Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
Javaで実装して学ぶOAuth 2.0!
Masatoshi Tada
May 20, 2017
Technology
10
14k
Javaで実装して学ぶOAuth 2.0!
JJUG CCC 2017 Springでの発表資料です。
Masatoshi Tada
May 20, 2017
Tweet
Share
More Decks by Masatoshi Tada
See All by Masatoshi Tada
プロになるためのSpring上級知識 #jsug / advanced-spring-for-professionals
masatoshitada
3
980
OpenID Connect 1.0 with Spring Security #jjug_ccc #jjug_ccc_b / oidc-with-spring-security
masatoshitada
1
800
Flaskのセキュリティどうしてます?アクセス制御ライブラリCasbin入門! #pycharity / flask-authz-with-casbin
masatoshitada
0
600
今こそ知りたいSpring DI×AOP / spring-di-aop-for-every-developers
masatoshitada
4
1.4k
OAuth 2.0 with Spring Security #jjug_ccc #jjug_ccc_b / oauth2-with-spring-security
masatoshitada
4
1.2k
基礎から分かる!アプリケーション開発者のためのKubernetes入門 / kubernetes-basics-for-application-developers
masatoshitada
10
3.1k
2時間で分かる!Kubernetesとは何なのか / what-is-kubernetes
masatoshitada
0
710
Introduction to Resilience4j
masatoshitada
2
770
SpringOne Platform 2019報告会 -概要、Resilience4j、LT- #jsug / springone-platform-2019
masatoshitada
0
710
Other Decks in Technology
See All in Technology
Who owns the Service Level?
chaspy
5
1.3k
Adopting Kafka for the #1 job site in the world
ymyzk
1
670
Embedded SRE at Mercari
tcnksm
0
860
VFX Graphを使って 軽率にAudio Visualizerを作る
drumath2237
0
100
Data-Driven Healthcare - Techplay
kotaroito
0
120
ドキュメントの翻訳に必要なこと
mayukosawai
0
170
失敗を経験したあなたへ〜建設的なインシデントの振り返りを行うために実践するべきこと〜
nobuakikikuchi
0
200
プロダクトの理想と現実はなぜ乖離しがち?プロダクト作りに潜む問題を考える
suzukentaro
0
200
AWS ChatbotでEC2インスタンスを 起動できるようにした
iwamot
0
170
CTOのためのQAのつくりかた #scrumniigata / SigSQA How to create QA for CTOs and VPoEs
caori_t
0
320
SRENEXT2022 組織にSREを実装していくまでの道のり
marnie0301
1
660
アルプの 認証/認可分離戦略と手法
ma2k8
PRO
2
350
Featured
See All Featured
Why Our Code Smells
bkeepers
PRO
324
54k
Scaling GitHub
holman
451
140k
Building a Scalable Design System with Sketch
lauravandoore
447
30k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
7
1k
Facilitating Awesome Meetings
lara
29
3.9k
Fantastic passwords and where to find them - at NoRuKo
philnash
25
1.5k
Web Components: a chance to create the future
zenorocha
303
40k
How to name files
jennybc
39
59k
The Art of Programming - Codeland 2020
erikaheidi
32
5.8k
Producing Creativity
orderedlist
PRO
333
37k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_i
21
14k
Optimizing for Happiness
mojombo
365
63k
Transcript
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 +BWBͰֶ࣮ͯ͠Ϳ 0"VUIʂ
ג ΧαϨΞϧଟాਅහ ++6($$$4QSJOH
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͜ͷηογϣϯʹ͍ͭͯ ▸
ೝՄϓϩτίϧʮ0"VUIʯʹ͍ͭͯɺ جૅ͔Βৄ͘͠ղઆ͠·͢ ▸ +BWBͰೝՄαʔόʔɾϦιʔεαʔόʔɾ ΫϥΠΞϯτΛ࣮ͨ͠ྫղઆ͠·͢ 2
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ࣗݾհ ▸
ଟాਅහʢ!TVLF@NBTBʣ ▸ ݚमτϨʔφʔ!ΧαϨΞϧ ▸ ઐɿ+BWB&&4QSJOH ▸ 1JWPUBMೝఆߨࢣ ▸ (MBTT'JTIϢʔβʔձӡӦϝϯόʔ ▸ ++6($$$ɿճ࿈ଓճͷొஃ 3
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 גࣜձࣾΧαϨΞϧ ▸
*5ڭҭˍγεςϜ։ൃ ▸ IUUQTXXXDBTBSFBMDPKQMTTFSWJDF PQFOTFNJOBSUPQJOEFYIUNM ▸ ଞࣾʹແ͍ϓϩάϥϛϯάݚम͕ڧΈʂ ▸ +BWB&&ɺ4QSJOHɺ1JWPUBMೝఆίʔεɺ"QQMFೝఆίʔ εɺ+BWB4DSJQUɺJ04ɺ"OESPJEɺɾɾɾ 4
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 5
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 6
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱʁ 3'$ΑΓ
▸ ೝՄͷྲྀΕΛنఆͨ͠ϓϩτίϧ ▸ ʮαʔυύʔςΟʔΞϓϦέʔγϣϯʹΑΔ)551 αʔϏεͷݶఆతͳΞΫηεΛՄೳʹ͢ΔೝՄϑϨʔ ϜϫʔΫͰ͋Δʯ ▸ 0"VUIͱશ͘ͷผ ▸ ʮ0"VUIϓϩτίϧΛഇࢭ͠ɺͦͷସͱͳΔ ͷʯ 7
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূͱೝՄ ▸
ೝূ "VUIFOUJDBUJPO"VUI/ "VUI$ ▸ ຊਓ֬ೝɻ͍ΘΏΔϩάΠϯɻ ▸ ೝՄ "VUIPSJ[BUJPO"VUI; ▸ ຊਓ֬ೝޙʹɺͦͷਓʹͦͷॲཧͷ࣮ߦݖݶ͕͋Δ͔ Ͳ͏͔ͷ֬ೝɻ 8
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯͱ ▸
ΫϥΠΞϯτ͕ϦιʔεαʔόʔʹΞΫηε͢Δ ࡍͷʮ௨ߦखܗʯͷΑ͏ͳͷ ▸ ೝՄαʔόʔ͔Βൃߦ͞ΕΔ 9 GET /api/todos HTTP 1.1 Host: resource-server.com Authorization:Bearer yd2Dcweij334SSx ΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 είʔϓͱ ▸
ΫϥΠΞϯτ͕ΞΫηεՄೳͳൣғ 10
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 11
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͷొਓ ᶃ
ϦιʔεΦʔφʔ 3FTPVSDF0XOFS ᶄ Ϧιʔεαʔόʔ 3FTPVSDF4FSWFS ᶅ ΫϥΠΞϯτ $MJFOU ᶆ ೝՄαʔόʔ "VUIPSJ[BUJPO4FSWFS 12 υΩϡϝϯτϥΠϒϥϦͰසग़ → ਖ਼֬ʹ֮͑Δ͜ͱ͕ॏཁʂ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦιʔεΦʔφʔ ▸
อޢ͞ΕͨϦιʔεͷΞΫηεΛڐՄ͢Δਓؒ ▸ ػցͷ߹͋Δ ▸ 5XJUUFSͳΒʮਓਓͷϢʔβʔʯ 13
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄϦιʔεαʔόʔ ▸
อޢ͞ΕͨϦιʔεΛϗετ͢Δαʔόʔ ▸ ϦιʔεʹΞΫηε͢ΔʹΞΫηετʔΫϯ͕ඞཁ ▸ 5XJUUFSͳΒʮͭͿ͖αʔόʔʯ 14
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΫϥΠΞϯτ ▸
ϦιʔεΦʔφʔͷೝՄΛಘͯɺͦͷཧͱͯ͠อ ޢ͞ΕͨϦιʔεʹΞΫηε͢ΔΞϓϦέʔγϣϯ ▸ αʔόʔαΠυ8FCΞϓϦɺΫϥΠΞϯταΠυ8FCΞ ϓϦɺωΠςΟϒΞϓϦͳͲଟछଟ༷ ▸ 5XJUUFSͳΒʮUXJUUFSDPNʯʮ5XFFU%FDLʯʮJ04 "OESPJE༻ΫϥΠΞϯτʯʮ%PPSLFFQFSʯͳͲ 15
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄαʔόʔ ▸
ϦιʔεΦʔφʔͷೝূͱೝՄऔಘͷޭޙɺ ΞΫηετʔΫϯΛΫϥΠΞϯτʹൃߦ͢Δαʔ όʔ ▸ 5XJUUFSͳΒʮϢʔβʔใαʔόʔʯ 16
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 5XJUUFSͰొਓ·ͱΊ 17
twitter.com ࠓCCC! ָ͠Έͩͳʔ Ϧιʔε Φʔφʔ ΫϥΠΞϯτ Ϧιʔεαʔόʔ ೝՄαʔόʔ ೝՄ ΞΫηε τʔΫϯ ༩ ΞΫηε τʔΫϯ ͭͿ͖ ̔ܦաʁ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>+BWBݚम࣮ࢪதʂ ▸
+BWB&&+4'ɺ+1"ɺ$%*ʹΑΔεϚʔτ։ൃ ▸ +BWB&&+"934 ▸ 4QSJOH͡Ίͯͷ4QSJOH.7$ ▸ &⒎FDUJWF+BWBͷཧղͱ'JOE#VHTͷ׆༻ ▸ ͱ͜ͱΜ͏ʂ+6OJUϑΝϛϦʔ 18 https://www.casareal.co.jp/ls/service/openseminar/java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 19
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΫϥΠΞϯτͷछྨʹΑΔͭͷάϥϯτλΠϓ ᶃ
ೝՄίʔυάϥϯτ ▸ ओʹαʔόʔαΠυ8FCΞϓϦ ᶄ ΠϯϓϦγοτάϥϯτ ▸ ओʹΫϥΠΞϯταΠυ8FCΞϓϦ ᶅ ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧάϥϯτ ▸ ओʹϦιʔεαʔόʔެࣜͷωΠςΟϒΞϓϦ ᶆ ΫϥΠΞϯτΫϨσϯγϟϧάϥϯτ ▸ ΫϥΠΞϯτࣗͷใʹΞΫηε͢Δ߹ͳͲ 20 ←ࠓճίϨ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝՄίʔυάϥϯτͷಛ ▸
ೝՄαʔόʔɺ·ͣΞΫηετʔΫϯͷҾ݊ ೝՄίʔυ ΛΫϥΠΞϯτʹൃߦ͢Δ ▸ ϦμΠϨΫτͱΫΤϦύϥϝʔλΛར༻ͯ͠ɺ8FCϒϥβ Λܦ༝ͯ͢͠ ▸ ΫϥΠΞϯτɺೝՄίʔυΛೝՄαʔόʔʹఏࣔ͠ɺ ΞΫηετʔΫϯΛड͚औΔ ▸ 8FCϒϥβʹΞΫηετʔΫϯΛ͞ͳ͍Α͏ʹ͢Δ ͨΊʢ͠8FCϒϥβ͕ѱ͍ਓʹͬऔΒΕͯͨΒΞτͳͷͰʣ 21
