Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Drupal×Auth0 開発レスでセキュアなID管理を試してみた! / 20200214
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
アクイアジャパン Acquia Japan
February 14, 2020
Programming
0
370
Drupal×Auth0 開発レスでセキュアなID管理を試してみた! / 20200214
https://drupal-meetup-haneda.connpass.com/event/162496/
アクイアジャパン Acquia Japan
February 14, 2020
Tweet
Share
More Decks by アクイアジャパン Acquia Japan
See All by アクイアジャパン Acquia Japan
Auth0 by OktaとDrupalで実践!認証付きアプリケーションの新しいアプローチ
acquiajp
0
190
Drupal 10.3の新機能紹介ウェビナー
acquiajp
0
240
DrupalCon Portland 2024 総まとめウェビナー
acquiajp
0
93
開発者必見!Acquia Cloud IDEで最高のDrupal開発を始めよう
acquiajp
0
170
触って学ぶ!デジタルアセット管理 Acquia DAM ハンズオンウェビナー
acquiajp
0
36
DrupalCon Lille 2023 総まとめウェビナー
acquiajp
0
64
コンテンツ設計手法で変更に強いアプリケーションを実現する〜ローコードによるWebアプリのバックエンド実装 #CNDF2023
acquiajp
0
380
DrupalCon Pittsburgh 2023 総まとめウェビナー
acquiajp
0
91
Acquia製品概要&Site Studioデモのご紹介
acquiajp
0
110
Other Decks in Programming
See All in Programming
CSC307 Lecture 09
javiergs
PRO
1
830
AI Schema Enrichment for your Oracle AI Database
thatjeffsmith
0
250
MUSUBIXとは
nahisaho
0
130
Apache Iceberg V3 and migration to V3
tomtanaka
0
150
React 19でつくる「気持ちいいUI」- 楽観的UIのすすめ
himorishige
11
5.9k
360° Signals in Angular: Signal Forms with SignalStore & Resources @ngLondon 01/2026
manfredsteyer
PRO
0
110
CSC307 Lecture 03
javiergs
PRO
1
490
AI & Enginnering
codelynx
0
110
例外処理とどう使い分ける?Result型を使ったエラー設計 #burikaigi
kajitack
16
6k
CSC307 Lecture 04
javiergs
PRO
0
650
FOSDEM 2026: STUNMESH-go: Building P2P WireGuard Mesh Without Self-Hosted Infrastructure
tjjh89017
0
150
Fragmented Architectures
denyspoltorak
0
150
Featured
See All Featured
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
55
Mind Mapping
helmedeiros
PRO
0
76
A better future with KSS
kneath
240
18k
How to Talk to Developers About Accessibility
jct
2
130
Making Projects Easy
brettharned
120
6.6k
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
170
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
220
Fireside Chat
paigeccino
41
3.8k
[RailsConf 2023] Rails as a piece of cake
palkan
59
6.3k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
170
Optimizing for Happiness
mojombo
379
71k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
1
49
Transcript
Drupal×Auth0 ։ൃϨεͰηΩϡΞͳ IDཧΛࢼͯ͠Έͨʂ ؙࢁ ͻ͔Δ
ؙࢁͻ͔Δ • ಠཱܥιϑτΣΞ։ൃձࣾͰ ιϑτΣΞΤϯδχΞ ͷͪΤόϯδΣϦετͱͯ͠ ϓϩμΫτͷܒ׆ಈ • 20198݄ ΞΫΠΞʹδϣΠϯ Developer
Relations ୲ • Drupalྺɿ20198݄ʙ Ruby / Rails / Web API / Docker / AWS ϥʔϝϯ / εΠʔπ / Ωϟϯϓ൧ / ొࢁ ࣗݾհ
ԿͬͯΔͷʁ • Drupalೝఆࢼݧͷຊޠ൛ͷϩʔϯν ◦ ࡢ11݄ʮΞΫΠΞೝఆαΠτϏϧμʔ – Drupal 8ʯެ։ ◦ ͋ͱ3ͭͷࢼݧΛ3݄·Ͱʹެ։༧ఆ
• ೝఆऀΠϯλϏϡʔهࣄॻ͍ͯ·͢ • DrupalϋϯζΦϯ ◦ ఆظతʹ։࠵ ࣄͷ
× ೝূ ೝՄ
ඪ४ػೳʹࡌ • Ϣʔβʔ࡞ • ϩάΠϯɺϩάΞτ • Ϣʔβʔཧ • ݖݶཧ •
...etc DrupalͷIDཧ
• ৽نϢʔβʔͷ֫ಘ ◦ ձһొ࣌ͷͷܰݮ ◦ ஈ֊తͳใೖྗ • طଘϢʔβʔͷLTV ◦ طଘϢʔβʔͷ࠶๚
◦ ϢʔβϏϦςΟͷ্ έʔε1 : BtoC͚EίϚʔε
• ৽نϢʔβʔͷ֫ಘ ◦ ձһొ࣌ͷͷܰݮ ◦ ஈ֊తͳใೖྗ • طଘϢʔβʔͷLTV ◦ طଘϢʔβʔͷ࠶๚
◦ ϢʔβϏϦςΟͷ্ έʔε1 : BtoC͚EίϚʔε ιʔγϟϧϩάΠϯ
• SaaSɺΫϥυαʔϏεͷ૿Ճ • IDύεϫʔυͷཧ͕ࡶ • ηΩϡϦςΟϦεΫ έʔε2 : BtoB͚ετϨʔδαʔϏε
• SaaSɺΫϥυαʔϏεͷ૿Ճ • IDύεϫʔυͷཧ͕ࡶ • ηΩϡϦςΟϦεΫ έʔε2 : BtoB͚ετϨʔδαʔϏε SSOʢγϯάϧαΠϯΦϯʣ
• SSO • ιʔγϟϧϩάΠϯ • ଞཁૉೝূʢMFAʣ • ϩʔϧϕʔεΞΫηε੍ޚʢRBACʣ • ύεϫʔυϨε
• ෆਖ਼ΞΫηεݕ • ϩάੳ • ...etc ΄͔ʹ͍Ζ͍ΖೝূɾೝՄ DrupalͰ Ͳ͏ରԠ͢Δʁ
ೝূɾೝՄϓϥοτϑΥʔϜ Amazon Cognito
×
ೝূɾೝՄϓϥοτϑΥʔϜ Auth0
ೝূɾೝՄϓϥοτϑΥʔϜ Auth0 ແྉͰ৭ʑͰ͖Δ
ೝূɾೝՄϓϥοτϑΥʔϜ Auth0 ެࣜϞδϡʔϧ ͋ͬͨʂ
× ࢼͯ͠Έͨʂ
# 1. Composerܦ༝ͰDrupalΠϯετʔϧ $ composer create-project drupal/recommended-project drupal-and-auth0 $ cd
drupal-and-auth0 # 2. Auth0ϞδϡʔϧΛΠϯετʔϧ $ composer require drupal/auth0 ϞδϡʔϧΛΠϯετʔϧ
Auth0ʹαΠϯΠϯ • Auth0ʹαΠϯΠϯ ◦ auth0.com • ແྉɺΫϨδοτΧʔυͷొͳ͠Ͱ ར༻Մೳ
ΞϓϦέʔγϣϯ࡞
ΞϓϦέʔγϣϯ࡞ • SettingsͰ৭ʑઃఆ͢Δ ◦ Allowed Callback URLs : http://localhost:5656/auth0/ callback
◦ Allowed Web Origins : http://localhost:5656 ◦ Allowed Logout URLs : http://localhost:5656 ◦ Allowed Origins (CORS) : http://localhost:5656
Drupalଆͷઃఆ • Auth0ͷઃఆը໘Ͱ৭ʑઃఆ ◦ υϝΠϯ ◦ Client ID ◦ Client
Secret ◦ JsonWebToken Signature Algorithm
1 2 ͳͥDrupalͳͷ͔ʁ 3 DrupalʹϞδϡʔϧΛ Πϯετʔϧ Auth0ΞΧϯτ࡞ͱ ΞϓϦέʔγϣϯઃఆ DrupalଆͷAuth0ઃఆ 3εςοϓͰઃఆྃʂ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ1 : αΠϯΞοϓ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ1 : αΠϯΞοϓ αΠϯΞοϓ Ͱ͖ͨʂ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ1 : αΠϯΞοϓ Auth0ͷཧը໘ͰϢʔβʔใ͕ΈΕΔ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ2 : DrupalʹొࡁΈͷΞΧϯτͰϩάΠϯ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ2 : DrupalʹొࡁΈͷΞΧϯτͰϩάΠϯ ϩάΠϯͰ͖ͨʂ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ3 : ϩάΞτ
ͳͥDrupalͳͷ͔ʁ ࢼͯ͠ΈΔͦͷ2 : DrupalʹొࡁΈͷΞΧϯτͰϩάΠϯ ϩάΞτ Ͱ͖ͨʂ
ͳͥDrupalͳͷ͔ʁ ·ͱΊ • ֎෦ͷೝূೝՄϓϥοτϑΥʔϜΛͬͯ Drupalʹ։ൃϨεͰηΩϡΞͳIDཧΛ࣮ݱ • ࠓճࢼͯ͠ΈͨखॱQiitaͰެ։ ◦ https://qiita.com/hmaruyama/items/69abaddf8e4d95793a8f
None
SiteGround - Reliable hosting with speed, security, and support you can count on.
acquiajp
javiergs
thatjeffsmith
nahisaho
tomtanaka
himorishige
manfredsteyer
codelynx
kajitack
tjjh89017
denyspoltorak
ryanjones
helmedeiros
kneath
jct
brettharned
apolaine
baasie
paigeccino
palkan
tammyeverts
mojombo
davidcarrasco
