Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Let’s talk about OAuth2 and PKCE in Go

Let’s talk about OAuth2 and PKCE in Go

line_developers_tw2

June 01, 2021
Tweet

More Decks by line_developers_tw2

Other Decks in Technology

Transcript

  1. Let’s talk about OAuth2 and PKCE in Go
    LINE Developer Relations
    Evan Lin
    2021.06

    View Slide

  2. Evan Lin
    • LINE Tech Event Organizer
    • Community Organizer
    • GDE, Love Golang
    LINE Technology Evangelist

    View Slide

  3. Agenda
    •OAuth2 and OpenID
    •How to implement LINE Login in Go
    •Issue in OAuth2
    •Introducing PKCE
    •How to implement PKCE in Go (LINE Login)
    •Summary

    View Slide

  4. Building a online services / store

    View Slide

  5. OpenID Login Registration
    https://developers.line.biz/en/docs/line-login/web/integrate-line-login/

    View Slide

  6. LINE Login
    Process
    • SDK https://github.com/kkdai/line-login-sdk-go
    • Web starter https://github.com/kkdai/line-login-go
    • Demo site: https://login-tester-evan.herokuapp.com/

    View Slide

  7. LINE Login Process

    View Slide

  8. Access LINE Login AUTH URL
    • SDK https://github.com/kkdai/line-login-sdk-go
    • Web starter https://github.com/kkdai/line-login-go
    • Demo site: https://login-tester-evan.herokuapp.com/

    View Slide

  9. Profile: Access token to call Get Profile API

    View Slide

  10. OpenID: Get JWT User Info directly

    View Slide

  11. Decode JWT
    OpenID data
    • SDK https://github.com/kkdai/line-login-sdk-go

    View Slide

  12. Issue in OAuth2
    https://datatracker.ietf.org/doc/html/rfc7636

    View Slide

  13. PKCE (Proof Key for
    Code Exchange)
    • Google RFC since 2015 (RFC 7636)
    • Also in Google API
    https://developers.google.com/identity/p
    rotocols/oauth2/native-app#exchange-
    authorization-code

    View Slide

  14. PKCE (Proof Key for
    Code Exchange)

    View Slide

  15. PKCE (Proof Key for
    Code Exchange)

    View Slide

  16. LINE Login PKCE
    Process
    • SDK https://github.com/kkdai/line-login-sdk-go
    • Web starter https://github.com/kkdai/line-login-pkce-go
    • Demo site: https://line-login-pkce.herokuapp.com/

    View Slide

  17. All GitHub Resources
    • LINE Login SDK https://github.com/kkdai/line-login-sdk-go
    • LINE Login Web starter
    • https://github.com/kkdai/line-login-go
    • Demo site: https://login-tester-evan.herokuapp.com/
    • LINE Login with PKCE Web Starter
    • https://github.com/kkdai/line-login-pkce-go
    • Demo site: https://line-login-pkce.herokuapp.com/

    View Slide

  18. Summary
    •Introducing OAuth2 work flow
    •Introducing PKCE and how it works
    •Introducing LINE Login related packages in Go (mine)
    •Feel free to ”star” or “pull request”.

    View Slide

  19. View Slide