Authorization token cache system and method
First Claim
Patent Images
1. A system, comprising:
- at least one processor to;
send an initialization message from an application to a token client, the initialization message comprising credentials information and token metadata;
cache the credentials information and the token metadata in a token cache and return a session identifier that maps to a cache key to retrieve the token metadata and the credentials information, wherein the token metadata comprises at least one service property used for obtaining an access token from a token service;
send a first access token request based on the credentials information and the token metadata;
receive a first access token response and retrieve a first access token from the first access token response using the token metadata;
cache the first access token in the token cache by associating the first access token with the cache key;
send a resource request for protected resources;
receive a resource response from a resource server, the resource response having a representation of the protected resources;
send, based on the resource response, the representation of the protected resources;
send the first access token request to a token service computer;
receive the first access token response from the token service computer;
receive by the token client the resource response from the resource server, the resource response indicating that the resource request is one of an unauthorized request and a bad request;
send a second access token request to the token service computer based on the credentials information and the token metadata;
receive a second access token response from the token service computer and retrieving a second access token from the second access token response using the token metadata; and
cache the second access token in the token cache by associating the second access token with the cache key.
1 Assignment
0 Petitions
Accused Products
Abstract
A system includes one or more processors to request access tokens from a token service computer, cache the access tokens and related information in a token cache, transmit the access tokens with a resource request to a resource server, and receive requested resources in response to the resource request. The resource server transmits representations of requested resources to computing devices having valid tokens. The access tokens and related information including credentials information and token metadata are stored in the token cache.
-
Citations
21 Claims
-
1. A system, comprising:
-
at least one processor to; send an initialization message from an application to a token client, the initialization message comprising credentials information and token metadata; cache the credentials information and the token metadata in a token cache and return a session identifier that maps to a cache key to retrieve the token metadata and the credentials information, wherein the token metadata comprises at least one service property used for obtaining an access token from a token service; send a first access token request based on the credentials information and the token metadata; receive a first access token response and retrieve a first access token from the first access token response using the token metadata; cache the first access token in the token cache by associating the first access token with the cache key; send a resource request for protected resources; receive a resource response from a resource server, the resource response having a representation of the protected resources; send, based on the resource response, the representation of the protected resources; send the first access token request to a token service computer; receive the first access token response from the token service computer; receive by the token client the resource response from the resource server, the resource response indicating that the resource request is one of an unauthorized request and a bad request; send a second access token request to the token service computer based on the credentials information and the token metadata; receive a second access token response from the token service computer and retrieving a second access token from the second access token response using the token metadata; and cache the second access token in the token cache by associating the second access token with the cache key.
-
-
2. A method, comprising:
-
sending, by at least one processor, an initialization message from an application to a token client, the initialization message comprising credentials information and token metadata; caching, by the at least one processor, the credentials information and the token metadata in a token cache and returning a session identifier that maps to a cache key to retrieve the token metadata and the credentials information, wherein the token metadata comprises at least one service property used for obtaining an access token from a token service; sending, by the at least one processor, a first access token request based on the credentials information and the token metadata; receiving, by the at least one processor, a first access token response and retrieving a first access token from the first access token response using the token metadata; caching, by the at least one processor, the first access token in the token cache by associating the first access token with the cache key; sending, by the at least one processor, a resource request for protected resources; receiving, by the at least one processor, a resource response from a resource server, the resource response having a representation of the protected resources; sending, based on the resource response, by the at least one processor, the representation of the protected resources; sending the first access token request to a token service computer; receiving the first access token response from the token service computer; receiving by the token client the resource response from the resource server, the resource response indicating that the resource request is one of an unauthorized request and a bad request; sending a second access token request to the token service computer based on the credentials information and the token metadata; receiving a second access token response from the token service computer and retrieving a second access token from the second access token response using the token metadata; and caching the second access token in the token cache by associating the second access token with the cache key. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable medium including instructions stored thereon that, when executed by at least one processor, cause the at least one processor to perform operations comprising:
-
sending an initialization message from an application to a token client, the initialization message comprising credentials information and token metadata; caching the credentials information and the token metadata in a token cache and returning a session identifier that maps to a cache key to retrieve the token metadata and the credentials information, wherein the token metadata comprises at least one service property used for obtaining an access token from a token service; sending a first access token request based on the credentials information and the token metadata; receiving a first access token response and retrieving a first access token from the first access token response using the token metadata; caching the first access token in the token cache by associating the first access token with the cache key; sending a resource request for protected resources; receiving a resource response from a resource server, the resource response having a representation of the protected resources; and sending, based on the resource response, the representation of the protected resources; sending the first access token request to a token service computer; receiving the first access token response from the token service computer; receiving by the token client the resource response from the resource server, the resource response indicating that the resource request is one of an unauthorized request and a bad request; sending a second access token request to the token service computer based on the credentials information and the token metadata; receiving a second access token response from the token service computer and retrieving a second access token from the second access token response using the token metadata; and caching the second access token in the token cache by associating the second access token with the cache key. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification