Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Let’s talk about OAuth2 and PKCE in Go

Let’s talk about OAuth2 and PKCE in Go

line_developers_tw2

June 01, 2021
Tweet

More Decks by line_developers_tw2

Other Decks in Technology

Transcript

  1. Let’s talk about OAuth2 and PKCE in Go
    LINE Developer Relations
    Evan Lin
    2021.06

    View full-size slide

  2. Evan Lin
    • LINE Tech Event Organizer
    • Community Organizer
    • GDE, Love Golang
    LINE Technology Evangelist

    View full-size slide

  3. Agenda
    •OAuth2 and OpenID
    •How to implement LINE Login in Go
    •Issue in OAuth2
    •Introducing PKCE
    •How to implement PKCE in Go (LINE Login)
    •Summary

    View full-size slide

  4. Building a online services / store

    View full-size slide

  5. OpenID Login Registration
    https://developers.line.biz/en/docs/line-login/web/integrate-line-login/

    View full-size slide

  6. LINE Login
    Process
    • SDK https://github.com/kkdai/line-login-sdk-go
    • Web starter https://github.com/kkdai/line-login-go
    • Demo site: https://login-tester-evan.herokuapp.com/

    View full-size slide

  7. LINE Login Process

    View full-size slide

  8. Access LINE Login AUTH URL
    • SDK https://github.com/kkdai/line-login-sdk-go
    • Web starter https://github.com/kkdai/line-login-go
    • Demo site: https://login-tester-evan.herokuapp.com/

    View full-size slide

  9. Profile: Access token to call Get Profile API

    View full-size slide

  10. OpenID: Get JWT User Info directly

    View full-size slide

  11. Decode JWT
    OpenID data
    • SDK https://github.com/kkdai/line-login-sdk-go

    View full-size slide

  12. Issue in OAuth2
    https://datatracker.ietf.org/doc/html/rfc7636

    View full-size slide

  13. PKCE (Proof Key for
    Code Exchange)
    • Google RFC since 2015 (RFC 7636)
    • Also in Google API
    https://developers.google.com/identity/p
    rotocols/oauth2/native-app#exchange-
    authorization-code

    View full-size slide

  14. PKCE (Proof Key for
    Code Exchange)

    View full-size slide

  15. PKCE (Proof Key for
    Code Exchange)

    View full-size slide

  16. LINE Login PKCE
    Process
    • SDK https://github.com/kkdai/line-login-sdk-go
    • Web starter https://github.com/kkdai/line-login-pkce-go
    • Demo site: https://line-login-pkce.herokuapp.com/

    View full-size slide

  17. All GitHub Resources
    • LINE Login SDK https://github.com/kkdai/line-login-sdk-go
    • LINE Login Web starter
    • https://github.com/kkdai/line-login-go
    • Demo site: https://login-tester-evan.herokuapp.com/
    • LINE Login with PKCE Web Starter
    • https://github.com/kkdai/line-login-pkce-go
    • Demo site: https://line-login-pkce.herokuapp.com/

    View full-size slide

  18. Summary
    •Introducing OAuth2 work flow
    •Introducing PKCE and how it works
    •Introducing LINE Login related packages in Go (mine)
    •Feel free to ”star” or “pull request”.

    View full-size slide