Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
Search
megos
April 20, 2019
Technology
0
2.2k
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
megos
April 20, 2019
Tweet
Share
More Decks by megos
See All by megos
個人開発を続けるということ / Continuing Personal Development
megos
0
240
わたしの開発環境の歴史 / My environment history
megos
0
330
CUIが嫌ならGUIからGitを使えばいいじゃない / kagomoku #17
megos
0
400
Join! かごえん / Join Kagoeng
megos
0
82
GitLab Features
megos
1
350
GitLab Hacks
megos
1
370
Gitlab meets minutes
megos
2
290
2018年まとめ / Summary of 2018
megos
0
310
Dockerで作るLaTeX執筆環境 / Writing LaTeX with Docker
megos
0
1.7k
Other Decks in Technology
See All in Technology
CLIPでマルチモーダル画像検索 →とても良い
wm3
1
640
進化する大規模言語モデル評価: Swallowプロジェクトにおける実践と知見
chokkan
PRO
1
220
仕様駆動開発を実現する上流工程におけるAIエージェント活用
sergicalsix
8
4.5k
AWS re:Invent 2025事前勉強会資料 / AWS re:Invent 2025 pre study meetup
kinunori
0
830
プロファイルとAIエージェントによる効率的なデバッグ / Effective debugging with profiler and AI assistant
ymotongpoo
1
560
個人でデジタル庁の デザインシステムをVue.jsで 作っている話
nishiharatsubasa
3
5.2k
What's new in OpenShift 4.20
redhatlivestreaming
0
390
アノテーション作業書作成のGood Practice
cierpa0905
PRO
0
310
DSPy入門
tomehirata
6
660
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
14
82k
AWSが好きすぎて、41歳でエンジニアになり、AAIを経由してAWSパートナー企業に入った話
yama3133
2
200
AI時代の発信活動 ~技術者として認知してもらうための発信法~ / 20251028 Masaki Okuda
shift_evolve
PRO
1
120
Featured
See All Featured
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.7k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.2k
Navigating Team Friction
lara
190
15k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3k
A Modern Web Designer's Workflow
chriscoyier
697
190k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.6k
How to Ace a Technical Interview
jacobian
280
24k
The Pragmatic Product Professional
lauravandoore
36
7k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
Embracing the Ebb and Flow
colly
88
4.9k
jQuery: Nuts, Bolts and Bling
dougneiner
65
7.9k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
130k
Transcript
ࣾͰ͔͠Θͳ͍ ۈଵཧγεςϜʹ OAuth2Λಋೖͯ͠Έͨ megos @ ͔͘͝ #19 γϯάϧαΠϯΦϯ! 2019/04/20
megos Full stuck engineer (not stack) • ͔͑͝ΜཱͯͨͻͱʢJoin Us!!ʣ •
Twitterɿ@tmegos • ϙʔτϑΥϦΦɿmegos.netlify.com
എܠͱత • ExcelͰۈଵཧ͞Ε͍ͯͨ • ໘ʢݸਓʣ • ϓϩδΣΫτͷ࡞ۀ͕࣌ؒΘ͔Γʹ͍͘ʢPMʣ • ࣾһʹͱͬͯศརͳWebۈଵγεςϜΛ࡞Δ •
WebԽ → ೝূ → OAuth2 എܠ త
ͳͥOAuth2? • ଞαʔϏεͱͷ࿈ܞͱ͍͏ߏ • άϧʔϓΣΞɺཧɺ༗څٳՋཧ… • ษڧͷͨΊ • OAuth2ΫϥΠΞϯτΑ͘࡞Δ͚Ͳ… OAuth2αʔόࣗͰ࡞Δ͜ͱͳ͍ΑͶ
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios ࠓճ͜͜ͷ OAuth2ͷ෦͚ͩ հ
https://github.com/megos/ spring-security-oauth2- kotlin આ໌ιʔεͷίϝϯτͰ
# ਖ਼͍͠ΞΫηεใ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"access_token":"[your_access_token]","token_type":"bearer","expires _in":43199,"scope":"read"} curlͰOAuthΛୟ͘
# ΫϥΠΞϯτใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret2 \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"error":"invalid_client","error_description":"Bad client credentials"} curlͰOAuthΛୟ͘
# ϢʔβใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password2 \ http://localhost:8080/oauth/token {"error":"invalid_grant","error_description":"Bad credentials"} curlͰOAuthΛୟ͘
# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello
Hello! # ΞΫηετʔΫϯͳ͠ $ curl http://localhost:8080 {"error":"unauthorized","error_description":"Full authentication is required to access this resource"} # ແޮͳΞΫηετʔΫϯ $ curl -H "Authorization: Bearer bad_access_token" localhost:8080/ hello {"error":"invalid_token","error_description":"Invalid access token: bad_access_token"} ϦιʔεΛऔಘͯ͠ΈΔ
·ͱΊͱࠓޙͷ՝ • Spring SecurityͰOAuth2αʔόΛ࡞ͬͨ • roleͷదͳઃఆ • read/write • user/subreader/reader/admin…
• scopeͷదͳઃఆ ·ͱΊ ࠓޙͷ՝
megos
wm3
chokkan
sergicalsix
kinunori
ymotongpoo
nishiharatsubasa
redhatlivestreaming
cierpa0905
tomehirata
oracle4engineer
yama3133
shift_evolve
garrettdimon
rmw
lara
tammyeverts
chriscoyier
marktimemedia
jacobian
lauravandoore
keavy
colly
dougneiner
pedronauck
![# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello](https://files.speakerdeck.com/presentations/34db4e3b8fb94947b5ca36f7f66aed6b/slide_10.jpg){kind=link}
