公开(公告)号：US10554643B2

公开(公告)日：2020-02-04

申请号：US14578090

申请日：2014-12-19

Applicant: Samsung Electronics Co., Ltd.

Inventor： Balaji Nerella Venkataramana ,  Kaushik Das ,  Satish Nanjunda Swamy Jamadagni ,  Prabhavathi Perumal

IPC: H04L29/06

Abstract: A method for authenticating a client application by an authorization server is provided. In the method, the authorization server transmits a first redirect identifier assigned to a client application to a web runtime engine, in response to receiving a registering request to register with the authorization server of the client application; receives an access request to access a protected resource stored on a resource server by the client application: and transmits the access request to the resource server through the web runtime engine using a second redirect identifier corresponding to a redirect endpoint of the client application. The second redirect identifier is intercepted by the web runtime engine, and the protected resource is accessed by the client application based on a comparing result between the first redirect identifier and the second redirect identifier in the web runtime engine.

公开(公告)号：US20150180850A1

公开(公告)日：2015-06-25

申请号：US14578090

申请日：2014-12-19

Applicant: Samsung Electronics Co., Ltd.

Inventor： Balaji Nerella Venkataramana ,  Kaushik Das ,  Satish Nanjunda Swamy Jamadagni ,  Prabhavathi Perumal

IPC: H04L29/06

CPC classification number: H04L63/08

Abstract: A method for authenticating a client application attempting to access a protected resource on a resource server includes receiving a request to access the protected resource at an authorization server. The request is received from the client application authorized by a resource owner of the protected resource. Further, the method includes redirecting the request to the resource server using a redirect identifier corresponding to a redirect endpoint of the client application. The redirect identifier is intercepted by a web run time engine prior to the redirect. Furthermore, the method includes determining a match between the intercepted redirect identifier and a pre-assigned redirect identifier with the client application stored at the web run time engine to authenticate the client application prior to providing access to the protected resource.

Abstract translation: 用于认证尝试访问资源服务器上的受保护资源的客户端应用程序的方法包括在授权服务器处接收访问受保护资源的请求。 从受保护资源的资源所有者授权的客户端应用程序接收请求。 此外，该方法包括使用与客户端应用的重定向端点相对应的重定向标识将请求重定向到资源服务器。 在重定向之前，重定向标识符被Web运行时引擎拦截。 此外，该方法包括确定所拦截的重定向标识符与预先分配的重定向标识符之间的匹配，其中存储在web运行时引擎上的客户端应用程序在提供对受保护资源的访问之前对客户端应用进行认证。