Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
Search
megos
April 20, 2019
Technology
2.2k
0
Share
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
megos
April 20, 2019
More Decks by megos
See All by megos
個人開発を続けるということ / Continuing Personal Development
megos
0
270
わたしの開発環境の歴史 / My environment history
megos
0
340
CUIが嫌ならGUIからGitを使えばいいじゃない / kagomoku #17
megos
0
410
Join! かごえん / Join Kagoeng
megos
0
89
GitLab Features
megos
1
350
GitLab Hacks
megos
1
380
Gitlab meets minutes
megos
2
300
2018年まとめ / Summary of 2018
megos
0
310
Dockerで作るLaTeX執筆環境 / Writing LaTeX with Docker
megos
0
1.8k
Other Decks in Technology
See All in Technology
Microsoft Fabricで考える非構造データのAI活用
ryomaru0825
0
650
主催・運営として"場をつくる” というアウトプットのススメ
_mossann_t
0
100
すごいぞManaged Kubernetes
harukasakihara
1
310
プロダクトを育てるように生成AIによる開発プロセスを育てよう
kakehashi
PRO
1
560
FlutterでPiP再生を実装した話
s9a17
0
250
Cursor Subagentsはいいぞ
yug1224
2
140
出版記念イベントin大阪「書籍紹介&私がよく使うMCPサーバー3選と社内で安全に活用する方法」
kintotechdev
0
150
AIドリブン開発の実践知 ― AI-DLC Unicorn Gym実施から見えた可能性と課題
mixi_engineers
PRO
0
110
OCI技術資料 : ロード・バランサ 概要 - FLB・NLB共通
ocise
4
27k
ブラックボックス化したMLシステムのVertex AI移行 / mlops_community_62
visional_engineering_and_design
1
280
Goビルドを理解し、 CI/CDの高速化に挑む
satoshin
0
120
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
77k
Featured
See All Featured
GitHub's CSS Performance
jonrohan
1032
470k
Building Adaptive Systems
keathley
44
3k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
650
Are puppies a ranking factor?
jonoalderson
1
3.2k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
260
Ethics towards AI in product and experience design
skipperchong
2
250
The Art of Programming - Codeland 2020
erikaheidi
57
14k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
WENDY [Excerpt]
tessaabrams
9
37k
The Spectacular Lies of Maps
axbom
PRO
1
680
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
10k
Transcript
ࣾͰ͔͠Θͳ͍ ۈଵཧγεςϜʹ OAuth2Λಋೖͯ͠Έͨ megos @ ͔͘͝ #19 γϯάϧαΠϯΦϯ! 2019/04/20
megos Full stuck engineer (not stack) • ͔͑͝ΜཱͯͨͻͱʢJoin Us!!ʣ •
Twitterɿ@tmegos • ϙʔτϑΥϦΦɿmegos.netlify.com
എܠͱత • ExcelͰۈଵཧ͞Ε͍ͯͨ • ໘ʢݸਓʣ • ϓϩδΣΫτͷ࡞ۀ͕࣌ؒΘ͔Γʹ͍͘ʢPMʣ • ࣾһʹͱͬͯศརͳWebۈଵγεςϜΛ࡞Δ •
WebԽ → ೝূ → OAuth2 എܠ త
ͳͥOAuth2? • ଞαʔϏεͱͷ࿈ܞͱ͍͏ߏ • άϧʔϓΣΞɺཧɺ༗څٳՋཧ… • ษڧͷͨΊ • OAuth2ΫϥΠΞϯτΑ͘࡞Δ͚Ͳ… OAuth2αʔόࣗͰ࡞Δ͜ͱͳ͍ΑͶ
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios ࠓճ͜͜ͷ OAuth2ͷ෦͚ͩ հ
https://github.com/megos/ spring-security-oauth2- kotlin આ໌ιʔεͷίϝϯτͰ
# ਖ਼͍͠ΞΫηεใ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"access_token":"[your_access_token]","token_type":"bearer","expires _in":43199,"scope":"read"} curlͰOAuthΛୟ͘
# ΫϥΠΞϯτใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret2 \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"error":"invalid_client","error_description":"Bad client credentials"} curlͰOAuthΛୟ͘
# ϢʔβใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password2 \ http://localhost:8080/oauth/token {"error":"invalid_grant","error_description":"Bad credentials"} curlͰOAuthΛୟ͘
# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello
Hello! # ΞΫηετʔΫϯͳ͠ $ curl http://localhost:8080 {"error":"unauthorized","error_description":"Full authentication is required to access this resource"} # ແޮͳΞΫηετʔΫϯ $ curl -H "Authorization: Bearer bad_access_token" localhost:8080/ hello {"error":"invalid_token","error_description":"Invalid access token: bad_access_token"} ϦιʔεΛऔಘͯ͠ΈΔ
·ͱΊͱࠓޙͷ՝ • Spring SecurityͰOAuth2αʔόΛ࡞ͬͨ • roleͷదͳઃఆ • read/write • user/subreader/reader/admin…
• scopeͷదͳઃఆ ·ͱΊ ࠓޙͷ՝
megos
ryomaru0825
_mossann_t
harukasakihara
kakehashi
s9a17
yug1224
kintotechdev
mixi_engineers
ocise
visional_engineering_and_design
satoshin
cybozuinsideout
jonrohan
keathley
tomoyanonymous
jonoalderson
panda_program
reverentgeek
skipperchong
erikaheidi
lemiorhan
tessaabrams
axbom
eileencodes
![# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello](https://files.speakerdeck.com/presentations/34db4e3b8fb94947b5ca36f7f66aed6b/slide_10.jpg){kind=link}
