CN107147647B - Webpage authorization method and device - Google Patents

Webpage authorization method and device Download PDF

Info

Publication number
CN107147647B
CN107147647B CN201710330301.4A CN201710330301A CN107147647B CN 107147647 B CN107147647 B CN 107147647B CN 201710330301 A CN201710330301 A CN 201710330301A CN 107147647 B CN107147647 B CN 107147647B
Authority
CN
China
Prior art keywords
target
token
user
information
webpage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710330301.4A
Other languages
Chinese (zh)
Other versions
CN107147647A (en
Inventor
谢梓洪
黄友昆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710330301.4A priority Critical patent/CN107147647B/en
Publication of CN107147647A publication Critical patent/CN107147647A/en
Application granted granted Critical
Publication of CN107147647B publication Critical patent/CN107147647B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies

Landscapes

  • Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a webpage authorization method and a webpage authorization device, wherein the webpage authorization method comprises the following steps: acquiring a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application; determining a target token from a stored token library according to the login information and the proxy website information; acquiring page content of a webpage to be authorized according to the proxy website information; and authorizing the webpage to be authorized according to the target token and the webpage content. The webpage authorization method can quickly realize the authorization operation on the third-party application page, reduces the interaction times of the two parties, and is simple and high in safety.

Description

Webpage authorization method and device
Technical Field
The invention relates to the technical field of computers, in particular to a webpage authorization method and a webpage authorization device.
Background
With the rapid development of computer technology and internet technology, the internet has become an essential component in daily life and work, and users can acquire various web page information through the internet and know various network information in time.
At present, when a user browses a webpage of a certain product application, the user usually needs to log in through a login account and a password of the product application before browsing, and for different product applications, the user needs to register different accounts, which is very troublesome. For this problem, the product application may grant some open platforms (such as an open platform of a social application) a right to acquire web page data thereof, so that a user may browse various application web pages through the open platform by only registering an account of an application where the open platform is located, thereby avoiding registration and management of multiple accounts.
Specifically, when a user browses other application webpages (i.e., webpages of third-party applications) through an application (i.e., a current application) of an open platform, if the third-party application webpages need to access personal information of the current application, the third-party application webpages can be realized only after authorization is required. Because the web service and the domain name are in the third party, when a user browses a third party application web page, the third party application can request page authorization from the open platform, so that the third party application web page has the right of accessing personal information of the user in the current application.
Disclosure of Invention
The invention aims to provide a webpage authorization method and a webpage authorization device, and aims to solve the technical problems of complex operation and low safety of webpage authorization of the existing third-party application.
In order to solve the above technical problems, embodiments of the present invention provide the following technical solutions:
a method of web page authorization, comprising:
acquiring a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application;
determining a target token from a stored token library according to the login information and the proxy website information;
acquiring page content of a webpage to be authorized according to the proxy website information;
and authorizing the webpage to be authorized according to the target token and the webpage content.
In order to solve the above technical problems, embodiments of the present invention further provide the following technical solutions:
a web page authorization apparatus, comprising:
the first acquisition module is used for acquiring a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application;
the determining module is used for determining a target token from a stored token library according to the login information and the proxy website information;
the second acquisition module is used for acquiring the page content of the webpage to be authorized according to the proxy website information;
and the authorization module is used for authorizing the webpage to be authorized according to the target token and the page content.
According to the webpage authorization method and device, the webpage authorization request is obtained, the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application, then the target token is determined from the stored token library according to the login information and the proxy website information, page content of the webpage to be authorized is obtained according to the proxy website information, then the webpage to be authorized is authorized according to the target token and the page content, so that the authorization operation of the third-party application page can be realized quickly, the interaction times of the two parties are reduced, the method is simple, and the safety is high.
Drawings
The technical solution and other advantages of the present invention will become apparent from the following detailed description of specific embodiments of the present invention, which is to be read in connection with the accompanying drawings.
Fig. 1 is a schematic flowchart of a web page authorization method according to an embodiment of the present invention;
FIG. 2a is a schematic flowchart of a web page authorization method according to an embodiment of the present invention;
FIG. 2b is a schematic diagram of a framework of a web page authorization system according to an embodiment of the present invention;
fig. 3a is a schematic structural diagram of a web page authorization apparatus according to an embodiment of the present invention;
FIG. 3b is a schematic structural diagram of another web page authorization apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a server according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a webpage authorization method and a webpage authorization device. The following are detailed below. The following examples are not to be construed as limiting the preferred order of the examples.
First embodiment
The embodiment will be described from the perspective of a web page authorization apparatus, which may be specifically implemented as an independent entity, or may be implemented by integrating in other devices, such as a server, where the server may be an integration of multiple servers.
A method of web page authorization, comprising: the method comprises the steps of obtaining a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application, then determining a target token from a stored token library according to the login information and the proxy website information, obtaining page content of the webpage to be authorized according to the proxy website information, and then authorizing the webpage to be authorized according to the target token and the page content.
As shown in fig. 1, the specific flow of the web page authorization method may be as follows:
s101, a webpage authorization request is obtained, and the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application.
In this embodiment, the login information mainly refers to relevant information of the user when the user logs in the local application, and may include contents such as a login environment, a login account, a login state, and the like. The third party application refers to an application other than the native application, which typically has a different manufacturer than the native application. In order to ensure the security, each third-party application needs to be registered on an open platform provided by the local application, and the registered third-party applications can enter through an application interface in the open platform, wherein the open platform is mainly used for packaging the services of the local application into a series of data interfaces which are easy to identify by a computer and are opened for the use of a developer of the third-party application. The proxy website information refers to a URL (Uniform Resource Locator) after proxy via a server (local server) of a local application, and is an address of a standard Resource on the internet, each URL may include information such as a protocol, a server name, a domain name, a path, a file name, and the like, where the server name refers to a name assigned when the third-party application is registered on an open platform, the domain name refers to a website name that the open platform applies to an associated management authentication authority, and the path and the file name indicate a storage location of the to-be-authorized webpage in the server (third-party server) of the third-party application.
Specifically, when a user logs in a local application on a terminal and needs to browse a webpage to be authorized of a target third-party application through the local application, for example, click an article link forwarded or shared by a friend to browse the article content, the terminal may generate the webpage authorization request, and transmit the webpage authorization request to a local server through a special channel, for example, WNS (Wireless Network Service, winas), which is a Network connection channel Service that can provide high connectivity, high reliability, and strong security for a mobile application, so that the user login information is not required to be forwarded by a Network operator, hijacked by an illegal user to the user login information is reduced to the greatest extent, and the security is high.
It should be noted that the domain name structure in the proxy website information may be formed by at least two domain names of different levels, each domain name may include english letters and/or numbers, the domain names are separated from the domain names by dots, the rightmost domain name is called a top level domain name, and then a second level domain name follows, the lower the level, the more left the writing position, such as: the top level domain name is internationally universal, for example cn in china, us in the united states, etc., and the rest levels of domain names can be manually set according to actual requirements, for example, the second level domain name can be set as urlshare.
And S102, determining a target token from a stored token library according to the login information and the proxy website information.
In this embodiment, the tokens in the token pool are mainly used for calling the interfaces provided by the open platform, and may include interface types and calling passwords, and the number and types of the interfaces called by each token may be determined according to actual requirements.
For example, the login information may include a target user identifier and a login status, and at this time, the step S102 may specifically include:
judging whether the login state meets a preset condition or not;
if so, extracting the application identifier of the target third-party application from the proxy website information to obtain a target application identifier;
and searching the token corresponding to the target application identification and the target user identification from the stored token library to be used as the target token.
In this embodiment, the user identifier is a unique identity of the user in the local application, and may be a string of numbers and/or letters automatically assigned by the local server when the user registers in the local application. The login status may include two types, namely valid login and invalid login, and generally, when the user login is unsuccessful, for example, the login account and the password are not matched, or the account is not operated for a long time and exits from the activated status, the login status may indicate invalid login, and when the user login is successful and the account is in the activated status, the login status may indicate valid login. The preset condition may be determined according to actual requirements, and may be, for example: the login status indicates a valid login. The application identifier is a unique identification identifier of the third-party application in the open platform, and can be expressed in the forms of character strings or application names, and the like.
Specifically, if the login state is invalid, the user may be prompted to log in again to update the login state. If the login state is valid login, the target application identifier may be extracted from a specified location in the proxy website information, for example, the location of the server name, and then the corresponding token may be searched from the token library according to the target application identifier and the target user identifier.
It should be explained that there are various methods for finding out a token from a token library, for example, the method may be performed according to a target user identifier and a target application identifier at the same time, at this time, an association relationship among the target user identifier, the target application identifier and the target token is established in the token library, or a step-by-step finding manner may be also adopted, for example, first performing a comprehensive finding according to the target user identifier (or the target application identifier) to narrow the range, and then performing a secondary finding according to the target application identifier (or the target user identifier) in a small range, at this time, a correspondence relationship between the target application identifier and the target user identifier, and between the target user identifier (or the target application identifier) and the target token is established in the token library. In the actual application process, the target token should be stored in advance, that is, before searching the token corresponding to the target application identifier and the target user identifier from the stored token library, the method for authorizing the web page may further include:
acquiring an access instruction of the target third-party application, wherein the access instruction comprises a target application identifier;
acquiring a stored user identification set, wherein the user identification set comprises at least one user identification;
generating a corresponding token according to each user identification and the target application identification, wherein each user identification corresponds to one token;
the generated token is stored in a token pool.
In this embodiment, the user identifier set may include user identifiers of all registered users in the local application, which includes the target user identifier. When the registration of the new third-party application on the open platform is successful each time, the local server can generate the access instruction, so that the application identification of the new third-party application and the user identification of each registered user are combined according to the access instruction, and a corresponding token is generated according to each combination and stored in the token library, so that the subsequent search work is facilitated. Of course, the storage manner of the tokens in the token pool may be random storage, or may follow a certain storage rule, for example, the tokens belonging to the same third party application may be stored in the same area, or the tokens belonging to the same user may be stored in the same area, and so on.
It should be noted that, because the target token is generated according to the target user identifier and the target application identifier, that is, for the same application, tokens owned by different users are different, and for the same user, tokens corresponding to different applications are also different, so that it is possible to prevent an illegal user from hijacking the token of a legal user to obtain user privacy data, and the security is high.
S103, acquiring the page content of the webpage to be authorized according to the proxy website information.
For example, the step S103 may specifically include:
determining a target application address and a target webpage address according to the proxy website information;
entering a target third party application according to the target application address;
and acquiring the page content of the webpage to be authorized from the target third-party application according to the target webpage address.
In this embodiment, the target application address mainly refers to an address entering the target third-party application through the open platform, and is usually an address pointed to by a server name and a domain name in the proxy address information. The target web page address mainly refers to an address of the web page to be authorized, which is accessed by the target third-party application, and is generally an address pointed by a path and a file name in the proxy website information. In the actual application process, the domain name server is required to be used for analyzing the domain name to obtain a corresponding IP (Internet Protocol) address, the corresponding IP address enters the open platform according to the IP address, and then the corresponding IP address enters the target third-party application from the open platform according to the server name.
And S104, authorizing the webpage to be authorized according to the target token and the page content.
For example, the step S104 may specifically include:
and injecting the target token into the page content to authorize the webpage to be authorized.
In this embodiment, the injection operation may be implemented in various ways, such as Javascript injection, Structured Query Language (SQL) injection, and the like, which may be determined according to actual requirements. The injection operation is mainly aimed at enabling the page to be authorized to have the capability of calling the interface corresponding to the target token on the open platform, and the user can call the interface by clicking the relevant icon on the page after injection, so that relevant data in the local server, such as data of a user account, a user registered mobile phone number, user friend information and the like, can be obtained.
It should be noted that besides the target token, other information, such as a login environment in the user login information, which may include application version information, operating environment information, and/or terminal system version information, may be injected into the page. When the injection is successful, the local server can provide a proper function interface, such as a payment interface, for the user according to the information. Certainly, since the second-level domain names of the same open platform can all be classified into one domain name, such as url, cn, functional interfaces with low privacy requirements, such as interfaces for vibration, screenshot sharing and the like, in the local server can also be directly opened for the domain name, and the call information of the functional interfaces can be injected into the page according to the domain name, so that the page has more flexible interface permissions, and the user experience is improved.
In addition, once the authorized web page to be authorized is opened, the authorized web page to be authorized has the right to call the relevant interface to obtain the privacy data of the user in the local server, that is, after the target token is injected into the content of the web page, the method for authorizing the web page may further include:
sending the injected page to a terminal for display;
receiving a user information acquisition request generated by the terminal according to the browsing operation of the current user on the injected page, wherein the user information acquisition request carries the target token and the login information;
determining target user information according to the target token and the login information;
and sending the target user information to the terminal.
In this embodiment, the browsing operation may include operations such as sharing, commenting, or forwarding, and the user may click on a relevant key on the injected page to implement the browsing operation, where each key points to one preset interface in the preset interface library, and each preset interface is connected to the local server. The target user information mainly comprises information related to the current user, such as friend information, personal information, balance information and the like of the user, which are stored in the local server.
For example, the step of "determining the target user information according to the target token and the login information" may specifically include:
determining a target preset interface from a preset interface library according to the target token;
and acquiring the user information of the current user from the target preset interface according to the login information to be used as the target user information.
In this embodiment, the preset interface in the preset interface library is mainly an interface provided on an open platform, and may be determined according to actual requirements, for example, the preset interface may include a friend information interface, a personal information interface, a wallet payment interface, and the like. Specifically, in order to avoid that an illegal party calls a target preset interface to acquire user information by hijacking the target token, whether a current user is legal or not can be verified before the user information is acquired by using the target preset interface, that is, whether the login of the current user is effective or not needs to be judged according to the login information, and under the condition that the login is effective, a target user identifier and the target token are matched, and if the matching is successful, the target preset interface is determined to be legal, so that the user information can be further acquired by using the target preset interface.
As can be seen from the above, in the webpage authorization method provided in this embodiment, by obtaining a webpage authorization request, where the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application, then determining a target token from a stored token library according to the login information and the proxy website information, and obtaining page content of the webpage to be authorized according to the proxy website information, then authorizing the webpage to be authorized according to the target token and the page content, an authorization operation on a third-party application page can be quickly implemented, interaction times of both parties are reduced, and the method is simple and high in security.
Second embodiment
The method described in the first embodiment is further illustrated by way of example.
In this embodiment, the web page authorization apparatus is integrated in a server, and the server is a local server for example.
As shown in fig. 2a, a specific process of a web page authorization method may be as follows:
s201, the server obtains an access instruction of the target third-party application, wherein the access instruction comprises a target application identifier.
For example, when the target third party applies APPjWhen the registration is successful on the open platform provided by the local server, the application access instruction can be automatically generated.
S202, the server obtains a stored user identification set according to the access instruction, wherein the user identification set comprises at least one user identification.
For example, the set of subscriber identities { U }1、U2…UnThe user accounts of all registered users in the local application can be stored in the user information base of the local server.
S203, the server generates a corresponding token according to each user identification and the target application identification, and stores the generated token in a token library, wherein each user identification corresponds to one token.
For example, registered third party applications on an open platform may include { APP {1、APP2…APPmJ e (1, 2 … m). The tokens in the token pool are mainly used for calling the interface provided by the open platform, which may include the interface type and calling password. Each token may be generated according to each registered third-party application and a user account, and stored according to a certain storage rule, for example, tokens belonging to the same third-party application may be stored in the same area, or tokens belonging to the same user may be stored in the same area, and so on.
S204, the server acquires a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in the target third-party application.
For example, when a user wants to browse a target third party application APP on a local applicationjFor example, click on the article link https:// { appid }, url hare.cn/home? When "proxy" 1 (i.e. the proxy address information) is used to browse the article content, the terminal may generate the web page authorization request, at this time, please refer to fig. 2b, the web page authorization request may be transmitted to the open platform of the local server through the WNS, and the open platform provides the authentication background with the web page authorization request, url is the domain name of the open platform, home? And (1) is a storage position of the webpage to be authorized.
S205, the login information comprises a target user identifier and a login state, the server judges whether the login state meets a preset condition, if so, the following steps S206-S209 are executed, and if not, the user can be prompted to log in again.
For example, the target user identifier is UiI ∈ (1, 2 … n). The login state may include two types, namely effective login and ineffective login, and the preset condition may be: the login status indicates a valid login. When the user UiWhen the login is successful and the account is in the activated state, the authentication background can judge that the preset condition is met, otherwise, the authentication background can judge that the preset condition is not met, and prompts a user UiLogging in again to update the login state.
S206, the server extracts the application identifier of the target third-party application from the proxy website information to obtain the target application identifier.
For example, if the authentication background determines that the login status satisfies the predetermined condition, it may be considered that the user U is a user UiThe browsing operation of the webpage to be authorized is legal, and at the moment, the authentication background can proxy the APP in the website informationjAnd determining as the target application identification.
S207, the server searches tokens corresponding to the target application identification and the target user identification from the token library to serve as target tokens.
For example, the authentication backend may be based on the APPjAnd UiSearching for target tokens in a token pool, which may be performed in steps, e.g. first according to APPjAnd finding the corresponding tokens, and then finding a target token from the tokens according to the Ui.
S208, the server determines a target application address and a target webpage address according to the proxy website information.
For example, { APP } mayj}. url hare.cn is determined as the target application address, home? And determining the _proxyto be 1 as the target webpage address.
S209, the server enters the target third-party application according to the target application address, and obtains the page content of the webpage to be authorized from the target third-party application according to the target webpage address.
For example, it may be based on { APP }j}. url hare.cn finds the application interface of the target third party application on the open platform and enters the target third party application through the application interface, and then, through home? And acquiring the corresponding page content from the application interface by _proxy ═ 1.
It should be noted that steps S206 to S207 and S208 to S209 are not in a definite order, and may be performed simultaneously.
S210, the server injects the target token into the page content, and sends the injected page to the terminal for displaying.
For example, the open platform can also obtain calling information of some functional interfaces (such as vibration, screenshot sharing and the like) with low privacy, and the target token and the calling information are injected into the page content through the Javascript, so that the page has more flexible interface rights under the condition of not harming the safety of the user, and the whole page authorization process is completed.
S211, the server receives a user information acquisition request generated by the terminal according to the browsing operation of the current user on the injected page, wherein the user information acquisition request carries the target token and the login information.
For example, by terminatingClicking related keys on the injected page, such as a sharing key, a comment key or a forwarding key, on the terminal to generate the page carrying the APPjAnd login information (including U)iAnd login status), and sends the request to the open platform.
S212, the server determines a target preset interface from a preset interface library according to the target token, acquires user information of the current user from the target preset interface according to the login information to serve as target user information, and then sends the target user information to the terminal.
For example, after the open platform verifies the validity of the user according to the login information, the open platform can call a target preset interface corresponding to the target token to acquire the user U from the user information baseiSuch as friend information, personal information, or balance information, etc., which may then be sent to the terminal.
As can be seen from the above, in the webpage authorization method provided in this embodiment, the server may obtain an application access instruction, where the application access instruction carries an application identifier of a third-party application to be accessed, and obtain a stored user identifier set according to the application access instruction, where the user identifier set includes at least one user identifier, then generate a corresponding token according to each user identifier and the application identifier of the third-party application to be accessed, and store the generated token in the token library, where each user identifier corresponds to one token, thereby completing creation of the token library, after which, the server may obtain a webpage authorization request, where the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized, where the webpage to be authorized belongs to a target third-party application, and the login information includes a target user identifier and a login status of the current user, then, judging whether the login state meets a preset condition, if so, extracting an application identifier of the target third-party application from the proxy website information to obtain a target application identifier, searching a token corresponding to the target application identifier and a target user identifier from the token library to be used as a target token, meanwhile, determining a target application address and a target webpage address by the server according to the proxy website information, entering the target third-party application according to the target application address, then obtaining page content of a webpage to be authorized in the target third-party application according to the target webpage address, then injecting the target token into the page content to authorize the webpage to be authorized, sending the injected page to a terminal for display, and then receiving a user information acquisition request generated by the terminal according to the browsing operation of the user on the injected page, the user information acquisition request carries the target token and the target user identification, then, a target preset interface is determined from a preset interface library according to the target token, and user information corresponding to the target user identification is acquired by using the target preset interface, so that the interaction times among the terminal, the local server and the third-party server can be reduced, the authorization operation of the third-party application page can be realized quickly, the method is simple, the user information can be prevented from being hijacked by lawbreakers as far as possible, and the safety is high.
Third embodiment
According to the methods described in the first and second embodiments, this embodiment will be further described from the perspective of a web page authorization apparatus, which may be integrated in a server.
Referring to fig. 3a, fig. 3a specifically illustrates a web page authorization apparatus according to a third embodiment of the present invention, which may include: a first obtaining module 10, a determining module 20, a second obtaining module 30 and an authorizing module 40, wherein:
(1) first acquisition module 10
The first obtaining module 10 is configured to obtain a web page authorization request, where the web page authorization request carries login information of a current user and proxy website information of a web page to be authorized in a target third-party application.
In this embodiment, the login information mainly refers to relevant information of the user when the user logs in the local application, and may include contents such as a login environment, a login account, a login state, and the like. The third party application refers to an application other than the native application, which typically has a different manufacturer than the native application. In order to ensure the security, each third-party application needs to be registered on an open platform provided by the local application, and the registered third-party applications can enter through an application interface in the open platform, wherein the open platform is mainly used for packaging the services of the local application into a series of data interfaces which are easy to identify by a computer and are opened for the use of a developer of the third-party application. The proxy website information refers to a URL (Uniform Resource Locator) after proxy via a server (local server) of a local application, and is an address of a standard Resource on the internet, each URL may include information such as a protocol, a server name, a domain name, a path, a file name, and the like, where the server name refers to a name assigned when the third-party application is registered on an open platform, the domain name refers to a website name that the open platform applies to an associated management authentication authority, and the path and the file name indicate a storage location of the to-be-authorized webpage in the server (third-party server) of the third-party application.
Specifically, when a user logs in a local application on a terminal and needs to browse a webpage to be authorized of a target third-party application through the local application, for example, click an article link forwarded or shared by a friend to browse the article content, the terminal may generate the webpage authorization request, and transmit the webpage authorization request to a local server through a special channel, for example, WNS (Wireless Network Service, winas), which is a Network connection channel Service that can provide high connectivity, high reliability, and strong security for a mobile application, so that the user login information is not required to be forwarded by a Network operator, hijacked by an illegal user to the user login information is reduced to the greatest extent, and the security is high.
It should be noted that the domain name structure in the proxy website information may be formed by at least two domain names of different levels, each domain name may include english letters and/or numbers, the domain names are separated from the domain names by dots, the rightmost domain name is called a top level domain name, and then a second level domain name follows, the lower the level, the more left the writing position, such as: the top level domain name is internationally universal, for example cn in china, us in the united states, etc., and the rest levels of domain names can be manually set according to actual requirements, for example, the second level domain name can be set as urlshare.
(2) Determination module 20
And the determining module 20 is used for determining the target token from the stored token library according to the login information and the proxy website information.
In this embodiment, the tokens in the token pool are mainly used for calling the interfaces provided by the open platform, and may include interface types and calling passwords, and the number and types of the interfaces called by each token may be determined according to actual requirements.
For example, referring to fig. 3b, the login information may include a target user identifier and a login status, and at this time, the determining module 20 may specifically include a determining sub-module 21, an extracting sub-module 22 and a searching sub-module 23, where:
a judgment submodule 21 configured to judge whether the login state satisfies a preset condition;
the extracting submodule 22 is configured to, if yes, extract the application identifier of the target third-party application from the proxy website information to obtain a target application identifier;
and the searching submodule 23 is configured to search, from the stored token library, a token corresponding to the target application identifier and the target user identifier as a target token.
In this embodiment, the user identifier is a unique identity of the user in the local application, and may be a string of numbers and/or letters automatically assigned by the local server when the user registers in the local application. The login status may include two types, namely valid login and invalid login, and generally, when the user login is unsuccessful, for example, the login account and the password are not matched, or the account is not operated for a long time and exits from the activated status, the login status may indicate invalid login, and when the user login is successful and the account is in the activated status, the login status may indicate valid login. The preset condition may be determined according to actual requirements, and may be, for example: the login status indicates a valid login. The application identifier is a unique identification identifier of the third-party application in the open platform, and can be expressed in the forms of character strings or application names, and the like.
Specifically, if the login status is invalid, the determining module 20 may prompt the user to log in again to update the login status. If the login status is valid, the extracting sub-module 22 may extract the target application identifier from a specified location in the proxy website information, for example, the location of the server name, and the searching sub-module 23 searches the corresponding token from the token pool according to the target application identifier and the target user identifier.
It should be explained that the method for the lookup submodule 23 to lookup the token from the token library may be multiple, for example, the lookup may be performed according to the target user identifier and the target application identifier at the same time, at this time, an association relationship among the target user identifier, the target application identifier and the target token is established in the token library, or a stepwise lookup manner may also be adopted, for example, firstly, the comprehensive lookup is performed according to the target user identifier (or the target application identifier) to narrow the range, and then, the secondary lookup is performed according to the target application identifier (or the target user identifier) in a small range, at this time, the correspondence relationship between the target application identifier and the target user identifier, and between the target user identifier (or the target application identifier) and the target token is established in the token library. In practical applications, the target token should be stored in advance, that is, the web page authorization apparatus may further include a storage module 50 for:
before the searching submodule 23 searches for the token corresponding to the target application identifier and the target user identifier from the stored token library, obtaining an access instruction of the target third-party application, where the access instruction includes the target application identifier;
acquiring a stored user identification set, wherein the user identification set comprises at least one user identification;
generating a corresponding token according to each user identification and the target application identification, wherein each user identification corresponds to one token;
the generated token is stored in a token pool.
In this embodiment, the user identifier set may include user identifiers of all registered users in the local application, which includes the target user identifier. When a new third-party application is successfully registered on the open platform each time, the local server may generate the access instruction, so that the storage module 50 combines the application identifier of the new third-party application and the user identifier of each registered user according to the access instruction, and generates a corresponding token according to each combination to store in the token library, thereby facilitating subsequent search work. Of course, the storage manner of the tokens in the token pool may be random storage, or may follow a certain storage rule, for example, the tokens belonging to the same third party application may be stored in the same area, or the tokens belonging to the same user may be stored in the same area, and so on.
It should be noted that, because the target token is generated according to the target user identifier and the target application identifier, that is, for the same application, tokens owned by different users are different, and for the same user, tokens corresponding to different applications are also different, so that it is possible to prevent an illegal user from hijacking the token of a legal user to obtain user privacy data, and the security is high.
(3) Second acquisition module 30
And a second obtaining module 30, configured to obtain the page content of the to-be-authorized web page according to the proxy website information.
For example, the second obtaining module 30 may specifically be configured to:
determining a target application address and a target webpage address according to the proxy website information;
entering a target third party application according to the target application address;
and acquiring the page content of the webpage to be authorized from the target third-party application according to the target webpage address.
In this embodiment, the target application address mainly refers to an address entering the target third-party application through the open platform, and is usually an address pointed to by a server name and a domain name in the proxy address information. The target web page address mainly refers to an address of the web page to be authorized, which is accessed by the target third-party application, and is generally an address pointed by a path and a file name in the proxy website information. In the actual application process, the second obtaining module 30 needs to analyze the domain name by using a domain name server to obtain a corresponding IP (Internet Protocol ) address, enter the open platform according to the IP address, and then enter the target third party application from the open platform according to the server name.
(4) Authorization module 40
And the generating module 40 is configured to authorize the webpage to be authorized according to the target token and the page content.
For example, the authorization module 40 may be specifically configured to:
and injecting the target token into the page content to authorize the webpage to be authorized.
In this embodiment, the injection operation may be implemented in various ways, such as Javascript injection, Structured Query Language (SQL) injection, and the like, which may be determined according to actual requirements. The injection operation is mainly aimed at enabling the page to be authorized to have the capability of calling the interface corresponding to the target token on the open platform, and the user can call the interface by clicking the relevant icon on the page after injection, so that relevant data in the local server, such as data of a user account, a user registered mobile phone number, user friend information and the like, can be obtained.
It should be noted that, besides the target token, the authorization module 40 may also inject other information into the page, such as a login context in the user login information, where the login context may include application version information, operating environment information, and/or terminal system version information. When the injection is successful, the local server can provide a proper function interface, such as a payment interface, for the user according to the information. Certainly, since the second-level domain names of the same open platform can all be classified into one domain name, such as url, cn, functional interfaces with low privacy requirements, such as interfaces for vibration, screenshot sharing and the like, in the local server can also be directly opened for the domain name, and the call information of the functional interfaces can be injected into the page according to the domain name, so that the page has more flexible interface permissions, and the user experience is improved.
In addition, once the authorized web page to be authorized is opened, the authorized web page to be authorized has the right to call the relevant interface to obtain the private data of the user in the local server, that is, the web page authorization apparatus may further include a third obtaining module 60, configured to:
after the authorization module 40 injects the target token into the page content, the injected page is sent to a terminal for display;
receiving a user information acquisition request generated by the terminal according to the browsing operation of the current user on the injected page, wherein the user information acquisition request carries the target token and the login information;
determining a target preset interface from a preset interface library according to the target token;
and acquiring the user information of the current user from the target preset interface according to the login information.
In this embodiment, the browsing operation may include operations such as sharing, commenting, or forwarding, and the user may click on a relevant key on the injected page to implement the browsing operation, where each key points to one preset interface in the preset interface library, and each preset interface is connected to the local server. The user information mainly includes information related to the user, such as friend information, personal information, balance information, and the like of the user, stored in the local server. The preset interface in the preset interface library is mainly an interface provided on an open platform, and may be determined according to actual needs, for example, may include a friend information interface, a personal information interface, a wallet payment interface, and the like. Specifically, in order to avoid that an illegal party calls a target preset interface to acquire user information by hijacking the target token, the third acquisition module 60 may verify whether the current user is legal before acquiring the user information by using the target preset interface, that is, whether the login of the current user is valid needs to be determined according to the login information, and under the condition that the login is valid, the target user identifier and the target token are matched, and if the matching is successful, the target preset interface is determined to be valid, so that the user information can be further acquired by using the target preset interface.
In a specific implementation, the above units may be implemented as independent entities, or may be combined arbitrarily to be implemented as the same or several entities, and the specific implementation of the above units may refer to the foregoing method embodiments, which are not described herein again.
As can be seen from the above, in the web page authorization apparatus provided in this embodiment, the first obtaining module 10 obtains a web page authorization request, where the web page authorization request carries login information of a current user and proxy website information of a to-be-authorized web page in a target third-party application, then the determining module 20 determines a target token from a stored token library according to the login information and the proxy website information, the second obtaining module 30 obtains page content of the to-be-authorized web page according to the proxy website information, and then the authorizing module 40 authorizes the to-be-authorized web page according to the target token and the page content, so that authorization operation on a third-party application page can be quickly implemented, interaction times of both parties are reduced, the method is simple, and the security is high.
Fourth embodiment
Correspondingly, the embodiment of the invention also provides a webpage authorization system, which comprises any webpage authorization device provided by the embodiment of the invention, and the webpage authorization device can be integrated in a server.
The server can obtain a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application; determining a target token from a stored token library according to the login information and the proxy website information; acquiring page content of a webpage to be authorized according to the proxy website information; and authorizing the webpage to be authorized according to the target token and the webpage content.
The specific implementation of each device can be referred to the previous embodiment, and is not described herein again.
Since the web page authorization system may include any one of the web page authorization devices provided in the embodiments of the present invention, the beneficial effects that can be achieved by any one of the web page authorization devices provided in the embodiments of the present invention can be achieved, which are detailed in the foregoing embodiments and will not be described herein again.
Fifth embodiment
An embodiment of the present invention further provides a server, as shown in fig. 4, which shows a schematic structural diagram of the server according to the embodiment of the present invention, specifically:
the server may include components such as a processor 701 of one or more processing cores, memory 702 of one or more computer-readable storage media, Radio Frequency (RF) circuitry 703, a power supply 704, an input unit 705, and a display unit 706. Those skilled in the art will appreciate that the server architecture shown in FIG. 4 is not meant to be limiting, and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components. Wherein:
the processor 701 is a control center of the server, connects various parts of the entire server using various interfaces and lines, and performs various functions of the server and processes data by running or executing software programs and/or modules stored in the memory 702 and calling data stored in the memory 702, thereby performing overall monitoring of the server. Optionally, processor 701 may include one or more processing cores; preferably, the processor 701 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 701.
The memory 702 may be used to store software programs and modules, and the processor 701 executes various functional applications and data processing by operating the software programs and modules stored in the memory 702. The memory 702 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data created according to the use of the server, and the like. Further, the memory 702 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 702 may also include a memory controller to provide the processor 701 with access to the memory 702.
The RF circuit 703 may be used for receiving and transmitting signals during the process of transmitting and receiving information, and in particular, for processing the received downlink information of the base station by the one or more processors 701; in addition, data relating to uplink is transmitted to the base station. In general, the RF circuitry 703 includes, but is not limited to, an antenna, at least one Amplifier, a tuner, one or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, the RF circuitry 703 may also communicate with networks and other devices via wireless communications. The wireless communication may use any communication standard or protocol, including but not limited to Global System for Mobile communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), email, Short Message Service (SMS), and the like.
The server further includes a power supply 704 (e.g., a battery) for supplying power to the various components, and preferably, the power supply 704 is logically connected to the processor 701 via a power management system, so that functions of managing charging, discharging, and power consumption are implemented via the power management system. The power supply 704 may also include any component of one or more dc or ac power sources, recharging systems, power failure detection circuitry, power converters or inverters, power status indicators, and the like.
The server may further include an input unit 705, and the input unit 705 may be used to receive input numeric or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control. Specifically, in one particular embodiment, input unit 705 may include a touch-sensitive surface as well as other input devices. The touch-sensitive surface, also referred to as a touch display screen or a touch pad, may collect touch operations by a user (e.g., operations by a user on or near the touch-sensitive surface using a finger, a stylus, or any other suitable object or attachment) thereon or nearby, and drive the corresponding connection device according to a predetermined program. Alternatively, the touch sensitive surface may comprise two parts, a touch detection means and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 701, and can receive and execute commands sent by the processor 701. In addition, touch sensitive surfaces may be implemented using various types of resistive, capacitive, infrared, and surface acoustic waves. The input unit 705 may include other input devices in addition to a touch-sensitive surface. In particular, other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The server may also include a display unit 706, which display unit 706 may be used to display information input by or provided to the user, as well as various graphical user interfaces of the server, which may be made up of graphics, text, icons, video, and any combination thereof. The Display unit 706 may include a Display panel, and optionally, the Display panel may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch-sensitive surface may cover the display panel, and when a touch operation is detected on or near the touch-sensitive surface, the touch operation is transmitted to the processor 701 to determine the type of the touch event, and then the processor 701 provides a corresponding visual output on the display panel according to the type of the touch event. Although in FIG. 4 the touch-sensitive surface and the display panel are shown as two separate components to implement input and output functions, in some embodiments the touch-sensitive surface may be integrated with the display panel to implement input and output functions.
Although not shown, the server may further include a camera, a bluetooth module, etc., which will not be described herein. Specifically, in this embodiment, the processor 701 in the server loads the executable file corresponding to the process of one or more application programs into the memory 702 according to the following instructions, and the processor 701 runs the application program stored in the memory 702, thereby implementing various functions as follows:
acquiring a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application;
determining a target token from a stored token library according to the login information and the proxy website information;
acquiring page content of a webpage to be authorized according to the proxy website information;
and authorizing the webpage to be authorized according to the target token and the webpage content.
The server can achieve the effective effect that any one of the web page authorization devices provided by the embodiments of the present invention can achieve, for details, see the foregoing embodiments, and are not described herein again.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
The method, the device and the system for webpage authorization provided by the embodiment of the invention are described in detail, a specific example is applied in the text to explain the principle and the implementation of the invention, and the description of the embodiment is only used for helping to understand the method and the core idea of the invention; meanwhile, for those skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (13)

1. A method for web page authorization, comprising:
acquiring a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application;
determining a target token from a stored token library according to the login information and the proxy website information, wherein the token in the token library is used for calling an interface provided by an open platform;
acquiring page content of a webpage to be authorized according to the proxy website information;
and injecting the target token into the page content to authorize the webpage to be authorized.
2. The method for webpage authorization according to claim 1, wherein the login information includes a target user identifier and a login status, and the determining a target token from a stored token library according to the login information and the proxy website information includes:
judging whether the login state meets a preset condition or not;
if so, extracting the application identifier of the target third-party application from the proxy website information to obtain a target application identifier;
and searching a token corresponding to the target application identifier and the target user identifier from a stored token library to be used as a target token.
3. The method for web page authorization according to claim 2, further comprising, before searching the stored token pool for the token corresponding to the target application identifier and the target user identifier:
acquiring an access instruction of the target third-party application, wherein the access instruction comprises a target application identifier;
acquiring a stored user identification set, wherein the user identification set comprises at least one user identification;
generating a corresponding token according to each user identification and the target application identification, wherein each user identification corresponds to one token;
the generated token is stored in a token pool.
4. The method for authorizing the web page according to claim 1, wherein the obtaining the page content of the web page to be authorized according to the proxy website information comprises:
determining a target application address and a target webpage address according to the proxy website information;
entering a target third party application according to the target application address;
and acquiring the page content of the webpage to be authorized from the target third-party application according to the target webpage address.
5. The method for authorizing web pages according to claim 1, further comprising, after injecting the target token into the page content:
sending the injected page to a terminal for display;
receiving a user information acquisition request generated by the terminal according to the browsing operation of the current user on the injected page, wherein the user information acquisition request carries the target token and the login information;
determining target user information according to the target token and the login information;
and sending the target user information to the terminal.
6. The method for webpage authorization according to claim 5, wherein the determining target user information according to the target token and login information includes:
determining a target preset interface from a preset interface library according to the target token;
and acquiring the user information of the current user from a target preset interface according to the login information to be used as the target user information.
7. A web page authorization apparatus, comprising:
the first acquisition module is used for acquiring a webpage authorization request, wherein the webpage authorization request carries login information of a current user and proxy website information of a webpage to be authorized in a target third-party application;
the determining module is used for determining a target token from a stored token library according to the login information and the proxy website information, wherein the token in the token library is used for calling an interface provided by an open platform;
the second acquisition module is used for acquiring the page content of the webpage to be authorized according to the proxy website information;
and the authorization module is used for injecting the target token into the page content so as to authorize the webpage to be authorized.
8. The apparatus as claimed in claim 7, wherein the login information includes a target user identifier and a login status, and the determining module comprises:
the judgment submodule is used for judging whether the login state meets a preset condition or not;
the extraction submodule is used for extracting the application identifier of the target third-party application from the proxy website information if the proxy website information is true, and obtaining a target application identifier;
and the searching submodule is used for searching the token corresponding to the target application identifier and the target user identifier from the stored token library to be used as the target token.
9. The apparatus for authorizing web pages as claimed in claim 8, further comprising a storage module for:
before the searching sub-module searches a token corresponding to the target application identifier and the target user identifier from a stored token library, acquiring an access instruction of the target third-party application, wherein the access instruction comprises the target application identifier;
acquiring a stored user identification set, wherein the user identification set comprises at least one user identification;
generating a corresponding token according to each user identification and the target application identification, wherein each user identification corresponds to one token;
the generated token is stored in a token pool.
10. The apparatus for authorizing web pages as claimed in claim 7, wherein the second obtaining module is configured to:
determining a target application address and a target webpage address according to the proxy website information;
entering a target third party application according to the target application address;
and acquiring the page content of the webpage to be authorized from the target third-party application according to the target webpage address.
11. The apparatus for authorizing web pages as claimed in claim 7, further comprising a third obtaining module for:
after the authorization module injects the target token into the page content, the injected page is sent to a terminal for display;
receiving a user information acquisition request generated by the terminal according to the browsing operation of the current user on the injected page, wherein the user information acquisition request carries the target token and the login information;
determining target user information according to the target token and the login information;
and sending the target user information to the terminal.
12. The web page authorization apparatus according to claim 11, wherein the third obtaining module is specifically configured to:
determining a target preset interface from a preset interface library according to the target token;
and acquiring the user information of the current user from a target preset interface according to the login information to be used as the target user information.
13. A computer-readable storage medium storing instructions adapted to be loaded by a processor to perform the steps of the method of any one of claims 1 to 6.
CN201710330301.4A 2017-05-11 2017-05-11 Webpage authorization method and device Active CN107147647B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710330301.4A CN107147647B (en) 2017-05-11 2017-05-11 Webpage authorization method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710330301.4A CN107147647B (en) 2017-05-11 2017-05-11 Webpage authorization method and device

