Upgrade to Pro — share decks privately, control downloads, hide ads and more …

클라이언트 권한 부여, 인증 시스템, OAuth-JWT

Avatar for Teddy Teddy
August 07, 2018
Programming
110
0

클라이언트 권한 부여, 인증 시스템, OAuth-JWT

Avatar for Teddy

Teddy

August 07, 2018

More Decks by Teddy

See All by Teddy
스타트업 개발자의 이야기 (국민대)
Avatar for Teddy teddykims
1
100
개발자의 인공지능 뽀개기
Avatar for Teddy teddykims
0
160
Git 기초
Avatar for Teddy teddykims
0
84
2018.06, 싸이그래머 '심리상담과 IT'
Avatar for Teddy teddykims
0
120
WebSocket, Socket.io
Avatar for Teddy teddykims
1
58
2018.05, 소물, '소프트웨어와 미래 기술'
Avatar for Teddy teddykims
0
83
소프트웨어와 미래 기술 (Software, Future Tech)
Avatar for Teddy teddykims
0
190
리눅스 메모리 보호기법, 보안시스템의 이해
Avatar for Teddy teddykims
0
240
무선 네트워크 해킹과 보안 (Network Hacking)
Avatar for Teddy teddykims
0
220

Other Decks in Programming

See All in Programming
SkillがSkillを生む:QA観点出しを自動化した
Avatar for sontixyou sontixyou
6
3.4k
How Swift's Type System Guides AI Agents
Avatar for Yuta Koshizawa koher
0
280
PHPで TLSのプロトコルを実装してみるをもう一度しゃべりたい
Avatar for higaki higaki_program
0
210
〜バイブコーディングを超えて〜 チームで実験し続けたAI駆動開発
Avatar for Toranosuke Minamikawa tigertora7571
0
120
tRPCの概要と少しだけパフォーマンス
Avatar for Keigo Ebihara misoton665
2
220
PCOVから学ぶコードカバレッジ #phpcon_odawara
Avatar for hideki kinjyo o0h
PRO
0
270
Back to the roots of date
Avatar for jinroq jinroq
0
260
(Re)make Regexp in Ruby: Democratizing internals for the JIT
Avatar for TSUYUSATO Kitsune makenowjust
2
210
AWS re:Invent 2025の少し振り返り + DevOps AgentとBacklogを連携させてみた
Avatar for Satoshi Kaneyasu satoshi256kbyte
3
160
GitHubCopilotCLIをはじめよう.pdf
Avatar for tkym htkym
0
200
JAWS-UG横浜 #100 祝・第100回スペシャル AWS は VPC レスの時代へ
Avatar for maroon1st maroon1st
0
160
ハーネスエンジニアリングにどう向き合うか 〜ルールファイルを超えて開発プロセスを設計する〜 / How to approach harness engineering
Avatar for r-kagaya rkaga
24
14k

Featured

See All Featured
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.9k
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
Claude Code どこまでも/ Claude Code Everywhere
Avatar for nwiizo nwiizo
64
55k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
Avatar for Mine Cetinkaya-Rundel minecr
1
240
Designing for humans not robots
Avatar for Tammie Lister tammielis
254
26k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
76
5.1k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.6k
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
2
340
Digital Ethics as a Driver of Design Innovation
Avatar for Per Axbom axbom
PRO
1
270
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
Avatar for Sara Fernández Carmona sarafernandez
0
170
Documentation Writing (for coders)
Avatar for Carmen Chung carmenintech
77
5.3k

Transcript

  1. ௿ۄ੉঱౟ ӂೠ ࠗৈ ੋૐ/ੋо दझమ !1

  2. ӝઓ੄ Api ࠁউ਷? !2

  3. दр হҊ ә೧ࢲ ݄ ݅ٞ !3

  4. ‘಴ળ’ ӏѺਵ۽ ٜ݅੗! !4

  5. ‘಴ળ’ <Api-Token> !5

  6. “ೲо ߉਷ ࢎਊ੗݅ API ܳ ࢎਊೡ ࣻ ੓׮.” !6

  7. “Api ߑޙ ஠٘” !7

  8. OAuth !8

  9. { "access_token": "J1qK1c18UUGJFAzz9xnH56584l4", “refresh_token”: "SDAS2328asdVASd1238asdA", "expires_in": 3600, "scope": "*", "token_type":

    "bearer" } !9

  10. ੋૐ, ੋоܳ ਤೠ Standard Protocol !10

  11. “যڌѱ ೞݶ ൝যઉ ੓ח Application ٜ੄ ੋૐ ҙܻܳ ઺ঔীࢲ औѱ

    ೡ Ѫੋо” !11

  12. “ਬ੷о ಕ੉झ࠘, ౟ਤఠ э਷ ৡۄੋ ࢲ࠺झ੄ ӝמਸ ׮ܲ জীࢲب ࢎਊೡ

    ࣻ ੓ѱ Ք !” !12

  13. OAuth 1.0 (RFC 5849, 2007) OAuth 1.0 A OAuth 2.0

    (RFC 6749, 2012) !13

  14. OAuth 1.x ਊয ߸҃ ࢲߡ ৉ೡ ܻ࠙ ੋૐ ੺ର хࣗച

    ঐഐച ߑध ߸҃ (٣૑ణ ࢲݺ -> HTTPS) ׮নೠ ੋૐ ߑध ઁҕ ੼੼ ೐ۨ੐ਕ௼ ഋక۽ .. OAuth 2.x !14

  15. !15

  16. { "access_token": "J1qK1c18UUGJFAzz9xnH56584l4", “refresh_token”: "SDAS2328asdVASd1238asdA", "expires_in": 3600, "scope": "*", "token_type":

    "bearer" } ݽٚ ష௾җ ੿ࠁܳ ؘ੉ఠ߬੉झী ੷੢ೞৈ ഛੋ੉ ೙ਃೣ. !16

  17. 1. ࠂ੟ೞ׮ 2. ޖѩ׮ !17

  18. Third-Party App / ࢲ࠺झী ੽Ӕೞח ৻ࠗ জ੄ ੋૐ ߂ ӂೠ

    ҙܻী ੸೤ !18

  19. JWT (JSON WEB TOKEN) !19

  20. { "access_token": "J1qK1c18UUGJFAzz9xnH56584l4", "expires_in": 3600, "token_type": "bearer" } !20

  21. Claim ӝ߈੄ ష௾ दझమ !21

  22. Claim = ࢎਊ੗ী ؀ೠ ࣘࢿ !22

  23. Claim = ࢎਊ੗ী ؀ೠ ࣘࢿ !23 { ‘id’: ‘teddy’, ‘group’:

    ‘admin’} eyDigJhpZOKAmTog4oCYdGVkZHnigJ ksIOKAmGdyb3Vw4oCZOiDigJhhZG1p buKAmX0=

  24. !24

  25. !25

  26. ష௾ ੗୓о ੿ࠁܳ о૑Ҋ ੓ӝী, ష௾ਸ о૑Ҋ ࢲ࠺झա API ੽Ӕਸ

    ઁযೡ ٸ ߹ب੄ ੋૐ ࢲߡ ੘স੉ ೙ਃೞ૑ ঋਵݴ, ష௾ ੗୓ܳ ࢲߡীࢲ ҙܻೡ ೙ਃо হӝ ٸޙী ҳഅ੉ ࢚؀੸ਵ۽ ױࣽ೧૓׮. !26

  27. !27 < ੌ߈ OAuth > < JWT >

  28. )VNBSU$PNQBOZ ӣక਌