Upgrade to Pro — share decks privately, control downloads, hide ads and more …

STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Takuya Matsumoto Takuya Matsumoto
October 22, 2021
Technology
3.3k
5

STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って

https://kaigionrails.org/2021/talks/upinetree/

Avatar for Takuya Matsumoto

Takuya Matsumoto

October 22, 2021

More Decks by Takuya Matsumoto

See All by Takuya Matsumoto
STORES におけるセッションストアへの Amazon MemoryDB for Redis の活用と、移行戦略 / MemoryDB for STORES Session Store
Avatar for Takuya Matsumoto upinetree
2
4.8k
バックエンド基盤チームのお仕事 / The value of the backend base team
Avatar for Takuya Matsumoto upinetree
0
3.8k
CSSの技術的負債との向き合い方 / How to Deal with Technical Debt of CSS (ja)
Avatar for Takuya Matsumoto upinetree
5
4.4k
How to Deal with Technical Debt of CSS
Avatar for Takuya Matsumoto upinetree
1
610
書籍紹介LT:現場で使える Ruby on Rails 5 速習実践ガイド
Avatar for Takuya Matsumoto upinetree
0
220
Introduction to Entering Test Design (Japanese)
Avatar for Takuya Matsumoto upinetree
0
870
Hello React
Avatar for Takuya Matsumoto upinetree
4
300
history of nicorepo gem and me
Avatar for Takuya Matsumoto upinetree
0
180
Visualize team communications on github
Avatar for Takuya Matsumoto upinetree
4
1.3k

Other Decks in Technology

See All in Technology
インフラが苦手でも大丈夫! 紙芝居 Kubernetes -WWGT 10周年編-
Avatar for Aoi Takahashi aoi1
1
310
ポスター発表&デモと総括 / Poster Presentations & Demonstrations and Summary
Avatar for Kenji Saito ks91
PRO
0
170
AI時代の私の技術インプットとアウトプット術
Avatar for tonkotsuboy_com tonkotsuboy_com
15
8k
OpenID Connectによるサービス間連携
Avatar for Shigeki Shoji takesection
0
150
コードレビューを制するチームがソフトウェアデリバリーのフローを制す / Beyond Code Review: Distributing Its Responsibilities Across the SDLC
Avatar for mtx2s mtx2s
3
490
サプライチェーンセキュリティの空白地帯 - 信頼できる”依存性”の未来を考える
Avatar for Hiroki Suezawa (@rung) rung
PRO
2
510
AI-DLCを活用した高品質・安全なAI駆動開発実践 / AI Driven Development
Avatar for 吉田真吾 yoshidashingo
1
270
oracle-to-databricks-migration-with-llm-and-dbt
Avatar for case-k-git casek
1
380
個人の発見を、組織の知恵に 〜生成AI活用を"探索"から"組織の仕組み"へ〜
Avatar for KintoTech_Dev kintotechdev
2
190
Oracle Cloud Infrastructure:2026年5月度サービス・アップデート
Avatar for oracle4engineer oracle4engineer
PRO
1
270
『家族アルバム みてね』における インシデント対応との向き合い方 / Approach incident response in Family Album
Avatar for kohbis kohbis
2
280
形式手法特論:公平性制約の位相的特徴づけ #kernelvm / Kernel VM Study Kansai 12th
Avatar for y_taka_23 ytaka23
1
640

Featured

See All Featured
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
141
7.5k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
183
10k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
Avatar for Eileen M. Uchitelle eileencodes
141
35k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
How to Align SEO within the Product Triangle To Get 
Buy-In & Support - #RIMC
Avatar for Aleyda Solis aleyda
2
1.5k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
Avatar for David Carrasco davidcarrasco
0
150
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
55
8.2k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
191
11k
Building the Perfect Custom Keyboard
Avatar for Naoto Takai takai
2
780
HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy
Avatar for Marco Roth marcoroth
1
130

Transcript

  1. STORES ΁ͷ ID ج൫ͷ ಋೖͱɺϢʔβʔΞΧ΢ ϯτͷҠߦΛৼΓฦͬͯ 2021.10.22 Kaigi on Rails

    2021

  2. Who? Takuya Matsumoto @upinetree • hey ࣾ • Ruby, EM

    • ☕ , " , # • ڞஶ: ݱ৔Ͱ࢖͑Δ Ruby on Rails 5 ଎श࣮ફΨΠυ, 2018 ϑϩϦμ WDW ʹͯ (2019)

