Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
FIDO2をPHPで実装してみた
Search
KoujiMatsuda
April 08, 2020
Programming
260
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
FIDO2をPHPで実装してみた
KoujiMatsuda
April 08, 2020
More Decks by KoujiMatsuda
See All by KoujiMatsuda
OWASP Projectsの歩き方
koujimatsuda11
0
71
OWASP Top 10 Proactive Controls 2024 で始めるセキュリティ
koujimatsuda11
0
74
脆弱性診断を内製化してわかったこと
koujimatsuda11
0
190
Other Decks in Programming
See All in Programming
The ROI of Quarkus for Spring Boot Applications
hollycummins
0
150
Snowflake Summitでの新機能 CoCo / CoWork / snowflake-summit-2026-overall-what-new-coco
tatsuhiro
1
200
Lessons from Spec-Driven Development
simas
PRO
0
230
AIを活用したE2Eテスト実装効率化のあゆみ / ebisu-mobile-14-kotetu
kotetuco
0
150
JavaDoc 再入門
nagise
1
430
技術記事、 専門家としてのプログラマ、 言語化
mizchi
13
6.6k
Contextとはなにか
chiroruxx
1
380
不変条件と整合性境界—ビジネスが決める設計判断と実現パターン / Invariants and Consistency Boundaries
nrslib
14
6k
これからAgentCoreを触る方へトレンドはGatewayです
har1101
6
440
[2026年度第1回ORセミナー] 計画最適化ベンチャーと競技プログラミング人材
terryu16
0
280
ADKを使って簡単にAIエージェントを作ってみよう
k1mu21
0
280
エージェンティックRAGにAWSで入門しよう!
har1101
9
1.8k
Featured
See All Featured
What does AI have to do with Human Rights?
axbom
PRO
1
2.2k
Joys of Absence: A Defence of Solitary Play
codingconduct
1
400
Context Engineering - Making Every Token Count
addyosmani
9
990
Prompt Engineering for Job Search
mfonobong
0
360
A Soul's Torment
seathinner
6
3k
Tips & Tricks on How to Get Your First Job In Tech
honzajavorek
1
550
Darren the Foodie - Storyboard
khoart
PRO
3
3.4k
The browser strikes back
jonoalderson
0
1.3k
Highjacked: Video Game Concept Design
rkendrick25
PRO
1
400
Mozcon NYC 2025: Stop Losing SEO Traffic
samtorres
1
260
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
62
44k
Transcript
FIDO2ΛPHPͰ࣮ͯ͠Έͨ 2020/04/08 koujimatsuda
ࣗݾհ ➢দా߁࢘ʢ·ͭͩ͜͏͡ʣ ➢ؔͰΤϯδχΞͬͯ·͢ ➢Twitter:@koujimatsuda11 ➢facebook:kouji.matsuda.58
FIDO2ೝূͬͯԿʁ WEBαΠτͰ؆୯ʹࢦೝূإೝূ͕Ͱ͖Δೝূ༷ ύεϫʔυͷ͍Βͳ͍ੈք͕͖ͬͯ·͢ Android7.0ͷ࠷৽ͷChromeͰ͓ ࢼ͍ͩ͘͠͞ʢ20202݄࣌ʣ
ύεϫʔυೝূɾɾɾ 50ԯͷϢʔβ໊ͱύεϫʔυͷηοτ͕࿙Ӯ͍ͯ͠Δ (owasp asvs 4.0 v2ΑΓ) αΠτA αΠτB ID :
[email protected]
ύεϫʔυ : password IDͱύεϫʔυ͕౪·ΕΔ Ϣʔβ ߈ܸऀ ϩάΠϯޭ ύεϫʔυΛ͍·Θ͍ͯ͠Δͱɾɾɾ
FIDO2ͷΈʢొʣ Relyng Party ΫϥΠΞϯτ Authenticator ϩάΠϯID νϟϨϯδͳͲ νϟϨϯδɺRPใͳͲ ࢦೝূ إೝূ
ͳͲ 伴ϖΞ࡞ ެ։伴ͳͲ ެ։伴ͳͲ ݕূ ެ։伴ͷอଘ ެ։伴 ൿີ伴 νϟϨϯδͳͲ ੜ
FIDO2ͷΈʢొʣ Relyng Party ΫϥΠΞϯτ Authenticator ϩάΠϯID νϟϨϯδͳͲ νϟϨϯδɺRPใͳͲ ࢦೝূ إೝূ
ͳͲ 伴ϖΞ࡞ ެ։伴ͳͲ ެ։伴ͳͲ ݕূ ެ։伴ͷอଘ ެ։伴 ൿີ伴 ࢦใෆཁ νϟϨϯδͳͲ ੜ
FIDO2ͷΈʢೝূʣ Relyng Party ΫϥΠΞϯτ Authenticator ϩάΠϯID νϟϨϯδͳͲ νϟϨϯδɺRPใͳͲ ొ࣌ͷೝূ ॺ໊
ॺ໊ͳͲ ॺ໊ͳͲ ެ։伴Ͱݕূ ൿີ伴 νϟϨϯδͳͲ ੜ
σϞ
PHPͰ࣮͢ΔʢϥΠϒϥϦ͏͚Ͳʣ
༻͢ΔϥΠϒϥϦ web-auth/webauthn-lib ▪Πϯετʔϧ ɹcomposer require web-auth/webauthn-lib ▪υΩϡϝϯτ https://webauthn-doc.spomky-labs.com/
FIDO2ͷΈʢొʣ Relyng Party ΫϥΠΞϯτ Authenticator ϩάΠϯID νϟϨϯδͳͲ νϟϨϯδɺRPใͳͲ ࢦೝূ إೝূ
ͳͲ 伴ϖΞ࡞ ެ։伴ͳͲ ެ։伴ͳͲ ݕূ ެ։伴ͷอଘ ެ։伴 ൿີ伴 νϟϨϯδͳͲ ੜ ࣮ൣғ API ϥΠϒϥϦ
FIDO2ͷΈʢೝূʣ Relyng Party ΫϥΠΞϯτ Authenticator ϩάΠϯID νϟϨϯδͳͲ νϟϨϯδɺRPใͳͲ ొ࣌ͷೝূ ॺ໊
ॺ໊ͳͲ ॺ໊ͳͲ ެ։伴Ͱݕূ ൿີ伴 νϟϨϯδͳͲ ੜ API ࣮ൣғ ϥΠϒϥϦ
४උ͢Δͷ • طଘͷೝূػೳʢϩάΠϯIDͳͲʣɹ • PHPɹυΩϡϝϯτ7.2Ҏ্͕ͩɺ7.3.14Λͬͨ • ެ։伴Λอଘ͢ΔͷɹDBʹอଘͨ͠ • ηογϣϯػೳɹൃߦͨ͠νϟϨϯδΛอ͓ͯͨ͘͠Ί
࣮ͷྲྀΕ 1. ެ։伴Repositoryͷ࡞ 2. ϢʔβEntityͷ࡞ 3. RpServerͷ࡞ 4. ެ։伴Λొ͢ΔͨΊʹAuthenticatorʹ͢optionΛ࡞ 5.
Authenticator͔ΒϨεϙϯε͞ΕΔެ։伴Λอ͢Δ 6. ೝূΛ͢ΔͨΊʹAuthenticatorʹ͢optionΛ࡞ 7. Authenticator͔ΒϨεϙϯε͞ΕΔΛॺ໊Λݕূ͢Δ 8. طଘͷೝূʹΈࠐΉ ͜͜·ͰͰɺ4ʙ5ਓ͙Β͍͋ΕͰ͖Δ
ৄࡉ https://qiita.com/koujimatsuda11/items/47f00c9c4d6953377668
·ͱΊ • ϥΠϒϥϦΛ͏·͑͘ɺ؆୯ • ࢦೝূΛ͑ΔσόΠεݶఆతʢAndroidɺMacͳͲʣ • ѹతϢʔβϏϦςΟʂʂʂ ਓྨ͕ύεϫʔυ͔Βղ์͞ΕΔະདྷΛͬͯ·͢ɻ