Publications (2)

Publication Number Publication Date
CN107147647A CN107147647A (en) 2017-09-08
CN107147647B true CN107147647B (en) 2021-01-08

Family

ID=59778513

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710330301.4A Active CN107147647B (en) 2017-05-11 2017-05-11 Webpage authorization method and device

Country Status (1)

Country Link
CN (1) CN107147647B (en)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322461B (en) * 2018-01-31 2020-10-27 百度在线网络技术(北京)有限公司 Method, system, device, equipment and medium for automatically logging in application program
CN108881228B (en) * 2018-06-20 2021-05-04 上海庆科信息技术有限公司 Cloud registration activation method, device, equipment and storage medium
CN109194683A (en) * 2018-09-30 2019-01-11 北京金山云网络技术有限公司 Logon information processing method, device and client
CN109962908B (en) * 2019-01-22 2023-06-13 深圳壹账通智能科技有限公司 Rights management method, device, equipment and storage medium based on token
CN110717128B (en) * 2019-10-18 2021-02-09 腾讯科技(深圳)有限公司 Method, device, terminal and storage medium for processing in-application webpage
CN111027051B (en) * 2019-10-29 2021-12-17 贝壳技术有限公司 Method and device for controlling page permission calling and readable storage medium
CN111431972B (en) * 2020-03-05 2022-09-20 北京龙归科技有限公司 Application authorization method, device, storage medium and system based on IDP proxy
CN111556060B (en) * 2020-04-29 2022-09-02 上海中通吉网络技术有限公司 Method, device, equipment and storage medium for embedding target software into external H5 page
CN112150136A (en) * 2020-09-04 2020-12-29 京东数字科技控股股份有限公司 Payment method, system and device for embedded webpage in application
CN112507254B (en) * 2020-12-10 2024-06-11 北京达佳互联信息技术有限公司 Application program authorization method and device
CN112818392B (en) * 2021-01-29 2022-03-15 长沙市到家悠享网络科技有限公司 Webpage security processing method, device, equipment and storage medium
CN113391858A (en) * 2021-07-12 2021-09-14 苏州达家迎信息技术有限公司 Page loading method and device in client, computer equipment and medium
CN114124430B (en) * 2021-08-31 2024-03-01 青岛海尔科技有限公司 Token replacement method, device and storage medium
CN114884724B (en) * 2022-05-06 2024-03-22 杭州联吉技术有限公司 Cloud server interaction method and device, readable storage medium and terminal equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102833213A (en) * 2011-06-14 2012-12-19 赛酷特(北京)信息技术有限公司 Webpage authentication and login method based on TokenLite
CN103347002A (en) * 2013-06-13 2013-10-09 百度在线网络技术(北京)有限公司 Method, system and device for socialized login
CN104038503A (en) * 2014-06-24 2014-09-10 北京奇虎科技有限公司 Cross-site logging method, cross-site logging device and cross-site logging system
CN104348777A (en) * 2013-07-24 2015-02-11 腾讯科技(深圳)有限公司 Method and system for controlling access of mobile terminal to third party server
CN104540129A (en) * 2014-12-29 2015-04-22 广州唯品会信息科技有限公司 Registration and login method and system for third party application
CN105897668A (en) * 2015-10-22 2016-08-24 乐视致新电子科技(天津)有限公司 Third party account authorization method, device, server and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9813400B2 (en) * 2014-11-07 2017-11-07 Probaris Technologies, Inc. Computer-implemented systems and methods of device based, internet-centric, authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102833213A (en) * 2011-06-14 2012-12-19 赛酷特(北京)信息技术有限公司 Webpage authentication and login method based on TokenLite
CN103347002A (en) * 2013-06-13 2013-10-09 百度在线网络技术(北京)有限公司 Method, system and device for socialized login
CN104348777A (en) * 2013-07-24 2015-02-11 腾讯科技(深圳)有限公司 Method and system for controlling access of mobile terminal to third party server
CN104038503A (en) * 2014-06-24 2014-09-10 北京奇虎科技有限公司 Cross-site logging method, cross-site logging device and cross-site logging system
CN104540129A (en) * 2014-12-29 2015-04-22 广州唯品会信息科技有限公司 Registration and login method and system for third party application
CN105897668A (en) * 2015-10-22 2016-08-24 乐视致新电子科技(天津)有限公司 Third party account authorization method, device, server and system

Also Published As

Publication number Publication date
CN107147647A (en) 2017-09-08

Similar Documents

Publication Publication Date Title
CN107147647B (en) Webpage authorization method and device
US10097547B2 (en) Security verification method, apparatus and terminal
US9954855B2 (en) Login method and apparatus, and open platform system
CN110869907B (en) Method and terminal for browsing application page
US9882916B2 (en) Method for verifying sensitive operations, terminal device, server, and verification system
US9330280B2 (en) Identity management, authorization and entitlement framework
US9703971B2 (en) Sensitive operation verification method, terminal device, server, and verification system
WO2017084290A1 (en) Public account two-dimensional code generation method and server, and public account following method, server and terminal
US11068583B2 (en) Management of login information affected by a data breach
US20140207679A1 (en) Online money transfer service in connection with instant messenger
CN107493378B (en) Method and device for logging in application program, computer equipment and readable storage medium
CN108881103B (en) Network access method and device
CN111478849B (en) Service access method, device and storage medium
CN103634294A (en) Information verifying method and device
CN108702357A (en) A kind of method, terminal device and service server authorizing authority migration
CN108475304B (en) Method and device for associating application program and biological characteristics and mobile terminal
CN106713266B (en) Method, device, terminal and system for preventing information leakage
CN109416800A (en) A kind of authentication method and mobile terminal of mobile terminal
WO2017088745A1 (en) Information processing method and apparatus, and electronic device
WO2018210214A1 (en) Device positioning method and apparatus
CN110445746A (en) Cookie acquisition methods, device and storage equipment
CN111935107B (en) Identity authentication method, device, system, electronic equipment and storage medium
CN107743114B (en) Network access method, device and system
CN107347055B (en) User information processing method and device, storage medium and server
CN106161371B (en) Method, device and system for retrieving account information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant