CN111385267A - Application authorization control method and device and electronic equipment - Google Patents

Application authorization control method and device and electronic equipment Download PDF

Info

Publication number
CN111385267A
CN111385267A CN201811639994.6A CN201811639994A CN111385267A CN 111385267 A CN111385267 A CN 111385267A CN 201811639994 A CN201811639994 A CN 201811639994A CN 111385267 A CN111385267 A CN 111385267A
Authority
CN
China
Prior art keywords
application
identity
identifier
account
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811639994.6A
Other languages
Chinese (zh)
Other versions
CN111385267B (en
Inventor
刘海龙
杜焱
郭宏杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eidlink Information Technology Co ltd
Original Assignee
Eidlink Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eidlink Information Technology Co ltd filed Critical Eidlink Information Technology Co ltd
Priority to CN201811639994.6A priority Critical patent/CN111385267B/en
Publication of CN111385267A publication Critical patent/CN111385267A/en
Application granted granted Critical
Publication of CN111385267B publication Critical patent/CN111385267B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the application provides an authorization control method and device of an application and electronic equipment. The method comprises the following steps: receiving an account binding request for accessing a second application by using a first application, determining a corresponding authorized login page, and determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page; and converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity identifier, and binding the account related information of the second user with the target identity identifier. The method and the device for the authorization login determine the converted target identity through the application identity and the identity, solve the problem that complicated processing steps brought by different identities for accessing the same second application are required to be provided for different applications of the same user due to the fact that the real identity of the user is not considered in the existing authorization login mode, and meanwhile achieve the purpose of unified management of Internet users.

Description

Application authorization control method and device and electronic equipment
Technical Field
The present application relates to the field of communications technologies, and in particular, to an authorization control method and apparatus for an application, and an electronic device.
Background
The third party authorized login is a login mode for logging in the third party application by using a user account of the existing application, such as a QQ (quality assurance) number, a micro signal and the like, and has the effects of reducing a registration link and preventing the loss of the user.
However, existing third party authorization generally suffers from two disadvantages: firstly, authorized login can be performed only between a mobile terminal and a PC terminal of the same application; secondly, different access accounts need to be allocated to different applications, and the processing mode is complex.
Disclosure of Invention
The application provides an authorization control method and device for an application and an electronic device, which can solve the problems. The technical scheme is as follows:
in a first aspect, the present application provides an authorization control method for an application, including:
receiving an account binding request for accessing a second application by using a first application;
determining a corresponding authorized login page according to the account binding request, and sending the authorized login page to the first application so that a current user of the first application performs control operation on the authorized login page;
when a control instruction for confirming authorization aiming at an authorized login page is received, determining an application identifier of a first application and an identity identifier of a current user in the first application, wherein the identity identifier is the identifier of the user identity in the first application which passes real-name authentication;
converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity identifier;
and acquiring account related information of the current user in the second application, and binding the account related information of the second application with the target identity to complete the binding of the first application and the second application, so that the first application accesses the second application by using the target identity.
In a second aspect, the present application provides an authorization control method for an application, including:
receiving a target identity of a first application, wherein the target identity is an identifier of the first application accessing a second application;
determining an account number association page according to the target identity, and sending the account number association page to a second application;
and binding the target identity of the first application with the account related information of the second application when the account related information of the second application is received based on the account related page.
In a third aspect, the present application provides an apparatus for controlling authorization of an application, the apparatus comprising:
the request receiving module is used for receiving an account binding request for accessing a second application by using a first application;
the request processing module is used for determining a corresponding authorized login page according to the account binding request and sending the corresponding authorized login page to the first application so as to enable a current user of the first application to perform control operation on the authorized login page;
the identity determination module is used for determining an application identifier of a first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at an authorized login page, wherein the identity identifier is the identifier of the user identity authenticated by a real name in the first application;
the identity processing module is used for converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity identifier;
and the account number association module is used for acquiring account number related information of the current user in the second application, and binding the account number related information of the second application with the target identity mark so as to finish the binding of the first application and the second application, so that the first application accesses the second application by using the target identity mark.
In a fourth aspect, the present application provides an apparatus for controlling authorization of an application, the apparatus comprising:
the identification receiving module is used for receiving a target identification of the first application, wherein the target identification is an identification of the first application accessing the second application;
the identification processing module is used for determining an account number association page according to the target identity identification and sending the account number association page to the second application;
and the binding processing module is used for binding the target identity of the first application with the account related information of the second application when the account related information of the second application is received based on the account related page.
In a fifth aspect, an electronic device is provided, which includes:
one or more processors;
a memory;
one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: and executing the authorization control method of the application.
In a sixth aspect, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the authorization control method of the above-described application.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
receiving an account binding request for accessing a second application by using a first application, determining an authorized login page according to the account binding request, and sending the authorized login page to the first application so as to enable a user to perform control operation on the first application aiming at the authorized login page, thereby determining whether to execute subsequent steps, determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page, converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity identifier, accessing the second application according to the target identity identifier after binding the target identity identifier and account related information of the second user, determining the converted target identity identifier through the application identifier and the identity identifier, and solving the problem that the real identity of the user is not considered in the existing authorized login mode, the complicated processing steps brought by different identity marks for accessing the same second application are required to be provided for different applications of the same user, and meanwhile, the purpose of unified management of the Internet users is achieved;
the method comprises the steps of receiving a target identity of a first application, wherein the target identity is an identity of the first application accessing a second application, determining an account number association page according to the target identity, sending the account number association page to the second application, binding the target identity of the first application and account number associated information of the second application when the account number associated information of the second application is received based on the account number association page, achieving the purpose of obtaining the account number associated information of the second application by utilizing the account number association page, binding the target identity and the account number associated information of the second application, and achieving the purpose of controlling the first application to log in the second application by utilizing the target identity.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a schematic flowchart of an authorization control method for an application according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of an authorized login page in an authorization control method for an application according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an implementation manner of an authorization control method for an application according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of another implementation manner in an authorization control method for an application according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of another implementation manner of an authorization control method for an application according to an embodiment of the present application;
fig. 6 is a flowchart illustrating an authorization control method for an application according to a second embodiment of the present application;
fig. 7 is a schematic system structure diagram of an embodiment of an authorization control method for an application according to a third embodiment of the present application;
fig. 8 is a schematic structural diagram of an authorization control device applied in a fourth embodiment of the present application;
fig. 9 is a schematic structural diagram of an authorization control device for an application according to a fifth embodiment of the present application;
fig. 10 is a schematic structural diagram of an electronic device according to a sixth embodiment of the present application;
fig. 11 is a schematic structural diagram of an electronic device according to a seventh embodiment of the present application.
Detailed Description
Reference will now be made in detail to the embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an", "the" and "the" include plural referents unless the context clearly dictates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
In the existing technology for authorizing login of third-party applications, an application identifier is generally allocated to each application, and the application identifier is bound with the third-party applications, so that the purpose of login to the third-party applications by using the current applications is achieved. The authorized login mode does not distinguish the user identities, so that different applications of the same user access the third-party application by adopting different accounts, and the processing mode is complex.
The application authorization control method, device, electronic equipment and computer readable storage medium provided by the application aim to solve the above technical problems in the prior art.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Example one
An embodiment of the present application provides an authorization control method for an application, as shown in fig. 1, the method includes: step S101 to step S105.
Step S101, an account binding request for accessing a second application by using a first application is received.
In this embodiment of the application, the identity authorization server receives an account binding request, and specifically, the account binding request may be directly sent to the identity authorization server by the first application or sent by a server corresponding to the first application. In actual application, the account binding request is generally sent by a server corresponding to the first application.
In the embodiment of the application, the account binding request is used for determining the current application and the third-party application, that is, the current application is a first application, and the third-party application is a second application. For example, assuming that the current application is AA and the third party application is XX public, the present application aims to log in to XX public with AA.
During actual application, the first application is set as a mobile client APP, the second application is generally set as a PC client, and the purpose of logging in the PC client by using the mobile client APP is achieved. For example, a user logs in a PC-side Youkou video by using a mobile phone-side WeChat.
Step S102, determining a corresponding authorized login page according to the account binding request, and sending the authorized login page to the first application so that a current user of the first application performs control operation on the authorized login page.
In the embodiment of the application, the identity authorization server determines the authorization login page according to the account binding request, so that the authorization login page is sent to the first application, and a user can conveniently operate on the authorization login page on the first application.
For example, the authorization login page determined by the identity authorization server can be as shown in the left diagram of fig. 2, and the authorization login page is provided with a control of "confirm authorization" for the user to operate. In actual application, the identity authorization server sends the authorization page shown in the left and right of fig. 2 to the first application of the user's mobile phone, so as to obtain the effect shown in the right of fig. 2. In practical application, the control for "confirming authorization" set in the left diagram of fig. 2 is an operable control, and the rest areas are inoperable areas.
Step S103, when a control instruction for confirming authorization of the authorized login page is received, determining an application identifier of the first application and an identity identifier of the current user in the first application, wherein the identity identifier is the identifier of the user identity authenticated by a real name in the first application.
In actual application, if the user performs a single-click operation on the "confirm authorization" control shown in fig. 2, a control instruction for confirming authorization is generated, and the application identifier of the first application and the identity identifier of the current user in the first application are sent to the first application corresponding server through the control instruction, so that the first application corresponding server sends the application identifier of the first application and the identity identifier of the current user in the first application to the identity authorization server.
And step S104, converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity identifier.
In the embodiment of the application, the target identity is the identity of the first application in the second application, and the identity is obtained by the identity authorization server through conversion processing according to the application identity of the first application and the identity of the current user in the first application, so that the first application can log in the second application by using the target identity.
Specifically, the identity of the current user in the first application is determined after the identity is registered and verified by a server corresponding to the first application. In actual application, after the identity authorization server obtains the target identity through conversion, the server corresponding to the first application is searched according to the application identity of the first application, so that the target identity is sent to the server corresponding to the first application, and the server corresponding to the first application is forwarded to the first application.
In the embodiment of the application, the identity authorization server determines the type of the first application according to the application identifier of the first application, for example, determines that the first application is an application a, and may determine that the user is Zhang III through the identity identifier. In actual application, the identity of the same user on different applications is the same, and the identity of the user can be uniquely determined.
Step S105, account related information of the current user at the second user is obtained, and the account related information of the second user is bound with the target identity, so that the first application and the second application are bound, and the first application accesses the second application by using the target identity.
The method comprises the steps of receiving an account binding request for accessing a second application by using a first application, determining an authorized login page according to the account binding request, sending the authorized login page to the first application so as to enable a user to perform control operation on the first application aiming at the authorized login page, thereby determining whether to execute subsequent steps, determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page, converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity, accessing the second application according to the target identity after binding a client identity identifier and account related information of the second user, determining the converted target identity through the application identifier and the identity, and solving the problem that the real identity of the user is not considered in the existing authorized login mode, the method and the device have the advantages that complicated processing steps brought by different identity marks for accessing the same second application are required to be provided for different applications of the same user, and meanwhile, the purpose of unified management of the internet users is achieved.
In another implementation manner, in step S102, a corresponding authorized login page is determined according to the account binding request, as shown in fig. 3, the method further includes: step S1021 to step S1024.
Step S1021, determining an application identifier of the first application and a service identifier of the second application according to the account number binding request, wherein the service identifiers are obtained by scanning the two-dimensional code displayed on the second application by the first application;
step S1012, determining whether the first application is an application registered at the designated client according to the application identifier of the first application.
In the embodiment of the application, the designated client is generally a client provided by an identity authorization server, such as an identity authorization client, a registration channel is provided for the first application through the client, and the client generally represents a joining mode in practice. Specifically, the designated client may open authorization services for various applications through a preset interface, and the designated client serves as a service provider to ensure that the first application can be used for logging in the second application, thereby achieving the purpose of authorizing the first application to log in the second application.
In actual application, if the first application is registered in the designated client, determining that the first application can be served, and determining that the first application is a legal application.
Step S1023, if the first application is the application registered at the appointed client, inquiring a preset identification database according to the service identification of the second application to obtain the application parameter of the second application, wherein different application parameters and the service identification corresponding to any application parameter are stored in the identification database;
and step S1024, determining a corresponding authorized login page according to the application parameters of the second application and sending the corresponding authorized login page to the first application.
The service authorization server of the embodiment of the application judges whether the first application is legal or not by receiving the application identifier of the first application sent by the server corresponding to the first application, so that the purpose of preventing illegal applications from maliciously using the service provided by the service authorization server is achieved, and the legal benefit of an operator of the service authorization server is ensured.
For example, assume that there are three applications, application 1, application 2, and application 3, where application 1 and application 2 have both completed registration at a specified client, i.e., are legitimate applications of the specified client. If the application identifier received by the identity authorization server is the application identifier of the application 3, the identity authorization server can know through query that the application 3 is not a legal application of the designated client, so that the identity authorization server does not need to execute a query step of the service identifier of the second application, thereby reducing unnecessary query and preventing query power consumption of the identity authorization server caused by unnecessary query. If the application identifier received by the identity authorization server is the application identifier of the application 1, the identity authorization server can know through query that the application 1 is a legal application of the specified client, and can continue to execute the query step of the service identifier of the second application.
In still other embodiments, before receiving the account binding request for accessing the second application by using the first application in step S101, as shown in fig. 4, the method further includes: step S1011 and step S1012.
Step S1011, receiving an application parameter of the second application, and determining a service identifier of the second application according to the application parameter of the second application, where the application parameter of the second application is allocated to the second application after the second application is registered at the specified client.
In the embodiment of the application, the application parameters provide a basis for determining the service identifier of the second application, so that the two-dimensional code is generated according to the service identifier, and it is ensured that the corresponding authorized login page can be determined after the service identifier obtained by scanning the two-dimensional code by the first application.
In actual application, after the second application is registered at the designated client, a control (e.g., a LOGO of the designated client) for the designated client (generally, an identity authorization client corresponding to the identity authorization server) may be set on the second application, and when the second application detects a control operation (e.g., a click) of a user for the control, the designated client allocates an application parameter for the second application to the second application, so that the second application sends the application parameter to the identity authorization server after the user clicks the control. In actual application, the application parameter may be assigned to the second application by the designated client when the operation of clicking the control by the user is detected, or may be assigned during registration.
Step S1012, generating a two-dimensional code according to the service identifier of the second application, and sending the two-dimensional code to the second application, so that the first application scans the two-dimensional code and obtains the service identifier of the second application.
In the embodiment of the application, after receiving the application parameter of the second application, the identity authorization server determines the service identifier corresponding to the application parameter, generates the corresponding two-dimensional code according to the service identifier, and sends the two-dimensional code to the second application. Specifically, the second application is a PC client, and thus, the two-dimensional code may be displayed in a browser of the PC client so as to be scanned using the scan function of the first application.
For example, assuming that the first application is an AA application, the second application is a PC client of a BB, the two-dimensional code is displayed in a browser (such as an IE) of a PC running the PC client of kyoto, and the user opens a scanning function of the AA application to complete scanning of the two-dimensional code, so that the first application obtains a service identifier corresponding to the two-dimensional code.
In yet another implementation, as shown in fig. 5, before converting the application identifier of the first application and the identity of the current user in the first application into the target identity in step S104, the method includes: step S1041, and step S104 includes: step S1042.
Step S1041, inquiring the identity of any application which is bound with the second application, and judging whether the user corresponding to the identity of any application and the user corresponding to the identity of the first application are the same user;
step S1042, if the user is the same user, the user is converted into the same target identity.
In the embodiment of the application, the target sinking identity obtained by determining and converting the application identifier and the identity identifier ensures that the same target identity is provided for different applications of the same user, so that the target identity is used for logging in to access a second application, and the problems that in the prior art, a large amount of application identifiers are generated due to the fact that the user identities are not distinguished in the identity authorization login technology caused by processing only according to the application identifier, unnecessary amount of processing brought to a server and supervision on internet users are strengthened are solved.
Example two
An embodiment of the present application provides an authorization control method for an application, as shown in fig. 6, the method includes: step S201, step S202, and step S203.
Step S201, receiving a target identity of a first application, where the target identity is an identifier of a second application accessed by the first application.
In the embodiment of the application, the server corresponding to the second application receives the client identity of the first application, and the client identity of the first application is sent by the server corresponding to the first application. Specifically, the ue id of the first application is obtained by the identity authorization server according to the first id of the first application,
in actual application, the server corresponding to the first application is generally sent to the server corresponding to the second application when receiving the client identity sent by the identity authorization server.
Step S202, determining an account number associated page according to the target identity, and sending the account number associated page to a second application.
In the embodiment of the application, the second application corresponding server provides the account number associated pages according to the client identity, and specifically, the second application corresponding server may provide different numbers of account number associated pages, and may also provide one account number associated page. When the number of the account number associated pages is large, the server corresponding to the second application can randomly select one to send to the second application.
Step S203, binding the target identity of the first application with the account related information of the second application when the account related information of the second application is received based on the account related page.
According to the method and the device, the interaction with the user is enhanced through the account number associated page, and therefore the purpose of improving the user experience is achieved.
In actual application, when the second application receives the account number association page, the account number association page can directly acquire all user account numbers of the second application, and specifically, all user account numbers of the second application can be displayed in a list manner, so that the user can conveniently select the account numbers, and the time for inputting the user account numbers of the second user to be bound is shortened.
In practical application, the account association page can also provide an editing function of the user account, so that the user account input by the user can be collected in real time, and the user can input the user account again when the user account of the second user does not exist in the account association page or the displayed user account does not meet the user requirement.
According to the method and the device for controlling the first application to log in the second application, the target identity of the first application is received, the target identity is an identity of the first application accessing the second application, the account number association page is determined according to the target identity and is sent to the second application, the account number association page is used for binding the target identity of the first application and the account number association information of the second application when the account number association information of the second application is received, the purpose of obtaining the account number association information of the second application is achieved through the account number association page, the target identity is further bound with the account number association information of the second application, and the purpose of controlling the first application to log in the second application through the target identity is achieved.
EXAMPLE III
To further illustrate the authorization control method of the application provided by the present application, as shown in fig. 7, the present application provides a system applying the authorization control method of the application provided by the present application. As shown in fig. 7, the system includes a first application 100, a first server 110, a second application 200, a second server 210, a third application 300, and a third server 310. Wherein the first application and the second application are both registered with a third application. The use flow of the system is as follows:
(1) starting a second application, and clicking a preset control aiming at a third application on the second application;
(2) the third application allocates a second parameter to the second application;
(3) the second application sends the second application parameter to a third server, so that the third server stores the second parameter and generates a service identifier UUID aiming at the second parameter, and meanwhile, the third server generates a corresponding two-dimensional code according to the service identifier and sends the two-dimensional code to the second application;
(4) a user scans a two-dimensional code on a second application by using a scanning function of a first application to obtain a service identifier UUID of the second application, and sends the service identifier UUID and an application identifier type of the first application to a first server so as to forward the service identifier UUID and the application identifier type of the first application to a third server through the first server;
(5) the third server inquires an application identification database stored locally, judges whether an application identification type of the first application is stored or not, determines that the first application is a legal application of the third application if the application identification type of the first application is stored, and inquires application parameters which are stored locally and correspond to the UUID, namely second parameters;
(6) the third server searches an authorized login page according to the second parameter and sends the authorized login page to the first application;
(7) the user operates the authorization login page on the first application, and specifically can click a preset authorization-determining control to enable the first application to generate a corresponding control instruction and send the control instruction to the first server;
(8) the first server sends the application identifier of the first application and the identity of the user in the first application to a third server, so that the third server converts the application identifier of the first application and the identity into a target identity capable of logging in a second application;
(9) after the third server is successfully converted, the target identity is sent to the first server;
(10) the first server sends the target identity to a second server so that the second server sends an account number association page to a second application according to the target identity;
(11) the user inputs a user account and a password of a second application on the account association page;
(12) and the second server binds the target identity with the user account and the password of the second application, and after the binding is completed, the first application logs in the second application through the target identity.
Example four
An embodiment of the present application provides an authorization control device for an application, and as shown in fig. 8, the authorization control device 30 for an application may include: a request receiving module 301, a request processing module 302, an identity determination module 303, an identity processing module 304, and an account association module 305, wherein,
a request receiving module 301, configured to receive an account binding request for accessing a second application by using a first application;
the request processing module 302 is configured to determine a corresponding authorized login page according to the account binding request, and send the corresponding authorized login page to the first application, so that a current user of the first application performs a control operation on the authorized login page;
the identity determining module 303 is configured to determine an application identifier of the first application and an identity identifier of the current user in the first application when receiving a control instruction for confirming authorization for an authorized login page, where the identity identifier is an identifier of a user identity authenticated by a real name in the first application;
the identity processing module 304 is configured to convert an application identifier of the first application and an identity identifier of the current user in the first application into a target identity;
the account association module 305 is configured to obtain account related information of the current user at the second user, and bind the account related information of the second user with the target identity, so as to complete binding of the first application and the second application, and enable the first application to access the second application by using the target identity.
The method comprises the steps of receiving an account binding request for accessing a second application by using a first application, determining an authorized login page according to the account binding request, sending the authorized login page to the first application so as to enable a user to perform control operation on the first application aiming at the authorized login page, thereby determining whether to execute subsequent steps, determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page, converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity, accessing the second application according to the target identity after binding a client identity identifier and account related information of the second user, determining the converted target identity through the application identifier and the identity, and solving the problem that the real identity of the user is not considered in the existing authorized login mode, the method and the device have the advantages that complicated processing steps brought by different identity marks for accessing the same second application are required to be provided for different applications of the same user, and meanwhile, the purpose of unified management of the internet users is achieved.
Further, the request receiving module 301 determines, according to the account binding request, a corresponding authorized login page for:
determining an application identifier of a first application and a service identifier of a second application according to the account binding request, wherein the service identifiers are obtained by scanning a two-dimensional code displayed on the second application by the first application;
judging whether the first application is the application registered at the appointed client side or not according to the application identification of the first application;
if the first application is the application registered at the appointed client, inquiring a preset identification database according to the service identification of the second application to obtain the application parameters of the second application, wherein different application parameters and the service identification corresponding to any application parameter are stored in the identification database;
and determining a corresponding authorized login page according to the application parameters of the second application and sending the corresponding authorized login page to the first application.
Further, before the request receiving module 301 receives the account binding request for accessing the second application by using the first application, it is further configured to:
receiving application parameters of a second application, and determining a service identifier of the second application according to the application parameters of the second application, wherein the application parameters of the second application are allocated to the second application after the second application is registered at a specified client;
and generating a two-dimensional code according to the service identifier of the second application, and sending the two-dimensional code to the second application so that the first application scans the two-dimensional code and obtains the service identifier of the second application.
Further, before the identity processing module converts the application identifier of the first application and the identity of the current user in the first application into the target identity, the identity processing module is further configured to: inquiring the identity of any application bound with the second application, and judging whether the user corresponding to the identity of any application and the user corresponding to the identity of the first application are the same user; and the identity processing module is used for: if the user is the same user, the user is converted into the same target identity.
Further, the account binding request is sent by a server corresponding to the first application.
The authorization control device for application of this embodiment can execute the authorization control method for application provided in this embodiment of the present application, and the implementation principles thereof are similar and will not be described herein again.
EXAMPLE five
An embodiment of the present application provides an authorization control device for an application, and as shown in fig. 9, the authorization control device 40 for an application may include: an identity reception module 401, an identity processing module 402, and a binding processing module 403, wherein,
an identifier receiving module 401, configured to receive a target identity identifier of a first application, where the target identity identifier is an identifier of a second application accessed by the first application;
the identification processing module 402 is configured to determine an account association page according to the target identity, and send the account association page to the second application;
the binding processing module 403 is configured to bind, based on the account association page, the target identity of the first application with the account related information of the second application when the account related information of the second application is received.
In the embodiment of the application, a client identity of a first application is received; the account number association page is determined according to the client identity, and is sent to the second application, and based on the account number association page, when the user account number of the second application is received, the client identity of the first application is bound with the user account number of the second application, and the account number association page is used for obtaining the user account number of the second application, so that the purpose of binding the client identity of the first application with the user account number of the second application is achieved, and the follow-up access to the second application by using the client identity of the first application is ensured.
The authorization control device of the application of this embodiment can execute the authorization control method of the application provided in the second embodiment of this application, and the implementation principles thereof are similar and will not be described herein again.
EXAMPLE six
An embodiment of the present application provides an electronic device, as shown in fig. 10, an electronic device 500 shown in fig. 10 includes: a processor 5001 and a memory 5003. The processor 5001 and the memory 5003 are coupled, such as via a bus 5002. Further, the electronic device 500 can also include a transceiver 5004. It should be noted that the transceiver 5004 is not limited to one in practical application, and the structure of the electronic device 500 is not limited to the embodiment of the present application.
The processor 5001 may be a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 5001 may also be a combination of processors implementing computing functionality, e.g., a combination comprising one or more microprocessors, a combination of DSPs and microprocessors, or the like.
Bus 5002 can include a path that conveys information between the aforementioned components. The bus 5002 may be a PCI bus or EISA bus, etc. The bus 5002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 10, but this is not intended to represent only one bus or type of bus.
The memory 5003 may be, but is not limited to, a ROM or other type of static storage device that can store static information and instructions, a RAM or other type of dynamic storage device that can store information and instructions, an EEPROM, a CD-ROM or other optical disk storage, optical disk storage (including compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
The memory 5003 is used for storing application program codes for executing the present solution, and the execution is controlled by the processor 5001. The processor 5001 is configured to execute application program code stored in the memory 5003 to implement the actions of the authorization control means of the application provided by the embodiment shown in fig. 8.
The method comprises the steps of receiving an account binding request for accessing a second application by using a first application, determining an authorized login page according to the account binding request, sending the authorized login page to the first application so as to enable a user to perform control operation on the first application aiming at the authorized login page, thereby determining whether to execute subsequent steps, determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page, converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity, accessing the second application according to the target identity after binding a client identity identifier and account related information of the second user, determining the converted target identity through the application identifier and the identity, and solving the problem that the real identity of the user is not considered in the existing authorized login mode, the method and the device have the advantages that complicated processing steps brought by different identity marks for accessing the same second application are required to be provided for different applications of the same user, and meanwhile, the purpose of unified management of the internet users is achieved.
EXAMPLE seven
An embodiment of the present application provides an electronic device, as shown in fig. 11, an electronic device 600 shown in fig. 11 includes: a processor 6001 and a memory 6003. Processor 6001 and memory 6003 are coupled, such as via bus 6002. Further, the electronic device 600 may also include a transceiver 6006. It should be noted that the transceiver 6006 is not limited to one in practical applications, and the structure of the electronic device 600 is not limited to the embodiment of the present application.
The processor 6001 could be a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 6001 might also be a combination that performs a computing function, such as a combination comprising one or more microprocessors, a combination of a DSP and a microprocessor, or the like.
The bus 6002 may include a path that conveys information between the aforementioned components. The bus 6002 may be a PCI bus, an EISA bus, or the like. The bus 6002 can be divided into an address bus, a data bus, a control bus, and so forth. For ease of illustration, only one thick line is shown in FIG. 11, but this is not intended to represent only one bus or type of bus.
Memory 6003 can be, but is not limited to, a ROM or other type of static storage device that can store static information and instructions, a RAM or other type of dynamic storage device that can store information and instructions, an EEPROM, CD-ROM or other optical disk storage, optical disk storage (including compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
The memory 6003 is used to store application code that implements aspects of the subject application, and execution is controlled by the processor 6001. The processor 6001 is configured to execute application program code stored in the memory 6003 to implement the actions of the authorization control mechanism of an application provided by the embodiment shown in FIG. 9.
According to the method and the device for controlling the first application to log in the second application, the target identity of the first application is received, the target identity is an identity of the first application accessing the second application, the account number association page is determined according to the target identity and is sent to the second application, the account number association page is used for binding the target identity of the first application and the account number association information of the second application when the account number association information of the second application is received, the purpose of obtaining the account number association information of the second application is achieved through the account number association page, the target identity is further bound with the account number association information of the second application, and the purpose of controlling the first application to log in the second application through the target identity is achieved.
EXAMPLE seven
The embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the method shown in the first embodiment.
The embodiment of the application provides a computer-readable storage medium, compared with the prior art, the method comprises the steps of receiving an account binding request for accessing a second application by using a first application, determining an authorized login page according to the account binding request, sending the authorized login page to the first application, so that a user can perform control operation on the first application aiming at the authorized login page, thereby determining whether to execute subsequent steps, determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page, converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity, accessing the second application according to the target identity after binding a client identity identifier and account related information of the second user, and determining the converted target identity through the application identifier and the identity, the method solves the problem of complex processing steps caused by the fact that different applications of the same user need to be provided with different identity marks for accessing the same second application due to the fact that the real identity of the user is not considered in the existing authorized login mode, and meanwhile, the purpose of unified management of the Internet users is achieved.
The embodiment of the application provides a computer-readable storage medium which is suitable for the method embodiment. And will not be described in detail herein.
Example eight
The embodiment of the application provides a computer readable storage medium, on which a computer program is stored, and the program is executed by a processor to implement the method shown in the second embodiment.
Compared with the prior art, the method includes the steps of receiving a target identity of a first application, wherein the target identity is an identity of the first application accessing a second application, determining an account number correlation page according to the target identity, sending the account number correlation page to the second application, binding the target identity of the first application and account number correlation information of the second application when the account number correlation information of the second application is received based on the account number correlation page, achieving the purpose of obtaining the account number correlation information of the second application by utilizing the account number correlation page, binding the target identity and the account number correlation information of the second application, and achieving the purpose of controlling the first application to log in the second application by utilizing the target identity.
The embodiment of the application provides a computer-readable storage medium which is suitable for the method embodiment. And will not be described in detail herein.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.

Claims (10)

1. An authorization control method for an application, comprising:
receiving an account binding request for accessing a second application by using a first application;
determining a corresponding authorized login page according to the account binding request, and sending the corresponding authorized login page to the first application so that a current user of the first application performs control operation on the authorized login page;
when a control instruction for confirming authorization of the authorized login page is received, determining an application identifier of the first application and an identity identifier of a current user in the first application, wherein the identity identifier is an identifier of the user identity authenticated by a real name in the first application;
converting the application identifier of the first application and the identity identifier of the current user in the first application into a target identity identifier;
and acquiring account related information of the current user in the second user, and binding the account related information of the second user with the target identity to complete the binding of the first application and the second application, so that the first application accesses the second application by using the target identity.
2. The method of claim 1, wherein determining the corresponding authorized landing page according to the account binding request comprises:
determining an application identifier of the first application and a service identifier of the second application according to the account binding request, wherein the service identifiers are obtained by scanning a two-dimensional code displayed on the second application by the first application;
judging whether the first application is an application registered at a specified client side or not according to the application identifier of the first application;
if the first application is an application registered at a specified client, inquiring a preset identification database according to a service identification of the second application to obtain an application parameter of the second application, wherein the identification database stores different application parameters and a service identification corresponding to any application parameter;
and determining a corresponding authorized login page according to the application identifier of the second application and sending the corresponding authorized login page to the first application.
3. The method of claim 1, wherein prior to receiving the account binding request to access the second application with the first application, the method further comprises:
receiving application parameters of the second application, and determining a service identifier of the second application according to the application parameters of the second application, wherein the application parameters of the second application are allocated to the second application after the second application is registered at a specified client;
and generating the two-dimensional code according to the service identifier of the second application, and sending the two-dimensional code to the second application so that the first application scans the two-dimensional code and obtains the service identifier of the second application.
4. An authorization control method for an application, comprising:
receiving a target identity of a first application, wherein the target identity is an identifier of the first application accessing a second application;
determining an account number association page according to the target identity, and sending the account number association page to the second application;
and binding the target identity of the first application with the account related information of the second application when the account related information of the second application is received based on the account related page.
5. An apparatus for authorization control of an application, comprising;
the request receiving module is used for receiving an account binding request for accessing a second application by using a first application;
the request processing module is used for determining a corresponding authorized login page according to the account binding request and sending the corresponding authorized login page to the first application so as to enable a current user of the first application to perform control operation on the authorized login page;
the identity determination module is used for determining an application identifier of the first application and an identity identifier of a current user in the first application when receiving a control instruction for confirming authorization aiming at the authorized login page, wherein the identity identifier is an identifier of the user identity authenticated by a real name in the first application;
an identity processing module, configured to convert an application identifier of the first application and an identity of a current user in the first application into a target identity,
and the account number association module is used for acquiring account number related information of the current user in the second user, and binding the account number related information of the second user with the target identity mark so as to complete the binding of the first application and the second application, so that the first application accesses the second application by using the target identity mark.
6. An apparatus for authorization control of an application, comprising:
the system comprises an identification receiving module, a first application and a second application, wherein the identification receiving module is used for receiving a target identity of a first application, and the target identity is an identification of the first application for accessing the second application;
the identification processing module is used for determining an account number association page according to the target identity identification and sending the account number association page to the second application;
and the account binding module is used for binding the target identity of the first application with the account related information of the second application when the account related information of the second application is received based on the account related page.
7. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: -executing the authorization control method of an application according to any of claims 1-3.
8. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: -executing the authorization control method of an application according to claim 4.
9. A computer-readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements an authorization control method for an application according to any one of claims 1 to 3.
10. A computer-readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the authorization control method of an application according to claim 4.
CN201811639994.6A 2018-12-29 2018-12-29 Application authorization control method and device and electronic equipment Active CN111385267B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811639994.6A CN111385267B (en) 2018-12-29 2018-12-29 Application authorization control method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811639994.6A CN111385267B (en) 2018-12-29 2018-12-29 Application authorization control method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN111385267A true CN111385267A (en) 2020-07-07
CN111385267B CN111385267B (en) 2022-06-21

Family

ID=71218373

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811639994.6A Active CN111385267B (en) 2018-12-29 2018-12-29 Application authorization control method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN111385267B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111970298A (en) * 2020-08-26 2020-11-20 腾讯科技(深圳)有限公司 Application access method and device, storage medium and computer equipment
CN112104663A (en) * 2020-10-30 2020-12-18 上海连尚网络科技有限公司 Method and equipment for managing login user and user equipment
CN112200555A (en) * 2020-09-30 2021-01-08 北京达佳互联信息技术有限公司 Electronic resource transfer method, device and storage medium
CN112214705A (en) * 2020-08-21 2021-01-12 长沙市到家悠享网络科技有限公司 Page display method, device and equipment
CN112241544A (en) * 2020-10-27 2021-01-19 北京百家科技集团有限公司 Business system, access method, device, computer equipment and storage medium
CN112883053A (en) * 2021-01-27 2021-06-01 苏州达家迎信息技术有限公司 Multi-role data processing method and device, storage medium and electronic equipment
CN112968866A (en) * 2021-01-28 2021-06-15 北京芯盾时代科技有限公司 Method, device and system for binding user account information and user identity information
CN113722619A (en) * 2021-08-20 2021-11-30 北京市商汤科技开发有限公司 Content display method, device, equipment and computer readable storage medium
CN114553573A (en) * 2022-02-23 2022-05-27 中国工商银行股份有限公司 Identity authentication method and device
WO2022135269A1 (en) * 2020-12-22 2022-06-30 华为技术有限公司 Method for authorizing by using another device, electronic devices and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
CN103986720A (en) * 2014-05-26 2014-08-13 网之易信息技术(北京)有限公司 Log-in method and device
CN104753943A (en) * 2015-03-30 2015-07-01 努比亚技术有限公司 Method and device for log-in control of third-party account
CN106295394A (en) * 2016-07-22 2017-01-04 飞天诚信科技股份有限公司 Resource authorization method and system and authorization server and method of work
CN107196898A (en) * 2017-03-14 2017-09-22 阿里巴巴集团控股有限公司 Account logon method, page display method, client and server
US20190097996A1 (en) * 2016-05-09 2019-03-28 Alibaba Group Holding Limited Automatic login method and device between multiple websites

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
CN103986720A (en) * 2014-05-26 2014-08-13 网之易信息技术(北京)有限公司 Log-in method and device
CN104753943A (en) * 2015-03-30 2015-07-01 努比亚技术有限公司 Method and device for log-in control of third-party account
US20190097996A1 (en) * 2016-05-09 2019-03-28 Alibaba Group Holding Limited Automatic login method and device between multiple websites
CN106295394A (en) * 2016-07-22 2017-01-04 飞天诚信科技股份有限公司 Resource authorization method and system and authorization server and method of work
CN107196898A (en) * 2017-03-14 2017-09-22 阿里巴巴集团控股有限公司 Account logon method, page display method, client and server

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112214705A (en) * 2020-08-21 2021-01-12 长沙市到家悠享网络科技有限公司 Page display method, device and equipment
CN111970298A (en) * 2020-08-26 2020-11-20 腾讯科技(深圳)有限公司 Application access method and device, storage medium and computer equipment
CN111970298B (en) * 2020-08-26 2024-01-05 腾讯科技(深圳)有限公司 Application access method and device, storage medium and computer equipment
CN112200555A (en) * 2020-09-30 2021-01-08 北京达佳互联信息技术有限公司 Electronic resource transfer method, device and storage medium
CN112241544A (en) * 2020-10-27 2021-01-19 北京百家科技集团有限公司 Business system, access method, device, computer equipment and storage medium
CN112241544B (en) * 2020-10-27 2023-10-31 北京百家科技集团有限公司 Service system, access method, access device, computer equipment and storage medium
CN112104663B (en) * 2020-10-30 2023-06-23 上海连尚网络科技有限公司 Method and equipment for managing login user and user equipment
CN112104663A (en) * 2020-10-30 2020-12-18 上海连尚网络科技有限公司 Method and equipment for managing login user and user equipment
WO2022135269A1 (en) * 2020-12-22 2022-06-30 华为技术有限公司 Method for authorizing by using another device, electronic devices and system
CN112883053B (en) * 2021-01-27 2022-10-18 苏州达家迎信息技术有限公司 Multi-role data processing method and device, storage medium and electronic equipment
CN112883053A (en) * 2021-01-27 2021-06-01 苏州达家迎信息技术有限公司 Multi-role data processing method and device, storage medium and electronic equipment
CN112968866A (en) * 2021-01-28 2021-06-15 北京芯盾时代科技有限公司 Method, device and system for binding user account information and user identity information
CN113722619A (en) * 2021-08-20 2021-11-30 北京市商汤科技开发有限公司 Content display method, device, equipment and computer readable storage medium
WO2023020619A1 (en) * 2021-08-20 2023-02-23 上海商汤智能科技有限公司 Content display method and apparatus, device, computer-readable storage medium, computer program and computer program product
CN114553573A (en) * 2022-02-23 2022-05-27 中国工商银行股份有限公司 Identity authentication method and device
CN114553573B (en) * 2022-02-23 2024-05-28 中国工商银行股份有限公司 Identity authentication method and device

Also Published As

Publication number Publication date
CN111385267B (en) 2022-06-21

Similar Documents

Publication Publication Date Title
CN111385267B (en) Application authorization control method and device and electronic equipment
CN104735066B (en) A kind of single-point logging method of object web page application, device and system
US8844013B2 (en) Providing third party authentication in an on-demand service environment
JP6280641B2 (en) Account login method, device and system
EP2765529B1 (en) A method of authenticating a user of a peripheral apparatus, a peripheral apparatus, and a system for authenticating a user of a peripheral apparatus
CN105491008B (en) Public account two-dimensional code generation method and device and public account attention method and device
CN102710640B (en) Authorization requesting method, device and system
CN108881228B (en) Cloud registration activation method, device, equipment and storage medium
CN102882903A (en) Method and system for acquiring multi-site application information
CN111698250A (en) Access request processing method and device, electronic equipment and computer storage medium
CN113381979B (en) Access request proxy method and proxy server
CN103036902A (en) Login control method and login control system based on two-dimension code
CN103023919A (en) Two-dimensional code based login control method and two-dimensional code based login control system
CN111372238B (en) Login method, login device, electronic equipment and computer-readable storage medium
KR101358346B1 (en) Method for auto log-in and system for the same
CN111212075A (en) Service request processing method and device, electronic equipment and computer storage medium
CN105191208B (en) Method for activating the application program on user apparatus
CN109474600B (en) Account binding method, system, device and equipment
JP4745965B2 (en) Login method with multiple identifiers for instant messaging system
CN103905399A (en) Account registration management method and apparatus
CN108768928B (en) Information acquisition method, terminal and server
CN109726545B (en) Information display method, equipment, computer readable storage medium and device
CN111064708A (en) Authorization authentication configuration method, authorization authentication device and electronic equipment
US8826373B2 (en) Methods and systems for sharing digital assets
CN103559430B (en) application account management method and device based on Android system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant