Upgrade to Pro — share decks privately, control downloads, hide ads and more …

社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19

Avatar for megos megos
April 20, 2019
Technology
0
2.1k

社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19

Avatar for megos

megos

April 20, 2019
Tweet

More Decks by megos

See All by megos
個人開発を続けるということ / Continuing Personal Development
Avatar for megos megos
0
240
わたしの開発環境の歴史 / My environment history
Avatar for megos megos
0
330
CUIが嫌ならGUIからGitを使えばいいじゃない / kagomoku #17
Avatar for megos megos
0
400
Join! かごえん / Join Kagoeng
Avatar for megos megos
0
82
GitLab Features
Avatar for megos megos
1
350
GitLab Hacks
Avatar for megos megos
1
370
Gitlab meets minutes
Avatar for megos megos
2
290
2018年まとめ / Summary of 2018
Avatar for megos megos
0
310
Dockerで作るLaTeX執筆環境 / Writing LaTeX with Docker
Avatar for megos megos
0
1.7k

Other Decks in Technology

See All in Technology
CDK CLIで使ってたあの機能、CDK Toolkit Libraryではどうやるの?
Avatar for Makky12 smt7174
4
190
2つのフロントエンドと状態管理
Avatar for MIXI ENGINEERS mixi_engineers
PRO
3
110
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
8.8k
AWSを利用する上で知っておきたい名前解決のはなし(10分版)
Avatar for nagisa_53 nagisa53
10
3.2k
AIエージェントで90秒の広告動画を制作!台本・音声・映像・編集をつなぐAWS最新アーキテクチャの実践
Avatar for Kiminori Yokoi nasuvitz
3
300
エンジニアリングマネージャーの成長の道筋とキャリア / Developers Summit 2025 KANSAI
Avatar for KASUYA, Daisuke daiksy
2
440
自作JSエンジンに推しプロポーザルを実装したい!
Avatar for Saji sajikix
1
190
まずはマネコンでちゃちゃっと作ってから、それをCDKにしてみよか。
Avatar for ヤマダ(北野) yamada_r
2
120
Firestore → Spanner 移行 を成功させた段階的移行プロセス
Avatar for a-thug athug
1
490
データ分析エージェント Socrates の育て方
Avatar for na0 na0
5
480
AIのグローバルトレンド2025 #scrummikawa / global ai trend
Avatar for kyonmm kyonmm
PRO
1
300
下手な強制、ダメ!絶対! 「ガードレール」を「檻」にさせない"ガバナンス"の取り方とは?
Avatar for Masataka Tsukamoto tsukaman
2
450

Featured

See All Featured
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
70
4.8k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
55
6.5k
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
31
6.1k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
580
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
30
9.7k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
Avatar for Addy Osmani addyosmani
7
850
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
507
140k
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
462
33k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
790
250k
Making Projects Easy
Avatar for Brett Harned brettharned
117
6.4k
Rebuilding a faster, lazier Slack
Avatar for samanthasiow samanthasiow
83
9.2k

Transcript

  1. ࣾ಺Ͱ͔͠࢖Θͳ͍ ۈଵ؅ཧγεςϜʹ OAuth2Λಋೖͯ͠Έͨ megos @ ͔͝΋͘ #19 γϯάϧαΠϯΦϯ! 2019/04/20

  2. megos Full stuck engineer (not stack) • ͔͑͝ΜཱͯͨͻͱʢJoin Us!!ʣ •

    Twitterɿ@tmegos • ϙʔτϑΥϦΦɿmegos.netlify.com

  3. എܠͱ໨త • ExcelͰۈଵ؅ཧ͞Ε͍ͯͨ • ໘౗ʢݸਓʣ • ϓϩδΣΫτͷ࡞ۀ͕࣌ؒΘ͔Γʹ͍͘ʢPMʣ • ࣾһʹͱͬͯศརͳWebۈଵγεςϜΛ࡞Δ •

    WebԽ → ೝূ → OAuth2 എܠ ໨త

  4. ͳͥOAuth2? • ଞαʔϏεͱͷ࿈ܞͱ͍͏ߏ૝ • άϧʔϓ΢ΣΞɺ޻਺؅ཧɺ༗څٳՋ؅ཧ… • ษڧͷͨΊ • OAuth2ΫϥΠΞϯτ͸Α͘࡞Δ͚Ͳ… OAuth2αʔό͸ࣗ෼Ͱ࡞Δ͜ͱͳ͍ΑͶ

  5. ࢖ͬͨ΋ͷ • όοΫΤϯυ • Spring Boot • Spring Security •

    Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios

  6. ࢖ͬͨ΋ͷ • όοΫΤϯυ • Spring Boot • Spring Security •

    Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios ࠓճ͸͜͜ͷ OAuth2ͷ෦෼͚ͩ ঺հ

  7. https://github.com/megos/ spring-security-oauth2- kotlin આ໌͸ιʔεͷίϝϯτͰ

  8. # ਖ਼͍͠ΞΫηε৘ใ $ curl -X POST \ -d client_id=client_id \

    -d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"access_token":"[your_access_token]","token_type":"bearer","expires _in":43199,"scope":"read"} curlͰOAuthΛୟ͘

  9. # ΫϥΠΞϯτ৘ใͷޡΓ $ curl -X POST \ -d client_id=client_id \

    -d client_secret=client_secret2 \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"error":"invalid_client","error_description":"Bad client credentials"} curlͰOAuthΛୟ͘

  10. # Ϣʔβ৘ใͷޡΓ $ curl -X POST \ -d client_id=client_id \

    -d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password2 \ http://localhost:8080/oauth/token {"error":"invalid_grant","error_description":"Bad credentials"} curlͰOAuthΛୟ͘

  11. # ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello

    Hello! # ΞΫηετʔΫϯͳ͠ $ curl http://localhost:8080 {"error":"unauthorized","error_description":"Full authentication is required to access this resource"} # ແޮͳΞΫηετʔΫϯ $ curl -H "Authorization: Bearer bad_access_token" localhost:8080/ hello {"error":"invalid_token","error_description":"Invalid access token: bad_access_token"} ϦιʔεΛऔಘͯ͠ΈΔ

  12. ·ͱΊͱࠓޙͷ՝୊ • Spring SecurityͰOAuth2αʔόΛ࡞ͬͨ • roleͷద੾ͳઃఆ • read/write • user/subreader/reader/admin…

    • scopeͷద੾ͳઃఆ ·ͱΊ ࠓޙͷ՝୊