CN112507254A - Application program authorization method and device - Google Patents

Application program authorization method and device Download PDF

Info

Publication number
CN112507254A
CN112507254A CN202011435612.5A CN202011435612A CN112507254A CN 112507254 A CN112507254 A CN 112507254A CN 202011435612 A CN202011435612 A CN 202011435612A CN 112507254 A CN112507254 A CN 112507254A
Authority
CN
China
Prior art keywords
webpage
information
authorization
server
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011435612.5A
Other languages
Chinese (zh)
Other versions
CN112507254B (en
Inventor
李青云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Dajia Internet Information Technology Co Ltd
Original Assignee
Beijing Dajia Internet Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Dajia Internet Information Technology Co Ltd filed Critical Beijing Dajia Internet Information Technology Co Ltd
Priority to CN202011435612.5A priority Critical patent/CN112507254B/en
Publication of CN112507254A publication Critical patent/CN112507254A/en
Application granted granted Critical
Publication of CN112507254B publication Critical patent/CN112507254B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the application provides an application program authorization method and device, relates to a webpage technology, and enables a terminal to obtain authorization information and complete page information of a target webpage. The method is applied to a first server and comprises the following steps: receiving a first request from a terminal, wherein the first request comprises webpage information of a target webpage; generating a webpage identification of a target webpage, and storing the webpage identification, the webpage information of the target webpage and the corresponding relation between the webpage identification and the webpage information of the target webpage; sending a first webpage address to a terminal; the first webpage address comprises a webpage identifier and account information of an information platform account; receiving a second request from the terminal, wherein the second request comprises a webpage identifier and an authorization code; acquiring webpage information of a target webpage corresponding to the webpage identifier in the second request from the stored webpage information, and acquiring authorization information according to the authorization code; and sending the webpage information and the authorization information to the terminal.

Description

Application program authorization method and device
Technical Field
The present application relates to a web page technology, and in particular, to a method and an apparatus for authorizing an application.
Background
Currently, some Applications (APPs) may provide developers or merchants with functions for self-management of information in addition to providing users with multiple functions. For example, some instant messaging applications (e.g., wechat APP) may provide a communication function for a user, and may also provide related functions of an information platform account (e.g., a public number in wechat APP) for a developer or a merchant. A developer or a merchant needs to register an information platform account; then, using the related functions of the information platform account in the APP when logging in the information platform account, for example, the terminal responds to the operation of the user accessing the information platform account and displays the page of the target webpage of the information platform account.
The terminal generates a page of a target webpage of the information platform account according to the page information of the target webpage of the information platform account and the authorization information (such as user information) of the user. However, since the terminal cannot carry complete page information of the target webpage in the process of requesting to acquire the authorization information, the terminal still cannot generate the page of the target webpage of the information platform account after obtaining the authorization information.
Disclosure of Invention
The embodiment of the application program authorization method and device can enable a terminal to obtain authorization information and complete page information of a target webpage, and further successfully generate a page of the target webpage by utilizing the authorization information and the complete page information of the target webpage.
In order to achieve the technical purpose, the embodiment of the application adopts the following technical scheme:
in a first aspect, an embodiment of the present application provides an application program authorization method, which is applied to a first server, and the method includes: first, receiving a first request from a terminal; generating a webpage identifier of a target webpage, and storing the webpage identifier, the webpage information of the target webpage and the corresponding relation between the webpage identifier and the webpage information of the target webpage; then, sending a first webpage address to the terminal; then, receiving a second request from the terminal, wherein the second request comprises a webpage identifier and an authorization code; acquiring webpage information of a target webpage corresponding to the webpage identifier in the second request from the stored webpage information, and acquiring authorization information according to the authorization code; and finally, sending the webpage information and the authorization information to the terminal.
The first request is used for requesting to acquire a target webpage of the information platform account, and the first request comprises webpage information of the target webpage. The web page identification is used to identify web page information of the target web page. The first webpage address comprises a webpage identifier and account information of an information platform account, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program. The authorization code is assigned when the information platform account number has the authority.
In one possible embodiment, the second request further includes a domain name identifier of the terminal, the domain name identifier being obtained by the terminal from a data (cookie) file stored on the terminal corresponding to the first web page address. After receiving the second request from the terminal, before acquiring the web page information of the target web page corresponding to the web page identifier in the second request from the stored web page information, the method further includes: and determining that the webpage identifier is the same as the domain name identifier.
In another possible implementation, after receiving the second request from the terminal, the method further includes: and if the webpage identifier is determined to be different from the domain name identifier, determining that the second request fails to acquire the page information and the authorization information of the target webpage.
In another possible implementation, the obtaining the authorization information according to the authorization code includes: sending an authorization code and account information of the information platform account to a second server corresponding to the application program; authorization information is received from the second server.
In a second aspect, an embodiment of the present application further provides an application program authorization method, which is applied to a terminal, where an APP is installed in the terminal, and the method includes: detecting an access operation on a target webpage corresponding to an information platform account in an application program, and sending a first request to a first server corresponding to the information platform account; receiving a first webpage address from a first server; sending an authorization request carrying a first webpage address to a second server corresponding to the APP; receiving a second web page address from a second server; sending a second request to the first server by using the second webpage address; the second request is used for requesting to acquire the webpage information of the target webpage by utilizing the webpage identifier and requesting to acquire the authorization information by utilizing the authorization code; receiving page information and authorization information from a first server; and displaying the page of the target webpage in the authorization state by using the page information and the authorization information.
The first request is used for requesting to acquire a target webpage, and the first request comprises page information of the target webpage. The first webpage identification comprises a webpage identification and account information of an information platform account, the webpage identification corresponds to the webpage information of the target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program. The second webpage address comprises a webpage identifier and an authorization code; the authorization code is assigned when the information platform account number has the authority.
In one possible implementation, after receiving the first web address from the first server, the method further includes: saving the domain name identification in the cookie file corresponding to the first webpage address by using the webpage identification in the first webpage address; the domain name identification is a web page identification.
Wherein the sending the second request to the first server by using the second webpage address includes: accessing a second webpage address, and acquiring a domain name identifier from a data (cookie) file which corresponds to the second webpage address and is stored on the terminal; and sending a second request to the first server, wherein the second request also comprises the domain name identification. And the webpage information and the authorization information are output by the first server under the condition that the webpage identifier and the domain name identifier in the second request are the same.
In another possible implementation manner, the second web page address further includes a first identifier or a second identifier, the first identifier is used to trigger the terminal to send the second request to the first server, and the second identifier is used to trigger the terminal to display an authorization confirmation page. Wherein the sending the second request to the first server includes: if the second webpage address comprises the first identification, sending a second request to the first server;
or if the second webpage address comprises the second identifier, displaying an authorization confirmation page by using the second webpage address; in the event that a confirm authorization operation is detected on the authorization confirmation page, a second request is sent to the first server.
In another possible embodiment, the first web address includes a first field, and the second web address includes a first field; and the first field of the first webpage address and the first field of the second webpage address are used for carrying webpage identifiers.
In another possible embodiment, the second web page address further includes a second field; and a second field of the second webpage address is used for carrying the authorization code.
In a third aspect, an embodiment of the present application further provides an apparatus for authorizing an application, applied to a first server, where the apparatus includes: the device comprises a receiving module, a processing module and a sending module. The receiving module is used for receiving a first request from a terminal; the processing module is used for generating a webpage identifier of a target webpage and storing the webpage identifier, the webpage information of the target webpage and the corresponding relation between the webpage identifier and the webpage information of the target webpage; the sending module is used for sending the first webpage address to the terminal; the receiving module is further used for receiving a second request from the terminal, wherein the second request comprises a webpage identifier and an authorization code; the processing module is further used for acquiring the webpage information of the target webpage corresponding to the webpage identifier in the second request from the stored webpage information and acquiring the authorization information according to the authorization code; and the sending module is also used for sending the webpage information and the authorization information to the terminal.
The first request is used for requesting to acquire a target webpage of the information platform account, and the first request comprises webpage information of the target webpage. The web page identification is used to identify web page information of the target web page. The first webpage address comprises a webpage identifier and account information of an information platform account, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program. The authorization code is assigned when the information platform account number has the authority.
In a possible implementation manner, the second request further includes a domain name identifier of the terminal, and the domain name identifier is obtained by the terminal from a cookie file corresponding to the first web page address. The processing module is further configured to determine that the web page identifier is the same as the domain name identifier before the web page information of the target web page corresponding to the web page identifier in the second request is acquired from the stored web page information after the second request from the terminal is received.
In another possible implementation manner, the processing module is further configured to determine that the second request fails to acquire the page information and the authorization information of the target web page if it is determined that the web page identifier and the domain name identifier are different after the second request from the terminal is received.
In another possible implementation, the processing module is specifically configured to: sending an authorization code and account information of the information platform account to a second server corresponding to the application program; authorization information is received from the second server.
In a fourth aspect, an embodiment of the present application further provides an application authorization apparatus, which is applied to a terminal, where an application is installed in the terminal, and the apparatus includes: the device comprises a processing module, a receiving module and a display module; the processing module comprises a sending module. The sending module is used for detecting an access operation to a target webpage corresponding to an information platform account in an application program and sending a first request to a first server corresponding to the information platform account; the receiving module is used for receiving a first webpage address from a first server; the sending module is also used for sending an authorization request carrying the first webpage address to a second server corresponding to the application program; the receiving module is also used for receiving a second webpage address from the second server; the processing module is used for sending a second request to the first server by using the second webpage address; the receiving module is also used for receiving webpage information and authorization information from the first server; and the display module is used for displaying the page of the target webpage in the authorization state by utilizing the webpage information and the authorization information.
The first request is used for requesting to acquire a target webpage, and the first request comprises webpage information of the target webpage. The first webpage address comprises a webpage identifier and account information of an information platform account, the webpage identifier corresponds to the webpage information of the target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program. The second webpage address comprises a webpage identifier and an authorization code, wherein the authorization code is distributed under the condition that the information platform account number has the authority. The second request is used for requesting to acquire the webpage information of the target webpage by utilizing the webpage identification and requesting to acquire the authorization information by utilizing the authorization code.
In a possible implementation manner, the processing module is configured to, after the receiving of the first web address from the first server, store the domain name identifier in a data file stored on the terminal corresponding to the first web address by using the web identifier in the first web address; the domain name identification is a webpage identification; the processing module is specifically used for accessing a second webpage address and acquiring a domain name identifier from a cookie file corresponding to the second webpage address; the sending module is specifically configured to send a second request to the first server, where the second request further includes a domain name identifier.
