Service-orientated interface authentication method based on authorization certificate of operating system

Abstract

The invention provides a service-orientated interface authentication method based on an authorization certificate of an operating system. The authorization certificate of the operating system is used as an unique authentication data source for authorization authentication of an interface of an application platform, namely on the one hand, the authorization certificate of the operating system is used for verifying whether the operating system is authorized, and on the other hand, the authorization certificate of the operating system is used as the authentication data source for the application platform to authenticate a third-party application. During starting and running processes of the application platform, while the authorization certificate of the current operating system is valid is detected continuously, the application platform requests the third-party application to introduce user authentication information when receiving an interface call request of the third-party application, the application platform uses the authorization certificate of the operating system to verify whether the user authentication information is valid, and verify whether the third-party application is authorized. According to the method of the invention, the operating system (OS) where an interface provider is located can be authenticated while ensuring authentication of an interface calling party.

Description

technical field [0001] The invention relates to an interface authentication method, in particular to a service-oriented interface authentication method based on an operating system authorization certificate, which can also verify the operating system (OS) where the interface provider is located while ensuring the authentication of the interface caller. certified. Background technique [0002] At present, the interface authentication methods of the mainstream open platforms in the market are implemented by the interface authentication framework of OAuth2.0. The purpose of the OAuth2.0 interface authentication framework is to prevent third-party applications from obtaining the personal authentication information of the end user when using the open platform interface. The OAuth2.0 authentication framework uses an independent authentication center and resource center, combined with the authorization code (auth_code), Implementation of concepts such as access authorization code ...

AI Technical Summary

Problems solved by technology

In many customer scenarios, the open platform is deployed and run inside the local area network of the customer cluster environment, which is different from the Internet-oriented application mode of OAuth2.0 in the current market, so OAuth2.0 is not suitable for this scenario;

[0013] The λOAuth2.0 interface authentication framework uses a centralized authentication center, and the authentication data source is stored in the database. In the current mainstream application scenario, the authentication data source is scattered in the authorization certificates of each operating system in each customer LAN , causing the OAuth2.0 interface authentication framework to fail to connect with the operating system authorization certificate, so the OAuth2.0 interface authentication framework cannot work normally in this scenario

Images