Passporting credentials between a mobile app and a web browser

US 9,736,141 B2
Filed: 09/02/2016
Issued: 08/15/2017
Est. Priority Date: 06/17/2011
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a non-transitory memory; and

one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;

in response to receiving a user selection of an application and authentication credentials associated with the application, transmitting the authentication credentials to a server to request a session token;

in response to receiving the session token, initiating a device session between the application and the server based on the session token;

displaying a user interface (UI) of the application for the device session;

in response to the application launching a web view within the application, providing the session token and a web address to the web view;

transmitting the session token and the web address from the web view to a Common Gateway Interface (CGI) to authenticate a web session between the web view and the CGI that continues the device session;

displaying a web flow on the web view for the web session without requiring the authentication credentials;

in response to receiving a user selection of a button for returning to the UI of the application, resuming the device session based on the session token; and

displaying the UI of the application for the resumed device session.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for passporting credentials provide a mechanism by which a native app on a client device can invoke a service provider'"'"'s core web site web addresses (URL) while keeping the existing session active and shared between the two experiences (native app and web flow) so that the end user does not need to re-login at each context switch. The mechanism can include a unique way for the web flow context to communicate conditions and pass control back to the native app context of the shared session.

Citations

20 Claims

1. A system, comprising:
- a non-transitory memory; and
  
  one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;
  
  in response to receiving a user selection of an application and authentication credentials associated with the application, transmitting the authentication credentials to a server to request a session token;
  
  in response to receiving the session token, initiating a device session between the application and the server based on the session token;
  
  displaying a user interface (UI) of the application for the device session;
  
  in response to the application launching a web view within the application, providing the session token and a web address to the web view;
  
  transmitting the session token and the web address from the web view to a Common Gateway Interface (CGI) to authenticate a web session between the web view and the CGI that continues the device session;
  
  displaying a web flow on the web view for the web session without requiring the authentication credentials;
  
  in response to receiving a user selection of a button for returning to the UI of the application, resuming the device session based on the session token; and
  
  displaying the UI of the application for the resumed device session.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the authentication credentials comprise login information, wherein receiving the authentication credentials comprises receiving user input of the login information on a display.
  - 3. The system of claim 1, wherein the operations further comprise:
    - in response to a user interaction with the UI of the application, transmitting an application programming interface (API) call from the application to the server, wherein the API call is authenticated based on the session token; and
      
      refreshing the session token when the API call is transmitted to the server.
  - 4. The system of claim 1, wherein the operations further comprise:
    - in response to a user interaction with the web flow, transmitting a uniform resource locator (URL) request from the web view; and
      
      refreshing the session token based on transmitting the URL request.
  - 5. The system of claim 4, wherein refreshing the session token is based on determining the URL request is transmitted within a token expiration time of the session token.
  - 6. The system of claim 1, wherein the operations further comprise:
    - providing a communication back from the web view to the application; and
      
      refreshing the session token based on the communication back.
  - 7. The system of claim 1, wherein the session token is provided to the web view in place of the authentication credentials such that the web session is authenticated based on the session token and without requesting the authentication credentials.

8. A method, comprising:
- in response to receiving a user selection of an application and authentication credentials associated with the application, initiating a device session between the application and a server by;
  
  transmitting the authentication credentials to the server; and
  
  receiving a session token for the device session from the server;
  
  presenting a user interface (UI) of the application for the device session on a user device;
  
  in response to the application launching a web view as a part of the application, initiating a web session that continues from the device session by;
  
  providing the session token and a web address to the web view; and
  
  transmitting the session token and the web address from the web view to a Common Gateway Interface (CGI) to authenticate the web session between the web view and the CGI;
  
  presenting a web flow on the web view for the web session on the user device without requiring the authentication credentials;
  
  in response to receiving a user selection for returning to the UI of the application, resuming the device session based on the session token; and
  
  presenting the UI of the application for the resumed device session on the user device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the authentication credentials comprise login information, wherein the receiving the authentication credentials comprises receiving user input of the login information.
  - 10. The method of claim 8, wherein presenting the UI of the application comprises:
    - transmitting an application programming interface (API) call from the application to the server, wherein the API call is authenticated based on the session token; and
      
      refreshing the session token based on transmitting the API call.
  - 11. The method of claim 8, wherein presenting the web flow comprises:
    - monitoring uniform resource locator (URL) requests transmitted from the web view; and
      
      refreshing the session token based on the monitoring.
  - 12. The method of claim 11, wherein refreshing the session token is based on determining each of the URL requests is transmitted within a token expiration time of the session token.
  - 13. The method of claim 8, wherein the operations further comprise:
    - providing a communication back from the web view to the application; and
      
      refreshing the session token during the web flow based on the communication back.
  - 14. The method of claim 8, wherein the session token is provided to the web view in place of the authentication credentials such that the web session is authenticated based on the session token and without requesting the authentication credentials.

15. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
- determining authentication credentials associated with an application;
  
  in response to determining the authentication credentials, initiating a device session between the application and a server by;
  
  transmitting the authentication credentials to the server; and
  
  receiving a session token for the device session from the server;
  
  presenting a user interface (UI) of the application for the device session;
  
  in response to the application launching a web view as a part of the application, initiating a web session that continues from the device session by;
  
  providing the session token and a web address to the web view; and
  
  transmitting the session token and the web address from the web view to a Common Gateway Interface (CGI) to authenticate the web session between the web view and the CGI;
  
  presenting a web flow on the web view for the web session without requiring the authentication credentials;
  
  in response to receiving a user selection to return to the UI of the application, resuming the device session based on the session token; and
  
  presenting the UI of the application for the resumed device session.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory machine-readable medium of claim 15, wherein the authentication credentials comprise login information, wherein determining the authentication credentials is based on receiving user input of the login information.
  - 17. The non-transitory machine-readable medium of claim 15, wherein the operations further comprise:
    - authenticating an application programming interface (API) call transmitted from the application to the server using the session token; and
      
      refreshing the session token when the API call is transmitted from the application to the server.
  - 18. The non-transitory machine-readable medium of claim 15, wherein the operations further comprise:
    - monitoring uniform resource locator (URL) requests transmitted from the web view during the web flow; and
      
      refreshing the session token during the web flow based on the monitoring.
  - 19. The non-transitory machine-readable medium of claim 18, wherein refreshing the session token is based on determining each of the URL requests is transmitted within a token expiration time of the session token.
  - 20. The non-transitory machine-readable medium of claim 15, wherein the operations further comprise:
    - providing a communication back from the web view to the application; and
      
      refreshing the session token during the web flow based on the communication back.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Yefimov, Igor, Atwood, Scott
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US15/256,204
Publication Number

US 20160373427A1
Time in Patent Office

347 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 63/0853   using an additional device,...

H04L 67/00   Network arrangements or pro...

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/04   specially adapted for termi...

H04L 67/146   Markers for unambiguous ide...

H04L 9/3234   involving additional secure...

H04W 12/06   Authentication

H04W 12/062   Pre-authentication

H04W 4/00   Services specially adapted ...

Passporting credentials between a mobile app and a web browser

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Passporting credentials between a mobile app and a web browser

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links