Account login method, device, equipment, storage medium and program product
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- TENCENT TECHNOLOGY (SHENZHEN) CO LTD
- Filing Date
- 2022-04-12
- Publication Date
- 2026-07-07
AI Technical Summary
In cloud services, users need to enter different login information for multiple accounts, which makes the login process cumbersome and inefficient, and wastes device processing resources.
By receiving account association instructions in the management interface of the target management account, the user is redirected to the cloud service login interface to verify and establish the association between the target cloud service account and the target management account, thus enabling automatic login.
It improves the efficiency of cloud service account login, optimizes device resource utilization, and ensures the security of automatic login through a user authorization verification process.
Smart Images

Figure CN116961927B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of cloud technology, and in particular to an account login method, apparatus, device, storage medium, and computer program product. Background Technology
[0002] Cloud technology refers to a hosting technology that unifies hardware, software, and network resources within a wide area network (WAN) or local area network (LAN) to enable data computation, storage, processing, and sharing. With the development of cloud technology, the application of cloud services is becoming increasingly widespread.
[0003] In related technologies, each time a user logs in to a cloud service account, they need to enter the login information for that cloud service account. If a user has multiple cloud service accounts, they need to enter different login information each time they log in, which is cumbersome, resulting in low efficiency of cloud service account login and wasting device processing resources. Summary of the Invention
[0004] This application provides an account login method, apparatus, device, storage medium, and computer program product that can realize automatic login of cloud service accounts, improve account login efficiency, and ensure the security of automatic account login.
[0005] The technical solution of this application embodiment is implemented as follows:
[0006] This application provides an account login method, including:
[0007] In the account management interface corresponding to the target management account of the target object, an account association instruction is received. The account association instruction is used to instruct the establishment of an association relationship between the target management account and the cloud service account of the target object.
[0008] In response to the account association command, the user is redirected from the account management interface to the cloud service login interface.
[0009] The login interface of the cloud service is used to receive login information including the target cloud service account of the target object, and to verify the login information so as to return a verification success message after successful verification.
[0010] When a verification pass message is received for the login information, an association is established between the target cloud service account and the target management account;
[0011] When a login command is received for the target cloud service account, the target cloud service account is automatically logged in based on the association relationship to access the cloud services corresponding to the target cloud service account.
[0012] This application embodiment also provides an account login device, including:
[0013] The receiving module is used to receive an account association instruction from the account management interface corresponding to the target management account of the target object. The account association instruction is used to instruct the establishment of an association relationship between the target management account and the cloud service account of the target object.
[0014] The jump module is used to respond to the account association command and jump from the account management interface to the cloud service login interface;
[0015] The login interface of the cloud service is used to receive login information including the target cloud service account of the target object, and to verify the login information so as to return a verification success message after successful verification.
[0016] A module is established to establish an association between the target cloud service account and the target management account when a verification pass message is received for the login information.
[0017] The login module is used to automatically log in to the target cloud service account based on the association relationship when a login instruction for the target cloud service account is received, so as to realize the cloud service corresponding to the target cloud service account.
[0018] In the above scheme, the receiving module is further configured to present the account association function item corresponding to the cloud service in the account management interface corresponding to the target management account of the target object; and to receive the account association instruction in response to the trigger operation of the account association function item.
[0019] In the above scheme, the device further includes: a presentation module; the presentation module is used to present an account display area corresponding to the cloud service in the account management interface, the account display area being used to present cloud service accounts associated with the target management account; the login module is also used to present the login function item of the target cloud service account in the account display area; and to receive a login instruction for the target cloud service account in response to a trigger operation for the login function item.
[0020] In the above scheme, the verification pass message includes a refresh token corresponding to the target cloud service account. The refresh token is used to obtain a login token for automatically logging into the target cloud service account. The login module is further used to obtain the refresh token corresponding to the target cloud service account based on the association relationship and send the refresh token. When the validity verification of the refresh token is passed, the login token returned for the refresh token is received. Based on the login token, the target cloud service account is automatically logged in.
[0021] In the above scheme, after receiving the login token returned in response to the refresh token, the refresh token is in an invalid state. The login module is also used to receive the target refresh token corresponding to the target cloud service account; wherein, the target refresh token is used to obtain the target login token for the next automatic login to the target cloud service account.
[0022] In the above scheme, the verification pass message includes a target number of login tokens that are in a valid state corresponding to the target cloud service account; the login module is further configured to automatically log in to the target cloud service account using any one of the target number of login tokens based on the association relationship; the login module is further configured to control the target login token to switch from the valid state to the invalid state; when the number of login tokens in the invalid state reaches the target number, the association relationship between the target cloud service account and the target management account is terminated.
[0023] In the above scheme, when automatic login to the target cloud service account based on the association fails, the login module is further configured to present association prompt information, which prompts the user to re-establish the association between the target cloud service account and the target management account; the redirection module is further configured to present the re-association function item corresponding to the target cloud service account; when a trigger operation for the re-association function item is received, the user is redirected to the target login interface corresponding to the target cloud service account, where the account information of the target cloud service account is displayed.
[0024] In the above scheme, the login module is further configured to send a login request corresponding to the target cloud service account based on the association relationship. The login request includes the service address of the target service interface of the cloud service corresponding to the target cloud service account. When a notification message indicating that the login request has been verified is received, the module automatically logs in to the target cloud service account and jumps to the target service interface based on the service address.
[0025] In the above scheme, the receiving module is further configured to send application information of the account management application when the account management application corresponding to the account management interface is initially run; wherein, the application information is used to generate application verification information for identifying the account management application based on the application information; and to receive the application verification information returned in response to the application information, wherein the application verification information is used to perform legality verification on the account management application.
[0026] In the above scheme, the redirection module is further configured to respond to the account association instruction, sign the application verification information, and send the obtained signature information and the application verification information to the cloud service; wherein, the cloud service is configured to, after verifying the signature information, perform a legality verification on the account management application corresponding to the account management interface based on the application verification information, and return a verification pass message after the legality verification is passed; when the verification pass message is received, the user is redirected from the account management interface to the login interface of the cloud service.
[0027] This application also provides an electronic device, including:
[0028] Memory, used to store executable instructions;
[0029] The processor, when executing executable instructions stored in the memory, implements the account login method provided in the embodiments of this application.
[0030] This application also provides a computer-readable storage medium storing executable instructions, which, when executed by a processor, implement the account login method provided in this application.
[0031] This application also provides a computer program product, including a computer program or instructions, which, when executed by a processor, implement the account login method provided in this application.
[0032] The embodiments of this application have the following beneficial effects:
[0033] When an account association instruction is received through the account management interface corresponding to the target management account of the target object, indicating the establishment of an association between the target management account and the target object's cloud service account, the user is redirected from the account management interface to the cloud service login interface. This cloud service login interface receives login information including the target object's cloud service account and verifies the login information. Upon successful verification, a verification success message is returned. When a verification success message is received for the login information, the association between the target cloud service account and the target management account is established. Thus, when a login instruction is received for the target cloud service account, the user automatically logs into the target cloud service account based on the association, thereby enabling access to the cloud services corresponding to the target cloud service account.
[0034] In this way, a relationship can be established between the target management account and the target object's cloud service account based on the account management interface. This relationship enables automatic login of the cloud service account, improving the login efficiency and device resource utilization. At the same time, the relationship is established by the user entering login information and verifying the login information. That is, the establishment of the relationship is authorized by the user, which ensures the security of automatic login of the cloud service account. Attached Figure Description
[0035] Figure 1 This is a schematic diagram of the architecture of the account login system 100 provided in this application embodiment;
[0036] Figure 2 This is a schematic diagram of the structure of the electronic device 500 that implements the account login method provided in this application embodiment;
[0037] Figure 3 This is a flowchart illustrating the account login method provided in an embodiment of this application;
[0038] Figure 4 This is a schematic diagram of the cloud service account association process provided in the embodiments of this application;
[0039] Figure 5 This is a schematic diagram of the login process for the cloud service account provided in the embodiments of this application;
[0040] Figure 6 This is a flowchart illustrating the account login method provided in an embodiment of this application;
[0041] Figure 7 This is a flowchart illustrating the account login method provided in an embodiment of this application;
[0042] Figure 8 This is a schematic diagram of the login process for cloud services provided in related technologies;
[0043] Figure 9 This is a flowchart illustrating the account login method provided in the embodiments of this application. Detailed Implementation
[0044] To make the objectives, technical solutions, and advantages of this application clearer, the application will be further described in detail below with reference to the accompanying drawings. The described embodiments should not be regarded as limitations on this application. All other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.
[0045] In the following description, references are made to “some embodiments,” which describe a subset of all possible embodiments. However, it is understood that “some embodiments” may be the same subset or different subsets of all possible embodiments and may be combined with each other without conflict.
[0046] In the following description, the terms "first, second, third" are used merely to distinguish similar objects and do not represent a specific ordering of objects. It is understood that "first, second, third" may be interchanged in a specific order or sequence where permitted, so that the embodiments of this application described herein can be implemented in an order other than that illustrated or described herein.
[0047] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of this application only and is not intended to limit this application.
[0048] In the implementation of this application, the collection and processing of relevant data should strictly comply with the requirements of relevant laws and regulations, obtain the informed consent or separate consent of the personal information subject, and carry out subsequent data use and processing within the scope of laws and regulations and the authorization of the personal information subject.
[0049] Before providing a further detailed description of the embodiments of this application, the nouns and terms involved in the embodiments of this application will be explained, and the nouns and terms involved in the embodiments of this application shall be interpreted as follows.
[0050] 1) Client: An application that runs on a terminal and provides various services, such as an instant messaging client or a video playback client.
[0051] 2) In response, used to indicate the conditions or states on which the operation performed depends. When the conditions or states on which it depends are met, one or more operations performed may be performed in real time or with a set delay. Unless otherwise specified, there is no restriction on the order in which the multiple operations are performed.
[0052] 3) Central Authentication Service (CAS): An independent open instruction protocol designed to provide a reliable single sign-on method for web application systems.
[0053] This application provides an account login method, apparatus, device, storage medium, and computer program product that can realize automatic login of cloud service accounts, improve account login efficiency, and ensure the security of automatic account login.
[0054] The following describes the implementation scenarios of the account login method provided in the embodiments of this application. See also Figure 1 , Figure 1 This is a schematic diagram of the architecture of the account login system 100 provided in this application embodiment. In order to support an exemplary application, the terminal 400 connects to the server 200 through the network 300. The network 300 can be a wide area network or a local area network, or a combination of the two, and data transmission is achieved using wireless or wired links.
[0055] Terminal 400 (which may have an account management application installed with an account management interface) is used to present the account management interface corresponding to the target management account of the target object, and receive the account association instruction based on the account management interface; in response to the account association instruction, it jumps from the account management interface to the login interface of the cloud service; based on the login interface, it receives the login information including the target cloud service account of the target object, and sends the login information to server 200;
[0056] Server 200 (which can be the cloud server of the cloud service corresponding to the target cloud service account) is used to receive the login information sent by terminal 400, verify the login information, and obtain the verification result; when the verification result indicates that the login information has been verified, a verification success message is returned to terminal 400.
[0057] Terminal 400 is used to receive a verification message returned for login information; establish an association between the target cloud service account and the target management account; and respond to a login command for the target cloud service account by automatically logging into the target cloud service account based on the association, so as to realize the cloud services corresponding to the target cloud service account, such as displaying the service interface of the cloud service corresponding to the target cloud service account.
[0058] In some embodiments, the account login method provided in this application can be implemented by various electronic devices. For example, it can be implemented by a terminal alone, by a server alone, or by a terminal and a server working together. This application can be applied to various scenarios, including but not limited to cloud technology, artificial intelligence, smart transportation, and assisted driving. In practical applications, the electronic device implementing the account login provided in this application can be various types of terminal devices or servers.
[0059] In some embodiments, the account login method provided in this application can be implemented using cloud technology. Cloud technology refers to a hosting technology that unifies a series of resources such as hardware, software, and networks within a wide area network or local area network to achieve data computation, storage, processing, and sharing. Cloud technology is a general term for network technology, information technology, integration technology, management platform technology, and application technology applied based on the cloud computing business model. It can form a resource pool, be used on demand, and is flexible and convenient. Cloud computing technology will become an important support. The backend services of the technology network system require a large amount of computing and storage resources. As an example, a server (e.g., server 200) can be a cloud server that provides basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN, and big data and artificial intelligence platforms.
[0060] As an example, the terminal (e.g., terminal 400) can be a smartphone, tablet, laptop, desktop computer, smart voice interaction device (e.g., smart speaker), smart home appliance (e.g., smart TV), smartwatch, vehicle terminal, etc., but is not limited thereto. The terminal and the server can be directly or indirectly connected via wired or wireless communication, and this application embodiment does not limit this.
[0061] In some embodiments, the terminal or server can implement the account login method provided in this application by running a computer program. For example, the computer program can be a native program or software module in the operating system; it can be a native application (APP), that is, a program that needs to be installed in the operating system to run; it can also be a mini-program, that is, a program that only needs to be downloaded to the browser environment to run; or it can be a mini-program that can be embedded in any APP. In short, the above-mentioned computer program can be any form of application, module or plugin.
[0062] In some embodiments, multiple servers can form a blockchain, with each server being a node on the blockchain. Information connections can exist between each node in the blockchain, allowing for information transmission between nodes. Data related to the account login method provided in this application (e.g., the association between the target object's cloud service account and the target management account) can be stored on the blockchain.
[0063] The following describes an electronic device implementing the account login method provided in an embodiment of this application. See also... Figure 2 , Figure 2 This is a schematic diagram of the structure of the electronic device 500 that implements the account login method provided in this application embodiment. Taking the electronic device 500 as an example... Figure 1 Taking the terminal shown as an example, the electronic device 500 implementing the account login method provided in this application embodiment includes: at least one processor 510, a memory 550, at least one network interface 520, and a user interface 530. The various components in the electronic device 500 are coupled together through a bus system 540. It is understood that the bus system 540 is used to realize the connection and communication between these components. In addition to a data bus, the bus system 540 also includes a power bus, a control bus, and a status signal bus. However, for clarity, in... Figure 2 The general labeled all buses as Bus System 540.
[0064] The processor 510 can be an integrated circuit chip with signal processing capabilities, such as a general-purpose processor, a digital signal processor (DSP), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or any conventional processor, etc.
[0065] Memory 550 may be removable, non-removable, or a combination thereof. Memory 550 may optionally include one or more storage devices physically located away from processor 510. Memory 550 may include volatile memory or non-volatile memory, or both. The non-volatile memory may be read-only memory (ROM), and the volatile memory may be random access memory (RAM). The memory 550 described in this application embodiment is intended to include any suitable type of memory.
[0066] In some embodiments, memory 550 is capable of storing data to support various operations, examples of which include programs, modules, and data structures or subsets or supersets thereof, as illustrated below.
[0067] Operating system 551 includes system programs for handling various basic system services and performing hardware-related tasks, such as the framework layer, core library layer, driver layer, etc., for implementing various basic business functions and handling hardware-based tasks;
[0068] The network communication module 552 is used to reach other computing devices via one or more (wired or wireless) network interfaces 520, exemplary network interfaces 520 including: Bluetooth, WiFi, and Universal Serial Bus (USB), etc.
[0069] In some embodiments, the account login device provided in this application can be implemented in software. Figure 2 An account login device 553 stored in memory 550 is shown. It can be software in the form of programs and plug-ins, including the following software modules: receiving module 5531, jumping module 5532, establishing module 5533, and login module 5534. These modules are logical and can therefore be arbitrarily combined or further divided according to the functions they implement. The functions of each module will be described below.
[0070] The following describes the account login method provided in the embodiments of this application. In some embodiments, the account login method provided in the embodiments of this application can be implemented by various electronic devices. For example, it can be implemented by a terminal alone, by a server alone, or by a terminal and a server working together. Taking terminal implementation as an example, see [link to documentation]. Figure 3 , Figure 3 This is a flowchart illustrating the account login method provided in this application embodiment. The account login method provided in this application embodiment includes:
[0071] Step 101: The terminal receives the account association instruction on the account management interface corresponding to the target management account of the target object.
[0072] The account association instruction is used to instruct the establishment of an association between the target management account and the cloud service account of the target object.
[0073] In practical applications, the terminal can have an account management application installed that supports managing cloud service accounts. This application can be a client or a web-based application accessed via a web browser on the internet or corporate intranet. By running this application, the terminal displays an account management interface corresponding to the target management account. This means that the account management application is logged into the target management account, and this target management account belongs to the target entity. Based on this target management account, the account management interface allows for the management of at least one cloud service account belonging to the target entity.
[0074] Before managing at least one cloud service account of a target object through the account management interface, an association can be established between the target management account and the target object's cloud service account. In practice, the user can trigger an account association command in the account management interface to instruct the establishment of an association between the target management account and the target object's cloud service account. The terminal receives the account association command in the account management interface corresponding to the target object's target management account.
[0075] In some embodiments, the terminal may receive an account association instruction in the account management interface corresponding to the target management account of the target object in the following manner: the account association function item corresponding to the cloud service is presented in the account management interface corresponding to the target management account of the target object; and the account association instruction is received in response to the trigger operation for the account association function item.
[0076] In practical applications, the terminal can display the account association function items corresponding to the cloud service in the account management interface corresponding to the target management account of the target object. It should be noted that the number of cloud services can be one or multiple.
[0077] In practice, when presenting the account association function for a cloud service, various account association functions can be displayed for each cloud service. There can be one or more such functions. When there are multiple functions, a single function can be used to associate a cloud service account with a target management account. Users can trigger the account association function for a cloud service to execute an account association command, thereby instructing the establishment of an association between the target management account and the cloud service account. When the terminal receives a trigger operation for the account association function for a cloud service, it receives the account association command in response.
[0078] In some embodiments, when the account management application corresponding to the account management interface is initially run, application information of the account management application is sent; wherein, the application information is used to generate application verification information for identifying the account management application based on the application information; the application verification information returned in response to the application information is received, and the application verification information is used to perform legality verification on the account management application.
[0079] In practical applications, when a terminal initially runs the account management application corresponding to the account management interface, it needs to register with the cloud service. This means sending the application information of the account management application to the cloud server corresponding to the cloud service. This application information may include the name, identifier, and domain name address of the account management application. After receiving the application information, the cloud service generates application verification information to identify the account management application and returns it to the terminal. The terminal receives the application verification information returned for the application information. This application verification information is used to verify the legitimacy of the account management application. That is, based on this application verification information, the terminal verifies whether the account management application is registered with the cloud service. If it is, the legitimacy verification passes; otherwise, the legitimacy verification fails.
[0080] Step 102: In response to the account association command, the user is redirected from the account management interface to the cloud service login interface.
[0081] The cloud service login interface is used to receive login information from the target cloud service account of the target object, verify the login information, and return a verification success message after successful verification.
[0082] In practical applications, when a terminal receives an account association command, it responds by redirecting from the account management interface to the cloud service login interface. This cloud service can be a service application that provides cloud service resources. When the terminal redirects from the account management interface to the cloud service login interface, it is actually redirecting from the application where the account management interface is located to the cloud service (which can run on the same terminal as the application where the account management interface is located), thus presenting the cloud service login interface by running the cloud service.
[0083] In practice, the cloud service login interface can display three functions: an account function for entering the cloud service account, a password function for entering the cloud service account's password, and a login function for triggering a login command for the entered cloud service account. The entered cloud service account and corresponding password constitute the login information. Based on this, users can enter the login information of a target cloud service account on the cloud service login interface; this target cloud service account is the one the user has selected to bind to the target associated account.
[0084] When a terminal receives login information for a target cloud service account from a user on the cloud service login interface, it verifies this information. Specifically, it verifies whether the entered login information (including the cloud service account name and password) matches the actual cloud service account name and password. If they match, the verification is successful; otherwise, it fails. After successful login verification, the terminal can be redirected back to the application's account management interface from the cloud service login interface. Simultaneously, the cloud service can also return a verification success message to the application's account management interface. In practice, the login information verification process can also be implemented through the cloud server corresponding to the cloud service.
[0085] As an example, see Figure 4 , Figure 4 This is a schematic diagram of the cloud service account association process provided in this application embodiment. Here, in the account management interface corresponding to the target management account of the target object, the account association function item "Bind Account" corresponding to the cloud service (including cloud services 1-3) is presented. Here, each cloud service corresponds to two account association function items, which means that each cloud service can be associated with two cloud service accounts to the target management account, such as... Figure 4As shown in (1); in response to the trigger operation for the account association function item (i.e., the account association function item "Bind Account" corresponding to Cloud Service 3), the account association instruction corresponding to "Cloud Service 3" is received. At this time, in response to the account association instruction, the user is redirected from the account management interface to the login interface of the cloud service (i.e., Cloud Service 3), as shown in (1). Figure 4 As shown in (2).
[0086] In some embodiments, the terminal can jump from the account management interface to the cloud service login interface in the following way: in response to the account association instruction, it signs the application verification information and sends the obtained signature information and application verification information to the cloud service; wherein, the cloud service is used to perform legality verification on the account management application corresponding to the account management interface based on the application verification information after the signature information is verified, and return a verification pass message after the legality verification is passed; when the verification pass message is received, the terminal jumps from the account management interface to the cloud service login interface.
