CN109962897B - Open platform authentication and access method and system based on two-dimensional code scanning - Google Patents
Open platform authentication and access method and system based on two-dimensional code scanningDownload PDFInfo
- Publication number
- CN109962897B CN109962897BCN201711432082.7ACN201711432082ACN109962897BCN 109962897 BCN109962897 BCN 109962897BCN 201711432082 ACN201711432082 ACN 201711432082ACN 109962897 BCN109962897 BCN 109962897B
- Authority
- CN
- China
- Prior art keywords
- authorization
- dimensional code
- authentication
- code
- open platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
- G06K17/0022—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisions for transferring data to distant stations, e.g. from a sensing device
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Power Engineering (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
Description
Technical Field
The invention relates to the technical field of internet, in particular to an open platform authentication and access method and system based on two-dimensional code scanning.
Background
With the development of internet technology, open sharing is an important way for realizing enterprise resource value, but the opening of resources involves certain security and privacy, so that an open platform with authentication can play a promoting role in resource sharing and opening. The system not only needs to be capable of identity authentication, but also needs to open a specific service interface under the condition that the authentication is passed. oauth is a public authentication protocol, and currently develops to oauth2.0, most of traditional schemes based on the protocol use user name and password to perform an identity authentication link, when a plurality of third-party websites need authorization, the operation needs to be repeated, and the user name and password are likely to be revealed under the condition of encountering phishing websites, so that the privacy of users is hidden.
Therefore, a scheme capable of avoiding the hidden danger of phishing websites and protecting the privacy of users in the authentication process is urgently needed to be provided.
Disclosure of Invention
Aiming at the technical problem, the invention provides an open platform authentication and access method and a system thereof based on two-dimensional code scanning, which can ensure the privacy of users in the process of authorization authentication and access.
The technical scheme adopted by the invention is as follows:
the embodiment of the invention provides an open platform authentication method based on two-dimensional code scanning, which comprises the following steps: receiving authentication request information which is sent by a user and requests authentication authorization, wherein the authentication request information comprises an identity; the identity of the user is recognized according to the identity identification, and a two-dimensional code page is generated under the condition that the identity recognition is passed, wherein the two-dimensional code page comprises an authorization code; scanning the generated two-dimensional code page, acquiring the authorization code and generating an authorization request; and updating the authorization state based on the authorization request and the authorization code and generating a corresponding authorization result so as to finish the authentication of the open platform.
Optionally, the method further comprises: sending the generated authorization result and the authorization code to the user; and under the condition that the generated authorization result represents that authorization is successful, the user accesses the open platform by using the authorization code.
Optionally, when the generated authorization result represents that authorization is successful, the accessing, by the user, the open platform by using the authorization code specifically includes: sending an access request to the open platform, wherein the access request comprises the authorization code, the identity and an identity key; confirming the authentication state based on the authorization code, the identity identifier and the identity key, and generating and sending a corresponding bill identifier to the user under the condition that the confirmation authentication is passed; and the user accesses the open platform by using the bill identification.
Optionally, the method further comprises: and when the user accesses the open platform by using the authorization code, verifying the authorization code, and receiving the access of the user under the condition that the verification is passed.
Optionally, the method further comprises: and when the user accesses the open platform by using the bill identification, verifying the bill identification, and receiving the access of the user under the condition that the verification is passed.
The embodiment of the invention also provides an open platform access method based on two-dimensional code scanning, which comprises the following steps: receiving authentication request information which is sent by a user and requests authentication authorization, wherein the authentication request information comprises an identity; the identity of the user is recognized according to the identity identification, and a two-dimensional code page is generated under the condition that the identity recognition is passed, wherein the two-dimensional code page comprises an authorization code; scanning the generated two-dimensional code page, acquiring the authorization code and generating an authorization request; updating an authorization state based on the authorization request and the authorization code, generating a corresponding authorization result, and sending the generated authorization result and the authorization code to the user; and under the condition that the generated authorization result represents that the authorization is successful, the user accesses the open platform by using the authorization code.
Optionally, when the generated authorization result represents that authorization is successful, the accessing, by the user, the open platform by using the authorization code specifically includes: the user sends an access request to the open platform, wherein the access request comprises the authorization code, the identity and the identity key; confirming the authentication state based on the authorization code, the identity identifier and the identity key, and generating a corresponding bill identifier and sending the bill identifier to the user through the callback address under the condition that the confirmation authentication is passed; and the user accesses the open platform by using the bill identification.
Another embodiment of the present invention provides an open platform authentication system based on two-dimensional code scanning, including: a first end, a second end and a third end; the first terminal is configured to send authentication request information requesting authentication authorization to the third terminal, where the authentication request information includes an identity identifier; the third end is used for receiving the authentication request information sent by the first end, identifying the identity of the user according to the identity identifier, and generating a two-dimensional code page under the condition that the identity identification is passed, wherein the two-dimensional code page comprises an authorization code; when an authorization request sent by the second end is received, updating an authorization state based on the authorization request and the authorization code and generating a corresponding authorization result so as to finish the authentication of the open platform; the second end is used for scanning the two-dimensional code page generated by the third end, acquiring the authorization code and generating the authorization request.
Optionally, the third end is further configured to send the generated authorization result and the authorization code to the first end; and the first end is further used for accessing the open platform by using the authorization code under the condition that the generated authorization result represents that authorization is successful.
Another embodiment of the present invention further provides an open platform access system based on two-dimensional code scanning, including: a first end, a second end and a third end; the first terminal is configured to send authentication request information requesting authentication authorization to the third terminal, where the authentication request information includes an identity identifier; the third end is used for receiving the authentication request information sent by the first end, identifying the identity of the user according to the identity identifier, and generating a two-dimensional code page under the condition that the identity identification is passed, wherein the two-dimensional code page comprises an authorization code; the second end is used for scanning the two-dimensional code page generated by the third end, acquiring the authorization code and generating the authorization request; the third end is further configured to, when receiving an authorization request sent by the second end, update an authorization state based on the authorization request and the authorization code and generate a corresponding authorization result, and send the generated authorization result and the authorization code to the first end; and the first end is also used for accessing the open platform by utilizing the authorization code when receiving an authorization result which is sent by the third end and represents successful authorization.
According to the open platform authentication and access method and system based on two-dimensional code scanning, in the authentication and access process, the two-dimensional code scanning is generated for a user to scan, an authorization code is obtained, then the authorization code is used for interacting with the open platform to change the authorization state and obtain the authorization result, the authentication of the open platform is completed, then in the access process, the authorization code is used for access, and the authentication and access are performed through the two-dimensional code scanning, so that the input of a portal user name and a password is not needed in the access authentication, the hidden danger of a phishing webpage is avoided by means of the code scanning authentication mode, and the method is more convenient and safer.
Drawings
Fig. 1 is a schematic structural diagram of an open platform authentication system based on two-dimensional code scanning according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of an open platform authentication method based on two-dimensional code scanning according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an open platform access system based on two-dimensional code scanning according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of an open platform access method based on two-dimensional code scanning according to an embodiment of the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages of the present invention more apparent, the following detailed description is given with reference to the accompanying drawings and specific embodiments.
Fig. 1 is a schematic structural diagram of an open platform authentication system based on two-dimensional code scanning according to an embodiment of the present invention. As shown in fig. 1, an embodiment of the present invention provides an open platform authentication system based on two-dimensional code scanning, including a first end 101, a second end 102, and a third end 103; the first terminal 101 is configured to send authentication request information requesting authentication authorization to the third terminal, where the authentication request information includes an identity identifier; the third end 103 is configured to receive the authentication request information sent by the first end 101, identify the identity of the user according to the identity identifier, and generate a two-dimensional code page when the identity identification passes, where the two-dimensional code page includes an authorization code; when an authorization request sent by the second end 102 is received, updating an authorization state based on the authorization request and the authorization code and generating a corresponding authorization result so as to complete the authentication of the open platform; the second end 102 is configured to scan the two-dimensional code page generated by the third end, obtain the authorization code, and generate the authorization request.
In the embodiment of the present invention, the first end 101 may be a subject that needs to access the code scanning open authentication platform, such as a web portal of a third party, or may be a web login system of the resource platform itself, or may be any other trusted third party system. The second terminal 102 may be a mobile terminal including a mobile application, for example, a mobile application on a mobile phone, where the mobile terminal belongs to an authorized bearer device, and on this basis, an application program is deployed, a two-dimensional code scanning operation may be performed, and the mobile terminal may communicate with a corresponding resource platform, where the communication mode may be, but is not limited to, wireless, wired, and the like. The third terminal 103 is a resource platform providing shared resources, provides an open interface to the outside, and may include a mobile application background and an authorization center, and may be specifically, but not limited to, a background system deployed in a remote server. The authorization center is responsible for processing an authentication request of the third-party portal, returns an authorization two-dimensional code after receiving the request of the third-party portal, provides a two-dimensional code page and detects an authorization state corresponding to the two-dimensional code in authorization, and returns the information related to the authorization result to the third-party portal after detecting that the mobile terminal is authorized. And the mobile application background is responsible for information interaction with the mobile terminal, and the mobile terminal sends the authorization instruction to the resource platform to modify the authorization state after scanning the two-dimensional code.
In this embodiment, the two-dimensional code page does not include user information, but serves as a state where an authorization identifier corresponds to the background of the authorization center, and the authorization center can query the authorization state according to the identifier.
When authentication is performed, the second end performs identity authentication login in a certain manner, and persistent login can be performed in this embodiment. The first end should make an application and a record in advance in an authorization center of the resource platform to obtain the corresponding identity appid and the identity key appkey.
Specifically, the process of performing authentication and authorization on a third-party user by using the open platform authentication system based on two-dimensional code scanning provided by the embodiment of the present invention may include:
step one, when identity authentication is needed to be carried out by a third-party portal, jumping to an authorization interface provided by a resource platform, and transmitting the authorization interface into an apid.
And step two, the authorization center authenticates the appid, and the docket enterprise provides authentication.
And step three, returning the two-dimension code page to the authorization center for the request that the apid passes the authentication. The two-dimensional code page may include a two-dimensional code body and a polling component. The two-dimensional code main body content comprises an authorization code. The polling component periodically queries the background for authorization status. The authorization status is divided into unauthorized, overtime and authorized.
And step four, the user can use the mobile terminal application to scan the code, and authorization control is performed from the mobile terminal. The mobile terminal sends an authorization request to the mobile application background according to the code acquired by scanning the code
And step five, the mobile application background transfers the authorization request sent by the mobile terminal to an authorization center to request to change the authorization state of the code.
And step six, the authorization center inquires the authorization state according to the code, updates the authorization state according to the inquiry result, generates a corresponding authorization result according to the updated authorization state and returns the result to the mobile application background, and the mobile application background returns the authorization result to the mobile application after receiving the authorization result and gives a prompt of whether the authorization is successful or not, thereby finishing the authentication of the open platform. Accordingly, the polling component in the two-dimensional code page may also check for authorization status.
Further, in this embodiment, the third end 103 is further configured to send the generated authorization result and the authorization code to the first end; and the first end 101 is further configured to, when the generated authorization result represents that authorization is successful, access the open platform by using the authorization code.
In this embodiment, the authorization center of the first peer 101 monitors the authorization status, and if the authorization is found to be successful, the authorization result and the code are sent to the first peer. The generated authorization result and code may be sent to the first end 101 via a callback address redirect _ url provided by the first end 101, which may be passed in on an authorization interface provided by the third end 103 when the first end 101 sends the authentication request. The authorization result and the code can also be sent to the first end on line without the callback address under the condition that the first end and the third end keep real-time communication. In addition, if the authorization center detects the authorization timeout, the two-dimensional code page is regenerated. The first terminal 101 may access the open platform by using code when obtaining an authorization result indicating that the authorization is successful.
Further, when the first end 101 accesses the open platform by using the authorization code, the third end may verify the authorization code, and accept the access of the first end if the verification passes. That is, whether the request can access the resource is determined by detecting whether the code is issued by itself, and the identity of the requester is clarified.
Further, in a non-limiting embodiment, accessing the open platform by code may specifically include: the first terminal sends an access request to the third terminal, wherein the access request comprises the authorization code, the identity identification and the identity key; the third terminal confirms the authentication state based on the authorization code, the identity identifier and the identity key, generates a corresponding bill identifier and sends the bill identifier to the first terminal under the condition that the confirmation authentication is passed; the first terminal accesses the third terminal by using the bill identification.
In other words, in the embodiment of the present invention, the third-party user may access the open platform by using the obtained authorization code, or may further obtain the ticket identifier by using the obtained authorization code, and then access the open platform by using the ticket identifier, so as to increase security.
In a specific example, the accessing the open platform by code may specifically include: the third-party portal initiates a https request from the background, and sends the code, the appid and the appkey as parameters to the authorization center; the authorization center checks the code authorization state, appid and appkey, and returns a ticket identifier to the third-party agent portal if the authorization center verifies that the code authorization state, appid and appkey are authenticated. The ticket identifier is a unique identifier related to the identity of the authorized user; the third party portal can use the open interface of the resource platform by using ticket as a parameter.
Further, when the first end 101 accesses the open platform by using the ticket identifier, the third end 103 verifies the ticket identifier, and accepts the access of the user if the verification is passed. That is, whether the request can access the resource is determined by detecting whether the ticket identifier is issued by the ticket identifier, and the identity of the requester is defined.
The open platform authentication system based on two-dimensional code scanning provided by the embodiment is different from a traditional form of authorizing authentication to a third party by a user name and a password during authentication, and conveniently and safely authenticates through a mobile terminal and achieves the purpose of opening resources to serve a third party main body.
Based on the same inventive concept, the embodiment of the invention also provides an open platform authentication method based on two-dimension code scanning, and as the principle of the problem solved by the method is similar to that of the open platform authentication system based on two-dimension code scanning, the implementation of the method can refer to the implementation of the system, and repeated parts are not repeated.
Fig. 2 is a schematic flowchart of an open platform authentication method based on two-dimensional code scanning according to an embodiment of the present invention. As shown in fig. 2, an embodiment of the present invention provides an open platform authentication method based on two-dimensional code scanning, including the following steps:
s101, receiving authentication request information which is sent by a user and requests authentication authorization, wherein the authentication request information comprises an identity.
S102, the identity of the user is recognized according to the identity identification, and a two-dimensional code page is generated under the condition that the identity recognition is passed, wherein the two-dimensional code page comprises an authorization code.
S103, scanning the generated two-dimensional code page, acquiring the authorization code and generating an authorization request.
S104, updating the authorization state based on the authorization request and the authorization code and generating a corresponding authorization result so as to finish the authentication of the open platform.
Further, the method further comprises: sending the generated authorization result and the authorization code to the user; and under the condition that the generated authorization result represents that authorization is successful, the user accesses the open platform by using the authorization code.
Further, the authorization result and the authorization code may be sent through a callback address provided by the user.
Further, the method further comprises: and when the user accesses the open platform by using the authorization code, verifying the authorization code, and receiving the access of the user under the condition that the verification is passed.
Further, when the generated authorization result represents that authorization is successful, the accessing, by the user, the open platform by using the authorization code specifically includes: sending an access request to the open platform, wherein the access request comprises the authorization code, the identity and an identity key; confirming the authentication state based on the authorization code, the identity identifier and the identity key, and generating and sending a corresponding bill identifier to the user under the condition that the confirmation authentication is passed; and the user accesses the open platform by using the bill identification.
Further, the method further comprises: and when the user accesses the open platform by using the bill identification, verifying the bill identification, and receiving the access of the user under the condition that the verification is passed.
Further, the method further comprises: monitoring the authorization state, and regenerating the two-dimensional code page under the condition that the generated authorization result represents the authorization timeout.
The method in this embodiment may be implemented by using the system provided in the foregoing embodiment, a main body of scanning the two-dimensional code in the method may be the mobile terminal in the foregoing embodiment, and an execution main body of authentication may be the authorization center in the foregoing embodiment, and specific implementation principles and processes may refer to the foregoing embodiment, which is not described herein again.
Fig. 3 is a schematic structural diagram of an open platform access system based on two-dimensional code scanning according to an embodiment of the present invention. As shown in fig. 3, the open platform access system based on two-dimensional code scanning provided by this embodiment includes: a first end 301, a second end 302, and a third end 303; the first terminal 301 is configured to send authentication request information requesting authentication authorization to the third terminal 303, where the authentication request information includes an identity identifier; the third end 303 is configured to receive the authentication request information sent by the first end 301, identify the identity of the user according to the identity identifier, and generate a two-dimensional code page when the identity identification passes, where the two-dimensional code page includes an authorization code; the second end 302 is configured to scan a two-dimensional code page generated by the third end 303, obtain the authorization code, and generate the authorization request; the third end 303 is further configured to, when receiving the authorization request sent by the second end 302, update an authorization status based on the authorization request and the authorization code and generate a corresponding authorization result, and send the generated authorization result and authorization code to the first end 301; and the first end 301 is further configured to, when receiving an authorization result indicating successful authorization sent by the third end, access the open platform by using the authorization code.
The first terminal 301, the second terminal 302 and the third terminal 303 in this embodiment are the same as the first terminal 101, the second terminal 102 and the third terminal 103 of the two-dimensional code scanning based open platform authentication system provided in the foregoing embodiments, and the functions performed thereby are also completely the same, and for the sake of simplicity, detailed descriptions thereof are omitted here.
The open platform access system based on two-dimensional code scanning provided by the embodiment is different from a traditional form of authorizing authentication to a third party by a user name and a password when authentication is performed to access a platform, and the purposes of conveniently and safely performing authentication through a mobile terminal and opening resources to serve a third party main body are achieved.
Based on the same inventive concept, the embodiment of the invention also provides an open platform access method based on two-dimensional code scanning, and as the principle of the problem solved by the method is similar to that of the open platform access system based on two-dimensional code scanning, the implementation of the method can refer to the implementation of the system, and repeated details are not repeated.
Fig. 4 is a schematic flowchart of an open platform access method based on two-dimensional code scanning according to an embodiment of the present invention. As shown in fig. 4, an embodiment of the present invention provides an open platform access method based on two-dimensional code scanning, including the following steps:
s401, receiving authentication request information which is sent by a user and requests authentication authorization, wherein the authentication request information comprises an identity.
S402, the identity of the user is recognized according to the identity identification, and a two-dimensional code page is generated under the condition that the identity recognition is passed, wherein the two-dimensional code page comprises an authorization code.
S403, scanning the generated two-dimensional code page, obtaining the authorization code and generating an authorization request.
S404, updating the authorization state based on the authorization request and the authorization code, generating a corresponding authorization result, and sending the generated authorization result and the authorization code to the user.
S405, under the condition that the generated authorization result represents that authorization is successful, the user accesses the open platform by using the authorization code.
Further, the authorization result and the authorization code may be sent through a callback address provided by the user.
Further, when the generated authorization result represents that authorization is successful, the accessing, by the user, the open platform by using the authorization code specifically includes: sending an access request to the open platform, wherein the access request comprises the authorization code, the identity and an identity key; confirming the authentication state based on the authorization code, the identity identifier and the identity key, and generating and sending a corresponding bill identifier to the user under the condition that the confirmation authentication is passed; and the user accesses the open platform by using the bill identification.
Further, the method further comprises: and when the user accesses the open platform by using the bill identification, verifying the bill identification, and receiving the access of the user under the condition that the verification is passed.
Further, the method further comprises: monitoring the authorization state, and regenerating the two-dimensional code page under the condition that the generated authorization result represents the authorization timeout.
The method in this embodiment may be implemented by using the system provided in the foregoing embodiment, a main body of scanning the two-dimensional code in the method may be the mobile terminal in the foregoing embodiment, and an execution main body of authentication may be the authorization center in the foregoing embodiment, and specific implementation principles and processes may refer to the foregoing embodiment, which is not described herein again.
The above-mentioned embodiments are only specific embodiments of the present invention, which are used for illustrating the technical solutions of the present invention and not for limiting the same, and the protection scope of the present invention is not limited thereto, although the present invention is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. An open platform authentication method based on two-dimensional code scanning is characterized by comprising the following steps:
the third end receives authentication request information which is sent by a user at the first end and requests authentication authorization, wherein the authentication request information comprises an identity;
the third end identifies the identity of the user according to the identity identification, and generates a two-dimensional code page under the condition that the identity identification is passed, wherein the two-dimensional code page comprises an authorization code;
the second end scans the generated two-dimensional code page, and the third end acquires the authorization code sent by the second end and generates an authorization request, wherein the two-dimensional code does not contain user information and is only used for inquiring the current authorization state;
the third end updates an authorization state based on the authorization request and the authorization code, generates a corresponding authorization result, and sends the authorization result and the authorization code to the first end user through a callback address or a real-time communication mode to complete the authentication of the open platform; further comprising: the third end monitors the authorization state, and if the authorization timeout is monitored, a two-dimensional code page is regenerated, wherein the two-dimensional code page comprises a two-dimensional code main body and a polling assembly, the two-dimensional code main body comprises the authorization code, and the polling assembly periodically inquires the authorization state;
after the authentication of the open platform scanned by the two-dimensional code, the method further comprises the following steps:
and under the condition of passing authentication and authorization, the third terminal further generates a corresponding bill identification, wherein the bill identification is a unique identification related to the identity of an authorized user, and accesses the open platform according to the bill identification.
2. The open platform authentication method based on two-dimensional code scanning according to claim 1, further comprising:
sending the generated authorization result and the authorization code to the user; and
and under the condition that the generated authorization result represents that the authorization is successful, the user accesses the open platform by using the authorization code.
3. The two-dimensional code scanning-based open platform authentication method according to claim 2, wherein, when the generated authorization result represents that authorization is successful, the accessing of the open platform by the user using the authorization code specifically includes:
sending an access request to the open platform, wherein the access request comprises the authorization code, the identity and an identity key;
confirming the authentication state based on the authorization code, the identity identifier and the identity key, and generating and sending a corresponding bill identifier to the user under the condition that the confirmation authentication is passed;
and the user accesses the open platform by using the bill identification.
4. The open platform authentication method based on two-dimensional code scanning according to claim 2, further comprising: and when the user accesses the open platform by using the authorization code, verifying the authorization code, and receiving the access of the user under the condition that the verification is passed.
5. The open platform authentication method based on two-dimensional code scanning according to claim 3, further comprising: and when the user accesses the open platform by using the bill identification, verifying the bill identification, and receiving the access of the user under the condition that the verification is passed.
6. An open platform access method based on two-dimensional code scanning is characterized by comprising the following steps:
the third end receives authentication request information which is sent by a user at the first end and requests authentication authorization, wherein the authentication request information comprises an identity;
the third end identifies the identity of the user according to the identity identification, and generates a two-dimensional code page under the condition that the identity identification is passed, wherein the two-dimensional code page comprises an authorization code;
the second end scans the generated two-dimensional code page, and the third end acquires the authorization code sent by the second end and generates an authorization request, wherein the two-dimensional code does not contain user information and is only used for inquiring the current authorization state;
the third end updates an authorization state based on the authorization request and the authorization code, generates a corresponding authorization result, sends the authorization result and the authorization code to the first end user through a callback address or a real-time communication mode, and sends the generated authorization result and the generated authorization code to the user;
under the condition that the generated authorization result represents that authorization is successful, the user accesses the open platform by using the authorization code;
further comprising: the first end monitors the authorization state, and if the authorization timeout is monitored, a two-dimensional code page is regenerated, wherein the two-dimensional code page comprises a two-dimensional code main body and a polling assembly, the two-dimensional code main body comprises the authorization code, and the polling assembly periodically inquires the authorization state;
after the authentication of the open platform scanned by the two-dimensional code, the method further comprises the following steps:
and under the condition of passing authentication and authorization, the third terminal further generates a corresponding bill identification, wherein the bill identification is a unique identification related to the identity of an authorized user, and accesses the open platform according to the bill identification.
7. The two-dimensional code scanning-based open platform access method according to claim 6, wherein, when the generated authorization result represents that authorization is successful, the accessing, by the user, of the open platform by using the authorization code specifically includes:
the user sends an access request to the open platform, wherein the access request comprises the authorization code, the identity and the identity key;
confirming the authentication state based on the authorization code, the identity identifier and the identity key, and generating a corresponding bill identifier and sending the bill identifier to the user through the callback address under the condition that the confirmation authentication is passed;
and the user accesses the open platform by using the bill identification.
8. An open platform authentication system based on two-dimensional code scanning is characterized by comprising: a first end, a second end and a third end; wherein,
the first terminal is used for sending authentication request information for requesting authentication authorization to the third terminal, and the authentication request information comprises an identity identifier;
the third end is used for receiving the authentication request information sent by the first end, identifying the identity of the user according to the identity identifier, and generating a two-dimensional code page under the condition that the identity identification is passed, wherein the two-dimensional code page comprises an authorization code; when an authorization request sent by the second end is received, updating an authorization state based on the authorization request and the authorization code, generating a corresponding authorization result, and sending the authorization result and the authorization code to a first end user through a callback address or a real-time communication mode to finish the authentication of the open platform;
the second end is used for scanning a two-dimensional code page generated by the third end, acquiring the authorization code and generating the authorization request, wherein the two-dimensional code does not contain user information and is only used for inquiring the current authorization state;
the third end is further used for monitoring an authorization state, and if the authorization timeout is monitored, a two-dimensional code page is regenerated, wherein the two-dimensional code page comprises a two-dimensional code main body and a polling assembly, the two-dimensional code main body comprises the authorization code, and the polling assembly periodically inquires the authorization state;
wherein, after the authentication of the open platform is completed, the method further comprises:
and further generating a corresponding bill identification under the condition of passing the authentication and authorization, wherein the bill identification is a unique identification related to the identity of the authorized user, and accessing the open platform according to the bill identification.
9. The open platform authentication system based on two-dimensional code scanning according to claim 8, wherein the third end is further configured to send the generated authorization result and the authorization code to the first end; and
the first end is further configured to access the open platform by using the authorization code when the generated authorization result represents that authorization is successful.
10. An open platform access system based on two-dimensional code scanning, comprising: a first end, a second end and a third end; wherein,
the first terminal is used for sending authentication request information for requesting authentication authorization to the third terminal, and the authentication request information comprises an identity identifier;
the third end is used for receiving the authentication request information sent by the first end, identifying the identity of the user according to the identity identifier, and generating a two-dimensional code page under the condition that the identity identification is passed, wherein the two-dimensional code page comprises an authorization code;
the second end is used for scanning a two-dimensional code page generated by the third end, acquiring the authorization code and generating an authorization request, wherein the two-dimensional code does not contain user information and is only used for inquiring the current authorization state;
the third end is further configured to, when receiving an authorization request sent by the second end, update an authorization state based on the authorization request and the authorization code and generate a corresponding authorization result, and send the generated authorization result and the authorization code to the first end through a callback address or in a real-time communication manner; and
the first end is further used for accessing the open platform by using the authorization code when receiving an authorization result which is sent by the third end and represents successful authorization;
the third end is further used for monitoring an authorization state, and if the authorization timeout is monitored, a two-dimensional code page is regenerated, wherein the two-dimensional code page comprises a two-dimensional code main body and a polling assembly, the two-dimensional code main body comprises the authorization code, and the polling assembly periodically inquires the authorization state; and the third end is used for further generating a corresponding bill identifier after the authentication of the open platform is completed, and accessing the open platform according to the bill identifier.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711432082.7ACN109962897B (en) | 2017-12-26 | 2017-12-26 | Open platform authentication and access method and system based on two-dimensional code scanning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711432082.7ACN109962897B (en) | 2017-12-26 | 2017-12-26 | Open platform authentication and access method and system based on two-dimensional code scanning |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109962897A CN109962897A (en) | 2019-07-02 |
| CN109962897Btrue CN109962897B (en) | 2022-04-12 |
Family
ID=67022121
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711432082.7AActiveCN109962897B (en) | 2017-12-26 | 2017-12-26 | Open platform authentication and access method and system based on two-dimensional code scanning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109962897B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112953929A (en)* | 2021-02-08 | 2021-06-11 | 普华诚信信息技术有限公司 | Multi-application system authentication and authorization method and system based on unified authentication identifier for multiple authentication terminals |
| CN114117389A (en)* | 2021-11-03 | 2022-03-01 | 浪潮软件股份有限公司 | A method of precise authorization |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023917A (en)* | 2012-12-26 | 2013-04-03 | 百度在线网络技术(北京)有限公司 | Method, system and device for authorization aiming at intelligent household electrical appliance |
| CN103067381A (en)* | 2012-12-26 | 2013-04-24 | 百度在线网络技术(北京)有限公司 | Third-party service login method, login system and login device by means of platform-party account |
| CN104253784A (en)* | 2013-06-25 | 2014-12-31 | 腾讯科技(深圳)有限公司 | Logging and authorization method and system |
| CN106921639A (en)* | 2015-12-28 | 2017-07-04 | 航天信息股份有限公司 | Mobile digital certificate application method and device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8850542B2 (en)* | 2012-08-09 | 2014-09-30 | Desire2Learn Incorporated | Code-based authorization of mobile device |
| CN103532971B (en)* | 2013-10-24 | 2017-01-25 | 北京星网锐捷网络技术有限公司 | Authentication method, device and system based on two-dimensional code |
- 2017
- 2017-12-26CNCN201711432082.7Apatent/CN109962897B/enactiveActive
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023917A (en)* | 2012-12-26 | 2013-04-03 | 百度在线网络技术(北京)有限公司 | Method, system and device for authorization aiming at intelligent household electrical appliance |
| CN103067381A (en)* | 2012-12-26 | 2013-04-24 | 百度在线网络技术(北京)有限公司 | Third-party service login method, login system and login device by means of platform-party account |
| CN104253784A (en)* | 2013-06-25 | 2014-12-31 | 腾讯科技(深圳)有限公司 | Logging and authorization method and system |
| CN106921639A (en)* | 2015-12-28 | 2017-07-04 | 航天信息股份有限公司 | Mobile digital certificate application method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109962897A (en) | 2019-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4742903B2 (en) | Distributed authentication system and distributed authentication method | |
| CN103746812B (en) | A kind of access authentication method and system | |
| JP5571854B2 (en) | User account recovery | |
| DK2924944T3 (en) | Presence authentication | |
| US20140096205A1 (en) | Login method, open platform identification method, open platform and open platform system | |
| US9419974B2 (en) | Apparatus and method for performing user authentication by proxy in wireless communication system | |
| US9787678B2 (en) | Multifactor authentication for mail server access | |
| CN105007579A (en) | Wireless local area network access authentication method and terminal | |
| JP2009519515A (en) | Method, system, and apparatus for protecting a service account | |
| FI128171B (en) | Network authentication | |
| CN104702562B (en) | Terminal fused business cut-in method, system and terminal | |
| CN107819728B (en) | Network authentication method and related device | |
| KR20250099091A (en) | Cross authentication method and system between online service server and client | |
| CN109962897B (en) | Open platform authentication and access method and system based on two-dimensional code scanning | |
| KR102558821B1 (en) | System for authenticating user and device totally and method thereof | |
| WO2025007975A1 (en) | Authorization login method and apparatus | |
| KR102246240B1 (en) | Smart device and apparatus for authenticating IoT device and method thereof | |
| CN1885770B (en) | an authentication method | |
| CN114500074B (en) | Single-point system security access method and device and related equipment | |
| CN115834114A (en) | Method for logging in bastion machine, system and storage medium | |
| JP2023081604A (en) | Authentication system, authentication terminal, authentication server and authentication program | |
| CN114844674A (en) | Dynamic authorization method, system, electronic device and storage medium | |
| CN114615309A (en) | Client access control method, device and system, electronic equipment and storage medium | |
| CN111726331A (en) | Code scanning login information processing method | |
| JP6322590B2 (en) | Terminal detection system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |