CN104539589A - Authorization method, server and client - Google Patents

Authorization method, server and client Download PDF

Info

Publication number
CN104539589A
CN104539589A CN201410756195.2A CN201410756195A CN104539589A CN 104539589 A CN104539589 A CN 104539589A CN 201410756195 A CN201410756195 A CN 201410756195A CN 104539589 A CN104539589 A CN 104539589A
Authority
CN
China
Prior art keywords
authorization
authorization code
client
sub
subscriber equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410756195.2A
Other languages
Chinese (zh)
Inventor
何忆亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Huawei Software Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201410756195.2A priority Critical patent/CN104539589A/en
Publication of CN104539589A publication Critical patent/CN104539589A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/56Unified messaging, e.g. interactions between e-mail, instant messaging or converged IP messaging [CPM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/58Message adaptation for wireless communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides an authorization method, a server and a client. The method comprises the steps that the client sends an authorization request to the server, and after the server confirms the authorization to user equipment through mobile information, the server provides an authorization code for the client; or the server generates the authorization code firstly, and then splits the authorization code into a first sub authorization code and a second sub authorization code, the first sub authorization code is returned to the client, the second sub authorization code is sent to the user equipment through mobile information, the user equipment can provide the second sub authorization code to the client to achieve authorization through an interactive interface provided by the client, the client combines the first sub authorization code with the second sub authorization code to obtain the complete authorization code, and therefore the client can use the authorization code to obtain private data of the user equipment according to an OAuth authorization norm. The OAuth authorization norm can be applied to traditional value-added services for interaction through mobile information.

Description

Authorization method, server and client side
Technical field
The embodiment of the present invention relates to communication technical field, particularly relates to a kind of authorization method, server and client side.
Background technology
Operator has a large amount of users usually; these users produce a large amount of data in business system, comprising the private data needing strict protection of magnanimity, as user's positional information in a mobile network; the service order data of user, the consumption inventory etc. of user.
Along with the development of the Internet and mobile Internet, operator faces OTT (Over The Top, refer to provide various application service by the Internet to user, this application is different with the communication service that current operator provides, it only utilizes the network of operator, and service provided by the third party outside operator) keen competition, in order to cope with competition, operator needs to build the ecosystem gradually, by open from having the ability and data attraction developer, more novelty is provided to apply and business by developer.
When open user data, need the secret protection carrying out user data, the private data of this user could be externally provided usually after subscriber authorisation.Industry controls the mandate of private data by OAuth (Open Authorization) authorization norm (also claiming OAuth agreement).OAuth authorization norm is that the mandate of user data provides a safety, open and easy standard.The mandate being OAuth with authorization difference in the past can not make third party touch the account (as user name and password) of user, i.e. the mandate of third party without the need to using the user name of user and password just can apply for obtaining this user data.
But, existing standard OAuth authorization norm is all based on browser (Browser) when realizing, realize the mutual of subscriber authorisation, be not suitable for and pass through mobile messaging, as Short Message Service is (English: ShortMessage Service, be called for short: SMS), multimedia messaging service, MMS is (English: Multimedia MessagingService, be called for short: MMS), unstructured supplementary data traffic is (English: UnstructuredSupplementary Service Data, be called for short: USSD), interactive voice response is (English: InteractiveVoice Response, IVR) etc. be called for short: carry out mutual traditional value-added service.
Summary of the invention
The embodiment of the present invention provides a kind of authorization method, server and client side, is not suitable for the problem of being carried out mutual traditional value-added service by mobile messaging for solving OAuth authorization norm.
First aspect, provides a kind of authorization method, and described method comprises:
The authorization requests that server receives client sends;
Described server is confirmed whether to described client authorization to subscriber equipment, obtains Authorization result;
Described server is that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code;
Described Authorization result and described authorization code are sent to described client by described server, and described Authorization result is for notifying that described client utilizes described authorization code to obtain the private data of described subscriber equipment.
In conjunction with first aspect, in the implementation that the first is possible, after the authorization requests that described server receives client sends, described method also comprises:
Record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment.
In conjunction with the first possible implementation of first aspect, in the implementation that the second is possible, described server is confirmed whether to described client authorization to subscriber equipment, obtains Authorization result and comprises:
Described server sends for asking the first mobile messaging to described client authorization to described subscriber equipment;
Described server receives the second mobile messaging that described subscriber equipment returns by replying described first mobile messaging;
Described server obtains described Authorization result according to described second mobile messaging;
Wherein, the transmission number of described first mobile messaging is described transaction number, and the receiving number of described first mobile messaging is the number of described subscriber equipment; The receiving number of described second mobile messaging is described transaction number, and the transmission number of described second mobile messaging is the number of described subscriber equipment.
In conjunction with the implementation that the second of first aspect is possible, in the implementation that the third is possible, described server is that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code and comprises:
Described server is according to the receiving number of described second mobile messaging and send authorized transaction described in number searching;
According to the described authorized transaction found, described server determines that the authorization object of described Authorization result is described client;
Allow to described client authorization if Authorization result is described subscriber equipment, then described server generates described authorization code.
In conjunction with the second or the third possible implementation of first aspect, in the 4th kind of possible implementation, described first mobile messaging and described second mobile messaging comprise: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
Second aspect, provides a kind of authorization method, and described method comprises:
The authorization requests that server receives client sends;
Described server generates authorization code, and described authorization code is split as the first sub-authorization code and the second sub-authorization code;
Described server sends the authorization requests response of carrying described first sub-authorization code to described client, the mobile messaging carrying described second sub-authorization code is sent to subscriber equipment, so that described second sub-authorization code is committed to described client by the interactive interface that described subscriber equipment is provided by described client, so that described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client, and utilize described authorization code to obtain the private data of described subscriber equipment.
In conjunction with second aspect, in the implementation that the first is possible, after the authorization requests that described server receives client sends, described method also comprises:
Record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment;
The transmission number of described mobile messaging is described transaction number, and the receiving number of described mobile messaging is the number of described subscriber equipment.
In conjunction with the first possible implementation of second aspect or first aspect, in the implementation that the second is possible, described server generates authorization code, and described authorization code is split as the first sub-authorization code and the second sub-authorization code comprises:
Described server generates described authorization code, and the rear N position of wherein said authorization code is random character;
Described rear N position is authorized, using the part in described authorization code except described rear N position as described first sub-authorization code as described second son by described server.
In conjunction with second aspect or or any one of its above-mentioned implementation, in the implementation that the third is possible, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
The third aspect, provides a kind of authorization method, and described method comprises:
User end to server sends authorization requests;
Described client generates authorization code at described server, and after described authorization code being split as the first sub-authorization code and the second sub-authorization code, receives the authorization requests response of carrying the first sub-authorization code that described server sends;
Described client provides interactive interface to subscriber equipment, and described interactive interface is used for the described second sub-authorization code of described subscriber equipment input, and described second sub-authorization code is that described server is sent to described subscriber equipment by mobile messaging;
Described client obtains the described second sub-authorization code that described subscriber equipment is submitted to by described interactive interface;
Described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client;
Described client utilizes described authorization code to obtain the private data of described subscriber equipment.
In conjunction with the third aspect, in the implementation that the first is possible, the rear N position of described authorization code is random character, and described rear N position is that described second son is authorized, and the part in described authorization code except described rear N position is described first sub-authorization code.
In conjunction with the first possible implementation of the third aspect, in the implementation that the second is possible, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
Fourth aspect, provides a kind of server, and described server comprises:
Receiving element, for receiving the authorization requests that client sends;
Granted unit, for being confirmed whether to described client authorization to subscriber equipment, obtains Authorization result;
Authorization code administrative unit, for being that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code;
Transmitting element, for described Authorization result and described authorization code are sent to described client, described Authorization result is for notifying that described client utilizes described authorization code to obtain the private data of described subscriber equipment.
In conjunction with fourth aspect, in the implementation that the first is possible, described server also comprises:
Record cell, for after the authorization requests of described reception client transmission, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment.
In conjunction with the first possible implementation of fourth aspect, in the implementation that the second is possible, described granted unit specifically for:
Send for asking the first mobile messaging to described client authorization to described subscriber equipment;
Receive the second mobile messaging that described subscriber equipment returns by replying described first mobile messaging;
Described Authorization result is obtained according to described second mobile messaging;
Wherein, the transmission number of described first mobile messaging is described transaction number, and the receiving number of described first mobile messaging is the number of described subscriber equipment; The receiving number of described second mobile messaging is described transaction number, and the transmission number of described second mobile messaging is the number of described subscriber equipment.。
In conjunction with the implementation that the second of fourth aspect is possible, in the implementation that the third is possible, described authorization code administrative unit specifically for:
According to receiving number and the authorized transaction described in transmission number searching of described second mobile messaging;
Determine that the authorization object of described Authorization result is described client according to the described authorized transaction found;
Allow to described client authorization if Authorization result is described subscriber equipment, then generate described authorization code.
In conjunction with the second or the third possible implementation of fourth aspect, the 4th kind of possible implementation, described first mobile messaging and described second mobile messaging comprise: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
5th aspect, provides a kind of server, and described server comprises:
Receiving element, for receiving the authorization requests that client sends;
Authorization code administrative unit, for generating authorization code, and is split as the first sub-authorization code and the second sub-authorization code by described authorization code;
Transmitting element, for sending the authorization requests response of carrying described first sub-authorization code to described client, the mobile messaging carrying described second sub-authorization code is sent to subscriber equipment, so that described second sub-authorization code is committed to described client by the interactive interface that described subscriber equipment is provided by described client, so that described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client, and utilize described authorization code to obtain the private data of described subscriber equipment.
In conjunction with the 5th aspect, in the implementation that the first is possible, described server also comprises:
Record cell, for after the authorization requests of described reception client transmission, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment;
The transmission number of described mobile messaging is described transaction number, and the receiving number of described mobile messaging is the number of described subscriber equipment.
In conjunction with the first possible implementation of the 5th aspect or the 5th aspect, in the implementation that the second is possible, authorization code administrative unit specifically for:
Generate described authorization code, the rear N position of wherein said authorization code is random character;
Described rear N position is authorized, using the part in described authorization code except described rear N position as described first sub-authorization code as described second son.
In conjunction with any one of the 5th aspect or its above-mentioned implementation, in the implementation that the third is possible, described mobile messaging comprises: in short message service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
6th aspect, provides a kind of client, and described client comprises:
Transmitting element, for sending authorization requests to server;
Receiving element, for generating authorization code at described server, and after described authorization code being split as the first sub-authorization code and the second sub-authorization code, receives the authorization requests response of carrying the first sub-authorization code that described server sends;
Push unit, for providing interactive interface to subscriber equipment, described interactive interface is used for the described second sub-authorization code of described subscriber equipment input, and described second sub-authorization code is that described server is sent to described subscriber equipment by mobile messaging;
Acquiring unit, for obtaining the described second sub-authorization code that described subscriber equipment is submitted to by described interactive interface;
Authorization code administrative unit, for being assembled into complete described authorization code by described first sub-authorization code and described second sub-authorization code;
Addressed location, for the private data utilizing described authorization code to obtain described subscriber equipment.
In conjunction with the 6th aspect, in the implementation that the first is possible, the rear N position of described authorization code is random character, and described rear N position is that described second son is authorized, and the part in described authorization code except described rear N position is described first sub-authorization code.
In conjunction with the first possible implementation of the 6th aspect or the 6th aspect, in the implementation that the second is possible, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
The embodiment of the present invention provides a kind of authorization method, server and client side, the authorization requests that in the embodiment of the present invention, user end to server sends, and authorization code is supplied to client after confirming mandate by mobile messaging to subscriber equipment by server; Or server first generates authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing used required in describing the embodiment of the present invention is briefly described, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The schematic flow sheet of a kind of authorization method that Fig. 1 provides for the embodiment of the present invention;
The schematic flow sheet of the another kind of authorization method that Fig. 2 provides for the embodiment of the present invention;
The schematic flow sheet of the another kind of authorization method that Fig. 3 provides for the embodiment of the present invention;
The schematic flow sheet of the another kind of authorization method that Fig. 4 provides for the embodiment of the present invention;
The effect schematic diagram of the authorization method that Fig. 5 provides for the embodiment of the present invention;
The schematic flow sheet of the another kind of authorization method that Fig. 6 provides for the embodiment of the present invention;
The effect schematic diagram of the authorization method that Fig. 7 provides for the embodiment of the present invention;
The structural representation of a kind of server that Fig. 8 provides for the embodiment of the present invention;
The structural representation of the another kind of server that Fig. 9 provides for the embodiment of the present invention;
The structural representation of the another kind of server that Figure 10 provides for the embodiment of the present invention;
The structural representation of the another kind of server that Figure 11 provides for the embodiment of the present invention;
The structural representation of the client that Figure 12 provides for the embodiment of the present invention;
The structural representation of the another kind of server that Figure 13 provides for the embodiment of the present invention;
The structural representation of the another kind of server that Figure 14 provides for the embodiment of the present invention;
The structural representation of another client that Figure 15 provides for the embodiment of the present invention.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Should understand, the technical scheme of the embodiment of the present invention can be applied to various communication system, particularly, it can be wireless communication system, such as: global system for mobile telecommunications is (English: Global System of Mobilecommunication, be called for short: GSM) system, code division multiple access is (English: Code Division MultipleAccess, be called for short CDMA) system, Wideband Code Division Multiple Access (WCDMA) is (English: Wideband Code DivisionMultiple Access, be called for short: WCDMA) system, GPRS is (English: GeneralPacket Radio Service, be called for short: GPRS), Long Term Evolution is (English: Long Term Evolution, be called for short: LTE) system, advanced Long Term Evolution is (English: Advanced long term evolution, be called for short: LTE-A) system, universal mobile telecommunications system is (English: Universal MobileTelecommunication System, be called for short: UMTS), also can be WLAN (English: Wireless Local Area Networks, WLAN), the wireless network such as WiFi be called for short:.In the embodiment of the present invention, subscriber equipment is the owner of private data, and this subscriber equipment can be that mobile phone, panel computer etc. have the equipment accepting mobile messaging function, in inventive embodiments, client (Client) can be logic function unit, can be such as the application (application) or the business that need the private data obtaining subscriber equipment, such as in OAuth authorization norm, client can be web application (web application), or based on the application (user-agent-based application) of user agent, or local application (nativeapplication), server end or the client of this application or business is not limited in the present embodiment, or client also can be the private data functional entity needing to obtain subscriber equipment, in the embodiment of the present invention, server can be understood as the server providing OAuth.
As shown in Figure 1, be the schematic flow sheet of a kind of authorization method that the embodiment of the present invention provides, the method is performed by server, and the method comprises:
101, the authorization requests of server receives client transmission.
102, server is confirmed whether to client authorization to subscriber equipment, obtains Authorization result.
103, server is that subscriber equipment allows after client authorization at the Authorization result determined, generates authorization code.
104, Authorization result and authorization code are sent to client by server, and Authorization result is for notifying that client utilizes authorization code to obtain the private data of subscriber equipment.
The embodiment of the present invention provides a kind of authorization method, in the method, user end to server sends authorization requests, after server confirms mandate by mobile messaging to subscriber equipment, authorization code is supplied to client, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention also provides another kind of authorization method, and the method is performed by server, and as shown in Figure 2, the method comprises:
201, the authorization requests of server receives client transmission.
202, server generates authorization code, and authorization code is split as the first sub-authorization code and the second sub-authorization code.
203, server sends the authorization requests response of carrying the first sub-authorization code to client, the mobile messaging carrying the second sub-authorization code is sent to subscriber equipment, so that the second sub-authorization code is committed to client by the interactive interface that subscriber equipment is provided by client, so that the first sub-authorization code and the second sub-authorization code are assembled into complete authorization code by client, and authorization code is utilized to obtain the private data of subscriber equipment.
The embodiment of the present invention also provides another kind of authorization method, and the method is by client executing, and as shown in Figure 3, the method comprises:
301, user end to server sends authorization requests.
302, client generates authorization code at server, and after authorization code being split as the first sub-authorization code and the second sub-authorization code, the authorization requests response of carrying the first sub-authorization code of reception server transmission.
303, client provides interactive interface to subscriber equipment, and interactive interface is used for subscriber equipment and inputs the second sub-authorization code, and the second sub-authorization code is that server is sent to subscriber equipment by mobile messaging.
304, client obtains the second sub-authorization code that subscriber equipment is submitted to by interactive interface.
305, the first sub-authorization code and the second sub-authorization code are assembled into complete authorization code by client.
306, client utilizes authorization code to obtain the private data of described subscriber equipment.
The embodiment of the present invention provides a kind of authorization method, after in the method, user end to server sends authorization requests, server first generates authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The technical scheme more clearly understood the embodiment of the present invention to enable those skilled in the art and provide, below by specific embodiment, is described in detail to the authorization method that embodiments of the invention provide.
In one embodiment of this invention, as shown in Figure 4, the method comprises:
401, user end to server sends authorization requests.
This authorization requests is used for the private data of acquisition request subscriber equipment, and this private data can comprise this subscriber equipment positional information in a mobile network, the service order data of the user of this subscriber equipment, the information such as the consumption inventory of the user of this subscriber equipment.
402, the authorization requests of server receives client transmission.After the authorization requests that server client sends, record the authorized transaction corresponding with this client, this authorized transaction comprises the transaction number for issuing mobile messaging, number (the such as phone number of the subscriber equipment (hereinafter subscriber equipment) that this client is asked, or IMEI code) etc., the Notify Address of this client that can also comprise, this Notify Address can carry in above-mentioned authorization requests, this Notify Address is used for sending Authorization result and authorization code (subscriber equipment allows just to be had to this client authorization) by server to this client in follow-up flow process, in addition, the required content that other are possible can also be comprised, be not limited to the above-mentioned content enumerated.
In addition, authorization requests response can be replied to this client after the authorization requests that server receives client sends.
403, server sends for asking the first mobile messaging to client authorization to subscriber equipment.
This first mobile messaging can for SMS message (also claiming note), MMS message (also claiming multimedia message), USSD message, IVR message etc. carry out in mutual traditional value-added service any one.Wherein, the transmission number of this first mobile messaging is above-mentioned transaction number, and the receiving number of the first mobile messaging is the number of above-mentioned subscriber equipment.In addition, the transmission number of this first mobile messaging is unique within a period of time, and the concrete duration of this period of time can be arranged according to the actual requirements.Whether the user of this subscriber equipment can directly carry out reply to realize really authorizing on this first mobile messaging.
This first mobile messaging is for SMS message, its design sketch can be as shown in Figure 5, wherein, " weather forecast " business is the client of acquisition request subscriber equipment private data, 10086256 is the transmission number of this first mobile messaging, this number is the transaction number for the authorized transaction of " weather forecast " business generates, and 13912345678 is receiving number, the namely number of subscriber equipment.Agree to authorize and reply " 1 ", do not agree to that mandate is replied " 2 " and is respectively the corresponding informance of authorizing corresponding information and refusing to authorize.
404, the second mobile messaging of being returned by reply first mobile messaging of server receives user equipment.
Same, this second mobile messaging also can be SMS message, MMS message, USSD message, IVR message etc. carry out in mutual traditional value-added service any one.General, if the first mobile messaging is SMS message, then the second mobile messaging is also SMS message, if the first mobile messaging is that above-mentioned other types message and SMS message are similar, is not repeating.
Wherein, the transmission number of this second mobile messaging is the number of above-mentioned subscriber equipment, and the receiving number of the second mobile messaging is above-mentioned transaction number, and subscriber equipment returns the second mobile messaging by reply first mobile messaging and can comprise:
The user of such as subscriber equipment replys and authorizes corresponding information on the first mobile messaging, or the corresponding informance that refusal is authorized.As shown in Figure 5, agree to authorize and reply " 1 ", do not agree to authorize and reply " 2 ".The corresponding informance that the information of the mandate correspondence shown in Fig. 5 and refusal are authorized is only exemplary, do not limit at this, also can replace with out of Memory, such as represent with " Y " and " N " respectively and authorize and refusal mandate, or "Yes" and "No" represent to be authorized and refuses to authorize etc., does not enumerate at this.
405, server obtains Authorization result according to the second mobile messaging.
The corresponding informance that the information of the mandate correspondence in the second mobile messaging that server user's equipment sends or refusal are authorized determines whether this subscriber equipment is agreed to authorize.
406, server is described client according to the authorization object of the receiving number of the second mobile messaging and transmission number determination Authorization result.
Concrete, according to the receiving number of the second mobile messaging with send the authorized transaction that number carrys out record in finding step 402, concrete, transmission number due to the second mobile messaging is the number of above-mentioned subscriber equipment, the receiving number of the second mobile messaging is above-mentioned transaction number, therefore receiving number and transmission number are mated with the number of the transaction number recorded in 402 and subscriber equipment respectively, just can find the authorized transaction of record in 402, thus determine that the authorization object of Authorization result is described client.
Allow to described client authorization if Authorization result is subscriber equipment, then perform 407 ~ 409; Do not allow to described client authorization, then to perform 410 if Authorization result is subscriber equipment.
407, server generates authorization code.
408, Authorization result and authorization code are sent to client by server.
Server is according to the Notify Address of this client described in 402 by Authorization result and authorization code, and this Authorization result is for notifying that client utilizes authorization code to obtain the private data of subscriber equipment.
409, client utilizes authorization code to obtain the private data of described subscriber equipment.
Concrete, according to OAuth authorization norm, client utilizes authorization code to exchange access code (AccessToken), and utilizes access code as the voucher of the private data of acquisition subscriber equipment to obtain this private data.
410, Authorization result is sent to client by server, and Authorization result is for notifying that client authorization request is rejected.
In another embodiment of the invention, as shown in Figure 6, the method comprises:
501, user end to server sends authorization requests.
This authorization requests is used for the private data of acquisition request subscriber equipment, and this private data can comprise this subscriber equipment positional information in a mobile network, the service order data of the user of this subscriber equipment, the information such as the consumption inventory of the user of this subscriber equipment.
502, the authorization requests of server receives client transmission.
After the authorization requests that server client sends, record authorized transaction corresponding to this client, such as generate and record the transaction number for issuing mobile messaging, record number (the such as phone number of the subscriber equipment (hereinafter subscriber equipment) that this client is asked, or IMEI code etc.), and the Notify Address of this client that record authorization requests comprises, this Notify Address is used for sending authorization code by server to this client in follow-up flow process.
503, server generates authorization code, and authorization code is split as the first sub-authorization code and the second sub-authorization code.
Concrete, the rear N position stated in authorization code that server generates is random character, and is authorized, using the part in authorization code except rear N position as the first sub-authorization code as the second son rear N position.Wherein, above-mentioned random character can be random digit usually, but also can be letter, symbol, or one or more combination above.
504, server sends the authorization requests response of carrying the first sub-authorization code to client, sends the mobile messaging carrying the second sub-authorization code to subscriber equipment.
Server determines corresponding client and subscriber equipment according to the authorized transaction of record, then can send the authorization requests response of carrying the first sub-authorization code to this client according to the Notify Address of the client of record, can send according to the number of the subscriber equipment of record the mobile messaging carrying the second sub-authorization code to this subscriber equipment.Wherein, mobile messaging can be SMS message, MMS message, USSD message, IVR message etc. carry out in mutual traditional value-added service any one.
This second mobile messaging is for SMS message, its design sketch can be as shown in Figure 7, wherein, " weather forecast " business is the client of acquisition request subscriber equipment private data, 10086256 is the transmission number of this first mobile messaging, and this number is the transaction number for the authorized transaction of " weather forecast " business generates, and 13912345678 is receiving number, the namely number of subscriber equipment, authorization code: 536428 is this second sub-authorization code.
505, client provides interactive interface to subscriber equipment.This interactive interface is used for subscriber equipment and inputs the second sub-authorization code.
If the user of subscriber equipment agrees to authorize, the the second sub-authorization code obtained from server then can be inputted on this interactive interface, and by confirming to authorize on interactive interface, this second sub-authorization code is committed to client, such as click " mandate " button on interactive interface; If the user of subscriber equipment refuses to authorize, then not needing the sub-authorization code of input second, directly by refusing at interactive interface, such as, clicking " refusal " button on interactive interface.
If user agrees to authorize and this second sub-authorization code is committed to client, then perform step 506 ~ 508; If the user of subscriber equipment refuses to authorize, then terminate authorization flow.
506, client obtains the described second sub-authorization code that subscriber equipment is submitted to by interactive interface.
507, the first sub-authorization code and described second sub-authorization code are assembled into complete authorization code by client.
508, client utilizes authorization code to obtain the private data of subscriber equipment.
Concrete, according to OAuth authorization norm, client utilizes authorization code to exchange access code (AccessToken), and utilizes access code as the voucher of the private data of acquisition subscriber equipment to obtain this private data.
The embodiment of the present invention provides a kind of authorization method, the authorization requests that in the method, user end to server sends, and authorization code is supplied to client after confirming mandate by mobile messaging to subscriber equipment by server; Or server first generates authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention provides a kind of server 001, and as shown in Figure 8, described server 001 comprises:
Receiving element 0011, for receiving the authorization requests that client sends;
Granted unit 0012, for being confirmed whether to described client authorization to subscriber equipment, obtains Authorization result;
Authorization code administrative unit 0013, for being that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code;
Transmitting element 0014, for described Authorization result and described authorization code are sent to described client, described Authorization result is for notifying that described client utilizes described authorization code to obtain the private data of described subscriber equipment.
Optionally, as shown in Figure 9, described server 001 can also comprise:
Record cell 0015, for after the authorization requests of described reception client transmission, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment.
Optionally, described granted unit 0012 can be specifically for:
Send for asking the first mobile messaging to described client authorization to described subscriber equipment;
Receive the second mobile messaging that described subscriber equipment returns by replying described first mobile messaging;
Described Authorization result is obtained according to described second mobile messaging;
Wherein, the transmission number of described first mobile messaging is described transaction number, and the receiving number of described first mobile messaging is the number of described subscriber equipment; The receiving number of described second mobile messaging is described transaction number, and the transmission number of described second mobile messaging is the number of described subscriber equipment.
Optionally, described authorization code administrative unit 0013 can be specifically for:
According to receiving number and the authorized transaction described in transmission number searching of described second mobile messaging;
Determine that the authorization object of described Authorization result is described client according to the described authorized transaction found;
Allow to described client authorization if Authorization result is described subscriber equipment, then generate described authorization code.
Optionally, described first mobile messaging and described second mobile messaging comprise: in SMS message, MMS message, USSD message, IVR message any one.
The present embodiment is used for realizing above-mentioned each embodiment of the method, and in the present embodiment, the workflow of unit and operation principle are see the description in above-mentioned each embodiment of the method, do not repeat them here.
The embodiment of the present invention provides a kind of server, the authorization requests that this server receives client sends, after server confirms mandate by mobile messaging to subscriber equipment, authorization code is supplied to client, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention provides another kind of server 002, and as shown in Figure 10, described server 002 comprises:
Receiving element 0021, for receiving the authorization requests that client sends;
Authorization code administrative unit 0022, for generating authorization code, and is split as the first sub-authorization code and the second sub-authorization code by described authorization code;
Transmitting element 0023, for sending the authorization requests response of carrying described first sub-authorization code to described client, the mobile messaging carrying described second sub-authorization code is sent to subscriber equipment, so that described second sub-authorization code is committed to described client by the interactive interface that described subscriber equipment is provided by described client, so that described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client, and utilize described authorization code to obtain the private data of described subscriber equipment.
Optionally, as shown in figure 11, server 002 can also comprise:
Record cell 0024, for after the authorization requests of described reception client transmission, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment;
The transmission number of described mobile messaging is described transaction number, and the receiving number of described mobile messaging is the number of described subscriber equipment.
Optionally, authorization code administrative unit 0022 can be specifically for:
Generate described authorization code, the rear N position of wherein said authorization code is random character;
Described rear N position is authorized, using the part in described authorization code except described rear N position as described first sub-authorization code as described second son.
Optionally, described mobile messaging comprises: in SMS message, MMS message, USSD message, IVR message any one.
The present embodiment is used for realizing above-mentioned each embodiment of the method, and in the present embodiment, the workflow of unit and operation principle are see the description in above-mentioned each embodiment of the method, do not repeat them here.
The embodiment of the present invention provides a kind of server, after the transmission authorization requests that this server receives client sends, first generate authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention also provides a kind of client 003, and as Figure 12, described client 003 comprises:
Transmitting element 0031, for sending authorization requests to server;
Receiving element 0032, for generating authorization code at described server, and after described authorization code being split as the first sub-authorization code and the second sub-authorization code, receives the authorization requests response of carrying the first sub-authorization code that described server sends;
Push unit 0033, for providing interactive interface to subscriber equipment, described interactive interface is used for the described second sub-authorization code of described subscriber equipment input, and described second sub-authorization code is that described server is sent to described subscriber equipment by mobile messaging;
Acquiring unit 0034, for obtaining the described second sub-authorization code that described subscriber equipment is submitted to by described interactive interface;
Authorization code administrative unit 0035, for being assembled into complete described authorization code by described first sub-authorization code and described second sub-authorization code;
Addressed location 0036, for the private data utilizing described authorization code to obtain described subscriber equipment.
Optionally, the rear N position of described authorization code is random character, and described rear N position is that described second son is authorized, and the part in described authorization code except described rear N position is described first sub-authorization code.
Optionally, described mobile messaging comprises: in SMS message, MMS message, USSD message, IVR message any one.
The present embodiment is used for realizing above-mentioned each embodiment of the method, and in the present embodiment, the workflow of unit and operation principle are see the description in above-mentioned each embodiment of the method, do not repeat them here.
The embodiment of the present invention provides a kind of client, this user end to server sends authorization requests, then server first generates authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention also provides another kind of server 004, as shown in figure 13, described server 004 comprises: processor 0041, memory 0042, processor 0041, memory 0042 are connected by bus 0042, memory 0042 for storing computer program 00421, processor 0041 for perform computer program 00421 for:
Receive the authorization requests that client sends;
Be confirmed whether to described client authorization to subscriber equipment, obtain Authorization result;
The described Authorization result determined be described subscriber equipment allow after described client authorization, generate authorization code;
Described Authorization result and described authorization code are sent to described client, and described Authorization result is for notifying that described client utilizes described authorization code to obtain the private data of described subscriber equipment.
Optionally, processor 0041 perform computer program 00421 can also for:
After the authorization requests that described server receives client sends, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment.
Optionally, processor 0041 perform computer program 00421 can be specifically for:
Send for asking the first mobile messaging to described client authorization to described subscriber equipment;
Receive the second mobile messaging that described subscriber equipment returns by replying described first mobile messaging;
Described Authorization result is obtained according to described second mobile messaging;
Wherein, the transmission number of described first mobile messaging is described transaction number, and the receiving number of described first mobile messaging is the number of described subscriber equipment; The receiving number of described second mobile messaging is described transaction number, and the transmission number of described second mobile messaging is the number of described subscriber equipment.
Optionally, processor 0041 perform computer program 00421 can be specifically for:
Described server is according to the receiving number of described second mobile messaging and send authorized transaction described in number searching;
According to the described authorized transaction found, described server determines that the authorization object of described Authorization result is described client;
Allow to described client authorization if Authorization result is described subscriber equipment, then described server generates described authorization code.
Optionally, described first mobile messaging and described second mobile messaging comprise: in SMS message, MMS message, USSD message, IVR message any one.
The present embodiment is used for realizing above-mentioned each embodiment of the method, and in the present embodiment, the workflow of unit and operation principle are see the description in above-mentioned each embodiment of the method, do not repeat them here.
The embodiment of the present invention provides a kind of server, the authorization requests that this server receives client sends, after server confirms mandate by mobile messaging to subscriber equipment, authorization code is supplied to client, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention also provides another kind of server 005, as shown in figure 14, described server 005 comprises: processor 0051, memory 0052, processor 0051, memory 0052 are connected by bus 0053, memory 0052 for storing computer program 00521, processor 0051 for perform computer program 00521 for:
Receive the authorization requests that client sends;
Generate authorization code, and described authorization code is split as the first sub-authorization code and the second sub-authorization code;
The authorization requests response of carrying described first sub-authorization code is sent to described client, the mobile messaging carrying described second sub-authorization code is sent to subscriber equipment, so that described second sub-authorization code is committed to described client by the interactive interface that described subscriber equipment is provided by described client, so that described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client, and utilize described authorization code to obtain the private data of described subscriber equipment.
Optionally, processor 0051 perform computer program 00521 can also for:
After the authorization requests that described reception client sends, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment;
The transmission number of described mobile messaging is described transaction number, and the receiving number of described mobile messaging is the number of described subscriber equipment.
Optionally, processor 0051 perform computer program 00521 can be specifically for:
Generate described authorization code, the rear N position of wherein said authorization code is random character;
Described rear N position is authorized, using the part in described authorization code except described rear N position as described first sub-authorization code as described second son.
Optionally, described mobile messaging comprises: in SMS message, MMS message, USSD message, IVR message any one.
The present embodiment is used for realizing above-mentioned each embodiment of the method, and in the present embodiment, the workflow of unit and operation principle are see the description in above-mentioned each embodiment of the method, do not repeat them here.
The embodiment of the present invention provides a kind of server, after the transmission authorization requests that this server receives client sends, first generate authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
The embodiment of the present invention also provides another kind of client 006, as shown in figure 15, described client 006 comprises: processor 0061, memory 0062, processor 0061, memory 0062 are connected by bus 0063, memory 0062 for storing computer program 00621, processor 0061 for perform computer program 00621 for:
Authorization requests is sent to server;
Generate authorization code at described server, and after described authorization code being split as the first sub-authorization code and the second sub-authorization code, receive the authorization requests response of carrying the first sub-authorization code that described server sends;
There is provided interactive interface to subscriber equipment, described interactive interface is used for the described second sub-authorization code of described subscriber equipment input, and described second sub-authorization code is that described server is sent to described subscriber equipment by mobile messaging;
Obtain the described second sub-authorization code that described subscriber equipment is submitted to by described interactive interface;
Described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code;
Described authorization code is utilized to obtain the private data of described subscriber equipment.
Optionally, the rear N position of described authorization code is random character, and described rear N position is that described second son is authorized, and the part in described authorization code except described rear N position is described first sub-authorization code.
Optionally, described mobile messaging comprises: in SMS message, MMS message, USSD message, IVR message any one.
The present embodiment is used for realizing above-mentioned each embodiment of the method, and in the present embodiment, the workflow of unit and operation principle are see the description in above-mentioned each embodiment of the method, do not repeat them here.
The embodiment of the present invention provides a kind of client, this user end to server sends authorization requests, then server first generates authorization code, again authorization code is split as the first sub-authorization code and the second sub-authorization code, wherein the first sub-authorization code returns to client, second sub-authorization code sends to subscriber equipment by mobile messaging, second sub-authorization code is supplied to client to realize mandate by the interactive interface that subscriber equipment can be provided by client, client obtains complete authorization code by after the first sub-authorization code and the second sub-authorization code combination, thus client utilizes this authorization code according to OAuth authorization norm to obtain the private data of subscriber equipment.OAuth authorization norm can be made to be applied to and to carry out mutual traditional value-added service by mobile messaging.
In several embodiment provided by the present invention, should be understood that, disclosed apparatus and method, can realize by another way.Such as, device embodiment described above is only schematic, such as, the division of described unit, be only a kind of logic function to divide, actual can have other dividing mode when realizing, such as multiple unit or assembly can in conjunction with or another system can be integrated into, or some features can be ignored, or do not perform.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be by some interfaces, and the indirect coupling of device or unit or communication connection can be electrical, machinery or other form.
The described unit illustrated as separating component or can may not be and physically separates, and the parts as unit display can be or may not be physical location, namely can be positioned at a place, or also can be distributed in multiple network element.Some or all of unit wherein can be selected according to the actual needs to realize the object of the present embodiment scheme.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, also can be that the independent physics of unit exists, also can two or more unit in a unit integrated.Above-mentioned integrated unit both can adopt the form of hardware to realize, and the form that hardware also can be adopted to add SFU software functional unit realizes.
The above-mentioned integrated unit realized with the form of SFU software functional unit, can be stored in a computer read/write memory medium.Above-mentioned SFU software functional unit is stored in a storage medium, comprising some instructions in order to make a computer equipment (can be personal computer, server, or the network equipment etc.) or processor (processor) perform the part steps of method described in each embodiment of the present invention.And aforesaid storage medium comprises: USB flash disk, portable hard drive, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disc or CD etc. various can be program code stored medium.
Those skilled in the art can be well understood to, for convenience and simplicity of description, only be illustrated with the division of above-mentioned each functional module, in practical application, can distribute as required and by above-mentioned functions and be completed by different functional modules, internal structure by device is divided into different functional modules, to complete all or part of function described above.The specific works process of the device of foregoing description, with reference to the corresponding process in preceding method embodiment, can not repeat them here.
Last it is noted that above each embodiment is only in order to illustrate technical scheme of the present invention, be not intended to limit; Although with reference to foregoing embodiments to invention has been detailed description, those of ordinary skill in the art is to be understood that: it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein some or all of technical characteristic; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.

Claims (24)

1. an authorization method, is characterized in that, described method comprises:
The authorization requests that server receives client sends;
Described server is confirmed whether to described client authorization to subscriber equipment, obtains Authorization result;
Described server is that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code;
Described Authorization result and described authorization code are sent to described client by described server, and described Authorization result is for notifying that described client utilizes described authorization code to obtain the private data of described subscriber equipment.
2. method according to claim 1, is characterized in that, after the authorization requests that described server receives client sends, described method also comprises:
Record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment.
3. method according to claim 2, is characterized in that, described server is confirmed whether to described client authorization to subscriber equipment, obtains Authorization result and comprises:
Described server sends for asking the first mobile messaging to described client authorization to described subscriber equipment;
Described server receives the second mobile messaging that described subscriber equipment returns by replying described first mobile messaging;
Described server obtains described Authorization result according to described second mobile messaging;
Wherein, the transmission number of described first mobile messaging is described transaction number, and the receiving number of described first mobile messaging is the number of described subscriber equipment; The receiving number of described second mobile messaging is described transaction number, and the transmission number of described second mobile messaging is the number of described subscriber equipment.
4. method according to claim 3, is characterized in that, described server is that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code and comprises:
Described server is according to the receiving number of described second mobile messaging and send authorized transaction described in number searching;
According to the described authorized transaction found, described server determines that the authorization object of described Authorization result is described client;
Allow to described client authorization if Authorization result is described subscriber equipment, then described server generates described authorization code.
5. the method according to claim 3 or 4, it is characterized in that, described first mobile messaging and described second mobile messaging comprise: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
6. an authorization method, is characterized in that, described method comprises:
The authorization requests that server receives client sends;
Described server generates authorization code, and described authorization code is split as the first sub-authorization code and the second sub-authorization code;
Described server sends the authorization requests response of carrying described first sub-authorization code to described client, the mobile messaging carrying described second sub-authorization code is sent to subscriber equipment, so that described second sub-authorization code is committed to described client by the interactive interface that described subscriber equipment is provided by described client, so that described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client, and utilize described authorization code to obtain the private data of described subscriber equipment.
7. method according to claim 6, is characterized in that, after the authorization requests that described server receives client sends, described method also comprises:
Record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment;
The transmission number of described mobile messaging is described transaction number, and the receiving number of described mobile messaging is the number of described subscriber equipment.
8. the method according to claim 6 or 7, is characterized in that, described server generates authorization code, and described authorization code is split as the first sub-authorization code and the second sub-authorization code comprises:
Described server generates described authorization code, and the rear N position of wherein said authorization code is random character;
Described rear N position is authorized, using the part in described authorization code except described rear N position as described first sub-authorization code as described second son by described server.
9. the method according to any one of claim 6-8, it is characterized in that, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
10. an authorization method, is characterized in that, described method comprises:
User end to server sends authorization requests;
Described client generates authorization code at described server, and after described authorization code being split as the first sub-authorization code and the second sub-authorization code, receives the authorization requests response of carrying the first sub-authorization code that described server sends;
Described client provides interactive interface to subscriber equipment, and described interactive interface is used for the described second sub-authorization code of described subscriber equipment input, and described second sub-authorization code is that described server is sent to described subscriber equipment by mobile messaging;
Described client obtains the described second sub-authorization code that described subscriber equipment is submitted to by described interactive interface;
Described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client;
Described client utilizes described authorization code to obtain the private data of described subscriber equipment.
11. methods according to claim 10, is characterized in that, the rear N position of described authorization code is random character, and described rear N position is that described second son is authorized, and the part in described authorization code except described rear N position is described first sub-authorization code.
12. methods according to claim 8 or claim 9, it is characterized in that, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
13. 1 kinds of servers, is characterized in that, described server comprises:
Receiving element, for receiving the authorization requests that client sends;
Granted unit, for being confirmed whether to described client authorization to subscriber equipment, obtains Authorization result;
Authorization code administrative unit, for being that described subscriber equipment allows after described client authorization at the described Authorization result determined, generates authorization code;
Transmitting element, for described Authorization result and described authorization code are sent to described client, described Authorization result is for notifying that described client utilizes described authorization code to obtain the private data of described subscriber equipment.
14. servers according to claim 13, is characterized in that, described server also comprises:
Record cell, for after the authorization requests of described reception client transmission, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment.
15. servers according to claim 14, is characterized in that, described granted unit specifically for:
Send for asking the first mobile messaging to described client authorization to described subscriber equipment;
Receive the second mobile messaging that described subscriber equipment returns by replying described first mobile messaging;
Described Authorization result is obtained according to described second mobile messaging;
Wherein, the transmission number of described first mobile messaging is described transaction number, and the receiving number of described first mobile messaging is the number of described subscriber equipment; The receiving number of described second mobile messaging is described transaction number, and the transmission number of described second mobile messaging is the number of described subscriber equipment.
16. servers according to claim 15, is characterized in that, described authorization code administrative unit specifically for:
According to receiving number and the authorized transaction described in transmission number searching of described second mobile messaging;
Determine that the authorization object of described Authorization result is described client according to the described authorized transaction found;
Allow to described client authorization if Authorization result is described subscriber equipment, then generate described authorization code.
17. servers according to claim 15 or 16, it is characterized in that, described first mobile messaging and described second mobile messaging comprise: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
18. 1 kinds of servers, is characterized in that, described server comprises:
Receiving element, for receiving the authorization requests that client sends;
Authorization code administrative unit, for generating authorization code, and is split as the first sub-authorization code and the second sub-authorization code by described authorization code;
Transmitting element, for sending the authorization requests response of carrying described first sub-authorization code to described client, the mobile messaging carrying described second sub-authorization code is sent to subscriber equipment, so that described second sub-authorization code is committed to described client by the interactive interface that described subscriber equipment is provided by described client, so that described first sub-authorization code and described second sub-authorization code are assembled into complete described authorization code by described client, and utilize described authorization code to obtain the private data of described subscriber equipment.
19. servers according to claim 15, is characterized in that, described server also comprises:
Record cell, for after the authorization requests of described reception client transmission, record the authorized transaction corresponding with described client, described authorized transaction comprises: transaction number, the number of described subscriber equipment;
The transmission number of described mobile messaging is described transaction number, and the receiving number of described mobile messaging is the number of described subscriber equipment.
20. servers according to claim 18 or 19, is characterized in that, authorization code administrative unit specifically for:
Generate described authorization code, the rear N position of wherein said authorization code is random character;
Described rear N position is authorized, using the part in described authorization code except described rear N position as described first sub-authorization code as described second son.
21. according to claim 18 to 20 arbitrary described servers, it is characterized in that, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
22. 1 kinds of clients, is characterized in that, described client comprises:
Transmitting element, for sending authorization requests to server;
Receiving element, for generating authorization code at described server, and after described authorization code being split as the first sub-authorization code and the second sub-authorization code, receives the authorization requests response of carrying the first sub-authorization code that described server sends;
Push unit, for providing interactive interface to subscriber equipment, described interactive interface is used for the described second sub-authorization code of described subscriber equipment input, and described second sub-authorization code is that described server is sent to described subscriber equipment by mobile messaging;
Acquiring unit, for obtaining the described second sub-authorization code that described subscriber equipment is submitted to by described interactive interface;
Authorization code administrative unit, for being assembled into complete described authorization code by described first sub-authorization code and described second sub-authorization code;
Addressed location, for the private data utilizing described authorization code to obtain described subscriber equipment.
23. clients according to claim 22, is characterized in that, the rear N position of described authorization code is random character, and described rear N position is that described second son is authorized, and the part in described authorization code except described rear N position is described first sub-authorization code.
24. clients according to claim 22 or 23, it is characterized in that, described mobile messaging comprises: in Short Message Service SMS message, multimedia messaging service, MMS MMS message, unstructured supplementary data traffic USSD message, interactive voice response IVR message any one.
CN201410756195.2A 2014-12-10 2014-12-10 Authorization method, server and client Pending CN104539589A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410756195.2A CN104539589A (en) 2014-12-10 2014-12-10 Authorization method, server and client

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410756195.2A CN104539589A (en) 2014-12-10 2014-12-10 Authorization method, server and client

Publications (1)

Publication Number Publication Date
CN104539589A true CN104539589A (en) 2015-04-22

Family

ID=52855058

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410756195.2A Pending CN104539589A (en) 2014-12-10 2014-12-10 Authorization method, server and client

Country Status (1)

Country Link
CN (1) CN104539589A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810894A (en) * 2018-05-31 2018-11-13 康键信息技术(深圳)有限公司 Authorization terminal method, apparatus, computer equipment and storage medium
CN109428869A (en) * 2017-08-31 2019-03-05 中国电信股份有限公司 Phishing attack defence method and authorization server
CN110795729A (en) * 2019-11-08 2020-02-14 北京天地和兴科技有限公司 Industrial control network security software centralized authorization method
CN110990806A (en) * 2019-11-17 2020-04-10 武汉市中心医院 Clinical teaching information authorization system and authorization method thereof

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1682253A (en) * 2002-10-02 2005-10-12 客得富移动通信股份有限公司 System and method for buying goods and billing agency using short message service
CN102238007A (en) * 2010-04-20 2011-11-09 阿里巴巴集团控股有限公司 Method, device and system for acquiring session token of user by third-party application
CN102315934A (en) * 2010-07-06 2012-01-11 国民技术股份有限公司 System and method for generating and transmitting picture identifying code under limited resource
CN102710640A (en) * 2012-05-31 2012-10-03 中国联合网络通信集团有限公司 Authorization requesting method, device and system
CN102761537A (en) * 2012-03-29 2012-10-31 北京奇虎科技有限公司 Method and system for authentication and authorization on basis of client-side plug-in
US20130007846A1 (en) * 2011-07-01 2013-01-03 Telefonaktiebolaget L M Ericsson (Publ) Methods and Arrangements for Authorizing and Authentication Interworking
CN103456050A (en) * 2013-07-22 2013-12-18 金硕澳门离岸商业服务有限公司 Electronic confirmation method and system
US20140033279A1 (en) * 2012-07-25 2014-01-30 Oracle International Corporation System and method of extending oauth server(s) with third party authentication/authorization
CN103780396A (en) * 2014-01-27 2014-05-07 华为软件技术有限公司 Token obtaining method and device
US20140143837A1 (en) * 2012-11-21 2014-05-22 Verizon Patent And Licensing Inc. Extended OAuth Architecture Supporting Multiple Types of Consent Based on Multiple Scopes and Contextual Information

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1682253A (en) * 2002-10-02 2005-10-12 客得富移动通信股份有限公司 System and method for buying goods and billing agency using short message service
CN102238007A (en) * 2010-04-20 2011-11-09 阿里巴巴集团控股有限公司 Method, device and system for acquiring session token of user by third-party application
CN102315934A (en) * 2010-07-06 2012-01-11 国民技术股份有限公司 System and method for generating and transmitting picture identifying code under limited resource
US20130007846A1 (en) * 2011-07-01 2013-01-03 Telefonaktiebolaget L M Ericsson (Publ) Methods and Arrangements for Authorizing and Authentication Interworking
CN102761537A (en) * 2012-03-29 2012-10-31 北京奇虎科技有限公司 Method and system for authentication and authorization on basis of client-side plug-in
CN102710640A (en) * 2012-05-31 2012-10-03 中国联合网络通信集团有限公司 Authorization requesting method, device and system
US20140033279A1 (en) * 2012-07-25 2014-01-30 Oracle International Corporation System and method of extending oauth server(s) with third party authentication/authorization
US20140143837A1 (en) * 2012-11-21 2014-05-22 Verizon Patent And Licensing Inc. Extended OAuth Architecture Supporting Multiple Types of Consent Based on Multiple Scopes and Contextual Information
CN103456050A (en) * 2013-07-22 2013-12-18 金硕澳门离岸商业服务有限公司 Electronic confirmation method and system
CN103780396A (en) * 2014-01-27 2014-05-07 华为软件技术有限公司 Token obtaining method and device

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109428869A (en) * 2017-08-31 2019-03-05 中国电信股份有限公司 Phishing attack defence method and authorization server
CN109428869B (en) * 2017-08-31 2021-04-27 中国电信股份有限公司 Phishing attack defense method and authorization server
CN108810894A (en) * 2018-05-31 2018-11-13 康键信息技术(深圳)有限公司 Authorization terminal method, apparatus, computer equipment and storage medium
CN108810894B (en) * 2018-05-31 2023-08-25 康键信息技术(深圳)有限公司 Terminal authorization method, device, computer equipment and storage medium
CN110795729A (en) * 2019-11-08 2020-02-14 北京天地和兴科技有限公司 Industrial control network security software centralized authorization method
CN110990806A (en) * 2019-11-17 2020-04-10 武汉市中心医院 Clinical teaching information authorization system and authorization method thereof

Similar Documents

Publication Publication Date Title
CN102761549B (en) Processing method and system of resource sharing and service platforms
CN102710640B (en) Authorization requesting method, device and system
US20160210632A1 (en) Secured payment method and relevant device and system
CN104217332A (en) Payment verification method, server and system
CN104980903A (en) Method and apparatus for protecting user' privacy
CN104092644A (en) Interaction method, device, client and server
CN104283843A (en) User login method, device and system
CN102231746A (en) Method for validating identification information and terminal thereof
CN104350722A (en) Method and devices for managing user accounts across multiple electronic devices
CN101156167A (en) Methods and apparatus for gifting over a data network
CN106557742A (en) Group sets up and management method and system
US10003969B2 (en) Communication between mobile devices and mobile wallet architectures
CN104539589A (en) Authorization method, server and client
CN104580465A (en) Information feedback method, device and system
CN104348697A (en) Video communication information processing method, device and system
CN104980339A (en) File sharing method and device
CN103297404A (en) Method, device and system for achieving login confirmation
CN104980290A (en) Method for establishing groups and server
CN104820794A (en) Method and device for processing login data
CN105306210A (en) Method, device and system for realizing authorization through application
CN108965107B (en) Friend adding method, device, system, client and server
CN104539742A (en) Information push method, information push device and information push system
CN102833328A (en) Unified application calling method and unified calling client
CN104751325A (en) Data processing method, device and system
CN105099874A (en) Method and device for group establishment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150422