CPC H04L 9/3213 (2013.01) [H04L 9/0861 (2013.01); H04L 9/0891 (2013.01); H04L 63/0876 (2013.01); H04L 63/102 (2013.01); H04L 63/108 (2013.01)] | 20 Claims |
1. An access token management method, implemented by a server, wherein the access token management method comprises:
receiving an access token generation request from a terminal, wherein the access token generation request comprises user information of a first account, wherein the first account is used to log in to a first application on the terminal, wherein the first application comprises an open authorization function configured to authorize a second application on the terminal to access a protected resource by the access token;
generating the access token in response to the access token generation request;
sending the access token to the terminal;
receiving the access token from the terminal and authorizing the second application to access the protected resource;
obtaining login information of the first account;
marking the access token state when the obtained login information indicates the first account state is non-logged in;
performing invalidation processing on the access token when the login information is marked as in a non-login state on the terminal; and
denying the access to the protected resource of the second application of the terminal when the access token is invalid.
|