System and Method for a Generic Single Sign-On Function
First Claim
1. A method for providing generic single sign-on in an electronic device, the method comprising:
- receiving information identifying one or more applications and associated identity authenticators;
creating a whitelist of the identified applications and associated identity authenticators;
receiving from a first requesting application a first request for an access token;
if the first requesting application is listed in the whitelist,determining an identity of an identity authenticator associated with the first requesting application;
sending a second request for an access token to the identity authenticator;
in response to the second request, receiving a first access token from the identity authenticator; and
sending the first access token to the first requesting application.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method are presented for providing generic single sign-on in an electronic device. Information is received that identifies one or more applications and associated identity authenticators and a whitelist of the identified applications and authenticators is created. A request for an access token is received from a requesting application. If the requesting application is listed in the whitelist, an authenticator associated with the requesting application is determined and a request for an access token is sent to the associated authenticator. In response to the request, an access token is received from the authenticator and the access token is sent to the requesting application. If the requesting application is not listed in the whitelist, a predefined response message is sent to the requesting application
7 Citations
20 Claims
-
1. A method for providing generic single sign-on in an electronic device, the method comprising:
-
receiving information identifying one or more applications and associated identity authenticators; creating a whitelist of the identified applications and associated identity authenticators; receiving from a first requesting application a first request for an access token; if the first requesting application is listed in the whitelist, determining an identity of an identity authenticator associated with the first requesting application; sending a second request for an access token to the identity authenticator; in response to the second request, receiving a first access token from the identity authenticator; and sending the first access token to the first requesting application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 20)
-
-
11. An electronic device providing generic single sign-on functionality, the electronic device comprising:
-
a memory comprising a plurality of applications, the applications comprising an application interface, an agent interface, an authenticator interface, and a system service module; and a processor configured to execute one or more of the plurality of applications in the memory, wherein; the application interface is configured to exchange one or more messages with a plurality of applications; the agent interface is configured to receive one or more messages from an agent; the authenticator interface is configured to exchange one or more messages with a plurality of identity authenticators; and the system service module is configured to; receive one or more messages via the agent interface, each message identifying one or more applications and associated identity authenticators; create a whitelist of the one or more identified applications and associated identity authenticators; receive a first access token request message from a first requesting application via the application interface; determine whether the first requesting application is listed in the whitelist; and if the first requesting application is not listed in the whitelist, send a predefined response message to the first requesting application via the application interface. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
Specification