Propagating delegated authorized credentials through legacy systems
First Claim
1. A method implemented by an information handling system comprising:
- receiving, over an electronic data channel, a delegated access token from a requesting client application, the delegated access token including references to a resource owner, a client application and a scope, wherein the client application is acting on behalf of a resource owner, wherein the client application received the delegated access token from the resource owner, and wherein the request is designated to a legacy system;
validating the delegated access token; and
in response to a successful validation;
transforming the delegated access token into one or more legacy access tokens; and
transmitting at least one of the one or more legacy access tokens to the legacy system.
1 Assignment
0 Petitions
Accused Products
Abstract
An approach is provided to access resources at legacy systems. In this approach, a resource request destined to a legacy system is receiving from a requestor with the resource request including an access token and being on behalf of a resource owner. A validation process is performed on the access token. If the access token is valid, the approach identifies the resource owner and one or more legacy access tokens used to access the legacy system. Another request is formed with the new request including the legacy access tokens. The new request is transmitted to the legacy system and a response is received back from the legacy system. The response received from the legacy system is transmitted back to the requestor.
36 Citations
21 Claims
-
1. A method implemented by an information handling system comprising:
-
receiving, over an electronic data channel, a delegated access token from a requesting client application, the delegated access token including references to a resource owner, a client application and a scope, wherein the client application is acting on behalf of a resource owner, wherein the client application received the delegated access token from the resource owner, and wherein the request is designated to a legacy system; validating the delegated access token; and in response to a successful validation; transforming the delegated access token into one or more legacy access tokens; and transmitting at least one of the one or more legacy access tokens to the legacy system. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An information handling system comprising:
-
one or more processors; a memory coupled to at least one of the processors; a network adapter that connects the information handling system to a computer network; and a set of instructions stored in the memory and executed by at least one of the processors, wherein the set of instructions perform actions of; receiving, over an electronic data channel, a delegated access token from a requesting client application, the delegated access token including references to a resource owner, a client application and a scope, wherein the client application is acting on behalf of a resource owner, wherein the client application received the delegated access token from the resource owner, and wherein the request is designated to a legacy system; validating the delegated access token; and in response to a successful validation; transforming the delegated access token into one or more legacy access tokens; and transmitting at least one of the one or more legacy access tokens to a legacy system. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product stored in a non-transitory computer readable storage medium, comprising computer instructions that, when executed by an information handling system, causes the information handling system to perform actions that include:
-
receiving, over an electronic data channel, a delegated access token from a requesting client application, the delegated access token including references to a resource owner, a client application and a scope, wherein the client application is acting on behalf of a resource owner, wherein the client application received the delegated access token from the resource owner, and wherein the request is designated to a legacy system; validating the delegated access token; and in response to a successful validation; transforming the delegated access token into one or more legacy access tokens; and transmitting at least one of the one or more legacy access tokens to a legacy system. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A method implemented by an information handling system comprising:
-
receiving, from a requestor, a first resource request destined to a legacy system, wherein the first resource request includes a delegated access token from a requesting client application, the delegated access token including references to a resource owner, a client application and a scope, wherein the requesting client application is acting on behalf of a resource owner, wherein the client application received the delegated access token from the resource owner; performing a validation process on the delegated access token; and
in response to the delegated access token being valid;identifying the resource owner corresponding to the delegated access token; transforming the delegated access token into one or more legacy access tokens; forming a second resource request that includes at least one of the one or more legacy access tokens; transmitting the second resource request to the legacy system;
receiving a response from the legacy system; andtransmitting the response to the requestor.
-
-
20. A method implemented by an information handling system comprising:
-
receiving, over an electronic data channel, a delegated access token with a request from a requesting client application, the delegated access token including references to a resource owner, a client application and a scope, wherein the client application is acting on behalf of the resource owner, wherein the client application received the delegated access token from the resource owner, and wherein the request is designated to a legacy system; validating the delegated access token; and in response to a successful validation and receipt of the delegated access token;
selecting one of a plurality of legacy access tokens, wherein the selected legacy access token corresponds to the delegated access token and is of an appropriate format for the legacy system for which the request is directed; andtransmitting the selected legacy access token to the legacy system. - View Dependent Claims (21)
-
Specification