  3. ϓϥοτϑΥʔϜ Platform Photo by Roman Fox on Unsplash https://unsplash.com/photos/-iVNDAOeXn8

  4. ౔୆…ʁ • OSɺϋʔυ΢ΣΞɺήʔϜͱ͔ͷಈ࡞؀ڥ • ࣾ಺ͷج൫γεςϜ • App StoreɺSteam ͷΑ͏ͳ഑৴؀ڥ •

    AWSɺGoogle Workspace ͷΑ͏ͳෳ਺αʔϏεͷू߹ମ 4

  5. ͓ళͷσδλϧΛ·Δͬͱαϙʔτ 5

  6. ϓϥοτϑΥʔϜ͕ఏڙ͍ͨ͠Ձ஋ • STORES ϓϥοτϑΥʔϜͱͯ͠౷߹͞ΕͨମݧΛಘΒΕΔ • ҰճαΠϯΞοϓ͢Ε͹ɺԣஅͰ͍ΖΜͳσδλϧԽͷࢧԉ Λड͚ΒΕΔ 6

  7. ݱ࣌఺Ͱ͸ • ͦΕͧΕͷϓϩμΫτ͕ಠཱͯ͠ଘࡏ͠ɺͦΕͧΕͰαΠϯ Ξοϓ͕ඞཁ • ϓϥοτϑΥʔϜͱͯ͠౷߹͞Εͨମݧ͸ݶఆత • ࠷ॳ͔ΒϓϥοτϑΥʔϜͱͯ͠ઃܭ͞Ε͍ͯͳ͍ͨΊ ٕज़తʹ΋·Δͬͱͭͳ͍͛ͯ͘ඞཁ͕͋Δ 7

  8. ΞΧ΢ϯτͷ౷߹ Photo by Daniel Olah on Unsplash https://unsplash.com/photos/VS_kFx4yF5g

  9. ࠓ೔͓࿩͢Δ͜ͱ • ωοτγϣοϓ࡞੒αʔϏε STORES ΁ͷ ID ج൫ಋೖͷ࿩ • ΍ͬͨ͜ͱ΍ۤ࿑ͨ͜͠ͱΛৼΓฦΓɺֶͼΛڞ༗ •

    ૊৫ؒௐ੔΍ίϛϡχέʔγϣϯͷ࿩͸ࠓճ͸ׂѪ ※νʔϜͷ੒ՌΛɺࢲ͕୅ද͓ͯ͠࿩͠·͢ 9

  10. ΞΧ΢ϯτͷ౷߹ʹඞཁͳ͜ͱ • ID ج൫ͱ͍͏γεςϜΛ࡞Δ • طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ 10

  11. ΞΧ΢ϯτͷ౷߹ʹඞཁͳ͜ͱ ID ج൫ͱ͍͏γεςϜΛ࡞Δ • ։ൃνʔϜ͕ൃ଍ • Go + Next.js ੡

    • ຊൃදͷର৅֎ ! طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ • ࠷ॳͷಋೖઌ͸ɺωοτγϣοϓ ࡞੒αʔϏεͷ STORES • Rails + Nuxt.js ੡ • զʑ͕୲౰ • 3 ਓνʔϜ w/ @HolyGrail, ۀ຿ҕୗͷํ • ຊൃදͰѻ͏಺༰ 11

  12. STORES ΁ͷ ID ج൫ͷಋೖํ਑ • ೝূํࣜͷ௥ՃͰ͸ͳ͘ɺΞΧ΢ϯτҠߦ͠ೝূํࣜΛ੾Γସ͑ Δ • ࠷ॳͷಋೖͳͷͰɺ৽͍͠ೝূํࣜͷૌٻ͸೉͍͠ •

    ͨͱ͑͹ʮSTORES ϓϥοτϑΥʔϜͰϩάΠϯʯ͸ࠞཚͷ΋ ͱ • ΞΧ΢ϯτҠߦͷͨΊʹϢʔβʔૢ࡞ΛٻΊͳ͍ • ཪଆͰ͍͍ײ͡ʹɺͰ͖Ε͹μ΢ϯλΠϜͳ͠Ͱ҆શʹ੾ΓସΘΔ 12

  13. Ͳ͏΍ͬͨͷ͔ 13

  14. ϓϩτίϧ • OpenID Connect (OIDC)1 ४ڌ • OAuth 2.0 ্ʹ৐͔ͬͬͨγϯϓϧͳΞΠσϯςΟςΟϨ

    ΠϠʔ • ID ࿈ܞΛ͍͍ײ͢͡Δϓϩτίϧ • omniauth_openid_connect gem Λར༻ 1 https://openid.net/connect/ 14

  15. ೝূํࣜͷ੾Γସ͑Ͱ΍Δ͜ͱ • ભҠઌ΍ϦμΠϨΫγϣϯͷ੾Γସ͑ • طଘΞΧ΢ϯτͷσʔλҠߦ 15

  16. ભҠઌ΍ϦμΠϨΫγϣϯͷ੾Γସ͑ • Feature Toggle + τϥϯΫϕʔε։ൃ • ! • վमൣғ͕޿ͯ͘΋ڝ߹ͷϦεΫ͕௿

    ͍ • ৽͍͠γεςϜΛฒߦͯ͠࡞Γͳ͕ Βɺஈ֊తʹಋೖͷ४උ͕Մೳ • ϩʔϧόοΫ͕༰қ (σʔλΛআ͍ͯ) 16

  17. طଘΞΧ΢ϯτͷσʔλҠߦ ର৅σʔλ • ϝʔϧΞυϨε • ϋογϡԽࡁΈύεϫʔυ 17

  18. طଘσʔλҠߦͷྲྀΕ 1. ࣄલม׵ 2. ҰׅҠߦ 3. ࡞੒ɾߋ৽ΛϑοΫͯ͠μϒϧϥΠτ 4. ID ج൫͔Βͷσʔλಉظ

    18

  19. 19

  20. 20

  21. 21

  22. 22

  23. ଞʹ΍ͬͨ͜ͱΛ͔͍ͭ·ΜͰ • ೝূೝՄྖҬͷֶश • ։ൃ؀ڥͷ੔උ 23

  24. ೝূೝՄྖҬͷֶश ϦϞʔτษڧձΛ։࠵ • OAuth 2.1 RFC ΛಡΉձ • OpenID Foundation

    Japan ͷΤόϯδΣϦετͷํʑʹ૬ஊ͢Δձ2 ޮՌ • ਖ਼֬ͳཧղͷଅਐɺෆ҆ཁૉͷղফɺΑΓΑ͍ํ๏΁ͷؾ෇͖ • ϝϯόʔͷೝࣝΛ߹Θͤͯڞ௨ݴޠΛ֫ಘ 2 https://www.openid.or.jp/blog/cat170/ 24

  25. ։ൃ؀ڥͷ੔උ • ID ج൫ͱ STORES ͸ͦΕͧΕ docker compose Ͱ։ൃ؀ڥΛߏங •

    ઃఆʹ݁߹఺Λ࡞Γͨ͘ͳ͍ʢΤϯυϙΠ ϯτࢦఆɺϙʔτ൪߸ॏෳճආͳͲʣ • => STORES ͔Β ID ج൫Λ Docker in Docker3 (dind) Ͱىಈ • ࿈ܞ͕ෆཁͳͱ͖͸ೝূϞοΫͰܰྔԽ • ಉظपΓͷ SNS, SQS ͸ localstack Ͱ ϞοΫ 3 https://hub.docker.com/_/docker 25

  26. ۤ࿑ͨ͜͠ͱ 26

  27. ۤ࿑ͨ͜͠ͱ ଓʑͱൃ۷͞ΕΔٕज़తɾ࢓༷తͳෛ࠴ • ͍͟ઃܭํ਑ΛܾΊͯਐΊͯΈΔͱɺͲΜͲΜ໰୊͕ൃ۷͞ Εͯ͘Δ • ٕज़తͳ΋ͷɺ࢓༷తͳ΋ͷͷ྆ํ͋ͬͨ 27

  28. ۤ࿑ͨ͜͠ͱ ๦͛ͱͳΔٕज़తෛ࠴ͨͪ΁ͷରॲ • ෆཁͳػೳɺ࣮૷ • ͲΜͲΜ࡟আͯ͠վमൣғΛڱΊΔ • ෼͔ΓͮΒ͍࣮૷ • ෳࡶੑ͕ߴ·ΔϦεΫΛݮΒ͢Α͏ϦϑΝΫλϦϯά

    28

  29. ۤ࿑ͨ͜͠ͱ ๦͛ͱͳΔ࢓༷ͨͪ΁ͷରॲ • ഇࢭ༧ఆ͕ͩͬͨௐ੔ະ࣮ࢪͷ··ͩͬͨػೳ • ϓϩμΫτνʔϜʹਪਐΛґཔɺҰ෦ר͖औ࣮ͬͯࢪ • ഇࢭݕ౼Ͱ͖ͦ͏ͳػೳ • ࢖༻ঢ়گͷ֬ೝɺඞཁͳௐ੔Λ࣮ࢪ͠ഇࢭ

    • ͳͥ͜͏ͳ͍ͬͯΔͷ͔୭΋෼͔Βͳ͍࢓༷ • ߟݹֶऀͱͳΔ͔ɺߟݹֶऀʹॿ͚ΛٻΊͯɺ͋Δ΂͖ঢ়ଶΛߟܾ͑Ί Λ࡞Δ 29

  30. ۤ࿑ͨ͜͠ͱ طଘσʔλͷ੔ཧ • Ҡߦ͕೉͍͠σʔλͷରॲ • ෆཁͳσʔλΛҠߦ͠ͳ͍ͨΊͷҠߦର৅ͷ੔ཧ • Ҡߦޙͷ੔߹ੑʹϦεΫͷ͋Δσʔλͷௐ੔ 30

  31. ۤ࿑ͨ͜͠ͱ αʔϏεݸผͷࣄ৘ vs ڞ௨ج൫ͷීวੑ • ࠷ॳͷ࿈ܞαʔϏεͱͯ͠ɺࣗવͳϢʔβʔମݧΛఏڙͨ͠ ͍ • Ұ࣌తʹ ID

    ج൫ͱ STORES Ͱີ݁߹ʹͳΔ෦෼͕ੜ͡Δ • ؾ࣋ͪѱ͍͕ɺ୹ظతͳ໨తͷͨΊʹҰఆ͸ڐ༰͠ɺ࣍ͷऔ Γ૊ΈͰղফΛܭը • ID ج൫ʹෛ࠴Λ๊͑ͯ΋Β͍ͬͯΔঢ়گ 31

  32. େ͖ͳτϥϒϧ΋ͳ͘ϦϦʔε׬ྃ Photo by Wil Stewart on Unsplash https://unsplash.com/photos/UErWoQEoMrc

  33. ֶͼ 33

  34. ֶͼ ٕज़తෛ࠴ͱͷ޲͖߹͍ํ • جຊతʹ͸ී௨ͷ։ൃͱಉ͕ͩ͡ɺଟ͘͸ޙ͕ͳ͍ঢ়ଶͰݱΕ Δ • Լखʹଥڠ͢ΔͱγεςϜԣஅͷෛ࠴ʹͳΔ • طଘͷ࣮૷ʹܟҙ͸෷͏͕዁౓͠ͳ͍ •

    ԿΒ͔ͷཧ༝͕͋ͬͯੵΈ্͛ΒΕͨݱঢ়΁ͷܟҙ • ͜Ε͕ਖ਼͍͠ͱࢥ͏ͷͰ͜ΕͰߦ͖·͢ͱ͍͏༐ؾ 34

  35. ֶͼ ਫ໘Լͷ໰୊ͷදग़λΠϛϯά • ҰาਐΉͨͼʹ࣍ʑͱ໰୊͕ൃ۷͞ΕΔͱ͖͕͋Δ • γεςϜҠߦ΍෼ׂʹ͓͍ͯ͸ɺଟ͘ͷ৔߹ͦ͏͍͏΋ͷͰ͋Δ • ӅΕͯͳΜͱ͔ͳ͍ͬͯͨॲཧɺ͍͔ͭ΍Ζ͏ͱอཹ͞Ε͍ͯͨ࢓ ༷ •

    ͜͏ͨ͠ੑ࣭͔Βɺظݶ΁ͷίϛοτ͸ͮ͠Β͍͜ͱΛཧղ͓ͯ͘͠ • ுΓ੾ͬͯ΍͚ͬͭΔνϟϯεͱલ޲͖ʹߟ͑Δ 35

  36. ֶͼ ೉͍͠໰୊ͷམͱ͠ॴΛܾΊΔ • ਫ໘Լ͔Βදग़ͨ͠໰୊ɺγεςϜҠߦʹ൐͏໰୊ • ೉͍͠໰୊͕࣍ʑͱग़͖ͯͯɺϦϦʔεʹͳ͔ͳ͔͚ۙͮͳ͍যΓ • ׬ᘳͳղܾࡦΛߟ͑ͯ͠·͏͜ͱ͕ཪ໨ʹग़Δ͜ͱ΋ • ྫྷ੩ʹɺ໨తʹཱͪฦͬͯஸ౓Α͍མͱ͠ॴΛܾΊΔ

    • ෳࡶͳ໰୊Λγϯϓϧʹղ͘ํ๏Λ୳͢ • ࠷ॳ͸Θ͔Βͳ͍͜ͱ΋ଟ͍͕͜ͷ൑அͷ܁Γฦ͠Ͱਫ਼౓্͕͕͍ͬͯ͘ 36

  37. ֶͼ ن֨ʹ৐Δͱ҆શͰޮ཰͕ྑ͍ • ڞ௨ج൫ͷϓϩτίϧ࡞Γ͸ͱͯ΋೉͍͠໰୊ • OIDC ͷ͓͔͛Ͱզʑ͸Ͳ͏࣮૷͢Δͷ͔ͱ͍͏ݕ౼ʹ஫ྗͰ͖ͨ • طଘͷن͕֨͋Γɺ໨తʹ߹க͍ͯ͠ΔͳΒɺ࢖Θͳ͍ख͸ͳ͍ •

    ଟ͘ͷٞ࿦͕ॏͶΒΕར༻࣮੷ͷ͋Δن֨ΑΓ༏Εͨ΋ͷΛ࡞Δͷ͸೉͠ ͍ • ϥΠϒϥϦ͕ଘࡏ͢Δ͜ͱ΋ଟ͍ • RFC ΛͪΌΜͱಡΜͰ࢓૊ΈΛཧղ͢Δͷ͸ॏཁ 37

  38. ֶͼ ૣΊʹͭͳ͛ͯಈ͔͢ • ࠓճɺͦΕͧΕ͕ϞοΫΛ࡞ͬͯ։ൃΛਐߦ • ॳظͷ࢓༷΍ΞʔΩςΫνϟͷண஍఺͕ෆ࣮֬ͩͬͨͨΊ • ௕͍ؒϞοΫΛཔͬͯ͠·͍࿈ܞʹඞཁͳؾ෇͖͕஗ΕΔ͜ ͱ΋ •

    ෆ׬શͰ΋ྑ͍ͷͰɺૣΊʹͭͳ͛ͯϑΟʔυόοΫΛಘΒ ΕΔঢ়ଶʹͰ͖ͨΒΑ͔ͬͨ 38

  39. ·ͱΊ • ID ج൫ͷ STORES ΁ͷಋೖͱΞΧ΢ϯτͷҠߦΛɺμ΢ϯλΠϜͳ ͠ɺϢʔβʔૢ࡞ෆཁͰߦͬͨࣄྫΛ঺հͨ͠ • औΓ૊ΈͷதͰۤ࿑ͨ͜͠ͱ΍ಘΒΕֶͨͼΛ঺հͨ͠ɻಛʹɺજΜ Ͱ͍ͨ໰୊΁ͷऔΓ૊Έʹ͍͓ͭͯ࿩ͨ͠͠

    • ෳࡶͳ໰୊͕ଓʑͱग़ͯ͘Δͱࠞཚ͢Δ͜ͱ΋͋Δ͕ɺ໨తʹूத͠ ͯγϯϓϧʹղ͘ɺͱ͍͏ͷΛ๨Εͣʹ͍͍ͨ • γεςϜҠߦ΍෼ׂͱ͍ͬͨಉछͷ໰୊΍ɺଞͷ೉͍͠໰୊ʹऔΓ૊ ·ΕΔํͷώϯτʹͳΔͱ͏Ε͍͠ 39

  40. 40