AUTHENTICATING A LIMITED INPUT DEVICE VIA AN AUTHENTICATED APPLICATION

摘要

A limited input device, such as a camera, is authenticated based on a request received from an authenticated application. The application can request an application server to provide the application with a one-time authorization code. The request includes the device identifier associated with the camera. The server stores an association between the one-time authorization code and the device identifier of the camera, and provides the application with the one-time authorization code. The application provides the camera with the one-time authorization code. The camera transmits a request for an access token to the server, the request for the access token including the one-time authorization code and the device identifier associated with the camera. The server verifies the device identifier associated with the camera with that associated with the one-time authorization code, and upon a positive verification authenticates the camera by providing the camera with the access token.

主权项

1. A system comprising:
a limited input device paired with an authenticated application executing on a first device, the limited input device configured to provide the authenticated application with a first device identifier to pair the limited input device with the authenticated application; and a computer program product comprising a computer-readable storage medium having instructions encoded thereon that, when executed by a processor, cause the processor to:
receive a request from the authenticated application for a one-time authorization code, the request comprising the first device identifier,store an association between the first device identifier and the one-time authorization code,transmit the one-time authorization code to the authenticated application,receive a request for an access token from the limited input device, the request comprising the one-time authorization code and a second device identifier;verify the validity of the one-time authorization code by determining if the second device identifier matches the first device identifier; andauthenticate, responsive to verification of the validity of the one-time authorization code, the limited input device by providing the limited input device with the access token.