And the webpage information and the authorization information are output by the first server under the condition that the webpage identifier and the domain name identifier in the second request are the same.
In another possible implementation manner, the second web page address further includes a first identifier or a second identifier, the first identifier is used to trigger the terminal to send the second request to the first server, and the second identifier is used to trigger the terminal to display an authorization confirmation page.
The processing module is specifically configured to send a second request to the first server if the second webpage address includes the first identifier; or if the second webpage address comprises the second identifier, displaying an authorization confirmation page by using the second webpage address; in the event that a confirm authorization operation is detected on the authorization confirmation page, a second request is sent to the first server.
In another possible embodiment, the first web address includes a first field, and the second web address includes a first field; and the first field of the first webpage address and the first field of the second webpage address are used for carrying webpage identifiers.
In another possible embodiment, the second web page address further includes a second field; and a second field of the second webpage address is used for carrying the authorization code.
In a fifth aspect, an embodiment of the present application further provides a server, where the server includes: a processor and a memory for storing processor-executable instructions; wherein the processor is configured to execute the instructions such that the server performs the application authorization method as in the first aspect and any of its possible embodiments; the server may be a first server.
In a sixth aspect, an embodiment of the present application further provides a terminal, where the terminal includes: a processor and a memory for storing processor-executable instructions; wherein the processor is configured to execute the instructions such that the terminal performs the application authorization method as described in the second aspect and any of its possible embodiments.
In a seventh aspect, this application further provides a computer-readable storage medium, on which computer instructions are stored, and when the computer instructions are executed on a server, the server is caused to execute the application program authorization method according to the first aspect and any possible implementation manner thereof; wherein the server may be a first server.
In an eighth aspect, the present application further provides a computer-readable storage medium, on which computer instructions are stored, and when the computer instructions are executed on a terminal, the terminal is caused to execute the application program authorization method according to the second aspect and any possible implementation manner thereof.
In a ninth aspect, embodiments of the present application further provide a computer program product, which includes one or more instructions that can be executed on a server, so that the server executes the application program authorization method according to the first aspect and any possible implementation manner thereof; wherein the server may be a first server.
In a tenth aspect, embodiments of the present application further provide a computer program product, which includes one or more instructions that can be executed on a terminal, so that the terminal executes the application program authorization method according to the second aspect and any possible implementation manner thereof.
It can be understood that, according to the solution provided by the embodiment of the present application, the first server receives a first request of the terminal, where the first request includes page information of the target web page. The first server generates a webpage identification and correspondingly stores the webpage identification and the webpage information of the target webpage; and then returning the first webpage address comprising the webpage identification to the terminal. Because the length of the webpage identifier is small and the data structure of the webpage identifier is simple, the first webpage address can carry the complete webpage identifier, that is, the first server can send the complete webpage identifier to the terminal. And the first server receives the second request sent by the terminal again. The second request may include the complete web page identification because the length of the web page identification is small and the data structure of the web page identification is simple. Furthermore, the first server can acquire the web page information of the target web page corresponding to the complete web page identifier in the second request from the stored web page information, and the web page information of the target web page stored by the second server is complete, so that the first server can send the complete web page information of the target web page to the terminal. Meanwhile, the first server also acquires authorization information according to the authorization code in the second request and sends the authorization information to the terminal. Therefore, the terminal can acquire the complete webpage information of the target webpage and the authorization information from the first server, and can further successfully generate the page of the target webpage in the authorization state by using the authorization information and the complete webpage information of the target webpage.
Drawings
Fig. 1 is a schematic diagram of an implementation environment related to an application authorization method provided in an embodiment of the present application;
fig. 2 is a flowchart of an application authorization method applied to a terminal according to an embodiment of the present application;
fig. 3 is a flowchart of an application authorization method applied to a first server according to an embodiment of the present application;
fig. 4 is a flowchart of an application program authorization method applied to an application program authorization system according to an embodiment of the present application;
fig. 5 is a schematic page view of an account of an information platform in an APP according to an embodiment of the present disclosure;
fig. 6 is a schematic diagram of an authorization confirmation page of an APP according to an embodiment of the present application;
fig. 7 is a schematic page diagram of a target webpage in an authorized state in an APP according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an application authorization apparatus applied to a first server according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of an application authorization apparatus applied to a terminal according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a server provided in an embodiment of the present application;
fig. 11 is a schematic structural diagram of a terminal according to an embodiment of the present application.
Detailed Description
In the following, the terms "first", "second" are used for descriptive purposes only and are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. For example, the first field and the second field are different fields.
Embodiments of the present application provide an application program authorization method, and embodiments of the present application are described in detail below with reference to the accompanying drawings.
Please refer to fig. 1, which illustrates an implementation environment of an application authorization method according to an embodiment of the present application. As shown in fig. 1, the implementation environment may include a plurality of servers 101 and a terminal 102, and the plurality of servers 101 may include a first server 101-1, a second server 101-2, and the like.
The terminal 102 may install an APP or multiple APPs. The one or more APPs include a first APP, which may provide the developer or the merchant with the related functions of the information platform account in addition to some functions provided for the user, for example, some instant messaging APPs provide the developer or the merchant with the related functions of the information platform account in addition to providing the user with the communication functions, the payment functions, and the like. The first server 101-1 is used for providing data support for a certain information platform account in the first APP, and the second server 101-2 is used for providing data support for the first APP.
When the user uses the first APP, the user account needs to be registered, and multiple functions in the APP are used under the condition of logging in the user account. Similarly, a developer or a merchant also needs to register an information platform account, and use the related function of the information platform account in the first APP when logging in the information platform account, for example, a page of a target webpage of the information platform account is displayed to a user accessing the information platform account.
For example, the terminal in the embodiment of the present application may be a mobile phone, a tablet computer, and the like, and the embodiment of the present application does not particularly limit the specific form of the terminal.
It should be noted that the number of terminals and servers in fig. 1 is merely illustrative. There may be any number of terminals and servers, according to practical needs.
In the embodiment of the application, a terminal provided with a first APP receives an operation of a user for checking a target webpage of any one information platform account of the first APP, and a client of the information platform account sends an authorization request to a second server corresponding to the first APP. The authorization request comprises page information of the target webpage; the authorization request is used to request authorization information (e.g., user information) from the second server. Then, in response to the authorization request, the second server generates a second webpage address (which may be referred to as an authorization response) and sends the second webpage address to the client of the information platform account if the user agrees to authorization. The second web page address includes page information of a target web page in the authorization request. The client side of the information platform account obtains the authorization information of the user in the first APP by using the second webpage address; and generating and displaying the page of the target webpage in the authorization state by using the authorization information and the page information of the target webpage in the second webpage address.
The authorization information may be user information, and the user information may include a user IDentity number (ID), a user account, a user avatar, a user nickname, a user gender, and the like in the first APP.
The authorization request may include fields for storing different information, such as a field for storing page information of the target web page.
For example, taking an information platform account in an instant messaging application APP as a public number as an example, a field in an authorization request sent by a client of any one of the APPs of the public number may include appid, redirect _ uri, response _ type, scope, state, and # WeChat _ redirect. Wherein the apid is used for carrying the ID of the public number. The redirect _ uri is used for carrying a redirected callback link address after authorization, and the callback link address needs to be processed by using the urlEnocde. The response _ type is used to carry a return type for the authorization request. scope is used for carrying scope representing APP authorization, and the scope is mainly divided into a silent authorization snsapi _ base and a non-silent authorization snsapi _ userinfo; the silence authorization snsapi _ base means that the user ID can only be obtained without user confirmation; the non-silent authorization snsapi _ userinfo means that the user is required to confirm and other authorization information such as the user ID, the user head portrait, the user nickname, the user gender and the like can be acquired. The state may be used to carry page information of the target web page. # WeChat _ redirect is used to carry the fields needed to open the authorization request directly or to do a page redirect.
Here, the snsapi _ base is an example of the first flag described in the following embodiments, and the snsapi _ userinfo is an example of the second flag described in the following embodiments.
Note that the names of the fields (i.e., appid, redirect _ uri, response _ type, scope, state, and # WeChat _ redirect) may be other names, and are not limited to the names of the fields.
At present, because a terminal display page is stateless, that is, information of one web page cannot be stored when another web page is displayed, a client of an account of the information platform cannot store page information of a target web page, and the page information of the target web page can only be carried in the authorization request and sent to a second server corresponding to a first APP, and then a second web address for the authorization request returned by the second server is received, and the second web address can carry the page information of the target web page same as the authorization request. Therefore, the client of the information platform account can generate the page of the target webpage in the authorization state by using the page information of the target webpage in the second webpage address.
However, since the maximum length of data that can be carried by the field state for carrying the page information of the target web page is 128 bytes, and the field state cannot carry special characters and more variables, the field state cannot carry the complete page information of the target web page for more complex page information. That is, the page information of the target webpage in the authorization request sent by the client of the information platform account to the second server is incomplete. Then, the page information of the target webpage, which is obtained from the second webpage address by the client of the information platform account, is also incomplete, so that the page of the target webpage in the authorization state cannot be successfully generated.
In view of the above, the embodiment of the present application provides an application program authorization method, which can solve the above problems in the related art, and enable a terminal to obtain authorization information and complete page information of a target webpage, so as to successfully generate a page of the target webpage by using the authorization information and the complete page information of the target webpage.
It should be noted that, the following APPs are all referred to as first APPs, that is, APPs that, in addition to providing some functions to the user, can also provide the developer or the merchant with the related functions of the information platform account.
Referring to fig. 2, a flowchart of an application authorization method provided in an embodiment of the present application is applied to a terminal installed with an APP, and the method may include S201-S207.
S201, a terminal detects an access operation of a target webpage corresponding to an information platform account in an application program and sends a first request to a first server corresponding to the information platform account; the first request is used for requesting to acquire the target webpage, and the first request comprises page information of the target webpage.
When the terminal runs the APP, the terminal detects the access operation of a user to a target webpage corresponding to any information platform account in the APP, and responds to the access operation to judge whether the access operation is authorized by the APP and whether the authorization time limit of the access operation is expired. And if the access operation is authorized by the APP and the authorization time limit of the access operation is not exceeded, the terminal directly generates and displays the page of the target webpage in the authorization state. And if the access operation is not authorized by the APP or the authorization deadline of the access operation is over, the terminal sends page information of the target webpage to a first server corresponding to the account of the information platform. After receiving the page information of the target webpage, the first server can generate a webpage identifier and correspondingly store the page information of the target webpage and the webpage identifier; and then generating a first webpage address carrying the webpage identifier, and sending the first webpage address to the terminal.
The page information of the target webpage may include: information related to a page of the target web page, information related to a Uniform Resource Locator (URL) of the target web page, and the like. The URL may also be referred to simply as a web page address.
The access operation is authorized by the APP, which means that the APP authorizes the access operation by the APP to send the authorization information (e.g., user information).
S202, the terminal receives a first webpage address from a first server; the first webpage identification comprises a webpage identification and account information of an information platform account, the webpage identification corresponds to the webpage information of a target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program.
The terminal receives a first webpage address URL carrying the webpage identification and account information of the information platform account from the first server. The webpage identification refers to the webpage identification in the corresponding relation between the webpage identification stored by the first server and the webpage information of the target webpage.
In an embodiment of the present application, the first webpage address URL may include a first field; a web page identification (e.g., web page ID) is carried in a first field of the first web page address URL.
For example, the first field may be the above-mentioned field state, and the first web page address URL includes "state ═ web page ID".
S203, the terminal sends an authorization request carrying the first webpage address to a second server corresponding to the APP.
And the second server receives and responds to the authorization request, and can judge whether the account number of the information platform has the authority of acquiring the authorization information of the application program by using the account number information of the account number of the information platform in the first webpage address. Then, the second server can acquire the authorization code under the condition that the account number of the information platform has the authority; and then, modifying the first webpage address by using the authorization code to generate a second webpage address (for example, adding the authorization code to the first webpage address to generate the second webpage address), and sending the second webpage address to the terminal.
Secondly, the second server can also generate first prompt information indicating that the information platform account does not have the authority under the condition that the information platform account does not have the authority, and send the first prompt information to the terminal.
Wherein the second web page address may be a redirect address. The redirection address includes a carried authorization code. The redirection address is used for triggering the terminal to generate and display a webpage of the target webpage in an authorized state by using the redirection address.
The authorization request may be a HyperText Transfer Protocol (HTTP) request.
And S204, the terminal receives a second webpage address from the second server.
The second webpage address comprises a webpage identifier and an authorization code; the authorization code is assigned by the second server when the information platform account number has the authority.
In this embodiment, the second webpage address may include an authorization code and a webpage identifier. The second web page address may further include a first field and a second field; the web page identification is carried in a first field (e.g., the field state) of the second web page address and the authorization code is carried in a second field (e.g., the field code) of the second web page address.
It should be noted that, in response to the authorization request carrying the first web address, the second server obtains the authorization code, and modifies the first web address by using the authorization code to generate the second web address. Thus, the first web page address includes a web page identification, a first field, and a second field, and the second web page address also includes the web page identification, the first field, and the second field. The first field in the first webpage address carries a webpage identifier, and the first field in the second webpage address carries a webpage identifier.
Illustratively, the second server stores the authorization code in a second field in the first webpage address, generating a second webpage address. And the second field in the second webpage address carries the authorization code.
S205, the terminal sends a second request to the first server by using the second webpage address; the second request is used for requesting to acquire the webpage information of the target webpage by utilizing the webpage identification and requesting to acquire the authorization information by utilizing the authorization code.
And the first server receives the second request, acquires the webpage information of the target webpage corresponding to the webpage identifier in the second request from the stored webpage information, and acquires the authorization information according to the authorization code in the second request. Then, the second server sends the webpage information of the target webpage and the authorization information to the terminal.
In this embodiment of the application, the second webpage address may include the authorization code and the webpage identifier, and may further include the first identifier or the second identifier. The first identifier is used for triggering the terminal to send a second request to the first server, and the second identifier is used for triggering the terminal to display an authorization confirmation page.
It should be noted that the second server modifies the first web page address by using the authorization code to generate the second web page address. Therefore, the first webpage address comprises the first identification, and the second webpage address also comprises the first identification; or, the first web page address includes the second identifier, and then the second web page address also includes the second identifier.
In this embodiment of the application, if the second webpage address includes the first identifier (e.g., the silence grant snsapi _ base), the terminal loads the second webpage address and sends a second request to the first server.
In this embodiment of the application, if the second webpage address includes the second identifier (e.g., the non-silent authorization snsapi _ userinfo), the terminal loads the second webpage address and jumps to the authorization confirmation page. And if the confirmation authorization operation of the user is detected on the authorization confirmation page, sending a second request to the first server.
The second request may include the first identifier or the second identifier in the second web page address, or specific information for characterizing the first identifier or the second identifier in the second web page address.
In this embodiment of the application, when the second webpage address includes the first identifier, the authorization information may be a user ID. When the second webpage address includes the second identifier, the authorization information may be user details. Wherein the user detailed information comprises at least one of a user head portrait, a user nickname, a user gender and other authorization information.
S206, the terminal receives the page information and the authorization information from the first server.
And S207, the terminal displays the page of the target webpage in the authorization state by using the page information and the authorization information.
And the terminal generates a page of the target webpage in the authorization state by using the authorization information and the webpage information of the target webpage, and displays the page of the target webpage in the authorization state.
It can be understood that the terminal detects an access operation to a target webpage corresponding to an information platform account in the APP, and sends a first request to a first server corresponding to the information platform account, where the first request includes page information of the target webpage. That is, the terminal transmits the web page information of the target web page to the first server. Then, the terminal receives a first webpage address from the first server, wherein the first webpage address comprises a webpage identifier corresponding to the webpage information of the target webpage, so that the terminal can be known to store the webpage information of the target webpage in the first server and receive the first webpage address comprising the webpage identifier. Because the length of the webpage identifier is small and the data structure of the webpage identifier is simple, the first webpage address can carry the complete webpage identifier. And the terminal sends an authorization request including the first webpage address to a second server corresponding to the APP, so that the first webpage address in the authorization request also carries a complete webpage identifier. Then, the terminal receives the second web page address from the second server. Since the terminal sends the web page identifier to the second server, the web page identifier in the second web page address received by the terminal from the second server is also complete. Furthermore, the terminal may obtain the web page information of the target web page corresponding to the web page identifier from the first server by using the complete web page identifier. Because the web page information of the target web page corresponding to the web page identifier stored in the first server is complete, the terminal can acquire the complete web page information of the target web page from the first server by using the complete web page identifier. The terminal further obtains authorization information from the first server by using the authorization code in the second webpage address, that is, the terminal can obtain the webpage information of the complete target webpage and the authorization information from the first server. And then the terminal can successfully generate the page of the target webpage in the authorization state by utilizing the authorization information and the complete page information of the target webpage.
In this embodiment of the application, after S203, the terminal stores the domain name identifier in a cookie (data stored on the terminal) file corresponding to the first web address by using the web identifier in the first web address; the domain name identification is a web page identification. After receiving the second webpage address, the terminal loads or accesses the second webpage address and acquires a domain name identifier from a cookie file corresponding to the second webpage address; and sending a second request to the first server, wherein the second request also comprises the domain name identifier.
Further, the webpage information and the authorization information received by the terminal are output by the first server under the condition that the webpage identifier and the domain name identifier in the second request are the same.
And the terminal adds the domain name identification acquired from the cookie file corresponding to the second webpage address in the second request. The cookie file corresponding to the first web page address is a cookie file corresponding to the domain name of the first server.
It can be understood that, if the other terminal acquires the first web page address returned to the terminal by the first server through the illegal path, the other terminal may generate another second request by using the web page identifier in the first web page address, and then send the other second request to the first server to request for acquiring the authorization information. After receiving the first web page address sent by the first server, the terminal stores the web page identifier in the first web page address in the local cookie file corresponding to the domain name of the first server, and then carries the domain name identifier in the local cookie file corresponding to the domain name of the first server in the second request, so that the domain name identifiers in the cookie files of different terminals are different. Then, the domain name identifier in the cookie file corresponding to the domain name of the first server and stored locally at the other terminal is carried by the other second request by the other terminal, which is different from the domain name identifier in the cookie file corresponding to the domain name of the first server and stored locally at the terminal, and is also different from the web page identifier in the first web page address. The first server only returns the page information of the target webpage to the terminal under the condition that the webpage identifier and the domain name identifier in the second request are the same, and the first server sends the page information and the authorization information of the target webpage to other terminals because the webpage identifiers and the domain name identifiers in other second requests sent by other terminals are different, so that the page information and the authorization information of the target webpage of the terminal are prevented from being illegally obtained by other terminals, and the information safety is improved.
Referring to fig. 3, a flowchart of an application authorization method provided in an embodiment of the present application, the method being applied to a first server, may include S301-S306.
S301, the first server receives a first request from the terminal.
It should be noted that details of the first request in S301 refer to the detailed description about the first request in S201, and are not repeated herein in this embodiment of the application.
S302, the first server generates a webpage identifier of a target webpage and stores the webpage identifier, webpage information of the target webpage and a corresponding relation between the webpage identifier and the webpage information of the target webpage; the web page identification is used to identify web page information of the target web page.
After receiving the page information of the target webpage, the first server can generate a webpage identifier and correspondingly store the page information of the target webpage and the webpage identifier; and then generating a first webpage address carrying the webpage identifier, and sending the first webpage address to the terminal.
S303, the first server sends the first webpage address to the terminal.
It should be noted that, for details of the first webpage address in S303, refer to the detailed description about the first webpage address in S202, and details are not repeated herein in this embodiment of the application.
S304, the first server receives a second request from the terminal.
The second request comprises a webpage identifier and an authorization code, wherein the authorization code is distributed under the condition that the information platform account number has the authority.
It should be noted that details of the second request in S304 refer to the detailed description about the second request in S205, and are not repeated herein in this embodiment of the application.
The second request further comprises a domain name identifier of the terminal, and the domain name identifier is obtained by the terminal from a cookie file corresponding to the first webpage address. The first server may determine whether the web page identifier and the domain name identifier in the second request are the same. If the web page identifier and the domain name identifier are the same, the first server performs S305. And if the webpage identifier is different from the domain name identifier and the second request is illegal, the first server refuses to respond to the second request and can also send first prompt information to the terminal. The first prompt message indicates that the webpage information and the authorization information are failed to be acquired.
S305, the first server obtains the webpage information of the target webpage corresponding to the webpage identifier in the second request from the stored webpage information, and obtains the authorization information according to the authorization code in the second request.
In the embodiment of the application, a first server may send an authorization code and account information of an information platform account to a second server corresponding to an APP; authorization information from the second server is received.
When the second webpage address includes the first identifier (e.g., the silence grant snsapi _ base), the grant information may be the user ID. When the second webpage address is the second identifier (e.g., the non-silent authorization snsapi _ userinfo), the authorization information may be the user details.
For example, if it is determined that the second webpage address includes the first identifier, the first server sends, to the second server, a first information acquisition request carrying the authorization code and account information of the information platform account (e.g., ID of the information platform account). The second server sends a user ID corresponding to the authorization code to the first server in response to the first information acquisition request. The first information acquisition request is used for requesting to acquire a user ID. And when the second request comprises the first identification or specific information used for characterizing the first identification in the second webpage address, the first server determines that the second webpage address comprises the first identification.
For example, if it is determined that the second webpage address includes the second identifier, the first server sends a second information acquisition request carrying the authorization code and the account information of the information platform account to the second server. And the second server responds to the second information acquisition request and sends the access token access-token and the user ID to the first server. And the first server receives the access token access-token and the user ID and sends a third information acquisition request carrying the access token access-token and the user ID to the second server. And the second server responds to the third information acquisition request and sends the user detailed information to the first server. The second information acquisition request is used for triggering a second server to start a process of acquiring the detailed information of the user; the third information acquisition request is used for requesting to acquire the detailed information of the user. And when the second request comprises the second identification or specific information used for characterizing the second identification in the second webpage address, the first server determines that the second webpage address comprises the second identification.
S306, the first server sends the webpage information and the authorization information to the terminal.
It is understood that the first server receives a first request of the terminal, the first request including page information of the target web page. The first server generates a webpage identification and correspondingly stores the webpage identification and the webpage information of the target webpage; and then returning the first webpage address comprising the webpage identification to the terminal. Because the length of the webpage identifier is small and the data structure of the webpage identifier is simple, the first webpage address can carry the complete webpage identifier, that is, the first server can send the complete webpage identifier to the terminal. And the first server receives the second request sent by the terminal again. The second request may include the complete web page identification because the length of the web page identification is small and the data structure of the web page identification is simple. Furthermore, the first server can acquire the web page information of the target web page corresponding to the complete web page identifier in the second request from the stored web page information, and the web page information of the target web page stored by the second server is complete, so that the first server can send the complete web page information of the target web page to the terminal. Meanwhile, the first server also acquires authorization information according to the authorization code in the second request and sends the authorization information to the terminal. Therefore, the terminal can acquire the complete webpage information of the target webpage and the authorization information from the first server, and can further successfully generate the page of the target webpage in the authorization state by using the authorization information and the complete webpage information of the target webpage.
Referring to fig. 4, a flowchart of an application authorization method provided in an embodiment of the present application is applied to an application authorization system, where the application authorization system may include: the information platform comprises a terminal provided with an APP, a first server corresponding to an account number of the information platform, and a second server corresponding to the APP. As shown in FIG. 4, the method may include S201, S301-S303, S202-S203, S401-S403, S204-S205, S304-S306, S206-S207.
S201, the terminal detects an access operation of a target webpage corresponding to an information platform account in an application program, and sends a first request to a first server corresponding to the information platform account.
S301, the first server receives a first request from the terminal.
S302, the first server generates a webpage identifier of a target webpage and stores the webpage identifier, webpage information of the target webpage and a corresponding relation between the webpage identifier and the webpage information of the target webpage; the web page identification is used to identify web page information of the target web page.
S303, the first server sends the first webpage address to the terminal.
S202, the terminal receives a first webpage address from a first server; the first webpage identification comprises a webpage identification and account information of an information platform account, the webpage identification corresponds to the webpage information of a target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program.
S203, the terminal sends an authorization request carrying the first webpage address to a second server corresponding to the APP.
S401, the second server receives an authorization request carrying the first webpage address from the terminal.
S402, the second server obtains the authorization code and generates a second webpage address comprising a webpage identifier and the authorization code under the condition that the account number of the information platform is determined to have the authority of obtaining the authorization information of the application program according to the account number information of the account number of the information platform in the first webpage address.
It should be noted that, for details of S402, refer to the above detailed description about the second server obtaining the authorization code in S203, and details are not described herein in this embodiment of the application.
And S403, the second server sends the second webpage address to the terminal.
And S204, the terminal receives a second webpage address from the second server.
S205, the terminal sends a second request to the first server by using the second webpage address; the second request is used for requesting to acquire the webpage information of the target webpage by utilizing the webpage identification and requesting to acquire the authorization information by utilizing the authorization code.
S304, the first server receives a second request from the terminal.
S305, the first server obtains the webpage information of the target webpage corresponding to the webpage identifier in the second request from the stored webpage information, and obtains the authorization information according to the authorization code in the second request.
S306, the first server sends the webpage information and the authorization information to the terminal.
S206, the terminal receives the page information and the authorization information from the first server.
And S207, the terminal displays the page of the target webpage in the authorization state by using the page information and the authorization information.
It can be understood that the terminal detects an access operation to a target webpage corresponding to an account of an information platform in the APP, and sends webpage information of the target webpage to the first server, that is, stores the webpage information of the target webpage in the first server. Then, the terminal receives a first webpage address including a webpage identifier. The length of the webpage identifier is small, and the data structure of the webpage identifier is simple; therefore, the first webpage address can carry the complete webpage identification. And the terminal sends an authorization request including the first webpage address to a second server corresponding to the APP, so that the first webpage address in the authorization request also carries a complete webpage identifier. Then, the terminal receives the second web page address from the second server. Since the terminal sends the web page identifier to the second server, the web page identifier in the second web page address received by the terminal from the second server is also complete. Furthermore, the terminal may obtain, from the first server, the web page information of the complete target web page corresponding to the web page identifier by using the complete web page identifier. The terminal further obtains authorization information from the first server by using the authorization code in the second webpage address, that is, the terminal can obtain the webpage information of the complete target webpage and the authorization information from the first server.
Illustratively, as shown in fig. 5, a schematic diagram of a page of an information platform account in an instant messaging application APP, a user opens a page of the information platform account a on a terminal, where the page includes "information of an item B" and "information of an item C". And the user can click the 'information of the article B' on the page, and the terminal receives the access operation of the user on a target webpage corresponding to the 'information of the article B' of the information platform account A in the APP.
Then, the terminal responds to the access operation and sends a first request to a first server corresponding to the information platform account A; receiving a first webpage address of a first server corresponding to an information platform account A; sending an authorization request carrying a first webpage address to a second server corresponding to the APP; a second web page address is received from a second server. And if the second webpage address comprises a second identifier, the terminal loads the second webpage address and jumps to an authorization confirmation page. As shown in fig. 6, the authorization confirmation page includes: the "authorization", "information platform account number a apply for", "get your nickname, avatar", "cancel" and "allow" options. If the user clicks the "cancel" option, it indicates that the user does not agree with the authorization. If the user clicks the ' allow ' option, which indicates that the user agrees with authorization, the terminal determines that the user's authorization confirmation operation is detected.
Then, when the terminal determines that the confirmation authorization operation of the user is detected, the terminal sends a second request to the first server. The first server responds to the second request, acquires the user detailed information from the second server, and also acquires the webpage information of the target webpage. The user details may include a user nickname and a user avatar. The first server sends the user detailed information and the webpage information of the target webpage to the terminal. And the terminal generates and displays the page of the target webpage in the authorization state by using the detailed user information and the webpage information of the target webpage. As shown in fig. 7, the terminal displays a page of the target web page in the authorized state, which includes the detail information of the item B.
It is understood that the above method may be implemented by the terminal, the first server, or the application authorization apparatus in the application authorization system. The terminal, the first server or the application authorization system, in order to implement the above functions, includes a hardware structure and/or a software module corresponding to each function. Those of skill in the art will readily appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the embodiments of the present application.
In the embodiment of the present application, the application authorization apparatus and the like may be divided into functional modules according to the method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
In the case of dividing each function module according to each function, fig. 8 is a schematic structural diagram of an application authorization apparatus according to the above embodiment, where the apparatus 5 is applied to a first server, and the apparatus 5 includes: a receiving module 501, a processing module 502 and a sending module 503. The receiving module 501 is configured to receive a first request from a terminal; the processing module 502 is configured to generate a web page identifier of a target web page, and store the web page identifier, web page information of the target web page, and a corresponding relationship between the web page identifier and the web page information of the target web page; a sending module 503, configured to send a first webpage address to the terminal; the receiving module 501 is further configured to receive a second request from the terminal, where the second request includes a webpage identifier and an authorization code; the processing module 502 is further configured to obtain, from the stored web page information, web page information of a target web page corresponding to the web page identifier in the second request, and obtain authorization information according to the authorization code; the sending module 503 is further configured to send the webpage information and the authorization information to the terminal.
The first request is used for requesting to acquire a target webpage of the information platform account, and the first request comprises webpage information of the target webpage. The web page identification is used to identify web page information of the target web page. The first webpage address comprises a webpage identifier and account information of an information platform account, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program. The authorization code is assigned when the information platform account number has the authority.
In a possible implementation manner, the second request further includes a domain name identifier of the terminal, and the domain name identifier is obtained by the terminal from a cookie file corresponding to the first web page address. The processing module 502 is further configured to determine that the web page identifier is the same as the domain name identifier after the second request from the terminal is received and before the web page information of the target web page corresponding to the web page identifier in the second request is acquired from the stored web page information.
In another possible implementation manner, the processing module 502 is further configured to determine that the second request fails to acquire the page information and the authorization information of the target web page after determining that the web page identifier and the domain name identifier are different after receiving the second request from the terminal.
In another possible implementation, the processing module 502 is specifically configured to: sending an authorization code and account information of the information platform account to a second server corresponding to the application program; authorization information is received from the second server.
In the case of adopting the method of dividing each function module corresponding to each function, fig. 9 shows a schematic structural diagram of another application program authorization apparatus related in the foregoing embodiment, where the apparatus 6 is applied to a terminal, an APP is installed in the terminal, and the apparatus 6 includes: a processing module 601, a receiving module 602 and a display module 603; the processing module 601 includes a sending module 604. The sending module 604 is configured to detect an access operation to a target webpage corresponding to an information platform account in an application program, and send a first request to a first server corresponding to the information platform account; a receiving module 602, configured to receive a first web page address from a first server; the sending module 604 is further configured to send an authorization request carrying the first webpage address to a second server corresponding to the application program; a receiving module 602, further configured to receive a second web page address from a second server; the processing module 601 is configured to send a second request to the first server by using the second web page address; the receiving module 602 is further configured to receive webpage information and authorization information from the first server; the display module 603 is configured to display a page of the target webpage in the authorized state by using the webpage information and the authorization information.
The first request is used for requesting to acquire a target webpage, and the first request comprises webpage information of the target webpage. The first webpage address comprises a webpage identifier and account information of an information platform account, the webpage identifier corresponds to the webpage information of the target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program. The second webpage address comprises a webpage identifier and an authorization code, wherein the authorization code is distributed under the condition that the information platform account number has the authority. The second request is used for requesting to acquire the webpage information of the target webpage by utilizing the webpage identification and requesting to acquire the authorization information by utilizing the authorization code.
In a possible implementation manner, the processing module 601 is configured to, after the receiving of the first web address from the first server, utilize the web page identifier in the first web address to store the domain name identifier in the data file stored on the terminal corresponding to the first web address; the domain name identification is a webpage identification; the processing module 601 is specifically configured to access a second web page address and obtain a domain name identifier from a cookie file corresponding to the second web page address; the sending module 604 is specifically configured to send a second request to the first server, where the second request further includes a domain name identifier.
And the webpage information and the authorization information are output by the first server under the condition that the webpage identifier and the domain name identifier in the second request are the same.
In another possible implementation manner, the second web page address further includes a first identifier or a second identifier, the first identifier is used to trigger the terminal to send the second request to the first server, and the second identifier is used to trigger the terminal to display an authorization confirmation page.
The processing module 601 is specifically configured to send a second request to the first server if the second webpage address includes the first identifier; or if the second webpage address comprises the second identifier, displaying an authorization confirmation page by using the second webpage address; in the event that a confirm authorization operation is detected on the authorization confirmation page, a second request is sent to the first server.
In another possible embodiment, the first web address includes a first field, and the second web address includes a first field; and the first field of the first webpage address and the first field of the second webpage address are used for carrying webpage identifiers.
In another possible embodiment, the second web page address further includes a second field; and a second field of the second webpage address is used for carrying the authorization code.
In the case of integrated units, fig. 10 shows a possible structural diagram of the server involved in the above-described embodiment. The server 7 may include: a processor 701 and a memory 702 for storing processor-executable instructions. Wherein the processor 701 is configured to execute the instructions such that the server 7 performs the application authorization method as described above for the first server. The server 7 may be the first server described above.
Among other things, processor 701 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so on. The processor 701 may include an Application Processor (AP), a modem processor, a controller, a memory, a video codec, a Digital Signal Processor (DSP), a baseband processor, and/or a neural-Network Processing Unit (NPU), etc. The different processing units may be separate devices or may be integrated into one or more processors.
Memory 702 may include one or more computer-readable storage media, which may be non-transitory. Memory 702 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 702 is used to store at least one instruction for execution by processor 701 to implement an application authorization method as performed by the first server described above.
In the case of integrated units, fig. 11 shows a possible structural diagram of the terminal involved in the above-described embodiment. The terminal 8 may include: a processor 801 and a memory 802 for storing the processor-executable instructions; wherein the processor 801 is configured to execute the instructions so that the terminal 8 executes the application authorization method as performed by the terminal.
The processor 801 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so on. The processor 801 may include an AP, modem processor, controller, memory, video codec, DSP, baseband processor, and/or NPU, among others. The different processing units may be separate devices or may be integrated into one or more processors.
Memory 802 may include one or more computer-readable storage media, which may be non-transitory. Memory 802 may also include high speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 802 is used to store at least one instruction for execution by processor 801 to implement an application authorization method as performed by the terminal described above.
Embodiments of the present application further provide a computer-readable storage medium, where the computer-readable storage medium includes computer instructions, and when the computer instructions are executed on the terminal or the first server, the terminal or the first server is caused to perform the functions or steps in the foregoing method embodiments. For example, the computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a Compact Disc Read-Only Memory (CD-ROM), a magnetic tape, a floppy disk, an optical data storage device, and the like.
The embodiments of the present application further provide a computer program product, which when running on the terminal or the first server, causes the terminal or the first server to execute the functions or steps of the method embodiments.
Through the description of the above embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the above described functions.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, a module or a unit may be divided into only one logic function, and may be implemented in other ways, for example, a plurality of units or components may be combined or integrated into another apparatus, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed to a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially or partially contributed to by the prior art, or all or part of the technical solutions may be embodied in the form of a software product, where the software product is stored in a storage medium and includes several instructions to enable a device (which may be a single chip, a chip, or the like) or a processor (processor) to execute all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a U disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk.
The above description is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (10)

1. An application program authorization method applied to a first server, the method comprising:
receiving a first request from a terminal, wherein the first request is used for requesting to acquire a target webpage of an information platform account, and the first request comprises webpage information of the target webpage;
generating a webpage identifier of the target webpage, and storing the webpage identifier, the webpage information of the target webpage and the corresponding relation between the webpage identifier and the webpage information of the target webpage; the webpage identification is used for identifying webpage information of the target webpage;
sending a first webpage address to the terminal; the first webpage address comprises the webpage identifier and account information of the information platform account, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program;
receiving a second request from the terminal, wherein the second request comprises the webpage identifier and an authorization code, and the authorization code is distributed when the information platform account number has the authority;
acquiring webpage information of the target webpage corresponding to the webpage identifier in the second request from stored webpage information, and acquiring the authorization information according to the authorization code;
and sending the webpage information and the authorization information to the terminal.
2. The method according to claim 1, wherein the second request further includes a domain name identifier of the terminal, the domain name identifier being obtained by the terminal from a data file stored on the terminal corresponding to the first web page address;
after receiving the second request from the terminal, before acquiring the web page information of the target web page corresponding to the web page identifier in the second request from the stored web page information, the method further includes:
and determining that the webpage identifier is the same as the domain name identifier.
3. An application program authorization method is applied to a terminal, wherein an application program is installed in the terminal, and the method comprises the following steps:
detecting an access operation on a target webpage corresponding to an information platform account in the application program, and sending a first request to a first server corresponding to the information platform account; the first request is used for requesting to acquire the target webpage, and the first request comprises webpage information of the target webpage;
receiving a first web page address from the first server; the first webpage address comprises a webpage identifier and account information of the information platform account, the webpage identifier corresponds to the webpage information of the target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program;
sending an authorization request carrying the first webpage address to a second server corresponding to the application program;
receiving a second webpage address from the second server, wherein the second webpage address comprises the webpage identifier and an authorization code, and the authorization code is distributed when the information platform account number has the authority;
sending a second request to the first server by using the second webpage address; the second request is used for requesting to acquire the webpage information of the target webpage by using the webpage identification and requesting to acquire the authorization information by using the authorization code;
receiving the webpage information and the authorization information from the first server;
and displaying the page of the target webpage in an authorized state by using the webpage information and the authorization information.
4. The method of claim 3, wherein after said receiving the first web address from the first server, the method further comprises:
saving a domain name identifier in a data file which corresponds to the first webpage address and is stored on the terminal by using the webpage identifier in the first webpage address; the domain name identification is the webpage identification;
wherein the sending a second request to the first server using the second web page address comprises:
accessing the second webpage address, and acquiring the domain name identifier from a data file which corresponds to the second webpage address and is stored on the terminal;
sending the second request to the first server, the second request further comprising the domain name identifier;
wherein the web page information and the authorization information are output by the first server under the condition that the web page identifier and the domain name identifier in the second request are the same.
5. An apparatus for authorizing an application, applied to a first server, the apparatus comprising: the device comprises a receiving module, a processing module and a sending module;
the receiving module is used for receiving a first request from a terminal; the first request is used for requesting to acquire a target webpage of an information platform account, and the first request comprises webpage information of the target webpage;
the processing module is used for generating a webpage identifier of the target webpage and storing the webpage identifier, the webpage information of the target webpage and the corresponding relation between the webpage identifier and the webpage information of the target webpage; the webpage identification is used for identifying webpage information of the target webpage;
the sending module is used for sending a first webpage address to the terminal; the first webpage address comprises the webpage identifier and account information of the information platform account, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program;
the receiving module is further configured to receive a second request from the terminal, where the second request includes the web page identifier and an authorization code, and the authorization code is allocated when the information platform account has the authority;
the processing module is further configured to obtain, from the stored web page information, web page information of the target web page corresponding to the web page identifier in the second request, and obtain the authorization information according to the authorization code;
the sending module is further configured to send the webpage information and the authorization information to the terminal.
6. An application program authorization apparatus, applied to a terminal in which an application program is installed, the apparatus comprising: the device comprises a processing module, a receiving module and a display module, wherein the processing module comprises a sending module;
the sending module is used for detecting an access operation to a target webpage corresponding to an information platform account in the application program and sending a first request to a first server corresponding to the information platform account; the first request is used for requesting to acquire the target webpage, and the first request comprises webpage information of the target webpage;
the receiving module is used for receiving a first webpage address from the first server; the first webpage address comprises a webpage identifier and account information of the information platform account, the webpage identifier corresponds to the webpage information of the target webpage, and the account information is used for determining whether the information platform account has the authority of acquiring the authorization information of the application program;
the sending module is further configured to send an authorization request carrying the first webpage address to a second server corresponding to the application program;
the receiving module is further configured to receive a second web page address from the second server, where the second web page address includes the web page identifier and an authorization code, and the authorization code is allocated when the information platform account number has the authority;
the processing module is used for sending a second request to the first server by using the second webpage address; the second request is used for requesting to acquire the webpage information of the target webpage by using the webpage identification and requesting to acquire the authorization information by using the authorization code;
the receiving module is further configured to receive the web page information and the authorization information from the first server;
and the display module is used for displaying the page of the target webpage in an authorized state by utilizing the webpage information and the authorization information.
7. A server, characterized in that the server comprises: a processor and a memory for storing processor-executable instructions;
wherein the processor is configured to execute the instructions to cause the server to perform the application authorization method of any of claims 1-2.
8. A terminal, characterized in that the terminal comprises: a processor and a memory for storing processor-executable instructions;
wherein the processor is configured to execute the instructions to cause the terminal to perform the application authorization method according to any of claims 3-4.
9. A computer-readable storage medium having computer instructions stored thereon; wherein the computer instructions, when executed on a server, cause the server to perform the application authorization method of any of claims 1-2;
or, when run on a terminal, cause the terminal to perform the application authorization method according to any of claims 3-4.
10. A computer program product, characterized in that the computer program product comprises one or more instructions; wherein the one or more instructions are executed on a server such that the server performs the application authorization method of any of claims 1-2; or, the one or more instructions are executed on a terminal, so that the terminal executes the application program authorization method according to any one of claims 3-4; the server is a first server.
CN202011435612.5A 2020-12-10 2020-12-10 Application program authorization method and device Active CN112507254B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011435612.5A CN112507254B (en) 2020-12-10 2020-12-10 Application program authorization method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011435612.5A CN112507254B (en) 2020-12-10 2020-12-10 Application program authorization method and device

Publications (2)

Publication Number Publication Date
CN112507254A true CN112507254A (en) 2021-03-16
CN112507254B CN112507254B (en) 2024-06-11

Family

ID=74971890

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011435612.5A Active CN112507254B (en) 2020-12-10 2020-12-10 Application program authorization method and device

Country Status (1)

Country Link
CN (1) CN112507254B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104079611A (en) * 2013-03-29 2014-10-01 腾讯科技(深圳)有限公司 Method for preventing cross-site request forgery, related device and system
CN104754030A (en) * 2015-02-12 2015-07-01 腾讯科技(深圳)有限公司 User information obtaining method and device
CN105574170A (en) * 2015-12-16 2016-05-11 深圳市金立通信设备有限公司 Web page link opening method and terminal
CN105718517A (en) * 2016-01-14 2016-06-29 浪潮通用软件有限公司 Webpage display control method and system, and application server
CN107147647A (en) * 2017-05-11 2017-09-08 腾讯科技(深圳)有限公司 A kind of webpage authorization method and device
US20170277703A1 (en) * 2016-03-22 2017-09-28 Le Holdings (Beijing) Co., Ltd. Method for Displaying Webpage and Server
CN108076042A (en) * 2017-11-02 2018-05-25 深圳市金立通信设备有限公司 User information acquiring method, server and computer-readable medium
CN108733991A (en) * 2017-04-19 2018-11-02 腾讯科技(深圳)有限公司 Web application access method and device, storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104079611A (en) * 2013-03-29 2014-10-01 腾讯科技(深圳)有限公司 Method for preventing cross-site request forgery, related device and system
CN104754030A (en) * 2015-02-12 2015-07-01 腾讯科技(深圳)有限公司 User information obtaining method and device
CN105574170A (en) * 2015-12-16 2016-05-11 深圳市金立通信设备有限公司 Web page link opening method and terminal
CN105718517A (en) * 2016-01-14 2016-06-29 浪潮通用软件有限公司 Webpage display control method and system, and application server
US20170277703A1 (en) * 2016-03-22 2017-09-28 Le Holdings (Beijing) Co., Ltd. Method for Displaying Webpage and Server
CN108733991A (en) * 2017-04-19 2018-11-02 腾讯科技(深圳)有限公司 Web application access method and device, storage medium
CN107147647A (en) * 2017-05-11 2017-09-08 腾讯科技(深圳)有限公司 A kind of webpage authorization method and device
CN108076042A (en) * 2017-11-02 2018-05-25 深圳市金立通信设备有限公司 User information acquiring method, server and computer-readable medium

Also Published As

Publication number Publication date
CN112507254B (en) 2024-06-11

Similar Documents

Publication Publication Date Title
CN108733991B (en) Webpage application access method and device and storage medium
US9130927B2 (en) Single certificate service system and operational method thereof
CN104580406B (en) A kind of method and apparatus of synchronous logging state
WO2016127797A1 (en) User information acquisition method, apparatus, and server
US10050899B2 (en) Data processing method, apparatus, client, server and system
JP6686165B2 (en) Service execution method and device
TWI528301B (en) Processing method and device
EP3748500B1 (en) Inversion-of-control component service models for virtual environments
CN105516071A (en) Method for verifying safety of business operation, device, terminal and server
CN109802919B (en) Web page access intercepting method and device
CN105939362A (en) User account management method and device
US20150264095A1 (en) Web service push method and web service push server and web service providing server performing same
US9628939B2 (en) Data calling method and device
KR20190069574A (en) Wireless network type detection method and apparatus, and electronic device
CN107451488B (en) Method and device for providing personal information and mobile terminal
CN110007936B (en) Data processing method and device
CN115102744A (en) Data access method and device
CN112241544B (en) Service system, access method, access device, computer equipment and storage medium
CN110855655B (en) Information verification method, device, equipment and storage medium
WO2015003570A1 (en) Data downloading method,device and system thereof
CN112507254B (en) Application program authorization method and device
CN113254108A (en) Store operation method and device based on small program, electronic equipment and storage medium
US10742802B2 (en) Methods and devices for verifying a communication number
WO2017129068A1 (en) Event execution method and device and system therefor
CN108804713B (en) Image output method, electronic device, and computer-readable medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant