Using a session continuity token to access an online content management system

US 9,130,922 B2
Filed: 05/21/2013
Issued: 09/08/2015
Est. Priority Date: 12/10/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for allowing access to a content management system through different instances of an application, the method comprising:

receiving, at a third-party server, a request from a third party application to access an account on a content management system;

in response to the request, facilitating authentication between a user associated with the account and the content management system;

sending a link request to the content management system to link an account at the third-party server with the account at the content management system;

in response to the link request, receiving a session continuity token from the content management system at the third-party server;

storing the session continuity token at the third-party server;

receiving at the third party server a subsequent store request from a second instance of the third party application to store data located at the third party server to the content management system, wherein the second instance is also associated with the user and executes on at least one of a different browser or a different device than the first instance of the third party application;

storing the data from the third party server to the account in the content management system, wherein the session continuity token is used to authenticate access to the account at the content management system;

receiving, at the third-party server, a termination request to terminate access to the account at the content management system; and

in response to the termination request, invalidating the session continuity token.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed embodiments relate to a session continuity feature that allows a user to access an online content management system through different instances of a third-party application located on different computing devices without having to log in to the online content management system separately from each computing device. When the user signs on to the online content management system, the session continuity mechanism provides a session continuity token to the third-party system. When the user subsequently accesses an instance of the third-party application located on another computing device, the third-party system provides the session continuity token to the new instance of the third-party application. This enables the user to access the online content management system through the new instance of the third-party application without having to sign on again.

15 Citations

View as Search Results

24 Claims

1. A computer-implemented method for allowing access to a content management system through different instances of an application, the method comprising:
- receiving, at a third-party server, a request from a third party application to access an account on a content management system;
  
  in response to the request, facilitating authentication between a user associated with the account and the content management system;
  
  sending a link request to the content management system to link an account at the third-party server with the account at the content management system;
  
  in response to the link request, receiving a session continuity token from the content management system at the third-party server;
  
  storing the session continuity token at the third-party server;
  
  receiving at the third party server a subsequent store request from a second instance of the third party application to store data located at the third party server to the content management system, wherein the second instance is also associated with the user and executes on at least one of a different browser or a different device than the first instance of the third party application;
  
  storing the data from the third party server to the account in the content management system, wherein the session continuity token is used to authenticate access to the account at the content management system;
  
  receiving, at the third-party server, a termination request to terminate access to the account at the content management system; and
  
  in response to the termination request, invalidating the session continuity token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-implemented method of claim 1, further comprising:
    - wherein the third party application is an email application;
      
      wherein the email application includes an email specific storage widget that was received from the content management system;
      
      wherein receiving the request to access the account on the content management system involves receiving user input that activates the email specific storage widget;
      
      andwherein the subsequent store request stores an attachment from an email message in the second instance of the email application to the account in the content management system.
  - 3. The computer-implemented method of claim 1, wherein facilitating authentication between the user and the content management system only occurs when the third-party server does not have a valid session continuity token.
  - 4. The computer-implemented method of claim 1, wherein interaction with the content management system from the third-party application is handled by a widget executing within the third-party application.
  - 5. The computer-implemented method of claim 4, wherein the widget comprises program code that is compiled with native code of the third-party application.
  - 6. The computer-implemented method of claim 4, wherein the widget comprises HyperText Markup Language (HTML) code that is inserted into the third-party application.
  - 7. The computer-implemented method of claim 6, wherein the HTML code is received from the content management system.
  - 8. The computer-implemented method of claim 1, wherein the content management system is a online content management system.

9. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for allowing access to a content management system through different instances of an application, the method comprising:
- receiving, at a third-party server, a request from a third-party application to access an account on a content management system;
  
  in response to the request, facilitating authentication between a user associated with the account and the content management system;
  
  sending a link request to the content management system to link an account at the third-party server with the account at the content management system;
  
  in response to the link request, receiving a session continuity token from the content management system at the third-party server;
  
  storing the session continuity token at the third-party server;
  
  receiving at the third party server a subsequent store request from a second instance of the third party application to store data located at the third party server to the content management system, wherein the second instance is also associated with the user and executes on at least one of a different browser or a different device than the first instance of the third party application;
  
  storing the data from the third party server to the account in the content management system, wherein the session continuity token is used to authenticate access to the account at the content management system;
  
  receiving, at the third-party application, a termination request to terminate access to the account at the content management system; and
  
  in response to the termination request, invalidating the session continuity token.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The non-transitory computer-readable storage medium of claim 9, wherein the method further comprises:
    - wherein the third party application is an email application;
      
      wherein the email application includes an email specific storage widget that was received from the content management system;
      
      wherein receiving the request to access the account on the content management system involves receiving user input that activates the email specific storage widget;
      
      andwherein the subsequent store request stores an attachment from an email message in the second instance of the email application to the account in the content management system.
  - 11. The non-transitory computer-readable storage medium of claim 9, wherein the method further comprises:
    - in response to the termination request, replacing the session continuity token with a generic token that facilitates re-authentication upon subsequent access attempts.
  - 12. The non-transitory computer-readable storage medium of claim 9:
    - wherein interaction with the content management system from the third-party application is handled by a widget executing within the third-party application; and
      
      wherein the widget comprises platform-independent program code that is inserted into the third-party application.
  - 13. The non-transitory computer-readable storage medium of claim 12, wherein the platform-independent code is received from a provider of the content management system.
  - 14. The non-transitory computer-readable storage medium of claim 9, wherein the content management system is a web-enabled content management system.

15. An apparatus configured to allow access to a content management system through different instances of an application, comprising:
- a memory;
  
  a processor;
  
  wherein the memory and the processor collectively comprise;
  
  a receiving mechanism configured to receive a request from a third party application to access an account on a content management system;
  
  an authentication mechanism configured to facilitate authentication between a user associated with the account and the content management system in response to the request;
  
  a sending mechanism configured to send a link request to the content management system to link an account at the third-party server with the account at the content management system;
  
  wherein the receiving mechanism is further configured to receive a session continuity token from the content management system in response to the link request; and
  
  a storage mechanism configured to store the session continuity token;
  
  wherein the receiving mechanism is further configured to receive a subsequent store request from a second instance of the third party application to store data located in the storage mechanism to the content management system, wherein the second instance is also associated with the user and executes on at least one of a different browser or a different device than the first instance of the third party application; and
  
  wherein the sending mechanism is further configured to send the data to be stored from the apparatus to the account in the content management system, wherein the session continuity token is used to authenticate access to the account at the content management system;
  
  wherein the receiving mechanism is further configured to receive a termination request to terminate access to the account at the content management system; and
  
  wherein the receiving mechanism is further configured to, in response to the termination request, invalidate the session continuity token.
- View Dependent Claims (16, 17, 18)
- - 16. The apparatus of claim 15, further comprising:
    - the receiving mechanism further configured to receive, through a second instance of the third-party application, a new request to access the account at the content management system; and
      
      wherein the authentication mechanism is further configured to;
      
      retrieve the session continuity token,pass the session continuity token to the content management system, andreceive access to the account at the content management system, in response to the new request.
  - 17. The apparatus of claim 15, further comprising:
    - wherein the storage mechanism is configured to invalidate the session continuity token by deleting the session continuity token in response to the termination request.
  - 18. The apparatus of claim 15, wherein interaction with the content management system from the third-party application is handled by an Application Programming Interface (API) call from the third-party application.

19. A computer-implemented method for allowing access to a content management system through different instances of an application, the method comprising:
- receiving, at a content management system from a third-party server, a request from a third party application to access an account on the content management system;
  
  in response to the request, facilitating authentication between a user associated with the account and the third-party server;
  
  receiving a link request at the content management system to link an account at the third-party server with the account at the content management system;
  
  in response to the link request, sending a session continuity token to the third-party server;
  
  receiving a subsequent request from the third party server to store data located at the third party server to the content management system, wherein the subsequent request is initiated in response to a store request initiated by a second instance of the third party application, wherein the second instance of the third party application executes on at least one of a different browser or a different device than the first instance of the third party application, wherein the subsequent request includes the data to be stored and the session continuity token;
  
  using the session continuity token to authenticate access to the account at the content management system; and
  
  storing the data from the third party server to the account;
  
  wherein the third party server subsequently receives a termination request to terminate access to the account at the content management system; and
  
  wherein, in response to the termination request, the third party server initiates the invalidation of the session continuity token.
- View Dependent Claims (20)
- - 20. The computer-implemented method of claim 19, further comprising:
    - wherein the third party application is an email application;
      
      wherein the email application includes an email specific storage widget that was received from the content management system;
      
      wherein receiving the request to access the account on the content management system involves receiving user input that activates the email specific storage widget;
      
      andwherein the subsequent request stores an attachment from an email message in the second instance of the email application to the account.

21. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for allowing access to a content management system through different instances of an application, the method comprising:
- receiving, at a content management system from a third-party server, a request from a third-party application to access an account on the content management system;
  
  in response to the request, facilitating authentication between a user associated with the account and the third-party server;
  
  receiving a link request at the content management system to link an account at the third-party server with the account at the content management system;
  
  in response to the link request, sending a session continuity token to the third-party server;
  
  receiving a subsequent request from the third party server to store data located at the third party server to the content management system, wherein the subsequent request is initiated in response to a store request initiated by a second instance of the third party application, wherein the second instance of the third party application executes on at least one of a different browser or a different device than the first instance of the third party application, wherein the subsequent request includes the data to be stored and the session continuity token;
  
  using the session continuity token to authenticate access to the account at the content management system; and
  
  storing the data from the third party server to the account at the content management system;
  
  wherein the third party application subsequently receives a termination request to terminate access to the account at the content management system; and
  
  wherein, in response to the termination request, the third party application initiates the invalidation of the session continuity token.
- View Dependent Claims (22)
- - 22. The non-transitory computer-readable storage medium of claim 21, further comprising:
    - wherein the third party application is an email application;
      
      wherein the email application includes an email specific storage widget that was received from the content management system;
      
      wherein receiving the request to access the account on the content management system involves receiving user input that activates the email specific storage widget;
      
      andwherein the subsequent request stores an attachment from an email message in the second instance of the email application to the account.

23. An apparatus configured to allow access to a content management system through different instances of an application, comprising:
- a memory;
  
  a processor;
  
  wherein the memory and the processor collectively comprise;
  
  a receiving mechanism configured to receive, at a content management system from a third-party server, a request from a third party application to access an account on the content management system;
  
  an authentication mechanism configured to facilitate authentication between a user associated with the account and the third-party server in response to the request;
  
  wherein the receiving mechanism is further configured to receive a link request at the content management system to link an account at the third-party server with the account at the content management system; and
  
  a sending mechanism configured to send a session continuity token to the third-party server in response to the link request;
  
  wherein the receiving mechanism is further configured to receive a subsequent store request from the third party server to store data located at the third party server to the content management system, wherein the subsequent request is initiated in response to a store request initiated by a second instance of the third party application, wherein the second instance of the third party application executes on at least one of a different browser or a different device than the first instance of the third party application, wherein the subsequent request includes the data to be stored and the session continuity token;
  
  wherein the authentication mechanism is further configured to use the session continuity token to authenticate access to the account at the content management system;
  
  wherein the receiving mechanism is further configured to store the data from the third party server to the account at the content management system;
  
  wherein the third party server subsequently receives a termination request to terminate access to the account at the content management system; and
  
  wherein, in response to the termination request, the third party server initiates the invalidation of the session continuity token.
- View Dependent Claims (24)
- - 24. The apparatus of claim 23, further comprising:
    - wherein the third party application is an email application;
      
      wherein the email application includes an email specific storage widget that was received from the content management system;
      
      wherein receiving the request to access the account on the content management system involves receiving user input that activates the email specific storage widget;
      
      andwherein the subsequent request stores an attachment from an email message in the second instance of the email application to the account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dropbox, Inc.
Original Assignee
Dropbox, Inc.
Inventors
Fushman, Ilya, Lynch, Sean
Primary Examiner(s)
HO, DAO Q

Application Number

US13/898,873
Publication Number

US 20140165156A1
Time in Patent Office

840 Days
Field of Search

726/4, 726/8
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 65/1083   In-session procedures

H04L 65/612   for unicast

Using a session continuity token to access an online content management system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Using a session continuity token to access an online content management system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links