Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
TokenSourceを理解する
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Kenta Takahashi
October 25, 2025
Programming
44
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
TokenSourceを理解する
https://asakusago.connpass.com/event/369325/
Kenta Takahashi
October 25, 2025
More Decks by Kenta Takahashi
See All by Kenta Takahashi
xDS を活用したサービスディスカバリーで実現するブランチ別 QA 環境の構築手法
knwoop
2
1.2k
Fastly Compute @ Kauche
knwoop
0
74
How Are Random Numbers Generated ?
knwoop
0
320
認証認可とGoの話
knwoop
3
1.2k
Other Decks in Programming
See All in Programming
Spring Security 実践 ─ GraphQL APIで実務に役立つ 認証・認可 を学ぶ
wagyu
0
260
JavaDoc 再入門
nagise
1
410
不変条件と整合性境界—ビジネスが決める設計判断と実現パターン / Invariants and Consistency Boundaries
nrslib
14
5.8k
Developing with AI Agents — Codex, Claude Code & Cowork Practical Guide
x5gtrn
PRO
0
1.3k
Inside Stream API
skrb
1
770
セキュリティの専門家じゃなくてもできる。「セキュリティ意識」をアップデートして サプライチェーン攻撃への耐性を高めよう。
tk3fftk
5
920
「なぜそう決めたのか」を残し続ける仕組み ― Notion AI カスタムエージェント × Slack連携による設計判断の自動記録 - NIKKEI Tech Talk #47
niftycorp
PRO
0
230
New "Type" system on PicoRuby
pocke
1
1k
The NotImplementedError Problem in Ruby
koic
1
920
AIだと陥りがちなJakarta EE最新技術への移行時の落とし穴と解決策
tnagao7
0
120
エージェンティックRAGにAWSで入門しよう!
har1101
9
1.7k
Oxcを導入して開発体験が向上した話
yug1224
4
340
Featured
See All Featured
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
2.1k
How to make the Groovebox
asonas
2
2.2k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Technical Leadership for Architectural Decision Making
baasie
3
420
GraphQLとの向き合い方2022年版
quramy
50
15k
Fireside Chat
paigeccino
42
4k
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
1
400
Rails Girls Zürich Keynote
gr2m
96
14k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.3k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.4k
Optimizing for Happiness
mojombo
378
71k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.6k
Transcript
Kenta Takahashi golang.org/x/oauth2#TokenSource Λશʹཧղ͢Δ Asakusa.go
None
αʔϏεؒͰೝূΛͲ͏͓ͬͯ͜ͳ͏͔?
ͱʹ͔ͨ͘͘͞Μ͋Δ • OAuth2/OpenIDConnect ΫϥΠΞϯτೝূ • GitHub Actions ͱ Google Cloud/AWS
• Google Cloud Ͱͷೝূํ๏ • AWS Ͱͷೝূํࣜ
OAuth2 /OenID Connect ΫϥΠΞϯτೝূ • client_secret_post • client_secret_basic • client_secret_jwt
• private_key_jwt • tls_client_auth • ...
GitHub Actions ͱ Google Cloud/AWS https://docs.github.com/ja/actions/concepts/security/openid-connect
Google Cloud Ͱͷೝূํ๏ • Set up Application Default Credentials ͱ͍
͏Έ͕͋Δ • ͬ͘͟Γೝূใͷ୳ ͠ํϚχϡΞϧ
AWS Ͱͷೝূํࣜ • ͋Μ·Γৄ͘͠ͳ͍ͷͰׂѪ
ͳΔ΄ͲΘ͔ΒΜ
API ϦΫΤετ͍͚ͨͩ͠ͳΜͩ
TokenSource ʹ͍ͭͯ https://pkg.go.dev/golang.org/x/oauth2#TokenSource
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2 SSO ͷྫ
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2 - access token Λͬͯ ϢʔβʔใΛऔಘ͢Δ - ͜ͷ෦Ͱ
Token Source ͕ΘΕ͍ͯΔ
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2 - Request ͝ͱʹ TokenSource ͷ ϝιου͕ݺΕ͍ͯΔ -
෦ token ͷߋ৽ͳͲ ߦ͍ͬͯΔ - ϩοΫͱͬͯ goroutine-safe ʹ ͳ͍ͬͯΔ
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ GitHub Actions ͱ Google Cloud/AWS (AWS ׂѪ) •
Google Cloud Workload Identity Federation ͱ͍͏ΈΛ͍ͬͯΔ • ೝূΩʔͳ͠Ͱ Google Cloud ʹΞΫηεͰ͖Δ • ෦ͷৄ͍͠Έฉ͍͍ͯͩ͘͞😇
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ GitHub Actions ͱ Google Cloud/AWS (AWS ׂѪ) Workload
Identity Federation ͷྫ https://github.com/knwoop/google-cloud-go-playground/iam/workloadidentityfed
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ GitHub Actions ͱ Google Cloud/AWS (AWS ׂѪ) Service
Account ͷྫ
·ͱΊ • TokenSource ɺೝূใͷऔಘΛಁաతʹͯ͘͠ΕΔͷ • API ୟ࣌͘ TokenSource ͚ͩΛҙࣝ͠Α͏ (ݱ࣮ͦΜͳʹ͘ͳ͍😇)
• ·ͣ TokenSource Λ͑ͳ͍͔Λݕ౼ͯ͠ΈΔ • ࠓճհͰ͖ͳ͔͕ͬͨɺ TokenSource Λͬͨ RoundTripper grpc callOptions ͳͲ͋ΔͷͰศར