oauth 2.0 #idit2012

25
OAuth 2.0

Upload: nov-matake

Post on 24-May-2015

549 views

Category:

Technology


0 download

TRANSCRIPT

Page 1: OAuth 2.0 #idit2012

OAuth 2.0

Page 2: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

@nov

OpenID Foundation Japan Evangelist

OAuth.jp

Ruby Libraries

rack-oauth2

openid_connect

fb_graph

Page 3: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Page 4: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Current Trend

Mobile Game Social

Page 5: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Platform ♥ 3rd-party Developers

Page 6: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

API Integration

Access Control for APIs

Page 7: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

OAuth

No password sharing

Limited access lifetime

Expire a'er N weeks

Limited access scope

Status Update : OK

Read Inbox : NG

Page 8: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

OAuth 2.0 in Enterprize

Page 9: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Page 10: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

ResourceOwner

Client

ResourceServer

APIAccess

AccessToken

AuthorizationServer

AuthorizeClient Access

Page 11: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

ResourceOwner

Client

ResourceServer

APIAccess

AccessToken

AuthorizationServer

AuthorizeClient Access

Page 12: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

ResourceOwner

Client

ResourceServer

APIAccess

AccessToken

AuthorizationServer

AuthorizeClient Access

Page 13: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

2 Response Types in Core

Code

Token

Extensions

Code + Token

and more..

Get Access Token

Page 14: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

response_type = codeResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Code

Code

Access Token

Page 15: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

response_type = tokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Access Token

Page 16: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Response Type

Code

Secure

2 HTTP request

Require Approval

Get Access Token

Token

Efficient

1 HTTP request

Both at once

+ extensions

Page 17: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

♥OpenID Connect

~ OpenID based on OAuth 2.0 ~

Page 18: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Page 19: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

So, why these matters?

Page 20: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Social

Page 21: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Cloud

Page 22: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

API Economy

Page 23: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

Discovery

Identity

Access Control

Streams

People

Applications

Page 24: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

デジタルアイデンティティ技術最新動向 - @IT

Page 25: OAuth 2.0 #idit2012

ID&IT Management Conference 2012

openid-foundation-japan.github.com

slideshare.net/matake

github.com/nov

twitter.com/nov