摘要 |
Techniques and tools for flexible authentication and authorization of services on a push framework. For example, a push notification framework allows services (social networking web services, etc.) to use either an authenticated access mode or an unauthenticated access mode, in order to push information to client devices (e.g., mobile devices). In the authenticated mode, the push framework requires registration of the service with the push framework before allowing the service to push notifications to client devices. Different authenticated modes are provided for third-party and first-party services. In the unauthenticated mode, registration is not required, but notifications are throttled, thereby limiting risk of abuse by unauthenticated services. This allows flexibility for services that use the push framework. |
主权项 |
1. In a computer system configured to authenticate services on a push notification framework (PNF), a method comprising:
receiving, by a PNF server, a request from one or more servers implementing a service to connect with the PNF to authenticate the service; providing, by the PNF server, to the service an authenticated mode on the PNF, the authenticated mode requiring registration of the service with the PNF; providing, by the PNF server, to the service an unauthenticated mode on the PNF, the unauthenticated mode allowing unregistered use of the PNF; receiving, by the PNF server, identifying information provided by the service, wherein the identifying information comprises a certificate for the service; selecting, by the PNF server, between the authenticated mode and the unauthenticated mode for the service based on the identifying information provided by the service; and based at least in part on the selected mode, providing, by the PNF server, subscription information to the service that permits the service to send push notifications to one or more client devices over a network, wherein:
an authenticated service communicates with the PNF server via a secure data transmission protocol and its authorization is controlled by the PNF server, andan unauthenticated service communicates with the PNF server via an un-secured data transmission protocol and is regulated by the PNF server by throttling notification flow from the service.
|