Method and apparatus for converting authentication-tokens to facilitate interactions between applications
First Claim
1. A computer-implemented method for converting authentication-tokens, comprising:
- receiving, at a computer, a command-execution request from a first application, wherein the command-execution request specifies a command to be executed by a second application and includes a first authentication-token that is created by the first application based on a user authenticating to the first application;
verifying the first authentication-token at the computer;
translating the first authentication-token to a form associated with the second application to produce a second authentication-token, wherein the second authentication-token is in a form different than the first authentication-token;
modifying the command-execution request by replacing the first authentication-token with the second authentication-token to create a modified command-execution request; and
sending the modified command-execution request to the second application,wherein the command-execution request includes a target Uniform Resource Locator (URL) which specifies a location of the second application, a second authentication-token type which specifies a form of the second authentication-token, a user identifier for a user who is associated with the first authentication-token, and payload data for the second application.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that converts authentication-tokens to facilitate interactions between applications. During operation, the system receives a command-execution request from a first application, wherein the command-execution request specifies a command to execute on a second application. Subsequently, the system verifies a first authentication-token included with the command-execution request. Next, the system translates the first authentication-token into a form associated with the second application to produce a second authentication-token. The system then modifies the command-execution request by replacing the first authentication-token with the second-authentication-token to create a modified command-execution request. Then, the system sends the modified command-execution request to the second application.
17 Citations
26 Claims
-
1. A computer-implemented method for converting authentication-tokens, comprising:
-
receiving, at a computer, a command-execution request from a first application, wherein the command-execution request specifies a command to be executed by a second application and includes a first authentication-token that is created by the first application based on a user authenticating to the first application; verifying the first authentication-token at the computer; translating the first authentication-token to a form associated with the second application to produce a second authentication-token, wherein the second authentication-token is in a form different than the first authentication-token; modifying the command-execution request by replacing the first authentication-token with the second authentication-token to create a modified command-execution request; and sending the modified command-execution request to the second application, wherein the command-execution request includes a target Uniform Resource Locator (URL) which specifies a location of the second application, a second authentication-token type which specifies a form of the second authentication-token, a user identifier for a user who is associated with the first authentication-token, and payload data for the second application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for converting authentication-tokens, the method comprising:
-
receiving, at a bridge, a command-execution request from a first application, wherein the command-execution request specifies a command to be executed by a second application and includes a first authentication-token that is created by the first application based on a user authenticating to the first application; verifying the first authentication-token at the bridge; translating the first authentication-token to a form associated with the second application to produce a second authentication-token, wherein the second authentication-token is in a form different than the first authentication-token; modifying the command-execution request by replacing the first authentication-token with the second authentication-token to create a modified command-execution request; and sending the modified command-execution request to the second application, wherein the command-execution request includes a target Uniform Resource Locator (URL) which specifies a location of the second application, a second authentication-token type which specifies a form of the second authentication-token, a user identifier for a user who is associated with the first authentication-token, and payload data for the second application. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An apparatus that converts authentication-tokens, comprising:
-
a receiving mechanism configured to receive, at a bridge, a command-execution request from a first application, wherein the command-execution request specifies a command to be executed by a second application and includes a first authentication-token that is created by the first application based on a user authenticating to the first application; a verification mechanism configured to verify the first authentication token at the bridge; a translation mechanism configured to translate the first authentication-token to a form associated with the second application to produce a second authentication-token, wherein the second authentication-token is in a form different than the first authentication-token; a modification mechanism configured to modify the command-execution request by replacing the first authentication-token with the second authentication-token to create a modified command-execution request; and a sending mechanism configured to send the modified command-execution request to the second application, wherein the command-execution request includes a target Uniform Resource Locator (URL) which specifies a location of the second application, a second authentication-token type which specifies a form of the second authentication-token, a user identifier for a user who is associated with the first authentication-token, and payload data for the second application. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification