US2015249659A1PendingUtilityA1

Authorization flow initiation using short-term wireless communication

Assignee: GOOGLE INCPriority: Feb 5, 2013Filed: May 15, 2015Published: Sep 3, 2015
Est. expiryFeb 5, 2033(~6.6 yrs left)· nominal 20-yr term from priority
H04L 63/0815H04L 67/10H04L 63/08H04L 63/10H04L 63/0884H04L 63/18H04L 63/0807H04L 63/0853H04W 12/06H04L 63/0492H04L 63/083H04W 12/08H04W 12/082H04W 12/084
51
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In general, aspects of the disclosure are directed towards techniques for initiating an authorization flow with a user to enable a user interface-limited client computing device to obtain access to protected resources hosted by a resource service. In some aspects, a computing device comprises at least one processor. The computing device also comprises a short-range wireless communication module operable by the at least one processor to receive, using short-range wireless communication, an authentication request from a client device. The computing device also comprises an authorization module operable by the at least one processor to receive authorization to provide at least one security credential to the client device, wherein the authorization module is further configured to, responsive to receiving the authorization, send an indication of the authorization to an authentication service.

Claims

exact text as granted — not AI-modified
1 - 20 . (canceled) 
     
     
         21 . A method comprising:
 receiving, by a mobile computing device from a client device and using short-range wireless communication, an authorization request for authorization to exchange information with a resource service that hosts a protected resource;   receiving, at an input device operably coupled to the mobile computing device, authorization to provide at least one security credential to the client device; and   sending, by the mobile computing device to an authorization service and in response to receiving the authorization, an indication of the authorization to provide at least one security credential to the client device.   
     
     
         22 . The method of  claim 21 , further comprising:
 prior to receiving the authorization request from the client device, establishing, by the mobile computing device and with the client device, a short-range wireless communication pathway,   wherein receiving the authorization request comprises receiving, by the mobile computing device from the client device via the short-range wireless communication pathway, the authorization request.   
     
     
         23 . The method of  claim 21 , further comprising:
 receiving, by the mobile computing device and from the authorization service, the at least one security credential, wherein the at least one security credential provides the client device with access to exchange information with the resource service that hosts the protected resource associated with the at least one security credential; and   responsive to receiving the at least one security credential, sending, by the mobile computing device, the at least one security credential to the client device.   
     
     
         24 . The method of  claim 23 , wherein sending, by the mobile computing device, the at least one security credential to the client device comprises sending the at least one security credential to the client device using a short-range wireless communication pathway. 
     
     
         25 . The method of  claim 23 , wherein the protected resource comprises one of a digital file, user profile information, and a user account. 
     
     
         26 . The method of  claim 21 , further comprising:
 outputting, by the mobile computing device and for display at the presence-sensitive screen operatively coupled to the mobile computing device, a prompt requesting that a user grant the authorization request,   wherein receiving, at the input device operably coupled to the mobile computing device, the authorization to provide at least one security credential to the client device comprises receiving the authorization at the presence-sensitive screen.   
     
     
         27 . The method of  claim 21 , wherein the authorization request comprises a redirection Uniform Resource Identifier, the method further comprising:
 outputting, by the mobile computing device and for display at a presence-sensitive screen operatively coupled to the mobile computing device, a resource identified by the Uniform Resource Identifier.   
     
     
         28 . The method of  claim 21 , further comprising:
 receiving, by the mobile computing device and from the authorization service, an authorization code; and   responsive to receiving the authorization code, sending, by the mobile computing device, the authorization code to the client device.   
     
     
         29 . The method of  claim 28 , wherein sending, by the mobile computing device, the authorization code comprises sending the authorization code to the client device via the short-range wireless communication pathway. 
     
     
         30 . The method of  claim 21 , wherein the short-range wireless communication comprises one of Near-Field Communication and Bluetooth. 
     
     
         31 . A method comprising:
 sending, by a client device to a mobile computing device and using short-range wireless communication, an authorization request for authorization to exchange information with a resource service that hosts a protected resource; and   receiving, by the client device and responsive to the authorization request, at least one security credential originated by an authorization service, wherein the at least one security credential provides the client device with the authorization to exchange information with the resource service that hosts the protected resource, the protected resource associated with the at least one security credential.   
     
     
         32 . The method of  claim 31 , further comprising:
 presenting, by the client device, a prompt to locate the mobile computing device within a defined range of a tag device of the client device.   
     
     
         33 . The method of  claim 31 , wherein sending, by the client device and using short-range wireless communication, the authorization request to the mobile computing device comprises sending the authorization request responsive to detecting the mobile computing device is located within a defined range of the tag device of the client device. 
     
     
         34 . The method of  claim 31 , further comprising:
 sending, by the client device, the at least one security credential to the resource service to authorize the client device to exchange information with the resource service; and   accessing, by the client device, the protected resource.   
     
     
         35 . A client device comprising:
 at least one processor;   a short-range wireless communication unit to send, to a mobile computing device and using short-range wireless communication, an authorization request for authorization to exchange information with a resource service that hosts a protected resource; and   an authorization service interface module operable by the at least one processor to receive, responsive to the authorization request, at least one security credential originated by an authorization service, wherein the at least one security credential provides the client device with the authorization to exchange information with the resource service that hosts the protected resource, the protected resource associated with the at least one security credential.   
     
     
         36 . The client device of  claim 35 , wherein the short-range wireless communication unit comprises a tag device, the client device further comprising:
 a user interface device; and   a user interface device module operable by the at least one processor to present, at the user interface device, a prompt to locate the mobile computing device within a defined range of the tag device.   
     
     
         37 . The client device of  claim 35 , wherein to send the authorization request to the mobile computing device the short-range wireless communication unit is further operable by the at least one processor to send the authorization request responsive to the tag device detecting the mobile computing device is located within a defined range of the tag device. 
     
     
         38 . The client device of  claim 35 , further comprising:
 a resource service interface operable by the at least one processor to send the at least one security credential to the resource service to authorize the client device to exchange information with the resource service,   wherein the resource service interface is further operable by the at least one processor to access the protected resource.   
     
     
         39 . The client device of  claim 35 , wherein the at least one security credential comprises one of an access token and a refresh token. 
     
     
         40 . The client device of  claim 35 , wherein the short-range wireless communication comprises one of Near-Field Communication and Bluetooth.

Join the waitlist — get patent alerts

Track US2015249659A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.