Stateless and secure authentication

摘要

Authenticated requests can be sent without requiring the requests to include or potentially expose secret information used for the authentication process. A client device use a security credential such as a key to sign a request to be sent to a recipient. When the request is received, the recipient determines whether the request was signed using the correct key for the sender. In some embodiments a client token is included with the request that statelessly encodes the key, enabling a recipient capable of decoding the client token to determine the key and compare that key to the signature of the request. The sender can store the secret information in a secure location, such as a browser security module, such that the secret information is not exposed to the browser or script executing on the client device.

主权项

1. A computer-implemented method of authenticating Web browser access to Web resources, comprising:
under control of one or more computer systems configured with executable instructions, receiving a request from a user of a Web browser on a client device to access a Web service; causing the Web browser to contact an authentication service to obtain a set of security credentials enabling the client device to access the Web service, the set of security credentials including a key, and to obtain interpretable first content to be interpreted on the client device, wherein the key is obtained from the authentication service through use of a fragment of a link provided to the client device; causing the key to be stored in local storage on the client device by executing the interpretable first content; causing the client device to contact a content server for the Web service, the content server providing interpretable second content to be interpreted on the client device to enable the client device to interact with the Web service, the client device contacting the content server without sending the key to the content server, wherein the interpretable second content is prevented from accessing the local storage; causing a message to be generated that is to be sent to the Web service, wherein the message is generated by executing the interpretable second content; canonicalizinq the message before signing of the message; causing the message to be signed using the key and further based on executing the interpretable second content, to yield a signed message; and causing the client device to send the signed message to the Web service based on the interpretable second content, wherein the Web service obtains a copy of the key separate from the signed message, wherein the Web service is able to verify an identity of a user agent associated with the signed message by determining that the message is signed using the key.