Slide 1

Slide 1 text

1

Slide 2

Slide 2 text

• • • • 2

Slide 3

Slide 3 text

3

Slide 4

Slide 4 text

4

Slide 5

Slide 5 text

• • • • • 5

Slide 6

Slide 6 text

6

Slide 7

Slide 7 text

eyJ .eyJ . 7

Slide 8

Slide 8 text

[Encoded Header] [Encoded Payload] [Encoded Signature] 8

Slide 9

Slide 9 text

{"alg":"HS256","typ":"JWT"} 9

Slide 10

Slide 10 text

{"name":"ritou","title":"About JSON Web Token","date":"2014-12-13"} 10

Slide 11

Slide 11 text

“Encoded Header + ‘.’ + Encoded Payload” eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicml0b 3UiLCJ0aXRsZSI6IkFib3V0IEpTT04gV2ViIFRva2VuIiwiZGF0ZSI6I jIwMTQtMTItMTMifQ 11

Slide 12

Slide 12 text

12

Slide 13

Slide 13 text

13

Slide 14

Slide 14 text

14

Slide 15

Slide 15 text

• JWS(JSON Web Signature) : 署名つき • • JWA(JSON Web Algorithm) : 署名生成/暗号化の アルゴリズム • JWK(JSON Web Key) : 鍵まわり 15

Slide 16

Slide 16 text

16

Slide 17

Slide 17 text

• • • • • • 17

Slide 18

Slide 18 text

18

Slide 19

Slide 19 text

19

Slide 20

Slide 20 text

20

Slide 21

Slide 21 text

• 21

Slide 22

Slide 22 text

iss [ID Tokenの発行元] sub [ユーザーID] aud [ID Tokenの発行先] 22

Slide 23

Slide 23 text

• • • 23

Slide 24

Slide 24 text

24

Slide 25

Slide 25 text

25

Slide 26

Slide 26 text

26

Slide 27

Slide 27 text

• • • • 27

Slide 28

Slide 28 text

$options->{id} はセッションID(ランダムな文字列) $options->{id} $options->{id} 28

Slide 29

Slide 29 text

my $cookie = crush_cookie($env->{HTTP_COOKIE} || '')->{$self- >{cookie_name}}; my $session = $self->{store}->get($cookie) or return; $session = $self->{serializer}->[1]->($session) if $self->{serializer}; 29

Slide 30

Slide 30 text

• • Session IDを含むJWS • • JWS検証後 30

Slide 31

Slide 31 text

::JWSCookie $options->{id} はセッションID(ランダムな文字列) my $jws = encode_jwt({ id => $options->{id} }, $self->secret, $self->alg); $jws $jws 31

Slide 32

Slide 32 text

::JWSCookie my $cookie = crush_cookie($env->{HTTP_COOKIE} || '')->{$self->{cookie_name}}; # JWSの検証 $payload = decode_jwt($cookie, $self->secret, 0); 32

Slide 33

Slide 33 text

::JWSCookie my $id = $payload->{id}; my $session = $self->{store}->get($id) or return; 33

Slide 34

Slide 34 text

• • • • 34

Slide 35

Slide 35 text

35

Slide 36

Slide 36 text

http://d.hatena.ne.jp/ritou/20140927/1411811648 36

Slide 37

Slide 37 text

• • • 37

Slide 38

Slide 38 text

38

Slide 39

Slide 39 text

• • • • • 39

Slide 40

Slide 40 text

40

Slide 41

Slide 41 text

• • • • • 41

Slide 42

Slide 42 text

42

Slide 43

Slide 43 text

• • • 43

Slide 44

Slide 44 text

44

Slide 45

Slide 45 text

• • • 45

Slide 46

Slide 46 text

• • • 46

Slide 47

Slide 47 text

47