Authorization server system, control method therefor, and storage medium

What is claimed is: 1 . An authorization server system configured to restrict the usage of a service provided via a network, the system comprising: an authorization processing unit configured to issue authorization information in response to an authorization operation performed to permit a user to delegate authority to use the service to a client; a verification processing unit configured to verify the authorization information to be transmitted when the client having acquired the authorization information issued by the authorization processing unit uses the service, and configured to permit the client to use the service with the user authority based on a result of the verification; a determination unit configured to determine whether the number of uses of a mathematical function called by the client to use the service is greater than an upper limit; and a restriction unit configured to restrict the usage of the mathematical function if the determination unit determines that the number of uses is greater than the upper limit, wherein the determination unit is configured to determine whether the number of uses of the mathematical function called by the client to use the service is greater than the upper limit when the authorization information is issued by the authorization processing unit and when the authorization information is verified by the verification processing unit. 2 . The authorization server system according to claim 1 , further comprising: a holding unit configured to hold a table for registering information in which a group ID for identifying a group to which the user belongs is associated with the upper limit of the number of uses of the mathematical function for each group ID, wherein the determination unit is configured to identify the group ID corresponding to the user when the client uses the service with the user authority and determine whether the number of uses of the mathematical function called by the client is greater than the upper limit with reference to the upper limit of the number of uses of the mathematical function corresponding to the identified group ID. 3 . The authorization server system according to claim 2 , further comprising: a provision unit configured to provide a management screen usable to set refusal and/or permission with respect to the usage of the mathematical function for each group ID, wherein an error response is performed in response to an access of the client with user authority corresponding to a refused group ID designated via the screen. 4 . The authorization server system according to claim 3 , wherein the provision unit is configured to provide the management screen to set the upper limit of the number of uses of the mathematical function for a permitted group ID designated via the management screen, and the table held by the holding unit includes registered information about the permitted group ID designated via the management screen in association with the upper limit of the number of uses of the mathematical function having been set on the management screen. 5 . The authorization server system according to claim 3 , wherein the provision unit is configured to provide the management screen to set refusal or permission with respect to the usage of the mathematical function in response to an access of the client with user authority corresponding to a non-registered group ID for which none of refusal and permission is designated via the management screen, and further the provision unit is configured to provide the management screen to set the upper limit of the number of uses of the mathematical function to be set in automatic registration to the table and to set whether to automatically register the non-registered tenant group ID to the table in response to the access of the client with user authority corresponding to the non-registered group ID. 6 . A control method for controlling an authorization server system configured to restrict the usage of a service provided via a network, the method comprising: causing an authorization processing unit to issue authorization information in response to an authorization operation performed to permit a user to delegate authority to use the service to a client; causing a verification processing unit to verify the authorization information to be transmitted when the client having acquired the authorization information issued by the authorization processing unit uses the service, and causing the verification processing unit to permit the client to use the service with the user authority based on a result of the verification; causing a determination unit to determine whether the number of uses of a mathematical function called by the client to use the service is greater than an upper limit; and causing a restriction unit to restrict the usage of the mathematical function if the determination unit determines that the number of uses is greater than the upper limit, wherein the determination unit is configured to determine whether the number of uses of the mathematical function called by the client to use the service is greater than the upper limit when the authorization information is issued by the authorization processing unit and when the authorization information is verified by the verification processing unit. 7 . The control method according to claim 6 , further comprising: causing a holding unit to hold a table for registering information in which a group ID for identifying a group to which the user belongs is associated with the upper limit of the number of uses of the mathematical function for each group ID, wherein the determination unit is configured to identify the group ID corresponding to the user when the client uses the service of the user and determine whether the number of uses of the mathematical function called by the client is greater than the upper limit with reference to the upper limit of the number of uses of the mathematical function corresponding to the identified group ID. 8 . The control method according to claim 7 , further comprising: causing a provision unit to provide a management screen usable to set refusal and/or permission with respect to the usage of the mathematical function for each group ID, wherein an error response is performed in response to an access of the client with user authority corresponding to a refused group ID designated via the screen. 9 . The control method according to claim 8 , wherein the provision unit is configured to provide the management screen to set the upper limit of the number of uses of the mathematical function for a permitted group ID designated via the management screen, and the table held by the holding unit includes registered information about the permitted group ID designated via the management screen in association with the upper limit of the number of uses of the mathematical function having been set on the management screen. 10 . The control method according to claim 8 , wherein the provision unit is configured to provide the management screen to set refusal or permission with respect to the usage of the mathematical function in response to an access of the client with user authority corresponding to a non-registered group ID for which none of refusal and permission is designated via the management screen, and further the provision unit is configured to provide the management screen to set the upper limit of the number of uses of the mathematical function to be set in automatic registration to the table and to set whether to automatically register the non-registered tenant group ID to the table in response to the access of the client with user authority corresponding to the non-registered group ID. 11