Upgrade to Pro — share decks privately, control downloads, hide ads and more …

클라이언트 권한 부여, 인증 시스템, OAuth-JWT

Avatar for Teddy Teddy
August 07, 2018
Programming
0
110

클라이언트 권한 부여, 인증 시스템, OAuth-JWT

Avatar for Teddy

Teddy

August 07, 2018
Tweet

More Decks by Teddy

See All by Teddy
스타트업 개발자의 이야기 (국민대)
Avatar for Teddy teddykims
1
100
개발자의 인공지능 뽀개기
Avatar for Teddy teddykims
0
160
Git 기초
Avatar for Teddy teddykims
0
83
2018.06, 싸이그래머 '심리상담과 IT'
Avatar for Teddy teddykims
0
120
WebSocket, Socket.io
Avatar for Teddy teddykims
1
57
2018.05, 소물, '소프트웨어와 미래 기술'
Avatar for Teddy teddykims
0
82
소프트웨어와 미래 기술 (Software, Future Tech)
Avatar for Teddy teddykims
0
190
리눅스 메모리 보호기법, 보안시스템의 이해
Avatar for Teddy teddykims
0
240
무선 네트워크 해킹과 보안 (Network Hacking)
Avatar for Teddy teddykims
0
220

Other Decks in Programming

See All in Programming
AgentCoreとHuman in the Loop
Avatar for Har1101 har1101
5
180
2年のAppleウォレットパス開発の振り返り
Avatar for muno92 muno92
PRO
0
180
AIで開発はどれくらい加速したのか?AIエージェントによるコード生成を、現場の評価と研究開発の評価の両面からdeep diveしてみる
Avatar for どすこい daisuketakeda
1
780
今こそ知るべき耐量子計算機暗号(PQC)入門 / PQC: What You Need to Know Now
Avatar for mackey0225 mackey0225
3
320
MDN Web Docs に日本語翻訳でコントリビュート
Avatar for uutan1108 ohmori_yusuke
0
510
はじめてのカスタムエージェント【GitHub Copilot Agent Mode編】
Avatar for Satoshi Kaneyasu satoshi256kbyte
0
180
QAフローを最適化し、品質水準を満たしながらリリースまでの期間を最短化する #RSGT2026
Avatar for shibayu36 shibayu36
1
3.2k
CSC307 Lecture 01
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
670
メルカリのリーダビリティチームが取り組む、AI時代のスケーラブルな品質文化
Avatar for osari.k cloverrose
2
470
AIによるイベントストーミング図からのコード生成 / AI-powered code generation from Event Storming diagrams
Avatar for nrs nrslib
2
1.5k
【卒業研究】会話ログ分析によるユーザーごとの関心に応じた話題提案手法
Avatar for MomokoShirakawa momok47
0
170
PC-6001でPSG曲を鳴らすまでを全部NetBSD上の Makefile に押し込んでみた / osc2025hiroshima
Avatar for Izumi Tsutsui tsutsui
0
210

Featured

See All Featured
What’s in a name? Adding method to the madness
Avatar for The Alliance productmarketing
PRO
24
3.9k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
21
1.3k
Agile Leadership in an Agile Organization
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
70
How GitHub (no longer) Works
Avatar for Zach Holman holman
316
140k
Abbi's Birthday
Avatar for Violet Bock coloredviolet
0
4.4k
Utilizing Notion as your number one productivity tool
Avatar for Mfonobong Umondia mfonobong
2
200
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.8k
Money Talks: Using Revenue to Get Sh*t Done
Avatar for Nikki Halliwell nikkihalliwell
0
140
Building Adaptive Systems
Avatar for Chris Keathley keathley
44
2.9k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
Avatar for David Carrasco davidcarrasco
0
48
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
Avatar for Tech SEO Connect techseoconnect
PRO
0
43
[SF Ruby Conf 2025] Rails X
Avatar for Vladimir Dementyev palkan
0
710

Transcript

  1. ௿ۄ੉঱౟ ӂೠ ࠗৈ ੋૐ/ੋо दझమ !1

  2. ӝઓ੄ Api ࠁউ਷? !2

  3. दр হҊ ә೧ࢲ ݄ ݅ٞ !3

  4. ‘಴ળ’ ӏѺਵ۽ ٜ݅੗! !4

  5. ‘಴ળ’ <Api-Token> !5

  6. “ೲо ߉਷ ࢎਊ੗݅ API ܳ ࢎਊೡ ࣻ ੓׮.” !6

  7. “Api ߑޙ ஠٘” !7

  8. OAuth !8

  9. { "access_token": "J1qK1c18UUGJFAzz9xnH56584l4", “refresh_token”: "SDAS2328asdVASd1238asdA", "expires_in": 3600, "scope": "*", "token_type":

    "bearer" } !9

  10. ੋૐ, ੋоܳ ਤೠ Standard Protocol !10

  11. “যڌѱ ೞݶ ൝যઉ ੓ח Application ٜ੄ ੋૐ ҙܻܳ ઺ঔীࢲ औѱ

    ೡ Ѫੋо” !11

  12. “ਬ੷о ಕ੉झ࠘, ౟ਤఠ э਷ ৡۄੋ ࢲ࠺झ੄ ӝמਸ ׮ܲ জীࢲب ࢎਊೡ

    ࣻ ੓ѱ Ք !” !12

  13. OAuth 1.0 (RFC 5849, 2007) OAuth 1.0 A OAuth 2.0

    (RFC 6749, 2012) !13

  14. OAuth 1.x ਊয ߸҃ ࢲߡ ৉ೡ ܻ࠙ ੋૐ ੺ର хࣗച

    ঐഐച ߑध ߸҃ (٣૑ణ ࢲݺ -> HTTPS) ׮নೠ ੋૐ ߑध ઁҕ ੼੼ ೐ۨ੐ਕ௼ ഋక۽ .. OAuth 2.x !14

  15. !15

  16. { "access_token": "J1qK1c18UUGJFAzz9xnH56584l4", “refresh_token”: "SDAS2328asdVASd1238asdA", "expires_in": 3600, "scope": "*", "token_type":

    "bearer" } ݽٚ ష௾җ ੿ࠁܳ ؘ੉ఠ߬੉झী ੷੢ೞৈ ഛੋ੉ ೙ਃೣ. !16

  17. 1. ࠂ੟ೞ׮ 2. ޖѩ׮ !17

  18. Third-Party App / ࢲ࠺झী ੽Ӕೞח ৻ࠗ জ੄ ੋૐ ߂ ӂೠ

    ҙܻী ੸೤ !18

  19. JWT (JSON WEB TOKEN) !19

  20. { "access_token": "J1qK1c18UUGJFAzz9xnH56584l4", "expires_in": 3600, "token_type": "bearer" } !20

  21. Claim ӝ߈੄ ష௾ दझమ !21

  22. Claim = ࢎਊ੗ী ؀ೠ ࣘࢿ !22

  23. Claim = ࢎਊ੗ী ؀ೠ ࣘࢿ !23 { ‘id’: ‘teddy’, ‘group’:

    ‘admin’} eyDigJhpZOKAmTog4oCYdGVkZHnigJ ksIOKAmGdyb3Vw4oCZOiDigJhhZG1p buKAmX0=

  24. !24

  25. !25

  26. ష௾ ੗୓о ੿ࠁܳ о૑Ҋ ੓ӝী, ష௾ਸ о૑Ҋ ࢲ࠺झա API ੽Ӕਸ

    ઁযೡ ٸ ߹ب੄ ੋૐ ࢲߡ ੘স੉ ೙ਃೞ૑ ঋਵݴ, ష௾ ੗୓ܳ ࢲߡীࢲ ҙܻೡ ೙ਃо হӝ ٸޙী ҳഅ੉ ࢚؀੸ਵ۽ ױࣽ೧૓׮. !26

  27. !27 < ੌ߈ OAuth > < JWT >

  28. )VNBSU$PNQBOZ ӣక਌