Nothing Special   »   [go: up one dir, main page]

CN114697056A - Login method and device of billing system, storage medium and electronic equipment - Google Patents

Login method and device of billing system, storage medium and electronic equipment Download PDF

Info

Publication number
CN114697056A
CN114697056A CN202011582814.2A CN202011582814A CN114697056A CN 114697056 A CN114697056 A CN 114697056A CN 202011582814 A CN202011582814 A CN 202011582814A CN 114697056 A CN114697056 A CN 114697056A
Authority
CN
China
Prior art keywords
authorization
billing
party
party system
valid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011582814.2A
Other languages
Chinese (zh)
Other versions
CN114697056B (en
Inventor
戴晓栋
许芳函
董志勇
龚勇浩
聂慧萍
尹春天
张玉魁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aisino Corp
Original Assignee
Aisino Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aisino Corp filed Critical Aisino Corp
Priority to CN202011582814.2A priority Critical patent/CN114697056B/en
Publication of CN114697056A publication Critical patent/CN114697056A/en
Application granted granted Critical
Publication of CN114697056B publication Critical patent/CN114697056B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/04Billing or invoicing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/12Accounting
    • G06Q40/123Tax preparation or submission
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Development Economics (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present disclosure relates to a login method, device, storage medium and electronic device for an invoicing system, relating to the technical field of electronic information, wherein the method is applied to a third-party system, and comprises the following steps: and generating authorization request information according to the system identification and the authorization code of the third-party system, wherein the authorization code is sent to the third-party system by the authorization authentication system after the third-party system is registered on the authorization authentication system in advance. And sending the authorization request information to an authorization authentication system so that the authorization authentication system checks whether the authorization request information is valid or not, and sends an authorization token to the third-party system under the condition that the authorization request information is valid. And receiving the authorization token, and sending the specified service information and the authorization token to the billing system so that the billing system sends the authorization token to the authorization authentication system. And receiving and displaying an operation page indicated by the service information sent by the billing system to log in the billing system, wherein the operation page is sent by the billing system under the condition that the verification result indicates that the authorization token is valid.

Description

Login method and device of billing system, storage medium and electronic equipment
Technical Field
The present disclosure relates to the field of electronic information technologies, and in particular, to a login method and apparatus for an invoicing system, a storage medium, and an electronic device.
Background
With the continuous development of electronic information technology, the invoicing system is widely applied in the field of tax. Due to the important role of invoices in socioeconomic activities, there is a need in various commercial fields to use invoicing systems. However, the services related to the billing system are complex and professional, and a large amount of tax knowledge is needed to develop a new billing system independently, so that the development cost is high. Third party systems (e.g., shopping software, sales software, etc.) will typically complete the associated business via existing billing systems. In general, a third-party system authorizes to log in an invoicing system in an SSO (Single Sign On, chinese) manner, that is, interworking between an account number login system and the invoicing system is required, which may cause information leakage between the third-party system and the invoicing system, and reduce security.
Disclosure of Invention
In order to solve the problems in the prior art, the present disclosure aims to provide a login method and apparatus for an invoicing system, a storage medium, and an electronic device.
In order to achieve the above object, according to a first aspect of the embodiments of the present disclosure, there is provided a login method of an invoicing system, applied to a third party system, the method including:
generating authorization request information according to the system identification and the authorization code of the third-party system, wherein the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered on the authorization and authentication system in advance;
sending the authorization request information to the authorization authentication system so that the authorization authentication system checks whether the authorization request information is valid or not, and sends an authorization token to the third-party system under the condition that the authorization request information is valid;
receiving the authorization token, and sending the specified service information and the authorization token to a billing system so that the billing system sends the authorization token to the authorization authentication system, wherein the authorization authentication system is used for verifying whether the authorization token is valid and sending a verification result to the billing system;
and receiving and displaying an operation page indicated by the service information sent by the billing system to log in the billing system, wherein the operation page is sent by the billing system under the condition that the verification result indicates that the authorization token is valid.
Optionally, the sending the authorization request message to the authorization authentication system includes:
encrypting the authorization request information according to a specified private key, wherein the specified private key is sent to the third-party system by the authorization and authentication system after the third-party system is registered in the authorization and authentication system in advance;
sending the encrypted authorization request information to the authorization authentication system according to a preset transmission mode, wherein the transmission mode comprises the following steps: a predetermined transmission protocol, and/or a predetermined signature algorithm.
Optionally, the method further comprises:
sending registration information to the authorization authentication system so that the authorization authentication system registers the third-party system according to the registration information and generates the authorization code according to the registration information, wherein the registration information comprises the system identification, first billing information of the third-party system and second billing information of a user of the third-party system; receiving the authorization code sent by the authorization authentication system; and/or the presence of a gas in the gas,
and sending the opening request information to the authorization and authentication system so that the authorization and authentication system determines that the third-party system is in an opened state according to the system identification included in the opening request information.
According to a second aspect of the embodiments of the present disclosure, there is provided a login method of an invoicing system, applied to an authorization and authentication system, the method including:
receiving authorization request information sent by a third-party system, wherein the authorization request information is generated by the third-party system according to a system identifier of the third-party system and an authorization code, and the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered on the authorization and authentication system in advance;
verifying whether the authorization request information is valid, and sending an authorization token to the third-party system under the condition that the authorization request information is valid, so that the third-party system sends the specified service information and the authorization token to a billing system, wherein the billing system is used for sending the authorization token to the authorization authentication system;
and receiving and verifying whether the authorization token sent by the billing system is valid or not, and sending a verification result to the billing system so that the billing system sends an operation page indicated by the service information to the third-party system under the condition that the verification result indicates that the authorization token is valid, wherein the third-party system is used for receiving and displaying the operation page so as to log in the billing system.
Optionally, the verifying whether the authorization request information is valid includes:
if the authorization request information meets a preset condition, determining that the authorization request information is valid;
the preset conditions include one or more of the following:
the authorization code is valid;
the system identification and the authorization code match;
the third-party system indicated by the system identifier is in an opened state;
the receiving and verifying whether the authorization token sent by the billing system is valid includes:
if the current time is within the valid time range of the authorization token and the authorization token is not checked before the current time, determining that the authorization token is valid;
and if the current time is out of the valid time range or the authorization token is checked before the current time, determining that the authorization token is invalid.
Optionally, the method further comprises:
receiving registration information sent by the third-party system, wherein the registration information comprises the system identification, first billing information of the third-party system and second billing information of a user of the third-party system; registering the third-party system according to the registration information, and generating the authorization code according to the registration information; sending the authorization code to the third-party system; and/or the presence of a gas in the gas,
and receiving opening request information sent by the third-party system, and determining that the third-party system is in an opened state according to the system identification included in the opening request information.
According to a third aspect of the embodiments of the present disclosure, there is provided a login device of an invoicing system, applied to a third-party system, the device including:
the generation module is used for generating authorization request information according to the system identification and the authorization code of the third-party system, wherein the authorization code is sent to the third-party system by the authorization authentication system after the third-party system is registered on the authorization authentication system in advance;
the sending module is used for sending the authorization request information to the authorization authentication system so that the authorization authentication system checks whether the authorization request information is valid or not, and sends an authorization token to the third-party system under the condition that the authorization request information is valid;
the receiving module is used for receiving the authorization token and sending the specified service information and the authorization token to a billing system so that the billing system sends the authorization token to the authorization authentication system, and the authorization authentication system is used for verifying whether the authorization token is valid and sending a verification result to the billing system;
and the login module is used for receiving and displaying an operation page indicated by the service information sent by the billing system so as to log in the billing system, wherein the operation page is sent by the billing system under the condition that the verification result indicates that the authorization token is valid.
Optionally, the sending module is configured to:
encrypting the authorization request information according to a specified private key, wherein the specified private key is sent to the third-party system by the authorization and authentication system after the third-party system is registered in the authorization and authentication system in advance;
sending the encrypted authorization request information to the authorization authentication system according to a preset transmission mode, wherein the transmission mode comprises the following steps: a predetermined transmission protocol, and/or a predetermined signature algorithm.
Optionally, the sending module is further configured to:
sending registration information to the authorization authentication system so that the authorization authentication system registers the third-party system according to the registration information and generates the authorization code according to the registration information, wherein the registration information comprises the system identification, first billing information of the third-party system and second billing information of a user of the third-party system; receiving the authorization code sent by the authorization authentication system; and/or the presence of a gas in the gas,
and sending the opening request information to the authorization and authentication system so that the authorization and authentication system determines that the third-party system is in an opened state according to the system identification included in the opening request information.
According to a fourth aspect of the embodiments of the present disclosure, there is provided a login device of an invoicing system, which is applied to an authorization and authentication system, the device including:
the system comprises a receiving module, a receiving module and a processing module, wherein the receiving module is used for receiving authorization request information sent by a third-party system, the authorization request information is generated by the third-party system according to a system identifier of the third-party system and an authorization code, and the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered on the authorization and authentication system in advance;
the first processing module is used for verifying whether the authorization request information is valid or not and sending an authorization token to the third-party system under the condition that the authorization request information is valid so that the third-party system sends the specified service information and the authorization token to a billing system, and the billing system is used for sending the authorization token to the authorization authentication system;
the second processing module is used for receiving and verifying whether the authorization token sent by the billing system is valid or not, and sending a verification result to the billing system so that the billing system sends an operation page indicated by the service information to the third-party system under the condition that the verification result indicates that the authorization token is valid, and the third-party system is used for receiving and displaying the operation page so as to log in the billing system.
Optionally, the first processing module is configured to: if the authorization request information meets a preset condition, determining that the authorization request information is valid;
the preset conditions include one or more of the following:
the authorization code is valid;
the system identification and the authorization code match;
the third-party system indicated by the system identifier is in an opened state;
the second processing module is configured to: if the current time is within the valid time range of the authorization token and the authorization token is not checked before the current time, determining that the authorization token is valid; and if the current time is out of the valid time range or the authorization token is checked before the current time, determining that the authorization token is invalid.
Optionally, the receiving module is further configured to:
receiving registration information sent by the third-party system, wherein the registration information comprises the system identification, first billing information of the third-party system and second billing information of a user of the third-party system; registering the third-party system according to the registration information, and generating the authorization code according to the registration information; sending the authorization code to the third-party system; and/or the presence of a gas in the gas,
and receiving opening request information sent by the third-party system, and determining that the third-party system is in an opened state according to the system identification included in the opening request information.
According to a fifth aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method of the first aspect of embodiments of the present disclosure.
According to a sixth aspect of embodiments of the present disclosure, there is provided an electronic apparatus including:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to implement the steps of the method of the first aspect of an embodiment of the disclosure.
According to a seventh aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method of the second aspect of embodiments of the present disclosure.
According to an eighth aspect of embodiments of the present disclosure, there is provided an electronic apparatus including:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to implement the steps of the method of the second aspect of the embodiments of the present disclosure.
According to the technical scheme, the third-party system generates the authorization request information according to the system identification and the authorization code, wherein the authorization code is sent by the authorization system after the third-party system is registered on the authorization system. And then, the third-party system sends the authorization request information to the authorization authentication system. And the authorization authentication system verifies the authorization request information and sends an authorization token to the third-party system under the condition that the authorization request information is valid. And the third-party system sends the authorization token and the appointed service information to the billing system. And the billing system sends the authorization token to the authorization authentication system, the authorization authentication system verifies the authorization token, and the billing system sends the operation page indicated by the service information to the third-party system under the condition that the authorization token is valid. And finally, the third-party system receives and displays the operation page so as to log in the billing system. According to the third-party system, the authorization token sent by the authorization authentication system is obtained through the authorization code obtained in advance during registration of the authorization authentication system, so that the third-party system logs in the billing system by using the authorization token, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, the secondary login of a user is also not needed, the login operation is simplified, and the login efficiency is improved.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure without limiting the disclosure. In the drawings:
FIG. 1 is a schematic diagram illustrating a login system in accordance with an exemplary embodiment;
FIG. 2 is a flow chart illustrating a method of logging into an invoicing system in accordance with an exemplary embodiment;
FIG. 3 is a flow chart illustrating a method of logging into another billing system in accordance with an exemplary embodiment;
FIG. 4 is a flow chart illustrating a method of logging into another billing system in accordance with an exemplary embodiment;
FIG. 5 is a flow chart illustrating a method of logging into an invoicing system in accordance with an exemplary embodiment;
FIG. 6 is a flow chart illustrating a method of login for another billing system in accordance with an exemplary embodiment;
FIG. 7 is a block diagram illustrating a login device of a billing system in accordance with an exemplary embodiment;
FIG. 8 is a block diagram illustrating a login device of a billing system in accordance with an exemplary embodiment;
FIG. 9 is a block diagram illustrating an electronic device in accordance with an example embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
Before introducing the login method, apparatus, storage medium, and electronic device of the billing system provided by the present disclosure, an application scenario related to each embodiment in the present disclosure is first introduced, where the application scenario may be a login system, as shown in fig. 1, and includes: the third-party system can be understood as a system of business which needs to be provided by the invoicing system, such as shopping software, sales software and the like, and can be WEB-type software or PC-type software, and the disclosure does not specifically limit the system. The invoicing system can be understood as any existing invoicing system which can provide related services of electronic invoices, such as: issuing electronic invoices, printing electronic invoices, flushing, invalidating electronic invoices, inquiring tax control information, managing equipment, managing customer information, managing commodity information, inquiring inventory, managing ticket sources and the like. The authorization and authentication system can be understood as a CA (authentication Authority, chinese) trusted by both the third party system and the billing system. The third party system, the billing system and the authorization and authentication system may communicate with each other via any one of 5G (English: the 5th Generation mobile communication technology, Chinese: fifth Generation mobile communication technology), 4G (English: the 4th Generation mobile communication technology, Chinese: fourth Generation mobile communication technology), and WLAN (English: Wireless Local Area Networks, Chinese: Wireless Local Area Networks). Furthermore, data transmission can be performed among the third-party system, the billing system and the authorization authentication system according to HTTPS (Hyper Text Transfer Protocol over Secure packet Layer, Chinese) so as to ensure the security of data transmission.
Fig. 2 is a flowchart illustrating a login method of an invoicing system according to an exemplary embodiment, and as shown in fig. 2, the method is applied to a third party system, and includes the following steps:
step 101, generating authorization request information according to a system identifier and an authorization code of a third-party system, wherein the authorization code is sent to the third-party system by an authorization authentication system after the third-party system is registered in the authorization authentication system in advance.
For example, if a user needs to use the services provided by the billing system during the process of using the third-party system, the user can log in the billing system through the third-party system. The third party system may first issue a query message to query the user whether the third party system is authorized to log into the billing system. After the user confirms the inquiry information, authorization request information can be generated according to the system identification and the authorization code of the third-party system. The system identifier can uniquely identify the third-party system, and can be understood as a system ID, and the authorization code can be sent to the third-party system by the authorization authentication system after the third-party system is registered in advance on the authorization authentication system. The authorization code, which may be understood as a ClientKey, is a key assigned to a third party system by an authorization and authentication system. Different third-party systems correspond to different authorization codes, that is, the authorization and authentication system can uniquely determine the identity of the third-party system according to the authorization codes.
Step 102, sending the authorization request information to an authorization and authentication system, so that the authorization and authentication system checks whether the authorization request information is valid, and sends an authorization token to a third-party system under the condition that the authorization request information is valid.
Illustratively, the third-party system sends the authorization request information to the authorization authentication system, the authorization authentication system checks the authorization request information, if the authorization authentication system determines that the authorization request information is valid, an authorization Token (namely Token) can be generated according to a preset rule, and the authorization Token is sent to the third-party system, if the authorization authentication system determines that the authorization request information is invalid, the authorization request information can be disregarded, and first prompt information can also be returned to the third-party system to prompt a user that the third-party system cannot log in the invoicing system. It should be noted that the manner in which the authorization authentication system verifies the authorization request information may include whether the authorization code is valid, whether the verification system identifier is matched with the authorization code, and whether the third-party system indicated by the verification system identifier is in an opened state (the opened state is used to indicate that the third-party system can use the service provided by the billing system). Correspondingly, the authorization request information is valid, which can be understood as that the authorization authentication system confirms that the authorization code is valid, the system identifier is matched with the authorization code, and the third-party system indicated by the system identifier is in an opened state.
And 103, receiving the authorization token, and sending the specified service information and the authorization token to the billing system so that the billing system sends the authorization token to the authorization authentication system, wherein the authorization authentication system is used for verifying whether the authorization token is valid and sending a verification result to the billing system.
And step 104, receiving and displaying an operation page indicated by the service information sent by the billing system to log in the billing system, wherein the operation page is sent by the billing system under the condition that the verification result indicates that the authorization token is valid.
For example, after the third-party system receives the authorization token, the specified service information may be sent to the billing system together with the authorization token. The service information may be understood as information that can reflect which services the user needs to use, and may be, for example: issuing electronic invoices, printing electronic invoices, flushing, invalidating electronic invoices, inquiring tax control information, managing equipment, managing customer information, managing commodity information, inquiring inventory, managing ticket sources and the like. Further, the billing system may forward the authorization token to the authorization and authentication system, so that the authorization and authentication system verifies the authorization token. The authorization authentication system feeds back the verification result of the authorization token to the invoicing system so as to inform the invoicing system whether the authorization token is valid or not. Correspondingly, the billing system sends the operation page indicated by the service information to the third-party system under the condition that the verification result indicates that the system authorization token is valid, and the third-party system can be rejected if the billing system determines that the verification result indicates that the system authorization token is invalid. The operation page may be understood as a page capable of executing the service information, for example, if the service information is an electronic invoice, the operation page may be an invoicing page, and for example, if the service information is an electronic invoice query, the operation page may be a query page. And finally, the third-party system can receive and display the operation page, namely, the user logs in the billing system through the third-party system at the moment and can perform corresponding operation on the operation page.
Therefore, the third-party system and the billing system realize the login and billing system of the third-party system by means of the authorization authentication system trusted by both parties and the authorization token provided by the authorization authentication system, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, meanwhile, the coupling degree of the third-party system and the billing system is reduced, and the compatibility is improved. And the user does not need to log in for the second time, so that the login operation is simplified, and the login efficiency is improved.
Fig. 3 is a flowchart illustrating another method of logging into an invoicing system according to an exemplary embodiment, as shown in fig. 3, step 102 may include:
step 1021, the authorization request information is encrypted according to the appointed private key, and the appointed private key is sent to the third party system by the authorization and authentication system after the third party system is registered in advance on the authorization and authentication system.
Step 1022, sending the encrypted authorization request information to an authorization authentication system according to a preset transmission mode, where the transmission mode includes: a predetermined transmission protocol, and/or a predetermined signature algorithm.
For example, after the third-party system registers on the authorization and authentication system, the authorization and authentication system may send a specific private key in addition to sending the authorization code to the third-party system. Therefore, the third-party system encrypts the authorization request information by using the specified private key before sending the authorization request information, and the security of the authorization code is improved. For example, after registering the third-party system, the authorization and authentication system may generate a key pair for the third-party system, where the key pair includes a specific private key and a specific public key corresponding to the specific private key. Then, a CA certificate may be generated based on the specified private key and the specified public key and sent to the third party system.
The third party system may encrypt the authorization request information according to a specified private key, and then send the encrypted authorization request information to the authorization authentication system according to a preset transmission mode, where the transmission mode may include: a predetermined transmission protocol, such as HTTPS, and/or a predetermined signature algorithm, such as HMAC (english: Hash-based Message Authentication Code) 256 algorithm. Correspondingly, the authorization authentication system receives the encrypted authorization request information according to the transmission protocol and verifies whether the encrypted authorization request information is tampered according to the signature algorithm. After the encrypted authorization request information is determined not to be tampered, the encrypted authorization request information can be decrypted by using the specified public key corresponding to the specified private key, so that the authorization request information is obtained.
Fig. 4 is a flowchart illustrating another method for logging in to an invoicing system according to an exemplary embodiment, which may further include the following steps, as shown in fig. 4:
and 105, sending the registration information to the authorization authentication system so that the authorization authentication system registers the third-party system according to the registration information, and generating an authorization code according to the registration information, wherein the registration information comprises a system identifier, first billing information of the third-party system, and second billing information of a user of the third-party system. And receiving an authorization code sent by an authorization authentication system. And/or the presence of a gas in the gas,
and step 106, sending the opening request information to the authorization and authentication system so that the authorization and authentication system determines that the third-party system is in an opened state according to the system identification included in the opening request information.
For example, before the third-party system logs in the billing system, the registration information may be sent to the authorization and authentication system, and the authorization and authentication system registers the third-party system according to the registration information and generates the authorization code. The registration information may include a system identifier, first billing information of the third-party system, and second billing information of the user of the third-party system. Taking the third-party system as shopping software as an example, the first billing information may include a software identifier of the shopping software, a tax number of a software development company, a new line, a legal person, a worker certificate, and the like, and the second billing information may include a tax number, a new line, an identity certificate, a worker certificate, and the like of a user using the shopping software. Further, the authorization authentication system may send a second prompt message while sending the authorization code to the third-party system, so as to prompt the user that the third-party system has successfully registered.
Before logging in the billing system, the third-party system can also send the opening request information to the authorization and authentication system, wherein the opening request information can comprise a system identifier and a payment certificate. The authorization authentication system can determine that the third-party system is in the opened state according to the system identification and the payment certificate included in the opening request information. The provisioned status can indicate that the third party system can use the services provided by the billing system. Further, the authorization and authentication system may further send a third prompt message to prompt the user that the third-party system has been successfully provisioned.
In an implementation manner, the billing system may be a WEB billing system, and accordingly, the designated service information and the authorization token are sent to the billing system in step 103, which may be implemented in the following manner:
first, the service information and the authorization token may be encapsulated as address information in a specific format, for example, a URL (Uniform Resource Locator) format. And then, the address information is sent to the billing system according to the HTTPS + GET request, so that the third-party system can directly open the operation page without the user executing other operations after receiving the operation page, thereby simplifying the operation. For example, the address information may be: and (3) PORT/login, htmpara and AAA, wherein AAA is service information, and BBB is an authorization token. Sending the address information in the way of HTTPS + GET request, i.e. accessing: PORT/logic. htmpara ═ AAA & access _ token ═ BBB.
In summary, in the present disclosure, the third-party system first generates the authorization request information according to the system identifier and the authorization code, where the authorization code is sent by the authorization system after the third-party system registers on the authorization system. And then, the third-party system sends the authorization request information to the authorization authentication system. And the authorization authentication system verifies the authorization request information and sends an authorization token to the third-party system under the condition that the authorization request information is valid. And the third-party system sends the authorization token and the appointed service information to the billing system. And the billing system sends the authorization token to the authorization authentication system, the authorization authentication system verifies the authorization token, and the billing system sends the operation page indicated by the service information to the third-party system under the condition that the authorization token is valid. And finally, the third-party system receives and displays the operation page so as to log in the billing system. According to the third-party system, the authorization token sent by the authorization authentication system is obtained through the authorization code obtained in advance during registration of the authorization authentication system, so that the third-party system logs in the billing system by using the authorization token, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, the secondary login of a user is also not needed, the login operation is simplified, and the login efficiency is improved.
Fig. 5 is a flowchart illustrating a login method of an invoicing system according to an exemplary embodiment, and as shown in fig. 5, the method is applied to an authorization authentication system, and includes the following steps:
step 201, receiving authorization request information sent by a third-party system, where the authorization request information is generated by the third-party system according to a system identifier of the third-party system and an authorization code, and the authorization code is sent to the third-party system by an authorization and authentication system after the third-party system is registered in the authorization and authentication system in advance.
For example, if a user needs to use the services provided by the billing system during the process of using the third-party system, the user can log in the billing system through the third-party system. The third-party system can generate authorization request information according to the system identification and the authorization code of the third-party system, and send the authorization request information to the authorization authentication system. The system identifier can uniquely identify the third-party system, and may be understood as a system ID, and the authorization code may be sent by the authorization authentication system to the third-party system after the third-party system is registered in the authorization authentication system in advance. The authorization code, which may be understood as a ClientKey, is a key assigned to a third party system by an authorization and authentication system. Different third-party systems correspond to different authorization codes, that is, the authorization and authentication system can uniquely determine the identity of the third-party system according to the authorization codes.
Step 202, checking whether the authorization request information is valid, and sending an authorization token to the third-party system under the condition that the authorization request information is valid, so that the third-party system sends the specified service information and the authorization token to the billing system, and the billing system is used for sending the authorization token to the authorization authentication system.
And 203, receiving and verifying whether the authorization token sent by the billing system is valid, and sending a verification result to the billing system so that the billing system sends the operation page indicated by the service information to a third-party system under the condition that the verification result indicates that the authorization token is valid, wherein the third-party system is used for receiving and displaying the operation page to log in the billing system.
For example, the authorization authentication system checks the authorization request information, if the authorization authentication system determines that the authorization request information is valid, an authorization Token (i.e., Token) may be generated according to a preset rule and sent to the third-party system, and if the authorization authentication system determines that the authorization request information is invalid, the authorization request information may be disregarded, and a first prompt message may also be returned to the third-party system to prompt the user that the third-party system cannot log in the billing system.
After receiving the authorization token, the third-party system can send the specified service information and the authorization token to the billing system together. The service information may be understood as information that can reflect which services the user needs to use. Further, the billing system may forward the authorization token to the authorization and authentication system, so that the authorization and authentication system verifies the authorization token. The authorization authentication system feeds back the verification result of the authorization token to the invoicing system so as to inform the invoicing system whether the authorization token is valid or not. Correspondingly, the billing system sends the operation page indicated by the service information to the third-party system under the condition that the verification result indicates that the system authorization token is valid, and the operation page can be understood as a page capable of executing the service information, for example, if the service information is an electronic invoice, the operation page can be a billing page. And finally, the third-party system can receive and display the operation page, namely, the user logs in the billing system through the third-party system at the moment and can perform corresponding operation on the operation page.
Therefore, the third-party system and the billing system realize the login and billing system of the third-party system by means of the authorization authentication system trusted by both parties and the authorization token provided by the authorization authentication system, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, meanwhile, the coupling degree of the third-party system and the billing system is reduced, and the compatibility is improved. And the user does not need to log in for the second time, so that the login operation is simplified, and the login efficiency is improved.
In one implementation, the way of verifying whether the authorization request information is valid in step 202 may be:
and if the authorization request information meets the preset condition, determining that the authorization request information is valid.
Wherein the preset conditions include one or more of the following: condition 1, the authorization code is valid. Condition 2, the system identification and authorization code match. And 3, indicating that the third-party system is in an opened state by the system identifier.
For example, the manner in which the authorization authentication system checks the authorization request information may include checking whether the authorization code is valid, checking whether the system identifier and the authorization code are matched, and checking whether the third-party system indicated by the system identifier is in an opened state (the opened state is used to indicate that the third-party system can use the service provided by the billing system). Accordingly, the authorization request information is valid, and it can be understood that the authorization request information satisfies at least one or more of the conditions 1 to 3. For example, if the authorization code is valid, the system identifier matches the authorization code, and the third-party system indicated by the system identifier is in the enabled state, it may be determined that the authorization request information is valid.
The way of verifying whether the authorization token sent by the billing system is valid in step 203 may be:
and if the current time is within the valid time range of the authorization token and the authorization token is not checked before the current time, determining that the authorization token is valid. And if the current time is out of the valid time range or the authorization token is checked before the current time, determining that the authorization token is invalid.
For example, the authorization authentication system may set a valid time range (e.g., 24h) for the authorization token when generating the authorization token. Therefore, after receiving the authorization token sent by the billing system, the authorization authentication system can firstly verify whether the authorization token is the same as that sent to the third-party system before, namely whether the prior authorization token is legal, and then verify whether the authorization token exceeds the valid time range, namely, judge whether the moment of receiving the authorization token is within the valid time range. Further, in order to ensure the security of the authorization token, the number of times of using the authorization token may be limited, for example, the authorization token may be used only once.
Accordingly, the way to verify whether the authorization token is valid may be: firstly, whether the authorization token is legal or not is verified, if the authorization token is legal, the valid time range and the use times are further determined, and if the authorization token is invalid, the authorization token is determined to be invalid. In the case that the current time is within the valid time range of the authorization token and the authorization token is not verified before the current time (i.e., the authorization token is used for the first time), the authorization token is determined to be valid. The authorization token is determined to be invalid when the current time is outside the valid time range or the authorization token has been checked before the current time (i.e., the authorization token is not used for the first time). Further, after determining that the authorization token is invalid, the authorization authentication system may further send a fourth prompt message to the ticketing system or a third-party system to prompt the user that the authorization token is invalid.
Fig. 6 is a flowchart illustrating a login method of another billing system according to an exemplary embodiment, and as shown in fig. 6, the method may further include:
and 204, receiving registration information sent by the third-party system, wherein the registration information comprises a system identifier, first billing information of the third-party system and second billing information of a user of the third-party system. And registering the third-party system according to the registration information, and generating an authorization code according to the registration information. The authorization code is sent to the third party system. And/or the presence of a gas in the gas,
step 205, receiving the opening request information sent by the third party system, and determining that the third party system is in an opened state according to the system identifier included in the opening request information.
For example, before the third-party system logs in the billing system, the registration information may be sent to the authorization and authentication system, and the authorization and authentication system may register the third-party system according to the registration information and generate the authorization code. The registration information may include a system identifier, first billing information of the third-party system, and second billing information of the user of the third-party system. Taking the third-party system as shopping software as an example, the first billing information may include a software identifier of the shopping software, a tax number of a software development company, a new line, a legal person, a worker certificate, and the like, and the second billing information may include a tax number, a new line, an identity certificate, a worker certificate, and the like of a user using the shopping software. Further, the authorization authentication system may send a second prompt message while sending the authorization code to the third-party system, so as to prompt the user that the third-party system has successfully registered.
Before logging in the billing system, the third-party system can also send the opening request information to the authorization and authentication system, wherein the opening request information can comprise a system identifier and a payment certificate. The authorization authentication system can determine that the third-party system is in the opened state according to the system identification and the payment certificate included in the opening request information. The provisioned status can indicate that the third party system can use the services provided by the billing system. Further, the authorization authentication system can also send a third prompt message to prompt the user that the third-party system has been successfully opened.
In summary, in the present disclosure, the third-party system first generates the authorization request information according to the system identifier and the authorization code, where the authorization code is sent by the authorization system after the third-party system registers on the authorization system. And then, the third-party system sends the authorization request information to the authorization authentication system. And the authorization authentication system verifies the authorization request information and sends an authorization token to the third-party system under the condition that the authorization request information is valid. And the third-party system sends the authorization token and the appointed service information to the billing system. And the billing system sends the authorization token to the authorization authentication system, the authorization authentication system verifies the authorization token, and the billing system sends the operation page indicated by the service information to the third-party system under the condition that the authorization token is valid. And finally, the third-party system receives and displays the operation page so as to log in the billing system. According to the third-party system, the authorization token sent by the authorization authentication system is obtained through the authorization code obtained in advance during registration of the authorization authentication system, so that the third-party system logs in the billing system by using the authorization token, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, the secondary login of a user is also not needed, the login operation is simplified, and the login efficiency is improved.
Fig. 7 is a block diagram illustrating a login apparatus of an invoicing system according to an exemplary embodiment, and as shown in fig. 7, the apparatus 300 is applied to a third party system, and includes:
the generating module 301 is configured to generate authorization request information according to the system identifier and an authorization code of the third-party system, where the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered in the authorization and authentication system in advance.
A sending module 302, configured to send the authorization request message to the authorization and authentication system, so that the authorization and authentication system checks whether the authorization request message is valid, and sends the authorization token to the third-party system when the authorization request message is valid.
The receiving module 303 is configured to receive the authorization token, and send the specified service information and the authorization token to the billing system, so that the billing system sends the authorization token to the authorization and authentication system, and the authorization and authentication system is configured to check whether the authorization token is valid, and send a check result to the billing system.
The login module 304 is configured to receive and display an operation page indicated by the service information sent by the billing system to log in the billing system, where the operation page is sent by the billing system when the verification result indicates that the authorization token is valid.
In an application scenario, the sending module 302 may be configured to:
and encrypting the authorization request information according to the specified private key, wherein the specified private key is sent to the third-party system by the authorization and authentication system after the third-party system is registered in advance on the authorization and authentication system.
And sending the encrypted authorization request information to an authorization authentication system according to a preset transmission mode, wherein the transmission mode comprises the following steps: a predetermined transmission protocol, and/or a predetermined signature algorithm.
In another application scenario, the sending module 302 may be configured to:
and sending the registration information to an authorization authentication system so that the authorization authentication system registers the third-party system according to the registration information and generates an authorization code according to the registration information, wherein the registration information comprises a system identifier, first billing information of the third-party system and second billing information of a user of the third-party system. And receiving an authorization code sent by an authorization authentication system. And/or the presence of a gas in the gas,
and sending the opening request information to the authorization and authentication system so that the authorization and authentication system determines that the third-party system is in an opened state according to the system identification included in the opening request information.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
In summary, in the present disclosure, the third-party system first generates the authorization request information according to the system identifier and the authorization code, where the authorization code is sent by the authorization system after the third-party system registers on the authorization system. And then, the third-party system sends the authorization request information to the authorization authentication system. And the authorization authentication system verifies the authorization request information and sends an authorization token to the third-party system under the condition that the authorization request information is valid. And the third-party system sends the authorization token and the appointed service information to the billing system. And the billing system sends the authorization token to the authorization authentication system, the authorization authentication system verifies the authorization token, and the billing system sends the operation page indicated by the service information to the third-party system under the condition that the authorization token is valid. And finally, the third-party system receives and displays the operation page so as to log in the billing system. According to the third-party system, the authorization token sent by the authorization authentication system is obtained through the authorization code obtained in advance during registration of the authorization authentication system, so that the third-party system logs in the billing system by using the authorization token, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, the secondary login of a user is also not needed, the login operation is simplified, and the login efficiency is improved.
Fig. 8 is a block diagram illustrating a login apparatus of an invoicing system according to an exemplary embodiment, and as shown in fig. 8, the apparatus 400 is applied to an authorization authentication system, and includes:
the receiving module 401 is configured to receive authorization request information sent by a third-party system, where the authorization request information is generated by the third-party system according to a system identifier of the third-party system and an authorization code, and the authorization code is sent to the third-party system by an authorization and authentication system after the third-party system is registered in the authorization and authentication system in advance.
The first processing module 402 is configured to check whether the authorization request information is valid, and send an authorization token to the third-party system under the condition that the authorization request information is valid, so that the third-party system sends the specified service information and the authorization token to the invoicing system, and the invoicing system is configured to send the authorization token to the authorization authentication system.
The second processing module 403 is configured to receive and verify whether the authorization token sent by the billing system is valid, and send a verification result to the billing system, so that the billing system sends the operation page indicated by the service information to the third-party system when the verification result indicates that the authorization token is valid, and the third-party system is configured to receive and display the operation page to log in the billing system.
In one application scenario, the first processing module 402 may be configured to: and if the authorization request information meets the preset condition, determining that the authorization request information is valid.
Wherein the preset conditions include one or more of the following:
the authorization code is valid.
The system identification and the authorization code match.
And the third-party system indicated by the system identifier is in an opened state.
The second processing module 403 may be configured to: and if the current time is within the valid time range of the authorization token and the authorization token is not checked before the current time, determining that the authorization token is valid. And if the current time is out of the valid time range or the authorization token is checked before the current time, determining that the authorization token is invalid.
In another application scenario, the receiving module 401 is further configured to:
and receiving registration information sent by the third-party system, wherein the registration information comprises a system identifier, first billing information of the third-party system and second billing information of a user of the third-party system. And registering the third-party system according to the registration information, and generating an authorization code according to the registration information. The authorization code is sent to the third party system. And/or the presence of a gas in the gas,
and receiving opening request information sent by the third-party system, and determining that the third-party system is in an opened state according to a system identifier included in the opening request information.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
In summary, in the present disclosure, the third-party system first generates the authorization request information according to the system identifier and the authorization code, where the authorization code is sent by the authorization system after the third-party system registers on the authorization system. And then, the third-party system sends the authorization request information to the authorization authentication system. And the authorization authentication system verifies the authorization request information and sends an authorization token to the third-party system under the condition that the authorization request information is valid. And the third-party system sends the authorization token and the appointed service information to the billing system. And the billing system sends the authorization token to the authorization authentication system, the authorization authentication system verifies the authorization token, and the billing system sends the operation page indicated by the service information to the third-party system under the condition that the authorization token is effective. And finally, the third-party system receives and displays the operation page so as to log in the billing system. According to the third-party system, the authorization token sent by the authorization authentication system is obtained through the authorization code obtained in advance during registration of the authorization authentication system, so that the third-party system logs in the billing system by using the authorization token, the intercommunication of an account login system between the third-party system and the billing system is not needed, the safety degree of the third-party system and the billing system is improved, the secondary login of a user is also not needed, the login operation is simplified, and the login efficiency is improved.
Fig. 9 is a block diagram illustrating an electronic device 500 in accordance with an example embodiment. For example, the electronic device 500 may be provided as a server. Referring to fig. 9, the electronic device 500 comprises a processor 522, which may be one or more in number, and a memory 532 for storing computer programs executable by the processor 522. The computer programs stored in memory 532 may include one or more modules that each correspond to a set of instructions. Further, the processor 522 may be configured to execute the computer program to perform any of the above-described methods of entry of an invoicing system.
Additionally, the electronic device 500 may also include a power component 526 and a communication component 550, the power component 526 may be configured to perform power management of the electronic device 500, and the communication component 550 may be configured to enable communication, e.g., wired or wireless communication, of the electronic device 500. In addition, the electronic device 500 may also include input/output (I/O) interfaces 558. The electronic device 500 may operate based on an operating system, such as Windows Server, stored in the memory 532TM,Mac OS XTM,UnixTM,LinuxTMAnd so on.
In another exemplary embodiment, there is also provided a computer readable storage medium comprising program instructions which, when executed by a processor, implement the steps of the method of logging in of any of the invoicing systems described above. For example, the computer readable storage medium may be the memory 532 described above including program instructions executable by the processor 522 of the electronic device 500 to perform any of the methods described above for logging onto an invoicing system.
In another exemplary embodiment, a computer program product is also provided, which comprises a computer program executable by a programmable apparatus, the computer program having code portions for performing a method of logging in an invoicing system of any of the above-mentioned types when executed by the programmable apparatus.
The preferred embodiments of the present disclosure are described in detail with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that, in the foregoing embodiments, various features described in the above embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, various combinations that are possible in the present disclosure are not described again.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure, as long as it does not depart from the spirit of the present disclosure.

Claims (10)

1. A login method of an invoicing system is applied to a third-party system, and comprises the following steps:
generating authorization request information according to the system identification and the authorization code of the third-party system, wherein the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered on the authorization and authentication system in advance;
sending the authorization request information to the authorization authentication system so that the authorization authentication system checks whether the authorization request information is valid or not, and sends an authorization token to the third-party system under the condition that the authorization request information is valid;
receiving the authorization token, and sending the specified service information and the authorization token to a billing system so that the billing system sends the authorization token to the authorization authentication system, wherein the authorization authentication system is used for verifying whether the authorization token is valid and sending a verification result to the billing system;
and receiving and displaying an operation page indicated by the service information sent by the billing system to log in the billing system, wherein the operation page is sent by the billing system under the condition that the verification result indicates that the authorization token is valid.
2. The method of claim 1, wherein sending the authorization request message to the authorization authentication system comprises:
encrypting the authorization request information according to a specified private key, wherein the specified private key is sent to the third-party system by the authorization and authentication system after the third-party system is registered in the authorization and authentication system in advance;
sending the encrypted authorization request information to the authorization authentication system according to a preset transmission mode, wherein the transmission mode comprises the following steps: a predetermined transmission protocol, and/or a predetermined signature algorithm.
3. The method of claim 1, further comprising:
sending registration information to the authorization authentication system so that the authorization authentication system registers the third-party system according to the registration information and generates the authorization code according to the registration information, wherein the registration information comprises the system identification, first billing information of the third-party system and second billing information of a user of the third-party system; receiving the authorization code sent by the authorization authentication system; and/or the presence of a gas in the gas,
and sending the opening request information to the authorization and authentication system so that the authorization and authentication system determines that the third-party system is in an opened state according to the system identification included in the opening request information.
4. A login method of an invoicing system is applied to an authorization authentication system, and comprises the following steps:
receiving authorization request information sent by a third-party system, wherein the authorization request information is generated by the third-party system according to a system identifier of the third-party system and an authorization code, and the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered on the authorization and authentication system in advance;
verifying whether the authorization request information is valid, and sending an authorization token to the third-party system under the condition that the authorization request information is valid, so that the third-party system sends the specified service information and the authorization token to a billing system, wherein the billing system is used for sending the authorization token to the authorization authentication system;
and receiving and verifying whether the authorization token sent by the billing system is valid or not, and sending a verification result to the billing system so that the billing system sends an operation page indicated by the service information to the third-party system under the condition that the verification result indicates that the authorization token is valid, wherein the third-party system is used for receiving and displaying the operation page so as to log in the billing system.
5. The method of claim 4, wherein the verifying whether the authorization request message is valid comprises:
if the authorization request information meets a preset condition, determining that the authorization request information is valid;
the preset conditions include one or more of the following:
the authorization code is valid;
the system identification and the authorization code match;
the third-party system indicated by the system identifier is in an opened state;
the receiving and verifying whether the authorization token sent by the billing system is valid includes:
if the current time is within the valid time range of the authorization token and the authorization token is not checked before the current time, determining that the authorization token is valid;
and if the current time is out of the valid time range or the authorization token is checked before the current time, determining that the authorization token is invalid.
6. The method of claim 4, further comprising:
receiving registration information sent by the third-party system, wherein the registration information comprises the system identification, first billing information of the third-party system and second billing information of a user of the third-party system; registering the third-party system according to the registration information, and generating the authorization code according to the registration information; sending the authorization code to the third-party system; and/or the presence of a gas in the gas,
and receiving opening request information sent by the third-party system, and determining that the third-party system is in an opened state according to the system identification included in the opening request information.
7. A login device of an invoicing system is applied to a third-party system, and the device comprises:
the generation module is used for generating authorization request information according to the system identification and the authorization code of the third-party system, wherein the authorization code is sent to the third-party system by the authorization authentication system after the third-party system is registered on the authorization authentication system in advance;
the sending module is used for sending the authorization request information to the authorization authentication system so that the authorization authentication system checks whether the authorization request information is valid or not, and sends an authorization token to the third-party system under the condition that the authorization request information is valid;
the receiving module is used for receiving the authorization token and sending the specified service information and the authorization token to a billing system so that the billing system sends the authorization token to the authorization authentication system, and the authorization authentication system is used for verifying whether the authorization token is valid and sending a verification result to the billing system;
and the login module is used for receiving and displaying an operation page indicated by the service information sent by the billing system so as to log in the billing system, wherein the operation page is sent by the billing system under the condition that the verification result indicates that the authorization token is valid.
8. A login device of an invoicing system, which is applied to an authorization authentication system, the device comprising:
the system comprises a receiving module, a receiving module and a processing module, wherein the receiving module is used for receiving authorization request information sent by a third-party system, the authorization request information is generated by the third-party system according to a system identifier of the third-party system and an authorization code, and the authorization code is sent to the third-party system by the authorization and authentication system after the third-party system is registered on the authorization and authentication system in advance;
the first processing module is used for verifying whether the authorization request information is valid or not and sending an authorization token to the third-party system under the condition that the authorization request information is valid so that the third-party system sends the specified service information and the authorization token to a billing system, and the billing system is used for sending the authorization token to the authorization authentication system;
the second processing module is used for receiving and verifying whether the authorization token sent by the billing system is valid or not, and sending a verification result to the billing system so that the billing system sends an operation page indicated by the service information to the third-party system under the condition that the verification result indicates that the authorization token is valid, and the third-party system is used for receiving and displaying the operation page so as to log in the billing system.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of one of the claims 1 to 3 or of one of the claims 4 to 6.
10. An electronic device, comprising:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to implement the steps of the method of any of claims 1-3, or claims 4-6.
CN202011582814.2A 2020-12-28 2020-12-28 Login method and device of billing system, storage medium and electronic equipment Active CN114697056B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011582814.2A CN114697056B (en) 2020-12-28 2020-12-28 Login method and device of billing system, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011582814.2A CN114697056B (en) 2020-12-28 2020-12-28 Login method and device of billing system, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN114697056A true CN114697056A (en) 2022-07-01
CN114697056B CN114697056B (en) 2024-10-25

Family

ID=82129352

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011582814.2A Active CN114697056B (en) 2020-12-28 2020-12-28 Login method and device of billing system, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN114697056B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020077977A1 (en) * 2000-12-19 2002-06-20 Neely R. Alan Interactive invoicer interface
CN104917721A (en) * 2014-03-10 2015-09-16 腾讯科技(北京)有限公司 Authorization method, apparatus and system based on oAuth protocol
CN105765944A (en) * 2014-02-18 2016-07-13 甲骨文国际公司 Facilitating third parties to perform batch processing of requests requiring authorization from resource owners for repeat access to resources
WO2017067227A1 (en) * 2015-10-22 2017-04-27 乐视控股(北京)有限公司 Third party account number authorisation method, device, server, and system
CN106850693A (en) * 2017-03-31 2017-06-13 深圳微众税银信息服务有限公司 The method and real-name authentication system of a kind of real-name authentication
CN106953831A (en) * 2016-01-06 2017-07-14 阿里巴巴集团控股有限公司 A kind of authorization method of user resources, apparatus and system
CN108198064A (en) * 2018-01-25 2018-06-22 深圳微众税银信息服务有限公司 A kind of tax silver interactive service method for supporting and system
US20180337784A1 (en) * 2017-05-19 2018-11-22 Intuit Inc. Coordinating access authorization across multiple systems at different mutual trust levels
CN109660484A (en) * 2017-10-10 2019-04-19 爱信诺征信有限公司 A kind of enterprise's real name identification method and certificate server
CN109981530A (en) * 2017-12-27 2019-07-05 航天信息股份有限公司 A kind of server based on digital certificate is made out an invoice authorization management method and system
CN111177597A (en) * 2019-12-25 2020-05-19 航天信息股份有限公司 Method for collecting electronic invoice by scanning code, electronic equipment and storage medium
CN111770088A (en) * 2020-06-29 2020-10-13 南方电网科学研究院有限责任公司 Data authentication method, device, electronic equipment and computer readable storage medium

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020077977A1 (en) * 2000-12-19 2002-06-20 Neely R. Alan Interactive invoicer interface
CN105765944A (en) * 2014-02-18 2016-07-13 甲骨文国际公司 Facilitating third parties to perform batch processing of requests requiring authorization from resource owners for repeat access to resources
CN104917721A (en) * 2014-03-10 2015-09-16 腾讯科技(北京)有限公司 Authorization method, apparatus and system based on oAuth protocol
WO2017067227A1 (en) * 2015-10-22 2017-04-27 乐视控股(北京)有限公司 Third party account number authorisation method, device, server, and system
CN106953831A (en) * 2016-01-06 2017-07-14 阿里巴巴集团控股有限公司 A kind of authorization method of user resources, apparatus and system
CN106850693A (en) * 2017-03-31 2017-06-13 深圳微众税银信息服务有限公司 The method and real-name authentication system of a kind of real-name authentication
US20180337784A1 (en) * 2017-05-19 2018-11-22 Intuit Inc. Coordinating access authorization across multiple systems at different mutual trust levels
CN109660484A (en) * 2017-10-10 2019-04-19 爱信诺征信有限公司 A kind of enterprise's real name identification method and certificate server
CN109981530A (en) * 2017-12-27 2019-07-05 航天信息股份有限公司 A kind of server based on digital certificate is made out an invoice authorization management method and system
CN108198064A (en) * 2018-01-25 2018-06-22 深圳微众税银信息服务有限公司 A kind of tax silver interactive service method for supporting and system
CN111177597A (en) * 2019-12-25 2020-05-19 航天信息股份有限公司 Method for collecting electronic invoice by scanning code, electronic equipment and storage medium
CN111770088A (en) * 2020-06-29 2020-10-13 南方电网科学研究院有限责任公司 Data authentication method, device, electronic equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN114697056B (en) 2024-10-25

Similar Documents

Publication Publication Date Title
CN109617698B (en) Method for issuing digital certificate, digital certificate issuing center and medium
CN101300808B (en) Method and arrangement for secure autentication
EP2657871B1 (en) Secure configuration of mobile application
CN109992949B (en) Equipment authentication method, over-the-air card writing method and equipment authentication device
CA2357792C (en) Method and device for performing secure transactions
CN117579281A (en) Method and system for ownership verification using blockchain
CN101534192B (en) System used for providing cross-domain token and method thereof
CN101841525A (en) Secure access method, system and client
CN106936588B (en) Hosting method, device and system of hardware control lock
CN102694780A (en) Digital signature authentication method, payment method containing the same and payment system
CN111131416A (en) Business service providing method and device, storage medium and electronic device
CN102075327A (en) Method, device and system for unlocking electronic key
WO2000039958A1 (en) Method and system for implementing a digital signature
TW201601083A (en) One-time password generation method and device, authentication method and authentication system
CN112446050B (en) Business data processing method and device applied to block chain system
CN1612522B (en) Challenge-based authentication without requiring knowledge of secret authentication data
CN103077461A (en) System and method for applying for financial document using mobile communication device
CN113992387B (en) Resource management method, device, system, electronic equipment and readable storage medium
CN115473655A (en) Terminal authentication method, device and storage medium for access network
CN114697056B (en) Login method and device of billing system, storage medium and electronic equipment
KR100726074B1 (en) Method And System Of Certifying Mobile Internet User
CN111369332A (en) Data processing method and device based on block chain
CN116528230A (en) Verification code processing method, mobile terminal and trusted service system
US9882891B2 (en) Identity verification
CN106161027A (en) A kind of mobile phone quasi-digital certificate subsystem and system and method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant