Authenticating a limited input device via an authenticated application

US 9,942,229 B2
Filed: 10/01/2015
Issued: 04/10/2018
Est. Priority Date: 10/03/2014
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a camera paired with an authenticated application executing on a first device, the camera configured to provide the authenticated application with a first device identifier to pair the camera with the authenticated application, the authenticated application, when paired with the camera, configured to enable a user to control one or more camera functions by interacting with the authenticated application; and

a server comprising a computer-readable storage medium having instructions encoded thereon that, when executed by a processor, cause the server to;

receive a request from the authenticated application for a one-time authorization code, the request comprising the first device identifier, the authenticated application associated with a user account maintained by the server,store an association between the first device identifier and the one-time authorization code,transmit the one-time authorization code to the authenticated application,receive a request for an access token from the camera, the request comprising the one-time authorization code and a second device identifier;

verify the validity of the one-time authorization code by determining if the second device identifier matches the first device identifier;

authenticate, responsive to verification of the validity of the one-time authorization code, the camera by providing the camera with the access token and a corresponding refresh token;

associate the access token with the user account;

receive the access token and one or more images from the authenticated camera;

in response to determining that the received access token is valid, identify the user account associated with the received access token and store the one or more images in a portion of a memory associated with the user account; and

in response to determining that the received access token has expired and in response to receiving the refresh token from the authenticated camera, generating, by the application server, a new access token and a new refresh token and providing the new access token and the new refresh token to the authenticated camera.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A limited input device, such as a camera, is authenticated based on a request received from an authenticated application. The application can request an application server to provide the application with a one-time authorization code. The request includes the device identifier associated with the camera. The server stores an association between the one-time authorization code and the device identifier of the camera, and provides the application with the one-time authorization code. The application provides the camera with the one-time authorization code. The camera transmits a request for an access token to the server, the request for the access token including the one-time authorization code and the device identifier associated with the camera. The server verifies the device identifier associated with the camera with that associated with the one-time authorization code, and upon a positive verification authenticates the camera by providing the camera with the access token.

Citations

16 Claims

1. A system comprising:
- a camera paired with an authenticated application executing on a first device, the camera configured to provide the authenticated application with a first device identifier to pair the camera with the authenticated application, the authenticated application, when paired with the camera, configured to enable a user to control one or more camera functions by interacting with the authenticated application; and
  
  a server comprising a computer-readable storage medium having instructions encoded thereon that, when executed by a processor, cause the server to;
  
  receive a request from the authenticated application for a one-time authorization code, the request comprising the first device identifier, the authenticated application associated with a user account maintained by the server,store an association between the first device identifier and the one-time authorization code,transmit the one-time authorization code to the authenticated application,receive a request for an access token from the camera, the request comprising the one-time authorization code and a second device identifier;
  
  verify the validity of the one-time authorization code by determining if the second device identifier matches the first device identifier;
  
  authenticate, responsive to verification of the validity of the one-time authorization code, the camera by providing the camera with the access token and a corresponding refresh token;
  
  associate the access token with the user account;
  
  receive the access token and one or more images from the authenticated camera;
  
  in response to determining that the received access token is valid, identify the user account associated with the received access token and store the one or more images in a portion of a memory associated with the user account; and
  
  in response to determining that the received access token has expired and in response to receiving the refresh token from the authenticated camera, generating, by the application server, a new access token and a new refresh token and providing the new access token and the new refresh token to the authenticated camera.
- View Dependent Claims (2)
- - 2. The system of claim 1, wherein the instructions to verify the validity of the one-time authorization code further comprises instructions, that when executed, cause the server to:
    - determine if the one-time authorization code is received from the camera within a threshold period of time from when the one-time authorization code was provided to the authenticated application.

3. A method for authenticating a camera paired with an authenticated application, the camera and the authenticated application each communicatively coupled to an application server, the method comprising:
- receiving, at the application server, a request from the authenticated application for a one-time authorization code, the authenticated application associated with a user account maintained by the server and configured to enable a user to control one or more camera functions by interacting with the authenticated application;
  
  transmitting, by the application server and responsive to receiving the request for the one-time authorization code, the one-time authorization code to the authenticated application;
  
  receiving, by the application server, a request for an access token from the camera, the request comprising the one-time authorization code;
  
  verifying, by the application server, the validity of the one-time authorization code;
  
  authenticating, by the application server and responsive to an affirmative verification, the camera by providing the camera with the access token and a corresponding refresh token;
  
  associating, by the application server, the access token with the user account;
  
  receiving, by the application server, the access token and one or more images from the authenticated camera;
  
  in response to determining that the received access token is valid, identifying, by the application server, the user account associated with the received access token and storing the one or more images in a portion of a memory associated with the user account; and
  
  in response to determining that the received access token has expired and in response to receiving the refresh token from the authenticated camera, generating, by the application server, a new access token and a new refresh token and providing the new access token and the new refresh token to the authenticated camera.
- View Dependent Claims (4, 5, 6, 7, 8, 9)
- - 4. The method of claim 3, further comprising:
    - wherein the request for the one-time authorization code further comprises a first device identifier identifying the camera; and
      
      wherein the request for the access token further comprises a second device identifier.
  - 5. The method of claim 4, wherein verifying the validity of the one-time authorization code comprises:
    - determining if the first device identifier matches the second device identifier.
  - 6. The method of claim 3, wherein verifying the validity of the one-time authorization code comprises:
    - determining if the one-time authorization code is received from the camera within a threshold period of time from providing the one-time authorization code to the authenticated application.
  - 7. The method of claim 3, wherein the request for the one-time authorization code further comprises an authenticated application device identifier identifying the authenticated application and an authenticated application client secret value associated with a second authenticated application device identifier.
  - 8. The method of claim 7, further comprising providing the one-time authorization code to the authenticated application responsive to verifying that the authenticated application device identifier in the request for the one-time authorization code matches the second authenticated application device identifier identified by the application client secret value.
  - 9. The method of claim 3, further comprising:
    - receiving, from the camera, an authenticated request to link the camera to the user account, the request to link the camera comprising the access token and device information associated with the camera;
      
      identifying the user account associated with the access token; and
      
      linking the camera to the user account by generating an association between the identified user account and the device information associated with the camera.

10. A non-transitory computer-readable storage medium having instructions encoded thereon that, when executed by a processor of a server, causes the server to:
- receive a request from an authenticated application executing on a first device and paired with a camera for a one-time authorization code, the authenticated application associated with a user account maintained by the server and configured to enable a user to control one or more camera functions by interacting with the authenticated application;
  
  transmit, responsive to receiving the request for the one-time authorization code, the one-time authorization code to the authenticated application;
  
  receive a request for an access token from the camera, the request comprising the one-time authorization code;
  
  verify the validity of the one-time authorization code;
  
  authenticate, responsive to an affirmative verification, the camera by providing the camera with the access token and a corresponding refresh token;
  
  associate the access token with the user account;
  
  receive the access token and one or more images from the authenticated camera;
  
  in response to determining that the received access token is valid, identify the user account associated with the received access token and store the one or more images in a portion of a memory associated with the user account; and
  
  in response to determining that the received access token has expired and in response to receiving the refresh token from the authenticated camera, generate a new access token and a new refresh token and provide the new access token and the new refresh token to the authenticated camera.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The non-transitory computer readable storage medium of claim 10,wherein the request for the one-time authorization code further comprises a first device identifier identifying the camera;
    - andwherein the request for the access token further comprises a second device identifier.
  - 12. The non-transitory computer readable storage medium of claim 11, wherein instructions that cause the server to verify the validity of the one-time authorization code further comprises instructions that, when executed, cause the server to:
    - determine if the first device identifier matches the second device identifier.
  - 13. The non-transitory computer readable storage medium of claim 10, wherein instructions that cause the server to verify the validity of the one-time authorization code further comprises instructions that, when executed, cause the server to:
    - determine if the one-time authorization code is received from the camera within a threshold period of time from providing the one-time authorization code to the authenticated application.
  - 14. The non-transitory computer readable storage medium of claim 10, wherein the request for the one-time authorization code further comprises:
    - an authenticated application device identifier corresponding to an identification of the authenticated application, andan authenticated application client secret value associated with a second authenticated application device identifier.
  - 15. The non-transitory computer readable storage medium of claim 14, further comprising instructions that, when executed, cause the server to provide the one-time authorization code to the authenticated application responsive to verifying that the authenticated application device identifier in the request for the one-time authorization code matches the second authenticated application device identifier identified by the application client secret value.
  - 16. The non-transitory computer readable storage medium of claim 10, further comprising instructions that, when executed, cause the server to:
    - receive, from the camera, an authenticated request to link the camera to the user account, the request to link the camera comprising the access token and device information associated with the camera;
      
      identify the user account associated with the access token; and
      
      link the camera to the user account by generating an association between the identified user account and the device information associated with the camera.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GoPro, Inc.
Original Assignee
GoPro, Inc.
Inventors
Hein, Christopher
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Chao, Michael W

Application Number

US14/873,162
Publication Number

US 20160099941A1
Time in Patent Office

922 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/0884   by delegation of authentica...

H04L 63/102   Entity profiles

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/125   involving control of end-de...

H04N 23/66   Remote control of cameras o...

H04N 23/661   Transmitting camera control...

Authenticating a limited input device via an authenticated application

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating a limited input device via an authenticated application

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links