Upgrade to Pro — share decks privately, control downloads, hide ads and more …

[2019.04.20]かごもく #19 シングルサインオン! - 認証よくわかってないか...

[2019.04.20]かごもく #19 シングルサインオン! - 認証よくわかってないから、色々試してみた♪

Amazon Linux に OpenAM をインストールしてみる - Qiita
https://qiita.com/kusokamayarou/items/3ed839a7e51b8137b87a

OpenAM と cybozu.com の SAML 認証を確認してみる - Qiita
https://qiita.com/kusokamayarou/items/94df119cd5e821c8876f

python (pysaml2) から cybozu.com の SAML 認証を確認してみる - Qiita
https://qiita.com/kusokamayarou/items/9689ab6e2629f02a9124

Amazon Cognito UserPools を JavaScript から使ってみる - Qiita
https://qiita.com/kusokamayarou/items/60bcf9d16ce0df93b0ea

Amazon Cognito UserPools を iOS から使ってみる - Qiita
https://qiita.com/kusokamayarou/items/b829d261b5e23bb1fc5f

KUSOKAMAYAROU

April 20, 2019
Tweet

More Decks by KUSOKAMAYAROU

Other Decks in Business

Transcript

  1. ࣗݾ঺հ • ্佂 ޾େ (řŚŜŵ ŻŝűƁ) • @kusokamayarou • ग़਎

    / ॴࡏɿࣛࣇౡݝປ࡚ࢢ • 2012೥ʹ౦ژ͔Β̪λʔϯͰݱ৬ɻ2018೥͔ΒςϨϫʔΫɻ • 2018೥͔ΒɺJAWS-UG ࣛࣇౡ ίΞϝϯόʔɻ • ޷͖ͳ͜ͱɿՈ଒ɾԹઘɾອըΛಡΉ͜ͱɾྉཧͳͲ  
  2. ໨࣍ 1. ·ͣɺ࠷ॳʹ… 2. ೝূͬͯԿʁ 3. OpenAM ͱ cybozu.com Ͱ

    SAML Λࢼ͢ 4. python (pysaml2) ͱ cybozu.com Ͱ SAML Λࢼ͢ 5. JavaScript Ͱ Amazon Cognito User Pool Λࢼ͢ 6. iOS Ͱ Amazon Cognito User Pool Λࢼ͢ 7. ·ͱΊ  
  3.   ͦ Ε ͡ Ό ࿩ ͕ ऴ Θ

    ͬ ͪ Ό ͏ ϒϥοΫδϟοΫʹΑΖ͘͠ ࠤ౻लๆ Ͱ ͠ ΐ ͏ ͕ ᴺ ο 
  4. SAML (Security Assertion Markup Language) • IdP (Identity Provider) •

    ೝূ৘ใΛఏڙ͢Δଆ • OpenIDͩͱɺOP (OpenID Provider) • SP (Service Provider) • ೝূ৘ใΛར༻͢Δଆ • OpenIDͩͱɺRP (Relying Party) • ϑΣσϨʔγϣϯ (Federation) • …࿈߹ɺಉໍɺ࿈๜੓෎ɺ࿈߹૊߹ձɺ࿈ໍ  
  5. ŲŐũƄƀŖŢŔƃ SAMLᶄ (IdP ͱ SP ͱ ϑΣσϨʔγϣϯ)   41

    *E1 $PPLJFΛ֬ೝ ೝূ/( ೝূ0, ɾšŖűƄţ ɾ*% ŸŖſŗŪƄƀţ
  6. ŲŐũƄƀŖŢŔƃ SAMLᶅ (IdP ͱ SP ͱ ϑΣσϨʔγϣϯ)   41

    *E1 $PPLJFΛ֬ೝ ೝূ/( ೝূ/( ೝূ0, $PPLJFΛ֬ೝ ೝূ0, ɾšŖűƄţ ɾ*% ŸŖſŗŪƄƀţ
  7. OpenAM @ ForgeRock • OpenAM - Wikipedia • OpenAMͬͯͳʹʁ -

    Qiita • ForgeRock Backstage • Idp ΋ SP ΋Մɻ •  
  8. OpenAM ͱ cybozu.com Ͱ SAML Λࢼ͢ • Amazon Linux ʹ

    OpenAM ΛΠϯετʔ ϧͯ͠ΈΔ - Qiita • OpenAM ͱ cybozu.com ͷ SAML ೝূΛ ֬ೝͯ͠ΈΔ - Qiita •  
  9. python (pysaml2) ͱ cybozu.com Ͱ SAML Λࢼ͢ • python (pysaml2)

    ͔Β cybozu.com ͷ SAML ೝূΛ֬ೝͯ͠ΈΔ - Qiita •  
  10. Amazon Cognito User Pool @ AWS • Amazon Cognito Ϣʔβʔϓʔϧ

    - Amazon Cognito • AWS Black Belt Online Seminar 2017 Amazon Cognito • AWS Black Belt Online Seminar 2016 Amazon Cognito • AWS Black Belt Online Seminar 2015 Amazon Cognito • AWS Cognitoʹ͍ͭͯௐ΂ͯΈͨ - Qiita • SP ͷΈɻ  
  11. ŲŐũƄƀŖŢŔƃ Amazon Cognito User Pool (Javascript)   41 *E1

    "NB[PO$PHOJUP 6TFS1PPM ɾೝূػೳ "NB[PO$PHOJUP *EFOUJUZ1PPM ɾೝՄػೳ ˞֤छ"84Ϧιʔε ˞֎෦*%ϓϩόΠμ
  12. JavaScript Ͱ Amazon Cognito User Pool Λࢼ͢ • Amazon Cognito

    UserPools Λ JavaScript ͔Β࢖ͬͯΈΔ - Qiita •  
  13. ŲŐũƄƀŖŢŔƃ Amazon Cognito User Pool (iOS)   41 *E1

    "NB[PO$PHOJUP 6TFS1PPM ɾೝূػೳ "NB[PO$PHOJUP *EFOUJUZ1PPM ɾೝՄػೳ ˞֤छ"84Ϧιʔε ˞֎෦*%ϓϩόΠμ
  14. iOS Ͱ Amazon Cognito User Pool Λࢼ͢ • Amazon Cognito

    UserPools Λ iOS ͔Β࢖ͬͯΈΔ - Qiita •  
  15. ·ͱΊᶄ • ͨͩɺϓϩμΫτΛ։ൃ͢ΔͷͰ͋Ε͹ɺOSS Λར༻ͨ͠Γɺθϩ͔Β಺੡͢ ΔΑΓ͸ɺAWS ΍ GCP ͳͲͷύϒϦοΫΫϥ΢υΛར༻͢Δํ͕ྑ͍Μ͡Ό ͳ͍͔ɺͱݸਓతʹ͸ࢥ͍ͬͯ·͢ɻ •

    ։ൃɾӡ༻ͷίετ࡟ݮɺεέʔϦϯάɺϏοάαʔϏεͰͷར༻อূɺϝʔ ϧ΍SMSͷऔΓѻ͍ɺTFAͳͲɺϞόΠϧΞϓϦͱͷ૬ੑ͕ྑ͍༷ʹࢥ͍· ͢ɻ • ಛʹɺ֤छ৘ใϦιʔεΛύϒϦοΫΫϥ΢υʹ֨ೲ͍ͯ͠ΔͷͰ͋Ε͹ɺར ༻ͨ͠ํ͕ྑ͍ؾ͕͠·͢ɻ • Ͱ΋ɺϊ΢ϋ΢ແ͔ͬͨΓ͢Δͱɺ৭ʑϋϚΔ৔໘΋ͦΕͳΓʹ͋Δ͔΋…ɻ
  16. ݱ৔αϙʔτ • HP - גࣜձࣾݱ৔αϙʔτ • Facebook - ʢגʣݱ৔αϙʔτ -

    ϗʔϜ • ϑΥϩʔ͓ئ͍͠·͢ɻ • HP - ݱ৔Ϋϥ΢υ Conne ʢίϯωʣ • ʮݐઃۀͷνʔϜϫʔΫΛΑΓڧ͘ɻΑΓεϜʔζʹɻʯ • ৽͘͠ݐઃۀք޲͚ͷۀ຿ίϛϡχέʔγϣϯαʔϏεΛల։͓ͯ͠Γ·͢ • Ԡԉɾ͝ڠྗͷఔɺΑΖ͓͘͠ئ͍͠·͢ɻ  
  17. ίϛϡχςΟ • JAWS-UG ࣛࣇౡ • JAWS-UGࣛࣇౡ | Doorkeeper ɺFacebook -

    AWS User Group - ࣛࣇౡ • CoderDojo ࣛࣇౡ • CoderDojoࣛࣇౡ - connpass ɺFacebook - CoderDojo ࣛࣇౡ • ্هίϛϡχςΠʹͯఆظతʹΠϕϯτΛ։࠵͓ͯ͠Γ·̇͢ • ͝౎߹ΑΖ͚͠Ε͹ɺ͓ؾܰʹ͝ࢀՃ͍ͩ͘͞ɻ  
  18. kusokamayarou • kusokamayarou - facebook • kusokamayarou | Twitter •

    kusokamayarou - Qiita • kusokamayarou - GitHub • ࣛࣇౡࢢͷاۀʹۈΊͯɺປ࡚ͰςϨϫʔΫͯ͠Δ IT ΤϯδχΞͬΆ͍ਓͷϒ ϩά | ͸ͯͳϒϩά • ίϛϡχςΟʹؔ͢Δ͜ͱ΍ٕज़తͳ Tips ͳͲ౤ߘͨ͠Γͯ͠·͢ɻ • ݟ͔͚ͨΒɺʮΞΠπ͕ॻ͍ͯΜͩͳʯͱࢥͬͯ௖͚Δͱخ͍͠Ͱ͢ɻ