Upgrade to Pro — share decks privately, control downloads, hide ads and more …

[2019.04.20]かごもく #19 シングルサインオン! - 認証よくわかってないから、色々試してみた♪

KUSOKAMAYAROU
April 20, 2019
Business
0
510

[2019.04.20]かごもく #19 シングルサインオン! - 認証よくわかってないから、色々試してみた♪

Amazon Linux に OpenAM をインストールしてみる - Qiita
https://qiita.com/kusokamayarou/items/3ed839a7e51b8137b87a

OpenAM と cybozu.com の SAML 認証を確認してみる - Qiita
https://qiita.com/kusokamayarou/items/94df119cd5e821c8876f

python (pysaml2) から cybozu.com の SAML 認証を確認してみる - Qiita
https://qiita.com/kusokamayarou/items/9689ab6e2629f02a9124

Amazon Cognito UserPools を JavaScript から使ってみる - Qiita
https://qiita.com/kusokamayarou/items/60bcf9d16ce0df93b0ea

Amazon Cognito UserPools を iOS から使ってみる - Qiita
https://qiita.com/kusokamayarou/items/b829d261b5e23bb1fc5f

KUSOKAMAYAROU

April 20, 2019
Tweet

More Decks by KUSOKAMAYAROU

See All by KUSOKAMAYAROU
20210428_JAWS-UG鹿児島勉強会Vol.10 - 進行.pdf
kusokamayarou
0
190
20201202_Shifter_オンラインミートアップ - LT
kusokamayarou
0
640
20200909_Shifter_オンラインミートアップ - LT
kusokamayarou
0
1.7k
20200206_さくらじまハウス2020 - #session_3_進行.pdf
kusokamayarou
0
35
20191226_JAWS-UG鹿児島2019納会_-_進行.pdf
kusokamayarou
0
150
20191026_JAWS-UG鹿児島勉強会Vol.9_-_進行.pdf
kusokamayarou
0
150
20191026_JAWS-UG鹿児島勉強会Vol.9 - レポート_2018.10-2019.10.pdf
kusokamayarou
0
590
20191019_JAWS-UG鹿児島レポート_2018.10-2019.10
kusokamayarou
0
1.4k
20190921_JAWS-UG鹿児島もくもく会_#8 - 進行.pdf
kusokamayarou
0
34

Other Decks in Business

See All in Business
iceberg次世代メインストリーム白書 (20233.02)
gakunoguchi
0
890
デジタルツイン実現プロジェクトR4実証01報告書
data_rikatsuyou
0
210
ともにあーる株式会社|会社説明資料
tadaken47
0
110
Progmat_概要説明資料(UT中心編) / UT
progmat
0
1.6k
GMOフィナンシャルHD 会社紹介資料
gmofh_hr_team
0
7k
事例紹介#01_アドバイザリー
srmarketing
0
440
Progmat_概要説明資料(採用ポジション編) / Job Position
progmat
0
850
株式会社ベイストリーム 会社紹介資料
baystream
0
140
プロデザvol8_現場から生まれるリクルートのUXリサーチ_質問回答資料
recruitengineers
PRO
2
260
NOT A HOTEL SOFTWARE DECK
notahotel
0
4.2k
YassLab (株) サービス紹介 / Introduction of YassLab
yasslab
PRO
2
22k
株式会社トレタ会社紹介資料
toreta_recruit
2
1.2k

Featured

See All Featured
Scaling GitHub
holman
453
140k
Reflections from 52 weeks, 52 projects
jeffersonlam
340
18k
Web development in the modern age
philhawksworth
197
9.6k
Git: the NoSQL Database
bkeepers
PRO
419
60k
It's Worth the Effort
3n
177
26k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
32
9k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
15
1.2k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
3.7k
Building Better People: How to give real-time feedback that sticks.
wjessup
346
17k
Code Review Best Practice
trishagee
51
12k
Support Driven Design
roundedbygravity
88
8.9k
What the flash - Photography Introduction
edds
64
10k

Transcript

  1. ೝূΑ͘Θ͔ͬͯͳ͍͔Βɺ
    ৭ʑࢼͯ͠Έͨ̇

    ͔͝΋͘ #19 γϯάϧαΠϯΦϯ!
    גࣜձࣾ ݱ৔αϙʔτ
    ্佂 ޾େ
    2019.04.20


    View Slide

  2. ࣗݾ঺հ
    • ্佂 ޾େ (řŚŜŵ ŻŝűƁ)
    • @kusokamayarou
    • ग़਎ / ॴࡏɿࣛࣇౡݝປ࡚ࢢ
    • 2012೥ʹ౦ژ͔Β̪λʔϯͰݱ৬ɻ2018೥͔ΒςϨϫʔΫɻ
    • 2018೥͔ΒɺJAWS-UG ࣛࣇౡ ίΞϝϯόʔɻ
    • ޷͖ͳ͜ͱɿՈ଒ɾԹઘɾອըΛಡΉ͜ͱɾྉཧͳͲ


    View Slide

  3. ໨࣍
    1. ·ͣɺ࠷ॳʹ…
    2. ೝূͬͯԿʁ
    3. OpenAM ͱ cybozu.com Ͱ SAML Λࢼ͢
    4. python (pysaml2) ͱ cybozu.com Ͱ SAML Λࢼ͢
    5. JavaScript Ͱ Amazon Cognito User Pool Λࢼ͢
    6. iOS Ͱ Amazon Cognito User Pool Λࢼ͢
    7. ·ͱΊ


    View Slide

  4. ·ͣɺ࠷ॳʹ…

    View Slide

  5. ઌʹँ͓͖ͬͯ·͢!!


    View Slide

  6. ৭ʑࢼ͠·͕ͨ͠…


    View Slide

  7. ೝূͷ͜ͱɺ
    ͋Μ·Γࣗ৴ͳ͍…


    View Slide

  8. ΍ͬͺΓ
    Α͘Θ͔Μͳ͍!!



    View Slide

  9. ͳͷͰ
    ؒҧͬͯͨΒ
    ͝ΊΜͳ͍͞



    View Slide

  10. ೝূͬͯԿʁ

    View Slide

  11. άάͬͯԼ͍͞!!



    View Slide



  12. ͦ
    Ε
    ͡
    Ό

    ͕

    Θ
    ͬ
    ͪ
    Ό
    ͏
    ϒϥοΫδϟοΫʹΑΖ͘͠
    ࠤ౻लๆ
    Ͱ
    ͠
    ΐ
    ͏
    ͕

    ο

    View Slide

  13. ͱ͍͏༁ʹ΋
    ͍͔ͳ͍ͷͰ



    View Slide

  14. ࠓ೔͓࿩͢Δ͜ͱʹؔͯ͠ɺ
    ؆୯ʹ…
    • SAML


    View Slide

  15. SAML
    (Security Assertion Markup Language)
    • IdP (Identity Provider)
    • ೝূ৘ใΛఏڙ͢Δଆ
    • OpenIDͩͱɺOP (OpenID Provider)
    • SP (Service Provider)
    • ೝূ৘ใΛར༻͢Δଆ
    • OpenIDͩͱɺRP (Relying Party)
    • ϑΣσϨʔγϣϯ (Federation)
    • …࿈߹ɺಉໍɺ࿈๜੓෎ɺ࿈߹૊߹ձɺ࿈ໍ


    View Slide

  16. ŲŐũƄƀŖŢŔƃ
    SAMLᶃ
    (IdP ͱ SP ͱ ϑΣσϨʔγϣϯ)


    41 *E1
    $PPLJFΛ֬ೝ
    ೝূ0,

    View Slide

  17. ŲŐũƄƀŖŢŔƃ
    SAMLᶄ
    (IdP ͱ SP ͱ ϑΣσϨʔγϣϯ)


    41 *E1
    $PPLJFΛ֬ೝ
    ೝূ/(
    ೝূ0,
    ɾšŖűƄţ
    ɾ*% ŸŖſŗŪƄƀţ

    View Slide

  18. ŲŐũƄƀŖŢŔƃ
    SAMLᶅ
    (IdP ͱ SP ͱ ϑΣσϨʔγϣϯ)


    41 *E1
    $PPLJFΛ֬ೝ
    ೝূ/(
    ೝূ/(
    ೝূ0,
    $PPLJFΛ֬ೝ
    ೝূ0,
    ɾšŖűƄţ
    ɾ*% ŸŖſŗŪƄƀţ

    View Slide

  19. OpenAM ͱ
    cybozu.com Ͱ
    SAML Λࢼ͢

    View Slide

  20. OpenAM
    @ ForgeRock
    • OpenAM - Wikipedia
    • OpenAMͬͯͳʹʁ - Qiita
    • ForgeRock Backstage
    • Idp ΋ SP ΋Մɻ



    View Slide

  21. cybozu.com
    @ αΠϘ΢ζ
    • αΠϘ΢ζͷΫϥ΢υαʔϏεʹ͍ͭͯɹ
    cybozu.com
    • SAMLೝূͷઃఆ - cybozu.com ϔϧϓ
    • αΠϘ΢ζגࣜձࣾ
    • SP ͷΈɻ



    View Slide

  22. ŲŐũƄƀŖŢŔƃ
    SAMLᶆ
    (OpenAM - cybozu.com)


    41 *E1

    View Slide

  23. OpenAM ͱ cybozu.com Ͱ
    SAML Λࢼ͢
    • Amazon Linux ʹ OpenAM ΛΠϯετʔ
    ϧͯ͠ΈΔ - Qiita
    • OpenAM ͱ cybozu.com ͷ SAML ೝূΛ
    ֬ೝͯ͠ΈΔ - Qiita



    View Slide

  24. python (pysaml2) ͱ
    cybozu.com Ͱ
    SAML Λࢼ͢

    View Slide

  25. pysaml2
    @ IdentityPython
    • IdentityPython/pysaml2: Python
    implementation of SAML2
    • Idp ΋ SP ΋Մɻ



    View Slide

  26. ŲŐũƄƀŖŢŔƃ
    SAMLᶇ
    (OpenAM - pysaml2)


    41 *E1
    QZTBNM

    View Slide

  27. python (pysaml2) ͱ cybozu.com Ͱ
    SAML Λࢼ͢
    • python (pysaml2) ͔Β cybozu.com
    ͷ SAML ೝূΛ֬ೝͯ͠ΈΔ - Qiita



    View Slide

  28. JavaScript Ͱ
    Amazon Cognito
    User Pool
    Λࢼ͢

    View Slide

  29. Amazon Cognito User Pool
    @ AWS
    • Amazon Cognito Ϣʔβʔϓʔϧ - Amazon Cognito
    • AWS Black Belt Online Seminar 2017 Amazon Cognito
    • AWS Black Belt Online Seminar 2016 Amazon Cognito
    • AWS Black Belt Online Seminar 2015 Amazon Cognito
    • AWS Cognitoʹ͍ͭͯௐ΂ͯΈͨ - Qiita
    • SP ͷΈɻ


    View Slide

  30. ŲŐũƄƀŖŢŔƃ
    Amazon Cognito User Pool
    (Javascript)


    41 *E1
    "NB[PO$PHOJUP
    6TFS1PPM
    ɾೝূػೳ
    "NB[PO$PHOJUP
    *EFOUJUZ1PPM
    ɾೝՄػೳ
    ˞֤छ"84Ϧιʔε
    ˞֎෦*%ϓϩόΠμ

    View Slide

  31. JavaScript Ͱ
    Amazon Cognito User Pool Λࢼ͢
    • Amazon Cognito UserPools Λ
    JavaScript ͔Β࢖ͬͯΈΔ - Qiita



    View Slide

  32. iOS Ͱ
    Amazon Cognito
    User Pool
    Λࢼ͢

    View Slide

  33. ŲŐũƄƀŖŢŔƃ
    Amazon Cognito User Pool
    (iOS)


    41 *E1
    "NB[PO$PHOJUP
    6TFS1PPM
    ɾೝূػೳ
    "NB[PO$PHOJUP
    *EFOUJUZ1PPM
    ɾೝՄػೳ
    ˞֤छ"84Ϧιʔε
    ˞֎෦*%ϓϩόΠμ

    View Slide

  34. iOS Ͱ
    Amazon Cognito User Pool Λࢼ͢
    • Amazon Cognito UserPools
    Λ iOS ͔Β࢖ͬͯΈΔ - Qiita



    View Slide

  35. ·ͱΊ

    View Slide

  36. ·ͱΊᶃ
    • ๯಄ʹ΋ॻ͖·͕ͨ͠ɺೝূ΍ͬͺΓ೉͍͠Ͱ͢…ɻ
    • ࢲ΋৭ʑௐ΂ͨΓɺࢼͨ͠Γ͠·͕ͨ͠…ɺͳ͔ͳ͔ࡉ͔͍ͱ͜
    Ζ·Ͱཧղ͢Δͷ͸…ɻ
    • ͨͩɺ΍͸ΓΤϯδχΞΒ͘͠ɺखΛಈ͔͢ͷ͕Ұ൪ͩͱࢥ͍·
    ͢ɻ
    • ࠓճ͝঺հͨ͠ɺOpenAM ΍ pysaml2 ͳͲͷ OSS ͸ɺσόοά
    ͰτʔΫϯͷ΍ΓऔΓ΍ϓϩτίϧͷྲྀΕΛ֬ೝͰ͖ͯྑ͍Μ
    ͡Όͳ͍͔ͱࢥ͍·͢ɻ

    View Slide

  37. ·ͱΊᶄ
    • ͨͩɺϓϩμΫτΛ։ൃ͢ΔͷͰ͋Ε͹ɺOSS Λར༻ͨ͠Γɺθϩ͔Β಺੡͢
    ΔΑΓ͸ɺAWS ΍ GCP ͳͲͷύϒϦοΫΫϥ΢υΛར༻͢Δํ͕ྑ͍Μ͡Ό
    ͳ͍͔ɺͱݸਓతʹ͸ࢥ͍ͬͯ·͢ɻ
    • ։ൃɾӡ༻ͷίετ࡟ݮɺεέʔϦϯάɺϏοάαʔϏεͰͷར༻อূɺϝʔ
    ϧ΍SMSͷऔΓѻ͍ɺTFAͳͲɺϞόΠϧΞϓϦͱͷ૬ੑ͕ྑ͍༷ʹࢥ͍·
    ͢ɻ
    • ಛʹɺ֤छ৘ใϦιʔεΛύϒϦοΫΫϥ΢υʹ֨ೲ͍ͯ͠ΔͷͰ͋Ε͹ɺར
    ༻ͨ͠ํ͕ྑ͍ؾ͕͠·͢ɻ
    • Ͱ΋ɺϊ΢ϋ΢ແ͔ͬͨΓ͢Δͱɺ৭ʑϋϚΔ৔໘΋ͦΕͳΓʹ͋Δ͔΋…ɻ

    View Slide

  38. ͓஌Βͤ


    View Slide

  39. ݱ৔αϙʔτ
    • HP - גࣜձࣾݱ৔αϙʔτ
    • Facebook - ʢגʣݱ৔αϙʔτ - ϗʔϜ
    • ϑΥϩʔ͓ئ͍͠·͢ɻ
    • HP - ݱ৔Ϋϥ΢υ Conne ʢίϯωʣ
    • ʮݐઃۀͷνʔϜϫʔΫΛΑΓڧ͘ɻΑΓεϜʔζʹɻʯ
    • ৽͘͠ݐઃۀք޲͚ͷۀ຿ίϛϡχέʔγϣϯαʔϏεΛల։͓ͯ͠Γ·͢
    • Ԡԉɾ͝ڠྗͷఔɺΑΖ͓͘͠ئ͍͠·͢ɻ


    View Slide

  40. ίϛϡχςΟ
    • JAWS-UG ࣛࣇౡ
    • JAWS-UGࣛࣇౡ | Doorkeeper ɺFacebook - AWS User Group - ࣛࣇౡ
    • CoderDojo ࣛࣇౡ
    • CoderDojoࣛࣇౡ - connpass ɺFacebook - CoderDojo ࣛࣇౡ
    • ্هίϛϡχςΠʹͯఆظతʹΠϕϯτΛ։࠵͓ͯ͠Γ·̇͢
    • ͝౎߹ΑΖ͚͠Ε͹ɺ͓ؾܰʹ͝ࢀՃ͍ͩ͘͞ɻ


    View Slide

  41. kusokamayarou
    • kusokamayarou - facebook
    • kusokamayarou | Twitter
    • kusokamayarou - Qiita
    • kusokamayarou - GitHub
    • ࣛࣇౡࢢͷاۀʹۈΊͯɺປ࡚ͰςϨϫʔΫͯ͠Δ IT ΤϯδχΞͬΆ͍ਓͷϒ
    ϩά | ͸ͯͳϒϩά
    • ίϛϡχςΟʹؔ͢Δ͜ͱ΍ٕज़తͳ Tips ͳͲ౤ߘͨ͠Γͯ͠·͢ɻ
    • ݟ͔͚ͨΒɺʮΞΠπ͕ॻ͍ͯΜͩͳʯͱࢥͬͯ௖͚Δͱخ͍͠Ͱ͢ɻ


    View Slide

  42. ࠷ޙʹ


    View Slide

  43. ࠓճ͜ͷ༷ͳܗͰ͓࿩͢ΔػձΛ௖͚ͨ͜
    ͱɺඇৗʹ͋Γ͕ͨ͘ࢥ͓ͬͯΓ·͢ɻ

    ੓૔͞ΜΛ͸͡Ίɺ͔͝΂Μ ŠŶœŬũŎͷํʑ
    TUKUDDO ͷํʑ
    ฐࣾͷϝϯό
    ͦͯ͠ɺࠓ೔͓ӽ͠௖͍ͨࢀՃऀͷօ༷
    Ͳ͏΋͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ


    View Slide

  44. ͝੩ௌ
    Ͳ͏΋͋Γ͕ͱ͏
    ͍͟͝·ͨ͠



    View Slide

  45. ύνύν
    ύνύν
    ύνʙ
    ऴΘΓ̇


    View Slide