Service-Oriented Interface Authentication Method Based on Operating System Authorization Certificate

Abstract

The present invention provides a service-oriented interface authentication method based on the operating system authorization certificate, which uses the operating system authorization certificate as the only authentication data source for the application platform interface authorization authentication, that is, uses the operating system authorization certificate to verify whether the operating system is On the other hand, the operating system authorization certificate is used as the authentication data source for the application platform to authenticate third-party applications. During the start-up and operation of the application platform, while continuously checking whether the authorization certificate of the current operating system is valid, the application platform requires the third-party application to pass in user authentication information when receiving the interface call request of the third-party application. Use the operating system authorization certificate to verify whether the user authentication information is valid, and whether the third-party application program is authorized. The method of the invention can also authenticate the operating system (OS) where the interface provider is located while ensuring the authentication of the interface caller.

Description

technical field [0001] The invention relates to an interface authentication method, in particular to a service-oriented interface authentication method based on an operating system authorization certificate, which can also verify the operating system (OS) where the interface provider is located while ensuring the authentication of the interface caller. certified. Background technique [0002] At present, the interface authentication methods of the mainstream open platforms in the market are implemented by the interface authentication framework of OAuth2.0. The purpose of the OAuth2.0 interface authentication framework is to prevent third-party applications from obtaining the personal authentication information of the end user when using the open platform interface. The OAuth2.0 authentication framework uses an independent authentication center and resource center, combined with the authorization code (auth_code), Implementation of concepts such as access authorization code ...

AI Technical Summary

Problems solved by technology

In many customer scenarios, the open platform is deployed and run inside the local area network of the customer cluster environment, which is different from the Internet-oriented application mode of OAuth2.0 in the current market, so OAuth2.0 is not suitable for this scenario;

[0013] The λOAuth2.0 interface authentication framework uses a centralized authentication center, and the authentication data source is stored in the database. In the current mainstream application scenario, the authentication data source is scattered in the authorization certificates of each operating system in each customer LAN , causing the OAuth2.0 interface authentication framework to fail to connect with the operating system authorization certificate, so the OAuth2.0 interface authentication framework cannot work normally in this scenario

Images