Authenticating user through web extension using token based authentication scheme
First Claim
Patent Images
1. A method executed on a computing device for authenticating a user through a web extension using a token based authentication scheme, the method comprising:
- receiving a token associated with the user at a client component of the web extension;
transmitting the token to a server component of the web extension to authenticate the user;
validating the token at the server component of the web extension;
mapping the user to the token and authenticating the user at the server component of the web extension;
determining an availability of a validation library to authenticate the user and the token for an automated validation at the server component;
affirming that the token is not expired at the server component; and
verifying that the token correctly addresses an associated client application, at the server component.
2 Assignments
0 Petitions
Accused Products
Abstract
A web extension authenticates a user using a token based authentication scheme. A token is retrieved from a client application to authenticate the user. The web extension transmits the token to a server component to have the server component authenticate the user. The server component validates the token using a validation library. The user is mapped to the token and authenticated upon validating the token.
53 Citations
18 Claims
-
1. A method executed on a computing device for authenticating a user through a web extension using a token based authentication scheme, the method comprising:
-
receiving a token associated with the user at a client component of the web extension; transmitting the token to a server component of the web extension to authenticate the user; validating the token at the server component of the web extension; mapping the user to the token and authenticating the user at the server component of the web extension; determining an availability of a validation library to authenticate the user and the token for an automated validation at the server component; affirming that the token is not expired at the server component; and verifying that the token correctly addresses an associated client application, at the server component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A web server for authenticating a user through a web extension using a token based authentication scheme, the web server comprising:
-
a memory configured to store instructions; and a processor coupled to the memory, the processor executing an application in conjunction with the instructions stored in the memory, wherein the application is configured to; receive a token associated with the user at a client component of the web extension; transmit the token to a server component of the web extension to authenticate the user; detect a user identifier associated with the user in the token at the server component of the web extension; validate the token at the server component of the web extension by matching the user identifier to a set of registered users; map the user to the token and authenticate the user at the server component of the web extension; determine an availability of a validation library to authenticate the user at the server component; verify authority of an issuing server over the user identifier in the token at the server component; affirm that the token is not expired at the server component; and verify that the token correctly addresses an associated client application, at the server component. - View Dependent Claims (12, 13, 14)
-
-
15. A computer-readable memory device with instructions stored thereon for authenticating a user through a web extension using a token based authentication scheme, the instructions comprising:
-
receiving a token associated with the user at a client component of the web extension;
transmitting the token to a server component of the web extension to authenticate the user;detecting a user identifier associated with the user in the token at the server component of the web extension; determining a signature in the token from a server having authority over the user identifier at the server component of the web extension; validating the token at the server component of the web extension by;
matching the user identifier to a set of registered users;validating the signature against the server by determining a validity of a certificate encompassing the signature; mapping the user to the token and authenticating the user at the server component of the web extension; determining an availability of a validation library to authenticate the user at the server component; affirming that the token is not expired at the server component; and verifying that the token correctly addresses an associated client application, at the server component. - View Dependent Claims (16, 17, 18)
-
Specification