Save 37% off PRO during our Black Friday Sale! »

Javaで実装して学ぶOAuth 2.0!

Javaで実装して学ぶOAuth 2.0!

JJUG CCC 2017 Springでの発表資料です。

5dbaf4015e7f249ab21b195ced8e9e46?s=128

Masatoshi Tada

May 20, 2017
Tweet

Transcript

  1. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 +BWBͰ࣮૷ֶͯ͠Ϳ 0"VUIʂ

    ג ΧαϨΞϧଟాਅහ ++6($$$4QSJOH 
  2. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͜ͷηογϣϯʹ͍ͭͯ ▸

    ೝՄϓϩτίϧʮ0"VUIʯʹ͍ͭͯɺ
 جૅ͔Βৄ͘͠ղઆ͠·͢ ▸ +BWBͰೝՄαʔόʔɾϦιʔεαʔόʔɾ
 ΫϥΠΞϯτΛ࣮૷ͨ͠ྫ΋ղઆ͠·͢ 2
  3. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ࣗݾ঺հ ▸

    ଟాਅහʢ!TVLF@NBTBʣ ▸ ݚमτϨʔφʔ!ΧαϨΞϧ ▸ ઐ໳ɿ+BWB&&4QSJOH ▸ 1JWPUBMೝఆߨࢣ ▸ (MBTT'JTIϢʔβʔձӡӦϝϯόʔ ▸ ++6($$$ɿճ࿈ଓճ໨ͷొஃ 3
  4. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 גࣜձࣾΧαϨΞϧ ▸

    *5ڭҭˍγεςϜ։ൃ ▸ IUUQTXXXDBTBSFBMDPKQMTTFSWJDF PQFOTFNJOBSUPQJOEFYIUNM ▸ ଞࣾʹ͸ແ͍ϓϩάϥϛϯάݚम͕ڧΈʂ ▸ +BWB&&ɺ4QSJOHɺ1JWPUBMೝఆίʔεɺ"QQMFೝఆίʔ εɺ+BWB4DSJQUɺJ04ɺ"OESPJEɺɾɾɾ 4
  5. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 5
  6. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 6
  7. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱ͸ʁ 3'$ΑΓ

    ▸ ೝՄͷྲྀΕΛنఆͨ͠ϓϩτίϧ ▸ ʮαʔυύʔςΟʔΞϓϦέʔγϣϯʹΑΔ)551 αʔϏε΁ͷݶఆతͳΞΫηεΛՄೳʹ͢ΔೝՄϑϨʔ ϜϫʔΫͰ͋Δʯ ▸ 0"VUIͱ͸શ͘ͷผ෺ ▸ ʮ0"VUIϓϩτίϧΛഇࢭ͠ɺͦͷ୅ସͱͳΔ΋ ͷʯ 7
  8. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূͱೝՄ ▸

    ೝূ "VUIFOUJDBUJPO"VUI/ "VUI$  ▸ ຊਓ֬ೝɻ͍ΘΏΔϩάΠϯɻ ▸ ೝՄ "VUIPSJ[BUJPO"VUI;  ▸ ຊਓ֬ೝޙʹɺͦͷਓʹͦͷॲཧͷ࣮ߦݖݶ͕͋Δ͔ Ͳ͏͔ͷ֬ೝɻ 8
  9. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯͱ͸ ▸

    ΫϥΠΞϯτ͕ϦιʔεαʔόʔʹΞΫηε͢Δ ࡍͷʮ௨ߦखܗʯͷΑ͏ͳ΋ͷ ▸ ೝՄαʔόʔ͔Βൃߦ͞ΕΔ 9 GET /api/todos HTTP 1.1 Host: resource-server.com Authorization:Bearer yd2Dcweij334SSx ΞΫηετʔΫϯ
  10. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 είʔϓͱ͸ ▸

    ΫϥΠΞϯτ͕ΞΫηεՄೳͳൣғ 10
  11. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 11
  12. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͷొ৔ਓ෺ ᶃ

    ϦιʔεΦʔφʔ 3FTPVSDF0XOFS  ᶄ Ϧιʔεαʔόʔ 3FTPVSDF4FSWFS  ᶅ ΫϥΠΞϯτ $MJFOU  ᶆ ೝՄαʔόʔ "VUIPSJ[BUJPO4FSWFS 12 υΩϡϝϯτ΍ϥΠϒϥϦͰසग़ → ਖ਼֬ʹ֮͑Δ͜ͱ͕ॏཁʂ
  13. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦιʔεΦʔφʔ ▸

    อޢ͞ΕͨϦιʔε΁ͷΞΫηεΛڐՄ͢Δਓؒ ▸ ػցͷ৔߹΋͋Δ ▸ 5XJUUFSͳΒʮਓਓͷϢʔβʔʯ 13
  14. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄϦιʔεαʔόʔ ▸

    อޢ͞ΕͨϦιʔεΛϗετ͢Δαʔόʔ ▸ ϦιʔεʹΞΫηε͢Δʹ͸ΞΫηετʔΫϯ͕ඞཁ ▸ 5XJUUFSͳΒʮͭͿ΍͖αʔόʔʯ 14
  15. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΫϥΠΞϯτ ▸

    ϦιʔεΦʔφʔͷೝՄΛಘͯɺͦͷ୅ཧͱͯ͠อ ޢ͞ΕͨϦιʔεʹΞΫηε͢ΔΞϓϦέʔγϣϯ ▸ αʔόʔαΠυ8FCΞϓϦɺΫϥΠΞϯταΠυ8FCΞ ϓϦɺωΠςΟϒΞϓϦͳͲଟछଟ༷ ▸ 5XJUUFSͳΒʮUXJUUFSDPNʯʮ5XFFU%FDLʯʮJ04 "OESPJE༻ΫϥΠΞϯτʯʮ%PPSLFFQFSʯͳͲ 15
  16. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄαʔόʔ ▸

    ϦιʔεΦʔφʔͷೝূͱೝՄऔಘͷ੒ޭޙɺ
 ΞΫηετʔΫϯΛΫϥΠΞϯτʹൃߦ͢Δαʔ όʔ ▸ 5XJUUFSͳΒ͹ʮϢʔβʔ৘ใαʔόʔʯ 16
  17. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 5XJUUFSͰొ৔ਓ෺·ͱΊ 17

    twitter.com ࠓ೔͸CCC!
 ָ͠Έͩͳʔ Ϧιʔε
 Φʔφʔ ΫϥΠΞϯτ Ϧιʔεαʔόʔ ೝՄαʔόʔ ೝՄ ΞΫηε
 τʔΫϯ
 ෇༩ ΞΫηε
 τʔΫϯ ͭͿ΍͖ ̔෼ܦաʁ
  18. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>+BWBݚम࣮ࢪதʂ ▸

    +BWB&&+4'ɺ+1"ɺ$%*ʹΑΔεϚʔτ։ൃ ▸ +BWB&&+"934 ▸ 4QSJOH͸͡Ίͯͷ4QSJOH.7$ ▸ &⒎FDUJWF+BWBͷཧղͱ'JOE#VHTͷ׆༻ ▸ ͱ͜ͱΜ࢖͏ʂ+6OJUϑΝϛϦʔ 18 https://www.casareal.co.jp/ls/service/openseminar/java
  19. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 19
  20. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΫϥΠΞϯτͷछྨʹΑΔͭͷάϥϯτλΠϓ ᶃ

    ೝՄίʔυάϥϯτ ▸ ओʹαʔόʔαΠυ8FCΞϓϦ ᶄ ΠϯϓϦγοτάϥϯτ ▸ ओʹΫϥΠΞϯταΠυ8FCΞϓϦ ᶅ ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧάϥϯτ ▸ ओʹϦιʔεαʔόʔެࣜͷωΠςΟϒΞϓϦ ᶆ ΫϥΠΞϯτΫϨσϯγϟϧάϥϯτ ▸ ΫϥΠΞϯτࣗ਎ͷ৘ใʹΞΫηε͢Δ৔߹ͳͲ 20 ←ࠓճ͸ίϨ
  21. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝՄίʔυάϥϯτͷಛ௃ ▸

    ೝՄαʔόʔ͸ɺ·ͣΞΫηετʔΫϯͷҾ׵݊
 ೝՄίʔυ ΛΫϥΠΞϯτʹൃߦ͢Δ ▸ ϦμΠϨΫτͱΫΤϦύϥϝʔλΛར༻ͯ͠ɺ8FCϒϥ΢β Λܦ༝ͯ͠౉͢ ▸ ΫϥΠΞϯτ͸ɺೝՄίʔυΛೝՄαʔόʔʹఏࣔ͠ɺ ΞΫηετʔΫϯΛड͚औΔ ▸ 8FCϒϥ΢βʹ௚઀ΞΫηετʔΫϯΛ౉͞ͳ͍Α͏ʹ͢Δ ͨΊʢ΋͠8FCϒϥ΢β͕ѱ͍ਓʹ৐ͬऔΒΕͯͨΒΞ΢τͳͷͰʣ 21
  22. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ॏཁͳͭͷΤϯυϙΠϯτ ᶃ

    ೝՄΤϯυϙΠϯτ ೝՄαʔόʔ  ▸ ೝՄը໘ΛϨεϙϯε͢Δ63- ᶄ τʔΫϯΤϯυϙΠϯτ ೝՄαʔόʔ  ▸ ΞΫηετʔΫϯΛൃߦ͢Δ63- ᶅ ϦμΠϨΫτΤϯυϙΠϯτ ΫϥΠΞϯτ  ▸ ೝՄίʔυൃߦޙͷϦμΠϨΫτઌͷ63- 22
  23. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝՄίʔυʹΑΔΞΫηετʔΫϯऔಘ 23

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β※ ※Webϒϥ΢β͸ɺ࢓༷ॻͰ͸ʮϢʔβʔΤʔδΣϯτʯͱهࡌ͞Ε͍ͯ·͢ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
  24. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯΛར༻ͨ͠ϦιʔεΞΫηε 24

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ
  25. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI࢓༷Ͱະఆٛͷ෦෼ᶃ 25

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ Ͳ͏ೝՄ͢Δ͔͸ܾ·ͬͯͳ͍
 ˠ։ൃऀ͕࡞ΓࠐΉඞཁ͕͋Δ
  26. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI࢓༷Ͱະఆٛͷ෦෼ᶄ 26

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ΞΫηετʔΫϯΛ
 ૹΔ෦෼Ҏ֎͸
 ΄ͱΜͲະఆٛ
  27. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯ΍είʔϓͷνΣοΫํ๏ "

    Ϧιʔεαʔόʔ͔ΒೝՄ αʔόʔʹ໰͍߹ΘͤΔ # ڞ༗σʔλϕʔεͳͲΛར ༻͢Δ $ ϦιʔεαʔόʔͱೝՄαʔ όʔΛಉҰαʔόʔʹ͢Δ 27 ←ࠓճ͸ίϨ ※είʔϓ͸ΞΫηετʔΫϯ ʹؚΊΔํ๏΋͋ΔʢJWTʣ
  28. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱʮೝূʯ ▸

    0"VUI͸ʮೝՄʯ ▸ ͔͠͠ʮೝূʯ͕ඞཁͳՕॴ΋͍͔ͭ͋͘Δ 28
  29. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶃ 29

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ ೝՄͨ͠ͷ͸ຊ౰ʹϦιʔεΦʔφʔʁ
 ˠϦιʔεΦʔφʔͷIDɾύεϫʔυͰೝূ
  30. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶄ 30

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ ೝՄίʔυΛૹ͖ͬͯͨͷ͸ຊ౰ʹΫϥΠΞϯτʁ
 ˠclient_idɾclient_secretͰBASICೝূ ※client_idͱclient_secret͸ɺೝՄαʔόʔʹࣄલʹൃߦͯ͠΋Β͏
  31. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶅ 31

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ΞΫηετʔΫϯΛૹ͖ͬͯͨͷ͸
 ຊ౰ʹϦιʔεαʔόʔʁ
 ˠϦιʔεαʔόʔͷIDɾύεϫʔυ
 ͰBASICೝূ
  32. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯͷೝূ͸ʁ ▸

    ΞΫηετʔΫϯൃߦޙͷϦιʔεΦʔφʔຊਓ ֬ೝ͸͠ͳ͍ ▸ ΞΫηετʔΫϯʹ༗ޮظݶΛ͚ͭΔɺ
 ΞΫηετʔΫϯͷ࠶ൃߦ SFGSFTIτʔΫϯ ɺ
 ΞΫηετʔΫϯͷണୣ SFWPLF ɺ
 ͳͲͷߟྀ͸ඞਢ ▸ ࣌ؒͷ౎߹্ɺࠓճ͸಺༰ʹؚΊ·ͤΜ 32
  33. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱ҉߸Խ ▸

    ҉߸Խ͸ඞਢ ▸ ೝՄίʔυɺΞΫηετʔΫϯɺೝূ৘ใͳͲɺ
 ػີ৘ใ͕ωοτϫʔΫ্ʹඈͼަ͏ͨΊ ▸ ͢΂ͯͷ௨৴Λ)5514Ͱߦͬͨํ͕Α͍ 33 ̍̔෼ܦաʁ
  34. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>1JWPUBMೝఆݚम࣮ࢪதʂ ▸

    $PSF4QSJOH ▸ ᶃ݄೔ʙ೔ɺᶄ݄೔ʙ೔ ▸ ϋΠϨϕϧͳʮ4QSJOHͷجૅʯ ▸ %*ɺ"01ɺςετɺ%#ɺτϥϯβΫγϣϯɺ 8FCɺ3&45ɺ4FDVSJUZɺ4QSJOH#PPUɺ .JDSPTFSWJDFTʜ 34 https://www.casareal.co.jp/ls/service/openseminar/pivotal
  35. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 35
  36. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ࠓճͷαϯϓϧΞϓϦ ▸

    50%0؅ཧΞϓϦ ▸ ೝՄαʔόʔ ▸ Ϧιʔεαʔόʔ ▸ ಡΈॻ͖ΫϥΠΞϯτ ▸ ಡΉ͚ͩΫϥΠΞϯτ 36 ੥ٻॻ࡞੒
 ࢿྉ༣ૹ JSON HTML ΞΫηε
 τʔΫϯ ݕূ ίʔυ -> https://github.com/MasatoshiTada/oltu-todo
  37. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 %&.0 37

  38. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUV ▸

    0"VUIͷ+BWBʹΑΔࢀর࣮૷తͳଘࡏ ▸ IUUQTPMUVBQBDIFPSH ▸ 0"VUI࢓༷Ͱܾ·͍ͬͯΔ෦෼ͷΈ࣮૷͞ Ε͍ͯΔ ▸ ࣗ෼Ͱ࡞ΓࠐΉ෦෼͕ଟʑ͋Δ ▸ 0QFO*%$POOFDUɺ+85ͳͲͷػೳ΋͋Δ 38
  39. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVͷػೳ ▸

    ڞ௨ ▸ ϦΫΤετ΍ϨεϙϯεΛ૊ΈཱͯΔ ▸ ඞཁͳύϥϝʔλؚ͕·Ε͍ͯΔ͔΋νΣοΫ͢Δ ▸ ೝՄαʔόʔ ▸ ೝՄίʔυ΍ΞΫηετʔΫϯΛੜ੒͢Δʢ.%PS 66*%ʣ ▸ ΞΫηετʔΫϯΛؚΉ+40/Λੜ੒͢Δ 39
  40. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVͷػೳ ଓ͖

    ▸ Ϧιʔεαʔόʔ ▸ ΞΫηετʔΫϯΛݕূ͢ΔαʔϒϨοτϑΟϧλʔ ▸ ΫϥΠΞϯτ ▸ ΞΫηετʔΫϯΛೝՄαʔόʔ͔Βऔಘ͢Δ 40
  41. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ▸

    4QSJOH4FDVSJUZ0"VUI ▸ ߴػೳ͕ͩެࣜυΩϡϝϯτ͕গͳ͍ ▸ IUUQTQSPKFDUTTQSJOHJPTQSJOHTFDVSJUZPBVUIEPDT PBVUIIUNM ▸ 5FSBTPMVOB։ൃΨΠυϥΠϯ͕ৄ͍͠ʢઅ0"VUIʣ ▸ 4QSJOH4FDVSJUZʹ΋0"VUIػೳ͕ՃΘΔ༧ఆ ▸ IUUQTHJUIVCDPNTQSJOHQSPKFDUTTQSJOHTFDVSJUZUSFF NBTUFSPBVUI 41
  42. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖

    ▸ QBDK ▸ IUUQXXXQBDKPSH ▸ ༷ʑͳϑϨʔϜϫʔΫͱͷ࿈ܞϥΠϒϥϦ͕͋Δ ▸ 4QSJOH.7$ɺ+"934ɺ1MBZɺ4QBSLɺɾɾɾ ▸ 4QSJOHҎ֎ͳΒ͹͔ͬͪ͜΋ʁʢະௐࠪʣ 42
  43. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖

    ▸ +BWB&&4FDVSJUZ"1* ▸ +BWB&&͔Βͷ৽ػೳ ▸ 0"VUI͸&&͔Βͷ༧ఆ ▸ ࢀর࣮૷͸4PUFSJB ▸ IUUQTHJUIVCDPNKBWBFFTFDVSJUZTQFDTPUFSJB 43
  44. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVҎ֎ͷ࢖༻ٕज़ ▸

    ͋͑ͯͷ+BWB&& ▸ +"934 +FSTFZ  ▸ .7$ 0[BSL  ▸ 1BZBSB.JDSP1SPpMF
 ࣮ߦՄೳ+"3 ▸ 5IZNFMFBG 44 ̎̑෼ܦաʁ
  45. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>1JWPUBMೝఆݚम࣮ࢪதʂ ▸

    4QSJOH#PPU%FWFMPQFS ▸ ॳճɿ݄೔ʙ೔ ▸ 4QSJOH#PPUͷجૅ͔ΒԠ༻·Ͱ ▸ 1JWPUBMͱڞ࠵Ͱମݧηϛφʔ΍Γ·͢ʂ 45 https://www.casareal.co.jp/ls/service/openseminar/pivotal
  46. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 46
  47. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε 47

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
  48. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸

    ΫϥΠΞϯτ͕·ͩΞΫηετʔΫϯΛ࣋ͬͯ ͍ͳ͍
 ˠೝՄαʔόʔͷೝՄΤϯυϙΠϯτ΁ϦμΠϨ Ϋτ͢Δ ▸ ೝՄΤϯυϙΠϯτ΁ͷΞΫηεʹඞཁͳΫΤϦύϥ ϝʔλ΋෇Ճ͢Δ 48
  49. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε 49

    ύϥϝʔλ໊ ҙຯ response_type ඞͣ”code”(ೝՄίʔυൃߦΛද͢) redirect_uri ϦμΠϨΫτΤϯυϙΠϯτͷURL state CSRFτʔΫϯ client_id ΫϥΠΞϯτΛࣝผ͢ΔID ▸ ඞཁͳΫΤϦύϥϝʔλҰཡ
  50. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸

    ೝՄΤϯυϙΠϯτ΁ϦμΠϨΫτ͢Δίʔυ 50 // ϦμΠϨΫτઌͷURLΛ૊ΈཱͯΔ OAuthClientRequest oAuthRequest = OAuthClientRequest .authorizationLocation(“https://localhost:8888/api/authorize”) .setResponseType(“code”) .setClientId(“readwriteclient”) .setRedirectURI(“https://localhost:8081/api/redirect”) .setState("xyz") .buildQueryMessage(); // ೝՄΤϯυϙΠϯτ΁ϦμΠϨΫτ return Response.status(Response.Status.FOUND) .location(URI.create(oAuthRequest.getLocationUri())) .build(); readwrite-client/src/main/java/com/example/readwriteclient/web/exception/mapper/AccessTokenRequiredExceptionMapper.java ೝՄΤϯυϙΠϯτURL response_type client_id redirect_uri state※ ※stateͷ”xyz”͸Ծͷ஋Ͱ͢ɻຊདྷ͸ϥϯμϜͳจࣈྻʹ͠·͢ɻ
  51. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸

    ΫϥΠΞϯτ͔Β8FCϒϥ΢β΁ͷϨεϙϯε ▸ ೝՄαʔόʔͷೝՄΤϯυϙΠϯτ΁ϦμΠϨΫτ 51 302 FOUND Location: https://localhost:8888/api/authorize? response_type=code&redirect_uri=https%3A%2F%2Flo calhost%3A8081%2Fapi%2Fredirect&state=xyz&client _id=readwriteclient
  52. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ 52

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
  53. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸

    8FCϒϥ΢β͕ɺઌ΄ͲͷϦμΠϨΫτͰࢦఆ ͞Εͨ63-ʹϦΫΤετ 53 GET https://localhost:8888/api/authorize? response_type=code&redirect_uri=https%3A%2F%2Flo calhost%3A8081%2Fapi%2Fredirect&state=xyz&client _id=readwriteclient
  54. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸

    ೝՄΤϯυϙΠϯτͷίʔυ 54 @GET @Controller public String goToApprovalView(@Context HttpServletRequest req) throws OAuthProblemException, OAuthSystemException { // ϦΫΤετͷੜ੒ʢඞཁͳύϥϝʔλͷνΣοΫ΋ߦ͏ʣ OAuthAuthzRequest oAuthRequest = new OAuthAuthzRequest(req); …(தུ)… // ೝՄը໘΁ϑΥϫʔυ models.put("client", client); models.put("state", oAuthRequest.getState()); return "approval.html"; } authorization-server/src/main/java/com/example/authorizationserver/web/controller/AuthorizationController.java
  55. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸

    ೝՄը໘͕Ϩεϙϯε͞ΕΔ 55
  56. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 56

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
  57. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ ▸

    ೝՄը໘ʹϦιʔεΦʔφʔͷ*%ɾύεϫʔυ Λೖྗͯ͠ೝՄ͢Δ 57
  58. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ ▸

    ೖྗ͞Εͨ*%ͳͲΛड͚औΔίϯτϩʔϥʔ 58 @POST public Response approve(@FormParam("loginId") String loginId, @FormParam("password") String password, @FormParam("client_id") String clientId, @Context HttpServletRequest httpServletRequest) { // ϦιʔεΦʔφʔͷೝূ ResourceOwner resourceOwner = resourceOwnerService.findByLoginId(loginId); if (!resourceOwner.getPassword().equals(password)) { throw new NotAuthorizedException(…); } // ೝՄίʔυͷൃߦ OAuthIssuer oAuthIssuer = new OAuthIssuerImpl(new MD5Generator()); String authCode = oAuthIssuer.authorizationCode(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java
  59. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 59

    // ΫϥΠΞϯτͷऔಘ Client client = clientService.getClient(clientId); // ೝՄίʔυͱϦιʔεΦʔφʔΛϗϧμʔʹอଘ authorizationCodeHolder.addResourceOwner( authCode, resourceOwner); authorizationCodeHolder.addClient(authCode, client); // Ϩεϙϯεͷ࡞੒ OAuthResponse oAuthResponse = OAuthASResponse .authorizationResponse(httpServletRequest, 302) .setCode(authCode) // ೝՄίʔυ .setParam(“state”, state) // state .location(client.getRedirectUri()) // redirect_uri .buildQueryMessage(); // ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτʹϦμΠϨΫτ return Response.status(oAuthResponse.getResponseStatus()) .location(URI.create(oAuthResponse.getLocationUri())) .build(); } authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java
  60. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 60

    ▸ ೝՄαʔόʔ͔Β8FCϒϥ΢β΁ͷϨεϙϯε ▸ ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτ΁ϦμΠ ϨΫτ 302 FOUND Location: https://localhost:8081/api/redirect? code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz ೝՄίʔυ
  61. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 61

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
  62. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    8FCϒϥ΢β͕ɺΫϥΠΞϯτͷϦμΠϨΫτ ΤϯυϙΠϯτʹϦΫΤετ 62 GET https://localhost:8081/api/redirect? code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz ೝՄίʔυ
  63. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτͷίʔυ 63 @GET @Controller public String redirect(@QueryParam("code") String authCode) { // τʔΫϯΤϯυϙΠϯτ΁ͷϦΫΤετͷੜ੒ OAuthClientRequest oAuthClientRequest = OAuthClientRequest .tokenLocation("https://localhost:8888/api/token") .setClientId("readwriteclient") .setClientSecret("password") .setRedirectURI("https://localhost:8081/api/redirect") .setCode(authCode) .setGrantType(GrantType.AUTHORIZATION_CODE) .buildBodyMessage(); // BASICೝূϔομʔΛ෇Ճ oAuthClientRequest.addHeader(HttpHeaders.AUTHORIZATION, Constants.AUTH_HEADER_VALUE); readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java
  64. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 64

    // τʔΫϯΤϯυϙΠϯτʹϦΫΤετͯ͠ɺΞΫηετʔΫϯΛऔಘ OAuthClient oAuthClient = new OAuthClient( new URLConnectionClient()); OAuthJSONAccessTokenResponse oAuthAccessTokenResponse = oAuthClient.accessToken(oAuthClientRequest); String accessToken = oAuthAccessTokenResponse.getAccessToken(); // ηογϣϯείʔϓͳϗϧμʔʹΞΫηετʔΫϯΛอଘ accessTokenHolder.setAccessToken(accessToken); // Ұཡը໘ʹϦμΠϨΫτ return "redirect:/todo/index"; } readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java
  65. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    τʔΫϯΤϯυϙΠϯτ΁ͷϦΫΤετ಺༰ ▸ ΫϥΠΞϯτˠೝՄαʔόʔ 65 POST /api/token Host: localhost:8888 Authorization: Basic cmVhZHdyaXRlY2xpZW50OnBhc3N3b3Jk Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&code=876c4b7339cd3a3bd416 a0772fdbf8af&redirect_uri=https%3A%2F%2Flocalhost%3A808 1%2Fapi%2Fredirect
  66. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    τʔΫϯΤϯυϙΠϯτͷίʔυ 66 @POST @Produces(MediaType.APPLICATION_JSON) public Response token( @Context HttpServletRequest httpServletRequest) { // τʔΫϯϦΫΤετʹඞཁͳύϥϝʔλΛνΣοΫ OAuthTokenRequest oauthRequest = new OAuthTokenRequest(httpServletRequest); …(தུ)… // ΞΫηετʔΫϯͱϦϑϨογϡτʔΫϯൃߦ OAuthIssuer oAuthIssuer = new OAuthIssuerImpl(new MD5Generator()); String accessToken = oAuthIssuer.accessToken(); String refreshToken = oAuthIssuer.refreshToken(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java
  67. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 67

    // Ϩεϙϯε͢ΔJSONͷ࡞੒ OAuthResponse oAuthResponse = OAuthASResponse .tokenResponse(Response.Status.OK.getStatusCode()) .setAccessToken(accessToken) .setExpiresIn("3600") .setRefreshToken(refreshToken) .buildJSONMessage(); ɹ// ΫϥΠΞϯτʹ200 OKͰϨεϙϯε return Response.ok(oAuthResponse.getBody()) .build(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java
  68. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    τʔΫϯΤϯυϙΠϯτ͔Βͷ+40/Ϩεϙϯε ▸ ೝՄαʔόʔˠΫϥΠΞϯτ 68 200 OK {"access_token":"ffb085abdadf4235c33aa0f042a4f5eb","ref resh_token":"b1669b4c5fdc984f9bd5252bc2f50f52","expires _in":3600} ΞΫηετʔΫϯ ̏̔෼ܦաʁ
  69. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>+BWB4DSJQUݚम࣮ࢪதʂ ▸

    "OHVMBS 5ZQF4DSJQU ▸ 3FBDU 3FEVY ▸ /PEFKT ▸ &$."4DSJQUجຊจ๏ 69 https://www.casareal.co.jp/ls/service/openseminar/html
  70. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 70
  71. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦΫΤετ ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ

    71 ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ
  72. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦΫΤετ ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ

    ▸ ΫϥΠΞϯτ͔ΒϦιʔεαʔόʔʹϦΫΤετ ▸ ΞΫηετʔΫϯΛ"VUIPSJ[BUJPOϔομʔʹ෇Ճ 72 GET /api/v1/todos Authorization : Bearer ffb085abdadf4235c33aa0f042a4f5eb ΞΫηετʔΫϯ
  73. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 73 ೝՄαʔόʔ

    ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ
  74. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ ▸

    ϦΫΤετΛड͚औͬͨϦιʔεαʔόʔ͸ɺ
 ϔομʔͰૹΒΕ͖ͯͨΞΫηετʔΫϯͷ
 ਖ਼౰ੑΛνΣοΫ͢Δ ▸ ຊ౰ʹೝՄαʔόʔ͕ൃߦͨ͠΋ͷʁ ▸ ຊ౰ʹ͜ͷΫϥΠΞϯτʹରͯ͠ൃߦ͞Εͨ΋ͷʁ 74
  75. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ ▸

    "QBDIF0MUVͰ͸ɺϦιʔεαʔόʔ༻ͷ
 αʔϒϨοτϑΟϧλʔ͕༻ҙ͞Ε͍ͯΔ 75 <filter> <filter-name>OAuthFilter</filter-name> <filter-class> org.apache.oltu.oauth2.rsfilter.OAuthFilter </filter-class> </filter> <filter-mapping> <filter-name>OAuthFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> resource-server/src/main/webapp/WEB-INF/web.xml
  76. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ ▸

    0"VUI'JMUFS͔Βɺ0"VUI341SPWJEFS࣮૷Ϋ ϥε͕ݺ͹ΕΔ ▸ XFCYNMʹԼهͷఆ͕ٛඞཁ 76 <context-param> <param-name>oauth.rs.provider-class</param-name> <param-value> com.example.resourceserver.oauth.MyOAuthRSProvider </param-value> </context-param> resource-server/src/main/webapp/WEB-INF/web.xml
  77. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ 77

    public class MyOAuthRSProvider implements OAuthRSProvider { @Override public OAuthDecision validateRequest(String rsId, String accessToken, HttpServletRequest httpServletRequest) { // ೝՄαʔόʔ΁HTTPΞΫηεͯ͠ΞΫηετʔΫϯͷਖ਼౰ੑνΣοΫ MultivaluedHashMap<String, String> formParams = …; formParams.putSingle("access_token", accessToken); Response response = ClientBuilder.newBuilder() .build() .target("https://localhost:8888/api/check_token") .request() .header("Content-Type", "application/x-www-form-urlencoded") .header("Authorization", Constants.AUTH_HEADER_VALUE) .post(Entity.form(formParams)); // ΞΫηετʔΫϯ͸ਖ਼౰ͳΒ͹200͕ฦͬͯ͘Δ if (response.getStatusInfo().equals(Response.Status.OK)) { // ໭Γ஋Λฦ͢ } resource-server/src/main/java/com/example/resourceserver/oauth/MyOAuthRSProvider.java
  78. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ 78

    ▸ ೝՄαʔόʔ͔ΒͷϨεϙϯε 200 OK Content-Type: application/json { “login_id” : “user1”, “client” : { “client_id” : “readwriteclient”, … “scope_types” : [“read”, “write”] } } είʔϓ৘ใ
  79. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 79 ೝՄαʔόʔ

    ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε
  80. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε ▸

    Ϧιʔεαʔόʔͷίϯτϩʔϥʔϝιουʹ !3PMFT"MMPXFEͰείʔϓΛࢦఆ 80 @Path("/todos") public class TodoController { @RolesAllowed("read") @GET @Produces("application/json") public Response findAll() { … } @RolesAllowed("write") @POST @Consumes("application/json") public Response add(Todo todo) { … } } resource-server/src/main/java/com/example/resourceserver/web/controller/TodoController.java ̐̌෼ܦաʁ
  81. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>ଞʹ΋͍Ζ͍Ζ࣮ࢪதʂ ▸

    4XJGU ▸ "OESPJE ▸ 4DBMB ▸ 3VCZ 81 https://www.casareal.co.jp/ls/service/openseminar/html
  82. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 82
  83. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI࢓༷ॻΑΓ ▸

    ຊࢿྉͰະ঺հͷࣄ߲ ▸ ೝՄίʔυϦμΠϨΫτ63*ͷૢ࡞ ▸ ϑΟογϯάΞλοΫ ▸ ΫϩεαΠτϦΫΤετϑΥʔδΣϦ
 ɾɾɾͳͲ ▸ ඞͣ࢓༷ॻΛνΣοΫ͠·͠ΐ͏ʂ ▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJP SGDKBIUNMBODIPS 83
  84. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ηΩϡϦςΟؔ࿈ͷ࢓༷ॻ ▸

    3'$0"VUI5ISFBU.PEFMBOE 4FDVSJUZ$POTJEFSBUJPOT ▸ IUUQXXXSGDFEJUPSPSHJOGPSGD ▸ 3'$0"VUI5PLFO3FWPDBUJPO ▸ IUUQPQFOJEGPVOEBUJPOKBQBOHJUIVCJP SGDKBIUNM 84
  85. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.> Ր

    1BZBSB.FFUVQ ▸ 1BZBSB։ൃνʔϜͷॳདྷ೔ه೦Πϕϯτʂ ▸ ৭ʑͱؾʹͳΔ͜ͱΛฉ͍ͪΌ͍·͠ΐ͏ʂ ▸ ͓ਃࠐΈ͸ͪ͜Β ▸ IUUQTHMBTTpTIEPPSLFFQFSKQFWFOUT 85
  86. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 86
  87. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIཧղͷϙΠϯτ ▸

    ༻ޠΛਖ਼֬ʹཧղ͠Α͏ʂ ▸ ୭͕୭ʹϦΫΤετ͍ͯ͠Δͷ͔ΛɺਤͰཧղ͠Α ͏ʂ ▸ ࢓༷Ͱܾ·͍ͬͯΔ෦෼ɾܾ·͍ͬͯͳ͍෦෼Λ͖ͬ ͪΓ෼͚Α͏ʂ ▸ ຊࢿྉͰղઆͨ͜͠ͱ͕શͯͰ͸ͳ͍ͷͰɺ࢓༷ॻ ΛඞͣνΣοΫ͠Α͏ʂ 87
  88. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUV͸࢖͑Δ͔ʁ ▸

    ͋͘·Ͱʮֶश༻ʯͱ͍͏ͷ͕ݸਓతͳײ૝ ▸ ػೳ͕࠷௿ݶͰੜ࢈ੑ͸͋·Γྑ͘ͳ͍ ▸ υΩϡϝϯτ͕গͳ͍ʴக໋తͳؒҧ͍ ▸ ͦͷଞͷηΩϡϦςΟࣄ߲͸͢΂ͯࣗݾ੹೚ ▸ جຊతʹ͸4QSJOH4FDVSJUZ0"VUI΍QBDKͳ ͲΛ࢖ͬͨ΄͏͕ྑ͍͔΋ 88
  89. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUVͷৄࡉ ▸

    ΧαϨΞϧ0SHBOJ[BUJPOͷ2JJUBʹॻ͖·͢
 ʢۙ೔ެ։ʂʣ ▸ ೝՄαʔόʔͷ࣮૷ ▸ Ϧιʔεαʔόʔͷ࣮૷ ▸ ΫϥΠΞϯτͷ࣮૷ 89
  90. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͞Βʹֶश͢ΔͨΊʹ ▸

    0"VUI࢓༷ॻ೔ຊޠ൛ ▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPSGDKBIUNM ▸ 0"VUIΛ͸͡ΊΑ͏ ▸ IUUQTXXXPSFJMMZDPKQCPPLT ▸ 0"VUIશϑϩʔͷਤղͱಈը ▸ IUUQRJJUBDPN5BLBIJLP,BXBTBLJJUFNTFCGBG ▸ ࠓߋฉ͚ͳ͍0"VUI ▸ IUUQTXXXTMJEFTIBSFOFUQIQITBPBVUI 90
  91. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <ืू>τϨʔφʔΛ΍ͬͯΈ͍ͨํʂ ▸

    ޷͖ͳٕज़Λͱ͜ͱΜ௥ͬͯ
 ੈͷதʹ޿ΊΒΕΔʂ ▸ ߨࢣະܦݧ0,ʂ ▸ ϗϫΠτاۀʂ ▸ !TVLF@NBTBʢଟాʣ·Ͱ
 ͓ؾܰʹ5XJUUFS%.͍ͩ͘͞ʂ 91
  92. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 &OKPZ+BWB0"VUI ▸

    ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ 92