Upgrade to Pro — share decks privately, control downloads, hide ads and more …

About_JWT_at_NDS_39_Niigata_pm

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for ritou ritou
December 13, 2014
Technology
2
520

 About_JWT_at_NDS_39_Niigata_pm

NDS#39 Niigata.pm tech talk http://connpass.com/event/8695/ で発表した資料です。

Avatar for ritou

ritou

December 13, 2014
Tweet

More Decks by ritou

See All by ritou
[PR] はじめてのデジタルアイデンティティという本を書きました
Avatar for ritou ritou
1
850
“パスワードレス認証への道" ユーザー認証の変遷とパスキーの関係
Avatar for ritou ritou
2
6k
パスキー導入の課題と ベストプラクティス、今後の展望
Avatar for ritou ritou
12
7k
Password-less Journey - パスキーへの移行を見据えたユーザーの準備 + α
Avatar for ritou ritou
1
150
Password-less Journey - パスキーへの移行を見据えたユーザーの準備 @ AXIES 2024
Avatar for ritou ritou
4
1.8k
OIDF-J EIWG 振り返り
Avatar for ritou ritou
2
87
そのQRコード、安全ですか? / Cross Device Flow
Avatar for ritou ritou
4
630
MIXI Mと社内外のサービスを支える認証基盤を作るためにやってきたこと #MTDC2024
Avatar for ritou ritou
3
770
Passkeys and Identity Federation @ OpenID Summit Tokyo 2024
Avatar for ritou ritou
2
960

Other Decks in Technology

See All in Technology
Zephyr RTOS の発表をOpen Source Summit Japan 2025で行った件
Avatar for misoji engineer iotengineer22
0
280
AI開発をスケールさせるデータ中心の仕組みづくり
Avatar for Kazuyuki Miyazawa kzykmyzw
0
170
エンジニアとマネジメントの距離/Engineering and Management
Avatar for 小田中育生 ikuodanaka
3
650
AI推進者の視点で見る、Bill OneのAI活用の今
Avatar for SansanTech sansantech
PRO
1
160
Claude Codeベストプラクティスまとめ
Avatar for みのるん minorun365
50
28k
Azure SRE Agent x PagerDutyによる近未来インシデント対応への期待 / The Future of Incident Response: Azure SRE Agent x PagerDuty
Avatar for AEON aeonpeople
0
210
Tebiki Engineering Team Deck
Avatar for Tebiki, Inc. tebiki
0
23k
持続可能な開発のためのミニマリズム
Avatar for SansanTech sansantech
PRO
4
590
【northernforce#54】SalesforceにおけるAgentforceの位置づけ・事例紹介
Avatar for YutoSato yutosatou_kit
0
130
【5分でわかる】セーフィー エンジニア向け会社紹介
Avatar for Safie safie_recruit
0
41k
AWS監視を「もっと楽する」ために
Avatar for Uechi Shingo uechishingo
0
440
Agentic Coding 実践ワークショップ
Avatar for watany watany
41
27k

Featured

See All Featured
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
34
9.1k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
Avatar for Mike Taylor tmiket
1
82
Agile Leadership in an Agile Organization
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
75
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
135
9.7k
What the history of the web can teach us about the future of AI
Avatar for Ines Montani inesmontani
PRO
1
420
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
38
2.7k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
54k
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
65
8.4k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
Collaborative Software Design: How to facilitate domain modelling decisions
Avatar for Kenny Baas-Schwegler baasie
0
120
The Limits of Empathy - UXLibs8
Avatar for Cassini Nazir cassininazir
1
210
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1032
470k

Transcript

  1. 1

  2. • • • • 2

  3. 3

  4. 4

  5. • • • • • 5

  6. 6

  7. eyJ .eyJ . 7

  8. [Encoded Header] [Encoded Payload] [Encoded Signature] 8

  9. {"alg":"HS256","typ":"JWT"} 9

  10. {"name":"ritou","title":"About JSON Web Token","date":"2014-12-13"} 10

  11. “Encoded Header + ‘.’ + Encoded Payload” eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicml0b 3UiLCJ0aXRsZSI6IkFib3V0IEpTT04gV2ViIFRva2VuIiwiZGF0ZSI6I jIwMTQtMTItMTMifQ

    11

  12. 12

  13. 13

  14. 14

  15. • JWS(JSON Web Signature) : 署名つき • • JWA(JSON Web

    Algorithm) : 署名生成/暗号化の アルゴリズム • JWK(JSON Web Key) : 鍵まわり 15

  16. 16

  17. • • • • • • 17

  18. 18

  19. 19

  20. 20

  21. • 21

  22. iss [ID Tokenの発行元] sub [ユーザーID] aud [ID Tokenの発行先] 22

  23. • • • 23

  24. 24

  25. 25

  26. 26

  27. • • • • 27

  28. $options->{id} はセッションID(ランダムな文字列) $options->{id} $options->{id} 28

  29. my $cookie = crush_cookie($env->{HTTP_COOKIE} || '')->{$self- >{cookie_name}}; my $session =

    $self->{store}->get($cookie) or return; $session = $self->{serializer}->[1]->($session) if $self->{serializer}; 29

  30. • • Session IDを含むJWS • • JWS検証後 30

  31. ::JWSCookie $options->{id} はセッションID(ランダムな文字列) my $jws = encode_jwt({ id => $options->{id}

    }, $self->secret, $self->alg); $jws $jws 31

  32. ::JWSCookie my $cookie = crush_cookie($env->{HTTP_COOKIE} || '')->{$self->{cookie_name}}; # JWSの検証 $payload

    = decode_jwt($cookie, $self->secret, 0); 32

  33. ::JWSCookie my $id = $payload->{id}; my $session = $self->{store}->get($id) or

    return; 33

  34. • • • • 34

  35. 35

  36. http://d.hatena.ne.jp/ritou/20140927/1411811648 36

  37. • • • 37

  38. 38

  39. • • • • • 39

  40. 40

  41. • • • • • 41

  42. 42

  43. • • • 43

  44. 44

  45. • • • 45

  46. • • • 46

  47. 47