Slide 1
Slide 1 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
+BWBͰֶ࣮ͯ͠Ϳ
0"VUIʂ
ג
ΧαϨΞϧଟాਅහ
++6($$$4QSJOH
Slide 2
Slide 2 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
͜ͷηογϣϯʹ͍ͭͯ
▸ ೝՄϓϩτίϧʮ0"VUIʯʹ͍ͭͯɺ
جૅ͔Βৄ͘͠ղઆ͠·͢
▸ +BWBͰೝՄαʔόʔɾϦιʔεαʔόʔɾ
ΫϥΠΞϯτΛ࣮ͨ͠ྫղઆ͠·͢
2
Slide 3
Slide 3 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ࣗݾհ
▸ ଟాਅහʢ!TVLF@NBTBʣ
▸ ݚमτϨʔφʔ!ΧαϨΞϧ
▸ ઐɿ+BWB&&4QSJOH
▸ 1JWPUBMೝఆߨࢣ
▸ (MBTT'JTIϢʔβʔձӡӦϝϯόʔ
▸ ++6($$$ɿճ࿈ଓճͷొஃ
3
Slide 4
Slide 4 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
גࣜձࣾΧαϨΞϧ
▸ *5ڭҭˍγεςϜ։ൃ
▸ IUUQTXXXDBTBSFBMDPKQMTTFSWJDF
PQFOTFNJOBSUPQJOEFYIUNM
▸ ଞࣾʹແ͍ϓϩάϥϛϯάݚम͕ڧΈʂ
▸ +BWB&&ɺ4QSJOHɺ1JWPUBMೝఆίʔεɺ"QQMFೝఆίʔ
εɺ+BWB4DSJQUɺJ04ɺ"OESPJEɺɾɾɾ
4
Slide 5
Slide 5 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
5
Slide 6
Slide 6 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
6
Slide 7
Slide 7 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUIͱʁ 3'$ΑΓ
▸ ೝՄͷྲྀΕΛنఆͨ͠ϓϩτίϧ
▸ ʮαʔυύʔςΟʔΞϓϦέʔγϣϯʹΑΔ)551
αʔϏεͷݶఆతͳΞΫηεΛՄೳʹ͢ΔೝՄϑϨʔ
ϜϫʔΫͰ͋Δʯ
▸ 0"VUIͱશ͘ͷผ
▸ ʮ0"VUIϓϩτίϧΛഇࢭ͠ɺͦͷସͱͳΔ
ͷʯ
7
Slide 8
Slide 8 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ೝূͱೝՄ
▸ ೝূ "VUIFOUJDBUJPO"VUI/
"VUI$
▸ ຊਓ֬ೝɻ͍ΘΏΔϩάΠϯɻ
▸ ೝՄ "VUIPSJ[BUJPO"VUI;
▸ ຊਓ֬ೝޙʹɺͦͷਓʹͦͷॲཧͷ࣮ߦݖݶ͕͋Δ͔
Ͳ͏͔ͷ֬ೝɻ
8
Slide 9
Slide 9 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ΞΫηετʔΫϯͱ
▸ ΫϥΠΞϯτ͕ϦιʔεαʔόʔʹΞΫηε͢Δ
ࡍͷʮ௨ߦखܗʯͷΑ͏ͳͷ
▸ ೝՄαʔόʔ͔Βൃߦ͞ΕΔ
9
GET /api/todos HTTP 1.1
Host: resource-server.com
Authorization:Bearer yd2Dcweij334SSx
ΞΫηετʔΫϯ
Slide 10
Slide 10 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
είʔϓͱ
▸ ΫϥΠΞϯτ͕ΞΫηεՄೳͳൣғ
10
Slide 11
Slide 11 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
11
Slide 12
Slide 12 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUIͷొਓ
ᶃ ϦιʔεΦʔφʔ 3FTPVSDF0XOFS
ᶄ Ϧιʔεαʔόʔ 3FTPVSDF4FSWFS
ᶅ ΫϥΠΞϯτ $MJFOU
ᶆ ೝՄαʔόʔ "VUIPSJ[BUJPO4FSWFS
12
υΩϡϝϯτϥΠϒϥϦͰසग़
→ ਖ਼֬ʹ֮͑Δ͜ͱ͕ॏཁʂ
Slide 13
Slide 13 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃϦιʔεΦʔφʔ
▸ อޢ͞ΕͨϦιʔεͷΞΫηεΛڐՄ͢Δਓؒ
▸ ػցͷ߹͋Δ
▸ 5XJUUFSͳΒʮਓਓͷϢʔβʔʯ
13
Slide 14
Slide 14 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶄϦιʔεαʔόʔ
▸ อޢ͞ΕͨϦιʔεΛϗετ͢Δαʔόʔ
▸ ϦιʔεʹΞΫηε͢ΔʹΞΫηετʔΫϯ͕ඞཁ
▸ 5XJUUFSͳΒʮͭͿ͖αʔόʔʯ
14
Slide 15
Slide 15 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶅΫϥΠΞϯτ
▸ ϦιʔεΦʔφʔͷೝՄΛಘͯɺͦͷཧͱͯ͠อ
ޢ͞ΕͨϦιʔεʹΞΫηε͢ΔΞϓϦέʔγϣϯ
▸ αʔόʔαΠυ8FCΞϓϦɺΫϥΠΞϯταΠυ8FCΞ
ϓϦɺωΠςΟϒΞϓϦͳͲଟछଟ༷
▸ 5XJUUFSͳΒʮUXJUUFSDPNʯʮ5XFFU%FDLʯʮJ04
"OESPJE༻ΫϥΠΞϯτʯʮ%PPSLFFQFSʯͳͲ
15
Slide 16
Slide 16 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶆೝՄαʔόʔ
▸ ϦιʔεΦʔφʔͷೝূͱೝՄऔಘͷޭޙɺ
ΞΫηετʔΫϯΛΫϥΠΞϯτʹൃߦ͢Δαʔ
όʔ
▸ 5XJUUFSͳΒʮϢʔβʔใαʔόʔʯ
16
Slide 17
Slide 17 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
5XJUUFSͰొਓ·ͱΊ
17
twitter.com
ࠓCCC!
ָ͠Έͩͳʔ
Ϧιʔε
Φʔφʔ
ΫϥΠΞϯτ
Ϧιʔεαʔόʔ
ೝՄαʔόʔ
ೝՄ
ΞΫηε
τʔΫϯ
༩
ΞΫηε
τʔΫϯ
ͭͿ͖
̔ܦաʁ
Slide 18
Slide 18 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<$.>+BWBݚम࣮ࢪதʂ
▸ +BWB&&+4'ɺ+1"ɺ$%*ʹΑΔεϚʔτ։ൃ
▸ +BWB&&+"934
▸ 4QSJOH͡Ίͯͷ4QSJOH.7$
▸ &⒎FDUJWF+BWBͷཧղͱ'JOE#VHTͷ׆༻
▸ ͱ͜ͱΜ͏ʂ+6OJUϑΝϛϦʔ
18
https://www.casareal.co.jp/ls/service/openseminar/java
Slide 19
Slide 19 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
19
Slide 20
Slide 20 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ΫϥΠΞϯτͷछྨʹΑΔͭͷάϥϯτλΠϓ
ᶃ ೝՄίʔυάϥϯτ
▸ ओʹαʔόʔαΠυ8FCΞϓϦ
ᶄ ΠϯϓϦγοτάϥϯτ
▸ ओʹΫϥΠΞϯταΠυ8FCΞϓϦ
ᶅ ϦιʔεΦʔφʔύεϫʔυΫϨσϯγϟϧάϥϯτ
▸ ओʹϦιʔεαʔόʔެࣜͷωΠςΟϒΞϓϦ
ᶆ ΫϥΠΞϯτΫϨσϯγϟϧάϥϯτ
▸ ΫϥΠΞϯτࣗͷใʹΞΫηε͢Δ߹ͳͲ
20
←ࠓճίϨ
Slide 21
Slide 21 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ೝՄίʔυάϥϯτͷಛ
▸ ೝՄαʔόʔɺ·ͣΞΫηετʔΫϯͷҾ݊
ೝՄίʔυ
ΛΫϥΠΞϯτʹൃߦ͢Δ
▸ ϦμΠϨΫτͱΫΤϦύϥϝʔλΛར༻ͯ͠ɺ8FCϒϥβ
Λܦ༝ͯ͢͠
▸ ΫϥΠΞϯτɺೝՄίʔυΛೝՄαʔόʔʹఏࣔ͠ɺ
ΞΫηετʔΫϯΛड͚औΔ
▸ 8FCϒϥβʹΞΫηετʔΫϯΛ͞ͳ͍Α͏ʹ͢Δ
ͨΊʢ͠8FCϒϥβ͕ѱ͍ਓʹͬऔΒΕͯͨΒΞτͳͷͰʣ
21
Slide 22
Slide 22 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ॏཁͳͭͷΤϯυϙΠϯτ
ᶃ ೝՄΤϯυϙΠϯτ ೝՄαʔόʔ
▸ ೝՄը໘ΛϨεϙϯε͢Δ63-
ᶄ τʔΫϯΤϯυϙΠϯτ ೝՄαʔόʔ
▸ ΞΫηετʔΫϯΛൃߦ͢Δ63-
ᶅ ϦμΠϨΫτΤϯυϙΠϯτ ΫϥΠΞϯτ
▸ ೝՄίʔυൃߦޙͷϦμΠϨΫτઌͷ63-
22
Slide 23
Slide 23 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ೝՄίʔυʹΑΔΞΫηετʔΫϯऔಘ
23
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ※
※Webϒϥβɺ༷ॻͰʮϢʔβʔΤʔδΣϯτʯͱهࡌ͞Ε͍ͯ·͢
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
Slide 24
Slide 24 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ΞΫηετʔΫϯΛར༻ͨ͠ϦιʔεΞΫηε
24
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ٻॻ࡞
ࢿྉ༣ૹ
Ϧιʔε
αʔόʔ
ᶃϦΫΤετ
ᶅΞΫηε
ɹτʔΫϯ
ɹݕূ
ᶆϢʔβʔใείʔϓ
ᶈϨεϙϯε
ᶉϨεϙϯε
ᶇείʔϓΛ
ɹνΣοΫ
ᶄϦιʔεʹΞΫηε
with ΞΫηετʔΫϯ
Slide 25
Slide 25 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUI༷Ͱະఆٛͷ෦ᶃ
25
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
Ͳ͏ೝՄ͢Δ͔ܾ·ͬͯͳ͍
ˠ։ൃऀ͕࡞ΓࠐΉඞཁ͕͋Δ
Slide 26
Slide 26 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUI༷Ͱະఆٛͷ෦ᶄ
26
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ٻॻ࡞
ࢿྉ༣ૹ
Ϧιʔε
αʔόʔ
ᶃϦΫΤετ
ᶅΞΫηε
ɹτʔΫϯ
ɹݕূ
ᶆϢʔβʔใείʔϓ
ᶈϨεϙϯε
ᶉϨεϙϯε
ᶇείʔϓΛ
ɹνΣοΫ
ᶄϦιʔεʹΞΫηε
with ΞΫηετʔΫϯ
ΞΫηετʔΫϯΛ
ૹΔ෦Ҏ֎
΄ͱΜͲະఆٛ
Slide 27
Slide 27 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ΞΫηετʔΫϯείʔϓͷνΣοΫํ๏
"
Ϧιʔεαʔόʔ͔ΒೝՄ
αʔόʔʹ͍߹ΘͤΔ
#
ڞ༗σʔλϕʔεͳͲΛར
༻͢Δ
$
ϦιʔεαʔόʔͱೝՄαʔ
όʔΛಉҰαʔόʔʹ͢Δ
27
←ࠓճίϨ
※είʔϓΞΫηετʔΫϯ
ʹؚΊΔํ๏͋ΔʢJWTʣ
Slide 28
Slide 28 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUIͱʮೝূʯ
▸ 0"VUIʮೝՄʯ
▸ ͔͠͠ʮೝূʯ͕ඞཁͳՕॴ͍͔ͭ͋͘Δ
28
Slide 29
Slide 29 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ೝূ͕ඞཁͳՕॴᶃ
29
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
ೝՄͨ͠ͷຊʹϦιʔεΦʔφʔʁ
ˠϦιʔεΦʔφʔͷIDɾύεϫʔυͰೝূ
Slide 30
Slide 30 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ೝূ͕ඞཁͳՕॴᶄ
30
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
ೝՄίʔυΛૹ͖ͬͯͨͷຊʹΫϥΠΞϯτʁ
ˠclient_idɾclient_secretͰBASICೝূ
※client_idͱclient_secretɺೝՄαʔόʔʹࣄલʹൃߦͯ͠Β͏
Slide 31
Slide 31 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ೝূ͕ඞཁͳՕॴᶅ
31
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ٻॻ࡞
ࢿྉ༣ૹ
Ϧιʔε
αʔόʔ
ᶃϦΫΤετ
ᶅΞΫηε
ɹτʔΫϯ
ɹݕূ
ᶆϢʔβʔใείʔϓ
ᶈϨεϙϯε
ᶉϨεϙϯε
ᶇείʔϓΛ
ɹνΣοΫ
ᶄϦιʔεʹΞΫηε
with ΞΫηετʔΫϯ
ΞΫηετʔΫϯΛૹ͖ͬͯͨͷ
ຊʹϦιʔεαʔόʔʁ
ˠϦιʔεαʔόʔͷIDɾύεϫʔυ
ͰBASICೝূ
Slide 32
Slide 32 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ΞΫηετʔΫϯͷೝূʁ
▸ ΞΫηετʔΫϯൃߦޙͷϦιʔεΦʔφʔຊਓ
֬ೝ͠ͳ͍
▸ ΞΫηετʔΫϯʹ༗ޮظݶΛ͚ͭΔɺ
ΞΫηετʔΫϯͷ࠶ൃߦ SFGSFTIτʔΫϯ
ɺ
ΞΫηετʔΫϯͷണୣ SFWPLF
ɺ
ͳͲͷߟྀඞਢ
▸ ࣌ؒͷ߹্ɺࠓճ༰ʹؚΊ·ͤΜ
32
Slide 33
Slide 33 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUIͱ҉߸Խ
▸ ҉߸Խඞਢ
▸ ೝՄίʔυɺΞΫηετʔΫϯɺೝূใͳͲɺ
ػີใ͕ωοτϫʔΫ্ʹඈͼަ͏ͨΊ
▸ ͯ͢ͷ௨৴Λ)5514Ͱߦͬͨํ͕Α͍
33
̍̔ܦաʁ
Slide 34
Slide 34 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<$.>1JWPUBMೝఆݚम࣮ࢪதʂ
▸ $PSF4QSJOH
▸ ᶃ݄ʙɺᶄ݄ʙ
▸ ϋΠϨϕϧͳʮ4QSJOHͷجૅʯ
▸ %*ɺ"01ɺςετɺ%#ɺτϥϯβΫγϣϯɺ
8FCɺ3&45ɺ4FDVSJUZɺ4QSJOH#PPUɺ
.JDSPTFSWJDFTʜ
34
https://www.casareal.co.jp/ls/service/openseminar/pivotal
Slide 35
Slide 35 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
35
Slide 36
Slide 36 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ࠓճͷαϯϓϧΞϓϦ
▸ 50%0ཧΞϓϦ
▸ ೝՄαʔόʔ
▸ Ϧιʔεαʔόʔ
▸ ಡΈॻ͖ΫϥΠΞϯτ
▸ ಡΉ͚ͩΫϥΠΞϯτ
36
ٻॻ࡞
ࢿྉ༣ૹ
JSON
HTML
ΞΫηε
τʔΫϯ
ݕূ
ίʔυ -> https://github.com/MasatoshiTada/oltu-todo
Slide 37
Slide 37 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
%&.0
37
Slide 38
Slide 38 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
"QBDIF0MUV
▸ 0"VUIͷ+BWBʹΑΔࢀর࣮తͳଘࡏ
▸ IUUQTPMUVBQBDIFPSH
▸ 0"VUI༷Ͱܾ·͍ͬͯΔ෦ͷΈ࣮͞
Ε͍ͯΔ
▸ ࣗͰ࡞ΓࠐΉ෦͕ଟʑ͋Δ
▸ 0QFO*%$POOFDUɺ+85ͳͲͷػೳ͋Δ
38
Slide 39
Slide 39 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0MUVͷػೳ
▸ ڞ௨
▸ ϦΫΤετϨεϙϯεΛΈཱͯΔ
▸ ඞཁͳύϥϝʔλؚ͕·Ε͍ͯΔ͔νΣοΫ͢Δ
▸ ೝՄαʔόʔ
▸ ೝՄίʔυΞΫηετʔΫϯΛੜ͢Δʢ.%PS
66*%ʣ
▸ ΞΫηετʔΫϯΛؚΉ+40/Λੜ͢Δ
39
Slide 40
Slide 40 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0MUVͷػೳ ଓ͖
▸ Ϧιʔεαʔόʔ
▸ ΞΫηετʔΫϯΛݕূ͢ΔαʔϒϨοτϑΟϧλʔ
▸ ΫϥΠΞϯτ
▸ ΞΫηετʔΫϯΛೝՄαʔόʔ͔Βऔಘ͢Δ
40
Slide 41
Slide 41 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ͦͷଞͷ0"VUIରԠϥΠϒϥϦ
▸ 4QSJOH4FDVSJUZ0"VUI
▸ ߴػೳ͕ͩެࣜυΩϡϝϯτ͕গͳ͍
▸ IUUQTQSPKFDUTTQSJOHJPTQSJOHTFDVSJUZPBVUIEPDT
PBVUIIUNM
▸ 5FSBTPMVOB։ൃΨΠυϥΠϯ͕ৄ͍͠ʢઅ0"VUIʣ
▸ 4QSJOH4FDVSJUZʹ0"VUIػೳ͕ՃΘΔ༧ఆ
▸ IUUQTHJUIVCDPNTQSJOHQSPKFDUTTQSJOHTFDVSJUZUSFF
NBTUFSPBVUI
41
Slide 42
Slide 42 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖
▸ QBDK
▸ IUUQXXXQBDKPSH
▸ ༷ʑͳϑϨʔϜϫʔΫͱͷ࿈ܞϥΠϒϥϦ͕͋Δ
▸ 4QSJOH.7$ɺ+"934ɺ1MBZɺ4QBSLɺɾɾɾ
▸ 4QSJOHҎ֎ͳΒ͔ͬͪ͜ʁʢະௐࠪʣ
42
Slide 43
Slide 43 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ͦͷଞͷ0"VUIରԠϥΠϒϥϦ ଓ͖
▸ +BWB&&4FDVSJUZ"1*
▸ +BWB&&͔Βͷ৽ػೳ
▸ 0"VUI&&͔Βͷ༧ఆ
▸ ࢀর࣮4PUFSJB
▸ IUUQTHJUIVCDPNKBWBFFTFDVSJUZTQFDTPUFSJB
43
Slide 44
Slide 44 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0MUVҎ֎ͷ༻ٕज़
▸ ͋͑ͯͷ+BWB&&
▸ +"934 +FSTFZ
▸ .7$ 0[BSL
▸ 1BZBSB.JDSP1SPpMF
࣮ߦՄೳ+"3
▸ 5IZNFMFBG
44
̎̑ܦաʁ
Slide 45
Slide 45 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<$.>1JWPUBMೝఆݚम࣮ࢪதʂ
▸ 4QSJOH#PPU%FWFMPQFS
▸ ॳճɿ݄ʙ
▸ 4QSJOH#PPUͷجૅ͔ΒԠ༻·Ͱ
▸ 1JWPUBMͱڞ࠵ͰମݧηϛφʔΓ·͢ʂ
45
https://www.casareal.co.jp/ls/service/openseminar/pivotal
Slide 46
Slide 46 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
46
Slide 47
Slide 47 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃॳճΞΫηε
47
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
Slide 48
Slide 48 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃॳճΞΫηε
▸ ΫϥΠΞϯτ͕·ͩΞΫηετʔΫϯΛ࣋ͬͯ
͍ͳ͍
ˠೝՄαʔόʔͷೝՄΤϯυϙΠϯτϦμΠϨ
Ϋτ͢Δ
▸ ೝՄΤϯυϙΠϯτͷΞΫηεʹඞཁͳΫΤϦύϥ
ϝʔλՃ͢Δ
48
Slide 49
Slide 49 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃॳճΞΫηε
49
ύϥϝʔλ໊ ҙຯ
response_type ඞͣ”code”(ೝՄίʔυൃߦΛද͢)
redirect_uri ϦμΠϨΫτΤϯυϙΠϯτͷURL
state CSRFτʔΫϯ
client_id ΫϥΠΞϯτΛࣝผ͢ΔID
▸ ඞཁͳΫΤϦύϥϝʔλҰཡ
Slide 50
Slide 50 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃॳճΞΫηε
▸ ೝՄΤϯυϙΠϯτϦμΠϨΫτ͢Δίʔυ
50
// ϦμΠϨΫτઌͷURLΛΈཱͯΔ
OAuthClientRequest oAuthRequest = OAuthClientRequest
.authorizationLocation(“https://localhost:8888/api/authorize”)
.setResponseType(“code”)
.setClientId(“readwriteclient”)
.setRedirectURI(“https://localhost:8081/api/redirect”)
.setState("xyz")
.buildQueryMessage();
// ೝՄΤϯυϙΠϯτϦμΠϨΫτ
return Response.status(Response.Status.FOUND)
.location(URI.create(oAuthRequest.getLocationUri()))
.build();
readwrite-client/src/main/java/com/example/readwriteclient/web/exception/mapper/AccessTokenRequiredExceptionMapper.java
ೝՄΤϯυϙΠϯτURL
response_type
client_id
redirect_uri
state※
※stateͷ”xyz”ԾͷͰ͢ɻຊདྷϥϯμϜͳจࣈྻʹ͠·͢ɻ
Slide 51
Slide 51 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃॳճΞΫηε
▸ ΫϥΠΞϯτ͔Β8FCϒϥβͷϨεϙϯε
▸ ೝՄαʔόʔͷೝՄΤϯυϙΠϯτϦμΠϨΫτ
51
302 FOUND
Location: https://localhost:8888/api/authorize?
response_type=code&redirect_uri=https%3A%2F%2Flo
calhost%3A8081%2Fapi%2Fredirect&state=xyz&client
_id=readwriteclient
Slide 52
Slide 52 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘
52
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
Slide 53
Slide 53 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘
▸ 8FCϒϥβ͕ɺઌ΄ͲͷϦμΠϨΫτͰࢦఆ
͞Εͨ63-ʹϦΫΤετ
53
GET https://localhost:8888/api/authorize?
response_type=code&redirect_uri=https%3A%2F%2Flo
calhost%3A8081%2Fapi%2Fredirect&state=xyz&client
_id=readwriteclient
Slide 54
Slide 54 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘
▸ ೝՄΤϯυϙΠϯτͷίʔυ
54
@GET @Controller
public String goToApprovalView(@Context HttpServletRequest req)
throws OAuthProblemException, OAuthSystemException {
// ϦΫΤετͷੜʢඞཁͳύϥϝʔλͷνΣοΫߦ͏ʣ
OAuthAuthzRequest oAuthRequest = new OAuthAuthzRequest(req);
…(தུ)…
// ೝՄը໘ϑΥϫʔυ
models.put("client", client);
models.put("state", oAuthRequest.getState());
return "approval.html";
}
authorization-server/src/main/java/com/example/authorizationserver/web/controller/AuthorizationController.java
Slide 55
Slide 55 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτʙᶅೝՄը໘
▸ ೝՄը໘͕Ϩεϙϯε͞ΕΔ
55
Slide 56
Slide 56 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ
56
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
Slide 57
Slide 57 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ
▸ ೝՄը໘ʹϦιʔεΦʔφʔͷ*%ɾύεϫʔυ
Λೖྗͯ͠ೝՄ͢Δ
57
Slide 58
Slide 58 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ
▸ ೖྗ͞Εͨ*%ͳͲΛड͚औΔίϯτϩʔϥʔ
58
@POST
public Response approve(@FormParam("loginId") String loginId,
@FormParam("password") String password,
@FormParam("client_id") String clientId,
@Context HttpServletRequest httpServletRequest) {
// ϦιʔεΦʔφʔͷೝূ
ResourceOwner resourceOwner =
resourceOwnerService.findByLoginId(loginId);
if (!resourceOwner.getPassword().equals(password)) {
throw new NotAuthorizedException(…);
}
// ೝՄίʔυͷൃߦ
OAuthIssuer oAuthIssuer =
new OAuthIssuerImpl(new MD5Generator());
String authCode = oAuthIssuer.authorizationCode();
authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java
Slide 59
Slide 59 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ
59
// ΫϥΠΞϯτͷऔಘ
Client client = clientService.getClient(clientId);
// ೝՄίʔυͱϦιʔεΦʔφʔΛϗϧμʔʹอଘ
authorizationCodeHolder.addResourceOwner(
authCode, resourceOwner);
authorizationCodeHolder.addClient(authCode, client);
// Ϩεϙϯεͷ࡞
OAuthResponse oAuthResponse = OAuthASResponse
.authorizationResponse(httpServletRequest, 302)
.setCode(authCode) // ೝՄίʔυ
.setParam(“state”, state) // state
.location(client.getRedirectUri()) // redirect_uri
.buildQueryMessage();
// ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτʹϦμΠϨΫτ
return Response.status(oAuthResponse.getResponseStatus())
.location(URI.create(oAuthResponse.getLocationUri()))
.build();
}
authorization-server/src/main/java/com/example/authorizationserver/web/controller/ApprovalController.java
Slide 60
Slide 60 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶆೝՄʙᶇೝՄίʔυൃߦʴϦμΠϨΫτ
60
▸ ೝՄαʔόʔ͔Β8FCϒϥβͷϨεϙϯε
▸ ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτϦμΠ
ϨΫτ
302 FOUND
Location: https://localhost:8081/api/redirect?
code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz
ೝՄίʔυ
Slide 61
Slide 61 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
61
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ᶃॳճΞΫηε
ᶄೝՄΤϯυϙΠϯτʹϦμΠϨΫτ
ᶅೝՄը໘
ᶆೝՄ
ᶇೝՄίʔυൃߦʴϦμΠϨΫτ
ᶈೝՄίʔυ
ᶉΞΫηετʔΫϯ
Slide 62
Slide 62 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
▸ 8FCϒϥβ͕ɺΫϥΠΞϯτͷϦμΠϨΫτ
ΤϯυϙΠϯτʹϦΫΤετ
62
GET https://localhost:8081/api/redirect?
code=876c4b7339cd3a3bd416a0772fdbf8af&state=xyz
ೝՄίʔυ
Slide 63
Slide 63 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
▸ ΫϥΠΞϯτͷϦμΠϨΫτΤϯυϙΠϯτͷίʔυ
63
@GET @Controller
public String redirect(@QueryParam("code") String authCode) {
// τʔΫϯΤϯυϙΠϯτͷϦΫΤετͷੜ
OAuthClientRequest oAuthClientRequest = OAuthClientRequest
.tokenLocation("https://localhost:8888/api/token")
.setClientId("readwriteclient")
.setClientSecret("password")
.setRedirectURI("https://localhost:8081/api/redirect")
.setCode(authCode)
.setGrantType(GrantType.AUTHORIZATION_CODE)
.buildBodyMessage();
// BASICೝূϔομʔΛՃ
oAuthClientRequest.addHeader(HttpHeaders.AUTHORIZATION,
Constants.AUTH_HEADER_VALUE);
readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java
Slide 64
Slide 64 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
64
// τʔΫϯΤϯυϙΠϯτʹϦΫΤετͯ͠ɺΞΫηετʔΫϯΛऔಘ
OAuthClient oAuthClient = new OAuthClient(
new URLConnectionClient());
OAuthJSONAccessTokenResponse oAuthAccessTokenResponse =
oAuthClient.accessToken(oAuthClientRequest);
String accessToken = oAuthAccessTokenResponse.getAccessToken();
// ηογϣϯείʔϓͳϗϧμʔʹΞΫηετʔΫϯΛอଘ
accessTokenHolder.setAccessToken(accessToken);
// Ұཡը໘ʹϦμΠϨΫτ
return "redirect:/todo/index";
}
readwrite-client/src/main/java/com/example/readwriteclient/web/controller/RedirectController.java
Slide 65
Slide 65 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
▸ τʔΫϯΤϯυϙΠϯτͷϦΫΤετ༰
▸ ΫϥΠΞϯτˠೝՄαʔόʔ
65
POST /api/token
Host: localhost:8888
Authorization: Basic cmVhZHdyaXRlY2xpZW50OnBhc3N3b3Jk
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&code=876c4b7339cd3a3bd416
a0772fdbf8af&redirect_uri=https%3A%2F%2Flocalhost%3A808
1%2Fapi%2Fredirect
Slide 66
Slide 66 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
▸ τʔΫϯΤϯυϙΠϯτͷίʔυ
66
@POST @Produces(MediaType.APPLICATION_JSON)
public Response token(
@Context HttpServletRequest httpServletRequest) {
// τʔΫϯϦΫΤετʹඞཁͳύϥϝʔλΛνΣοΫ
OAuthTokenRequest oauthRequest =
new OAuthTokenRequest(httpServletRequest);
…(தུ)…
// ΞΫηετʔΫϯͱϦϑϨογϡτʔΫϯൃߦ
OAuthIssuer oAuthIssuer =
new OAuthIssuerImpl(new MD5Generator());
String accessToken = oAuthIssuer.accessToken();
String refreshToken = oAuthIssuer.refreshToken();
authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java
Slide 67
Slide 67 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
67
// Ϩεϙϯε͢ΔJSONͷ࡞
OAuthResponse oAuthResponse = OAuthASResponse
.tokenResponse(Response.Status.OK.getStatusCode())
.setAccessToken(accessToken)
.setExpiresIn("3600")
.setRefreshToken(refreshToken)
.buildJSONMessage();
ɹ// ΫϥΠΞϯτʹ200 OKͰϨεϙϯε
return Response.ok(oAuthResponse.getBody())
.build();
authorization-server/src/main/java/com/example/authorizationserver/web/controller/TokenController.java
Slide 68
Slide 68 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶈೝՄίʔυʙᶉΞΫηετʔΫϯ
▸ τʔΫϯΤϯυϙΠϯτ͔Βͷ+40/Ϩεϙϯε
▸ ೝՄαʔόʔˠΫϥΠΞϯτ
68
200 OK
{"access_token":"ffb085abdadf4235c33aa0f042a4f5eb","ref
resh_token":"b1669b4c5fdc984f9bd5252bc2f50f52","expires
_in":3600}
ΞΫηετʔΫϯ
̏̔ܦաʁ
Slide 69
Slide 69 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<$.>+BWB4DSJQUݚम࣮ࢪதʂ
▸ "OHVMBS5ZQF4DSJQU
▸ 3FBDU3FEVY
▸ /PEFKT
▸ &$."4DSJQUجຊจ๏
69
https://www.casareal.co.jp/ls/service/openseminar/html
Slide 70
Slide 70 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
70
Slide 71
Slide 71 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃϦΫΤετ
ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ
71
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ٻॻ࡞
ࢿྉ༣ૹ
Ϧιʔε
αʔόʔ
ᶃϦΫΤετ
ᶅΞΫηε
ɹτʔΫϯ
ɹݕূ
ᶆϢʔβʔใείʔϓ
ᶈϨεϙϯε
ᶉϨεϙϯε
ᶇείʔϓΛ
ɹνΣοΫ
ᶄϦιʔεʹΞΫηε
with ΞΫηετʔΫϯ
Slide 72
Slide 72 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃϦΫΤετ
ʙᶄϦιʔεʹΞΫηεXJUIΞΫηετʔΫϯ
▸ ΫϥΠΞϯτ͔ΒϦιʔεαʔόʔʹϦΫΤετ
▸ ΞΫηετʔΫϯΛ"VUIPSJ[BUJPOϔομʔʹՃ
72
GET /api/v1/todos
Authorization : Bearer ffb085abdadf4235c33aa0f042a4f5eb
ΞΫηετʔΫϯ
Slide 73
Slide 73 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
73
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ٻॻ࡞
ࢿྉ༣ૹ
Ϧιʔε
αʔόʔ
ᶃϦΫΤετ
ᶅΞΫηε
ɹτʔΫϯ
ɹݕূ
ᶆϢʔβʔใείʔϓ
ᶈϨεϙϯε
ᶉϨεϙϯε
ᶇείʔϓΛ
ɹνΣοΫ
ᶄϦιʔεʹΞΫηε
with ΞΫηετʔΫϯ
ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
Slide 74
Slide 74 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
▸ ϦΫΤετΛड͚औͬͨϦιʔεαʔόʔɺ
ϔομʔͰૹΒΕ͖ͯͨΞΫηετʔΫϯͷ
ਖ਼ੑΛνΣοΫ͢Δ
▸ ຊʹೝՄαʔόʔ͕ൃߦͨ͠ͷʁ
▸ ຊʹ͜ͷΫϥΠΞϯτʹରͯ͠ൃߦ͞Εͨͷʁ
74
Slide 75
Slide 75 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
▸ "QBDIF0MUVͰɺϦιʔεαʔόʔ༻ͷ
αʔϒϨοτϑΟϧλʔ͕༻ҙ͞Ε͍ͯΔ
75
OAuthFilter
org.apache.oltu.oauth2.rsfilter.OAuthFilter
OAuthFilter
/*
resource-server/src/main/webapp/WEB-INF/web.xml
Slide 76
Slide 76 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
▸ 0"VUI'JMUFS͔Βɺ0"VUI341SPWJEFS࣮Ϋ
ϥε͕ݺΕΔ
▸ XFCYNMʹԼهͷఆ͕ٛඞཁ
76
oauth.rs.provider-class
com.example.resourceserver.oauth.MyOAuthRSProvider
resource-server/src/main/webapp/WEB-INF/web.xml
Slide 77
Slide 77 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
77
public class MyOAuthRSProvider implements OAuthRSProvider {
@Override
public OAuthDecision validateRequest(String rsId,
String accessToken, HttpServletRequest httpServletRequest) {
// ೝՄαʔόʔHTTPΞΫηεͯ͠ΞΫηετʔΫϯͷਖ਼ੑνΣοΫ
MultivaluedHashMap formParams = …;
formParams.putSingle("access_token", accessToken);
Response response = ClientBuilder.newBuilder()
.build()
.target("https://localhost:8888/api/check_token")
.request()
.header("Content-Type", "application/x-www-form-urlencoded")
.header("Authorization", Constants.AUTH_HEADER_VALUE)
.post(Entity.form(formParams));
// ΞΫηετʔΫϯਖ਼ͳΒ200͕ฦͬͯ͘Δ
if (response.getStatusInfo().equals(Response.Status.OK)) {
// ΓΛฦ͢
}
resource-server/src/main/java/com/example/resourceserver/oauth/MyOAuthRSProvider.java
Slide 78
Slide 78 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶅΞΫηετʔΫϯݕূʙᶆϢʔβʔใείʔϓ
78
▸ ೝՄαʔόʔ͔ΒͷϨεϙϯε
200 OK
Content-Type: application/json
{
“login_id” : “user1”,
“client” : {
“client_id” : “readwriteclient”,
…
“scope_types” : [“read”, “write”]
}
} είʔϓใ
Slide 79
Slide 79 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
79
ೝՄαʔόʔ
ΫϥΠΞϯτ
Ϧιʔε
Φʔφʔ
Web
ϒϥβ
ٻॻ࡞
ࢿྉ༣ૹ
Ϧιʔε
αʔόʔ
ᶃϦΫΤετ
ᶅΞΫηε
ɹτʔΫϯ
ɹݕূ
ᶆϢʔβʔใείʔϓ
ᶈϨεϙϯε
ᶉϨεϙϯε
ᶇείʔϓΛ
ɹνΣοΫ
ᶄϦιʔεʹΞΫηε
with ΞΫηετʔΫϯ
ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε
Slide 80
Slide 80 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶇείʔϓΛνΣοΫʙᶉϨεϙϯε
▸ Ϧιʔεαʔόʔͷίϯτϩʔϥʔϝιουʹ
!3PMFT"MMPXFEͰείʔϓΛࢦఆ
80
@Path("/todos")
public class TodoController {
@RolesAllowed("read")
@GET @Produces("application/json")
public Response findAll() { … }
@RolesAllowed("write")
@POST @Consumes("application/json")
public Response add(Todo todo) { … }
}
resource-server/src/main/java/com/example/resourceserver/web/controller/TodoController.java
̐̌ܦաʁ
Slide 81
Slide 81 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<$.>ଞʹ͍Ζ͍Ζ࣮ࢪதʂ
▸ 4XJGU
▸ "OESPJE
▸ 4DBMB
▸ 3VCZ
81
https://www.casareal.co.jp/ls/service/openseminar/html
Slide 82
Slide 82 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
82
Slide 83
Slide 83 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUI༷ॻΑΓ
▸ ຊࢿྉͰະհͷࣄ߲
▸ ೝՄίʔυϦμΠϨΫτ63*ͷૢ࡞
▸ ϑΟογϯάΞλοΫ
▸ ΫϩεαΠτϦΫΤετϑΥʔδΣϦ
ɾɾɾͳͲ
▸ ඞ༷ͣॻΛνΣοΫ͠·͠ΐ͏ʂ
▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJP
SGDKBIUNMBODIPS
83
Slide 84
Slide 84 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ηΩϡϦςΟؔ࿈ͷ༷ॻ
▸ 3'$0"VUI5ISFBU.PEFMBOE
4FDVSJUZ$POTJEFSBUJPOT
▸ IUUQXXXSGDFEJUPSPSHJOGPSGD
▸ 3'$0"VUI5PLFO3FWPDBUJPO
▸ IUUQPQFOJEGPVOEBUJPOKBQBOHJUIVCJP
SGDKBIUNM
84
Slide 85
Slide 85 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<$.> Ր
1BZBSB.FFUVQ
▸ 1BZBSB։ൃνʔϜͷॳདྷه೦Πϕϯτʂ
▸ ৭ʑͱؾʹͳΔ͜ͱΛฉ͍ͪΌ͍·͠ΐ͏ʂ
▸ ͓ਃࠐΈͪ͜Β
▸ IUUQTHMBTTpTIEPPSLFFQFSKQFWFOUT
85
Slide 86
Slide 86 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
ᶃ 0"VUIͱʁ
ᶄ 0"VUIͷొਓ
ᶅ 0"VUIͷೝՄͷྲྀΕ
ᶆ αϯϓϧΞϓϦͷߏ
ᶇ ৄࡉͱ࣮ɿΞΫηετʔΫϯऔಘ·Ͱ
ᶈ ৄࡉͱ࣮ɿϦιʔεΞΫηε·Ͱ
ᶉ ͦͷଞͷηΩϡϦςΟߟྀࣄ߲
ᶊ ·ͱΊ
86
Slide 87
Slide 87 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
0"VUIཧղͷϙΠϯτ
▸ ༻ޠΛਖ਼֬ʹཧղ͠Α͏ʂ
▸ ୭͕୭ʹϦΫΤετ͍ͯ͠Δͷ͔ΛɺਤͰཧղ͠Α
͏ʂ
▸ ༷Ͱܾ·͍ͬͯΔ෦ɾܾ·͍ͬͯͳ͍෦Λ͖ͬ
ͪΓ͚Α͏ʂ
▸ ຊࢿྉͰղઆͨ͜͠ͱ͕શͯͰͳ͍ͷͰɺ༷ॻ
ΛඞͣνΣοΫ͠Α͏ʂ
87
Slide 88
Slide 88 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
"QBDIF0MUV͑Δ͔ʁ
▸ ͋͘·Ͱʮֶश༻ʯͱ͍͏ͷ͕ݸਓతͳײ
▸ ػೳ͕࠷ݶͰੜ࢈ੑ͋·Γྑ͘ͳ͍
▸ υΩϡϝϯτ͕গͳ͍ʴக໋తͳؒҧ͍
▸ ͦͷଞͷηΩϡϦςΟࣄ߲ͯࣗ͢ݾ
▸ جຊతʹ4QSJOH4FDVSJUZ0"VUIQBDKͳ
ͲΛͬͨ΄͏͕ྑ͍͔
88
Slide 89
Slide 89 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
"QBDIF0MUVͷৄࡉ
▸ ΧαϨΞϧ0SHBOJ[BUJPOͷ2JJUBʹॻ͖·͢
ʢۙެ։ʂʣ
▸ ೝՄαʔόʔͷ࣮
▸ Ϧιʔεαʔόʔͷ࣮
▸ ΫϥΠΞϯτͷ࣮
89
Slide 90
Slide 90 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
͞Βʹֶश͢ΔͨΊʹ
▸ 0"VUI༷ॻຊޠ൛
▸ IUUQTPQFOJEGPVOEBUJPOKBQBOHJUIVCJPSGDKBIUNM
▸ 0"VUIΛ͡ΊΑ͏
▸ IUUQTXXXPSFJMMZDPKQCPPLT
▸ 0"VUIશϑϩʔͷਤղͱಈը
▸ IUUQRJJUBDPN5BLBIJLP,BXBTBLJJUFNTFCGBG
▸ ࠓߋฉ͚ͳ͍0"VUI
▸ IUUQTXXXTMJEFTIBSFOFUQIQITBPBVUI
90
Slide 91
Slide 91 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
<ืू>τϨʔφʔΛͬͯΈ͍ͨํʂ
▸ ͖ͳٕज़Λͱ͜ͱΜͬͯ
ੈͷதʹΊΒΕΔʂ
▸ ߨࢣະܦݧ0,ʂ
▸ ϗϫΠτاۀʂ
▸ !TVLF@NBTBʢଟాʣ·Ͱ
͓ؾܰʹ5XJUUFS%.͍ͩ͘͞ʂ
91
Slide 92
Slide 92 text
(C) CASAREAL, Inc. All rights reserved.
#jjug_ccc #ccc_e5
&OKPZ+BWB0"VUI
▸ ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ
92