Method and system for providing internet services
First Claim
1. A method for providing web services with a service integration platform comprising:
- receiving a service request message that is initiated by a user of an application provided by an Independent Software Vendor (ISV), the service request message being implemented according to an Application Programming Interface (API) type and including a plurality of platform-level parameters that conform to the API type, wherein;
the plurality of platform-level parameters comprise an Appkey associated with the application provided by the ISV;
the Appkey is a parameter issued to the application provided by the ISV and is not modifiable by the application provided by the ISV; and
the Appkey is a proof of identity that identifies the web services the application provided by the ISV is allowed to access;
determining, using a processor, a set of authentication checks that correspond to and that are appropriate for the API type, wherein;
the API type is one of a plurality of possible API types;
for each possible API type there is a corresponding set of authentication checks; and
at least some API types map to different sets of authentication checks;
performing authentication of the service request message according to the set of authentication checks;
routing the service request message to a service address of an Internet Service Provider (ISP) in the event that the service request message is authenticated, wherein the Internet Service Provider (ISP) is a provider of web services on the Internet;
maintaining a token list in a cache in the event that the platform parameters include service Internet Service Provider identity, the Appkey associated with the application, and user session uniqueness identity in the Independent Software Vendor application;
determining whether a token exists and is valid; and
returning user binding error information in the event that no token exists or the token is invalid;
wherein the API type has a corresponding service level comprising an authorized service type and the determined set of authentication checks includes a signature check and a timestamp check; and
wherein the platform-level parameters for the authorized service type further comprises a service name, a service request timestamp and a signature.
2 Assignments
0 Petitions
Accused Products
Abstract
A service integration platform system for providing Internet services includes: an interface configured to receive a service request message that is initiated by a user of an application provided by an Independent Software Vendor (ISV), the service request message being implemented according to an Application Programming Interface (API) type and including a plurality of platform-level parameters that conform to the API type. The system further includes one or more processors coupled to the interface, configured to: locate a set of authentication checks that are appropriate for the API type, based at least in part on the plurality of platform-level parameters included in the service request message and a mapping of predefined combinations of platform-level parameters and corresponding sets of authentication checks; perform authentication of the service request according to the set of authentication checks; and route the service request to a service address of the Internet Service Provider (ISP) in the event that the service request is authenticated.
35 Citations
24 Claims
-
1. A method for providing web services with a service integration platform comprising:
-
receiving a service request message that is initiated by a user of an application provided by an Independent Software Vendor (ISV), the service request message being implemented according to an Application Programming Interface (API) type and including a plurality of platform-level parameters that conform to the API type, wherein; the plurality of platform-level parameters comprise an Appkey associated with the application provided by the ISV; the Appkey is a parameter issued to the application provided by the ISV and is not modifiable by the application provided by the ISV; and the Appkey is a proof of identity that identifies the web services the application provided by the ISV is allowed to access; determining, using a processor, a set of authentication checks that correspond to and that are appropriate for the API type, wherein; the API type is one of a plurality of possible API types; for each possible API type there is a corresponding set of authentication checks; and at least some API types map to different sets of authentication checks; performing authentication of the service request message according to the set of authentication checks; routing the service request message to a service address of an Internet Service Provider (ISP) in the event that the service request message is authenticated, wherein the Internet Service Provider (ISP) is a provider of web services on the Internet; maintaining a token list in a cache in the event that the platform parameters include service Internet Service Provider identity, the Appkey associated with the application, and user session uniqueness identity in the Independent Software Vendor application; determining whether a token exists and is valid; and
returning user binding error information in the event that no token exists or the token is invalid;wherein the API type has a corresponding service level comprising an authorized service type and the determined set of authentication checks includes a signature check and a timestamp check; and wherein the platform-level parameters for the authorized service type further comprises a service name, a service request timestamp and a signature. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A service integration platform system for providing web services comprising:
-
an interface configured to receive a service request message that is initiated by a user of an application provided by an Independent Software Vendor (ISV), the service request message being implemented according to an Application Programming Interface (API) type and a plurality of platform-level parameters that conform to the API type, wherein; the plurality of platform-level parameters comprise an Appkey associated with the application provided by the ISV; the Appkey is a parameter issued to the application provided by the ISV and is not modifiable by the application provided by the ISV; and the Appkey is a proof of identity that identifies the web services the application provided by the ISV is allowed to access; and
one or more processors coupled to the interface, configured to;determine a set of authentication checks that correspond to and that are appropriate for the API type, wherein; the API type is one of a plurality of possible API types; for each possible API type there is a corresponding set of authentication checks; and at least some API types map to different sets of authentication checks; perform authentication of the service request according to the set of authentication checks; route the service request to a service address of an Internet Service Provider (ISP) in the event that the service request is authenticated, wherein the Internet Service Provider (ISP) is a provider of web services on the internet; maintain a token list in a cache in the event that the platform parameters include service Internet Service Provider identity, the Appkey associated with the application and user session uniqueness identity in the Independent Software Vendor application;
determine whether a token exists and is valid; and
return user binding error information in the event that no token exists or the token is invalid;wherein the API type has a corresponding service level comprising an authorized service type and the determined set of authentication checks includes a signature check and a timestamp check; and wherein the platform-level parameters for the authorized service type further comprises a service name, a service request timestamp and a signature. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification