Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Auth0の認可

Ac7cbf1a95672e989590bb527cdafc8e?s=47 suwa yuki
August 29, 2019

 Auth0の認可

Auth0 Japan User Community Meetup in Tokyo Vol.2で発表したスライドです。
https://auth0-japan.connpass.com/event/143389/

Ac7cbf1a95672e989590bb527cdafc8e?s=128

suwa yuki

August 29, 2019
Tweet

Transcript

  1. Classmethod / CX Div. / Yuki Suwa / 2019.8.29 "VUIʹ͓͚ΔೝՄ

    "VUI+BQBO6TFS$PNNVOJUZ .FFUVQJO5PLZP7PM
  2. ਡ๚༔لɹYuki Suwa w$9ࣄۀຊ෦Ϛωʔδϟʔ݉
 ΤϯδχΞ w%FWFMPQFST*0ϒϩΨʔ w"VUI"NCBTTBEPS wJ04"OESPJE3VCZ /PEFKT3FBDU7VF "84%PDLFSFUDʜ 2

  3. %FWFMPQFST*0 w݄ؒສ17ɺສ66ΛތΔɺࣾһ͕ࣥච͢Δ*5 ٕज़ʹಛԽͨ͠Φ΢ϯυϝσΟΞ w"84ɺϏοάσʔλɺϞόΠϧɺ*P5ɺ"*ͳͲͷଟذ ʹΘͨΔهࣄΛ೔ʑެ։ w໿ ຊͷهࣄΛެ։தʢ೥݄ݱࡏʣ wԱଌ΍ηΦϦʔΑΓ΋ʮ΍ͬͯΈͨʯ͕ಛ௕ 3

  4. w৽͍͠ސ٬ମݧͷιϦϡʔγϣϯΛ૑଄͢Δͨ Ίͷ࣮ݧళฮ w"NB[PO(0ʹΠϯεύΠΞ͞Εͯ։ൃͨ͠ ΢ΥʔΫεϧʔ wࡢࠓ࿩୊ͷΩϟογϡϨεɺϞόΠϧΦʔμʔ w#SFBLJOH$IBOHFʹԲ͢Δ͜ͱͳ͘ৗʹ৽͠ ͍ٕज़Λ࠷େݶʹ׆༻ͨ͠৽͍͠ސ٬ମݧΛ࣮ ݧతʹఏڙ͠ଓ͚Δ

  5. 5 LINE Login LINE Pay Messaging API ιʔγϟϧϩάΠϯ ஫จͷܾࡁ νϟοτϘοτ஫จ

  6. ΞδΣϯμ wೝূͱೝՄͷ֓ཁ wೝূͱೝՄͷϑϩʔ w"VUIPSJ[BUJPO$PEF'MPXXJUI1SPPG,FZ
 GPS$PEF&YDIBOHF wBVUITQBKTͷ঺հ w·ͱΊ 6

  7. ೝূͱೝՄ wਖ਼͘͠ཧղͨͭ͠΋ΓͰ΋ࠞಉ͕ͪ͠ wͦΕͧΕɺγεςϜΛ࡞Δ্Ͱ͸ෆՄܽͳཁૉ 7

  8. ೝূͱೝՄ wೝূʢ"VUIFOUJDBUJPO"VUI/ʣ  ௨৴ͷ૬ख͕୭͔֬ೝ͢Δ͜ͱ  ͳΓ͢·͠Ͱͳ͍͜ͱͷ֬ೝ wೝՄʢ"VUIPSJ[BUJPO"VUI;ʣ  ಛఆͷ৚݅ʹରͯ͠ΞΫηεݖݶΛ༩͑Δ͜ͱ 8

  9. ೝূʢ"VUIFOUJDBUJPOʣ w௨৴૬ख͕ͳΓ͢·͠Ͱ͸ͳ͍ͱ֬ೝ͢Δ͜ͱ 9 ೝূཁૉ ݱ࣮ͷੈք ిࢠͷੈք 8IBU:PV"SFʁ JOIFSFODFGBDUPS إ๴ ੠

    ॺ໊ච੻ ੜମೝূ
 ʢإೝূ ࢦ໲ೝূʣ 8IBU:PV)BWFʁ QPTTFTTJPOGBDUPS ҹؑ ਎෼ূ Χʔυ ܞଳి࿩ ిࢠূ໌ॻ 
 ηΩϡϦςΟτʔΫϯ 8IBU:PV,OPXʁ LOPXMFEHFGBDUPS ߹ݴ༿ ύεϫʔυ
  10. ೝՄʢ"VUIPSJ[BUJPOʣ wϝλϑΝʔ͸ʮ伴ʯ΍ʮ੾ූʯͷൃߦ wϦιʔεʹΞΫηε͢ΔݖݶΛ༩͑Δ͜ͱ wೝূͱ͸ຊདྷ͸ಠཱͨ͠ߟ͑ํ w७ਮͳೝՄ͸ɺ૬खͷ਎ݩ͕෼͔Δͱ͸ݶΒͳ͍ 10

  11. Α͋͘ΔྲྀΕ 11 ೝূ ೝՄ ΞΫηε ࣗ෼ࣗ਎Λূ໌͢Δ 伴Λ౉͢ 伴Λ࢖ͬͯར༻͢Δ ʴ

  12. -*/&ʹ౰ͯ͸ΊΔͱ 12 ೝূ ೝՄ ΞΫηε -*/&ʹϩάΠϯ πϜπϜͰ࢖͏ ϑϨϯυͱڝ͑Δ ʴ

  13. w"VUIPSJ[BUJPO$PEF'MPX w"VUIPSJ[BUJPO$PEF'MPXXJUI1SPPG,FZ GPS$PEF&YDIBOHF 1,$&  w*NQMJDJU'MPX w$MJFOU$SFEFOUJBMT'MPX w%FWJDF"VUIPSJ[BUJPO'MPX 13 "VUI͕αϙʔτ͍ͯ͠ΔೝূೝՄϑϩʔ

  14. "VUI͕αϙʔτ͍ͯ͠ΔೝূೝՄϑϩʔ w"VUIPSJ[BUJPO$PEF'MPX w"VUIPSJ[BUJPO$PEF'MPXXJUI1SPPG,FZ GPS$PEF&YDIBOHF 1,$&  w*NQMJDJU'MPX w$MJFOU$SFEFOUJBMT'MPX w%FWJDF"VUIPSJ[BUJPO'MPX 14

  15. "VUIPSJ[BUJPO$PEF'MPXXJUI1SPPG,FZ GPS$PEF&YDIBOHF 1,$& w0"VUIͷػೳ֦ு w3'$ ೥ൃߦ 
 IUUQTUPPMTJFUGPSHIUNMSGD w1VCMJD$MJFOUͷηΩϡϦςΟϦεΫΛղফ͢ΔͨΊʹ ੜΈग़͞Εͨϑϩʔ

    wͽ͘͠ʔ 15
  16. None
  17. 17 ϦμΠϨΫτઌΛͳΓ͢·͠ Ҏ߱ͷॲཧΛԣऔΓͰ͖Δ

  18. 18

  19. 19 ԣऔΓͯ͠΋Code Verifier͕ ෼͔Βͳ͍ʂ

  20. BVUITQBKT w4JOHMF1BHF"QQMJDBUJPO޲͚ͷ"VUI4%, w೥݄೔ʹਖ਼ࣜϦϦʔε w1,$&ʹΑΔೝূίʔυڐՄʹରԠ w41"΁ͷ૊ΈࠐΈʹ͓͍ͯਪ঑ 20

  21. "DDFTT5PLFOΛ࢖ͬͯ Ͳ͏΍ͬͯೝՄ͢Δͷʁ 21

  22. "VUIͷೝՄ wϢʔβʔʹର͢ΔೝՄϢʔβʔͷॴଐʹର͢ΔೝՄ w3PMF#BTFE"DDFTT$POUSPM 3#"$ ʹରԠ wೝՄʹඞཁͳ৘ใΛ*%τʔΫϯΞΫηετʔΫϯʹ ෇༩͢Δ͜ͱ͕Մೳ wೝՄͷ੍ޚࣗମ͸ߦΘͳ͍ 22

  23. 3#"$Λ࣮૷ͯ͠ΈΑ͏  "1*ͱ1FSNJTTJPOΛ࡞੒  3PMFΛ࡞੒  6TFSʹ3PMFΛઃఆ  "DDFTT5PLFOΛऔಘ 23

  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None
  31. None
  32. ΞΫηετʔΫϯͷऔಘ 100 const token = await auth0.getTokenSilently({ 101 audience: 'https://example.jp'

    102 }); 103 console.log(token);
  33. None
  34. 4VNNBSZ 34

  35. 1,$&࢖͍ͬͯ͜͏ wطʹ6OJWFSTBM-PHJOΛ࢖͍ͬͯΔͷͰ͋Ε͹
 Ҡߦ͸ඇৗʹ؆୯ w"DDFTT5PLFOΛ༻͍ͨೝՄʹ੾Γସ͑Δ w"VUIΛ࠾༻͢Δ্Ͱͷ࠷େͷϝϦοτ͸
 ࠷৽ͷೝূೝՄͷτϨϯυʹ৐Γ·͘ΕΔ͜ͱ 35

  36. BVUITQBKTͷཹҙ఺ w6OJWFSTBM-PHJOͷΈར༻Մೳ w"VUI"1*Λݺͼग़͢৔߹͸BVUIKTΛซ༻͢Δ 36

  37. Ϋϥεϝιουͷ"VUIαʔϏε w"VUIͷ੥ٻ୅ߦ w"VUIΛར༻ͨ͠ΞϓϦέʔγϣϯ։ൃ w"VUIͷγεςϜಋೖͷίϯαϧςΟϯά w"VUIΛར༻ͨ͠αʔϏεͷఏڙ 37 "VUIͷಋೖΛݕ౼͞Ε͍ͯΔํ͸
 ͥͻ͓੠͕͚͍ͩ͘͞ʂ