Systems and methods for authenticating an online user using a secure authorization server
First Claim
1. A secure authorization server for verifying an identity of an end-user, said secure authorization server programmed to:
- receive, from a computing client, an authentication request at an authorization component, wherein the authentication request includes a secure authentication request identifier and a first redirection uniform resource indicator (URI);
validate the authentication request at the authorization component by at least verifying that the secure authentication request identifier is valid;
generate an authorization code, wherein the authorization code includes at least the secure authentication request identifier;
transmit an authentication response from the authorization component to the computing client, wherein the authentication response includes the authorization code, wherein the authorization code represents a validation of the authentication request;
receive, from the computing client, a token request at a token component, wherein the token request includes the authorization code and a second redirection uniform resource indicator (URI);
validate the token request, at the token component, by matching the first redirection URI and the second redirection URI; and
transmit a token response from the token component to the computing client, wherein the token response includes an identification token associated with an authenticated session, an access token, and a lifetime in seconds of the access token.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure authorization server computer system for verifying an identity of an end-user is provided. The computer system is programmed to receive, from a computing client, an authentication request at an authorization component. The authentication request includes a secure authentication request identifier. The computer system is also programmed to validate the authentication request at the authorization component by validating the secure authentication request identifier. The computer system is further programmed to transmit an authentication response from the authorization component to the computing client. The authentication response includes an authorization code. The authorization code represents a validation of the authentication request.
23 Citations
21 Claims
-
1. A secure authorization server for verifying an identity of an end-user, said secure authorization server programmed to:
-
receive, from a computing client, an authentication request at an authorization component, wherein the authentication request includes a secure authentication request identifier and a first redirection uniform resource indicator (URI); validate the authentication request at the authorization component by at least verifying that the secure authentication request identifier is valid; generate an authorization code, wherein the authorization code includes at least the secure authentication request identifier; transmit an authentication response from the authorization component to the computing client, wherein the authentication response includes the authorization code, wherein the authorization code represents a validation of the authentication request; receive, from the computing client, a token request at a token component, wherein the token request includes the authorization code and a second redirection uniform resource indicator (URI); validate the token request, at the token component, by matching the first redirection URI and the second redirection URI; and transmit a token response from the token component to the computing client, wherein the token response includes an identification token associated with an authenticated session, an access token, and a lifetime in seconds of the access token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for verifying an identity of an end-user, said method implemented using a secure authorization computing device including at least one processor in communication with a memory, the secure authorization computing device in communication with a computing client, said method comprising:
-
receiving, from the computing client, an authentication request at an authorization component, wherein the authentication request includes a secure authentication request identifier and a first redirection uniform resource indicator (URI); validating the authentication request at the authorization component by at least verifying that the secure authentication request identifier is valid; generating an authorization code, wherein the authorization code includes at least the secure authentication request identifier; transmitting an authentication response from the authorization component to the computing client, wherein the authentication response includes the authorization code, wherein the authorization code represents a validation of the authentication request; receiving, from the computing client, a token request at a token component, wherein the token request includes the authorization code and a second redirection uniform resource indicator (URI); validating the token request, at the token component, by matching the first redirection URI and the second redirection URI; and transmitting a token response from the token component to the computing client, wherein the token response includes an identification token associated with an authenticated session, an access token, and a lifetime in seconds of the access token. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage media having computer-executable instructions embodied thereon for verifying an identity of an end-user, wherein when executed by at least one processor, the computer-executable instructions cause the processor to:
-
receive, from a computing client, an authentication request at an authorization component, wherein the authentication request includes a secure authentication request identifier and a first redirection uniform resource indicator (URI); validate the authentication request at the authorization component by at least verifying that the secure authentication request identifier is valid; generate an authorization code, wherein the authorization code includes at least the secure authentication request identifier; transmit an authentication response from the authorization component to the computing client, wherein the authentication response includes the authorization code, wherein the authorization code represents a validation of the authentication request; receive, from the computing client, a token request at a token component, wherein the token request includes the authorization code and a second redirection uniform resource indicator (URI); validate the token request, at the token component, by matching the first redirection URI and the second redirection URI; and transmit a token response from the token component to the computing client, wherein the token response includes an identification token associated with an authenticated session, an access token, and a lifetime in seconds of the access token. - View Dependent Claims (18, 19, 20, 21)
-
Specification