[0087] In practical applications, when a terminal controls the redirection from the account management interface to the cloud service login interface, it needs to verify the legitimacy of the account management application corresponding to the account management interface. Specifically, application verification information can be sent to the cloud service. To ensure that the application verification information is not tampered with during transmission, it can be signed to obtain signature information. This signature information, along with the application verification information, is then sent to the cloud service. The cloud service first verifies the signature information. After successful signature verification, it performs a legitimacy verification on the account management application corresponding to the account management interface based on the application verification information. Specifically, it verifies whether the received application verification information is from a registered account management application. If yes, the legitimacy verification passes; otherwise, it fails. Once the legitimacy verification passes, a verification success message is returned to the account management application, indicating that the terminal is allowed to redirect from the account management interface to the cloud service login interface. At this point, the terminal redirects from the account management interface to the cloud service login interface. In actual implementation, the above verification process for signature information and application verification information can be implemented through the cloud server corresponding to the cloud service.
[0088] Step 103: When a verification pass message is received for the login information, establish the association between the target cloud service account and the target management account.
[0089] In practical applications, when the terminal receives a verification message confirming the login information, an association is established between the target cloud service account and the target management account. Thus, when associating the target management account with the target cloud service account, the user needs to enter the target cloud service account's login information for authorization, and the association is only established after the login information is verified, ensuring the security of the cloud service account.
[0090] In some embodiments, the terminal may display an account display area corresponding to the cloud service in the account management interface. This account display area is used to display the cloud service account that has been associated with the target management account. Correspondingly, after establishing the association between the target cloud service account and the target management account, the terminal may display the login function item of the target cloud service account in the account display area. In response to the triggering operation of the login function item, the terminal receives a login instruction for the target cloud service account.
[0091] In practical applications, the terminal can display the account display area corresponding to the cloud service in the account management interface. This area displays the cloud service accounts associated with the target management account. It should be noted that there can be one or more cloud services. When displaying the account display area corresponding to a cloud service, each cloud service's account display area can be shown, meaning there is a one-to-one correspondence between the account display area and the cloud service. Based on this, after establishing the association between the target cloud service account and the target management account, the target cloud service account and its login function can be displayed in the account display area of the cloud service corresponding to the target cloud service account. Users can log in to the target cloud service account with one click through this login function. That is, when the terminal receives a trigger operation for the login function, it responds by receiving a login command for the target cloud service account.
[0092] As an example, see Figure 5 , Figure 5 This is a schematic diagram of the login process for a cloud service account provided in this application embodiment. Here, in the account management interface, the account display area corresponding to the cloud service (including cloud services 1-3) is presented, and in the account display area, the login function item "One-click Login" for the target cloud service account (including user01 and user02) is presented, such as... Figure 5 As shown in (1); in response to the triggering operation of the login function "one-click login" for the target cloud service account "user02", a login instruction for the target cloud service account "user02" is received. At this time, in response to the login instruction for the target cloud service account "user02", the target cloud service account "user02" is automatically logged in based on the association relationship, that is, the service interface of cloud service 2 corresponding to the target cloud service account "user02" is displayed, such as Figure 5 As shown in (2).
[0093] Step 104: When a login command is received for the target cloud service account, the target cloud service account is automatically logged in based on the association relationship to access the cloud services corresponding to the target cloud service account.
[0094] In practical applications, if the association between the target cloud service account and the target management account has been successfully established, when the terminal receives a login command for the target cloud service account, it can automatically log in to the target cloud service account based on the association, thereby enabling the cloud services corresponding to the target cloud service account.
[0095] In some embodiments, the verification pass message includes a refresh token corresponding to the target cloud service account. The refresh token is used to obtain a login token for automatically logging into the target cloud service account. Accordingly, the terminal can automatically log into the target cloud service account based on the association relationship in the following ways: obtain the refresh token corresponding to the target cloud service account based on the association relationship and send the refresh token; when the validity verification of the refresh token is passed, receive the login token returned for the refresh token; and automatically log into the target cloud service account based on the login token.
[0096] In practical applications, the verification success message returned by the cloud service to the application running the account management interface may include a refresh token corresponding to the target cloud service account. This refresh token is used to obtain a login token for automatically logging into the target cloud service. Specifically, after receiving the verification success message, the application running the account management interface on the terminal stores the refresh token carried in the verification success message along with the target cloud service account, so that it can be retrieved from the storage location when using the refresh token.
[0097] Once the terminal establishes an association between the target cloud service account and the target management account, and receives a login command for the target cloud service account in the account management interface, it responds to the login command by obtaining a refresh token corresponding to the target cloud service account based on the established association and sending the refresh token to the cloud server where the cloud service is located. After receiving the refresh token, the cloud server verifies its validity, i.e., whether the refresh token can be exchanged for a login token. When the cloud server passes the validity verification of the refresh token, it generates a login token for automatically logging into the target cloud service account and returns it to the application (i.e., the terminal) where the account management interface is located. At this time, the terminal (running the application where the account management interface is located) receives the login token returned for the refresh token, and automatically logs into the target cloud service account based on the login token. At the same time, it switches from the application where the account management interface is located to the service interface of the cloud service corresponding to the target cloud service account to realize the corresponding cloud service.
[0098] In some embodiments, after receiving the login token returned in response to the refresh token, the refresh token is in an invalid state, and the terminal receives the target refresh token corresponding to the target cloud service account; wherein, the target refresh token is used to obtain the target login token for the next automatic login to the target cloud service account.
[0099] In practical applications, once the terminal (running the application with the account management interface) receives the login token returned in response to the refresh token, the refresh token becomes invalid, meaning it is only used to obtain a login token once. At this point, the cloud server, while returning the login token, also returns the target refresh token corresponding to the target cloud service account to the terminal. This is so that the target login token can be obtained based on the target refresh token the next time the target cloud service account is automatically logged in.
[0100] See Figure 6 , Figure 6 This is a flowchart illustrating the account login method provided in this application embodiment, including: Step 201: Based on the association relationship, obtain the refresh token corresponding to the target cloud service account and send the refresh token; Step 202: After the validity verification of the refresh token is passed, receive the login token returned for the refresh token; Step 203: Based on the login token, automatically log in to the target cloud service account; Step 204: Control the refresh token to be in an invalid state and receive the target refresh token corresponding to the target cloud service account.
[0101] In some embodiments, the verification pass message includes a target number of login tokens that are in a valid state corresponding to the target cloud service account; accordingly, the terminal can automatically log in to the target cloud service account based on the association relationship in the following way: based on the association relationship, using any one of the target login tokens from the target number of login tokens, automatically log in to the target cloud service account;
[0102] Correspondingly, after automatically logging into the target cloud service account based on the target login token, the terminal can control the target login token to switch from an effective state to an invalid state; when the number of login tokens in an invalid state reaches the target number, the association between the target cloud service account and the target management account is terminated.
[0103] In practical applications, the verification message includes a target number of valid login tokens corresponding to the target cloud service account. Once the terminal establishes an association between the target cloud service account and the target management account, and receives a login command for the target cloud service account in the account management interface, it responds to the login command by automatically logging into the target cloud service account using any one of the target number of login tokens, based on the association. Simultaneously, after automatically logging into the target cloud service account using the target login token, the terminal controls the target login token to switch from a valid state to an invalid state.
[0104] Correspondingly, when the number of invalid login tokens reaches the target number, it indicates that the target cloud service account cannot be automatically logged in based on the association relationship. At this time, the association relationship between the target cloud service account and the target management account is terminated.
[0105] See Figure 7 , Figure 7 This is a flowchart illustrating the account login method provided in this application embodiment, including: Step 301: Based on the association relationship, automatically log in to the target cloud service account using any target login token from the target number of login tokens; Step 302: Control the target login token to switch from a valid state to an invalid state; Step 303: Determine whether the number of login tokens in the invalid state has reached the target number. If yes, proceed to step 304; if no, proceed to step 305; Step 304: Disconnect the association relationship between the target cloud service account and the target management account; Step 305: When a login instruction for the target cloud service account is received again, automatically log in to the target cloud service account using any login token in the valid state from the target number of login tokens based on the association relationship.
[0106] In some embodiments, when automatic login to the target cloud service account based on the association fails, the terminal may display an association prompt message, which prompts the user to re-establish the association between the target cloud service account and the target management account. Correspondingly, the terminal may also display a re-association function item corresponding to the target cloud service account. When a trigger operation for the re-association function item is received, the user is redirected to the target login interface corresponding to the target cloud service account, which displays the account information of the target cloud service account.
[0107] In practical applications, due to situations such as the dissolution or invalidation of association relationships, automatic login to the target cloud service account based on the association relationship may fail. When automatic login to the target cloud service account based on the association relationship fails, an association prompt message can be displayed, prompting the user to re-establish the association relationship between the target cloud service account and the target management account. Simultaneously, a re-association function corresponding to the target cloud service account can be displayed, allowing the user to re-establish the association relationship between the target cloud service account and the target management account. When a trigger operation for the re-association function is received, the user is redirected back to the target login interface corresponding to the target cloud service account. Since the association relationship between the target cloud service account and the target management account has already been established, the target login interface can also display the account information of the target cloud service account. This eliminates the need for the user to re-enter the account information when entering login information for the target cloud service account, reducing user operations and improving efficiency.
[0108] In some embodiments, the terminal can automatically log in to the target cloud service account based on the association relationship in the following manner: based on the association relationship, a login request for the corresponding target cloud service account is sent, the login request including the service address of the target service interface of the cloud service corresponding to the target cloud service account; when a notification message indicating that the login request has been verified is received, the terminal automatically logs in to the target cloud service account and jumps to the target service interface based on the service address.
[0109] In practical applications, when a terminal automatically logs into a target cloud service account based on an association, it sends a login request for the target cloud service account to the cloud server corresponding to that account. This login request includes the service address of the target service interface for the cloud service associated with the target account. This service address can be pre-set, such as a frequently used interface or a user's most recently used interface. The cloud server verifies the login request and, upon successful verification, returns a notification message to the terminal indicating successful verification. Upon receiving this notification message, the terminal automatically logs into the target cloud service account and is redirected to the target service interface based on the service address. This reduces the number of steps required for users to access cloud services and improves efficiency.
[0110] Meanwhile, after automatically logging into the target cloud service account through the account management interface, the terminal is actually redirected from the account management application to the cloud service corresponding to the target cloud service account. In this way, cloud service resources are reused, eliminating the need for redevelopment of cloud services based on account management, thus reducing development costs.
[0111] Applying the above embodiments of this application, when an account association instruction is received from the account management interface corresponding to the target management account of the target object, indicating the establishment of an association between the target management account and the cloud service account of the target object, the user is redirected from the account management interface to the login interface of the cloud service. This login interface receives login information including the target cloud service account of the target object and verifies the login information, returning a verification success message upon successful verification. When a verification success message is received for the login information, an association between the target cloud service account and the target management account is established. Thus, when a login instruction for the target cloud service account is received, the user automatically logs into the target cloud service account based on the association, thereby enabling access to the cloud service corresponding to the target cloud service account.
[0112] In this way, a relationship can be established between the target management account and the target object's cloud service account based on the account management interface. This relationship enables automatic login of the cloud service account, improving the login efficiency and device resource utilization. At the same time, the relationship is established by the user entering login information and verifying the login information. That is, the establishment of the relationship is authorized by the user, which ensures the security of automatic login of the cloud service account.
[0113] The following describes an exemplary application of the embodiments of this application in a real-world application scenario.
[0114] See Figure 8 , Figure 8 This is a schematic diagram of the login process for cloud services provided in related technologies. In these technologies, CAS (Single Sign-On) is typically used to implement cloud service login. Specifically, when logging into different cloud services, each login attempt redirects to a unified CAS system. Users enter their login information in the CAS system to log in, and then are redirected to the corresponding cloud service. These technologies have the following problems: 1) The CAS system has its own account system. When integrating cloud services, the account system of the cloud services needs to be modified to adapt to the unified CAS system, resulting in high modification costs. 2) Using a unified CAS account system, a user may use the same CAS account to log into different cloud services. In practical applications, different cloud service accounts correspond to different cloud service permissions to operate different cloud service resources. If CAS is used, users can only log into different cloud services with one account, leading to a lack of differentiated permission control and unauthorized access issues. 3) When a user has multiple cloud service accounts, they need to enter different cloud service accounts to log into the corresponding cloud services, which is cumbersome.
[0115] Based on this, embodiments of this application provide an account login method to at least solve the aforementioned problems. In these embodiments, when a target object (i.e., a user) corresponds to at least one cloud service account, an account management application is provided for managing the at least one cloud service account. This account management application can be a web application or a client application. While ensuring security, by binding multiple cloud service accounts of the target object to a target management account in the account management application, an association is established between the multiple cloud service accounts of the target object and the target management account. Based on this association, users can automatically log in to the corresponding cloud service by selecting different cloud service accounts, helping them quickly log in to different cloud services, improving login efficiency and the processing efficiency of relevant cloud service operation and maintenance personnel.
[0116] See below. Figure 4 and Figure 5 First, the account login method provided in this application embodiment will be described from the product side. In practical applications, the target object can create corresponding cloud service accounts on various cloud services. The target object can bind its cloud service accounts on different cloud services to the target management account corresponding to the target management application in the account management interface of the account management application.
[0117] In practice, the account management interface displays a "Bind Account" function for the target cloud service. When a trigger operation is received for this "Bind Account" function, the user is redirected from the account management interface to the target cloud service's login interface. This login interface allows the user to enter the login information for the target cloud service account, enabling them to authorize login by entering their username and password. Upon receiving the entered login information, the system verifies it and logs in successfully. After successful login, the user is redirected back to the account management interface. This establishes the association between the target management account on the account management interface and the target cloud service account on the target cloud service.
[0118] For the target cloud service accounts that have already established a relationship, the account management interface can display the login function "One-Click Login" corresponding to the target cloud service account. When a trigger operation is received for the login function "One-Click Login" corresponding to the target cloud service account, the interface is called to automatically log in to the target cloud service corresponding to the target cloud service account based on the relationship established above, so as to provide cloud services.
[0119] When the aforementioned association is terminated, i.e. the binding expires or is unbound, or the target cloud service account is bound to another management account, if you log in again through the "one-click login" function corresponding to the target cloud service account, a prompt message will be displayed to indicate that the binding has expired and needs to be re-bound. At this time, the association between the target cloud service account and the target management account can be re-established.
[0120] See below. Figure 9 The following section will continue to describe the account login method provided in the embodiments of this application from a technical perspective. Figure 9 This is a flowchart illustrating the account login method provided in this application embodiment. The account login method provided in this application embodiment includes:
[0121] Step 1: The account management application sends application information (including the name and domain name of the account management application) to the cloud service.
[0122] Step 2: The cloud service generates application verification information (i.e., client_id / client_secret) based on the application information and returns the application verification information to the account management application.
[0123] In practical applications, for security reasons, each cloud service needs to generate a pair of client_id and client_secret to return to the account management application. The client_id and client_secret are used to determine and identify the identity of the account management application accessing the cloud platform.
[0124] Specifically, the account management application needs to provide application information (such as name, callback domain name required by the OIDC protocol (used to verify the callback address), etc.) to the cloud service. The cloud service generates a client_id and client_secret pair based on the application information provided by the account management application and sends it to the account management application. Simultaneously, it binds the client_id and client_secret to the domain name provided by the account management application. The account management application then associates the client_id and client_secret returned by the cloud platform with the corresponding cloud platform. It should be noted that the client_id and client_secret generated by different cloud services are different.
[0125] Step 3: In response to the account association command for the target cloud service account, the user is redirected from the account management interface to the cloud service login interface.
[0126] In practical applications, when the target cloud service account and the target management account are not bound together, clicking the "Bind Account" function item corresponding to the cloud service can trigger an account binding command, thereby sending an account binding request to the cloud service. This account binding request can include the page address of the cloud service's login interface, thus redirecting the user to the cloud service's login interface, i.e., the login authorization page. An example of the login authorization page address is as follows: http: / / cloud service main domain / oidc / authorize?client_id=xxx&state=xxxx&redirect_uri=xxx&signature=xxxxx.
[0127] Among them, 1) client_id: a unique ID assigned to the account management application; 2) state: unique content identifying the account management application, such as which cloud service it is, the management account ID of the account management application, etc., which will be synchronously returned to the account management application after cloud service authorization login; 3) redirect_uri: the address to be redirected back to the account management application after successful cloud service authorization; 4) signature: signature, which can be obtained through the following signature processing operation: a) sort the request parameters in the account binding request in ascending order according to the lexicographical order (i.e., ASCII code) of the parameter names; b) concatenate the request parameters according to the sorting result to obtain the string (client_id=xxx&state=xxxx&redirect_uri=xxxx); c) sign the concatenated string with HMAC-SHA256 and encode the signature result with BASE64. The key used for signing can be client_secret, which can prevent the transmitted data from being tampered with.
[0128] In practice, if a cloud service account has been bound but expired, the account binding request can also carry the following request parameters when rebinding, such as username (user_name), owner account (owner_uin), user account (user_uin), etc., so as to automatically fill in the login information of the cloud service account when redirected to the cloud service login page.
[0129] Step 4: The cloud service receives the login information of the target cloud service account entered on the login interface, verifies the login information, generates the corresponding refresh_token after successful verification, and returns the refresh_token to the account management application.
[0130] In practical applications, the cloud service performs signature verification on the parameters in the account binding request to ensure that the parameters are not tampered with during transmission. After the signature verification passes, the legality of the client_id and redirect_uri is verified. After the legality verification passes, the login information is received through the login interface, i.e., the normal login process is executed, and the login information is verified. After the login information is verified, the interface of the OIDC service is called to generate a refresh token (refresh_token). This refresh token is used to exchange for the login token (id_token) required for automatic login to the target cloud service. The user is then redirected to the account management interface of the account management application (i.e., the redirect_uri provided by the client). At the same time, the following parameters are returned: redirect_uri?state=xxxx&owner_uin=xx&uin=xx&user_name=xxx&refresh_token=xxx&signature=xxx. Wherein, a) state: a parameter included when the client is redirected to the cloud service login page, used to verify the client's uniqueness; b) owner_uin: the currently logged-in cloud service master account uin; c) uin: the currently logged-in cloud service account uin; d) user_name: the currently logged-in cloud service account username; e) refresh_token: a unique login token id_token used to exchange for the cloud service account, required for the next automatic login, and can also use AES symmetric encryption, where the key can be client_secret; f) signature: signature, consistent with the signature method in step 3.
[0131] Step 5: The account management application saves data based on the parameters returned by the cloud service, saving the returned user information and refresh_token, and associating them with the current cloud service.
[0132] Step 6: Select the target cloud service account that is already bound to a cloud service, click login, and use refresh_token to obtain the id_token required for login.
[0133] In practical applications, this can be achieved by sending the parameter "http: / / cloud service main domain / oidc / getldToken?client_id=xxx&refresh_token=xxx&signature=xxx" through an API call. Here, 1) client_id: a unique ID assigned to the client; 2) refresh_token: a token assigned after login authorization, which expires after one call; 3) signature: the signature.
[0134] Step 7: Generate id_token and return it.
[0135] Here, the cloud service verifies the signature based on the parameters passed in step 6 to ensure that the parameters are not tampered with during transmission, verifies the validity of the client_id, decrypts the refresh_token, and calls the OIDC service interface to obtain the id_token. Simultaneously, it invalidates the previous refresh_token and generates a new refresh_token, which is then returned to the account management application.
[0136] In practical applications, if a message indicates that the refresh_token has expired, the client needs to require the user to re-authorize and bind the target cloud service account and the target management account.
[0137] Step 8: The account management application uses the obtained id_token to assemble a login address, redirects to the cloud service login page, and automatically logs in to the target cloud service account.
[0138] In practical applications, step 8 includes the parameter http: / / cloud service main domain / oidc / login?client_id=xxx&id_token=xxx&redirect_path=xxx&signature=xxxxx. Here, 1) client_id: a unique ID assigned to the client; 2) id_token: a token required for user login, which expires after one use and can be encrypted using AES symmetric encryption; the key can be client_secret; 3) redirect_path: the path to the specific business page after logging into the cloud service; 4) signature: the signature.
[0139] Step 9: Access cloud services.
[0140] In practical applications, the cloud service verifies the signature based on the parameters passed in step 8 to ensure that the parameters are not tampered with during transmission, verifies the validity of the client_id, decrypts the id_token, and then calls the login interface to log in to the cloud service console. At the same time, it checks whether there is a redirect_path. If there is, it redirects to the specific business page; otherwise, it redirects to the cloud service homepage.
[0141] Applying the above embodiments of this application, (1) the account system and login process of each cloud service remain unchanged, and there is no need to modify the current cloud service login process to access single sign-on, ensuring that the account and permission system of cloud services are not damaged. (2) A separate multi-cloud account management system is implemented. In the system, each cloud service account is added through login authorization, and then a ticket for automatic login is generated for the next time. The next time, the cloud service account bound to different cloud services can be selected to achieve automatic login, which improves the efficiency of operation and maintenance personnel and also ensures that the permissions of different accounts can continue to be reused on the cloud platform, and seamless switching is achieved. (3) Existing accounts on each cloud platform are reused, and there is no need to add new accounts due to the introduction of the single sign-on system. (4) In the private cloud scenario, customers will deploy many private clouds, and each private cloud will be deployed for different regions. Each private cloud has a different account. As a result, the administrators need to remember their account and password in different environments. To log in to different environments, they need to enter different account and password, which is very troublesome and inefficient for the environment administrators. This application can help the administrators to manage their cloud service accounts conveniently. Under the premise of security, they can automatically log in to different private cloud services with one click to achieve efficient management.
[0142] It is understood that in the embodiments of this application, data related to user information, cloud service accounts, management accounts, login information, etc. are involved. When the embodiments of this application are applied to specific products or technologies, user permission or consent is required, and the collection, use and processing of related data must comply with the relevant laws, regulations and standards of the relevant countries and regions.
[0143] The following description continues to illustrate the exemplary structure of the account login device 553 provided in the embodiments of this application as a software module. In some embodiments, such as Figure 2As shown, the software modules stored in the account login device 553 in the memory 550 may include: a receiving module 5531, used to receive an account association instruction in the account management interface corresponding to the target management account of the target object, wherein the account association instruction is used to instruct the establishment of an association relationship between the target management account and the cloud service account of the target object; a jump module 5532, used to jump from the account management interface to the cloud service login interface in response to the account association instruction; wherein the cloud service login interface is used to receive login information including the target cloud service account of the target object, and verify the login information to return a verification success message after successful verification; an establishment module 5533, used to establish an association relationship between the target cloud service account and the target management account when a verification success message is received for the login information; and a login module 5534, used to automatically log in to the target cloud service account based on the association relationship when a login instruction for the target cloud service account is received, so as to realize the cloud service corresponding to the target cloud service account.
[0144] In some embodiments, the receiving module 5531 is further configured to present the account association function item corresponding to the cloud service in the account management interface corresponding to the target management account of the target object; and to receive the account association instruction in response to a trigger operation for the account association function item.
[0145] In some embodiments, the apparatus further includes: a presentation module; the presentation module is configured to present an account display area corresponding to the cloud service in the account management interface, the account display area being configured to present cloud service accounts associated with the target management account; the login module 5534 is further configured to present login function items of the target cloud service account in the account display area; and to receive a login instruction for the target cloud service account in response to a trigger operation on the login function items.
[0146] In some embodiments, the verification pass message includes a refresh token corresponding to the target cloud service account. The refresh token is used to obtain a login token for automatically logging into the target cloud service account. The login module 5534 is further used to obtain the refresh token corresponding to the target cloud service account based on the association relationship and send the refresh token. When the validity verification of the refresh token is passed, the login token returned for the refresh token is received. Based on the login token, the target cloud service account is automatically logged in.
[0147] In some embodiments, after receiving the login token returned in response to the refresh token, the refresh token is in an invalid state, and the login module 5534 is further configured to receive the target refresh token corresponding to the target cloud service account; wherein, the target refresh token is used to obtain the target login token for the next automatic login to the target cloud service account.
[0148] In some embodiments, the verification pass message includes a target number of login tokens that are in a valid state corresponding to the target cloud service account; the login module 5534 is further configured to automatically log in to the target cloud service account using any one of the target number of login tokens based on the association relationship; the login module 5534 is further configured to control the target login token to switch from the valid state to the invalid state; when the number of login tokens in the invalid state reaches the target number, the association relationship between the target cloud service account and the target management account is terminated.
[0149] In some embodiments, when automatic login to the target cloud service account based on the association fails, the login module 5534 is further configured to present association prompt information, which prompts the user to re-establish the association between the target cloud service account and the target management account; the redirection module 5532 is further configured to present the re-association function item corresponding to the target cloud service account; when a trigger operation for the re-association function item is received, the user is redirected to the target login interface corresponding to the target cloud service account, where the account information of the target cloud service account is displayed.
[0150] In some embodiments, the login module 5534 is further configured to send a login request corresponding to the target cloud service account based on the association relationship, wherein the login request includes the service address of the target service interface of the cloud service corresponding to the target cloud service account; when a notification message indicating that the login request has been verified is received, the target cloud service account is automatically logged in, and the user is redirected to the target service interface based on the service address.
[0151] In some embodiments, the receiving module 5531 is further configured to send application information of the account management application when the account management application corresponding to the account management interface is initially run; wherein, the application information is used to generate application verification information for identifying the account management application based on the application information; and to receive the application verification information returned in response to the application information, wherein the application verification information is used to perform legality verification on the account management application.
[0152] In some embodiments, the redirection module 5532 is further configured to, in response to the account association instruction, sign the application verification information and send the obtained signature information and the application verification information to the cloud service; wherein, the cloud service is configured to, after verifying the signature information, perform a legality verification on the account management application corresponding to the account management interface based on the application verification information, and return a verification pass message after the legality verification is passed; when the verification pass message is received, redirection is made from the account management interface to the login interface of the cloud service.
[0153] Applying the above embodiments of this application, when an account association instruction is received from the account management interface corresponding to the target management account of the target object, indicating the establishment of an association between the target management account and the cloud service account of the target object, the user is redirected from the account management interface to the login interface of the cloud service. This login interface receives login information including the target cloud service account of the target object and verifies the login information, returning a verification success message upon successful verification. When a verification success message is received for the login information, an association between the target cloud service account and the target management account is established. Thus, when a login instruction for the target cloud service account is received, the user automatically logs into the target cloud service account based on the association, thereby enabling access to the cloud service corresponding to the target cloud service account.
[0154] In this way, a relationship can be established between the target management account and the target object's cloud service account based on the account management interface. This relationship enables automatic login of the cloud service account, improving the login efficiency and device resource utilization. At the same time, the relationship is established by the user entering login information and verifying the login information. That is, the establishment of the relationship is authorized by the user, which ensures the security of automatic login of the cloud service account.
[0155] This application also provides a computer program product or computer program, which includes computer instructions stored in a computer-readable storage medium. A processor of a computer device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the computer device to perform the account login method provided in this application.
[0156] This application also provides a computer-readable storage medium storing executable instructions, which, when executed by a processor, will cause the processor to execute the account login method provided in this application.
[0157] In some embodiments, the computer-readable storage medium may be a memory such as FRAM, ROM, PROM, EPROM, EEPROM, flash memory, magnetic surface memory, optical disk, or CD-ROM; or it may be a variety of devices including one or any combination of the above-mentioned memories.
[0158] In some embodiments, executable instructions may take the form of a program, software, software module, script, or code, written in any form of programming language (including compiled or interpreted languages, or declarative or procedural languages), and may be deployed in any form, including as a standalone program or as a module, component, subroutine, or other unit suitable for use in a computing environment.
[0159] As an example, executable instructions may, but do not necessarily, correspond to files in a file system. They may be stored as part of a file that holds other programs or data, for example, in one or more scripts in a Hyper Text Markup Language (HTML) document, in a single file dedicated to the program in question, or in multiple collaborating files (e.g., a file that stores one or more modules, subroutines, or code sections).
[0160] As an example, executable instructions can be deployed to execute on a single computing device, or on multiple computing devices located in one location, or on multiple computing devices distributed across multiple locations and interconnected via a communication network.
[0161] The above description is merely an embodiment of this application and is not intended to limit the scope of protection of this application. Any modifications, equivalent substitutions, and improvements made within the spirit and scope of this application are included within the scope of protection of this application.
Claims
1. An account login method, characterized in that, The method includes: In the account management interface corresponding to the target management account of the target object, an account association instruction is received. The account association instruction is used to instruct the establishment of an association relationship between the target management account and the target cloud service account of the target object. In response to the account association instruction, the user is redirected from the account management interface to the cloud service login interface; wherein, the cloud service login interface is used to receive login information of the target cloud service account of the target object, and to verify the login information, so as to return a verification success message after successful verification. Once the login information is verified, the user is redirected from the cloud service login interface to the account management application corresponding to the account management interface. When a verification pass message is received for the login information, an association is established between the target cloud service account and the target management account; In the account management interface, an account display area corresponding to the cloud service is presented. The account display area is used to present the target cloud service account that has been associated with the target management account. The login function items of the target cloud service account are displayed in the account display area; In response to a trigger operation for the login function item, a login instruction for the target cloud service account is received; When a login command is received for the target cloud service account, the system automatically logs into the target cloud service account based on the association relationship, and jumps from the account management application to the cloud service corresponding to the target cloud service account, so as to realize the cloud service corresponding to the target cloud service account.
2. The method as described in claim 1, characterized in that, The process of receiving an account association instruction on the account management interface corresponding to the target management account of the target object includes: In the account management interface corresponding to the target management account of the target object, the account association function items corresponding to the cloud service are presented; In response to a trigger operation for the account association function item, the account association instruction is received.
3. The method as described in claim 1, characterized in that, The verification pass message includes a refresh token corresponding to the target cloud service account. The refresh token is used to obtain a login token for automatically logging into the target cloud service account. The automatic login to the target cloud service account based on the aforementioned association includes: Based on the aforementioned association, obtain the refresh token corresponding to the target cloud service account, and send the refresh token. Once the validity verification of the refresh token is successful, the login token returned in response to the refresh token is received; Based on the login token, the target cloud service account is automatically logged in.
4. The method as described in claim 3, characterized in that, After receiving the login token returned in response to the refresh token, the refresh token is in an invalid state, and the method further includes: Received the target refresh token corresponding to the target cloud service account; The target refresh token is used to obtain a target login token for the next automatic login to the target cloud service account.
5. The method as described in claim 1, characterized in that, The verification pass message includes the target number of login tokens that are in a valid state corresponding to the target cloud service account; The automatic login to the target cloud service account based on the aforementioned association includes: Based on the aforementioned association, the target cloud service account is automatically logged in using any one of the target number of login tokens. The method further includes: Control the target login token to switch from the valid state to the invalid state; When the number of login tokens in the invalid state reaches the target number, the association between the target cloud service account and the target management account is terminated.
6. The method as described in claim 1, characterized in that, When automatic login to the target cloud service account based on the aforementioned association fails, the method further includes: A connection prompt message is displayed, which is used to prompt the re-establishment of the connection between the target cloud service account and the target management account; The method further includes: Present the re-association function item corresponding to the target cloud service account; When a trigger operation is received for the re-association function item, the user is redirected to the target login interface corresponding to the target cloud service account, where the account information of the target cloud service account is displayed.
7. The method as described in claim 1, characterized in that, The automatic login to the target cloud service account based on the aforementioned association includes: Based on the association, a login request corresponding to the target cloud service account is sent, the login request including the service address of the target service interface of the cloud service corresponding to the target cloud service account; When a notification message indicating that the login request has been verified is received, the target cloud service account is automatically logged in.
8. The method as described in claim 1, characterized in that, Before receiving the account association instruction in the account management interface corresponding to the target management account of the target object, the method further includes: When the account management application corresponding to the account management interface is initially run, the application information of the account management application is sent. The application information is used to generate application verification information for identifying the account management application based on the application information. The system receives application verification information returned in response to the application information. This application verification information is used to verify the legitimacy of the account management application.
9. The method as described in claim 8, characterized in that, The step of responding to the account association instruction and redirecting from the account management interface to the cloud service login interface includes: In response to the account association instruction, the application verification information is signed, and the obtained signature information and the application verification information are sent to the cloud service; The cloud service is used to perform a legality check on the account management application corresponding to the account management interface based on the application verification information after the signature information has been verified, and to return a verification pass message after the legality check has been passed. When the verification pass message is received, the user is redirected from the account management interface to the cloud service login interface.
10. An account login device, characterized in that, The device includes: The receiving module is used to receive an account association instruction from the account management interface corresponding to the target management account of the target object. The account association instruction is used to instruct the establishment of an association relationship between the target management account and the target cloud service account of the target object. The jump module is used to respond to the account association instruction and jump from the account management interface to the cloud service login interface; wherein, the cloud service login interface is used to receive login information including the target cloud service account of the target object, and verify the login information, so as to return a verification success message after the verification is successful; when the verification of the login information is successful, the user is jumped from the cloud service login interface to the account management application corresponding to the account management interface. A module is established to establish an association between the target cloud service account and the target management account when a verification pass message is received for the login information. The presentation module is used to present the account display area corresponding to the cloud service in the account management interface. The account display area is used to present the target cloud service account that is associated with the target management account. The login module is used to display the login function item of the target cloud service account in the account display area; in response to the trigger operation of the login function item, receive a login instruction for the target cloud service account; when the login instruction for the target cloud service account is received, automatically log in to the target cloud service account based on the association relationship, and jump from the account management application to the cloud service corresponding to the target cloud service account, so as to realize the cloud service corresponding to the target cloud service account.
11. The apparatus according to claim 10, characterized in that, The receiving module is further configured to: In the account management interface corresponding to the target management account of the target object, the account association function items corresponding to the cloud service are presented; In response to a trigger operation for the account association function item, the account association instruction is received.
12. The apparatus according to claim 10, characterized in that, The verification pass message includes a refresh token corresponding to the target cloud service account. The refresh token is used to obtain a login token for automatically logging into the target cloud service account. The login module is also used for: Based on the aforementioned association, obtain the refresh token corresponding to the target cloud service account, and send the refresh token. Once the validity verification of the refresh token is successful, the login token returned in response to the refresh token is received; Based on the login token, the target cloud service account is automatically logged in.
13. An electronic device, characterized in that, The electronic device includes: Memory, used to store executable instructions; The processor, when executing executable instructions stored in the memory, implements the account login method according to any one of claims 1 to 9.
14. A computer-readable storage medium storing executable instructions, characterized in that, When the executable instructions are executed by the processor, they implement the account login method according to any one of claims 1 to 9.
15. A computer program product, comprising a computer program or instructions, characterized in that, When the computer program or instructions are executed by the processor, the account login method according to any one of claims 1 to 9 is implemented.