System and method of extending oauth server(s) with third party authentication/authorization

摘要

In accordance with various embodiments, systems and methods that provide for authorization of access to protected resources. Such a system can include a plurality of applications, executing on one or more application servers. The system can also include an authorization server which is operable to interface with one or more remote and/or non-co-located third party authentication servers. Each application can (a) receive a request for authorization to access a controlled resource; (b) redirect the request for authorization to a configurable authentication endpoint identifying a third party authentication server; (c) receive authorization information from the third party authorization server; and (d) issue an authorization code for access to the protected resource.

主权项

1. A system for enabling authorization of access to a protected resource utilizing a third party authentication service, the system comprising:
an authorization server, executing on one or more processors, wherein the authorization server is operable to control access of a plurality of applications to the protected resource; an authorization interface, at the authorization server, through which the authorization server can communicate with one or more authentication servers; wherein when a request to access the protected resource is received from a client application at the authorization server, the authorization server redirects the client application to an authentication endpoint specifying a third party authentication server remote from said authorization server; wherein in response to an authentication transaction conducted at the third party authentication server the authorization server issues an authorization code to the client application; and wherein the authorization server receives an authentication communication from said third party authentication server, and wherein said authorization server issues said authorization code to the client application in response to receiving said authentication communication.