公开(公告)号：US20180167384A1

公开(公告)日：2018-06-14

申请号：US15376174

申请日：2016-12-12

Applicant: SAP SE

Inventor： Martin Raepple ,  Vladimir Savchenko ,  Milen Manov

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0853 ,  G06F21/335 ,  H04L63/0807 ,  H04L63/083 ,  H04L67/02

Abstract: A system receives a request from an in-browser application for an authorization code, creates a session that re-directs the in-browser application to an authorization server, and receives the authorization code from the authorization server by way of the in-browser application. The system requests an access token from the authorization server and receives the access token from the authorization server. The system then receives a request from the in-browser application for a resource, uses the access token to request the resource from a third-party resource server, and returns the resource to the in-browser application.

公开(公告)号：US10484385B2

公开(公告)日：2019-11-19

申请号：US14730235

申请日：2015-06-04

Applicant: SAP SE

Inventor： Milen Manov ,  Jasen Minov ,  Martin Raepple

IPC: H04L29/06 ,  G06F21/62

Abstract: A request from an application client is received at a protected application. The request includes an access token. A grant information associated with the received access token is retrieved. The grant information includes a plurality of intersecting scopes of rights granted to the application client. In another aspect, a session is established between the protected application and the application client. Furthermore, at least one scope of rights from the plurality of intersecting scopes of rights is determined to be mapped to at least one Application Programming Interface (API) from a number of APIs provided by the protected application.

公开(公告)号：US10230720B2

公开(公告)日：2019-03-12

申请号：US15376174

申请日：2016-12-12

Applicant: SAP SE

Inventor： Martin Raepple ,  Vladimir Savchenko ,  Milen Manov

IPC: G06F21/33 ,  H04L29/06 ,  H04L29/08

Abstract: A system receives a request from an in-browser application for an authorization code, creates a session that re-directs the in-browser application to an authorization server, and receives the authorization code from the authorization server by way of the in-browser application. The system requests an access token from the authorization server and receives the access token from the authorization server. The system then receives a request from the in-browser application for a resource, uses the access token to request the resource from a third-party resource server, and returns the resource to the in-browser application.