Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
megos
April 20, 2019
Technology
0
2.2k
社内でしか使わない勤怠管理システムにOAuth2を導入してみた / Kagomoku #19
megos
April 20, 2019
Tweet
Share
More Decks by megos
See All by megos
個人開発を続けるということ / Continuing Personal Development
megos
0
260
わたしの開発環境の歴史 / My environment history
megos
0
340
CUIが嫌ならGUIからGitを使えばいいじゃない / kagomoku #17
megos
0
410
Join! かごえん / Join Kagoeng
megos
0
88
GitLab Features
megos
1
350
GitLab Hacks
megos
1
380
Gitlab meets minutes
megos
2
300
2018年まとめ / Summary of 2018
megos
0
310
Dockerで作るLaTeX執筆環境 / Writing LaTeX with Docker
megos
0
1.8k
Other Decks in Technology
See All in Technology
情シスのための生成AI実践ガイド2026 / Generative AI Practical Guide for Business Technology 2026
glidenote
0
230
楽しく学ぼう!コミュニティ入門 AWSと人が つむいできたストーリー
hiroramos4
PRO
1
190
20260311 ビジネスSWG活動報告(デジタルアイデンティティ人材育成推進WG Ph2 活動報告会)
oidfj
0
300
[JAWS DAYS 2026]私の AWS DevOps Agent 推しポイント
furuton
0
150
Claude Codeの進化と各機能の活かし方
oikon48
22
12k
堅牢.py#2 LT資料
t3tra
0
140
AWSの資格って役に立つの?
tk3fftk
1
330
2026-03-11 JAWS-UG 茨城 #12 改めてALBを便利に使う
masasuzu
2
380
実践 Datadog MCP Server
nulabinc
PRO
2
180
タスク管理も1on1も、もう「管理」じゃない ― KiroとBedrock AgentCoreで変わった"判断の仕事"
yusukeshimizu
5
2.6k
会社紹介資料 / Sansan Company Profile
sansan33
PRO
16
410k
脳内メモリ、思ったより揮発性だった
koutorino
0
340
Featured
See All Featured
Crafting Experiences
bethany
1
86
Building AI with AI
inesmontani
PRO
1
790
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
110
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
Are puppies a ranking factor?
jonoalderson
1
3.1k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
270
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
Mobile First: as difficult as doing things right
swwweet
225
10k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
How to Ace a Technical Interview
jacobian
281
24k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
380
Transcript
ࣾͰ͔͠Θͳ͍ ۈଵཧγεςϜʹ OAuth2Λಋೖͯ͠Έͨ megos @ ͔͘͝ #19 γϯάϧαΠϯΦϯ! 2019/04/20
megos Full stuck engineer (not stack) • ͔͑͝ΜཱͯͨͻͱʢJoin Us!!ʣ •
Twitterɿ@tmegos • ϙʔτϑΥϦΦɿmegos.netlify.com
എܠͱత • ExcelͰۈଵཧ͞Ε͍ͯͨ • ໘ʢݸਓʣ • ϓϩδΣΫτͷ࡞ۀ͕࣌ؒΘ͔Γʹ͍͘ʢPMʣ • ࣾһʹͱͬͯศརͳWebۈଵγεςϜΛ࡞Δ •
WebԽ → ೝূ → OAuth2 എܠ త
ͳͥOAuth2? • ଞαʔϏεͱͷ࿈ܞͱ͍͏ߏ • άϧʔϓΣΞɺཧɺ༗څٳՋཧ… • ษڧͷͨΊ • OAuth2ΫϥΠΞϯτΑ͘࡞Δ͚Ͳ… OAuth2αʔόࣗͰ࡞Δ͜ͱͳ͍ΑͶ
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios
ͬͨͷ • όοΫΤϯυ • Spring Boot • Spring Security •
Kotlin • DB • PostgreSQL • ϑϩϯτΤϯυ • Vue.js • Vuetify • axios ࠓճ͜͜ͷ OAuth2ͷ෦͚ͩ հ
https://github.com/megos/ spring-security-oauth2- kotlin આ໌ιʔεͷίϝϯτͰ
# ਖ਼͍͠ΞΫηεใ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"access_token":"[your_access_token]","token_type":"bearer","expires _in":43199,"scope":"read"} curlͰOAuthΛୟ͘
# ΫϥΠΞϯτใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret2 \ -d grant_type=password \ -d username=user \ -d password=password \ http://localhost:8080/oauth/token {"error":"invalid_client","error_description":"Bad client credentials"} curlͰOAuthΛୟ͘
# ϢʔβใͷޡΓ $ curl -X POST \ -d client_id=client_id \
-d client_secret=client_secret \ -d grant_type=password \ -d username=user \ -d password=password2 \ http://localhost:8080/oauth/token {"error":"invalid_grant","error_description":"Bad credentials"} curlͰOAuthΛୟ͘
# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello
Hello! # ΞΫηετʔΫϯͳ͠ $ curl http://localhost:8080 {"error":"unauthorized","error_description":"Full authentication is required to access this resource"} # ແޮͳΞΫηετʔΫϯ $ curl -H "Authorization: Bearer bad_access_token" localhost:8080/ hello {"error":"invalid_token","error_description":"Invalid access token: bad_access_token"} ϦιʔεΛऔಘͯ͠ΈΔ
·ͱΊͱࠓޙͷ՝ • Spring SecurityͰOAuth2αʔόΛ࡞ͬͨ • roleͷదͳઃఆ • read/write • user/subreader/reader/admin…
• scopeͷదͳઃఆ ·ͱΊ ࠓޙͷ՝
SiteGround - Reliable hosting with speed, security, and support you can count on.
megos
glidenote
hiroramos4
.png){kind=avatar}
oidfj
furuton
oikon48
t3tra
tk3fftk
masasuzu
nulabinc
yusukeshimizu
sansan33
koutorino
bethany
inesmontani
marcelosomers
kimpetersen
lemiorhan
jonoalderson
chrisshort
swwweet
chriscoyier
jacobian
konakalab
![# ਖ਼͍͠ΞΫηετʔΫϯ $ curl -H "Authorization: Bearer [your_access_token]" localhost: 8080/hello](https://files.speakerdeck.com/presentations/34db4e3b8fb94947b5ca36f7f66aed6b/slide_10.jpg){kind=link}
