Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
Search
megos
April 20, 2019
Technology
2.2k
0
Share
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
megos
April 20, 2019
More Decks by megos
See All by megos
個人開発を続けるということ / Continuing Personal Development
megos
0
270
わたしの開発環境の歴史 / My environment history
megos
0
340
CUIが嫌ならGUIからGitを使えばいいじゃない / kagomoku #17
megos
0
410
Join! かごえん / Join Kagoeng
megos
0
89
GitLab Features
megos
1
350
GitLab Hacks
megos
1
380
Gitlab meets minutes
megos
2
300
2018年まとめ / Summary of 2018
megos
0
310
Dockerで作るLaTeX執筆環境 / Writing LaTeX with Docker
megos
0
1.8k
Other Decks in Technology
See All in Technology
Digitization部 紹介資料
sansan33
PRO
1
7.3k
AIでAIをテストする - 音声AIエージェントの品質保証戦略
morix1500
1
120
AI時代における技術的負債への取り組み
codenote
1
1.5k
ハーネスエンジニアリングをやりすぎた話 ~そのハーネスは解体された~
gotalab555
4
1.7k
Bill One 開発エンジニア 紹介資料
sansan33
PRO
6
18k
LLM時代の検索アーキテクチャと技術的意思決定
shibuiwilliam
3
1.2k
基盤を育てる 外部SaaS連携の運用
gamonges_dresscode
1
120
Pure Intonation on Browser: Building a Sequencer with Ruby
nagachika
0
120
Claude Code を安全に使おう勉強会 / Claude Code Security Basics
masahirokawahara
11
33k
コードや知識を組み込む / Incorporate Code and Knowledge
ks91
PRO
0
150
明日からドヤれる!超マニアックなAWSセキュリティTips10連発 / 10 Ultra-Niche AWS Security Tips
yuj1osm
0
590
AIが書いたコードを信じられない問題 〜レビュー負荷を下げるために変えたこと〜 / The AI Code Trust Gap: Reducing the Review Burden
bitkey
PRO
7
1.3k
Featured
See All Featured
The Curse of the Amulet
leimatthew05
1
11k
KATA
mclloyd
PRO
35
15k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
akihiro_kokubo
PRO
69
39k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
270
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.1k
Amusing Abliteration
ianozsvald
1
150
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.9k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
130
First, design no harm
axbom
PRO
2
1.2k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
310
Why Our Code Smells
bkeepers
PRO
340
58k
Imperfection Machines: The Place of Print at Facebook
scottboms
270
14k
Transcript
ࣾͰ͔͠Θͳ͍ ۈଵཧγεςϜʹ OAuth2Λಋೖͯ͠Έͨ megos @ ͔͘͝ #19 γϯάϧαΠϯΦϯ! 2019/04/20
megos Full stuck engineer (not stack) • ͔͑͝ΜཱͯͨͻͱʢJoin Us!!ʣ •
Twitterɿ@tmegos • ϙʔτϑΥϦΦɿmegos.netlify.com
എܠͱత • ExcelͰۈଵཧ͞Ε͍ͯͨ • ໘ʢݸਓʣ • ϓϩδΣΫτͷ࡞ۀ͕࣌ؒΘ͔Γʹ͍͘ʢPMʣ • ࣾһʹͱͬͯศརͳWebۈଵγεςϜΛ࡞Δ •
WebԽ → ೝূ → OAuth2 എܠ త
ͳͥOAuth2? • ଞαʔϏεͱͷ࿈ܞͱ͍͏ߏ • άϧʔϓΣΞɺཧɺ༗څٳՋཧ… • ษڧͷͨΊ • OAuth2ΫϥΠΞϯτΑ͘࡞Δ͚Ͳ… OAuth2αʔόࣗͰ࡞Δ͜ͱͳ͍ΑͶ
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios ࠓճ͜͜ͷ OAuth2ͷ෦͚ͩ հ
https://github.com/megos/ spring-security-oauth2- kotlin આ໌ιʔεͷίϝϯτͰ
# ਖ਼͍͠ΞΫηεใ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"access_token":"[your_access_token]","token_type":"bearer","expires _in":43199,"scope":"read"} curlͰOAuthΛୟ͘
# ΫϥΠΞϯτใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret2 \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"error":"invalid_client","error_description":"Bad client credentials"} curlͰOAuthΛୟ͘
# ϢʔβใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password2 \ http://localhost:8080/oauth/token {"error":"invalid_grant","error_description":"Bad credentials"} curlͰOAuthΛୟ͘
# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello
Hello! # ΞΫηετʔΫϯͳ͠ $ curl http://localhost:8080 {"error":"unauthorized","error_description":"Full authentication is required to access this resource"} # ແޮͳΞΫηετʔΫϯ $ curl -H "Authorization: Bearer bad_access_token" localhost:8080/ hello {"error":"invalid_token","error_description":"Invalid access token: bad_access_token"} ϦιʔεΛऔಘͯ͠ΈΔ
·ͱΊͱࠓޙͷ՝ • Spring SecurityͰOAuth2αʔόΛ࡞ͬͨ • roleͷదͳઃఆ • read/write • user/subreader/reader/admin…
• scopeͷదͳઃఆ ·ͱΊ ࠓޙͷ՝
megos
sansan33
morix1500
codenote
gotalab555
shibuiwilliam
gamonges_dresscode
nagachika
masahirokawahara
ks91
yuj1osm
bitkey
leimatthew05
mclloyd
akihiro_kokubo
tammyeverts
inesmontani
ianozsvald
reverentgeek
tmiket
axbom
greggifford
bkeepers
scottboms
![# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello](https://files.speakerdeck.com/presentations/34db4e3b8fb94947b5ca36f7f66aed6b/slide_10.jpg){kind=link}
