CN107147647A - A kind of webpage authorization method and device - Google Patents

A kind of webpage authorization method and device Download PDF

Info

Publication number
CN107147647A
CN107147647A CN201710330301.4A CN201710330301A CN107147647A CN 107147647 A CN107147647 A CN 107147647A CN 201710330301 A CN201710330301 A CN 201710330301A CN 107147647 A CN107147647 A CN 107147647A
Authority
CN
China
Prior art keywords
webpage
target
information
user
authorized
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710330301.4A
Other languages
Chinese (zh)
Other versions
CN107147647B (en
Inventor
谢梓洪
黄友昆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710330301.4A priority Critical patent/CN107147647B/en
Publication of CN107147647A publication Critical patent/CN107147647A/en
Application granted granted Critical
Publication of CN107147647B publication Critical patent/CN107147647B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies

Landscapes

  • Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of webpage authorization method and device, the webpage authorization method includes:Webpage to be authorized acts on behalf of website information in acquisition webpage authorization requests, the logon information and target third-party application of webpage authorization requests carrying active user;According to the logon information and act on behalf of website information target spoke is determined from the token pool stored;The content of pages that website information obtains webpage to be authorized is acted on behalf of according to this;The webpage to be authorized is authorized according to the target spoke and content of pages.Above-mentioned webpage authorization method can realize the Authorized operation to the third-party application page faster, reduce the interaction times of both sides, and method is simple, safe.

Description

A kind of webpage authorization method and device
Technical field
The present invention relates to field of computer technology, more particularly to a kind of webpage authorization method and device.
Background technology
With developing rapidly for computer technology and Internet technology, internet has become people's daily life and work Essential part in work, user can obtain various info webs by internet, and various network moneys are understood in time News.
At present, when user browses the webpage of a certain products application, it usually needs by the login account of the products application and Password can just be browsed after being logged in, for different products applications, and user needs to register different accounts, bothers very much.Pin To this problem, products application can authorize some open platforms (open platform of such as social networking application) and obtain its web data Right so that user need to only register the account of application where the open platform, you can via the open platform browse it is various should With webpage, it is to avoid the registration and management of multiple accounts.
Specifically, when user by the application (namely current application) of certain open platform browse other application webpage (namely The webpage of third-party application) when, if third-party application webpage needs to access the personal information of current application, need after authorizing It can realize.Because web service, domain name are in third party, when user browses third-party application webpage, third-party application meeting To the open platform requests for page mandate, so that the third-party application webpage has the personal information for accessing user in current application Right, in this process, after the page authorization requests need to confirm via user, then entered by third-party application and open platform Go repeatedly interaction to exchange corresponding token for, the personal information of user is obtained by token calling interface, it is cumbersome, and The page authorization requests are easily kidnapped by criminal, so as to cause privacy of user to be revealed, security is low.
The content of the invention
It is an object of the invention to provide a kind of webpage authorization method and device, to solve the webpage of existing third-party application The technical problem that Authorized operation is cumbersome, security is low.
In order to solve the above technical problems, the embodiment of the present invention provides following technical scheme:
A kind of webpage authorization method, including:
Webpage authorization requests are obtained, the webpage authorization requests carry the logon information and target the 3rd of active user Webpage to be authorized acts on behalf of website information in Fang Yingyong;
According to the logon information and act on behalf of website information target spoke is determined from the token pool stored;
The content of pages that website information obtains webpage to be authorized is acted on behalf of according to described;
The webpage to be authorized is authorized according to the target spoke and content of pages.
In order to solve the above technical problems, the embodiment of the present invention also provides following technical scheme:
A kind of webpage authorization device, including:
First acquisition module, for obtaining webpage authorization requests, the webpage authorization requests carry logging in for active user Webpage to be authorized acts on behalf of website information in information and target third-party application;
Determining module, for according to the logon information and acting on behalf of website information target being determined from the token pool stored Token;
Second acquisition module, for acting on behalf of the content of pages that website information obtains webpage to be authorized according to described;
Authorization module, for being authorized according to the target spoke and content of pages to the webpage to be authorized.
Webpage authorization method and device of the present invention, by obtaining webpage authorization requests, the webpage authorization requests are taken Webpage to be authorized acts on behalf of website information in logon information with active user and target third-party application, afterwards, according to this Logon information determines target spoke with website information is acted on behalf of from the token pool stored, and acts on behalf of website information acquisition according to this The content of pages of webpage to be authorized, afterwards, is authorized according to the target spoke and content of pages to the webpage to be authorized, so that The Authorized operation to the third-party application page can be realized faster, the interaction times of both sides are reduced, and method is simple, safe.
Brief description of the drawings
Below in conjunction with the accompanying drawings, it is described in detail by the embodiment to the present invention, technical scheme will be made And other beneficial effects are apparent.
Fig. 1 is the schematic flow sheet of webpage authorization method provided in an embodiment of the present invention;
Fig. 2 a are the schematic flow sheet of webpage authorization method provided in an embodiment of the present invention;
Fig. 2 b are the block schematic illustration of webpage authoring system provided in an embodiment of the present invention;
Fig. 3 a are the structural representation of webpage authorization device provided in an embodiment of the present invention;
Fig. 3 b are the structural representation of another webpage authorization device provided in an embodiment of the present invention;
Fig. 4 is the structural representation of server provided in an embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on Embodiment in the present invention, the every other implementation that those skilled in the art are obtained under the premise of creative work is not made Example, belongs to the scope of protection of the invention.
The embodiment of the present invention provides a kind of webpage authorization method and device.It is described in detail individually below.It should be noted It is that the numbering of following examples is not intended as the restriction to embodiment preferred sequence.
First embodiment
The present embodiment will be described from the angle of webpage authorization device, and the webpage authorization device specifically can be as independent Entity realize that can also be integrated in other equipment, such as server to realize, the server can be multiple services Device it is integrated.
A kind of webpage authorization method, including:Webpage authorization requests are obtained, the webpage authorization requests carry stepping on for active user Webpage to be authorized acts on behalf of website information in land information and target third-party application, afterwards, according to the logon information and agency Website information determines target spoke from the token pool stored, and acts on behalf of the page that website information obtains webpage to be authorized according to this Face content, afterwards, is authorized according to the target spoke and content of pages to the webpage to be authorized.
As shown in figure 1, the idiographic flow of the webpage authorization method can be as follows:
S101, webpage authorization requests are obtained, the webpage authorization requests carry the logon information and target the of active user Webpage to be authorized acts on behalf of website information in tripartite's application.
In the present embodiment, the log-on message refers mainly to relevant information of the user in locally applied log in, and it can include Log in the contents such as environment, login account and logging status.The third-party application refers to the other application in addition to locally applied, its Generally there is different production firms from locally applied.To ensure security, each third-party application is both needed to carry locally applied Registered on the open platform of confession, registered third-party application can be entered by the application interface in open platform, its In, the open platform, which is mainly used in locally applied service being packaged into series of computation machine data-interface easy to identify, to be opened to Go, used for the developer of third-party application.This is acted on behalf of website information and referred to via locally applied server (local service Device) agency after URL (Uniform Resource Locator, URL), it is standard resource on internet Address, every URL can comprising the information such as agreement, server name, domain name, path and filename, wherein, the server name refers to Be the name being allocated when the third-party application is registered on an open platform, the domain name refers to the open platform to relevant pipe The web site name of certification authority's application is managed, what the path and filename were indicated is service of the webpage to be authorized in third-party application Storage location in device (third-party server).
Specifically, when user has logged in locally applied in terminal, and needing by locally applied browsing objective third party The webpage to be authorized of application, such as click on good friend's forwarding or the article link shared is to browse during this article content, and terminal can be with The webpage authorization requests are generated, and by the webpage authorization requests via special channel, such as WNS (Wireless Network Service, Venus), it is a kind of to provide high connection, highly reliable, strong safe network connection channel service for Mobile solution, pass Home server is delivered to, without the transfer by Virtual network operator, disabled user is farthest reduced and user is stepped on The abduction of information is recorded, it is safe.
It is pointed out that this act on behalf of domain name structure in website information can by least two different stages domain name structure Can include English alphabet and/or numeral into, each domain name, be separated between domain name and domain name with putting, rightmost it is referred to as top Domain name, is followed by second level domain, and the lower writing position of rank more keeps left, such as:Three-level domain name second level domain TLDs Name, wherein, the TLD is international, such as China is cn, and the U.S. is us etc., and the domain name of remaining rank can basis Actual demand is artificially set, such as, and the second level domain can be set to urlshare.
S102, according to the logon information and act on behalf of website information target spoke is determined from the token pool stored.
In the present embodiment, the token in the token pool is mainly used in the interface for calling open platform to be provided, and it can be wrapped Include interface type and call the contents such as password, the number of ports amount and type that each token is called can according to the actual requirements and It is fixed.
For example, the logon information can include targeted customer's mark and logging status, now, above-mentioned steps S102 specifically may be used With including:
Judge whether the logging status meets preparatory condition;
If so, then from this act on behalf of website information in extract the application identities of the target third-party application, obtaining target should With mark;
Search and identified with the intended application and the corresponding token of targeted customer's mark from the token pool stored, as Target spoke.
In the present embodiment, user mark is unique identity of the user in locally applied, and it can be that user exists During locally applied upper registration, string number and/or letter that home server is distributed automatically.The Entered state can include effective Log in and log in two kinds with invalid, generally, when User logs in is unsuccessful, such as login account and password are mismatched, or for a long time When causing the account to exit state of activation without operation, the logging status can indicate it is invalid log in, and when User logs in success and When account is active, the logging status can indicate effectively to log in.The preparatory condition can according to the actual requirements depending on, than Such as can be:The logging status indicates effectively to log in.The application identities are unique identification of the third-party application in open platform Mark, it can show as the forms such as character string or Apply Names, when some third-party application is registered on an open platform, Home server can generate the application identities of the third-party application at random or according to certain rule.
If specifically, the Entered state logs in be invalid, user can be pointed out to log in again, to update logging status. If the logging status is effective login, specified location that can first from website information is acted on behalf of, such as where server name Position, extracts intended application mark, the lookup pair from token pool further according to intended application mark and targeted customer's mark The token answered.
It is to be understood that the method for token is searched from token pool can a variety of, such as, can be simultaneously according to target User is identified and intended application mark is searched, now, and what is set up in token pool is targeted customer's mark, intended application mark Incidence relation between target spoke this three, or, it would however also be possible to employ the mode that substep is searched, such as first used according to target Family mark (or intended application mark) is searched comprehensively, to reduce the scope, then in a small range further according to intended application mark Know (or targeted customer's mark) and carry out quadratic search, now, what is set up in token pool is intended application mark and targeted customer's mark Between knowledge and targeted customer mark (or intended application mark) corresponding relation between target spoke.Actual application In, the target spoke should store good in advance, that is, being identified being searched from the token pool stored with the intended application And before the corresponding token of targeted customer's mark, the webpage authorization method can also include:
The incoming instruction of the target third-party application is obtained, the incoming instruction is identified including intended application;
The user's identification sets stored are obtained, user's identification sets are identified including at least one user;
Corresponding token, one order of each user's mark correspondence are generated according to each user mark and intended application mark Board;
The token of generation is stored in token pool.
In the present embodiment, user's identification sets can include it is locally applied in all registered users user mark, its Including targeted customer mark.When there is new third-party application to succeed in registration on an open platform every time, home server is equal The incoming instruction can be generated, thus according to the incoming instruction by the application identities of new third-party application and each it is registered use User's mark at family is combined, and is stored according to the corresponding token of each combination producing in token pool, so that follow-up is looked into Look for a job.Certainly, the storage mode of token can be random storage in the token pool, can also follow certain storage rule, than The token for belonging to same third-party application can be such as stored in same region, or, it can also will belong to same user's Token is stored in same region, etc..
It is pointed out that because the target spoke is to identify generation according to targeted customer's mark and intended application, That is, for same application, the token that different users is possessed be it is different, it is different for same user It is also different using corresponding token, this way it is possible to avoid illegal molecule kidnaps the token of validated user to obtain user Private data, it is safe.
S103, the content of pages that website information obtains webpage to be authorized is acted on behalf of according to this.
For example, above-mentioned steps S103 can specifically include:
Website information is acted on behalf of according to this and determines intended application address and target web address;
Target third-party application is entered according to the intended application address;
The content of pages of webpage to be authorized is obtained from the target third-party application according to the target web address.
In the present embodiment, the intended application address refers mainly to enter via open platform the ground of the target third-party application Location, it typically is the address acted on behalf of in website information pointed by server name and domain name.The target web address refer mainly to via The target third-party application enters the address of the webpage to be authorized, and it typically is acting on behalf of, path and filename in website information are signified To address., it is necessary to be parsed using name server to the domain name in actual application, corresponding IP is obtained (Internet Protocol, Internet protocol) address, according to IP address enter the open platform, then according to server name from The open platform enters target third-party application.
S104, according to the target spoke and content of pages the webpage to be authorized is authorized.
For example, above-mentioned steps S104 can specifically include:
The target spoke is injected in the content of pages, to be authorized to the webpage to be authorized.
In the present embodiment, the implementation of the implant operation can have a variety of, such as formula script of literal translating Javascript injections, SQL (Structured Query Language, SQL) injection, etc., specifically may be used Depending on according to the actual requirements.The purpose of the implant operation be mainly make this treat authorization page have call mesh on the open platform The ability of the interface corresponding to token is marked, user can call this to connect by clicking on the relevant icon after the injection on the page Mouthful, so as to obtain the good friend of the related data in home server, such as the cell-phone number of user account, user's registration and user The data such as information, this implant operation is that can be achieved without the participation of third-party server, greatly reduces mandate complexity, side Method is simple.
, can also be by other information it should be noted that in addition to target spoke, such as stepping in user login information In the environment injection page of land, this, which logs in environment, can include application version information, running environment information and/or terminal system version Information etc..After injecting successfully, home server can just provide the user suitable functional interface according to these information, such as Payment interface.Certainly, because the second level domain of same open platform can be taken back to a domain name, such as urlshare.cn, Therefore the less demanding functional interface of privacy in home server directly can also be opened to this domain name, such as vibrations, sectional drawing point The interface such as enjoy, namely the recalls information of these functional interfaces can be injected in the page according to domain name, so that the page has more More more flexible interface authority, improves Consumer's Experience.
In addition, the webpage to be authorized after mandate is once opened, just have the right to call relevant interface to obtain local service The private data of the user of this in device, that is, after the target spoke is injected in the content of pages, the webpage authorization method is also It can include:
Send after the injection page to be shown to terminal;
The user profile acquisition for receiving browse operation generation of the terminal according to active user after the injection on the page please Ask, the user profile obtains request and carries the target spoke and logon information;
Targeted customer's information is determined according to the target spoke and logon information;
Targeted customer's information is sent to the terminal.
In the present embodiment, the browse operation can include the operation such as sharing, comment on or forward, and user can be by clicking on this Related key after injection on the page realizes the browse operation, wherein, each button all points to one in preset interface storehouse Preset interface, each preset interface is connected with home server.Targeted customer's information mainly includes institute in home server The information relevant with active user of storage, such as friend information, personal information, balance amount information of user etc..
For example, above-mentioned steps " determining targeted customer's information according to the target spoke and logon information " can specifically include:
Target preset interface is determined from preset interface storehouse according to the target spoke;
The user profile of active user is obtained from target preset interface according to the logon information, is believed as targeted customer Breath.
In the present embodiment, the preset interface in the preset interface storehouse is mainly the interface provided on open platform, and it can be with Depending on according to the actual requirements, such as it can include friend information interface, personal information interface, wallet payment interface etc..Specifically, To avoid illegal molecule from obtaining user profile by kidnapping the target spoke come invocation target preset interface, target can utilized Preset interface is obtained before user profile, first verifies whether active user is legal, namely needs to judge current according to logon information Whether the login of user is effective, and in the case where logging in effectively, targeted customer's mark and target spoke matched, matched It is successful then assert it is legal, could further using target preset interface obtain user profile.
From the foregoing, the webpage authorization method that the present embodiment is provided, by obtaining webpage authorization requests, the webpage mandate The logon information and webpage to be authorized in target third-party application that request carries active user act on behalf of website information, afterwards, Target spoke is determined with website information is acted on behalf of from the token pool stored according to the logon information, and network address letter is acted on behalf of according to this Breath obtains the content of pages of webpage to be authorized, and afterwards, the webpage to be authorized is awarded according to the target spoke and content of pages Power, so as to the faster Authorized operation realized to the third-party application page, reduces the interaction times of both sides, method is simple, peace Quan Xinggao.
Second embodiment
Citing, is described in further detail by the method according to described by embodiment one below.
In the present embodiment, will be integrated in the server with webpage authorization device, the server is exemplified by home server It is described in detail.
As shown in Figure 2 a, a kind of webpage authorization method, idiographic flow can be as follows:
S201, server obtain the incoming instruction of target third-party application, and the incoming instruction is identified including intended application.
For example, as target third-party application APPj, can be with when being succeeded in registration on the open platform that home server is provided Automatically generate this and apply incoming instruction.
S202, server obtain the user's identification sets stored according to the incoming instruction, and user's identification sets are included at least One user's mark.
For example, user's identification sets { U1、U2…UnCan for all registered users in locally applied user account Collection, it can be stored in the user information database of home server.
S203, server are identified and the corresponding token of intended application mark generation according to each user, and by the order of generation Board is stored in token pool, each user's mark one token of correspondence.
For example, the registered third-party application on open platform can include { APP1、APP2…APPm, j ∈ (1,2 ... m).Token in the token pool is mainly used in the interface for calling open platform to be provided, and it can include interface type and call The contents such as password.Each token can be generated according to each registered third-party application and user account, and be deposited according to certain Storage rule is stored, such as same region can be stored in by belonging to the token of same third-party application, or, belong to same The token of user can be stored in same region, etc..
S204, server obtain webpage authorization requests, the webpage authorization requests carry active user logon information and Webpage to be authorized acts on behalf of website information in the target third-party application.
For example, when user wants the browsing objective third-party application APP on locally appliedjWebpage to be authorized, such as point Hit the article link http that good friend shares:https://{appid}.urlshare.cn/home_ proxy=1 (namely this acts on behalf of network address Information) to browse during this article content, terminal can generate the webpage authorization requests, now, refer to Fig. 2 b, the webpage mandate Request can be sent to the open platform of home server via WNS, and be supplied to authentication backstage to be authenticated by open platform, Urlshare.cn is the domain name of open platform, home_ proxy=1 is the storage location of webpage to be authorized.
S205, the logon information include targeted customer and identified and logging status, and server judges whether the logging status is full Sufficient preparatory condition, if so, following step S206~S209 is then performed, if it is not, can then point out user to log in again.
For example, the targeted customer is designated Ui, i ∈ (1,2 ... n).The Entered state can include effectively log in it is invalid Two kinds are logged in, the preparatory condition can be:The logging status indicates effectively to log in.As user UiLog in successfully and account is in and swashed During state living, authentication backstage, which can be determined that, meets preparatory condition, otherwise can be determined that and is unsatisfactory for preparatory condition, and points out user Ui Again log in, to update logging status.
S206, server from this act on behalf of website information in extract the application identities of the target third-party application, obtain mesh Mark application identities.
For example, if authentication backstage judges that the Entered state meets preparatory condition, it is considered that user UiThis is waited to authorize The browse operation of webpage is legal, now, authenticates the APP that backstage will can be acted on behalf of in website informationjIt is defined as intended application Mark.
S207, server search order corresponding with intended application mark and targeted customer's mark from the token pool Board, is used as target spoke.
For example, authentication backstage can be according to APPjAnd UiTarget spoke is searched in token pool, the lookup can be that substep enters Capable, such as first according to APPjCorresponding multiple tokens are found, target spoke is then found from multiple tokens according to Ui.
S208, server act on behalf of website information according to this and determine intended application address and target web address.
For example, can be by { APPj.urlshare.cn is defined as intended application address, by home_ proxy=1 is determined For target web address.
S209, server enter target third-party application according to the intended application address, and according to the target web address The content of pages of webpage to be authorized is obtained from the target third-party application.
For example, can be according to { APPj.urlshare.cn finds the application of target third-party application on the open platform and connects Mouthful, and the target third-party application is entered by the application interface, afterwards, pass through home_ proxy=1 is obtained from the application interface Take corresponding content of pages.
It should be noted that above-mentioned steps S206~S207 and S208~S209 has no clear and definite priority execution sequence, its It can carry out simultaneously.
S210, server inject the target spoke in the content of pages, and send after the injection page to enter to terminal Row display.
For example, open platform can also obtain the not high functional interface of some privacy (such as vibrations, sectional drawing are shared) Recalls information, target spoke and these recalls informations are injected in content of pages by Javascript, so as to not endanger In the case of evil user security, make the page that there are more more flexible interface authorities, complete full page licensing process.
S211, server receive the user that the terminal is generated according to browse operation of the active user after the injection on the page Information acquisition request, the user profile obtains request and carries the target spoke and logon information.
For example, can by clicking on the related key after the injection on the page in terminal, such as share button, comment on by Key or forwarding button etc., APP is carried to generatejWith logon information (including UiAnd Entered state) user profile obtain request, And send this request to open platform.
S212, server determine target preset interface according to the target spoke from preset interface storehouse, and are logged according to this Information obtains the user profile of active user from target preset interface, as targeted customer's information, afterwards by the targeted customer Information is sent to the terminal.
For example, after open platform is verified according to the logon information to user's progress legitimacy, the target can be called The corresponding target preset interface of token obtains user U from user information databaseiRelevant information, such as friend information, personal letter Breath or balance amount information etc., afterwards, can send this information to the terminal.
From the foregoing, the webpage authorization method that the present embodiment is provided, wherein server can obtain and apply incoming instruction, This carries the application identities of third-party application to be accessed using incoming instruction, and obtains what is stored using incoming instruction according to this User's identification sets, user's identification sets are identified including at least one user, then, according to each user mark and the to be accessed 3rd Fang Yingyong application identities generate corresponding token, and the token of generation is stored in token pool, each user's mark correspondence One token, so as to complete the establishment of token pool, afterwards, server can obtain webpage authorization requests, the webpage authorization requests The logon information and webpage to be authorized for carrying active user act on behalf of website information, and the webpage to be authorized belongs to target the Tripartite applies, and the logon information includes the targeted customer's mark and logging status of active user, afterwards, judges that the logging status is It is no to meet preparatory condition, if so, then from this act on behalf of website information in extract the application identities of the target third-party application, obtain Intended application is identified, and is searched and intended application mark and the corresponding token of targeted customer's mark, work from the token pool For target spoke, at the same time, server can act on behalf of website information with determining intended application address and target web according to this Location, and target third-party application is entered according to the intended application address, afterwards according to the target web address acquisition target the The content of pages of webpage to be authorized, then, the target spoke is injected in the content of pages, to wait to authorize to this in tripartite's application Webpage is authorized, and sends after the injection to terminal that the page is to be shown, afterwards, receives the terminal according to user in the note Enter on the rear page browse operation generation user profile obtain request, the user profile obtain request carry the target spoke and Targeted customer is identified, then, and target preset interface is determined from preset interface storehouse according to the target spoke, and pre- using the target If interface obtains targeted customer and identifies corresponding user profile, so as to reduce terminal, home server and third-party server Between interaction times, the faster Authorized operation realized to the third-party application page, method is simple, and can avoid as far as possible User profile is safe by the abduction of criminal.
3rd embodiment
Method according to described by embodiment one and embodiment two, the present embodiment will enter one from the angle of webpage authorization device Step is described, the webpage authorization device can with it is integrated in the server.
Fig. 3 a are referred to, the webpage authorization device of third embodiment of the invention offer is had been described in detail in Fig. 3 a, and it can be wrapped Include:First acquisition module 10, determining module 20, the second acquisition module 30 and authorization module 40, wherein:
(1) first acquisition module 10
First acquisition module 10, for obtaining webpage authorization requests, the webpage authorization requests carry logging in for active user Webpage to be authorized acts on behalf of website information in information and target third-party application.
In the present embodiment, the log-on message refers mainly to relevant information of the user in locally applied log in, and it can include Log in the contents such as environment, login account and logging status.The third-party application refers to the other application in addition to locally applied, its Generally there is different production firms from locally applied.To ensure security, each third-party application is both needed to carry locally applied Registered on the open platform of confession, registered third-party application can be entered by the application interface in open platform, its In, the open platform, which is mainly used in locally applied service being packaged into series of computation machine data-interface easy to identify, to be opened to Go, used for the developer of third-party application.This is acted on behalf of website information and referred to via locally applied server (local service Device) agency after URL (Uniform Resource Locator, URL), it is standard resource on internet Address, every URL can comprising the information such as agreement, server name, domain name, path and filename, wherein, the server name refers to Be the name being allocated when the third-party application is registered on an open platform, the domain name refers to the open platform to relevant pipe The web site name of certification authority's application is managed, what the path and filename were indicated is service of the webpage to be authorized in third-party application Storage location in device (third-party server).
Specifically, when user has logged in locally applied in terminal, and needing by locally applied browsing objective third party The webpage to be authorized of application, such as click on good friend's forwarding or the article link shared is to browse during this article content, and terminal can be with The webpage authorization requests are generated, and by the webpage authorization requests via special channel, such as WNS (Wireless Network Service, Venus), it is a kind of to provide high connection, highly reliable, strong safe network connection channel service for Mobile solution, pass Home server is delivered to, without the transfer by Virtual network operator, disabled user is farthest reduced and user is stepped on The abduction of information is recorded, it is safe.
It is pointed out that this act on behalf of domain name structure in website information can by least two different stages domain name structure Can include English alphabet and/or numeral into, each domain name, be separated between domain name and domain name with putting, rightmost it is referred to as top Domain name, is followed by second level domain, and the lower writing position of rank more keeps left, such as:Three-level domain name second level domain TLDs Name, wherein, the TLD is international, such as China is cn, and the U.S. is us etc., and the domain name of remaining rank can basis Actual demand is artificially set, such as, and the second level domain can be set to urlshare.
(2) determining module 20
Determining module 20, for according to the logon information and acting on behalf of website information target being determined from the token pool stored Token.
In the present embodiment, the token in the token pool is mainly used in the interface for calling open platform to be provided, and it can be wrapped Include interface type and call the contents such as password, the number of ports amount and type that each token is called can according to the actual requirements and It is fixed.
For example, referring to Fig. 3 b, the logon information can include targeted customer's mark and logging status, now, the determination Module 20 can specifically include judging submodule 21, extracting sub-module 22 and search submodule 23, wherein:
Judging submodule 21, for judging whether the logging status meets preparatory condition;
Extracting sub-module 22, for if so, then from this act on behalf of website information in extract the target third-party application should With mark, intended application mark is obtained;
Submodule 23 is searched, is marked for being searched from the token pool stored with intended application mark and targeted customer Know corresponding token, be used as target spoke.
In the present embodiment, user mark is unique identity of the user in locally applied, and it can be that user exists During locally applied upper registration, string number and/or letter that home server is distributed automatically.The Entered state can include effective Log in and log in two kinds with invalid, generally, when User logs in is unsuccessful, such as login account and password are mismatched, or for a long time When causing the account to exit state of activation without operation, the logging status can indicate it is invalid log in, and when User logs in success and When account is active, the logging status can indicate effectively to log in.The preparatory condition can according to the actual requirements depending on, than Such as can be:The logging status indicates effectively to log in.The application identities are unique identification of the third-party application in open platform Mark, it can show as the forms such as character string or Apply Names, when some third-party application is registered on an open platform, Home server can generate the application identities of the third-party application at random or according to certain rule.
If specifically, the Entered state logs in be invalid, it is determined that module 20 can point out user to log in again, to update Logging status.If the logging status is effective login, the specific bit that extracting sub-module 22 can first from website information is acted on behalf of Put, such as the position where server name, extract intended application mark, search submodule 23 further according to the intended application mark Know and targeted customer's mark searches corresponding token from token pool.
Can have a variety of it is to be understood that searching submodule 23 and the method for token being searched from token pool, such as, can be with Simultaneously according to targeted customer mark and intended application mark searched, now, set up in token pool be targeted customer mark, Intended application identifies the incidence relation between target spoke this three, or, it would however also be possible to employ the mode that substep is searched, such as First (or intended application mark) is identified according to targeted customer searched comprehensively, to reduce the scope, then in a small range root again (or targeted customer's mark) is identified according to intended application and carries out quadratic search, and now, what is set up in token pool is intended application mark Between being identified targeted customer and targeted customer mark (or intended application mark) corresponding relation between target spoke. In actual application, the target spoke should store good in advance, that is, the webpage authorization device can also include storage Module 50, is used for:
Search and marked with intended application mark and targeted customer from the token pool stored in the lookup submodule 23 Know before corresponding token, obtain the incoming instruction of the target third-party application, the incoming instruction is identified including intended application;
The user's identification sets stored are obtained, user's identification sets are identified including at least one user;
Corresponding token, one order of each user's mark correspondence are generated according to each user mark and intended application mark Board;
The token of generation is stored in token pool.
In the present embodiment, user's identification sets can include it is locally applied in all registered users user mark, its Including targeted customer mark.When there is new third-party application to succeed in registration on an open platform every time, home server is equal The incoming instruction can be generated, thus memory module 50 according to the incoming instruction by application identities of new third-party application and each User's mark of position registered users is combined, and is stored according to the corresponding token of each combination producing in token pool, with The searching work continued after an action of the bowels.Certainly, the storage mode of token can be random storage in the token pool, can also follow and necessarily deposit The token for belonging to same third-party application, such as can be stored in same region by storage rule, or, it will can also belong to same The token of one user is stored in same region, etc..
It is pointed out that because the target spoke is to identify generation according to targeted customer's mark and intended application, That is, for same application, the token that different users is possessed be it is different, it is different for same user It is also different using corresponding token, this way it is possible to avoid illegal molecule kidnaps the token of validated user to obtain user Private data, it is safe.
(3) second acquisition modules 30
Second acquisition module 30, for acting on behalf of the content of pages that website information obtains webpage to be authorized according to this.
For example, second acquisition module 30 specifically can be used for:
Website information is acted on behalf of according to this and determines intended application address and target web address;
Target third-party application is entered according to the intended application address;
The content of pages of webpage to be authorized is obtained from the target third-party application according to the target web address.
In the present embodiment, the intended application address refers mainly to enter via open platform the ground of the target third-party application Location, it typically is the address acted on behalf of in website information pointed by server name and domain name.The target web address refer mainly to via The target third-party application enters the address of the webpage to be authorized, and it typically is acting on behalf of, path and filename in website information are signified To address.In actual application, the second acquisition module 30 needs to parse the domain name using name server, obtains Corresponding IP (Internet Protocol, Internet protocol) address, enters the open platform, then according to clothes according to IP address Device name of being engaged in enters target third-party application from the open platform.
(4) authorization module 40
Generation module 40, for being authorized according to the target spoke and content of pages to the webpage to be authorized.
For example, the authorization module 40 specifically can be used for:
The target spoke is injected in the content of pages, to be authorized to the webpage to be authorized.
In the present embodiment, the implementation of the implant operation can have a variety of, such as formula script of literal translating Javascript injections, SQL (Structured Query Language, SQL) injection, etc., specifically may be used Depending on according to the actual requirements.The purpose of the implant operation be mainly make this treat authorization page have call mesh on the open platform The ability of the interface corresponding to token is marked, user can call this to connect by clicking on the relevant icon after the injection on the page Mouthful, so as to obtain the good friend of the related data in home server, such as the cell-phone number of user account, user's registration and user The data such as information, this implant operation is that can be achieved without the participation of third-party server, greatly reduces mandate complexity, side Method is simple.
It should be noted that in addition to target spoke, authorization module 40 can also be by other information, such as User logs in Logging in the environment injection page in information, this, which logs in environment, can include application version information, running environment information and/or end End system version information etc..After injecting successfully, home server can just provide the user suitable work(according to these information Can interface, such as payment interface.Certainly, because the second level domain of same open platform can be taken back to a domain name, such as Urlshare.cn, therefore the less demanding functional interface of privacy in home server directly can also be opened to this domain name, such as Vibrations, sectional drawing such as share at the interface, namely can inject the recalls information of these functional interfaces in the page according to domain name, so that The page has more more flexible interface authorities, improves Consumer's Experience.
In addition, the webpage to be authorized after mandate is once opened, just have the right to call relevant interface to obtain local service The private data of the user of this in device, that is, the webpage authorization device can also include the 3rd acquisition module 60, is used for:
After the authorization module 40 injects the target spoke in the content of pages, the page after the injection is sent to terminal To be shown;
The user profile acquisition for receiving browse operation generation of the terminal according to active user after the injection on the page please Ask, the user profile obtains request and carries the target spoke and logon information;
Target preset interface is determined from preset interface storehouse according to the target spoke;
The user profile of active user is obtained from target preset interface according to the logon information.
In the present embodiment, the browse operation can include the operation such as sharing, comment on or forward, and user can be by clicking on this Related key after injection on the page realizes the browse operation, wherein, each button all points to one in preset interface storehouse Preset interface, each preset interface is connected with home server.The user profile mainly includes being stored in home server The information relevant with user, such as friend information, personal information, the balance amount information of user etc..It is pre- in the preset interface storehouse If interface is mainly the interface provided on open platform, its can according to the actual requirements depending on, such as can include friend information Interface, personal information interface, wallet payment interface etc..Specifically, to avoid illegal molecule by kidnapping the target spoke to adjust With target preset interface obtain user profile, the 3rd acquisition module 60 can using target preset interface obtain user profile it Before, first verify whether active user is legal, namely need to judge whether the login of active user effective according to logon information, and In the case of logging in effectively, targeted customer's mark and target spoke are matched, the match is successful then assert legal, can just enter one Step obtains user profile using target preset interface.
It when it is implemented, above unit can be realized as independent entity, can also be combined, be made Realized for same or several entities, the specific implementation of above unit can be found in embodiment of the method above, herein not Repeat again.
From the foregoing, the webpage authorization device that the present embodiment is provided, webpage mandate is obtained by the first acquisition module 10 The generation of webpage to be authorized in request, the logon information and target third-party application of webpage authorization requests carrying active user Website information is managed, afterwards, determining module 20 is according to the logon information and acts on behalf of website information and is determined from the token pool stored Target spoke, the second acquisition module 30 acts on behalf of the content of pages that website information obtains webpage to be authorized according to this, afterwards, authorizes mould Block 40 is authorized according to the target spoke and content of pages to the webpage to be authorized, should to third party so as to faster realize With the Authorized operation of the page, the interaction times of both sides are reduced, method is simple, safe.
Fourth embodiment
Accordingly, the embodiment of the present invention also provides a kind of webpage authoring system, including times that the embodiment of the present invention is provided A kind of webpage authorization device, the webpage authorization device can with it is integrated in the server.
Wherein, server can obtain webpage authorization requests, the logon information of webpage authorization requests carrying active user, And webpage to be authorized acts on behalf of website information in target third-party application;According to the logon information and acting on behalf of website information from Target spoke is determined in the token pool of storage;The content of pages that website information obtains webpage to be authorized is acted on behalf of according to this;According to this Target spoke and content of pages are authorized to the webpage to be authorized.
The specific implementation of each equipment can be found in embodiment above above, will not be repeated here.
By the webpage authoring system can include any webpage authorization device that the embodiment of the present invention is provided, because This, it is possible to achieve the beneficial effect achieved by any webpage authorization device that the embodiment of the present invention is provided, refer to before Embodiment, will not be repeated here.
5th embodiment
The embodiment of the present invention also provides a kind of server, as shown in figure 4, it illustrates the clothes involved by the embodiment of the present invention The structural representation of business device, specifically:
The server can include one or processor 701, one or more meters of more than one processing core Memory 702, radio frequency (Radio Frequency, RF) circuit 703, power supply 704, the input block of calculation machine readable storage medium storing program for executing The part such as 705 and display unit 706.It will be understood by those skilled in the art that the server architecture shown in Fig. 4 not structure The restriction of paired server, can include than illustrating more or less parts, either combine some parts or different portions Part is arranged.Wherein:
Processor 701 is the control centre of the server, utilizes each of various interfaces and the whole server of connection Part, by operation or performs and is stored in software program and/or module in memory 702, and calls and be stored in memory Data in 702, the various functions and processing data of execute server, so as to carry out integral monitoring to server.Optionally, locate Reason device 701 may include one or more processing cores;It is preferred that, processor 701 can integrated application processor and modulatedemodulate mediate Device is managed, wherein, application processor mainly handles operating system, user interface and application program etc., and modem processor is main Handle radio communication.It is understood that above-mentioned modem processor can not also be integrated into processor 701.
Memory 702 can be used for storage software program and module, and processor 701 is stored in memory 702 by operation Software program and module, so as to perform various function application and data processing.Memory 702 can mainly include storage journey Sequence area and storage data field, wherein, the application program (ratio that storing program area can be needed for storage program area, at least one function Such as sound-playing function, image player function) etc.;Storage data field can be stored uses created data according to server Deng.In addition, memory 702 can include high-speed random access memory, nonvolatile memory can also be included, for example, at least One disk memory, flush memory device or other volatile solid-state parts.Correspondingly, memory 702 can also include Memory Controller, to provide access of the processor 701 to memory 702.
RF circuits 703 can be used for during receiving and sending messages, the reception and transmission of signal, especially, by the descending letter of base station After breath is received, transfer to one or more than one processor 701 is handled;In addition, being sent to base station by up data are related to.It is logical Often, RF circuits 703 include but is not limited to antenna, at least one amplifier, tuner, one or more oscillators, user identity Module (SIM) card, transceiver, coupler, low-noise amplifier (LNA, Low Noise Amplifier), duplexer etc..This Outside, RF circuits 703 can also be communicated by radio communication with network and other equipment.The radio communication can use any communication Standard or agreement, including but not limited to global system for mobile communications (GSM, Global System of Mobile Communication), general packet radio service (GPRS, General Packet Radio Service), CDMA (CDMA, Code Division Multiple Access), WCDMA (WCDMA, Wideband Code Division Multiple Access), Long Term Evolution (LTE, Long Term Evolution), Email, short message clothes It is engaged in (SMS, Short Messaging Service) etc..
Server also includes the power supply 704 (such as battery) powered to all parts, it is preferred that power supply 704 can pass through Power-supply management system and processor 701 are logically contiguous, so as to realize management charging, electric discharge, Yi Jigong by power-supply management system The functions such as consumption management.Power supply 704 can also include one or more direct current or AC power, recharging system, power supply The random component such as failure detector circuit, power supply changeover device or inverter, power supply status indicator.
The server may also include input block 705, and the input block 705 can be used for the numeral for receiving input or character letter Breath, and generation is set with user and function control is relevant keyboard, mouse, action bars, optics or trace ball signal are defeated Enter.Specifically, in a specific embodiment, input block 705 may include touch sensitive surface and other input equipments.It is touch-sensitive Surface, also referred to as touch display screen or Trackpad, collecting touch operation of the user on or near it, (such as user uses The operation of any suitable object such as finger, stylus or annex on touch sensitive surface or near touch sensitive surface), and according to advance The formula of setting drives corresponding attachment means.Optionally, touch sensitive surface may include touch detecting apparatus and touch controller two Individual part.Wherein, touch detecting apparatus detects the touch orientation of user, and detects the signal that touch operation is brought, and signal is passed Give touch controller;Touch controller receives touch information from touch detecting apparatus, and is converted into contact coordinate, then Give processor 701, and the order sent of reception processing device 701 and can be performed.Furthermore, it is possible to using resistance-type, electric capacity The polytypes such as formula, infrared ray and surface acoustic wave realize touch sensitive surface.Except touch sensitive surface, input block 705 can also be wrapped Include other input equipments.Specifically, other input equipments can include but is not limited to physical keyboard, function key (such as volume control Button processed, switch key etc.), trace ball, mouse, the one or more in action bars etc..
The server may also include display unit 706, the display unit 706 can be used for the information that is inputted by user of display or Be supplied to the information of user and the various graphical user interface of server, these graphical user interface can by figure, text, Icon, video and its any combination are constituted.Display unit 706 may include display panel, optionally, can use liquid crystal display Device (LCD, Liquid Crystal Display), Organic Light Emitting Diode (OLED, Organic Light-Emitting ) etc. Diode form configures display panel.Further, touch sensitive surface can cover display panel, when touch sensitive surface is detected After touch operation on or near it, processor 701 is sent to determine the type of touch event, with the basis of preprocessor 701 The type of touch event provides corresponding visual output on a display panel.Although in Fig. 4, touch sensitive surface is with display panel Input and input function are realized as two independent parts, but in some embodiments it is possible to by touch sensitive surface with showing Show panel integrated and realize input and output function.
Although not shown, server can also include camera, bluetooth module etc., will not be repeated here.Specifically in this reality Apply in example, the processor 701 in server can be according to following instruction, by the process pair of one or more application program The executable file answered is loaded into memory 702, and the application journey being stored in memory 702 is run by processor 701 Sequence, so that various functions are realized, it is as follows:
Webpage authorization requests are obtained, the webpage authorization requests carry logon information and the target third party of active user Webpage to be authorized acts on behalf of website information in;
According to the logon information and act on behalf of website information target spoke is determined from the token pool stored;
The content of pages that website information obtains webpage to be authorized is acted on behalf of according to this;
The webpage to be authorized is authorized according to the target spoke and content of pages.
The server can be realized effective achieved by any webpage authorization device that the embodiment of the present invention is provided Effect, refers to embodiment above, will not be repeated here.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can To instruct the hardware of correlation to complete by program, the program can be stored in a computer-readable recording medium, storage Medium can include:Read-only storage (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc..
A kind of webpage authorization method for being there is provided above the embodiment of the present invention, device and system are described in detail, Specific case used herein is set forth to the principle and embodiment of the present invention, and the explanation of above example is to use Understand the method and its core concept of the present invention in help;Simultaneously for those skilled in the art, the think of according to the present invention Think, will change in specific embodiments and applications, in summary, this specification content should not be construed as pair The limitation of the present invention.

Claims (14)

1. a kind of webpage authorization method, it is characterised in that including:
Webpage authorization requests are obtained, the webpage authorization requests carry the logon information of active user and target third party should Webpage to be authorized acts on behalf of website information in;
According to the logon information and act on behalf of website information target spoke is determined from the token pool stored;
The content of pages that website information obtains webpage to be authorized is acted on behalf of according to described;
The webpage to be authorized is authorized according to the target spoke and content of pages.
2. webpage authorization method according to claim 1, it is characterised in that the logon information is identified including targeted customer And logging status, it is described according to the logon information and to act on behalf of website information target spoke is determined from the token pool stored, Including:
Judge whether the logging status meets preparatory condition;
If so, then from it is described act on behalf of website information in extract the application identities of the target third-party application, obtaining target should With mark;
Search and identified with the intended application and the corresponding token of targeted customer's mark from the token pool stored, be used as mesh Mark token.
3. webpage authorization method according to claim 2, it is characterised in that searched and institute from the token pool stored State intended application mark and before targeted customer identifies corresponding token, in addition to:
The incoming instruction of the target third-party application is obtained, the incoming instruction is identified including intended application;
The user's identification sets stored are obtained, user's identification sets are identified including at least one user;
Corresponding token, each user's mark one token of correspondence are generated according to each user mark and intended application mark;
The token of generation is stored in token pool.
4. webpage authorization method according to claim 1, it is characterised in that described to be obtained according to the website information of acting on behalf of The content of pages of webpage to be authorized, including:
Intended application address and target web address are determined according to the website information of acting on behalf of;
Target third-party application is entered according to the intended application address;
The content of pages of webpage to be authorized is obtained from the target third-party application according to the target web address.
5. the webpage authorization method according to any one in claim 1-4, it is characterised in that described according to the target Token and content of pages are authorized to the webpage to be authorized, including:
The target spoke is injected in the content of pages, to be authorized to the webpage to be authorized.
6. webpage authorization method according to claim 5, it is characterised in that the target spoke is being injected into the page After in content, in addition to:
Send after the injection page to be shown to terminal;
The user profile acquisition for receiving browse operation generation of the terminal according to active user after the injection on the page please Ask, the user profile obtains request and carries the target spoke and logon information;
Targeted customer's information is determined according to the target spoke and logon information;
Targeted customer's information is sent to the terminal.
7. webpage authorization method according to claim 6, it is characterised in that described according to the target spoke and to log in letter Breath determines targeted customer's information, including:
Target preset interface is determined from preset interface storehouse according to the target spoke;
The user profile of active user is obtained from target preset interface according to the logon information, targeted customer's information is used as.
8. a kind of webpage authorization device, it is characterised in that including:
First acquisition module, for obtaining webpage authorization requests, the webpage authorization requests carry active user logon information, And webpage to be authorized acts on behalf of website information in target third-party application;
Determining module, for determining that target makes from the token pool stored with website information is acted on behalf of according to the logon information Board;
Second acquisition module, for acting on behalf of the content of pages that website information obtains webpage to be authorized according to described;
Authorization module, for being authorized according to the target spoke and content of pages to the webpage to be authorized.
9. webpage authorization device according to claim 8, it is characterised in that the logon information is identified including targeted customer And logging status, the determining module includes:
Judging submodule, for judging whether the logging status meets preparatory condition;
Extracting sub-module, for if so, then from it is described act on behalf of website information in extract the application of the target third-party application Mark, obtains intended application mark;
Submodule is searched, for being searched from the token pool stored and intended application mark and targeted customer's mark pair The token answered, is used as target spoke.
10. webpage authorization device according to claim 9, it is characterised in that also including memory module, be used for:
Search and identified with intended application mark and targeted customer from the token pool stored in the lookup submodule Before corresponding token, the incoming instruction of the target third-party application is obtained, the incoming instruction is identified including intended application;
The user's identification sets stored are obtained, user's identification sets are identified including at least one user;
Corresponding token, each user's mark one token of correspondence are generated according to each user mark and intended application mark;
The token of generation is stored in token pool.
11. webpage authorization device according to claim 8, it is characterised in that second acquisition module is used for:
Intended application address and target web address are determined according to the website information of acting on behalf of;
Target third-party application is entered according to the intended application address;
The content of pages of webpage to be authorized is obtained from the target third-party application according to the target web address.
12. the webpage authorization device according to any one in claim 8-11, it is characterised in that the authorization module tool Body is used for:
The target spoke is injected in the content of pages, to be authorized to the webpage to be authorized.
13. webpage authorization device according to claim 12, it is characterised in that also including the 3rd acquisition module, be used for:
After the authorization module injects the target spoke in the content of pages, page after the injection is sent to terminal Face is to be shown;
The user profile acquisition for receiving browse operation generation of the terminal according to active user after the injection on the page please Ask, the user profile obtains request and carries the target spoke and logon information;
Targeted customer's information is determined according to the target spoke and logon information;
Targeted customer's information is sent to the terminal.
14. webpage authorization device according to claim 13, it is characterised in that the 3rd acquisition module specifically for:
Target preset interface is determined from preset interface storehouse according to the target spoke;
The user profile of active user is obtained from target preset interface according to the logon information, targeted customer's information is used as.
CN201710330301.4A 2017-05-11 2017-05-11 Webpage authorization method and device Active CN107147647B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710330301.4A CN107147647B (en) 2017-05-11 2017-05-11 Webpage authorization method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710330301.4A CN107147647B (en) 2017-05-11 2017-05-11 Webpage authorization method and device

Publications (2)

Publication Number Publication Date
CN107147647A true CN107147647A (en) 2017-09-08
CN107147647B CN107147647B (en) 2021-01-08

Family

ID=59778513

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710330301.4A Active CN107147647B (en) 2017-05-11 2017-05-11 Webpage authorization method and device

Country Status (1)

Country Link
CN (1) CN107147647B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322461A (en) * 2018-01-31 2018-07-24 百度在线网络技术(北京)有限公司 Method, system, device, equipment and the medium of application program automated log on
CN108881228A (en) * 2018-06-20 2018-11-23 上海庆科信息技术有限公司 Cloud registration activation method, device, equipment and storage medium
CN109194683A (en) * 2018-09-30 2019-01-11 北京金山云网络技术有限公司 Logon information processing method, device and client
CN109962908A (en) * 2019-01-22 2019-07-02 深圳壹账通智能科技有限公司 Right management method, device, equipment and storage medium based on token
CN110717128A (en) * 2019-10-18 2020-01-21 腾讯科技(深圳)有限公司 Method, device, terminal and storage medium for processing in-application webpage
CN111027051A (en) * 2019-10-29 2020-04-17 贝壳技术有限公司 Method and device for controlling page permission calling and readable storage medium
CN111431972A (en) * 2020-03-05 2020-07-17 北京龙归科技有限公司 Application authorization method, device, storage medium and system based on IDP proxy
CN111556060A (en) * 2020-04-29 2020-08-18 上海中通吉网络技术有限公司 Method, device, equipment and storage medium for embedding target software into external H5 page
CN112150136A (en) * 2020-09-04 2020-12-29 京东数字科技控股股份有限公司 Payment method, system and device for embedded webpage in application
CN112507254A (en) * 2020-12-10 2021-03-16 北京达佳互联信息技术有限公司 Application program authorization method and device
CN112818392A (en) * 2021-01-29 2021-05-18 长沙市到家悠享网络科技有限公司 Webpage security processing method, device, equipment and storage medium
CN113391858A (en) * 2021-07-12 2021-09-14 苏州达家迎信息技术有限公司 Page loading method and device in client, computer equipment and medium
CN114124430A (en) * 2021-08-31 2022-03-01 青岛海尔智能技术研发有限公司 Token replacement method, device and storage medium
CN114884724A (en) * 2022-05-06 2022-08-09 杭州联吉技术有限公司 Cloud server interaction method and device, readable storage medium and terminal equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102833213A (en) * 2011-06-14 2012-12-19 赛酷特(北京)信息技术有限公司 Webpage authentication and login method based on TokenLite
CN103347002A (en) * 2013-06-13 2013-10-09 百度在线网络技术(北京)有限公司 Method, system and device for socialized login
CN104038503A (en) * 2014-06-24 2014-09-10 北京奇虎科技有限公司 Cross-site logging method, cross-site logging device and cross-site logging system
CN104348777A (en) * 2013-07-24 2015-02-11 腾讯科技(深圳)有限公司 Method and system for controlling access of mobile terminal to third party server
CN104540129A (en) * 2014-12-29 2015-04-22 广州唯品会信息科技有限公司 Registration and login method and system for third party application
US20160134599A1 (en) * 2014-11-07 2016-05-12 Brian G. Ross Computer-implemented systems and methods of device based, internet-centric, authentication
CN105897668A (en) * 2015-10-22 2016-08-24 乐视致新电子科技(天津)有限公司 Third party account authorization method, device, server and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102833213A (en) * 2011-06-14 2012-12-19 赛酷特(北京)信息技术有限公司 Webpage authentication and login method based on TokenLite
CN103347002A (en) * 2013-06-13 2013-10-09 百度在线网络技术(北京)有限公司 Method, system and device for socialized login
CN104348777A (en) * 2013-07-24 2015-02-11 腾讯科技(深圳)有限公司 Method and system for controlling access of mobile terminal to third party server
CN104038503A (en) * 2014-06-24 2014-09-10 北京奇虎科技有限公司 Cross-site logging method, cross-site logging device and cross-site logging system
US20160134599A1 (en) * 2014-11-07 2016-05-12 Brian G. Ross Computer-implemented systems and methods of device based, internet-centric, authentication
CN104540129A (en) * 2014-12-29 2015-04-22 广州唯品会信息科技有限公司 Registration and login method and system for third party application
CN105897668A (en) * 2015-10-22 2016-08-24 乐视致新电子科技(天津)有限公司 Third party account authorization method, device, server and system

