Securing partner-enabled web service
First Claim
Patent Images
1. A method for securing a partner-enabled web service, comprising:
- receiving a request, wherein the request comprises a canary value, to access the partner-enabled web service, wherein the request is received from a browser client for a partner application;
determining that a user is authorized to access the partner application;
the partner application generating a token that associates the user with the partner application;
generating a signature for the token, the signature to enable the partner-enabled web service to independently regenerate the signature, the token comprising an identifier for the partner application enabling the partner-enabled web service to detect which partner application generates the token; and
sending the token with the signature to the browser client.
2 Assignments
0 Petitions
Accused Products
Abstract
The claimed subject matter provides a method for securing a partner-enabled web service. The method includes receiving a request to access the partner-enabled web service. The request is received from a browser client for a partner application. The browser client is associated with a user. Additionally, the method includes determining that the user is authorized to access the partner application. The method further includes generating a token that associates the user with the partner application. Also, the method includes sending the token to the browser client.
53 Citations
20 Claims
-
1. A method for securing a partner-enabled web service, comprising:
-
receiving a request, wherein the request comprises a canary value, to access the partner-enabled web service, wherein the request is received from a browser client for a partner application; determining that a user is authorized to access the partner application;
the partner application generating a token that associates the user with the partner application;generating a signature for the token, the signature to enable the partner-enabled web service to independently regenerate the signature, the token comprising an identifier for the partner application enabling the partner-enabled web service to detect which partner application generates the token; and sending the token with the signature to the browser client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for securing a partner-enabled web service, comprising:
-
a processing unit; and a system memory, wherein the system memory comprises code configured to direct the processing unit to; receive a request, wherein the request comprises a canary value to access the partner-enabled web service, wherein the request is received from a browser client for a partner application, wherein the browser client is associated with a user; determine that the user is authorized to access the partner application; generate a token, using the partner application, the token associating the user with the partner application, and the token comprising an identifier for the partner application enabling the partner-enabled web service to identify the partner application as generating the token; generate a signature for the token, the signature to enable the partner-enabled web service to independently regenerate the signature; and send the token with the signature to the browser client. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. One or more computer-readable storage memory, comprising code configured to direct a processing unit to:
-
receive a request to access a partner-enabled web service, wherein the request comprises a canary value and the request is received from a browser client for a partner application, wherein the browser client is associated with a user; determine that the user is authorized to access the partner application; generate a token that associates the user with the partner application, wherein the token comprises;
a shared secret of the partner application and the partner-enabled web service;
a user id of the user;
an identifier of the partner application enabling the partner-enabled web service to identify the partner application as generating the token; and
an issue time that the token is generated;generate a signature for the token, the signature to enable the partner-enabled web service to independently regenerate the signature; send the token with the signature to the browser client; and
encode the token using a one-way hashing algorithm. - View Dependent Claims (17, 18, 19, 20)
-
Specification