Search

CN-122003898-A - Information processing method, apparatus, communication system, and storage medium

CN122003898ACN 122003898 ACN122003898 ACN 122003898ACN-122003898-A

Abstract

The embodiment of the disclosure provides an information processing method, information processing equipment, a communication system and a storage medium. The information processing method is executed by the first device and comprises the steps of receiving a first message sent by the second device, wherein the first message comprises a first identifier, the first identifier is the identifier of the second device, and the first message is used for requesting related authorization for the second device.

Inventors

  • LIANG HAORAN
  • LU WEI

Assignees

  • 北京小米移动软件有限公司

Dates

Publication Date
20260508
Application Date
20240811

Claims (20)

  1. An information processing method, performed by a first device, comprising: and receiving a first message sent by a second device, wherein the first message comprises a first identifier, the first identifier is an identifier of the second device, and the first message is used for requesting related authorization for the second device.
  2. The method of claim 1, wherein the first message is used to request a related authorization of the second device for a third device; Wherein the second device is in a first domain with the first device and the third device is in a second domain.
  3. The method according to claim 1 or 2, wherein the first message further comprises at least one of: a second identity, wherein the second identity is an identity of a resource owner; Service information, wherein the service information is used for indicating services which need to be authorized; service operation information, wherein the service operation information is used for indicating service operation which needs to be authorized; service API information, wherein the service API information is used for indicating a service API which needs to be authorized; Type information, wherein the type information is used for indicating the type of data which needs to be authorized; Destination information, wherein the destination information is used for indicating a data processing destination that needs to be authorized.
  4. A method according to any one of claims 1 to 3, further comprising: Sending a second message to a fourth device, wherein the second message comprises the first identification, the second message being used for requesting related authorization for the second device; Receiving a first token sent by the fourth device, wherein the first token is generated after the fourth device determines that the second device is authorized based on the second message, and the first token comprises at least one of a first identifier, a second identifier, a third identifier, service information, service operation information, service API information, type information and destination information, wherein the third identifier is the identifier of the fourth device; And sending the first token to the second device.
  5. The method of claim 4, wherein the third flag is set to a publisher of the first token claim and the first flag is set to a principal of the first token claim.
  6. The method of claim 4, wherein the sending the second message to the fourth device comprises at least one of: Transmitting the second message to a fourth device in case at least one of the service information, the service operation information, and the service API information matches a service API found from the fourth device; Transmitting the second message to the fourth device in case it is determined that at least one of the service information, the service operation information, and the service API information matches the fourth device release service API; Transmitting the second message to the fourth device in case it is determined that at least one of the service information, the service operation information, and the service API information matches a service published by the fourth device; Transmitting the second message to the fourth device in case it is determined that at least one of the service information, the service operation information, and the service API information matches a service operation issued by the fourth device; And sending the second message to the fourth device under the condition that the service API corresponding to at least one of the type information and the destination information is matched with the service API issued by the fourth device.
  7. The method of claim 6, wherein the sending the second message to the fourth device comprises: And in the case that the fifth device in the same domain as the first device cannot provide at least one of the service information, the service operation information and the service API information, sending the second message to the fourth device.
  8. The method according to claim 6 or 7, wherein the fourth device treats the first identity as an authenticated first identity.
  9. A method according to any one of claims 1 to 3, further comprising: Generating a second token under the condition that the second equipment is authorized based on the first message and the authorization information, wherein the authorization information is at least used for indicating that the second equipment corresponding to the first identifier has the right to access at least one of service information, service operation information and service API information; And sending the second token to the second device.
  10. The method of claim 9, wherein the fourth identification is set to a publisher of the second token claim and the first identification is set to a principal of the second token claim.
  11. The method according to claim 6 or 10, characterized in that the further comprises at least one of the following: Acquiring the authorization information sent by the fourth equipment in the service information discovery stage And acquiring the authorization information configured by the fourth equipment in the service information release stage.
  12. The method of claim 11, wherein the method further comprises: Receiving a third message sent by the fourth device; Transmitting a first response to the fourth device; Wherein the third message comprises a second token, the third message is used for requesting to verify the second token, and the first response comprises a verification result of verifying the second token, or The third message is used to request authentication of the key of the second token, the first response includes authentication of the key of the second token, or The third message is for requesting verification of a certificate of the second token, and the first response includes verification of a certificate of the second token.
  13. An information processing method, characterized by being executed by a fourth device, comprising: And receiving a second message sent by the first device, wherein the second message comprises a first identifier, the first identifier is an identifier of the second device, and the second message is used for requesting related authorization for the second device.
  14. The method of claim 13, wherein the second message is used to request a related authorization of the second device for a third device; Wherein the second device is in a first domain with the first device, and the third device and the fourth device are in a second domain.
  15. The method according to claim 13 or 14, wherein the second message further comprises at least one of: a second identity, wherein the second identity is an identity of a resource owner; Service information, wherein the service information is used for indicating services which need to be authorized; service operation information, wherein the service operation information is used for indicating service operation which needs to be authorized; service API information, wherein the service API information is used for indicating a service API which needs to be authorized; Type information, wherein the type information is used for indicating the type of data which needs to be authorized; Destination information, wherein the destination information is used for indicating a data processing destination that needs to be authorized.
  16. The method according to any one of claims 13 to 15, characterized in that the method comprises: Generating a first token under the condition that a second device is authorized based on the second message and authorization information, wherein the authorization information is at least used for indicating that the second device corresponding to the first identifier is authorized to access at least one of service information, service operation information and service API information, and the first token comprises at least one of a first identifier, a second identifier, a third identifier, service information, service operation information, service API information, type information and destination information; And sending the first token to the first device, wherein the first token is used for being sent to the second device by the first device.
  17. The method of claim 16, wherein the third flag is set to a publisher of the first token claim and the first flag is set to a principal of the first token claim.
  18. An information processing method, characterized by being executed by a fourth device, comprising: Transmitting authorization information to the first device, wherein the authorization information is at least used for indicating that the second device corresponding to the first identifier is authorized to access at least one of service information, service operation information and service API information; The first message is sent by the second device, the first message comprises a first identification, the first identification is the identification of the second device, and the first message is used for requesting related authorization for the second device.
  19. The method of claim 18, wherein the transmitting authorization information to the first device comprises at least one of: Transmitting the authorization information to the first device in a service information discovery phase; and sending the authorization information to the first equipment in a service information release stage.
  20. The method according to claim 18 or 19, characterized in that the method further comprises: Receiving a fourth message sent by the third device; Transmitting a third message to the first device; receiving a first response sent by the first device; transmitting a second response to the third device; Wherein the third message or the fourth message comprises a second token, the third message or the fourth message is used for requesting to verify the second token, the first response or the second response comprises a verification result for verifying the second token, or The third message or the fourth message is used for requesting to verify the key of the second token, the first response or the second response comprises the key for verifying the second token, or The third message or the fourth message is for requesting authentication of a credential of the second token, and the first response or the second response includes authentication of a credential of the second token.

Description

Information processing method, apparatus, communication system, and storage medium Technical Field The present disclosure relates to the field of communications technologies, and in particular, to an information processing method, an apparatus, a communications system, and a storage medium. Background In the field of communication technology, a generic application program interface (Application Program Interface, API) framework (Common API Framework, CAPIF) system is introduced. The CAPIF system may be used to authorize an API caller (invoker) to access a communication system, however, in the context of CAPIF interconnection, etc., the authorization process of the API caller is not yet clear. Disclosure of Invention Embodiments of the present disclosure need to address the issue of authorization of API callers in CAPIF interconnect scenarios. According to a first aspect of the embodiments of the present disclosure, an information processing method is provided, which is executed by a first device, and includes receiving a first message sent by a second device, where the first message includes a first identifier, the first identifier is an identifier of the second device, and the first message is used to request related authorization for the second device. According to a second aspect of the embodiments of the present disclosure, an information processing method is provided, which is executed by a fourth device, and includes receiving a second message sent by a first device, where the second message includes a first identifier, the first identifier is an identifier of the second device, and the second message is used to request related authorization for the second device. According to a third aspect of the embodiment of the disclosure, an information processing method is provided, which is executed by a fourth device and comprises the steps of sending authorization information to a first device, wherein the authorization information is at least used for indicating that a second device corresponding to a first identifier is authorized to access at least one of service information, service operation information and service API information, the authorization information and a first message are used for the first device to determine whether the second device is authorized or not, the first message is sent by the second device, the first message comprises the first identifier, the first identifier is the identifier of the second device, and the first message is used for requesting related authorization for the second device. According to a fourth aspect of the embodiments of the present disclosure, an information processing method is provided, which is executed by a second device and includes a first message sent to a first device, where the first message includes a first identifier, the first identifier is an identifier of the second device, and the first message is used to request related authorization for the second device. According to a fifth aspect of the embodiments of the present disclosure, an information processing method is provided, which is executed by a third device, and includes receiving a fifth message sent by the second device, where the fifth message includes a first token and a fourth message for requesting to invoke service information related to the first token, or the fifth message includes a second token and a fifth message for requesting to invoke service information related to the second token. According to a sixth aspect of the embodiment of the disclosure, an information processing method is provided, which comprises the steps that a second device sends a first message to a first device, wherein the first message comprises a first identifier, the first identifier is an identifier of the second device, the first message is used for requesting authorization of the second device, and the first device sends a second message to a fourth device, wherein the second message comprises the first identifier, and the second message is used for requesting authorization of the second device. According to a seventh aspect of the embodiments of the present disclosure, a first device is provided, including a first transceiver module configured to receive a first message sent by a second device, where the first message includes a first identifier, the first identifier is an identifier of the second device, and the first message is used to request related authorization for the second device. According to an eighth aspect of the embodiments of the present disclosure, there is provided a fourth device, including a second transceiver module configured to receive a second message sent by a first device, where the second message includes a first identifier, the first identifier is an identifier of the second device, and the second message is used to request related authorization for the second device. According to a ninth aspect of an embodiment of the present disclosure, there is provided a fourth device, inc