Synchronizing authentication sessions between applications

摘要

Disclosed are various embodiments for synchronizing authentication sessions between applications. In one embodiment, a first authentication token is received from a first application in response to determining that the first application is authenticated with a service provider. A second authentication token is requested from a token exchange service associated with the service provider. The second authentication token is requested using the first authentication token. The second application is configured to use the second authentication token in order to access a resource of the service provider.

主权项

1. A non-transitory computer-readable medium embodying at least one code section executable in a computing device, comprising:
code that launches a browser embedded in a native application, the native application being registered for a user account to access resources of a service provider using a registration authentication token; code that intercepts an access by the browser of a predetermined uniform resource locator (URL) of the service provider, the predetermined URL corresponding to a sign-on interface configured to elicit a security credential for the user account; code that requests a browser authentication token from a token exchange service operated by the service provider using the registration authentication token, the browser authentication token being requested without eliciting the security credential from a user of the computing device; code that provides the browser authentication token to the browser, wherein the code that provides the browser authentication token to the browser is configured to set a cookie for the browser, the cookie including the browser authentication token; code that configures the browser to access a destination URL of the service provider in place of the predetermined URL, wherein the browser is configured to employ the browser authentication token to access the destination URL; and wherein the code that intercepts, the code that requests, the code that provides, and the code that configures are implemented in an authentication management library loaded by the native application.