Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
TokenSourceを理解する
Search
Kenta Takahashi
October 25, 2025
Programming
32
0
Share
TokenSourceを理解する
https://asakusago.connpass.com/event/369325/
Kenta Takahashi
October 25, 2025
More Decks by Kenta Takahashi
See All by Kenta Takahashi
xDS を活用したサービスディスカバリーで実現するブランチ別 QA 環境の構築手法
knwoop
2
1.1k
Fastly Compute @ Kauche
knwoop
0
68
How Are Random Numbers Generated ?
knwoop
0
310
認証認可とGoの話
knwoop
3
1.2k
Other Decks in Programming
See All in Programming
【26新卒研修資料】TDD実装演習
dip_tech
PRO
0
120
第3木曜LT会 #28
tinykitten
PRO
0
120
Making the RBS Parser Faster
soutaro
0
590
GNU Makeの使い方 / How to use GNU Make
kaityo256
PRO
16
5.6k
Oxlintとeslint-plugin-react-hooks 明日から始められそう?
t6adev
0
300
ふりがな Deep Dive try! Swift Tokyo 2026
watura
0
250
Road to RubyKaigi: Play Hard(ware)
makicamel
1
490
[RubyKaigi 2026] Require Hooks
palkan
1
240
ついに来た!本格的なマルチクラウド時代の Google Cloud
maroon1st
0
290
mruby on C#: From VM Implementation to Game Scripting (RubyKaigi 2026)
hadashia
2
810
書き換えて学ぶTemporal #fukts
pirosikick
1
170
Running Swift without an OS
kishikawakatsumi
0
860
Featured
See All Featured
Tell your own story through comics
letsgokoyo
1
900
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.5k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
170
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
greggifford
PRO
0
160
Chasing Engaging Ingredients in Design
codingconduct
0
180
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
190
Building an army of robots
kneath
306
46k
Unsuck your backbone
ammeep
672
58k
A better future with KSS
kneath
240
18k
Transcript
Kenta Takahashi golang.org/x/oauth2#TokenSource Λશʹཧղ͢Δ Asakusa.go
None
αʔϏεؒͰೝূΛͲ͏͓ͬͯ͜ͳ͏͔?
ͱʹ͔ͨ͘͘͞Μ͋Δ • OAuth2/OpenIDConnect ΫϥΠΞϯτೝূ • GitHub Actions ͱ Google Cloud/AWS
• Google Cloud Ͱͷೝূํ๏ • AWS Ͱͷೝূํࣜ
OAuth2 /OenID Connect ΫϥΠΞϯτೝূ • client_secret_post • client_secret_basic • client_secret_jwt
• private_key_jwt • tls_client_auth • ...
GitHub Actions ͱ Google Cloud/AWS https://docs.github.com/ja/actions/concepts/security/openid-connect
Google Cloud Ͱͷೝূํ๏ • Set up Application Default Credentials ͱ͍
͏Έ͕͋Δ • ͬ͘͟Γೝূใͷ୳ ͠ํϚχϡΞϧ
AWS Ͱͷೝূํࣜ • ͋Μ·Γৄ͘͠ͳ͍ͷͰׂѪ
ͳΔ΄ͲΘ͔ΒΜ
API ϦΫΤετ͍͚ͨͩ͠ͳΜͩ
TokenSource ʹ͍ͭͯ https://pkg.go.dev/golang.org/x/oauth2#TokenSource
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2 SSO ͷྫ
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2 - access token Λͬͯ ϢʔβʔใΛऔಘ͢Δ - ͜ͷ෦Ͱ
Token Source ͕ΘΕ͍ͯΔ
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ golang.org/x/oauth2 - Request ͝ͱʹ TokenSource ͷ ϝιου͕ݺΕ͍ͯΔ -
෦ token ͷߋ৽ͳͲ ߦ͍ͬͯΔ - ϩοΫͱͬͯ goroutine-safe ʹ ͳ͍ͬͯΔ
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ GitHub Actions ͱ Google Cloud/AWS (AWS ׂѪ) •
Google Cloud Workload Identity Federation ͱ͍͏ΈΛ͍ͬͯΔ • ೝূΩʔͳ͠Ͱ Google Cloud ʹΞΫηεͰ͖Δ • ෦ͷৄ͍͠Έฉ͍͍ͯͩ͘͞😇
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ GitHub Actions ͱ Google Cloud/AWS (AWS ׂѪ) Workload
Identity Federation ͷྫ https://github.com/knwoop/google-cloud-go-playground/iam/workloadidentityfed
TokenSource Ͳ͜ͰΘΕ͍ͯΔ͔ GitHub Actions ͱ Google Cloud/AWS (AWS ׂѪ) Service
Account ͷྫ
·ͱΊ • TokenSource ɺೝূใͷऔಘΛಁաతʹͯ͘͠ΕΔͷ • API ୟ࣌͘ TokenSource ͚ͩΛҙࣝ͠Α͏ (ݱ࣮ͦΜͳʹ͘ͳ͍😇)
• ·ͣ TokenSource Λ͑ͳ͍͔Λݕ౼ͯ͠ΈΔ • ࠓճհͰ͖ͳ͔͕ͬͨɺ TokenSource Λͬͨ RoundTripper grpc callOptions ͳͲ͋ΔͷͰศར
knwoop
dip_tech
tinykitten
soutaro
kaityo256
t6adev
watura
makicamel
palkan
maroon1st
hadashia
pirosikick
kishikawakatsumi
letsgokoyo
cassininazir
sergeychernyshev
.png){kind=avatar}
helenjbeal
stephaniewalter
smashingmag
greggifford
codingconduct
jacobtomlinson
kneath
ammeep
