Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Javaで実装して学ぶOAuth 2.0!

5dbaf4015e7f249ab21b195ced8e9e46?s=47 Masatoshi Tada
May 20, 2017
Technology
10
14k

Javaで実装して学ぶOAuth 2.0!

JJUG CCC 2017 Springでの発表資料です。

5dbaf4015e7f249ab21b195ced8e9e46?s=128

Masatoshi Tada

May 20, 2017
Tweet

More Decks by Masatoshi Tada

See All by Masatoshi Tada
プロになるためのSpring上級知識 #jsug / advanced-spring-for-professionals
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
3
980
OpenID Connect 1.0 with Spring Security #jjug_ccc #jjug_ccc_b / oidc-with-spring-security
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
1
800
Flaskのセキュリティどうしてます?アクセス制御ライブラリCasbin入門! #pycharity / flask-authz-with-casbin
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
0
600
今こそ知りたいSpring DI×AOP / spring-di-aop-for-every-developers
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
4
1.4k
OAuth 2.0 with Spring Security #jjug_ccc #jjug_ccc_b / oauth2-with-spring-security
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
4
1.2k
基礎から分かる!アプリケーション開発者のためのKubernetes入門 / kubernetes-basics-for-application-developers
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
10
3.1k
2時間で分かる!Kubernetesとは何なのか / what-is-kubernetes
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
0
710
Introduction to Resilience4j
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
2
770
SpringOne Platform 2019報告会 -概要、Resilience4j、LT- #jsug / springone-platform-2019
5dbaf4015e7f249ab21b195ced8e9e46?s=48 masatoshitada
0
710

Other Decks in Technology

See All in Technology
Who owns the Service Level?
93c80c388fe9d8f9df7d030549a0ff0b?s=48 chaspy
5
1.3k
Adopting Kafka for the #1 job site in the world
D984cd543d2abef28596cc5cfe82240c?s=48 ymyzk
1
670
Embedded SRE at Mercari
Ecb3acc2d246962361a4f8b3f7a6dd12?s=48 tcnksm
0
860
VFX Graphを使って 軽率にAudio Visualizerを作る
E123f0d70182268563d4e63e23d8c55c?s=48 drumath2237
0
100
Data-Driven Healthcare - Techplay
Bc9f06dc792f2ab663c7bf10326e649e?s=48 kotaroito
0
120
ドキュメントの翻訳に必要なこと
0d0586f83b68c623c4f04c752c4b515b?s=48 mayukosawai
0
170
失敗を経験したあなたへ〜建設的なインシデントの振り返りを行うために実践するべきこと〜
8989dfee7c4a1360817fccb657d695bc?s=48 nobuakikikuchi
0
200
プロダクトの理想と現実はなぜ乖離しがち?プロダクト作りに潜む問題を考える
E6059f359d777e0b0c5ee9820e3e8d32?s=48 suzukentaro
0
200
AWS ChatbotでEC2インスタンスを 起動できるようにした
Eb5a213a0a76afa872249a05444c78c1?s=48 iwamot
0
170
CTOのためのQAのつくりかた #scrumniigata / SigSQA How to create QA for CTOs and VPoEs
63d1e567c2c7b1dbf340f7bea9a92876?s=48 caori_t
0
320
SRENEXT2022 組織にSREを実装していくまでの道のり
9cd2d753636f4849c881ccf2381228ee?s=48 marnie0301
1
660
アルプの 認証/認可分離戦略と手法
C6a8cb5e13aa716521d522471ec4e4cd?s=48 ma2k8
PRO
2
350

Featured

See All Featured
Why Our Code Smells
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
324
54k
Scaling GitHub
78b475797a14c84799063c7cd073962f?s=48 holman
451
140k
Building a Scalable Design System with Sketch
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
447
30k
Helping Users Find Their Own Way: Creating Modern Search Experiences
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
7
1k
Facilitating Awesome Meetings
245cee81a9c424266e5e401d844ea881?s=48 lara
29
3.9k
Fantastic passwords and where to find them - at NoRuKo
8ec1383b240b5ba15ffb9743fceb3c0e?s=48 philnash
25
1.5k
Web Components: a chance to create the future
E190023b66e2b8aa73a842b106920c93?s=48 zenorocha
303
40k
How to name files
0a4f62e90c976eeb44d33add75cca5af?s=48 jennybc
39
59k
The Art of Programming - Codeland 2020
719435d98d452de7ac367c828266cf01?s=48 erikaheidi
32
5.8k
Producing Creativity
Ae14cc4491ac334f9cd23f9f93b4305e?s=48 orderedlist
PRO
333
37k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
E425fe9f170efa0dfaf8ab69d7107418?s=48 aki_i
21
14k
Optimizing for Happiness
25c7c18223fb42a4c6ae1c8db6f50f9b?s=48 mojombo
365
63k

Transcript

  1. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 +BWBͰ࣮૷ֶͯ͠Ϳ 0"VUIʂ

    ג ΧαϨΞϧଟాਅහ ++6($$$4QSJOH 

  2. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͜ͷηογϣϯʹ͍ͭͯ ▸

    ೝՄϓϩτίϧʮ0"VUIʯʹ͍ͭͯɺ
 جૅ͔Βৄ͘͠ղઆ͠·͢ ▸ +BWBͰೝՄαʔόʔɾϦιʔεαʔόʔɾ
 ΫϥΠΞϯτΛ࣮૷ͨ͠ྫ΋ղઆ͠·͢ 2

  3. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ࣗݾ঺հ ▸

    ଟాਅහʢ!TVLF@NBTBʣ ▸ ݚमτϨʔφʔ!ΧαϨΞϧ ▸ ઐ໳ɿ+BWB&&4QSJOH ▸ 1JWPUBMೝఆߨࢣ ▸ (MBTT'JTIϢʔβʔձӡӦϝϯόʔ ▸ ++6($$$ɿճ࿈ଓճ໨ͷొஃ 3

  4. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 גࣜձࣾΧαϨΞϧ ▸

    *5ڭҭˍγεςϜ։ൃ ▸ IUUQTXXXDBTBSFBMDPKQMTTFSWJDF PQFOTFNJOBSUPQJOEFYIUNM ▸ ଞࣾʹ͸ແ͍ϓϩάϥϛϯάݚम͕ڧΈʂ ▸ +BWB&&ɺ4QSJOHɺ1JWPUBMೝఆίʔεɺ"QQMFೝఆίʔ εɺ+BWB4DSJQUɺJ04ɺ"OESPJEɺɾɾɾ 4

  5. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 5

  6. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 6

  7. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱ͸ʁ 3'$ΑΓ

    ▸ ೝՄͷྲྀΕΛنఆͨ͠ϓϩτίϧ ▸ ʮαʔυύʔςΟʔΞϓϦέʔγϣϯʹΑΔ)551 αʔϏε΁ͷݶఆతͳΞΫηεΛՄೳʹ͢ΔೝՄϑϨʔ ϜϫʔΫͰ͋Δʯ ▸ 0"VUIͱ͸શ͘ͷผ෺ ▸ ʮ0"VUIϓϩτίϧΛഇࢭ͠ɺͦͷ୅ସͱͳΔ΋ ͷʯ 7

  8. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূͱೝՄ ▸

    ೝূ "VUIFOUJDBUJPO"VUI/ "VUI$  ▸ ຊਓ֬ೝɻ͍ΘΏΔϩάΠϯɻ ▸ ೝՄ "VUIPSJ[BUJPO"VUI;  ▸ ຊਓ֬ೝޙʹɺͦͷਓʹͦͷॲཧͷ࣮ߦݖݶ͕͋Δ͔ Ͳ͏͔ͷ֬ೝɻ 8

  9. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯͱ͸ ▸

    ΫϥΠΞϯτ͕ϦιʔεαʔόʔʹΞΫηε͢Δ ࡍͷʮ௨ߦखܗʯͷΑ͏ͳ΋ͷ ▸ ೝՄαʔόʔ͔Βൃߦ͞ΕΔ 9 GET /api/todos HTTP 1.1 Host: resource-server.com Authorization:Bearer yd2Dcweij334SSx ΞΫηετʔΫϯ

  10. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 είʔϓͱ͸ ▸

    ΫϥΠΞϯτ͕ΞΫηεՄೳͳൣғ 10

  11. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 11

  12. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͷొ৔ਓ෺ ᶃ

    ϦιʔεΦʔφʔ 3FTPVSDF0XOFS  ᶄ Ϧιʔεαʔόʔ 3FTPVSDF4FSWFS  ᶅ ΫϥΠΞϯτ $MJFOU  ᶆ ೝՄαʔόʔ "VUIPSJ[BUJPO4FSWFS 12 υΩϡϝϯτ΍ϥΠϒϥϦͰසग़ → ਖ਼֬ʹ֮͑Δ͜ͱ͕ॏཁʂ

  13. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦιʔεΦʔφʔ ▸

    อޢ͞ΕͨϦιʔε΁ͷΞΫηεΛڐՄ͢Δਓؒ ▸ ػցͷ৔߹΋͋Δ ▸ 5XJUUFSͳΒʮਓਓͷϢʔβʔʯ 13

  14. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄϦιʔεαʔόʔ ▸

    อޢ͞ΕͨϦιʔεΛϗετ͢Δαʔόʔ ▸ ϦιʔεʹΞΫηε͢Δʹ͸ΞΫηετʔΫϯ͕ඞཁ ▸ 5XJUUFSͳΒʮͭͿ΍͖αʔόʔʯ 14

  15. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΫϥΠΞϯτ ▸

    ϦιʔεΦʔφʔͷೝՄΛಘͯɺͦͷ୅ཧͱͯ͠อ ޢ͞ΕͨϦιʔεʹΞΫηε͢ΔΞϓϦέʔγϣϯ ▸ αʔόʔαΠυ8FCΞϓϦɺΫϥΠΞϯταΠυ8FCΞ ϓϦɺωΠςΟϒΞϓϦͳͲଟछଟ༷ ▸ 5XJUUFSͳΒʮUXJUUFSDPNʯʮ5XFFU%FDLʯʮJ04 "OESPJE༻ΫϥΠΞϯτʯʮ%PPSLFFQFSʯͳͲ 15

  16. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄαʔόʔ ▸

    ϦιʔεΦʔφʔͷೝূͱೝՄऔಘͷ੒ޭޙɺ
 ΞΫηετʔΫϯΛΫϥΠΞϯτʹൃߦ͢Δαʔ όʔ ▸ 5XJUUFSͳΒ͹ʮϢʔβʔ৘ใαʔόʔʯ 16

  17. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 5XJUUFSͰొ৔ਓ෺·ͱΊ 17

    twitter.com ࠓ೔͸CCC!
 ָ͠Έͩͳʔ Ϧιʔε
 Φʔφʔ ΫϥΠΞϯτ Ϧιʔεαʔόʔ ೝՄαʔόʔ ೝՄ ΞΫηε
 τʔΫϯ
 ෇༩ ΞΫηε
 τʔΫϯ ͭͿ΍͖ ̔෼ܦաʁ

  18. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>+BWBݚम࣮ࢪதʂ ▸

    +BWB&&+4'ɺ+1"ɺ$%*ʹΑΔεϚʔτ։ൃ ▸ +BWB&&+"934 ▸ 4QSJOH͸͡Ίͯͷ4QSJOH.7$ ▸ &⒎FDUJWF+BWBͷཧղͱ'JOE#VHTͷ׆༻ ▸ ͱ͜ͱΜ࢖͏ʂ+6OJUϑΝϛϦʔ 18 https://www.casareal.co.jp/ls/service/openseminar/java

  19. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 19

  20. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΫϥΠΞϯτͷछྨʹΑΔͭͷάϥϯτλΠϓ ᶃ

    ೝՄίʔυάϥϯτ ▸ ओʹαʔόʔαΠυ8FCΞϓϦ ᶄ ΠϯϓϦγοτάϥϯτ ▸ ओʹΫϥΠΞϯταΠυ8FCΞϓϦ ᶅ ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧάϥϯτ ▸ ओʹϦιʔεαʔόʔެࣜͷωΠςΟϒΞϓϦ ᶆ ΫϥΠΞϯτΫϨσϯγϟϧάϥϯτ ▸ ΫϥΠΞϯτࣗ਎ͷ৘ใʹΞΫηε͢Δ৔߹ͳͲ 20 ←ࠓճ͸ίϨ

  21. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝՄίʔυάϥϯτͷಛ௃ ▸

    ೝՄαʔόʔ͸ɺ·ͣΞΫηετʔΫϯͷҾ׵݊
 ೝՄίʔυ ΛΫϥΠΞϯτʹൃߦ͢Δ ▸ ϦμΠϨΫτͱΫΤϦύϥϝʔλΛར༻ͯ͠ɺ8FCϒϥ΢β Λܦ༝ͯ͠౉͢ ▸ ΫϥΠΞϯτ͸ɺೝՄίʔυΛೝՄαʔόʔʹఏࣔ͠ɺ ΞΫηετʔΫϯΛड͚औΔ ▸ 8FCϒϥ΢βʹ௚઀ΞΫηετʔΫϯΛ౉͞ͳ͍Α͏ʹ͢Δ ͨΊʢ΋͠8FCϒϥ΢β͕ѱ͍ਓʹ৐ͬऔΒΕͯͨΒΞ΢τͳͷͰʣ 21

  22. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ॏཁͳͭͷΤϯυϙΠϯτ ᶃ

    ೝՄΤϯυϙΠϯτ ೝՄαʔόʔ  ▸ ೝՄը໘ΛϨεϙϯε͢Δ63- ᶄ τʔΫϯΤϯυϙΠϯτ ೝՄαʔόʔ  ▸ ΞΫηετʔΫϯΛൃߦ͢Δ63- ᶅ ϦμΠϨΫτΤϯυϙΠϯτ ΫϥΠΞϯτ  ▸ ೝՄίʔυൃߦޙͷϦμΠϨΫτઌͷ63- 22

  23. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝՄίʔυʹΑΔΞΫηετʔΫϯऔಘ 23

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β※ ※Webϒϥ΢β͸ɺ࢓༷ॻͰ͸ʮϢʔβʔΤʔδΣϯτʯͱهࡌ͞Ε͍ͯ·͢ ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ

  24. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯΛར༻ͨ͠ϦιʔεΞΫηε 24

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ

  25. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI࢓༷Ͱະఆٛͷ෦෼ᶃ 25

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ Ͳ͏ೝՄ͢Δ͔͸ܾ·ͬͯͳ͍
 ˠ։ൃऀ͕࡞ΓࠐΉඞཁ͕͋Δ

  26. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI࢓༷Ͱະఆٛͷ෦෼ᶄ 26

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ΞΫηετʔΫϯΛ
 ૹΔ෦෼Ҏ֎͸
 ΄ͱΜͲະఆٛ

  27. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯ΍είʔϓͷνΣοΫํ๏ "

    Ϧιʔεαʔόʔ͔ΒೝՄ αʔόʔʹ໰͍߹ΘͤΔ # ڞ༗σʔλϕʔεͳͲΛར ༻͢Δ $ ϦιʔεαʔόʔͱೝՄαʔ όʔΛಉҰαʔόʔʹ͢Δ 27 ←ࠓճ͸ίϨ ※είʔϓ͸ΞΫηετʔΫϯ ʹؚΊΔํ๏΋͋ΔʢJWTʣ

  28. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱʮೝূʯ ▸

    0"VUI͸ʮೝՄʯ ▸ ͔͠͠ʮೝূʯ͕ඞཁͳՕॴ΋͍͔ͭ͋͘Δ 28

  29. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶃ 29

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ ೝՄͨ͠ͷ͸ຊ౰ʹϦιʔεΦʔφʔʁ
 ˠϦιʔεΦʔφʔͷIDɾύεϫʔυͰೝূ

  30. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶄ 30

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ ೝՄίʔυΛૹ͖ͬͯͨͷ͸ຊ౰ʹΫϥΠΞϯτʁ
 ˠclient_idɾclient_secretͰBASICೝূ ※client_idͱclient_secret͸ɺೝՄαʔόʔʹࣄલʹൃߦͯ͠΋Β͏

  31. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ೝূ͕ඞཁͳՕॴᶅ 31

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ΞΫηετʔΫϯΛૹ͖ͬͯͨͷ͸
 ຊ౰ʹϦιʔεαʔόʔʁ
 ˠϦιʔεαʔόʔͷIDɾύεϫʔυ
 ͰBASICೝূ

  32. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ΞΫηετʔΫϯͷೝূ͸ʁ ▸

    ΞΫηετʔΫϯൃߦޙͷϦιʔεΦʔφʔຊਓ ֬ೝ͸͠ͳ͍ ▸ ΞΫηετʔΫϯʹ༗ޮظݶΛ͚ͭΔɺ
 ΞΫηετʔΫϯͷ࠶ൃߦ SFGSFTIτʔΫϯ ɺ
 ΞΫηετʔΫϯͷണୣ SFWPLF ɺ
 ͳͲͷߟྀ͸ඞਢ ▸ ࣌ؒͷ౎߹্ɺࠓճ͸಺༰ʹؚΊ·ͤΜ 32

  33. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIͱ҉߸Խ ▸

    ҉߸Խ͸ඞਢ ▸ ೝՄίʔυɺΞΫηετʔΫϯɺೝূ৘ใͳͲɺ
 ػີ৘ใ͕ωοτϫʔΫ্ʹඈͼަ͏ͨΊ ▸ ͢΂ͯͷ௨৴Λ)5514Ͱߦͬͨํ͕Α͍ 33 ̍̔෼ܦաʁ

  34. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>1JWPUBMೝఆݚम࣮ࢪதʂ ▸

    $PSF4QSJOH ▸ ᶃ݄೔ʙ೔ɺᶄ݄೔ʙ೔ ▸ ϋΠϨϕϧͳʮ4QSJOHͷجૅʯ ▸ %*ɺ"01ɺςετɺ%#ɺτϥϯβΫγϣϯɺ 8FCɺ3&45ɺ4FDVSJUZɺ4QSJOH#PPUɺ .JDSPTFSWJDFTʜ 34 https://www.casareal.co.jp/ls/service/openseminar/pivotal

  35. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 35

  36. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ࠓճͷαϯϓϧΞϓϦ ▸

    50%0؅ཧΞϓϦ ▸ ೝՄαʔόʔ ▸ Ϧιʔεαʔόʔ ▸ ಡΈॻ͖ΫϥΠΞϯτ ▸ ಡΉ͚ͩΫϥΠΞϯτ 36 ੥ٻॻ࡞੒
 ࢿྉ༣ૹ JSON HTML ΞΫηε
 τʔΫϯ ݕূ ίʔυ -> https://github.com/MasatoshiTada/oltu-todo

  37. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 %&.0 37

  38. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUV ▸

    0"VUIͷ+BWBʹΑΔࢀর࣮૷తͳଘࡏ ▸ IUUQTPMUVBQBDIFPSH ▸ 0"VUI࢓༷Ͱܾ·͍ͬͯΔ෦෼ͷΈ࣮૷͞ Ε͍ͯΔ ▸ ࣗ෼Ͱ࡞ΓࠐΉ෦෼͕ଟʑ͋Δ ▸ 0QFO*%$POOFDUɺ+85ͳͲͷػೳ΋͋Δ 38

  39. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVͷػೳ ▸

    ڞ௨ ▸ ϦΫΤετ΍ϨεϙϯεΛ૊ΈཱͯΔ ▸ ඞཁͳύϥϝʔλؚ͕·Ε͍ͯΔ͔΋νΣοΫ͢Δ ▸ ೝՄαʔόʔ ▸ ೝՄίʔυ΍ΞΫηετʔΫϯΛੜ੒͢Δʢ.%PS 66*%ʣ ▸ ΞΫηετʔΫϯΛؚΉ+40/Λੜ੒͢Δ 39

  40. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVͷػೳ ଓ͖

    ▸ Ϧιʔεαʔόʔ ▸ ΞΫηετʔΫϯΛݕূ͢ΔαʔϒϨοτϑΟϧλʔ ▸ ΫϥΠΞϯτ ▸ ΞΫηετʔΫϯΛೝՄαʔόʔ͔Βऔಘ͢Δ 40

  41. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ▸

    4QSJOH4FDVSJUZ0"VUI ▸ ߴػೳ͕ͩެࣜυΩϡϝϯτ͕গͳ͍ ▸ IUUQTQSPKFDUTTQSJOHJPTQSJOHTFDVSJUZPBVUIEPDT PBVUIIUNM ▸ 5FSBTPMVOB։ൃΨΠυϥΠϯ͕ৄ͍͠ʢઅ0"VUIʣ ▸ 4QSJOH4FDVSJUZʹ΋0"VUIػೳ͕ՃΘΔ༧ఆ ▸ IUUQTHJUIVCDPNTQSJOHQSPKFDUTTQSJOHTFDVSJUZUSFF NBTUFSPBVUI 41

  42. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖

    ▸ QBDK ▸ IUUQXXXQBDKPSH ▸ ༷ʑͳϑϨʔϜϫʔΫͱͷ࿈ܞϥΠϒϥϦ͕͋Δ ▸ 4QSJOH.7$ɺ+"934ɺ1MBZɺ4QBSLɺɾɾɾ ▸ 4QSJOHҎ֎ͳΒ͹͔ͬͪ͜΋ʁʢະௐࠪʣ 42

  43. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖

    ▸ +BWB&&4FDVSJUZ"1* ▸ +BWB&&͔Βͷ৽ػೳ ▸ 0"VUI͸&&͔Βͷ༧ఆ ▸ ࢀর࣮૷͸4PUFSJB ▸ IUUQTHJUIVCDPNKBWBFFTFDVSJUZTQFDTPUFSJB 43

  44. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0MUVҎ֎ͷ࢖༻ٕज़ ▸

    ͋͑ͯͷ+BWB&& ▸ +"934 +FSTFZ  ▸ .7$ 0[BSL  ▸ 1BZBSB.JDSP1SPpMF
 ࣮ߦՄೳ+"3 ▸ 5IZNFMFBG 44 ̎̑෼ܦաʁ

  45. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>1JWPUBMೝఆݚम࣮ࢪதʂ ▸

    4QSJOH#PPU%FWFMPQFS ▸ ॳճɿ݄೔ʙ೔ ▸ 4QSJOH#PPUͷجૅ͔ΒԠ༻·Ͱ ▸ 1JWPUBMͱڞ࠵Ͱମݧηϛφʔ΍Γ·͢ʂ 45 https://www.casareal.co.jp/ls/service/openseminar/pivotal

  46. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 46

  47. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε 47

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ

  48. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸

    ΫϥΠΞϯτ͕·ͩΞΫηετʔΫϯΛ࣋ͬͯ ͍ͳ͍
 ˠೝՄαʔόʔͷೝՄΤϯυϙΠϯτ΁ϦμΠϨ Ϋτ͢Δ ▸ ೝՄΤϯυϙΠϯτ΁ͷΞΫηεʹඞཁͳΫΤϦύϥ ϝʔλ΋෇Ճ͢Δ 48

  49. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε 49

    ύϥϝʔλ໊ ҙຯ response_type ඞͣ”code”(ೝՄίʔυൃߦΛද͢) redirect_uri ϦμΠϨΫτΤϯυϙΠϯτͷURL state CSRFτʔΫϯ client_id ΫϥΠΞϯτΛࣝผ͢ΔID ▸ ඞཁͳΫΤϦύϥϝʔλҰཡ

  50. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸

    ೝՄΤϯυϙΠϯτ΁ϦμΠϨΫτ͢Δίʔυ 50 // ϦμΠϨΫτઌͷURLΛ૊ΈཱͯΔ OAuthClientRequest oAuthRequest = OAuthClientRequest .authorizationLocation(“https://localhost:8888/api/authorize”) .setResponseType(“code”) .setClientId(“readwriteclient”) .setRedirectURI(“https://localhost:8081/api/redirect”) .setState("xyz") .buildQueryMessage(); // ೝՄΤϯυϙΠϯτ΁ϦμΠϨΫτ return Response.status(Response.Status.FOUND) .location(URI.create(oAuthRequest.getLocationUri())) .build(); readwrite-client/src/main/java/com/example/readwriteclient/web/exception/mapper/AccessTokenRequiredExceptionMapper.java ೝՄΤϯυϙΠϯτURL response_type client_id redirect_uri state※ ※stateͷ”xyz”͸Ծͷ஋Ͱ͢ɻຊདྷ͸ϥϯμϜͳจࣈྻʹ͠·͢ɻ

  51. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃॳճΞΫηε ▸

    ΫϥΠΞϯτ͔Β8FCϒϥ΢β΁ͷϨεϙϯε ▸ ೝՄαʔόʔͷೝՄΤϯυϙΠϯτ΁ϦμΠϨΫτ 51 302 FOUND Location: https://localhost:8888/api/authorize? response_type=code&redirect_uri=https%3A%2F%2Flo calhost%3A8081%2Fapi%2Fredirect&state=xyz&client _id=readwriteclient

  52. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ 52

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ

  53. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸

    8FCϒϥ΢β͕ɺઌ΄ͲͷϦμΠϨΫτͰࢦఆ ͞Εͨ63-ʹϦΫΤετ 53 GET https://localhost:8888/api/authorize? response_type=code&redirect_uri=https%3A%2F%2Flo calhost%3A8081%2Fapi%2Fredirect&state=xyz&client _id=readwriteclient

  54. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸

    ೝՄΤϯυϙΠϯτͷίʔυ 54 @GET @Controller public String goToApprovalView(@Context HttpServletRequest req) throws OAuthProblemException, OAuthSystemException { // ϦΫΤετͷੜ੒ʢඞཁͳύϥϝʔλͷνΣοΫ΋ߦ͏ʣ OAuthAuthzRequest oAuthRequest = new OAuthAuthzRequest(req); …(தུ)… // ೝՄը໘΁ϑΥϫʔυ models.put("client", client); models.put("state", oAuthRequest.getState()); return "approval.html"; } authorization-server/src/main/java/com/example/authorizationserver/web/controller/AuthorizationController.java

  55. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘ ▸

    ೝՄը໘͕Ϩεϙϯε͞ΕΔ 55

  56. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 56

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ

  57. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ ▸

    ೝՄը໘ʹϦιʔεΦʔφʔͷ*%ɾύεϫʔυ Λೖྗͯ͠ೝՄ͢Δ 57

  58. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ ▸

    ೖྗ͞Εͨ*%ͳͲΛड͚औΔίϯτϩʔϥʔ 58 @POST public Response approve(@FormParam("loginId") String loginId, @FormParam("password") String password, @FormParam("client_id") String clientId, @Context HttpServletRequest httpServletRequest) { // ϦιʔεΦʔφʔͷೝূ ResourceOwner resourceOwner = resourceOwnerService.findByLoginId(loginId); if (!resourceOwner.getPassword().equals(password)) { throw new NotAuthorizedException(…); } // ೝՄίʔυͷൃߦ OAuthIssuer oAuthIssuer = new OAuthIssuerImpl(new MD5Generator()); String authCode = oAuthIssuer.authorizationCode(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java

  59. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 59

    // ΫϥΠΞϯτͷऔಘ Client client = clientService.getClient(clientId); // ೝՄίʔυͱϦιʔεΦʔφʔΛϗϧμʔʹอଘ authorizationCodeHolder.addResourceOwner( authCode, resourceOwner); authorizationCodeHolder.addClient(authCode, client); // Ϩεϙϯεͷ࡞੒ OAuthResponse oAuthResponse = OAuthASResponse .authorizationResponse(httpServletRequest, 302) .setCode(authCode) // ೝՄίʔυ .setParam(“state”, state) // state .location(client.getRedirectUri()) // redirect_uri .buildQueryMessage(); // ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτʹϦμΠϨΫτ return Response.status(oAuthResponse.getResponseStatus()) .location(URI.create(oAuthResponse.getLocationUri())) .build(); } authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java

  60. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ 60

    ▸ ೝՄαʔόʔ͔Β8FCϒϥ΢β΁ͷϨεϙϯε ▸ ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτ΁ϦμΠ ϨΫτ 302 FOUND Location: https://localhost:8081/api/redirect? code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz ೝՄίʔυ

  61. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 61

    ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ᶃॳճΞΫηε ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ ᶅೝՄը໘ ᶆೝՄ ᶇೝՄίʔυൃߦʴϦμΠϨΫτ ᶈೝՄίʔυ ᶉΞΫηετʔΫϯ

  62. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    8FCϒϥ΢β͕ɺΫϥΠΞϯτͷϦμΠϨΫτ ΤϯυϙΠϯτʹϦΫΤετ 62 GET https://localhost:8081/api/redirect? code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz ೝՄίʔυ

  63. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτͷίʔυ 63 @GET @Controller public String redirect(@QueryParam("code") String authCode) { // τʔΫϯΤϯυϙΠϯτ΁ͷϦΫΤετͷੜ੒ OAuthClientRequest oAuthClientRequest = OAuthClientRequest .tokenLocation("https://localhost:8888/api/token") .setClientId("readwriteclient") .setClientSecret("password") .setRedirectURI("https://localhost:8081/api/redirect") .setCode(authCode) .setGrantType(GrantType.AUTHORIZATION_CODE) .buildBodyMessage(); // BASICೝূϔομʔΛ෇Ճ oAuthClientRequest.addHeader(HttpHeaders.AUTHORIZATION, Constants.AUTH_HEADER_VALUE); readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java

  64. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 64

    // τʔΫϯΤϯυϙΠϯτʹϦΫΤετͯ͠ɺΞΫηετʔΫϯΛऔಘ OAuthClient oAuthClient = new OAuthClient( new URLConnectionClient()); OAuthJSONAccessTokenResponse oAuthAccessTokenResponse = oAuthClient.accessToken(oAuthClientRequest); String accessToken = oAuthAccessTokenResponse.getAccessToken(); // ηογϣϯείʔϓͳϗϧμʔʹΞΫηετʔΫϯΛอଘ accessTokenHolder.setAccessToken(accessToken); // Ұཡը໘ʹϦμΠϨΫτ return "redirect:/todo/index"; } readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java

  65. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    τʔΫϯΤϯυϙΠϯτ΁ͷϦΫΤετ಺༰ ▸ ΫϥΠΞϯτˠೝՄαʔόʔ 65 POST /api/token Host: localhost:8888 Authorization: Basic cmVhZHdyaXRlY2xpZW50OnBhc3N3b3Jk Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&code=876c4b7339cd3a3bd416 a0772fdbf8af&redirect_uri=https%3A%2F%2Flocalhost%3A808 1%2Fapi%2Fredirect

  66. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    τʔΫϯΤϯυϙΠϯτͷίʔυ 66 @POST @Produces(MediaType.APPLICATION_JSON) public Response token( @Context HttpServletRequest httpServletRequest) { // τʔΫϯϦΫΤετʹඞཁͳύϥϝʔλΛνΣοΫ OAuthTokenRequest oauthRequest = new OAuthTokenRequest(httpServletRequest); …(தུ)… // ΞΫηετʔΫϯͱϦϑϨογϡτʔΫϯൃߦ OAuthIssuer oAuthIssuer = new OAuthIssuerImpl(new MD5Generator()); String accessToken = oAuthIssuer.accessToken(); String refreshToken = oAuthIssuer.refreshToken(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java

  67. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ 67

    // Ϩεϙϯε͢ΔJSONͷ࡞੒ OAuthResponse oAuthResponse = OAuthASResponse .tokenResponse(Response.Status.OK.getStatusCode()) .setAccessToken(accessToken) .setExpiresIn("3600") .setRefreshToken(refreshToken) .buildJSONMessage(); ɹ// ΫϥΠΞϯτʹ200 OKͰϨεϙϯε return Response.ok(oAuthResponse.getBody()) .build(); authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java

  68. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ ▸

    τʔΫϯΤϯυϙΠϯτ͔Βͷ+40/Ϩεϙϯε ▸ ೝՄαʔόʔˠΫϥΠΞϯτ 68 200 OK {"access_token":"ffb085abdadf4235c33aa0f042a4f5eb","ref resh_token":"b1669b4c5fdc984f9bd5252bc2f50f52","expires _in":3600} ΞΫηετʔΫϯ ̏̔෼ܦաʁ

  69. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>+BWB4DSJQUݚम࣮ࢪதʂ ▸

    "OHVMBS 5ZQF4DSJQU ▸ 3FBDU 3FEVY ▸ /PEFKT ▸ &$."4DSJQUجຊจ๏ 69 https://www.casareal.co.jp/ls/service/openseminar/html

  70. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 70

  71. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦΫΤετ ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ

    71 ೝՄαʔόʔ ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ

  72. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃϦΫΤετ ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ

    ▸ ΫϥΠΞϯτ͔ΒϦιʔεαʔόʔʹϦΫΤετ ▸ ΞΫηετʔΫϯΛ"VUIPSJ[BUJPOϔομʔʹ෇Ճ 72 GET /api/v1/todos Authorization : Bearer ffb085abdadf4235c33aa0f042a4f5eb ΞΫηετʔΫϯ

  73. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 73 ೝՄαʔόʔ

    ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ

  74. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ ▸

    ϦΫΤετΛड͚औͬͨϦιʔεαʔόʔ͸ɺ
 ϔομʔͰૹΒΕ͖ͯͨΞΫηετʔΫϯͷ
 ਖ਼౰ੑΛνΣοΫ͢Δ ▸ ຊ౰ʹೝՄαʔόʔ͕ൃߦͨ͠΋ͷʁ ▸ ຊ౰ʹ͜ͷΫϥΠΞϯτʹରͯ͠ൃߦ͞Εͨ΋ͷʁ 74

  75. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ ▸

    "QBDIF0MUVͰ͸ɺϦιʔεαʔόʔ༻ͷ
 αʔϒϨοτϑΟϧλʔ͕༻ҙ͞Ε͍ͯΔ 75 <filter> <filter-name>OAuthFilter</filter-name> <filter-class> org.apache.oltu.oauth2.rsfilter.OAuthFilter </filter-class> </filter> <filter-mapping> <filter-name>OAuthFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> resource-server/src/main/webapp/WEB-INF/web.xml

  76. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ ▸

    0"VUI'JMUFS͔Βɺ0"VUI341SPWJEFS࣮૷Ϋ ϥε͕ݺ͹ΕΔ ▸ XFCYNMʹԼهͷఆ͕ٛඞཁ 76 <context-param> <param-name>oauth.rs.provider-class</param-name> <param-value> com.example.resourceserver.oauth.MyOAuthRSProvider </param-value> </context-param> resource-server/src/main/webapp/WEB-INF/web.xml

  77. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ 77

    public class MyOAuthRSProvider implements OAuthRSProvider { @Override public OAuthDecision validateRequest(String rsId, String accessToken, HttpServletRequest httpServletRequest) { // ೝՄαʔόʔ΁HTTPΞΫηεͯ͠ΞΫηετʔΫϯͷਖ਼౰ੑνΣοΫ MultivaluedHashMap<String, String> formParams = …; formParams.putSingle("access_token", accessToken); Response response = ClientBuilder.newBuilder() .build() .target("https://localhost:8888/api/check_token") .request() .header("Content-Type", "application/x-www-form-urlencoded") .header("Authorization", Constants.AUTH_HEADER_VALUE) .post(Entity.form(formParams)); // ΞΫηετʔΫϯ͸ਖ਼౰ͳΒ͹200͕ฦͬͯ͘Δ if (response.getStatusInfo().equals(Response.Status.OK)) { // ໭Γ஋Λฦ͢ } resource-server/src/main/java/com/example/resourceserver/oauth/MyOAuthRSProvider.java

  78. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔ৘ใ΍είʔϓ 78

    ▸ ೝՄαʔόʔ͔ΒͷϨεϙϯε 200 OK Content-Type: application/json { “login_id” : “user1”, “client” : { “client_id” : “readwriteclient”, … “scope_types” : [“read”, “write”] } } είʔϓ৘ใ

  79. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 79 ೝՄαʔόʔ

    ΫϥΠΞϯτ Ϧιʔε
 Φʔφʔ Web
 ϒϥ΢β ੥ٻॻ࡞੒
 ࢿྉ༣ૹ Ϧιʔε
 αʔόʔ ᶃϦΫΤετ ᶅΞΫηε
 ɹτʔΫϯ
 ɹݕূ ᶆϢʔβʔ৘ใ΍είʔϓ ᶈϨεϙϯε ᶉϨεϙϯε ᶇείʔϓΛ
 ɹνΣοΫ ᶄϦιʔεʹΞΫηε
 with ΞΫηετʔΫϯ ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε

  80. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε ▸

    Ϧιʔεαʔόʔͷίϯτϩʔϥʔϝιουʹ !3PMFT"MMPXFEͰείʔϓΛࢦఆ 80 @Path("/todos") public class TodoController { @RolesAllowed("read") @GET @Produces("application/json") public Response findAll() { … } @RolesAllowed("write") @POST @Consumes("application/json") public Response add(Todo todo) { … } } resource-server/src/main/java/com/example/resourceserver/web/controller/TodoController.java ̐̌෼ܦաʁ

  81. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.>ଞʹ΋͍Ζ͍Ζ࣮ࢪதʂ ▸

    4XJGU ▸ "OESPJE ▸ 4DBMB ▸ 3VCZ 81 https://www.casareal.co.jp/ls/service/openseminar/html

  82. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 82

  83. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUI࢓༷ॻΑΓ ▸

    ຊࢿྉͰະ঺հͷࣄ߲ ▸ ೝՄίʔυϦμΠϨΫτ63*ͷૢ࡞ ▸ ϑΟογϯάΞλοΫ ▸ ΫϩεαΠτϦΫΤετϑΥʔδΣϦ
 ɾɾɾͳͲ ▸ ඞͣ࢓༷ॻΛνΣοΫ͠·͠ΐ͏ʂ ▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJP SGDKBIUNMBODIPS 83

  84. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ηΩϡϦςΟؔ࿈ͷ࢓༷ॻ ▸

    3'$0"VUI5ISFBU.PEFMBOE 4FDVSJUZ$POTJEFSBUJPOT ▸ IUUQXXXSGDFEJUPSPSHJOGPSGD ▸ 3'$0"VUI5PLFO3FWPDBUJPO ▸ IUUQPQFOJEGPVOEBUJPOKBQBOHJUIVCJP SGDKBIUNM 84

  85. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <$.> Ր

    1BZBSB.FFUVQ ▸ 1BZBSB։ൃνʔϜͷॳདྷ೔ه೦Πϕϯτʂ ▸ ৭ʑͱؾʹͳΔ͜ͱΛฉ͍ͪΌ͍·͠ΐ͏ʂ ▸ ͓ਃࠐΈ͸ͪ͜Β ▸ IUUQTHMBTTpTIEPPSLFFQFSKQFWFOUT 85

  86. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ᶃ 0"VUIͱ͸ʁ

    ᶄ 0"VUIͷొ৔ਓ෺ ᶅ 0"VUIͷೝՄͷྲྀΕ ᶆ αϯϓϧΞϓϦͷߏ੒ ᶇ ৄࡉͱ࣮૷ɿΞΫηετʔΫϯऔಘ·Ͱ ᶈ ৄࡉͱ࣮૷ɿϦιʔεΞΫηε·Ͱ ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲ ᶊ ·ͱΊ 86

  87. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 0"VUIཧղͷϙΠϯτ ▸

    ༻ޠΛਖ਼֬ʹཧղ͠Α͏ʂ ▸ ୭͕୭ʹϦΫΤετ͍ͯ͠Δͷ͔ΛɺਤͰཧղ͠Α ͏ʂ ▸ ࢓༷Ͱܾ·͍ͬͯΔ෦෼ɾܾ·͍ͬͯͳ͍෦෼Λ͖ͬ ͪΓ෼͚Α͏ʂ ▸ ຊࢿྉͰղઆͨ͜͠ͱ͕શͯͰ͸ͳ͍ͷͰɺ࢓༷ॻ ΛඞͣνΣοΫ͠Α͏ʂ 87

  88. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUV͸࢖͑Δ͔ʁ ▸

    ͋͘·Ͱʮֶश༻ʯͱ͍͏ͷ͕ݸਓతͳײ૝ ▸ ػೳ͕࠷௿ݶͰੜ࢈ੑ͸͋·Γྑ͘ͳ͍ ▸ υΩϡϝϯτ͕গͳ͍ʴக໋తͳؒҧ͍ ▸ ͦͷଞͷηΩϡϦςΟࣄ߲͸͢΂ͯࣗݾ੹೚ ▸ جຊతʹ͸4QSJOH4FDVSJUZ0"VUI΍QBDKͳ ͲΛ࢖ͬͨ΄͏͕ྑ͍͔΋ 88

  89. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 "QBDIF0MUVͷৄࡉ ▸

    ΧαϨΞϧ0SHBOJ[BUJPOͷ2JJUBʹॻ͖·͢
 ʢۙ೔ެ։ʂʣ ▸ ೝՄαʔόʔͷ࣮૷ ▸ Ϧιʔεαʔόʔͷ࣮૷ ▸ ΫϥΠΞϯτͷ࣮૷ 89

  90. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 ͞Βʹֶश͢ΔͨΊʹ ▸

    0"VUI࢓༷ॻ೔ຊޠ൛ ▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPSGDKBIUNM ▸ 0"VUIΛ͸͡ΊΑ͏ ▸ IUUQTXXXPSFJMMZDPKQCPPLT ▸ 0"VUIશϑϩʔͷਤղͱಈը ▸ IUUQRJJUBDPN5BLBIJLP,BXBTBLJJUFNTFCGBG ▸ ࠓߋฉ͚ͳ͍0"VUI ▸ IUUQTXXXTMJEFTIBSFOFUQIQITBPBVUI 90

  91. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 <ืू>τϨʔφʔΛ΍ͬͯΈ͍ͨํʂ ▸

    ޷͖ͳٕज़Λͱ͜ͱΜ௥ͬͯ
 ੈͷதʹ޿ΊΒΕΔʂ ▸ ߨࢣະܦݧ0,ʂ ▸ ϗϫΠτاۀʂ ▸ !TVLF@NBTBʢଟాʣ·Ͱ
 ͓ؾܰʹ5XJUUFS%.͍ͩ͘͞ʂ 91

  92. (C) CASAREAL, Inc. All rights reserved. #jjug_ccc #ccc_e5 &OKPZ+BWB0"VUI ▸

    ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ 92