Search

CN-121986465-A - Information processing method, device, system and storage medium

CN121986465ACN 121986465 ACN121986465 ACN 121986465ACN-121986465-A

Abstract

The embodiment of the disclosure discloses an information processing method, an information processing device and a computer readable storage medium, and relates to the technical field of communication. The information processing method comprises the steps of obtaining first information, wherein the first information comprises authorization related information related to a second node. According to the embodiment of the disclosure, the basis can be provided for further verification of the authorization-related information by acquiring the authorization-related information related to the second node.

Inventors

  • LIANG HAORAN
  • LU WEI

Assignees

  • 北京小米移动软件有限公司

Dates

Publication Date
20260505
Application Date
20240809

Claims (20)

  1. An information processing method, the method being performed by a first node, the method comprising: First information is acquired, wherein the first information comprises authorization related information related to the second node.
  2. The method of claim 1, wherein the obtaining the first information comprises: And receiving the first information sent by the second node, wherein the first information comprises authorization related information of a first resource owner related to the second node.
  3. The method of claim 1, wherein the obtaining the first information comprises: Transmitting second information to the second node, wherein the second information is used for requesting the second node to provide authorization related information of a first resource owner related to the second node; And receiving the first information sent by the second node, wherein the first information comprises authorization related information of a first resource owner related to the second node.
  4. A method according to claim 2 or 3, wherein the authorization-related information comprises at least one of the following information: Identification information of the first resource owner; Identification information of an API caller; resource information; A data type; Data processing purposes.
  5. The method according to claim 1, wherein the method further comprises: Third information is acquired, wherein the third information comprises authorization request related information of a second resource owner related to a third node, and the second resource owner is a resource owner expected by the first API caller.
  6. The method of claim 5, wherein the obtaining third information comprises: receiving the third information sent by the third node, or Receiving the third information sent by the first API caller; Wherein the third information is used to request authorization of the first API caller.
  7. The method according to claim 5 or 6, wherein the authorization request related information comprises at least one of the following information: Identification information of the second resource owner; Identification information of the first API caller; Service information, wherein the service information comprises at least one of a service, a service operation and a service API; resource information; A data type; Data processing purposes.
  8. The method according to claim 1, wherein the method further comprises: Transmitting fourth information to the second API caller, wherein the fourth information is used for notifying that the authorization of the second API caller is revoked, and the fourth information indicates the revoked authorization information; and receiving fifth information sent by the second API caller, wherein the fifth information is used for feeding back that the authorization is revoked.
  9. The method of claim 8, wherein the authorization information comprises at least one of: identification information of a first resource owner associated with the second node; Identification information of the second API caller; Service information, wherein the service information comprises at least one of a service, a service operation and a service API; identification information of a fourth node; resource information; A data type; Data processing purposes.
  10. The method according to claim 3 or 8, characterized in that the method further comprises: transmitting sixth information to a fourth node, wherein the sixth information is used for requesting the fourth node to provide address information of the second node; receiving seventh information sent by the fourth node, wherein the seventh information comprises address information of the second node; The sixth information comprises identification information of the first resource owner and/or identification information of the second API caller, wherein the first resource owner is related to the second node, and the second API caller runs on the second node.
  11. The method according to claim 3 or 8, characterized in that the method further comprises: transmitting eighth information to a fifth node, wherein the eighth information is used for requesting the fifth node to provide identification information of a second node; receiving ninth information sent by the fifth node, wherein the ninth information comprises identification information of the second node; Transmitting tenth information to a sixth node, wherein the tenth information is used for requesting the sixth node to provide address information of the second node, and the tenth information comprises identification information of the second node; receiving eleventh information sent by the sixth node, wherein the eleventh information comprises address information of the second node; the eighth information comprises identification information of the first resource owner and/or identification information of the second API caller, wherein the first resource owner is related to the second node, and the second API caller runs on the second node.
  12. The method according to any one of claims 1-4, further comprising: And verifying the authorization-related information.
  13. The method of claim 12, wherein if the authorization-related information includes identification information of a first resource owner associated with the second node, the verifying the authorization-related information includes: and verifying the identification information of the first resource owner based on the identification information of the resource owner subjected to identity authentication related to the second node.
  14. The method of claim 13, wherein the step of determining the position of the probe is performed, the method also includes at least one of: If the identification information of the resource owner after identity authentication is inconsistent with the identification information of the first resource owner, transmitting twelfth information for indicating that configuration of the authorization information fails to the second node; If the identification information of the resource owner after the identity authentication is inconsistent with the identification information of the first resource owner, refusing to accept the authorization related information; If the identification information of the resource owner after the identity authentication is inconsistent with the identification information of the first resource owner, refusing to store the authorization related information; If the identification information of the resource owner after the identity authentication is consistent with the identification information of the first resource owner, storing the authorization related information; If the identification information of the resource owner after the identity authentication is consistent with the identification information of the first resource owner, receiving the authorization related information; If the identification information of the resource owner after identity authentication is consistent with the identification information of the first resource owner, thirteenth information for indicating that authorization configuration is successful is sent to the second node; wherein the twelfth information further indicates that the second node configures authorization information related to the identification information of the authenticated resource owner.
  15. The method of claim 13, wherein if the authorization-related information does not include identification information of the first resource owner associated with the second node, the method further comprises: Associating identification information of the authenticated resource owner with the authorization-related information, or Mapping the data type and the data processing purpose included in the authorization related information into service information, and associating the identification information of the resource owner subjected to identity authentication with the service information, wherein the service information comprises at least one of service, service operation and service API.
  16. The method according to claim 5 or 6, characterized in that the method further comprises: and verifying the authorization request related information.
  17. The method of claim 16, wherein said verifying said authorization request-related information comprises: and verifying the identification information of the second resource owner based on the identification information of the resource owner subjected to identity authentication related to the third node.
  18. The method of claim 17, wherein the step of determining the position of the probe is performed, the method also includes at least one of: if the identification information of the resource owner after the identity authentication is inconsistent with the identification information of the second resource owner, fourteenth information for indicating that the configuration of the authorization information fails is sent to the third node; If the identification information of the resource owner after the identity authentication is inconsistent with the identification information of the second resource owner, refusing to accept the related information of the authorization request; if the identification information of the resource owner after the identity authentication is inconsistent with the identification information of the second resource owner, refusing to store the related information of the authorization request; If the identification information of the resource owner after identity authentication is inconsistent with the identification information of the second resource owner, terminating the authorization process related to the first API caller; The identification information of the resource owner after identity authentication is consistent with the identification information of the second resource owner, and the relevant information of the authorization request is stored; the identification information of the resource owner after identity authentication is consistent with the identification information of the second resource owner, and the relevant information of the authorization request is accepted; The identification information of the resource owner after identity authentication is consistent with the identification information of the second resource owner, and whether the service information included in the third information is matched with the data type and the data processing purpose is determined; The identification information of the resource owner after identity authentication is consistent with the identification information of the second resource owner, and whether the service information included in the third information is matched with the data processing purpose or not is determined; The fourteenth information further includes authorization information related to the identification information of the resource owner subjected to the identity authentication configured by the third node.
  19. The method of claim 17 or 18, further comprising at least one of: if the service information included in the third information is matched with the data type and the data processing purpose, executing an authorization process for the first API caller; If the service information included in the third information is matched with the data processing purpose, executing an authorization process for the first API caller; if the service information included in the third information is not matched with the data type and the data processing purpose, fifteenth information for indicating that the authorization request fails is sent to the third node; If the service information included in the third information is not matched with the data processing purpose, fifteenth information for indicating that the authorization request fails is sent to the third node; wherein the fifteenth information is used for indicating the data type and the data processing purpose included in the authorization request related information and is not matched with the service information included in the third information, or The fifteenth information is used for indicating that the data processing purpose included in the authorization request related information is not matched with the service information included in the third information.
  20. The method of claim 16, wherein said verifying said authorization request-related information comprises: If the corresponding authorization policy is determined according to the identification information of the second resource owner included in the authorization request related information, further determining whether the first API caller is authorized.

Description

Information processing method, device, system and storage medium Technical Field The present disclosure relates to the field of communications technologies, and in particular, to an information processing method, apparatus, system, and storage medium. Background The resource owner can use a generic application program interface (Application Programming Interface, API) framework (Common API Framework, CAPIF) to authorize an API caller (invoker) to access its own resources (e.g., location information). The resource owner may use the existing two authorization streams (i.e., authorization code stream, client credential stream) for authorization. Disclosure of Invention The embodiment of the disclosure provides an information processing method, equipment, a system and a storage medium. In a first aspect of the embodiments of the present disclosure, there is provided an information processing method, the method being performed by a first node, the method including: First information is acquired, wherein the first information comprises authorization related information related to the second node. In a second aspect of the embodiments of the present disclosure, there is provided an information processing method, the method being performed by a second node, the method including: First information is transmitted to a first node, the first information including authorization-related information related to the second node. In a third aspect of the embodiments of the present disclosure, there is provided an information processing method, the method being performed by a third node, the method including: Transmitting third information to the first node, the third information including authorization request related information of a second resource owner related to the third node; the third information is used for requesting to authorize the first API caller, and the second resource owner is the resource owner expected by the first API caller. A fourth aspect of the embodiments of the present disclosure provides an information processing method, the method being performed by a first API caller, the method comprising: Transmitting third information to the first node, the third information including authorization request related information of a second resource owner related to the third node; the third information is used for requesting to authorize the first API caller, and the second resource owner is the resource owner expected by the first API caller. A fifth aspect of the embodiments of the present disclosure provides an information processing method, the method being performed by a second API caller, the method comprising: Receiving fourth information sent by the first node, wherein the fourth information is used for notifying that the authorization of the second API caller is revoked, and the fourth information indicates revoked authorization information; And transmitting fifth information to the first node, wherein the fifth information is used for feeding back that the authorization is revoked. A sixth aspect of the embodiments of the present disclosure provides an information processing method, the method being performed by a fourth node, the method including: Receiving sixth information sent by the first node, wherein the sixth information is used for requesting the fourth node to provide address information of the second node; transmitting seventh information to the first node, the seventh information including address information of the second node; the sixth information comprises identification information of a first resource owner related to a second node and/or identification information of a second API (application program interface) caller, wherein the first resource owner is related to the second node, and the second API caller runs on the second node. A seventh aspect of the embodiments of the present disclosure provides an information processing method, the method being performed by a fifth node, the method including: receiving eighth information sent by the first node or the fourth node, wherein the eighth information is used for requesting the fifth node to provide the identification information of the second node; transmitting ninth information to the first node or the fourth node, wherein the ninth information comprises identification information of the second node; wherein the eighth information includes identification information of the first resource owner and/or identification information of the second API caller. An eighth aspect of the embodiments of the present disclosure provides an information processing method, the method being performed by a sixth node, the method including: Receiving tenth information sent by a first node or a fourth node, wherein the tenth information is used for requesting the sixth node to provide address information of a second node, and the tenth information comprises identification information of the second node; And transmitting eleventh information to the first n