OAuth 2.0 をかみくだく

Transcript

1. 0"VUIΛטΈࡅ͘
   
   8ΤϯδχΞษڧձ
   

   View Slide

2. 8ΤϯδχΞษڧձ
   8IPBN*
   w കᖒ༤Ұ࿠ ͏Ί͟ΘΏ͏͍ͪΖ͏
   
   w ͕Δ͕΂ !HBSCBHFUPXO
   
   w גࣜձࣾ%54
   w 4*FS
   w ೥݄ೖࣾ
   w ೥݄ҟಈ
   w डୗ։ൃˠݚڀ։ൃɾٕज़ࢧԉ
   w ՝֎׆ಈ
   w 1MBZ'SBNFXPSLؔ࿈ͰدߘɺొஃͳͲ
   w ͨ·ʹυϥϜΛୟ͘
   
   

   View Slide

3. 8ΤϯδχΞษڧձ
   8IPBN*
   
   ++6($$$
   4QSJOH
   ొஃ͠·ͨ͠ʂ
   

   View Slide

4. 8ΤϯδχΞษڧձ
   "HFOEB
   w ೝূͱೝՄ
   w എܠ
   w 0"VUI
   w ΫϥΠΞϯτΫϨσϯγϟϧ
   w ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧ
   w ΠϯϓϦγοτ
   w ೝՄίʔυ
   w 0"VUIೝূͱ0QFO*%$POOFDU
   
   ͪΐͬͱ͚ͩ
   

   View Slide

5. 8ΤϯδχΞษڧձ
   %JTDMBJNFS
   w ຊࢿྉ͸ҎԼΛ໨తͱͯ͠࡞੒ͨ͠΋ͷͰ͢
   w 0"VUI͕ඞཁͱ͞Ε͍ͯΔഎܠΛ೺Ѳ͢Δ
   w 0"VUI ಛʹೝՄίʔυϑϩʔ
   ͕ෳࡶʹͳΒ͟ΔΛɹ
   ಘͳ͍ࣄ৘Λ೺Ѳ͢Δ
   w ຊࢿྉͰ͸ҎԼͷৄࡉʹ͸৮Ε·ͤΜɻผ్ɺຊࢿྉ෇࿥ʹɹ
   ܝࡌͨ͠ࢀߟࢿྉΛࢀর͍ͯͩ͘͠͞
   w 0"VUIͰ΍ΓऔΓ͞ΕΔ۩ମతͳύϥϝʔλ΍஋
   w 0"VUIͰߟྀ͢΂͖ηΩϡϦςΟࣄ߲ͱରࡦ
   
   

   View Slide

6. 8ΤϯδχΞษڧձ
   ೝূͱೝՄ
   
   

   View Slide

7. 8ΤϯδχΞษڧձ
   ೝূͱೝՄ
   w ೝূ
   w "VUIFOUJDBUJPO "VUI/
   
   w ୭Ͱ͋Δ͔
   w ӡస໔ڐূɺύεϙʔτͳͲ
   ˠ *%1BTTXPSE
   w ೝՄ
   w "VUIPSJ[BUJPO "VUI;
   
   w Կ͕Ͱ͖Δ͔
   w 伴ɺ੾ූͳͲ
   ˠ "DDFTT5PLFO
   
   λΠͷ஍ԼమͰ͸੾ූΛ
   τʔΫϯͱݺͿ
   

   View Slide

8. 8ΤϯδχΞษڧձ
   എܠ
   
   

   View Slide

9. 8ΤϯδχΞษڧձ
   αʔϏε૿Ճʹ൐͏ೝূͷ՝୊
   
   αʔϏε"
   JEHBSCBHFUPXO
   QBTTBBBBBBBB
   

   View Slide

10. 8ΤϯδχΞษڧձ
    αʔϏε૿Ճʹ൐͏ೝূͷ՝୊
    
    αʔϏε"
    JEHBSCBHFUPXO
    QBTTBBBBBBBB
    αʔϏε#
    JEHBSCBHFUPX
    QBTTCCCCCCCC
    จࣈ਺ͷ੍ݶ
    

    View Slide

11. 8ΤϯδχΞษڧձ
    αʔϏε૿Ճʹ൐͏ೝূͷ՝୊
    
    αʔϏε"
    JEHBSCBHFUPXO
    QBTTBBBBBBBB
    αʔϏε#
    JEHBSCBHFUPX
    QBTTCCCCCCCC
    αʔϏε$
    JEHBSCBHFUPXO
    QBTTDDDDDDDD
    ΞΧ΢ϯτ૪ୣ
    จࣈ਺ͷ੍ݶ
    

    View Slide

12. 8ΤϯδχΞษڧձ
    αʔϏε૿Ճʹ൐͏ೝূͷ՝୊
    
    αʔϏε"
    JEHBSCBHFUPXO
    QBTTBBBBBBBB
    αʔϏε#
    JEHBSCBHFUPX
    QBTTCCCCCCCC
    αʔϏε$
    JEHBSCBHFUPXO
    QBTTDDDDDDDD
    ΞΧ΢ϯτ૪ୣ
    จࣈ਺ͷ੍ݶ
    αʔϏε&
    αʔϏε%
    JEHBSCBHFUPXO
    QBTTEEEEEEEE
    JEHBSCBHFUPXO
    QBTTEEEEEEEE
    ύεϫʔυ
    ࢖͍ճ͠
    

    View Slide

13. 8ΤϯδχΞษڧձ
    αʔϏε૿Ճʹ൐͏ೝূͷ՝୊
    
    αʔϏε"
    JEHBSCBHFUPXO
    QBTTBBBBBBBB
    αʔϏε#
    JEHBSCBHFUPX
    QBTTCCCCCCCC
    αʔϏε$
    JEHBSCBHFUPXO
    QBTTDDDDDDDD
    ΞΧ΢ϯτ૪ୣ
    จࣈ਺ͷ੍ݶ
    αʔϏε&
    αʔϏε%
    JEHBSCBHFUPXO
    QBTTEEEEEEEE
    JEHBSCBHFUPXO
    QBTTEEEEEEEE
    ύεϫʔυ
    ࢖͍ճ͠
    αʔϏε'
    JEHBSCBHFUPXO
    QBTTG'''
    จࣈछͷڧ੍
    

    View Slide

14. 8ΤϯδχΞษڧձ
    αʔϏε࿈ܞʹ൐͏ೝՄͷ՝୊
    
    αʔϏε"
    αʔϏε#
    αʔϏε$
    αʔϏε&
    αʔϏε%
    αʔϏε'
    

    View Slide

15. 8ΤϯδχΞษڧձ
    αʔϏε࿈ܞʹ൐͏ೝՄͷ՝୊
    
    αʔϏε"
    αʔϏε#
    αʔϏε$
    αʔϏε&
    αʔϏε%
    αʔϏε'
    αʔϏε#͕'ʹ
    σʔλΛॻ͖ࠐΈ
    

    View Slide

16. 8ΤϯδχΞษڧձ
    αʔϏε࿈ܞʹ൐͏ೝՄͷ՝୊
    
    αʔϏε"
    αʔϏε#
    αʔϏε$
    αʔϏε&
    αʔϏε%
    αʔϏε'
    αʔϏε#͕'ʹ
    σʔλΛॻ͖ࠐΈ
    αʔϏε$͕#ͷ
    σʔλΛಡΈࠐΈ
    

    View Slide

17. 8ΤϯδχΞษڧձ
    αʔϏε࿈ܞʹ൐͏ೝՄͷ՝୊
    
    αʔϏε"
    αʔϏε#
    αʔϏε$
    αʔϏε&
    αʔϏε%
    αʔϏε'
    αʔϏε#͕'ʹ
    σʔλΛॻ͖ࠐΈ
    αʔϏε$͕#ͷ
    σʔλΛಡΈࠐΈ
    αʔϏε&͕"ͱ%ͷ
    σʔλΛϚογϡΞοϓ
    

    View Slide

18. 8ΤϯδχΞษڧձ
    αʔϏε࿈ܞʹ൐͏ೝՄͷ՝୊
    
    αʔϏε"
    αʔϏε#
    αʔϏε$
    αʔϏε&
    αʔϏε%
    αʔϏε'
    αʔϏε#͕'ʹ
    σʔλΛॻ͖ࠐΈ
    αʔϏε$͕#ͷ
    σʔλΛಡΈࠐΈ
    αʔϏε&͕"ͱ%ͷ
    σʔλΛϚογϡΞοϓ
    αʔϏε#͕'ʹ
    ϩάΠϯ͢Δʁ
    αʔϏε$͸#ʹ
    ॻ͖ࠐΊΔʁ
    αʔϏε&ͷ
    ύεϫʔυΛ
    ม͑ͨΒʁ
    αʔϏε"ͷ
    ը໘ΛಡΉʁ
    

    View Slide

19. 8ΤϯδχΞษڧձ
    ͦΕͧΕͷ՝୊ͱղܾࡦ
    w ೝূʹؔ͢Δ՝୊ͷղܾ
    ˔ 0QFO*% 㱠0QFO*%$POOFDU
    
    w Ұ࣌੝Γ্͕Δ΋ਓؾ͸ԼՐʹ
    w ೝՄʹؔ͢Δ՝୊ͷղܾ
    ˔ 0"VUI
    w 0"VUIͰҰؾʹීٴ
    w ೝূʹؔ͢Δ՝୊΋ ൒͹ڧҾʹ
    ղܾ
    
    

    View Slide

20. 8ΤϯδχΞษڧձ
    OAuth 2.0
    
    

    View Slide

21. 8ΤϯδχΞษڧձ
    0"VUIˠ
    w 0"VUI
    w ೥݄࠷ऴ૲Ҋ
    w ೥݄B
    w ೥݄3'$
    
    w 0"VUI
    w ೥݄࠷ऴ૲Ҋ
    w ೥݄3'$
    0"VUI͸ഇࢭ
    

    View Slide

22. 8ΤϯδχΞษڧձ
    3'$
    
    

    View Slide

23. 8ΤϯδχΞษڧձ
    3'$
    
    

    View Slide

24. 8ΤϯδχΞษڧձ
    0"VUI͸೉͍͠
    w ༻ޠ͕෼͔ΓͮΒ͍
    w 0QFO*%ͳͲͰ࢖ΘΕΔ༻ޠͱͷࠩҟ
    w ੈؒҰൠͰ࢖ΘΕΔ༻ޠͱͷࠩҟ
    w ࢓༷ͰఆΊΒΕ͍ͯͳ͍ॲཧ͕ଟ͍
    w ΫϥΠΞϯτΛొ࿥͢Δํ๏
    w ϦιʔεΦʔφʔΛೝূ͢Δํ๏
    w ΞΫηετʔΫϯͷ಺༰ͱݕূํ๏
    w ॲཧϑϩʔ͕ෳࡶ
    w )551ϦμΠϨΫτͷ࿈ଓ 0"VUI%BODF
    
    w ηΩϡϦςΟߟྀࣄ߲͕ଟ͍
    
    

    View Slide

25. 8ΤϯδχΞษڧձ
    ਎ۙͳྫͰཧղ͢Δ
    w ྫ
    ษڧձαʔϏεΛϚΠΫϩϒϩάαʔϏεͱ࿈ܞ͢Δ
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    [1] ࿈ܞ։࢝
    [2] ϑΥϩϫʔ৘ใऔಘ
    [3] ϑΥϩϫʔ৘ใ
    [4] ϑΥϩϫʔ৘ใදࣔ
    [5] ษڧձࢀՃ
    [6] ࢀՃ৘ใ౤ߘ
    [7] ࢀՃ׬ྃը໘දࣔ
    

    View Slide

26. 8ΤϯδχΞษڧձ
    3PMFT
    w 0"VUIͷొ৔ਓ෺
    
    ໾ׂ આ໌ ྫ
    ϦιʔεΦʔφʔ อޢ͞ΕͨϦιʔεͷ࣋ͪओ ΤϯυϢʔβʔ
    Ϧιʔεαʔόʔ
    อޢ͞ΕͨϦιʔεΛఏڙ͢Δ
    αʔόʔ
    ϚΠΫϩϒϩά
    αʔϏε
    ΫϥΠΞϯτ
    อޢ͞ΕͨϦιʔεΛར༻͢Δ
    αʔυύʔςΟΞϓϦέʔγϣϯ
    ษڧձαʔϏε
    ೝՄαʔόʔ τʔΫϯΛ؅ཧ͢Δαʔόʔ
    ϚΠΫϩϒϩά
    αʔϏε
    

    View Slide

27. 8ΤϯδχΞษڧձ
    1SPUPDPM'MPX
    w ೝՄάϥϯτ ޙड़
    ʹґΒͳ͍جຊతͳϑϩʔ
    
    https://tools.ietf.org/html/rfc6749#section-1.2
    

    View Slide

28. 8ΤϯδχΞษڧձ
    1SPUPDPM'MPX
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    [A] ೝՄཁٻ
    [C] ೝՄڐՄ
    [D] ΞΫηετʔΫϯ
    [E] ΞΫηετʔΫϯ
    [F] อޢϦιʔε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ Ϧιʔεαʔόʔ
    [B] ೝՄڐՄ
    ϚΠΫϩϒϩά
    αʔϏε
    ೝՄαʔόʔ
    

    View Slide

29. 8ΤϯδχΞษڧձ
    "VUIPSJ[BUJPO(SBOU
    w 3'$Ͱ͸छྨͷೝՄάϥϯτΛఆٛ
    ೝՄίʔυ
    ΠϯϓϦγοτ
    ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧ
    ΫϥΠΞϯτΫϨσϯγϟϧ
    w ֓Ͷ
    ˠͷॱʹػೳΛຬ͍ͨͯ͠Δ͕ෳࡶ
    w ಠࣗʹೝՄάϥϯτΛ௥Ճͯ͠΋Α͍
    w ಠࣗʹೝՄάϥϯτΛ֦ுͯ͠΋Α͍
    
    ೝՄίʔυ͔Βཧղ͠Α͏ͱ
    ͢Δͱࢮ͵ ˞
    ͷͰɺ࣍ϖʔδ
    Ҏ߱ɺ͔Βٯॱʹઆ໌
    ˞ݸਓͷײ૝Ͱ͢
    
    

    View Slide

30. 8ΤϯδχΞษڧձ
    ࣄલ४උ
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    [1-1] ΫϥΠΞϯτొ࿥
    [1-2] ΫϥΠΞϯτIDɺ
    γʔΫϨοτ
    [2-1] ϩάΠϯ
    [2-2] ೝূ݁Ռ
    ΫϥΠΞϯτొ࿥खॱɺ
    ϦιʔεΦʔφʔͷ
    ೝূखॱ͸࢓༷ൣғ֎
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    

    View Slide

31. 8ΤϯδχΞษڧձ
    $MJFOU$SFEFOUJBMT
    w ΫϥΠΞϯτ୯ҐͰೝূ͢Δ
    w ϦιʔεΦʔφʔͷೝՄ͕ඞཁͳ͍"1*Ͱ࢖͏
    
    https://tools.ietf.org/html/rfc6749#section-4.4
    

    View Slide

32. 8ΤϯδχΞษڧձ
    $MJFOU$SFEFOUJBMT
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    [A] ΫϥΠΞϯτೝূ
    [B] ΞΫηετʔΫϯ
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    ΫϥΠΞϯτ*%ͱ
    γʔΫϨοτͰೝূ
    ΫϥΠΞϯτ୯Ґʹ
    ΞΫηετʔΫϯΛ
    ෷͍ग़͢
    

    View Slide

33. 8ΤϯδχΞษڧձ
    $MJFOU$SFEFOUJBMT
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [1] ࿈ܞ։࢝
    [2] ϑΥϩϫʔ৘ใऔಘ
    [3] ϑΥϩϫʔ৘ใ
    [4] ϑΥϩϫʔ৘ใ
    [5] ษڧձࢀՃ
    [6] ࢀՃ৘ใ౤ߘ
    ❌
    ϢʔβೝՄ͕ෆཁͳૢ࡞
    ͸ߦ͑Δ
    ϢʔβೝՄ͕ඞཁͳૢ࡞
    ͸ߦ͑ͳ͍
    

    View Slide

34. 8ΤϯδχΞษڧձ
    3FTPVSDF0XOFS1BTTXPSE$SFEFOUJBMT
    w ΫϥΠΞϯτʹϦιʔεΦʔφʔͷೝূ৘ใΛ౉͢
    w ϨΨγʔγεςϜͷҠߦͳͲͰ࢑ఆతʹ࢖͏
    
    https://tools.ietf.org/html/rfc6749#section-4.3
    

    View Slide

35. 8ΤϯδχΞษڧձ
    3FTPVSDF0XOFS1BTTXPSE$SFEFOUJBMT
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [1] ࿈ܞ։࢝
    [2] ೝূ৘ใཁٻ
    [A] ೝূ৘ใ
    [B] ϦιʔεΦʔφʔೝূ
    [C] ΞΫηετʔΫϯ
    ϚΠΫϩϒϩάαʔϏε
    ͷ*%ͱύεϫʔυΛೖྗ
    

    View Slide

36. 8ΤϯδχΞษڧձ
    3FTPVSDF0XOFS1BTTXPSE$SFEFOUJBMT
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [6] ษڧձࢀՃ
    [7] ࢀՃ৘ใ౤ߘ
    [8] ࢀՃ׬ྃը໘දࣔ
    [3] ϑΥϩϫʔ৘ใऔಘ
    [4] ϑΥϩϫʔ৘ใ
    [5] ϑΥϩϫʔ৘ใදࣔ
    ϢʔβೝՄ͕ඞཁͳૢ࡞
    ΋ߦ͑Δ
    

    View Slide

37. 8ΤϯδχΞษڧձ
    3FTPVSDF0XOFS1BTTXPSE$SFEFOUJBMT
    
    ѱҙͷ͋Δ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [3] ແஅ౤ߘ
    [4] ϓϩϑΟʔϧมߋ
    ΫϥΠΞϯτʹѱҙ͕͋Δ৔߹ɺ
    ϦιʔεΦʔφʔʹͳΓ͢·ͯ͠
    ೚ҙͷૢ࡞Λߦ͑Δ
    [5] ύεϫʔυมߋ
    [1] ࿈ܞ։࢝
    [2] ೝূ৘ใཁٻ
    [A] ೝূ৘ใ
    

    View Slide

38. 8ΤϯδχΞษڧձ
    *NQMJDJU
    w ΫϥΠΞϯτΞϓϦέʔγϣϯͰ࢖͏
    w ΞΫηετʔΫϯ࿙ӮͷϦεΫΛཧղ͔ͯ͠Β࢖͏΂͖
    
    https://tools.ietf.org/html/rfc6749#section-4.2
    ※ ࢴ໘ͷ౎߹্ɺϨΠΞ΢τΛҰ෦มߋͯ͠ܝࡌ
    

    View Slide

39. 8ΤϯδχΞษڧձ
    *NQMJDJU
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ
    ϢʔβΤʔδΣϯτ
    WEBαʔϏε
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    ษڧձ
    εΫϦϓτ
    ΫϥΠΞϯτ
    [1] ࿈ܞ։࢝
    [A] ೝՄαʔόʔʹϦμΠϨΫτ
    [B] ೝՄը໘දࣔ
    ษڧձαʔϏεʹ࣍ͷૢ࡞Λ
    ڐՄ͠·͔͢ʁ
    w ϚΠΫϩϒϩάͷಡΈऔΓ
    w ϚΠΫϩϒϩάͷॻ͖ࠐΈ
    

    View Slide

40. 8ΤϯδχΞษڧձ
    *NQMJDJU
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ
    ϢʔβΤʔδΣϯτ
    WEBαʔϏε
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    ษڧձ
    εΫϦϓτ
    ΫϥΠΞϯτ
    [B] ೝՄ৘ใೖྗ
    [C] WEBαʔϏεʹϦμΠϨΫτ
    [D] WEBαʔϏεʹΞΫηε
    [C] ΞΫηετʔΫϯੜ੒
    ΞΫηετʔΫϯΛ
    ϑϥάϝϯτʹ෇Ճ
    ΞΫηετʔΫϯΛ
    ϩʔΧϧʹอଘͯ͠
    ϦΫΤετ
    

    View Slide

41. 8ΤϯδχΞษڧձ
    *NQMJDJU
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ
    ϢʔβΤʔδΣϯτ
    WEBαʔϏε
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    ษڧձ
    εΫϦϓτ
    ΫϥΠΞϯτ
    [E] εΫϦϓτΛμ΢ϯϩʔυ
    [F] ΞΫηετʔΫϯΛநग़
    [G] ΞΫηετʔΫϯΛઃఆ
    ϩʔΧϧʹอଘͨ͠ΞΫηε
    τʔΫϯΛΫϥΠΞϯτʹɹ
    ઃఆ
    

    View Slide

42. 8ΤϯδχΞษڧձ
    *NQMJDJU
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ
    ϢʔβΤʔδΣϯτ
    WEBαʔϏε
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    ษڧձ
    εΫϦϓτ
    ΫϥΠΞϯτ
    [2] ϑΥϩϫʔ৘ใऔಘ
    [3] ϑΥϩϫʔ৘ใ
    [4] ϑΥϩϫʔ৘ใදࣔ
    [5] ษڧձࢀՃ
    [6] ࢀՃ৘ใ౤ߘ
    [7] ࢀՃ׬ྃը໘දࣔ
    ΫϥΠΞϯτʹೝূ৘ใΛ౉͢
    ͜ͱͳ͘ɺೝՄ͞Εͨൣғ಺ͷ
    ૢ࡞Λߦ͑Δ
    

    View Slide

43. 8ΤϯδχΞษڧձ
    *NQMJDJU
    
    ѱҙͷ͋Δ
    ΤϯυϢʔβʔ
    ϚΠΫϩϒϩά
    αʔϏε
    ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [2] ແஅ౤ߘ
    [3] ϓϩϑΟʔϧมߋ
    ϒϥ΢βΩϟογϡ΍ϩʔΧϧ
    ετϨʔδͳͲ͔ΒτʔΫϯΛ
    ౪Ή
    [4] ύεϫʔυมߋ
    [1]ΞΫηετʔΫϯΛୣऔ
    ϦιʔεΦʔφʔ
    ϢʔβΤʔδΣϯτ
    ❌
    ೝՄ͞Εͨൣғ಺ͰϦιʔε
    Φʔφʔͷҙਤ͠ͳ͍ૢ࡞Λ
    ߦ͑Δ
    

    View Slide

44. 8ΤϯδχΞษڧձ
    "VUIPSJ[BUJPO$PEF
    w 8FCΞϓϦέʔγϣϯͰ࢖͏
    w Ұൠతʹ0"VUIͱݺ͹ΕΔϑϩʔ
    
    https://tools.ietf.org/html/rfc6749#section-4.1
    ※ ࢴ໘ͷ౎߹্ɺϨΠΞ΢τΛҰ෦มߋͯ͠ܝࡌ
    

    View Slide

45. 8ΤϯδχΞษڧձ
    "VUIPSJ[BUJPO$PEF
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [1] ࿈ܞ։࢝
    [A] ೝՄαʔόʔʹϦμΠϨΫτ
    [B] ೝՄը໘දࣔ
    [B] ೝՄ৘ใೖྗ
    [C] ೝՄίʔυੜ੒
    [C] ΫϥΠΞϯτʹϦμΠϨΫτ
    ΞΫηετʔΫϯͰ͸ͳ͘
    ೝՄίʔυΛ౉͢
    

    View Slide

46. 8ΤϯδχΞษڧձ
    "VUIPSJ[BUJPO$PEF
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [D] ΞΫηετʔΫϯཁٻ
    [E] ΞΫηετʔΫϯ
    [E] ΞΫηετʔΫϯੜ੒
    ೝՄίʔυͱҾ͖׵͑ʹ
    τʔΫϯΛड͚औͬͯɹ
    ΫϥΠΞϯτʹઃఆ
    

    View Slide

47. 8ΤϯδχΞษڧձ
    "VUIPSJ[BUJPO$PEF
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [2] ϑΥϩϫʔ৘ใऔಘ
    [3] ϑΥϩϫʔ৘ใ
    [4] ϑΥϩϫʔ৘ใදࣔ
    [5] ษڧձࢀՃ
    [6] ࢀՃ৘ใ౤ߘ
    [7] ࢀՃ׬ྃը໘දࣔ
    ΫϥΠΞϯτʹೝূ৘ใΛ౉͢
    ͜ͱͳ͘ɺೝՄ͞Εͨൣғ಺ͷ
    ૢ࡞Λߦ͑Δ
    

    View Slide

48. 8ΤϯδχΞษڧձ
    OAuth ೝূͱ
    OpenID Connect
    
    

    View Slide

49. 8ΤϯδχΞษڧձ
    0"VUIೝূ
    
    ษڧձ
    αʔϏε
    ϚΠΫϩϒϩά
    αʔϏε
    ϦιʔεΦʔφʔ ΫϥΠΞϯτ
    Ϧιʔεαʔόʔ
    ೝՄαʔόʔ
    [2] Ϣʔβ৘ใऔಘ
    [3] Ϣʔβ৘ใ
    [1] OAuthͰϩάΠϯ
    [4]ϩάΠϯॲཧ
    [5] ϩάΠϯ׬ྃը໘
    

    View Slide

50. 8ΤϯδχΞษڧձ
    0"VUIೝূ
    w 0"VUIͰϦιʔεΦʔφʔͷ৘ใΛऔಘ͢Δ"1*Λ࣮ߦ͠ɺ
    ಘΒΕͨ৘ใͰೝূ͢Δ࢓૊Έ
    w ݱ࣮ੈքʹஔ͖׵͑Δͱ
    ୭͔ͩ෼͔Βͳ͍ਓ͕དྷͨ
    ӡస໔ڐূͳͲ৴པͰ͖Δূ໌ॻ͸͍࣋ͬͯͳ͍
    ିۚ͠ݿͷ伴Λ͍࣋ͬͯΔ
    ିۚ͠ݿʹ伴൪߸Λ໰͍߹ΘͤΔͱ˓˓͞Μͷ伴Β͍͠
    ୭͔ͩ෼͔Βͳ͍͕˓˓͞Μͱ͍͏͜ͱʹ͠Α͏
    w τʔΫϯͷൿಗੑɺਅਖ਼ੑ͕ऑ͍ΠϯϓϦγοτϑϩʔͰ͸ɹ
    ηΩϡϦςΟϗʔϧʹͳΔಘΔ
    
    

    View Slide

51. 8ΤϯδχΞษڧձ
    0QFO*%$POOFDU
    
    

    View Slide

52. 8ΤϯδχΞษڧձ
    0QFO*%$POOFDU
    w 0"VUIʹೝূͱଐੑऔಘػೳΛ௥Ճͨ͠࢓༷
    w ΞΫηετʔΫϯͱ߹Θͤͯ*%τʔΫϯΛ෷͍ग़͢
    w +85 +40/8FC5PLFO
    
    w ϔομ
    w γάωνϟͷΞϧΰϦζϜ
    w ϖΠϩʔυ
    w l୭͕zl୭ͷͨΊʹzl୭Λzೝূ͔ͨ͠ͷه࿥
    w OBNF΍FNBJMͳͲͷଐੑ৘ใ
    w γάωνϟ
    w ϔομͱϖΠϩʔυΛೝՄαʔόͷൿີ伴Ͱ҉߸Խͨ͠ɹ
    σδλϧॺ໊
    
    

    View Slide

53. 8ΤϯδχΞษڧձ
    ·ͱΊ
    
    

    View Slide

54. 8ΤϯδχΞษڧձ
    ·ͱΊ
    
    w ೝূͱೝՄ
    w "VUIFOUJDBUJPO "VUI/
    ୭Ͱ͋Δ͔
    w "VUIPSJ[BUJPO "VUI;
    Կ͕Ͱ͖Δ͔
    w എܠ
    w αʔϏεͷ૿Ճʹ൐͏ೝূͷ՝୊ˠ0QFO*%
    w αʔϏεͷ࿈ܞʹ൐͏ೝՄͷ՝୊ˠ0"VUI
    

    View Slide

55. 8ΤϯδχΞษڧձ
    ·ͱΊ
    w 0"VUI
    w ΫϥΠΞϯτΫϨσϯγϟϧ
    w ϦιʔεΦʔφʔͷೝՄ͕ෆཁͳ"1*Ͱ࢖͏
    w ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧ
    w ϨΨγʔγεςϜͷҠߦͳͲ࢑ఆ໨త
    w ΠϯϓϦγοτ
    w ΫϥΠΞϯτΞϓϦέʔγϣϯͰ࢖͏
    w τʔΫϯ࿙͍͑ϦεΫ͕͋Δ
    w ೝՄίʔυ
    w 8FCΞϓϦέʔγϣϯͰ࢖͏
    
    

    View Slide

56. 8ΤϯδχΞษڧձ
    ·ͱΊ
    w 0"VUIೝূͱ0QFO*%$POOFDU
    w 0"VUIೝূ
    w ϦιʔεΦʔφʔࣗ਎ͷ৘ใͰೝূ͢Δ࢓૊Έ
    w ΠϯϓϦγοτϑϩʔʹ༻͍ΔͱͳΓ͢·͠ͷϦεΫ
    w 0QFO*%$POOFDU
    w 0"VUIʹೝূͱଐੑऔಘػೳΛ௥Ճͨ͠࢓༷
    w +85ʹΑΔ҉߸Խ
    
    

    View Slide

57. 8ΤϯδχΞษڧձ
    "QQFOEJY
    w Α͘Θ͔ΔೝূͱೝՄʛ%FWFMPQFST*0
    w IUUQEFWDMBTTNFUIPEKQTFDVSJUZBVUIFOUJDBUJPOBOEBVUIPSJ[BUJPO
    w 3'$5IF0"VUI"VUIPSJ[BUJPO'SBNFXPSL
    w IUUQTUPPMTJFUGPSHIUNMSGD
    w 3'$0"VUI5ISFBU.PEFMBOE4FDVSJUZ$POTJEFSBUJPOT
    w IUUQTUPPMTJFUGPSHIUNMSGD
    w 5IF0"VUI"VUIPSJ[BUJPO'SBNFXPSL
    w IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPSGDKBIUNM
    w 0"VUI5ISFBU.PEFMBOE4FDVSJUZ$POTJEFSBUJPOT
    w IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPSGDKBIUNM
    w 'JOBM0QFO*%$POOFDU$PSFJODPSQPSBUJOHFSSBUBTFU
    w IUUQPQFOJEOFUTQFDTPQFOJEDPOOFDUDPSF@IUNM
    w 'JOBM0QFO*%$POOFDU$PSFJODPSQPSBUJOHFSSBUBTFU
    w IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPPQFOJEDPOOFDUDPSF@KBIUNM
    
    

    View Slide

58. 8ΤϯδχΞษڧձ
    "QQFOEJY
    w 0"VUIશϑϩʔͷਤղͱಈը2JJUB
    w IUUQRJJUBDPN5BLBIJLP,BXBTBLJJUFNTFCGBG
    w ࠓߋฉ͚ͳ͍0"VUI
    w IUUQTXXXTMJEFTIBSFOFUQIQITBPBVUI
    w 0"VUIͷ֓ཁͱηΩϡϦςΟ
    w IUUQTXXXTMJEFTIBSFOFUDIBSMJFSTIPFPBVUI
    w ୯ͳΔ0"VUIΛೝূʹ࢖͏ͱɺं͕௨ΕΔ΄ͲͷͲͰ͔͍ηΩϡϦςΟʔɾϗʔ
    ϧ͕Ͱ͖Δc!@/BU;POF
    w IUUQTXXXTBLJNVSBPSH
    w $*4#PPUDBNQ1JOH*EFOUJUZ0"VUIBOE0QFO*%$POOFDU*O"DUJPOXJUI
    1JOH'FEFSBUF)BOET0O
    w IUUQTXXXTMJEFTIBSFOFU$MPVE*%4VNNJUDJTCPPUDBNQQJOHJEFOUJUZ
    PBVUIBOEPQFOJEDPOOFDUJOBDUJPOXJUIQJOHGFEFSBUFIBOETPO
    w 0QFO*%$POOFDUೖ໳ʙίϯγϡʔϚʔʹ͓͚Δ*%࿈ܞͷτϨϯυʙ
    w IUUQTXXXTMJEFTIBSFOFULVSB@MBCPQFOJEDPOOFDUJE
    
    

    View Slide

59. 8ΤϯδχΞษڧձ
    5IBOLZPV
    
    
    

    View Slide