Tweet
Tweet

Slide 1

Slide 1 text

࣍ੈ୅ೝূϓϥοτϑΥʔϜ “Auth0” Λ࢖ͬͯΈͨ ໦ςΫʮ࠷ۙͷWebٕज़ʹ͍ͭͯϫΠϫΠޠΔձʯ 2018/09/27ʢ໦ʣ Takahiro Tsuchiya / @corocn

Slide 2

Slide 2 text

Agenda • ࣗݾ঺հ • ֎෦ೝূج൫ͷ࿩ • αʔϏεͷൺֱ • ೝূج൫αʔϏε “Auth0” ͷ঺հ

Slide 3

Slide 3 text

ࣗݾ঺հ • @corocn / Takahiro Tsuchiya / ౔԰و༟ • Misoca Inc. • Auth0 Ambassador

Slide 4

Slide 4 text

ຊΛॻ͖·ͨ͠ ٕज़ॻయ4Ͱ൦෍ AmazonͰൢചத ·ͨվగ͍ͨ͠ʂ

Slide 5

Slide 5 text

ࠓ೔ͷ͓࿩

Slide 6

Slide 6 text

΢ΣϒΞϓϦέʔγϣϯͱ
 ֎෦ೝূج൫ͷ࿩

Slide 7

Slide 7 text

WebαʔϏεΛ࡞ΔͳΒೝূ ͷ࢓૊Έ͸ඞਢʹͳΔ

Slide 8

Slide 8 text

Ͱ΋ຊ౰ʹϢʔβʔʹఏڙ͠ ͍ͨ΋ͷ͸ೝূ͡Όͳ͍

Slide 9

Slide 9 text

΋ͬͱαʔϏεͷຊ࣭తͳͱ ͜Ζʹ࣌ؒΛ࢖͍͍ͨ

Slide 10

Slide 10 text

Ͱ΋ೝূͬͯ೉͘͠ͳ͍ʁ ๻͸શવΘ͔Γ·ͤΜ ਓྨʹೝূ͸೉͍͠

Slide 11

Slide 11 text

Ͳ͏΍ͬͯػೳ࣮૷͢Δʁ

Slide 12

Slide 12 text

ࣗ෼ͰҰ͔Β࣮૷͢Δ • ΍Βͳ͍΄͏͕͍͍ • ηΩϡϦςΟϗʔϧΛ࡞Δࣗ৴͕͋Δ • ंྠͷ࠶ൃ໌ • ηΩϡϦςΟͷ࣮૷ϊ΢ϋ΢͸֎ʹग़ͯ͜ͳ ͍ͷͰ೉͍͠

Slide 13

Slide 13 text

Frameworkඪ४ͷϥΠϒϥϦΛ࢖͏ • ͋Δఔ౓Ϩʔϧʹ৐ΕΔ • ࠷௿ݶͷػೳ͔͠ͳ͍ • ڽͬͨॲཧͰ్୺ʹഁ୼͕ͪ͠ • RailsͷDevise? Sorcery? ΈΜͳਏ͍ਏ͍ͱ ݴͬͯ࢖͍ͬͯΔΑ͏ͳɾɾɾ

Slide 14

Slide 14 text

https://qiita.com/cigalecigales/items/73d7bd7ec59a001ccd74

Slide 15

Slide 15 text

৽͍͠࢓༷ʹ௥ैͰ͖·͔͢ʁ • ύεϫʔυೝূ • SSO, Social Login, ύεϫʔυϨε • MFAʢଟཁૉೝূʣ • FIDO 1.0 ʢU2F, UAFʣ • FIDO 2.0ʢU2F + UAFʣ, WebAuthn API ͙ͦ͢͜·Ͱ ഭ͍ͬͯΔ

Slide 16

Slide 16 text

ͦ͏ͩ
 ֎෦ͷೝূج൫
 ࢖͓͏

Slide 17

Slide 17 text

஫ҙ͍ͨ͜͠ͱ

Slide 18

Slide 18 text

• ֎෦αʔϏεΛ࢖͑͹ηΩϡϦςΟϦεΫ͕ ফ͑ΔΘ͚Ͱ͸ͳ͍ • ࿈ܞ෦෼͸։ൃऀͰ࣮૷͢Δ • ͪΌΜͱཧղ͔ͯ͠Β࢖Θͳ͍ͱ౰વࣄނ • Ͱ΋ͪΌΜͱ࢖͑͹େ෯ʹ࣮૷࣌ؒ΍อकί ετΛ௿ݮͰ͖Δ

Slide 19

Slide 19 text

͍Ζ͍Ζࢼͨ͠

Slide 20

Slide 20 text

ࢼͯ͠ΈͨೝূαʔϏε • Amazon Cognito • Firebase Authentication • Netlify Identity • Auth0 ← ࠷ऴతʹ͜Εʹམͪண͘

Slide 21

Slide 21 text

Amazon Cognito • AWSͷਂ͍஌͕ࣝཁٻ͞ΕΔ • UserPool, ID PoolͳͲ֓೦͕೉͍͠ • ֶशίετ͕ߴ͍ • αʔϏε͕AWS΂ͬͨΓͳΒݕ౼ͯ͠΋͍͍ ͚Ͳɺݕ౼͢Δͷʹ͕͔͔࣌ؒΓͦ͏

Slide 22

Slide 22 text

Firebase Authentication • ແྉʢҰ෦ΦϖϨʔγϣϯʹ੍ݶ༗Γʣ • γϯϓϧɻμογϡϘʔυ͸͔ͳΓ؆ૉɻ • αʔϏεܧଓੑ͸໰୊ͳ͠ • GCP΍ଞFirebaseαʔϏεΛ࢖͏લఏͳΒ˕ • ࡉ੍͔͍໿͕ॻ͚ͳ͍ͷ͕ਏ͍ • υΩϡϝϯτಡΈͮΒ͍

Slide 23

Slide 23 text

Netlify Identity • ࣮૷͸ָͩͬͨ • ػೳ͕଍Γͯͳͯ͘ɺϩʔΧϧͰͷσόοά ͕ࠔ೉ͩͬͨͷͰΪϒΞοϓ • ݱࡏ͸վળ͍ͯ͠Δ͔΋͠Εͳ͍

Slide 24

Slide 24 text

Auth0 • ֶशίετͷ௿͞ɺ֦ுੑͷߴ͕͞࠷ߴ • ࠷ऴతʹ͜Εʹམͪண͘

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

Auth0ͬͯʁ • Ϋϥ΢υೝূϕϯμʔ • IDaaSʢIdentity as a Serviceʣ • ຊࣾ͸ Bellevue, Washington • ϑϧϦϞʔτϫʔΫΛ࠾༻ • Company OffsiteʢΧϯΫϯͱ͔ύφϚͱ͔ʣ

Slide 27

Slide 27 text

IDaaS • اۀ಺ID͕ࢥ͍ු͔Ϳ͔΋ʢOkta, OneLoginͱ͔ʣ • Auth0ͷ৔߹͸C޲͚Ͱ΋࢖͍΍͍͢ҹ৅ •

Slide 28

Slide 28 text

ͱΓ͋͑ͣ৮ͬͯࢼͤΔ • جຊແྉͰ࢖͑Δʢ22೔ؒ͸Enterprise൛͕ࢼͤΔʣ • 7000Ϣʔβʔɺແ੍ݶϩάΠϯ • ύεϫʔυϨεରԠ • ૊ΈࠐΈϑΥʔϜʢLockʣ← ͋ͱͰ • ιʔγϟϧϩάΠϯʢ2ݸ·Ͱʣ • ແ੍ݶͷϧʔϧఆٛ ← ͋ͱͰ

Slide 29

Slide 29 text

๛෋ͳνϡʔτϦΞϧ

Slide 30

Slide 30 text

https://auth0.com/docs

Slide 31

Slide 31 text

Mobile

Slide 32

Slide 32 text

SPA

Slide 33

Slide 33 text

Web App 1

Slide 34

Slide 34 text

Web App 2

Slide 35

Slide 35 text

Backend API

Slide 36

Slide 36 text

• νϡʔτϦΞϧ͕Ұ௨Γἧ͍ͬͯΔ • JWT Handbook౳ ೝূܥͷϒϩά౳ • ͸΍͘೔ຊޠ൛Ͱͳ͍͔ͳʙʁʢνϥο • jwt.io ͸ powered by Auth0 • ϒϥ΢βͰ࢖͑ΔJWTͷσόοάπʔϧ

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text

Lock

Slide 39

Slide 39 text

No content

Slide 40

Slide 40 text

Lock • Auth0͕ఏڙ͢Δ૊ࠐΈϩάΠϯϑΥʔϜ • ֤छϓϥοτϑΥʔϜରԠ • ଟݴޠରԠ • ಺෦Ͱ Auth0 SDKʢauth0.jsͳͲʣΛ࢖͍ͬͯΔ • ࡉ੍͔͍ޚ͕ඞཁͳ৔߹͸ͪ͜ΒΛ • νϡʔτϦΞϧ͸ auth0.jsΛ࢖࣮ͬͨ૷

Slide 41

Slide 41 text

• Social LoginͳͲɺઃఆ͸Lockʹଈ࣌൓ө • Auth0͕อ༗͢ΔdevΩʔ͕ॳظͰઃఆ͞Εͯ ͍ΔͷͰɺͱΓ͋͑ͣࢼͤΔʢخ͍͠ʣ • ਖ਼ࣜʹ࢖͏৔߹͸औಘͯ͠ઃఆ͢Δ͜ͱ

Slide 42

Slide 42 text

Webtask

Slide 43

Slide 43 text

Webtask • AWS LambdaϥΠΫͳαʔόϨε؀ڥΛࣗલ Ͱอ༗͍ͯ͠Δ • JavaScriptɺC#Ͱهड़Մ • Node v8ͳͷͰasync await΋ • WebtaskʹΑͬͯߴ͍֦ுੑΛ࣮ݱ͍ͯ͠Δ

Slide 44

Slide 44 text

Rule

Slide 45

Slide 45 text

Rule • ೝূػೳͷ֦ு͸RuleͰઃఆ • ྫ1ʣυϝΠϯΛ੍ݶ͍ͨ͠ • ྫ2ʣ໊دͤΛ࣮ݱ͍ͨ͠ • ࣮ߦج൫͸Webtask • ϢʔεέʔεผʹେྔͷςϯϓϨʔτ͕ఏڙ͞Ε ͍ͯΔͷͰɺগ͠मਖ਼͢Δ͚ͩͰ͍͍ͩͨಈ͘

Slide 46

Slide 46 text

Rule: Template

Slide 47

Slide 47 text

Rule: Whitelist

Slide 48

Slide 48 text

ͦͷଞ • ϢʔβʔμογϡϘʔυ͕ඪ४૷උ • Auth0 GuardianʢMFAʣ • FIDO2ͷରԠ͸ʁ → AddonͰՄೳ

Slide 49

Slide 49 text

·ͱΊ • αʔϏε։ൃ͸αʔϏεͷຊ࣭ʹ஫ྗ͢΂͖ • ࣮૷ίετ࡟ݮͷͨΊʹɺ֎෦ͷೝূج൫Λ ࢖͏ͷ͸͋Γ • Auth0͸ଟػೳͰ֦ுੑ͕ߴ͍ͷͰɺબ୒ࢶͱ ͯ͠༗๬ • ϦεΫΛͪΌΜͱཧղ͔ͯ͠Β࢖͏΂͠

Slide 50

Slide 50 text

͋Γ͕ͱ͏͍͟͝·ͨ͠