Intelligent hardware cross-platform control method and system
CN115412331A (en) * 2022-08-25 2022-11-29 聚好看科技股份有限公司 Application login method, electronic equipment and server
CN117240608A (en) * 2023-11-10 2023-12-15 腾讯科技(深圳)有限公司 Login authorization method, login authorization device, computer equipment and storage medium
CN117240608B (en) * 2023-11-10 2024-03-29 腾讯科技(深圳)有限公司 Login authorization method, login authorization device, computer equipment and storage medium

Also Published As

Publication number Publication date
WO2017067227A1 (en) 2017-04-27

Similar Documents

Publication Publication Date Title
CN105897668A (en) Third party account authorization method, device, server and system
US20220116372A1 (en) System and method for providing controlled application programming interface security
CN111131242B (en) Authority control method, device and system
US9548975B2 (en) Authentication method, authentication system, and service delivery server
US8719905B2 (en) Secure and efficient login and transaction authentication using IPhones™ and other smart mobile communication devices
CN104735066B (en) A kind of single-point logging method of object web page application, device and system
US8918853B2 (en) Method and system for automatic recovery from lost security token on embedded device
US10445487B2 (en) Methods and apparatus for authentication of joint account login
CN106716960B (en) User authentication method and system
WO2016188256A1 (en) Application access authentication method, system, apparatus and terminal
JP2015062129A (en) Flexible quasi-out-of-band authentication structure
CN102238007A (en) Method, device and system for acquiring session token of user by third-party application
JP2016521899A (en) Two-factor authentication
CN112769834A (en) Identity verification system, method and platform
CN106911714B (en) Mobile application single sign-on method based on interprocess communication for Android device
CN106953831A (en) A kind of authorization method of user resources, apparatus and system
CN106034134A (en) Method and device and auxiliary method and device for implementing identity authentication request in webpage application
US20220327536A1 (en) Account binding method and apparatus, computer device, and storage medium
CN105577619B (en) Client login method, client and system
CN107241329A (en) Account login process method and device
CA2844888A1 (en) System and method of extending a host website
CN106878244B (en) Authenticity certification information providing method and device
JP6737532B2 (en) Authentication method
CN113626840A (en) Interface authentication method and device, computer equipment and storage medium
CN112968892A (en) Information verification method, device, computing equipment and medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160824