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ॏཁͳͭͷΤϯυϙΠϯτ ᶃ
ೝՄΤϯυϙΠϯτ ೝՄαʔόʔ ▸ ೝՄը໘ΛϨεϙϯε͢Δ63- ᶄ τʔΫϯΤϯυϙΠϯτ ೝՄαʔόʔ ▸ ΞΫηετʔΫϯΛൃߦ͢Δ63- ᶅ ϦμΠϨΫτΤϯυϙΠϯτ ΫϥΠΞϯτ ▸ ೝՄίʔυൃߦޙͷϦμΠϨΫτઌͷ63- 22
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝՄίʔυʹΑΔΞΫηετʔΫϯऔಘ 23
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ※ ※Webϒϥβɺ༷ॻͰʮϢʔβʔΤʔδΣϯτʯͱهࡌ͞Ε͍ͯ·͢ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯΛར༻ͨ͠ϦιʔεΞΫηε 24
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ٻॻ࡞ ࢿྉ༣ૹ Ϧιʔε αʔόʔ ᶃϦΫΤετ ᶅΞΫηε ɹτʔΫϯ ɹݕূ ᶆϢʔβʔใείʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ ɹνΣοΫ ᶄϦιʔεʹΞΫηε with ΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI༷Ͱະఆٛͷ෦ᶃ 25
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ Ͳ͏ೝՄ͢Δ͔ܾ·ͬͯͳ͍ ˠ։ൃऀ͕࡞ΓࠐΉඞཁ͕͋Δ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI༷Ͱະఆٛͷ෦ᶄ 26
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ٻॻ࡞ ࢿྉ༣ૹ Ϧιʔε αʔόʔ ᶃϦΫΤετ ᶅΞΫηε ɹτʔΫϯ ɹݕূ ᶆϢʔβʔใείʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ ɹνΣοΫ ᶄϦιʔεʹΞΫηε with ΞΫηετʔΫϯ ΞΫηετʔΫϯΛ ૹΔ෦Ҏ֎ ΄ͱΜͲະఆٛ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯείʔϓͷνΣοΫํ๏ "
Ϧιʔεαʔόʔ͔ΒೝՄ αʔόʔʹ͍߹ΘͤΔ # ڞ༗σʔλϕʔεͳͲΛར ༻͢Δ $ ϦιʔεαʔόʔͱೝՄαʔ όʔΛಉҰαʔόʔʹ͢Δ 27 ←ࠓճίϨ ※είʔϓΞΫηετʔΫϯ ʹؚΊΔํ๏͋ΔʢJWTʣ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱʮೝূʯ ▸
0"VUIʮೝՄʯ ▸ ͔͠͠ʮೝূʯ͕ඞཁͳՕॴ͍͔ͭ͋͘Δ 28
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶃ 29
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ ೝՄͨ͠ͷຊʹϦιʔεΦʔφʔʁ ˠϦιʔεΦʔφʔͷIDɾύεϫʔυͰೝূ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶄ 30
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ ೝՄίʔυΛૹ͖ͬͯͨͷຊʹΫϥΠΞϯτʁ ˠclient_idɾclient_secretͰBASICೝূ ※client_idͱclient_secretɺೝՄαʔόʔʹࣄલʹൃߦͯ͠Β͏
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶅ 31
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ٻॻ࡞ ࢿྉ༣ૹ Ϧιʔε αʔόʔ ᶃϦΫΤετ ᶅΞΫηε ɹτʔΫϯ ɹݕূ ᶆϢʔβʔใείʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ ɹνΣοΫ ᶄϦιʔεʹΞΫηε with ΞΫηετʔΫϯ ΞΫηετʔΫϯΛૹ͖ͬͯͨͷ ຊʹϦιʔεαʔόʔʁ ˠϦιʔεαʔόʔͷIDɾύεϫʔυ ͰBASICೝূ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯͷೝূʁ ▸
ΞΫηετʔΫϯൃߦޙͷϦιʔεΦʔφʔຊਓ ֬ೝ͠ͳ͍ ▸ ΞΫηετʔΫϯʹ༗ޮظݶΛ͚ͭΔɺ ΞΫηετʔΫϯͷ࠶ൃߦ SFGSFTIτʔΫϯ ɺ ΞΫηετʔΫϯͷണୣ SFWPLF ɺ ͳͲͷߟྀඞਢ ▸ ࣌ؒͷ߹্ɺࠓճ༰ʹؚΊ·ͤΜ 32
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱ҉߸Խ ▸
҉߸Խඞਢ ▸ ೝՄίʔυɺΞΫηετʔΫϯɺೝূใͳͲɺ ػີใ͕ωοτϫʔΫ্ʹඈͼަ͏ͨΊ ▸ ͯ͢ͷ௨৴Λ)5514Ͱߦͬͨํ͕Α͍ 33 ̍̔ܦաʁ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>1JWPUBMೝఆݚम࣮ࢪதʂ ▸
$PSF4QSJOH ▸ ᶃ݄ʙɺᶄ݄ʙ ▸ ϋΠϨϕϧͳʮ4QSJOHͷجૅʯ ▸ %*ɺ"01ɺςετɺ%#ɺτϥϯβΫγϣϯɺ 8FCɺ3&45ɺ4FDVSJUZɺ4QSJOH#PPUɺ .JDSPTFSWJDFTʜ 34 https://www.casareal.co.jp/ls/service/openseminar/pivotal
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 35
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ࠓճͷαϯϓϧΞϓϦ ▸
50%0ཧΞϓϦ ▸ ೝՄαʔόʔ ▸ Ϧιʔεαʔόʔ ▸ ಡΈॻ͖ΫϥΠΞϯτ ▸ ಡΉ͚ͩΫϥΠΞϯτ 36 ٻॻ࡞ ࢿྉ༣ૹ JSON HTML ΞΫηε τʔΫϯ ݕূ ίʔυ -> https://github.com/MasatoshiTada/oltu-todo
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 %&.0 37
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUV ▸
0"VUIͷ+BWBʹΑΔࢀর࣮తͳଘࡏ ▸ IUUQTPMUVBQBDIFPSH ▸ 0"VUI༷Ͱܾ·͍ͬͯΔ෦ͷΈ࣮͞ Ε͍ͯΔ ▸ ࣗͰ࡞ΓࠐΉ෦͕ଟʑ͋Δ ▸ 0QFO*%$POOFDUɺ+85ͳͲͷػೳ͋Δ 38
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVͷػೳ ▸
ڞ௨ ▸ ϦΫΤετϨεϙϯεΛΈཱͯΔ ▸ ඞཁͳύϥϝʔλؚ͕·Ε͍ͯΔ͔νΣοΫ͢Δ ▸ ೝՄαʔόʔ ▸ ೝՄίʔυΞΫηετʔΫϯΛੜ͢Δʢ.%PS 66*%ʣ ▸ ΞΫηετʔΫϯΛؚΉ+40/Λੜ͢Δ 39
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVͷػೳ ଓ͖
▸ Ϧιʔεαʔόʔ ▸ ΞΫηετʔΫϯΛݕূ͢ΔαʔϒϨοτϑΟϧλʔ ▸ ΫϥΠΞϯτ ▸ ΞΫηετʔΫϯΛೝՄαʔόʔ͔Βऔಘ͢Δ 40
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ▸
4QSJOH4FDVSJUZ0"VUI ▸ ߴػೳ͕ͩެࣜυΩϡϝϯτ͕গͳ͍ ▸ IUUQTQSPKFDUTTQSJOHJPTQSJOHTFDVSJUZPBVUIEPDT PBVUIIUNM ▸ 5FSBTPMVOB։ൃΨΠυϥΠϯ͕ৄ͍͠ʢઅ0"VUIʣ ▸ 4QSJOH4FDVSJUZʹ0"VUIػೳ͕ՃΘΔ༧ఆ ▸ IUUQTHJUIVCDPNTQSJOHQSPKFDUTTQSJOHTFDVSJUZUSFF NBTUFSPBVUI 41
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖
▸ QBDK ▸ IUUQXXXQBDKPSH ▸ ༷ʑͳϑϨʔϜϫʔΫͱͷ࿈ܞϥΠϒϥϦ͕͋Δ ▸ 4QSJOH.7$ɺ+"934ɺ1MBZɺ4QBSLɺɾɾɾ ▸ 4QSJOHҎ֎ͳΒ͔ͬͪ͜ʁʢະௐࠪʣ 42
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖
▸ +BWB&&4FDVSJUZ"1* ▸ +BWB&&͔Βͷ৽ػೳ ▸ 0"VUI&&͔Βͷ༧ఆ ▸ ࢀর࣮4PUFSJB ▸ IUUQTHJUIVCDPNKBWBFFTFDVSJUZTQFDTPUFSJB 43
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVҎ֎ͷ༻ٕज़ ▸
͋͑ͯͷ+BWB&& ▸ +"934 +FSTFZ ▸ .7$ 0[BSL ▸ 1BZBSB.JDSP1SPpMF ࣮ߦՄೳ+"3 ▸ 5IZNFMFBG 44 ̎̑ܦաʁ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>1JWPUBMೝఆݚम࣮ࢪதʂ ▸
4QSJOH#PPU%FWFMPQFS ▸ ॳճɿ݄ʙ ▸ 4QSJOH#PPUͷجૅ͔ΒԠ༻·Ͱ ▸ 1JWPUBMͱڞ࠵ͰମݧηϛφʔΓ·͢ʂ 45 https://www.casareal.co.jp/ls/service/openseminar/pivotal
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 46
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε 47
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸
ΫϥΠΞϯτ͕·ͩΞΫηετʔΫϯΛ࣋ͬͯ ͍ͳ͍ ˠೝՄαʔόʔͷೝՄΤϯυϙΠϯτϦμΠϨ Ϋτ͢Δ ▸ ೝՄΤϯυϙΠϯτͷΞΫηεʹඞཁͳΫΤϦύϥ ϝʔλՃ͢Δ 48
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε 49
ύϥϝʔλ໊ ҙຯ response_type ඞͣ”code”(ೝՄίʔυൃߦΛද͢) redirect_uri ϦμΠϨΫτΤϯυϙΠϯτͷURL state CSRFτʔΫϯ client_id ΫϥΠΞϯτΛࣝผ͢ΔID ▸ ඞཁͳΫΤϦύϥϝʔλҰཡ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸
ೝՄΤϯυϙΠϯτϦμΠϨΫτ͢Δίʔυ 50 // ϦμΠϨΫτઌͷURLΛΈཱͯΔ OAuthClientRequest oAuthRequest = OAuthClientRequest .authorizationLocation(“https://localhost:8888/api/authorize”) .setResponseType(“code”) .setClientId(“readwriteclient”) .setRedirectURI(“https://localhost:8081/api/redirect”) .setState("xyz") .buildQueryMessage(); // ೝՄΤϯυϙΠϯτϦμΠϨΫτ return Response.status(Response.Status.FOUND) .location(URI.create(oAuthRequest.getLocationUri())) .build(); readwrite-client/src/main/java/com/example/readwriteclient/web/exception/mapper/AccessTokenRequiredExceptionMapper.java ೝՄΤϯυϙΠϯτURL response_type client_id redirect_uri state※ ※stateͷ”xyz”ԾͷͰ͢ɻຊདྷϥϯμϜͳจࣈྻʹ͠·͢ɻ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸
ΫϥΠΞϯτ͔Β8FCϒϥβͷϨεϙϯε ▸ ೝՄαʔόʔͷೝՄΤϯυϙΠϯτϦμΠϨΫτ 51 302 FOUND Location: https://localhost:8888/api/authorize? response_type=code&redirect_uri=https%3A%2F%2Flo calhost%3A8081%2Fapi%2Fredirect&state=xyz&client _id=readwriteclient
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ 52
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸
8FCϒϥβ͕ɺઌ΄ͲͷϦμΠϨΫτͰࢦఆ ͞Εͨ63-ʹϦΫΤετ 53 GET https://localhost:8888/api/authorize? response_type=code&redirect_uri=https%3A%2F%2Flo calhost%3A8081%2Fapi%2Fredirect&state=xyz&client _id=readwriteclient
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸
ೝՄΤϯυϙΠϯτͷίʔυ 54 @GET @Controller public String goToApprovalView(@Context HttpServletRequest req) throws OAuthProblemException, OAuthSystemException { // ϦΫΤετͷੜʢඞཁͳύϥϝʔλͷνΣοΫߦ͏ʣ OAuthAuthzRequest oAuthRequest = new OAuthAuthzRequest(req); …(தུ)… // ೝՄը໘ϑΥϫʔυ models.put("client", client); models.put("state", oAuthRequest.getState()); return "approval.html"; } authorization-server/src/main/java/com/example/authorizationserver/web/controller/AuthorizationController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸
ೝՄը໘͕Ϩεϙϯε͞ΕΔ 55
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 56
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ ▸
ೝՄը໘ʹϦιʔεΦʔφʔͷ*%ɾύεϫʔυ Λೖྗͯ͠ೝՄ͢Δ 57
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ ▸
ೖྗ͞Εͨ*%ͳͲΛड͚औΔίϯτϩʔϥʔ 58 @POST public Response approve(@FormParam("loginId") String loginId, @FormParam("password") String password, @FormParam("client_id") String clientId, @Context HttpServletRequest httpServletRequest) { // ϦιʔεΦʔφʔͷೝূ ResourceOwner resourceOwner = resourceOwnerService.findByLoginId(loginId); if (!resourceOwner.getPassword().equals(password)) { throw new NotAuthorizedException(…); } // ೝՄίʔυͷൃߦ OAuthIssuer oAuthIssuer = new OAuthIssuerImpl(new MD5Generator()); String authCode = oAuthIssuer.authorizationCode(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 59
// ΫϥΠΞϯτͷऔಘ Client client = clientService.getClient(clientId); // ೝՄίʔυͱϦιʔεΦʔφʔΛϗϧμʔʹอଘ authorizationCodeHolder.addResourceOwner( authCode, resourceOwner); authorizationCodeHolder.addClient(authCode, client); // Ϩεϙϯεͷ࡞ OAuthResponse oAuthResponse = OAuthASResponse .authorizationResponse(httpServletRequest, 302) .setCode(authCode) // ೝՄίʔυ .setParam(“state”, state) // state .location(client.getRedirectUri()) // redirect_uri .buildQueryMessage(); // ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτʹϦμΠϨΫτ return Response.status(oAuthResponse.getResponseStatus()) .location(URI.create(oAuthResponse.getLocationUri())) .build(); } authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 60
▸ ೝՄαʔόʔ͔Β8FCϒϥβͷϨεϙϯε ▸ ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτϦμΠ ϨΫτ 302 FOUND Location: https://localhost:8081/api/redirect? code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz ೝՄίʔυ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 61
ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸
8FCϒϥβ͕ɺΫϥΠΞϯτͷϦμΠϨΫτ ΤϯυϙΠϯτʹϦΫΤετ 62 GET https://localhost:8081/api/redirect? code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz ೝՄίʔυ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸
ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτͷίʔυ 63 @GET @Controller public String redirect(@QueryParam("code") String authCode) { // τʔΫϯΤϯυϙΠϯτͷϦΫΤετͷੜ OAuthClientRequest oAuthClientRequest = OAuthClientRequest .tokenLocation("https://localhost:8888/api/token") .setClientId("readwriteclient") .setClientSecret("password") .setRedirectURI("https://localhost:8081/api/redirect") .setCode(authCode) .setGrantType(GrantType.AUTHORIZATION_CODE) .buildBodyMessage(); // BASICೝূϔομʔΛՃ oAuthClientRequest.addHeader(HttpHeaders.AUTHORIZATION, Constants.AUTH_HEADER_VALUE); readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 64
// τʔΫϯΤϯυϙΠϯτʹϦΫΤετͯ͠ɺΞΫηετʔΫϯΛऔಘ OAuthClient oAuthClient = new OAuthClient( new URLConnectionClient()); OAuthJSONAccessTokenResponse oAuthAccessTokenResponse = oAuthClient.accessToken(oAuthClientRequest); String accessToken = oAuthAccessTokenResponse.getAccessToken(); // ηογϣϯείʔϓͳϗϧμʔʹΞΫηετʔΫϯΛอଘ accessTokenHolder.setAccessToken(accessToken); // Ұཡը໘ʹϦμΠϨΫτ return "redirect:/todo/index"; } readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸
τʔΫϯΤϯυϙΠϯτͷϦΫΤετ༰ ▸ ΫϥΠΞϯτˠೝՄαʔόʔ 65 POST /api/token Host: localhost:8888 Authorization: Basic cmVhZHdyaXRlY2xpZW50OnBhc3N3b3Jk Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&code=876c4b7339cd3a3bd416 a0772fdbf8af&redirect_uri=https%3A%2F%2Flocalhost%3A808 1%2Fapi%2Fredirect
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸
τʔΫϯΤϯυϙΠϯτͷίʔυ 66 @POST @Produces(MediaType.APPLICATION_JSON) public Response token( @Context HttpServletRequest httpServletRequest) { // τʔΫϯϦΫΤετʹඞཁͳύϥϝʔλΛνΣοΫ OAuthTokenRequest oauthRequest = new OAuthTokenRequest(httpServletRequest); …(தུ)… // ΞΫηετʔΫϯͱϦϑϨογϡτʔΫϯൃߦ OAuthIssuer oAuthIssuer = new OAuthIssuerImpl(new MD5Generator()); String accessToken = oAuthIssuer.accessToken(); String refreshToken = oAuthIssuer.refreshToken(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 67
// Ϩεϙϯε͢ΔJSONͷ࡞ OAuthResponse oAuthResponse = OAuthASResponse .tokenResponse(Response.Status.OK.getStatusCode()) .setAccessToken(accessToken) .setExpiresIn("3600") .setRefreshToken(refreshToken) .buildJSONMessage(); ɹ// ΫϥΠΞϯτʹ200 OKͰϨεϙϯε return Response.ok(oAuthResponse.getBody()) .build(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸
τʔΫϯΤϯυϙΠϯτ͔Βͷ+40/Ϩεϙϯε ▸ ೝՄαʔόʔˠΫϥΠΞϯτ 68 200 OK {"access_token":"ffb085abdadf4235c33aa0f042a4f5eb","ref resh_token":"b1669b4c5fdc984f9bd5252bc2f50f52","expires _in":3600} ΞΫηετʔΫϯ ̏̔ܦաʁ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>+BWB4DSJQUݚम࣮ࢪதʂ ▸
"OHVMBS 5ZQF4DSJQU ▸ 3FBDU 3FEVY ▸ /PEFKT ▸ &$."4DSJQUجຊจ๏ 69 https://www.casareal.co.jp/ls/service/openseminar/html
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 70
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦΫΤετ ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ
71 ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ٻॻ࡞ ࢿྉ༣ૹ Ϧιʔε αʔόʔ ᶃϦΫΤετ ᶅΞΫηε ɹτʔΫϯ ɹݕূ ᶆϢʔβʔใείʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ ɹνΣοΫ ᶄϦιʔεʹΞΫηε with ΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦΫΤετ ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ
▸ ΫϥΠΞϯτ͔ΒϦιʔεαʔόʔʹϦΫΤετ ▸ ΞΫηετʔΫϯΛ"VUIPSJ[BUJPOϔομʔʹՃ 72 GET /api/v1/todos Authorization : Bearer ffb085abdadf4235c33aa0f042a4f5eb ΞΫηετʔΫϯ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 73 ೝՄαʔόʔ
ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ٻॻ࡞ ࢿྉ༣ૹ Ϧιʔε αʔόʔ ᶃϦΫΤετ ᶅΞΫηε ɹτʔΫϯ ɹݕূ ᶆϢʔβʔใείʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ ɹνΣοΫ ᶄϦιʔεʹΞΫηε with ΞΫηετʔΫϯ ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ ▸
ϦΫΤετΛड͚औͬͨϦιʔεαʔόʔɺ ϔομʔͰૹΒΕ͖ͯͨΞΫηετʔΫϯͷ ਖ਼ੑΛνΣοΫ͢Δ ▸ ຊʹೝՄαʔόʔ͕ൃߦͨ͠ͷʁ ▸ ຊʹ͜ͷΫϥΠΞϯτʹରͯ͠ൃߦ͞Εͨͷʁ 74
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ ▸
"QBDIF0MUVͰɺϦιʔεαʔόʔ༻ͷ αʔϒϨοτϑΟϧλʔ͕༻ҙ͞Ε͍ͯΔ 75 <filter> <filter-name>OAuthFilter</filter-name> <filter-class> org.apache.oltu.oauth2.rsfilter.OAuthFilter </filter-class> </filter> <filter-mapping> <filter-name>OAuthFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> resource-server/src/main/webapp/WEB-INF/web.xml
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ ▸
0"VUI'JMUFS͔Βɺ0"VUI341SPWJEFS࣮Ϋ ϥε͕ݺΕΔ ▸ XFCYNMʹԼهͷఆ͕ٛඞཁ 76 <context-param> <param-name>oauth.rs.provider-class</param-name> <param-value> com.example.resourceserver.oauth.MyOAuthRSProvider </param-value> </context-param> resource-server/src/main/webapp/WEB-INF/web.xml
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ 77
public class MyOAuthRSProvider implements OAuthRSProvider { @Override public OAuthDecision validateRequest(String rsId, String accessToken, HttpServletRequest httpServletRequest) { // ೝՄαʔόʔHTTPΞΫηεͯ͠ΞΫηετʔΫϯͷਖ਼ੑνΣοΫ MultivaluedHashMap<String, String> formParams = …; formParams.putSingle("access_token", accessToken); Response response = ClientBuilder.newBuilder() .build() .target("https://localhost:8888/api/check_token") .request() .header("Content-Type", "application/x-www-form-urlencoded") .header("Authorization", Constants.AUTH_HEADER_VALUE) .post(Entity.form(formParams)); // ΞΫηετʔΫϯਖ਼ͳΒ200͕ฦͬͯ͘Δ if (response.getStatusInfo().equals(Response.Status.OK)) { // ΓΛฦ͢ } resource-server/src/main/java/com/example/resourceserver/oauth/MyOAuthRSProvider.java
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ 78
▸ ೝՄαʔόʔ͔ΒͷϨεϙϯε 200 OK Content-Type: application/json { “login_id” : “user1”, “client” : { “client_id” : “readwriteclient”, … “scope_types” : [“read”, “write”] } } είʔϓใ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 79 ೝՄαʔόʔ
ΫϥΠΞϯτ Ϧιʔε Φʔφʔ Web ϒϥβ ٻॻ࡞ ࢿྉ༣ૹ Ϧιʔε αʔόʔ ᶃϦΫΤετ ᶅΞΫηε ɹτʔΫϯ ɹݕূ ᶆϢʔβʔใείʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ ɹνΣοΫ ᶄϦιʔεʹΞΫηε with ΞΫηετʔΫϯ ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε ▸
Ϧιʔεαʔόʔͷίϯτϩʔϥʔϝιουʹ !3PMFT"MMPXFEͰείʔϓΛࢦఆ 80 @Path("/todos") public class TodoController { @RolesAllowed("read") @GET @Produces("application/json") public Response findAll() { … } @RolesAllowed("write") @POST @Consumes("application/json") public Response add(Todo todo) { … } } resource-server/src/main/java/com/example/resourceserver/web/controller/TodoController.java ̐̌ܦաʁ
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>ଞʹ͍Ζ͍Ζ࣮ࢪதʂ ▸
4XJGU ▸ "OESPJE ▸ 4DBMB ▸ 3VCZ 81 https://www.casareal.co.jp/ls/service/openseminar/html
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 82
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI༷ॻΑΓ ▸
ຊࢿྉͰະհͷࣄ߲ ▸ ೝՄίʔυϦμΠϨΫτ63*ͷૢ࡞ ▸ ϑΟογϯάΞλοΫ ▸ ΫϩεαΠτϦΫΤετϑΥʔδΣϦ ɾɾɾͳͲ ▸ ඞ༷ͣॻΛνΣοΫ͠·͠ΐ͏ʂ ▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJP SGDKBIUNMBODIPS 83
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ηΩϡϦςΟؔ࿈ͷ༷ॻ ▸
3'$0"VUI5ISFBU.PEFMBOE 4FDVSJUZ$POTJEFSBUJPOT ▸ IUUQXXXSGDFEJUPSPSHJOGPSGD ▸ 3'$0"VUI5PLFO3FWPDBUJPO ▸ IUUQPQFOJEGPVOEBUJPOKBQBOHJUIVCJP SGDKBIUNM 84
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.> Ր
1BZBSB.FFUVQ ▸ 1BZBSB։ൃνʔϜͷॳདྷه೦Πϕϯτʂ ▸ ৭ʑͱؾʹͳΔ͜ͱΛฉ͍ͪΌ͍·͠ΐ͏ʂ ▸ ͓ਃࠐΈͪ͜Β ▸ IUUQTHMBTTpTIEPPSLFFQFSKQFWFOUT 85
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 86
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIཧղͷϙΠϯτ ▸
༻ޠΛਖ਼֬ʹཧղ͠Α͏ʂ ▸ ୭͕୭ʹϦΫΤετ͍ͯ͠Δͷ͔ΛɺਤͰཧղ͠Α ͏ʂ ▸ ༷Ͱܾ·͍ͬͯΔ෦ɾܾ·͍ͬͯͳ͍෦Λ͖ͬ ͪΓ͚Α͏ʂ ▸ ຊࢿྉͰղઆͨ͜͠ͱ͕શͯͰͳ͍ͷͰɺ༷ॻ ΛඞͣνΣοΫ͠Α͏ʂ 87
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUV͑Δ͔ʁ ▸
͋͘·Ͱʮֶश༻ʯͱ͍͏ͷ͕ݸਓతͳײ ▸ ػೳ͕࠷ݶͰੜ࢈ੑ͋·Γྑ͘ͳ͍ ▸ υΩϡϝϯτ͕গͳ͍ʴக໋తͳؒҧ͍ ▸ ͦͷଞͷηΩϡϦςΟࣄ߲ͯࣗ͢ݾ ▸ جຊతʹ4QSJOH4FDVSJUZ0"VUIQBDKͳ ͲΛͬͨ΄͏͕ྑ͍͔ 88
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUVͷৄࡉ ▸
ΧαϨΞϧ0SHBOJ[BUJPOͷ2JJUBʹॻ͖·͢ ʢۙެ։ʂʣ ▸ ೝՄαʔόʔͷ࣮ ▸ Ϧιʔεαʔόʔͷ࣮ ▸ ΫϥΠΞϯτͷ࣮ 89
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͞Βʹֶश͢ΔͨΊʹ ▸
0"VUI༷ॻຊޠ൛ ▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPSGDKBIUNM ▸ 0"VUIΛ͡ΊΑ͏ ▸ IUUQTXXXPSFJMMZDPKQCPPLT ▸ 0"VUIશϑϩʔͷਤղͱಈը ▸ IUUQRJJUBDPN5BLBIJLP,BXBTBLJJUFNTFCGBG ▸ ࠓߋฉ͚ͳ͍0"VUI ▸ IUUQTXXXTMJEFTIBSFOFUQIQITBPBVUI 90
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <ืू>τϨʔφʔΛͬͯΈ͍ͨํʂ ▸
͖ͳٕज़Λͱ͜ͱΜͬͯ ੈͷதʹΊΒΕΔʂ ▸ ߨࢣະܦݧ0,ʂ ▸ ϗϫΠτاۀʂ ▸ !TVLF@NBTBʢଟాʣ·Ͱ ͓ؾܰʹ5XJUUFS%.͍ͩ͘͞ʂ 91
(C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 &OKPZ+BWB0"VUI ▸
͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ 92