oauth & openid connect 入門のための入門

Download OAuth & OpenID Connect 入門のための入門

Post on 17-Aug-2015

231 views

Category:

Technology

7 download

Embed Size (px)

TRANSCRIPT

  1. 1. 2015 Takashi Yahata (@paoneJP) OAuth & OpenID Connect Takashi Yahata - @paoneJP 2015/7/31 2015/7/31 1
  2. 2. 2015 Takashi Yahata (@paoneJP) 2015/7/31 2 OAuth
  3. 3. 2015 Takashi Yahata (@paoneJP) 2015/7/31 3 OpenID Connect
  4. 4. 2015 Takashi Yahata (@paoneJP) 2015/7/31 4 PC
  5. 5. 2015 Takashi Yahata (@paoneJP) 2015/7/31 5 3rd party
  6. 6. 2015 Takashi Yahata (@paoneJP) 3rd party 3rd party 3rd party OAuth 2015/7/31 6
  7. 7. 2015 Takashi Yahata (@paoneJP) 3rd party 3rd party OAuth 2015/7/31 7
  8. 8. 2015 Takashi Yahata (@paoneJP) OAuth Bearer Token OAuth Bearer Token APIOK OAuth 2015/7/31 8
  9. 9. 2015 Takashi Yahata (@paoneJP) OAuth2.0 ID OAuth2.0 + Identity Layer = OpenID Connect 2015/7/31 9 { "kid": "1e9gdk7", "alg": "RS256" } { "iss": "http://server.example.com", "sub": "248289761001", "aud": "s6BhdRkqt3", "nonce": "n-0S6_WzA2Mj", "exp": 1311281970, "iat": 1311280970, "at_hash": "77QmUPtjPfzWtF2AnpK9RQ" } [signature] eyJraWQiOiIxZTlnZGs3IiwiYWxnIjoiUlMyNTYifQ.ewogIml zcyI6ICJodHRwOi8vc2VydmVyLmV4YW1wbGUuY29tIiwKICJzd WIiOiAiMjQ4Mjg5NzYxMDAxIiwKICJhdWQiOiAiczZCaGRSa3F 0MyIsCiAibm9uY2UiOiAibi0wUzZfV3pBMk1qIiwKICJleHAiO iAxMzExMjgxOTcwLAogImlhdCI6IDEzMTEyODA5NzAsCiAiYXR faGFzaCI6ICI3N1FtVVB0alBmeld0RjJBbnBLOVJRIgp9.F9gR ev0Dt2tKcrBkHy72cmRqnLdzw9FLCCSebV7mWs7o_sv2O5s6zM ky2kmhHTVx9HmdvNnx9GaZ8XMYRFeYk8L5NZ7aYlA5W56nsG1i WOou_-gji0ibWIuuf4Owaho3YSoi7EvsTuLFz6tq-dLyz0dKAB MDsiCmJ5wqkPUDTE3QTXjzbUmOzUDli-gCh5QPuZAq0cNW3pf_ 2n4zpvTYtbmj12cVcxGIMZby7TMWESRjQ9_o3jvhVNcCGcE0KA QXejhA1ocJhNEvQNqMFGlBb6_0RxxKjDZ-Oa329eGDidOvvp0h 5hoES4a8IuGKS7NOcpp-aFwp0qVMDLI-Xnm-Pg
  10. 10. 2015 Takashi Yahata (@paoneJP) http://datatracker.ietf.org/wg/oauth/documents/ RFC6749 The OAuth 2.0 Authorization Framework RFC6750 The OAuth 2.0 Authorization Framework: Bearer Token Usage OAuth 2015/7/31 10
  11. 11. 2015 Takashi Yahata (@paoneJP) http://openid.net/developers/specs/ OpenID Connect Core 1.0 http://datatracker.ietf.org/wg/oauth/documents/ RFC7519 JSON Web Token (JWT) http://datatracker.ietf.org/wg/jose/documents/ Cryptography PublicKey, Hash, OpenID Connect 2015/7/31 11
  12. 12. 2015 Takashi Yahata (@paoneJP) 2015/7/31 12