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322461B (en) * 2018-01-31 2020-10-27 百度在线网络技术(北京)有限公司 Method, system, device, equipment and medium for automatically logging in application program
CN108322461A (en) * 2018-01-31 2018-07-24 百度在线网络技术(北京)有限公司 Method, system, device, equipment and the medium of application program automated log on
CN108881228A (en) * 2018-06-20 2018-11-23 上海庆科信息技术有限公司 Cloud registration activation method, device, equipment and storage medium
CN108881228B (en) * 2018-06-20 2021-05-04 上海庆科信息技术有限公司 Cloud registration activation method, device, equipment and storage medium
CN109194683A (en) * 2018-09-30 2019-01-11 北京金山云网络技术有限公司 Logon information processing method, device and client
CN109962908A (en) * 2019-01-22 2019-07-02 深圳壹账通智能科技有限公司 Right management method, device, equipment and storage medium based on token
CN110717128A (en) * 2019-10-18 2020-01-21 腾讯科技(深圳)有限公司 Method, device, terminal and storage medium for processing in-application webpage
CN110717128B (en) * 2019-10-18 2021-02-09 腾讯科技(深圳)有限公司 Method, device, terminal and storage medium for processing in-application webpage
CN111027051A (en) * 2019-10-29 2020-04-17 贝壳技术有限公司 Method and device for controlling page permission calling and readable storage medium
CN111431972A (en) * 2020-03-05 2020-07-17 北京龙归科技有限公司 Application authorization method, device, storage medium and system based on IDP proxy
CN111431972B (en) * 2020-03-05 2022-09-20 北京龙归科技有限公司 Application authorization method, device, storage medium and system based on IDP proxy
CN111556060B (en) * 2020-04-29 2022-09-02 上海中通吉网络技术有限公司 Method, device, equipment and storage medium for embedding target software into external H5 page
CN111556060A (en) * 2020-04-29 2020-08-18 上海中通吉网络技术有限公司 Method, device, equipment and storage medium for embedding target software into external H5 page
CN112150136A (en) * 2020-09-04 2020-12-29 京东数字科技控股股份有限公司 Payment method, system and device for embedded webpage in application
CN112507254A (en) * 2020-12-10 2021-03-16 北京达佳互联信息技术有限公司 Application program authorization method and device
CN112507254B (en) * 2020-12-10 2024-06-11 北京达佳互联信息技术有限公司 Application program authorization method and device
CN112818392A (en) * 2021-01-29 2021-05-18 长沙市到家悠享网络科技有限公司 Webpage security processing method, device, equipment and storage medium
CN112818392B (en) * 2021-01-29 2022-03-15 长沙市到家悠享网络科技有限公司 Webpage security processing method, device, equipment and storage medium
CN113391858A (en) * 2021-07-12 2021-09-14 苏州达家迎信息技术有限公司 Page loading method and device in client, computer equipment and medium
CN114124430A (en) * 2021-08-31 2022-03-01 青岛海尔智能技术研发有限公司 Token replacement method, device and storage medium
CN114124430B (en) * 2021-08-31 2024-03-01 青岛海尔科技有限公司 Token replacement method, device and storage medium
CN114884724A (en) * 2022-05-06 2022-08-09 杭州联吉技术有限公司 Cloud server interaction method and device, readable storage medium and terminal equipment
CN114884724B (en) * 2022-05-06 2024-03-22 杭州联吉技术有限公司 Cloud server interaction method and device, readable storage medium and terminal equipment

Also Published As

Publication number Publication date
CN107147647B (en) 2021-01-08

Similar Documents

Publication Publication Date Title
CN107147647A (en) A kind of webpage authorization method and device
US10531297B2 (en) Authentication method and server, and computer storage medium
CN103220344B (en) Microblogging licenses method and system
US8495195B1 (en) Cookie preservation when switching devices
CN103916244B (en) Verification method and device
WO2017084290A1 (en) Public account two-dimensional code generation method and server, and public account following method, server and terminal
CN104253686B (en) Method, equipment and the system that account logs in
US10523655B2 (en) System and method for applications to share single sign on through lightweight directory access protocol (LDAP) integration
US20130219476A1 (en) Authentication routing system and method for cloud computing service and authentication router
CN104980412A (en) Application client, server and corresponding Portal authentication method
WO2014108003A1 (en) Method for verifying sensitive operations, terminal device, server, and verification system
US9544317B2 (en) Identification of potential fraudulent website activity
CN104901805B (en) A kind of identification authentication methods, devices and systems
CN105701414A (en) Method and device for multiplexing electronic equipment based on multiple accounts and electronic equipment
CN108881103A (en) A kind of method and device accessing network
CN103188241A (en) User account management method based on mobile intelligent terminal number
CN104539571A (en) Information interaction method, identity authentication method, server and terminal
CN102347964B (en) Log in the method for website, system, information aggregation platform and website
JPWO2002048893A1 (en) Method and apparatus for performing user authentication
CN106656985A (en) Backup account login method, device and system
US8620315B1 (en) Multi-tiered anti-abuse registration for a mobile device user
CN104683290A (en) Method and device for monitoring phishing and terminal
WO2018210214A1 (en) Device positioning method and apparatus
CN110445746A (en) Cookie acquisition methods, device and storage equipment
EP2389642B1 (en) Cybercrime detecting and preventing method and system established by telephone number code, authorization code and source identification code

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant