Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Authz
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
machu
July 29, 2020
Technology
320
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Authz
社内勉強会用
machu
July 29, 2020
More Decks by machu
See All by machu
NBAチームから学ぶ強いチームの作り方
machuz
0
63
Authorization to implement with Extensible Effect
machuz
0
460
アルプの 認証/認可分離戦略と手法
machuz
3
800
AuthzCtx - Alp社内共有会
machuz
0
100
アルプのEff独自エフェクト集 / Alp-original ’Eff’ pearls
machuz
1
2.3k
Scalebaseバックエンド構成について/the backend design of Scalebase
machuz
0
6.6k
SQL Meisterへの道 ~更新編~ / sql-meister-CUD
machuz
0
2.4k
SQL Meisterへの道 ~基礎〜参照編~ / sql-meister-R
machuz
0
2.8k
CQRS+ESをKinesis,Spark,RDB,S3でやってみた
machuz
0
3.5k
Other Decks in Technology
See All in Technology
スタートアップにAmazon EKSは早すぎる? マルチプロダクト戦略を加速する Platform Engineeringの実践 / Is Amazon EKS Too Soon for Startups? Practical Platform Engineering to Accelerate a Multi-Product Strategy
elmodev09
1
1.8k
IaC コードを資産へ:AWS CDK 社内ライブラリと横断展開 / aws-summit-japan-2026
gotok365
10
1.6k
徹底討論!ECS vs EKS!
daitak
3
1.7k
AIはどのように 組織のアジリティを変えるのか?
junki
4
1.4k
螺旋型キャリアの生存戦略 / kinoko-conf2026
rakus_dev
1
970
Kiro Ambassador を目指す話
k_adachi_01
0
130
クラウドファンディング版StackChan 3体(4体)をインタラクティブな体験型作品にして展示もした話 / スタックチャンお誕生日会2026
you
PRO
0
180
飲食店もAIで。レジ締めやハンディシステムをつくってる話 / Using AI for restaurant management
vtryo
0
160
ロボティクスの技術 / Robotics Technology
ks91
PRO
0
130
SteampipeとExcel Power QueryでAWS構成定義書の作成を自動化する
jhashimoto
0
180
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
540
【2026年版】 ベクトル検索とEmbedding最前線
mocobeta
23
7.5k
Featured
See All Featured
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
1.1k
How Software Deployment tools have changed in the past 20 years
geshan
0
34k
Site-Speed That Sticks
csswizardry
13
1.2k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.7k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.3k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.3k
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
580
The Limits of Empathy - UXLibs8
cassininazir
1
370
Reality Check: Gamification 10 Years Later
codingconduct
0
2.2k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
870
Transcript
AuthZ
Agenda 1. AuthZͱAuthNͷҧ͍ 2. ೝՄͷछྨ 3. AuthzIOͷσʔλߏ 4. AuthzIOͷίϚϯυ 5.
·ͱΊ
1. AuthZͱAuthNͷҧ͍
େલఏ ೝূʢAuthNʣͱೝՄʢAuthZʣ ࣅͯඇͳΔ֓೦Ͱ͋Δ
ೝূ ~AutheNtication ~ ର͕ʮ୭ʯͰ͋Δ͔Λಛఆ͢Δ
ೝՄ ~AuthoriZation ~ ҙͷϦιʔεʹର͠ɺ ҙͷΞΫγϣϯͷڐՄ/ڋ൱Λ੍ޚ͢Δ
զʑਓؒɺࢹ֮,ௌ֮,ᄿ֮ͳͲ ༷ʑͳใΛͬͯଞਓΛೝূ͍ͯ͠Δɻ ͦͯ͠ɺೝূͨ͠ଞਓ͕ʮ୭ʯͰ͋Δ͔ʹΑͬ ͯߦಈΛೝՄ͍ͯ͠Δɻ(ΑͶʁ)
※Βͳ͍ਓʢೝূΤϥʔʣʹ ͍͖ͳΓ͔͚ΒΕͨΒʢೝՄΤϥʔʣϏϏΓ·͢ɻɹ
γϯϓϧͳཁ݅Ͱ ೝূͱೝՄࠞಉ͞Ε͕ͪɻ
୭Ͱ͋Δ͔͕͔Εɺ ԿΛೝՄ͢Δ͔ࣗ໌͔ʁ
͜ͷ͍ ʮҕৡʯͷඞཁ͕ͳ͚Εਅ ͋ΕِͱͳΔ
γϯϓϧͳೝূ/ೝՄ ᶃೝূཁٻ(ID/Pass) ᶄೣഎϚϯͰ͋Δ͜ͱΛ֬ೝ ᶅೣഎϚϯʹೝՄ͞Εͨ ΞΫγϣϯΛ࣮ߦͰ͖Δ ϢʔβʔೣഎϚϯ ͘͢͝γϯϓϧͳγεςϜ
࣮Λߟ͑ͯΈΔ • ೝূ • ϩάΠϯޭͨ͠ΒτʔΫϯΛฦ͢ • ͦΕͧΕͷAPIτʔΫϯ͕ਖ਼ৗͳΒޙଓͷॲཧΛڐՄ͢ Δ • ͜͜ʹೝՄΛ࣮͢Δͱͨ͠Βʁ
• (Ϣʔβʔ|ϩʔϧ)ݻ༗ͰڐՄ͍ͨ͠ΞΫγϣϯΦϖϨʔ λʔIDϩʔϧIDͱඥ͚ͯϗϫΠτϦετ/ϒϥοΫϦ ετͰอଘ͠ɺAPIͷॲཧͷલఏ݅ͱ͢Δ
ҕৡ༗Γೝূ/ೝՄ ᶃӾཡݖݶΛҕৡͨ͠ΩʔΛൃߦ ϢʔβʔೣഎϚϯ botͷҙͷ࣮ߦऀ APIΩʔ ᶄΩʔΛར༻͠ɺҕৡ͞ΕͨΞΫγϣϯΛ࣮ߦ͢Δɻ ɹΩʔͷೝূߦ͏͕ɺೣഎϚϯ͔൱͔ɺ ɹ࣮ߦऀ͕୭Ͱ͋Δ͔ͷೝূߦΘͳ͍ɻ ͘͢͝ෳࡶͳγεςϜ
࣮Λߟ͑ͯΈΔ • ೝূ • ϢʔβʔAPIΩʔΛ࡞ΕɺͦΕΛͤࣗͷID/PassΛڞ༗ͤͣͱࣗ ͷ࣋ͭݖݶΛҕৡͰ͖Δ • APIΩʔͷೝূߦ͏(firebaseͰͬͯ·͢Ͷ) • APIΩʔిंͷූͷΑ͏ͳͷɻූΛങͬͨਓ֬ೝ͠ͳ͍͚Ͳ
ූ֬ೝ͢Δ • ೝՄ • લड़ͷϢʔβʔϩʔϧʹඥ͚ͮͯͷೝՄॲཧ࣮Λߦ͏ͱڽूͷ͍࣮ ʹͳΔͷ͕ΠϝʔδͰ͖ΔͩΖ͏͔ɾɾɾ • લड़ͷ࣮ͩͱɺූͷ֬ೝΛߦ͍͍ͨͷʹɺූͷൃߦऀ·ͰͨͲΔ͜ ͱʹͳͬͯ͠·͏ɻ
APIΩʔΛྫʹग़͕ͨ͠ɺ͔ͬ͠Γ࡞Ε inviteϦϯΫʹͬͯΔτʔΫϯͳͲ৭Μͳॴʹྲྀ༻ՄೳͰ͢ɻ ʢ͢Δ͔ผͷ) ಉ͡Α͏ͳॲཧΛ ৭Μͳॴʹಠ࣮ࣗͤͣʹࡁΉ
2. ೝՄͷछྨ
ACL ʢAccess Control Listʣ ▪ͲΜͳͭʁ □ ΞΫηεϦετ □ ໊લ͕ొ͞ΕͯΕOKͳγϯϓϧͳͭ ▪Pros
□ γϯϓϧ ▪Cons □ γϯϓϧ͗ͯ͢ࡉ੍͔͍ޚͰ͖ͳ͍
RBAC ʢRole-Based Access Controlʣ ▪ͲΜͳͭʁ □ ϩʔϧΛׂΓৼΔͭ ▪Pros □ υϝΠϯݴޠͱϚον͍ͤ͢͞
□ ACLΑΓࡉ੍͔͍ޚ͕Մೳ ▪Cons □ Role explosion ίϯςΩετAͰϩʔϧAɺίϯςΩετBͰϩʔϧBͳͲɺ ෳࡶߋʹࡉ੍͔͍ޚ͕ͨ͘͠ͳΔͱϩʔϧ͕૿͑͗ͯ͢ഁ͢Δ ʢRoleAʹActionAΛՃ͍͚ͨͩ͠ͳͷʹ৽ͨͳϩʔϧΛ࡞͢Δ…) □ ׂʹറΒΕ͗͢Δ Ұ࣌తͳݖݶɺϢʔβʔͷଐੑΞΫγϣϯͳͲʹΑͬͯॊೈʹݖݶ༩͢Δ͜ͱ͕͍͠ ʢࣄલʹϩʔϧΛ༻ҙ͠ͳ͍ͱ͍͚ͳ͍ͷͰ)
ABAC ʢAttribute-Based Access Controlʣ ▪ͲΜͳͭʁ □ ڐՄ/ڋ൱͢ΔΞΫγϣϯଐੑΛׂΓৼΔͭ ▪Pros □ RBACΑΓॊೈ͔ͭࡉ੍͔͍ޚ͕Մೳ
▪Cons □࣮͕େม
AuthzIOABACͰ͢ ※Action-Attributeʹߜ͍ͬͯΔ
3. AuthZIOͷσʔλߏ
ߏཁૉ AttachedPolicy ├AccountId └Seq[Policy] ├Action ├PermissionReason ├Seq[Resource] └ExpirationDate
AttachedPolicy • AccountId + AccountʹׂΓͯΒΕͨϙϦγʔͷϦετ ΛͭAuthzίϯςΩετͷू • AccountID + AccountType
͔ΒΓɺOperator,API KeyͷPrincipalΛಉ͡ܕͰཧͰ͖ΔͷͰݖݶΛಉ͡ σʔλߏͰҰݩతʹཧ͢Δ͜ͱ͕Ͱ͖Δ
Policy • ݖݶͷجຊ୯Ґ • Action + PermissionReason + Seq[Resource] +
ExpirationDateͰߏ͞ΕΔ
Action • ͦͷ໊ͷ௨ΓAction • ADTͰఆ͓ٛͯ͠ΓɺStringʹΤϯίʔυ͢ΔͱͷΑ͏ ͳܗʹͳΔɻ(DBʹೖΔͱ͖͜Ε) • s"${αʔϏε໊}:${Action༰}" • “Dashboard:AnalysisViewer”
తͳ • αʔϏεͷ୯ҐίϯςΩετʹ͢Δ͔
ExpirationDate • ݖݶͷ༗ޮظݶ • ݖݶ՝ۚใΛ֬ೝͯ͠όονͳͲͰఆظత ʹফͨ͠Γ͢Δͱࡶʹͳ͍ͬͯ͘ͷͰظݶ͕͖ Ε͍ͯΔݖݶϥΠϑαΠΫϧͰࣗવʹফ͑ͯ ͍͘Α͏ʹ͢Δ
Resource • ΞΫγϣϯͷର • ResourceΛࢦఆͤͣʹߦ͏ActionͰར༻͠ͳ͍ • ݱঢ়ResourceຖʹظݶΛઃఆ͍ͨ͠߹2ͭϙϦ γʔΛ࡞͍ͬͯΔʢॲཧ؆ུԽͷͨΊ)
PermissionReason • ݖݶ͕༩͞Εͨཧ༝(༝དྷ) • ※ྫɿ • CloudSignͰܖΛ݁Μͩ • खಈͰҰ࣌తʹ༩ͨ͠ •
τϥΠΞϧͰظؒݶఆ༩ • ͜ΕίϯςΩετ͝ͱʹϞδϡʔϧΛΔஅΛԼͨ͠ γεςϜಛ༗ͷ͋ͬͨ΄͏͕ྑ͍ใͱ͍͑Δ͔ • ڽूੑΛߴΊΔͨΊʹ͜ͷใ͕ඞਢ
PermissionReasonΛগ͠ਂ΅Δ
ίϯςΩετΛ·͙ͨݖݶ༩/ണୣͷॲཧΛ࣮ߦ͢Δࡍʹɺ ॲཧ࣮ߦݩͷίϯςΩετReason͍͑ͬͯ͞Εྑ͍ͷͰ ࣮͕ͱͯγϯϓϧʹͳΔ
ྫͱͯ͠ ͱ͋ΔτϥΠΞϧݖݶΛ আ͢ΔॲཧΛߟ͑Δ
Authzͷఆظόον AuthN-API PermissionReasonφγ ͷͺͯ͌ʔΜ Authz-DB ͦͷଞͷίϯςΩετ ֎෦API ᶃτϥΠΞϧঢ়ଶ͕༗ޮͰ͋Δ͔֬ೝ ᶄτϥΠΞϧҎ֎ͷํ๏Ͱݖݶ͕ ༩͞Ε͍ͯΔՄೳੑΛ֬ೝ
ᶅݖݶΛআ
ॲཧͷରͱ͍ͨ͠ݖݶ͕Կ༝དྷ͔ γϯϓϧͳγεςϜͳΒݩσʔλݟΕ͍ ͍͡ΌΜͰࡁΉ͕ɺෳࡶʹͳΔͱࢀরઌ͕ ૿͔͑ͯͳΓେม
Authzͷఆظόον PermissionReasonΞϦ ͷͺͯ͌ʔΜ Authz-DB ᶃReason͕τϥΠΞϧͷݖݶΛআ
ଞʹ
ݖݶͱݖݶ༩ཧ༝ͷ ϛεϚον • - ଟॏ՝͕ۚ͋Δ߹͕ଟ͍ͷͰϢʔβʔ௨͢Δඞཁ͕͋Δ • - ଟॏݖݶͳ͍έʔεଟʑ͋ΔʢτϥΠΞϧͱຊܖ͕͔Ϳͬͯͯผʹྑ͍ΑͶతͳ) • -
AuthzͷReasonͰଟॏݖݶΛཧ͠ɺPaymentͰଟॏ՝ۚΛཧ͢ΔɻೝՄΛͯ͠ͳ͔ͬͨ ΓɺReason͕ͳ͔ͬͨΓ͢Δͱ͜͜ͷ۠ผ͕͍͠ • - ҙࣝ͠ͳ͍͜ͱʹΑΔརศੑ͋Δ͋ΔͷͰɺ • ҙࣝ͠ͳ͍͜ͱʹΑΔརศੑྫ • ͱΓ͋͑ͣࡶʹݖݶΛফ͍ͨ͠έʔε • ෳͷखஈͰ՝ۚ͞Ε͍ͯΔ߹ͷΈΤϥʔʹ͢ΔɻτϥΠΞϧ+1ͭͷ՝ۚखஈͷ߹྆ ํফ͢ɻτϥΠΞϧͷΈ|1ͭͷ՝ۚखஈͷΈͷ߹ফ͢ͷཁ݅) • ͷΑ͏ʹɺ݁ہࡶʹফͤͳ͍ͷͰҙࣝ͢Δ͔ɺΤϥʔέʔεΛࣺͯΔ͔ʹͳΔɻ
4. AuthZIOͷίϚϯυ
͜Ε͚ͩ • ࢀর/ߋ৽(Show/Add/Remove) • Request(ResourceࢦఆΞϦ/φγ)
ίʔυ sealed abstract class AuthzIO[A] {} // support case class
ShowPolicy(principal: AccountId) extends AuthzIO[AttachedPolicy] // manage case class AddPolicy(principal: AccountId, policy: Policy) extends AuthzIO[AttachedPolicy] case class AddPolicies(principal: AccountId, policies: Seq[Policy]) extends AuthzIO[AttachedPolicy] case class RemovePolicy(principal: AccountId, policy: Policy) extends AuthzIO[AttachedPolicy] case class RemovePolicies(principal: AccountId, policies: Seq[Policy]) extends AuthzIO[AttachedPolicy] // request case class RequestPolicy(principal: AccountId, actionSeq: Seq[Action]) extends AuthzIO[Unit] case class RequestPolicyToResource( principal: AccountId, principalActionSeq: Seq[Action], // ࢦఆͨͯ͢͠ͷΞΫγϣϯʹର͠ɺ resourceSeq: Seq[Resource], // ରͷresource͕ڐՄ͞Εͯͳ͚ΕNGͱ͢Δ resourceAllowedActionSeq: Seq[Action] ) extends AuthzIO[Unit] // requestBool case class RequestBoolPolicy(principal: AccountId, actionSeq: Seq[Action]) extends AuthzIO[Boolean] case class RequestBoolPolicyToResource( principal: AccountId, principalActionSeq: Seq[Action], // ࢦఆͨͯ͢͠ͷΞΫγϣϯʹର͠ɺ resourceSeq: Seq[Resource], // ରͷresource͕ڐՄ͞Εͯͳ͚ΕNGͱ͢Δ resourceAllowedActionSeq: Seq[Action] ) extends AuthzIO[Boolean]
͍ํΠϝʔδᶃ • RequestBoolΛෳύλʔϯ࣮ߦͯ݁͠ՌΛ߹ͯ͠Α͠ • requestBoolbooleanΛฦ͢ͷͰෳͷ݁ՌΛղͯ͠νΣοΫͯ͠OK(ͷදݱྗΛ ࣋ͭ(Bool) • ৄ͘͠ ͷهࣄΛࢀর •
https://www.slideshare.net/oarat/ss-55487535 • ෛݩ(ϚΠφε)͕ͳͯ͘Ճ๏+๏ͷ͋Δू߹ͷ͜ͱͰɺཁॱ൪Λม͑ͯ݁ՌมΘ ΒΜΑͶɻҙຯͰଊ͑Δͱྑ͍(Ϋιͬ͘͟ΓͰ͝ΊΜͳ͍͞) • requestBooleanΛ͍͍ͪͪఆ͢Δͷ͕໘ͳέʔεଟ͍ͷͰUnitΛฦ͠ɺfalseͷ߹ Either.leftΛEffʹಥͬࠐΜͰฦͯ͘͠ΕΔͷͰ݁Ռͷ߹͕ෆཁͳ߹͜ΕΛ͏ • ShowͰPolicyҾͬு͖֤ͬͯͯίϯςΩετͰࡉ͔͍ॲཧͯ͠Α͠ʢ͋·Γఆ͍ͯ͠ͳ͍) • enforce(σʔλͷϑΟϧλ)ɺAuthzIOʹRepositoryͯ͠InterpreterͰϑΟϧλͰ͖ΔΑ͏ ʹ͢Δͷߟ͕͑ͨநߴ͘ͳΓ͗͢Δׂʹ͍ʹ͍͘͠ɺΧόʔͰ͖Δ༻్ڱ͘ͳΓͦ͏ ͩͬͨͷͰɺΘ͔Γ֤͘͢ίϯςΩετͷDomainServiceͰrequestͷ݁ՌΛݩʹϑΟϧλ͢Δ ͷ͕ྑ͍ͱஅͨ͠ɻ
͍ํΠϝʔδᶄ
͍ํΠϝʔδᶅ • ͜ͷΑ͏ʹɺఆ͢Δཁૉ͕͍ͭ͘૿͑ͯ|| &&ͷԋࢉ ͰରॲͰ͖Δ • ྫ͑ɺ͓͔ΘΓϓϥϯ nճ͔ͭɺΩϟϯϖʔϯίʔ υhogeΛར༻ͨ͜͠ͱ͕͋ΓɺաڈʹTOEIC,egs,Bizʹ ೖͬͨ͜ͱ͋Δ͚ͭͩʹݖݶΛ༩͑ΔʂΈ͍ͨͳཁ
݅γϯϓϧʹදݱͰ͖Δʢଋͩͱ͍
ͱଋ • ଋScalaͷܕͷAny <-> Nothing ΛΠϝʔδ͢ΕOK • ࢝ͱऴ͕ܾ·͓ͬͯΓɺͦͷؒͷͲΕ͔ʹܕଐ͢Δ • ݖݶΛ͜ͷߏͰදݱ͢Δͱɺ͋ΒΏΔΈ߹ΘͤΛܕʹམͱ͢ඞཁ͕͋Γɺexplosion͢Δ
ʢݱঢ়ɺEgsAndTOEIC, EgsAndBiz, EgsAndPersonalCoachͳͲΛbitԋࢉΆ͘ѻͬͯΔͷ Ͱগ͠Ϛγ͕ͩɺ͜ΕʹҰͭҰͭܕΛ͚ͭΔͱ͖ͼ͍͠) • BooleanΛΠϝʔδ͢ΕOK(Booleanͱ४ಉܕͰ͋ΔɻBool) • ධՁ͢Δॱ൪Λม͑ͯ݁ՌมΘΒͳ͍ • ͱੵͷ2ͭͷԋࢉΛͭू߹Ͱɺަ,݁߹,ͷଇΛຬͨ͢ • A = (true && false) => false • B = (false || true) => true • C = A && B = false • A,Bʹग़ͯ͘Δɺtrue,falseΛͲ͏ೖΕସ͑ͯCͷ݁ՌมΘΒͳ͍ΑͶΈ͍ͨͳ͜ͱ͕ݴ͍͍ͨ (Ϋιͬ͘͟ΓͰ͝ΊΜͳ͍͞) • ݖݶ৭ΜͳཁૉΛߟྀ͢Δඞཁ͕͋Δ͔Β͜ͷߏ͕ࢫ͍
5. ·ͱΊ
• ೝূͱೝՄ͠ͳ͍ͱෳࡶͳཁ݅Λ࣮ݱ͢Δࡍʹ௧ΈΛ͏ • ೝՄํࣜABACΛ࠾༻ • AuthzߏΛ࠾༻ͯ͠Δͧ(ܕϨϕϧʹΤϯίʔυͯ͠ͳ͍) • enforcedomainServiceͰrequest/requestBoolΛ࣮ͬͯͯ͠ ͍ͧ͘ •
ϑϩϯτͰݖݶͰϋϯυϦϯά͍ͨ͠έʔε͋ΔͷͰɺͲΜͳ ܗͰฦ͔͢૬ஊ͍ͨ͠(isAnalysis=true,Έ͍ͨͳͷΛແݶʹ૿ ͍͍ͯ͠͠ɺshowPolicyͰऔΕΔ݁ՌΛͦͷ··ͯ͠OK)ɹ • ͜ͷهࣄ࠷ߴͳͷͰಡΉͱྑ͍ • https://kenfdev.hateblo.jp/entry/2020/01/13/115032
͓ΘΓ