CN112836189B - Third party application access method, terminal and computer readable storage medium - Google Patents
Third party application access method, terminal and computer readable storage medium Download PDFInfo
- Publication number
- CN112836189B CN112836189B CN202110222741.4A CN202110222741A CN112836189B CN 112836189 B CN112836189 B CN 112836189B CN 202110222741 A CN202110222741 A CN 202110222741A CN 112836189 B CN112836189 B CN 112836189B
- Authority
- CN
- China
- Prior art keywords
- party application
- user
- authority
- request
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 230000004044 response Effects 0.000 claims description 17
- 230000009191 jumping Effects 0.000 claims description 3
- 238000011161 development Methods 0.000 abstract description 22
- 238000012795 verification Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 6
- 230000004048 modification Effects 0.000 description 5
- 238000005457 optimization Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 238000011160 research Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an access method, a terminal and a computer readable storage medium of a third party application, wherein the access method of the third party application comprises the following steps: intercepting request parameters of a third party application sent by a server, wherein the request parameters are obtained through configuration of the server when a user accesses the third party application; determining whether the user has logged into the third party application; when the user is detected to be logged in to the third party application, determining whether the user has access rights to the request parameters; and when the access right of the request parameter is detected to be available for the user, the request parameter is sent to the third party application, so that the third party application responds to the request parameter. The invention can solve the problem of higher development cost.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a third party application access method, a terminal, and a computer readable storage medium.
Background
Currently, enterprises generally introduce some third party applications or products into self-developed systems, and how to seamlessly integrate the third party applications or products into the self-developed systems to enhance user experience is becoming more and more necessary. For integration of third party applications, a method generally adopted by enterprises is to perform customized development on the third party applications, for example, the third party applications are integrated into existing unified user login, role authority control and the like, after the customized development, users can directly access the third party applications, login verification and authority verification of the users are completed in the third party applications, however, the customized development of the third party applications needs to perform a great deal of modification and optimization on related program codes, so that development cost is high.
Disclosure of Invention
The invention mainly aims to provide an access method, a terminal and a computer readable storage medium for third party application, and solves the problem of high development cost.
In order to achieve the above object, the present invention provides an access method for a third party application, the access method for the third party application including:
intercepting request parameters of a third party application sent by a server, wherein the request parameters are obtained through configuration of the server when a user accesses the third party application;
determining whether the user has logged into the third party application;
when the user is detected to be logged in to the third party application, determining whether the user has access rights to the request parameters;
and when the access right of the request parameter is detected to be available for the user, the request parameter is sent to the third party application, so that the third party application responds to the request parameter.
Optionally, the step of determining whether the user has logged into the third party application comprises:
acquiring login information of the user;
and determining whether the login information is preset information, wherein when the login information is the preset information, the user is determined to be logged in to the third party application.
Optionally, the step of determining whether the user has logged into the third party application comprises:
and when the fact that the user does not log in the third-party application is detected, jumping to a user login interface to enable the user to log in the third-party application according to the user login interface.
Optionally, the step of determining whether the user has access rights to the request parameter includes:
acquiring a target authority of the request parameter;
acquiring the access rights of the user;
and determining whether the access rights comprise the target rights or not, wherein when the access rights of the user comprise the target rights, the user is determined to have the access rights of the request parameters.
Optionally, the request parameter includes a request path, and the step of obtaining the target authority of the request parameter includes:
acquiring the request path;
acquiring a first authority list;
searching the authority corresponding to the request path in the first authority list;
and determining the authority corresponding to the request path as the target authority of the request parameter.
Optionally, the step of obtaining the access right of the user includes:
acquiring role information of the user;
acquiring a second authority list;
determining the authority corresponding to the role information according to the second authority list;
and determining the authority corresponding to the role information as the access authority of the user.
Optionally, the step of receiving the request parameter of the third party application sent by the server includes:
acquiring the service type of the third party application;
and creating a first authority list and a second authority list according to the service type.
Optionally, the step of sending the request parameter to the third party application includes:
generating a tracking identifier corresponding to the request parameter;
associating the tracking identifier with the request parameter;
and sending the associated request parameters and the tracking identification to the third party application.
In addition, to achieve the above object, the present invention also provides a terminal device, where the terminal device includes a memory, a processor, and an access program of a third party application stored in the memory and executable on the processor, and the access program of the third party application implements the steps of the access method of the third party application described in any one of the above when executed by the processor.
In addition, to achieve the above object, the present invention further provides a computer-readable storage medium having stored thereon an access program of a third party application, which when executed by a processor, implements the steps of the access method of the third party application described in any one of the above.
The invention provides a third party application access method, a terminal and a computer readable storage medium, wherein the self application intercepts a request parameter of a third party application sent by a server, wherein the request parameter is obtained through server configuration when a user accesses the third party application, whether the user logs in the third party application is determined, when the user is detected to log in the third party application, whether the user has access authority of the request parameter is determined, and when the user is detected to have access authority of the request parameter, the request parameter is sent to the third party application, so that the third party application responds to the request parameter. Therefore, when the user accesses the third party application, the user does not directly access the third party application, but forwards the request parameters of the user to the third party application through the system self-application, and indirectly accesses the third party application, and the user login verification and the permission verification are completed in the self-application, so that customized development of the third party application is not needed, modification and optimization of program codes of the third party application are not needed, development cost is reduced, and the problem of higher development cost is solved.
Drawings
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Fig. 1 is a schematic diagram of a hardware architecture of a terminal device according to an embodiment of the present invention;
FIG. 2 is a flowchart of a third party application access method according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a second embodiment of an access method for a third party application according to the present invention;
FIG. 4 is a flowchart illustrating a third embodiment of an access method for a third party application according to the present invention;
FIG. 5 is a flowchart illustrating a fourth embodiment of an access method for a third party application according to the present invention;
fig. 6 is a structural deployment diagram of an access method of a third party application of the present invention.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The main solutions of the embodiments of the present invention are: intercepting a request parameter of a third party application sent by a server, wherein the request parameter is obtained through server configuration when a user accesses the third party application, determining whether the user logs in the third party application, determining whether the user has access rights to the request parameter when the user is detected to log in the third party application, and sending the request parameter to the third party application when the user is detected to have the access rights to the request parameter, so that the third party application responds to the request parameter. Therefore, when the user accesses the third party application, the user does not directly access the third party application, but forwards the request parameters of the user to the third party application through the system self-application, and indirectly accesses the third party application, and the user login verification and the permission verification are completed in the self-application, so that customized development of the third party application is not needed, modification and optimization of program codes of the third party application are not needed, development cost is reduced, and the problem of higher development cost is solved.
In order to better understand the above technical solution, exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In order to better understand the above technical solutions, the following detailed description will refer to the accompanying drawings and specific embodiments.
As shown in fig. 1, fig. 1 is a schematic diagram of a hardware architecture of a terminal device according to an embodiment of the present invention.
As shown in fig. 1, the terminal device may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein the communication bus 1002 is used to enable connected communication between these components. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., a memory), such as disk storage. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.
It will be appreciated by those skilled in the art that the structure of the terminal device shown in fig. 1 does not constitute a limitation of the terminal device, and may include more or fewer components than shown, or may combine certain components, or may have a different arrangement of components.
As shown in fig. 1, an access program of an operating system and a third party application may be included in a memory 1005 as one type of computer storage medium.
In the terminal device shown in fig. 1, the processor 1001 may be configured to call an access program of a third party application stored in the memory 1005, and perform the following operations:
intercepting request parameters of a third party application sent by a server, wherein the request parameters are obtained through configuration of the server when a user accesses the third party application;
determining whether the user has logged into the third party application;
when the user is detected to be logged in to the third party application, determining whether the user has access rights to the request parameters;
and when the access right of the request parameter is detected to be available for the user, the request parameter is sent to the third party application, so that the third party application responds to the request parameter.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
acquiring login information of the user;
and determining whether the login information is preset information, wherein when the login information is the preset information, the user is determined to be logged in to the third party application.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
and when the fact that the user does not log in the third-party application is detected, jumping to a user login interface to enable the user to log in the third-party application according to the user login interface.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
acquiring a target authority of the request parameter;
acquiring the access rights of the user;
and determining whether the access rights comprise the target rights or not, wherein when the access rights of the user comprise the target rights, the user is determined to have the access rights of the request parameters.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
acquiring the request path;
acquiring a first authority list;
searching the authority corresponding to the request path in the first authority list;
and determining the authority corresponding to the request path as the target authority of the request parameter.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
acquiring role information of the user;
acquiring a second authority list;
determining the authority corresponding to the role information according to the second authority list;
and determining the authority corresponding to the role information as the access authority of the user.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
acquiring the service type of the third party application;
and creating a first authority list and a second authority list according to the service type.
Further, the processor 1001 may call an access program of the third party application stored in the memory 1005, and further perform the following operations:
generating a tracking identifier corresponding to the request parameter;
associating the tracking identifier with the request parameter;
and sending the associated request parameters and the tracking identification to the third party application.
Referring to fig. 2, fig. 2 is a flowchart of a first embodiment of an access method for a third party application according to the present invention, where the access method for the third party application includes the following steps:
step S10, intercepting request parameters of a third party application sent by a server, wherein the request parameters are obtained through configuration of the server when a user accesses the third party application;
in this embodiment, the user accesses the third party application through a terminal device, where the terminal device is a device for inputting a program and data to a computer or receiving a processing result from the computer through a communication facility, and is mainly formed by combining a communication interface control device with a dedicated or selected input/output device, and the terminal device may be a computer, a mobile phone, a tablet, or a portable computer. A third party application is related software developed by other organizations or individuals than the software composer for some software or application's functional inadequacies. In general, an enterprise introduces a third party application into a self-grinding system to improve user experience, and because the third party application is a non-system self-application and is difficult to adapt to the self-grinding system, in order to enable a user to conveniently access the third party application, the enterprise generally performs customized development on the third party application directly to integrate the third party application into the self-grinding system, and the user can directly log in, verify and access the customized developed third party application, but the customized development on the third party application clearly increases the development cost of the enterprise. In order to solve the above problems, the embodiment intercepts the access request of the user by using the self-application in the enterprise self-research system, so as to indirectly access the third party application by using the existing functions of the system self-application, and maintain the relative independence of the third party application and the enterprise self-research system, thereby avoiding the customized development of the third party application and further reducing the development cost. The self application is an application in the enterprise self-research system, and the third party application can be directly accessed through the existing functions of the self application without customizing and developing the third party application. For example, the native application accesses a third party application by invoking a related program.
Specifically, referring to fig. 6, fig. 6 is a schematic structural deployment diagram of an access method of a third party application according to the present invention, and as shown in fig. 6, structural deployment of the access method of the third party application mainly relates to a user terminal 01, a server 02, a self-application 03 and a third party application 04, wherein the user terminal 01 interacts with the server 02, the server 02 interacts with the self-application 03, and the self-application 03 interacts with the third party application 04. The user accesses the third party application through the user terminal 01 to generate an access request and sends the access request to the server 02, the server 02 configures request parameters according to the access request of the user, the request parameters configured by the server 02 are intercepted by the self-application 03 in the process of sending the request parameters to the third party application 04, the self-application 03 verifies whether the user logs in the third party application 04 after intercepting the request parameters, and judges whether the user has the access authority of the third party application 04 according to the request parameters, when the user is determined to log in the third party application 04 and has the access authority of the third party application 04, the self-application 03 sends the request parameters to the third party application 04, so that the third party application 04 responds to the request parameters to generate response results of the request parameters, and the third party application 04 feeds the response results of the request parameters back to the user terminal 01 through the self-application 03 and the server 02.
In the present embodiment, the subject self-application 03 is executed; the server 02 is a computer device with high-speed CPU operation capability, long-time reliable operation, strong I/O external data throughput capability and better expansibility, the server 02 in this embodiment may be selected as a nmginx server, which is a high-performance HTTP and reverse proxy web server, and the nmginx server may perform request parameter configuration on an access request from the user terminal 01; the request parameter is a parameter configured by the server 02 for the access request of the user terminal 01, and the request parameter is at least an access path, a message body, and the like.
Specifically, after a user sends an access request of a third party application through a user terminal 01, a server 02 receives the access request of the user, and the server 02 configures request parameters according to the access request of the user, wherein the request parameters are approximately configured as follows:
after the request parameter configuration is completed, the server 02 sends the request parameter, and the self-application 03 intercepts the request parameter sent by the server 02, wherein the interception is that the request parameter of the server 02 is temporarily stored in the self-application 03, and is not directly sent to the third-party application 04.
Step S20, determining whether the user has logged in to the third party application;
in this embodiment, after intercepting the request parameters sent by the server 02, the self-application 03 determines whether the user has logged in to the third party application 04, and logging in to the third party application 04 indicates that the user has logged in to the third party application 04, and the user can access the third party application 04 only under the condition that the user has logged in to the third party application 04.
Step S30, when the user is detected to be logged in the third party application, determining whether the user has the access authority of the request parameter;
in this embodiment, access rights are mechanisms that restrict access to certain information items or certain controls based on the identity of the user and its membership in various predefined groups, access controls are typically used by a system administrator to control access of the user to network resources (such as servers, directories and files), and are typically implemented by granting rights to the user and groups to access specific objects. In this embodiment, the access information corresponding to the request parameter is provided with permission control, and the user can only access the information or the resource corresponding to the request parameter having the access permission.
Specifically, when detecting that the user logs in the third party application, the self application 03 further determines whether the user has access rights corresponding to the request parameters, and when the user has access rights corresponding to the request parameters, the self application indicates that the user has access to information or resources corresponding to the request parameters; and when the user does not have the access right corresponding to the request parameter, indicating that the user does not have the access to the information or the resource corresponding to the request parameter.
And step S40, when the user is detected to have the access right of the request parameter, the request parameter is sent to the third party application, so that the third party application responds to the request parameter.
In this embodiment, the response request parameter generates a response result corresponding to the request parameter, where the response result may be information or resource corresponding to the queried request parameter.
Specifically, when detecting that the user has the access right corresponding to the request parameter, the self-application 03 sends the request parameter to the third party application 04, where the self-application 03 forwards the request parameter according to the forwarding route configuration, and in the forwarding process, the request parameter, the Content-Type (Content Type), and the CharSet (coding Type) are required to be unchanged. The third party application 04 generates a response result corresponding to the request parameter according to the received request parameter, for example, queries information or resources which the user needs to access according to the request parameter. After the third party application 04 generates the response result corresponding to the request parameter, the response result is fed back to the self application 03, the self application 03 feeds back the response result to the server 02, the server 02 feeds back the response result to the user terminal 01, and the user can view the accessed information according to the fed back response result. In the feedback process of the response result, the self-application 03 and the server 02 do not perform any data processing on the response result, and the self-application 03 and the server 02 only serve as media to forward the response result.
In the technical solution provided in this embodiment, the self application 03 intercepts a request parameter of the third party application 04 sent by the server 02, where the request parameter is obtained through configuration of the server 02 when a user accesses the third party application 04, determines whether the user has logged in to the third party application 04, determines whether the user has access rights to the request parameter when the user has logged in to the third party application 04 is detected, and sends the request parameter to the third party application 04 when the user has access rights to the request parameter is detected, so that the third party application responds to the request parameter 04. In this way, when the user accesses the third party application 04, the user does not directly access the third party application 04, but forwards the request parameters of the user to the third party application 04 through the system self application 03, and indirectly accesses the third party application 04, and the user login verification and the authority verification are completed in the self application 03, so that customized development of the third party application 04 is not required, modification and optimization of the program codes of the third party application 04 are not required, development cost is reduced, and the problem of higher development cost is solved.
Referring to fig. 3, fig. 3 is a flow chart of a second embodiment of an access method for a third party application according to the present invention, based on the first embodiment, the step S20 includes:
step S21, acquiring login information of the user;
in this embodiment, the login information is data information generated when the user logs in the third party application 04, and the login information is used to determine whether the user logs in the third party application.
In this embodiment, a user establishes session connection with a third party application 04 through a user terminal 01, and when the user needs to access the third party application and triggers an access operation, the user terminal 01 and the third party application 04 perform a session to generate session information, where the session information is interaction information between the user terminal 01 and the third party application 04, and the session information at least includes an address of a browser used by the user to access the third party application 04 and login information of the user third party application 04. The session information is stored in the own application 03.
Specifically, after intercepting the request parameters of the third party application 04 sent by the server 02, the self application 03 automatically obtains the stored session information of the user and the third party application 04, and determines the login information of the user according to the session information.
Step S22, determining whether the login information is preset information, wherein when the login information is the preset information, the user is determined to be logged in to the third party application.
In this embodiment, the preset information is data information corresponding to the user when the user logs in the third party application 04, and after the self application 03 obtains the login information of the user, it is determined whether the login information of the user is the preset information, and when the login information is the preset information, it is determined that the user has logged in the third party application 04.
It can be understood that when it is detected that the user does not log in the third party application 04, that is, when the login information of the user is not preset information, the self application 03 automatically jumps to the user login interface and returns to the user terminal 01, so that the user logs in the third party application 04 according to the user login interface.
In the technical scheme provided by the embodiment, the self application 03 determines whether the login information is preset information by acquiring the login information of the user, wherein when the login information is the preset information, the user is determined to have logged in the third party application 04, so that the user is ensured to have logged in the third party application before accessing the third party application by setting the login verification of the user, and meanwhile, the verification process is performed in the self application 03 without program modification and optimization, thereby reducing the development cost.
Referring to fig. 4, fig. 4 is a flowchart of a third embodiment of an access method for a third party application according to the present invention, based on the first embodiment, the step S30 includes:
step S31, when the user is detected to be logged in the third party application, acquiring the target authority of the request parameter;
in this embodiment, the target authority is an authority that is necessary to access information or a resource corresponding to the request parameter, and the user can access the information or the resource corresponding to the request parameter only if the user has the target authority. The own application 03 obtains the target authority of the request parameter when detecting that the user has logged into the third party application 04.
Specifically, the self-application 03 obtains the first authority list by obtaining the request path, searches the authority corresponding to the request path in the first authority list, and determines the authority corresponding to the request path as the target authority of the request parameter. The request parameters comprise request paths, the request paths are access paths for users to access the third party application 04, the request paths are character string codes, each request path corresponds to a right, and the right is the target right of the request parameters. The target authority of the request parameter may be determined by the first authority list. The self-application 03 adopts RBAC (Role-Base Access Control based access control) to perform access authority control, the self-application 03 establishes a set of relation table of request paths and authority configuration, wherein the relation table of authority configuration is a first authority list, the first authority list comprises request paths, request modes and authorities, each request path corresponds to one request mode and one authority, the self-application 03 establishes the first authority list in advance, and the authorities corresponding to the request paths can be found out according to the request paths in the first authority list. In this embodiment, when detecting that the user has logged in the third party application, the self application 03 obtains a request path in the request parameter, and simultaneously obtains a first permission list, searches for a permission corresponding to the request path in the first permission list, and determines the searched permission corresponding to the request path as a target permission of the request parameter.
Step S32, obtaining the access rights of the user;
in this embodiment, the access right of the user is the right of the user to access the third party application 04. After the self application 03 obtains the target authority of the request parameter, the access authority of the user is obtained.
Specifically, the self-application 03 obtains the second permission list by obtaining the role information of the user, determines the permission corresponding to the role information according to the second permission list, and determines the permission corresponding to the role information as the access permission of the user. The self application 03 adopts RBAC to carry out access authority control, the self application 03 establishes a set of relationship table of role information and authority configuration of the user, the relationship table of the authority configuration is a second authority list, the second authority list comprises the role information and the authority of the user, in the second authority list, each role information corresponds to one or more authorities, the one or more authorities are access authorities possessed by the user, and the access authorities possessed by the user can be searched through the role information of the user. In this embodiment, after acquiring the target authority of the request parameter, the self application 03 acquires the role information of the user, acquires a second authority list, searches the authority corresponding to the role information in the second authority list, and determines the authority corresponding to the searched role information as the access authority of the user.
Step S33, determining whether the access rights include the target rights, where when the access rights of the user include the target rights, it is determined that the user has the access rights of the request parameters.
In this embodiment, after acquiring the target authority of the request parameter and the access authority of the user, the self application 03 searches the target authority in the access authority of the user, determines whether the access authority of the user includes the target authority of the request parameter, and determines that the user has the access authority of the request parameter when the access authority of the user includes the target authority.
Further, before receiving the request parameters of the third party application sent by the server, the self application 03 obtains the service type of the third party application, and creates a first authority list and a second authority list based on RBAC access authority control according to the service type, so as to control the access authority of the third party application.
In the technical scheme provided in this embodiment, the self-application 03 obtains the access rights of the user by obtaining the target rights of the request parameters, determines whether the access rights include the target rights, and determines that the user has the access rights of the request parameters when the access rights of the user include the target rights. In this way, the scheme prevents users without access rights from accessing information or resources corresponding to the request parameters by setting the rights verification, and the rights verification process is also performed in the self-application 03, so that the program of the third party application does not need to be changed and optimized, and the development cost is reduced.
Referring to fig. 5, fig. 5 is a flowchart of a fourth embodiment of an access method for a third party application according to the present invention, based on the first embodiment, the step S40 includes:
step S41, when the user is detected to have the access right of the request parameter, generating a tracking identifier corresponding to the request parameter;
in this embodiment, the tracking identifier is an identifier for tracking the request parameter, and the tracking identifier is a character string code. The self-application 03 generates a tracking identifier of the request parameter when detecting that the user has access rights to the request parameter.
Step S42, associating the tracking identifier with the request parameter;
in this embodiment, after the self-application 03 generates the tracking identifier corresponding to the request parameter, the tracking identifier is added to the back of the request path to associate the tracking identifier with the request parameter, and the response result corresponding to the request parameter and the request parameter can be analyzed through the tracking identifier.
And step S43, the associated request parameters and the tracking identification are sent to the third party application. To cause the third party application to respond to the request parameters.
In this embodiment, after associating the tracking identifier and the request parameter, the self-application 03 sends the associated request parameter and tracking identifier to the third party application 04, so that the third party application 04 responds to the request parameter to generate a response result of the request parameter.
In the technical scheme provided by the embodiment, the self application 03 associates the tracking identifier with the request parameter by generating the tracking identifier corresponding to the request parameter, and sends the associated request parameter and tracking identifier to the third party application 04, so that the tracking of the access request of the user is facilitated, and the user request is analyzed according to the actual needs.
Based on the above embodiment, the present invention further provides a terminal device, where the terminal device may include a memory, a processor, and an access program of a third party application stored in the memory and capable of running on the processor, and when the processor executes the access program of the third party application, the steps of the access method of the third party application according to any one of the above embodiments are implemented.
Based on the above embodiment, the present invention further provides a computer readable storage medium, on which an access program of a third party application is stored, where the access program of the third party application, when executed by a processor, implements the steps of the access method of the third party application according to any of the above embodiments.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) as described above, comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
Claims (6)
1. An access method of a third party application, which is applied to an application itself, the access method of the third party application comprising:
intercepting request parameters of a third party application sent by a server, wherein the request parameters are obtained through configuration of the server when a user accesses the third party application;
determining whether the user has logged into the third party application;
when the self application detects that the user logs in the third party application, a request path is acquired;
acquiring a first authority list;
searching the authority corresponding to the request path in the first authority list, determining the authority corresponding to the request path as a target authority of a request parameter, wherein the self application establishes a set of relation table of the request path and the authority configuration, the relation table of the authority configuration is the first authority list, the first authority list comprises the request path, a request mode and the authority, each request path corresponds to one request mode and one authority, the self application establishes the first authority list in advance, and the authority corresponding to the request path can be searched in the first authority list according to the request path;
the self application acquires a second authority list by acquiring the role information of the user, determines the authority corresponding to the role information according to the second authority list, and determines the authority corresponding to the role information as the access authority of the user, wherein the self application establishes a set of relationship tables of the role information of the user and the authority configuration, the relationship tables of the authority configuration are the second authority list, the second authority list comprises the role information and the authority of the user, and in the second authority list, each role information corresponds to one or more authorities which are the access authorities possessed by the user;
determining whether the access rights comprise the target rights or not, wherein when the access rights of the user comprise the target rights, determining that the user has the access rights of the request parameters;
when the user is detected to have the access right of the request parameter, generating a tracking identifier corresponding to the request parameter;
associating the tracking identifier with the request parameter so that the tracking identifier analyzes the request parameter and a response result corresponding to the request parameter;
and sending the associated request parameters and the tracking identification to the third party application so that the third party application responds to the request parameters.
2. The method of accessing a third party application according to claim 1, wherein the step of determining whether the user has logged into the third party application comprises:
acquiring login information of the user;
and determining whether the login information is preset information, wherein when the login information is the preset information, the user is determined to be logged in to the third party application.
3. The method of accessing a third party application according to claim 1, wherein the step of determining whether the user has logged into the third party application comprises, after:
and when the fact that the user does not log in the third-party application is detected, jumping to a user login interface to enable the user to log in the third-party application according to the user login interface.
4. The method for accessing a third party application according to claim 1, wherein the step of intercepting the request parameter of the third party application transmitted by the server comprises, before:
acquiring the service type of the third party application;
and creating a first authority list and a second authority list according to the service type.
5. A terminal device, characterized in that the terminal device comprises a memory, a processor and an access program for a third party application stored on the memory and executable on the processor, the access program for the third party application, when executed by the processor, implementing the steps of the access method for the third party application according to any one of claims 1-4.
6. A computer readable storage medium, wherein an access program of a third party application is stored on the computer readable storage medium, and the access program of the third party application, when executed by a processor, implements the steps of the access method of the third party application according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110222741.4A CN112836189B (en) | 2021-02-26 | 2021-02-26 | Third party application access method, terminal and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110222741.4A CN112836189B (en) | 2021-02-26 | 2021-02-26 | Third party application access method, terminal and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112836189A CN112836189A (en) | 2021-05-25 |
| CN112836189B true CN112836189B (en) | 2023-11-14 |
Family
ID=75934093
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110222741.4A Active CN112836189B (en) | 2021-02-26 | 2021-02-26 | Third party application access method, terminal and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112836189B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115225401A (en) * | 2022-07-25 | 2022-10-21 | 北京天融信网络安全技术有限公司 | Access control method, device, electronic equipment and computer readable storage medium |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
| CN109471740A (en) * | 2018-10-31 | 2019-03-15 | 深圳智链物联科技有限公司 | Built-in system and third party system software interconnection method, device and terminal device |
| CN110287709A (en) * | 2019-05-22 | 2019-09-27 | 深圳壹账通智能科技有限公司 | User's operation authority control method, device, equipment and medium |
| CN110287660A (en) * | 2019-05-21 | 2019-09-27 | 深圳壹账通智能科技有限公司 | Access right control method, device, equipment and storage medium |
| CN110378147A (en) * | 2019-07-25 | 2019-10-25 | 杭州涂鸦信息技术有限公司 | Data access authority control method and system, readable storage medium storing program for executing and computer |
| CN111064757A (en) * | 2020-03-18 | 2020-04-24 | 腾讯科技(深圳)有限公司 | Application access method and device, electronic equipment and storage medium |
| CN111191210A (en) * | 2019-12-10 | 2020-05-22 | 未鲲(上海)科技服务有限公司 | Data access right control method and device, computer equipment and storage medium |
| CN111200601A (en) * | 2019-12-29 | 2020-05-26 | 航天信息股份有限公司企业服务分公司 | Method and system for butting user and application based on universal transit service |
| CN111800440A (en) * | 2020-09-08 | 2020-10-20 | 平安国际智慧城市科技股份有限公司 | Multi-policy access control login method and device, computer equipment and storage medium |
| CN112055024A (en) * | 2020-09-09 | 2020-12-08 | 深圳市欢太科技有限公司 | Authority verification method and device, storage medium and electronic equipment |
| CN112118238A (en) * | 2020-09-04 | 2020-12-22 | 腾讯音乐娱乐科技(深圳)有限公司 | Method, device, system, equipment and storage medium for authentication login |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9111086B2 (en) * | 2011-04-18 | 2015-08-18 | Sap Se | Secure management of user rights during accessing of external systems |
| US10257182B2 (en) * | 2016-07-25 | 2019-04-09 | Okta, Inc. | Login proxy for third-party applications |
-
2021
- 2021-02-26 CN CN202110222741.4A patent/CN112836189B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
| CN109471740A (en) * | 2018-10-31 | 2019-03-15 | 深圳智链物联科技有限公司 | Built-in system and third party system software interconnection method, device and terminal device |
| CN110287660A (en) * | 2019-05-21 | 2019-09-27 | 深圳壹账通智能科技有限公司 | Access right control method, device, equipment and storage medium |
| CN110287709A (en) * | 2019-05-22 | 2019-09-27 | 深圳壹账通智能科技有限公司 | User's operation authority control method, device, equipment and medium |
| CN110378147A (en) * | 2019-07-25 | 2019-10-25 | 杭州涂鸦信息技术有限公司 | Data access authority control method and system, readable storage medium storing program for executing and computer |
| CN111191210A (en) * | 2019-12-10 | 2020-05-22 | 未鲲(上海)科技服务有限公司 | Data access right control method and device, computer equipment and storage medium |
| CN111200601A (en) * | 2019-12-29 | 2020-05-26 | 航天信息股份有限公司企业服务分公司 | Method and system for butting user and application based on universal transit service |
| CN111064757A (en) * | 2020-03-18 | 2020-04-24 | 腾讯科技(深圳)有限公司 | Application access method and device, electronic equipment and storage medium |
| CN112118238A (en) * | 2020-09-04 | 2020-12-22 | 腾讯音乐娱乐科技(深圳)有限公司 | Method, device, system, equipment and storage medium for authentication login |
| CN111800440A (en) * | 2020-09-08 | 2020-10-20 | 平安国际智慧城市科技股份有限公司 | Multi-policy access control login method and device, computer equipment and storage medium |
| CN112055024A (en) * | 2020-09-09 | 2020-12-08 | 深圳市欢太科技有限公司 | Authority verification method and device, storage medium and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112836189A (en) | 2021-05-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11425137B2 (en) | Centralized authentication for granting access to online services | |
| US8943208B2 (en) | Controlling access to resources by hosted entities | |
| US8020190B2 (en) | Enhanced browser security | |
| US8126963B1 (en) | System and method for adding dynamic information to digitally signed mobile applications | |
| CA2840497C (en) | System for multi-point publication syndication | |
| US8849914B2 (en) | System and method for synchronized co-browsing by users in different web sessions | |
| EP2847686B1 (en) | Enhanced document and event mirroring for accessing content | |
| US8769125B2 (en) | Method and apparatus for ensuring transport of user agent information | |
| US10911426B2 (en) | Custom authenticator for enterprise web application | |
| US20030065951A1 (en) | Information providing server, terminal apparatus, control method therefor, and information providing system | |
| US8738711B2 (en) | System and method for redirecting client-side storage operations | |
| US20130212665A1 (en) | Signing off from multiple domains accessible using single sign-on | |
| US20160277417A1 (en) | Method and apparatus for communication number update | |
| US11151239B2 (en) | Single sign-on management for multiple independent identity providers | |
| CN111522849A (en) | Database dynamic access method, server and storage medium | |
| US6691104B1 (en) | System and method for personalizing and applying a post processing tool system | |
| US11882159B2 (en) | Executing code injected into an intercepted application response message to eliminate accumulation of stale computing sessions | |
| CN112836189B (en) | Third party application access method, terminal and computer readable storage medium | |
| US8381269B2 (en) | System architecture and method for secure web browsing using public computers | |
| CN111935107B (en) | Identity authentication method, device, system, electronic equipment and storage medium | |
| US7383326B1 (en) | Methods and computer systems for directing a client to network locations for network hosted services | |
| US20200036749A1 (en) | Web browser incorporating social and community features | |
| CN110334063B (en) | File system operation method, device, equipment and computer readable storage medium | |
| CN117221400A (en) | Application service access method, device, computer equipment and storage medium | |
| CN116720166A (en) | User management method, device, terminal equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |