Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
Search
Takuya Matsumoto
October 22, 2021
Technology
3.3k
5
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
https://kaigionrails.org/2021/talks/upinetree/
Takuya Matsumoto
October 22, 2021
More Decks by Takuya Matsumoto
See All by Takuya Matsumoto
STORES におけるセッションストアへの Amazon MemoryDB for Redis の活用と、移行戦略 / MemoryDB for STORES Session Store
upinetree
2
4.9k
バックエンド基盤チームのお仕事 / The value of the backend base team
upinetree
0
3.8k
CSSの技術的負債との向き合い方 / How to Deal with Technical Debt of CSS (ja)
upinetree
5
4.4k
How to Deal with Technical Debt of CSS
upinetree
1
620
書籍紹介LT:現場で使える Ruby on Rails 5 速習実践ガイド
upinetree
0
220
Introduction to Entering Test Design (Japanese)
upinetree
0
890
Hello React
upinetree
4
300
history of nicorepo gem and me
upinetree
0
180
Visualize team communications on github
upinetree
4
1.3k
Other Decks in Technology
See All in Technology
10年目を迎えた「ABEMA」がどのように AI 活用を推進して、AI 駆動開発にシフトしているのか / How ABEMA, entering its 10th year, is promoting the use of AI and shifting toward AI-driven development
miyukki
0
120
Kaggleで成長するために意識したこと
prgckwb
2
300
ADDF - ループエンジニアリングするフレームワークを作ったら/I Didn't Set Out to Build Loop Engineering, But ADDF Did
fruitriin
0
120
ローカルLLMとLINE Botの組み合わせ その3 / LINE DC Generative AI Meetup #8
you
PRO
0
130
Claude Codeとハーネスについて考えてみる
oikon48
18
9.3k
Foxgloveについて 実際にExtensionを開発して公開するまでの話 / About Foxglove: The Story of Developing and Releasing an Extension
ry0_ka
0
210
Road to SRE NEXTの今までとこれから
hiroyaonoe
0
290
知らん間に、回ってる
ming_ayami
0
490
人を動かすのは時間ではなく、納得感 〜新任EMが入社3ヶ月、組織を2回変えた話〜
kakehashi
PRO
3
220
AI Agent SaaS を支える自社仮想化基盤への挑戦と実運用 / ai-agent-saas-virtualization
flatt_security
2
3.8k
Terraform共通モジュールをチーム横断で“変えられる”運用へ ― リリースと適用の分離
kekke_n
1
2.8k
依頼文化をやめる日 EM視点で語るPlatform EngineeringとInclusive SRE / Discussing Platform Engineering and Inclusive SRE from an EM's Perspective
shin1988
4
5.3k
Featured
See All Featured
Ruling the World: When Life Gets Gamed
codingconduct
0
280
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.9k
Digital Ethics as a Driver of Design Innovation
axbom
PRO
1
340
Ethics towards AI in product and experience design
skipperchong
2
330
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
1.1k
Paper Plane (Part 1)
katiecoart
PRO
0
9.5k
Amusing Abliteration
ianozsvald
1
220
Rails Girls Zürich Keynote
gr2m
96
14k
WENDY [Excerpt]
tessaabrams
11
38k
Fireside Chat
paigeccino
42
4k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
610
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
65
56k
Transcript
STORES ͷ ID ج൫ͷ ಋೖͱɺϢʔβʔΞΧ ϯτͷҠߦΛৼΓฦͬͯ 2021.10.22 Kaigi on Rails
2021
Who? Takuya Matsumoto @upinetree • hey ࣾ • Ruby, EM
• ☕ , " , # • ڞஶ: ݱͰ͑Δ Ruby on Rails 5 श࣮ફΨΠυ, 2018 ϑϩϦμ WDW ʹͯ (2019)
ϓϥοτϑΥʔϜ Platform Photo by Roman Fox on Unsplash https://unsplash.com/photos/-iVNDAOeXn8
…ʁ • OSɺϋʔυΣΞɺήʔϜͱ͔ͷಈ࡞ڥ • ࣾͷج൫γεςϜ • App StoreɺSteam ͷΑ͏ͳ৴ڥ •
AWSɺGoogle Workspace ͷΑ͏ͳෳαʔϏεͷू߹ମ 4
͓ళͷσδλϧΛ·Δͬͱαϙʔτ 5
ϓϥοτϑΥʔϜ͕ఏڙ͍ͨ͠Ձ • STORES ϓϥοτϑΥʔϜͱͯ͠౷߹͞ΕͨମݧΛಘΒΕΔ • ҰճαΠϯΞοϓ͢ΕɺԣஅͰ͍ΖΜͳσδλϧԽͷࢧԉ Λड͚ΒΕΔ 6
ݱ࣌Ͱ • ͦΕͧΕͷϓϩμΫτ͕ಠཱͯ͠ଘࡏ͠ɺͦΕͧΕͰαΠϯ Ξοϓ͕ඞཁ • ϓϥοτϑΥʔϜͱͯ͠౷߹͞Εͨମݧݶఆత • ࠷ॳ͔ΒϓϥοτϑΥʔϜͱͯ͠ઃܭ͞Ε͍ͯͳ͍ͨΊ ٕज़తʹ·Δͬͱͭͳ͍͛ͯ͘ඞཁ͕͋Δ 7
ΞΧϯτͷ౷߹ Photo by Daniel Olah on Unsplash https://unsplash.com/photos/VS_kFx4yF5g
ࠓ͓͢Δ͜ͱ • ωοτγϣοϓ࡞αʔϏε STORES ͷ ID ج൫ಋೖͷ • ͬͨ͜ͱۤ࿑ͨ͜͠ͱΛৼΓฦΓɺֶͼΛڞ༗ •
৫ؒௐίϛϡχέʔγϣϯͷࠓճׂѪ ※νʔϜͷՌΛɺࢲ͕ද͓ͯ͠͠·͢ 9
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ • ID ج൫ͱ͍͏γεςϜΛ࡞Δ • طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ 10
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ ID ج൫ͱ͍͏γεςϜΛ࡞Δ • ։ൃνʔϜ͕ൃ • Go + Next.js
• ຊൃදͷର֎ ! طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ • ࠷ॳͷಋೖઌɺωοτγϣοϓ ࡞αʔϏεͷ STORES • Rails + Nuxt.js • զʑ͕୲ • 3 ਓνʔϜ w/ @HolyGrail, ۀҕୗͷํ • ຊൃදͰѻ͏༰ 11
STORES ͷ ID ج൫ͷಋೖํ • ೝূํࣜͷՃͰͳ͘ɺΞΧϯτҠߦ͠ೝূํࣜΛΓସ͑ Δ • ࠷ॳͷಋೖͳͷͰɺ৽͍͠ೝূํࣜͷૌٻ͍͠ •
ͨͱ͑ʮSTORES ϓϥοτϑΥʔϜͰϩάΠϯʯࠞཚͷ ͱ • ΞΧϯτҠߦͷͨΊʹϢʔβʔૢ࡞ΛٻΊͳ͍ • ཪଆͰ͍͍ײ͡ʹɺͰ͖ΕμϯλΠϜͳ͠Ͱ҆શʹΓସΘΔ 12
Ͳ͏ͬͨͷ͔ 13
ϓϩτίϧ • OpenID Connect (OIDC)1 ४ڌ • OAuth 2.0 ্ʹ͔ͬͬͨγϯϓϧͳΞΠσϯςΟςΟϨ
ΠϠʔ • ID ࿈ܞΛ͍͍ײ͢͡Δϓϩτίϧ • omniauth_openid_connect gem Λར༻ 1 https://openid.net/connect/ 14
ೝূํࣜͷΓସ͑ͰΔ͜ͱ • ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • طଘΞΧϯτͷσʔλҠߦ 15
ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • Feature Toggle + τϥϯΫϕʔε։ൃ • ! • վमൣғ͕ͯ͘ڝ߹ͷϦεΫ͕
͍ • ৽͍͠γεςϜΛฒߦͯ͠࡞Γͳ͕ Βɺஈ֊తʹಋೖͷ४උ͕Մೳ • ϩʔϧόοΫ͕༰қ (σʔλΛআ͍ͯ) 16
طଘΞΧϯτͷσʔλҠߦ ରσʔλ • ϝʔϧΞυϨε • ϋογϡԽࡁΈύεϫʔυ 17
طଘσʔλҠߦͷྲྀΕ 1. ࣄલม 2. ҰׅҠߦ 3. ࡞ɾߋ৽ΛϑοΫͯ͠μϒϧϥΠτ 4. ID ج൫͔Βͷσʔλಉظ
18
19
20
21
22
ଞʹͬͨ͜ͱΛ͔͍ͭ·ΜͰ • ೝূೝՄྖҬͷֶश • ։ൃڥͷඋ 23
ೝূೝՄྖҬͷֶश ϦϞʔτษڧձΛ։࠵ • OAuth 2.1 RFC ΛಡΉձ • OpenID Foundation
Japan ͷΤόϯδΣϦετͷํʑʹ૬ஊ͢Δձ2 ޮՌ • ਖ਼֬ͳཧղͷଅਐɺෆ҆ཁૉͷղফɺΑΓΑ͍ํ๏ͷؾ͖ • ϝϯόʔͷೝࣝΛ߹Θͤͯڞ௨ݴޠΛ֫ಘ 2 https://www.openid.or.jp/blog/cat170/ 24
։ൃڥͷඋ • ID ج൫ͱ STORES ͦΕͧΕ docker compose Ͱ։ൃڥΛߏங •
ઃఆʹ݁߹Λ࡞Γͨ͘ͳ͍ʢΤϯυϙΠ ϯτࢦఆɺϙʔτ൪߸ॏෳճආͳͲʣ • => STORES ͔Β ID ج൫Λ Docker in Docker3 (dind) Ͱىಈ • ࿈ܞ͕ෆཁͳͱ͖ೝূϞοΫͰܰྔԽ • ಉظपΓͷ SNS, SQS localstack Ͱ ϞοΫ 3 https://hub.docker.com/_/docker 25
ۤ࿑ͨ͜͠ͱ 26
ۤ࿑ͨ͜͠ͱ ଓʑͱൃ۷͞ΕΔٕज़తɾ༷తͳෛ࠴ • ͍͟ઃܭํΛܾΊͯਐΊͯΈΔͱɺͲΜͲΜ͕ൃ۷͞ Εͯ͘Δ • ٕज़తͳͷɺ༷తͳͷͷ྆ํ͋ͬͨ 27
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔٕज़తෛ࠴ͨͪͷରॲ • ෆཁͳػೳɺ࣮ • ͲΜͲΜআͯ͠վमൣғΛڱΊΔ • ͔ΓͮΒ͍࣮ • ෳࡶੑ͕ߴ·ΔϦεΫΛݮΒ͢Α͏ϦϑΝΫλϦϯά
28
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔ༷ͨͪͷରॲ • ഇࢭ༧ఆ͕ͩͬͨௐະ࣮ࢪͷ··ͩͬͨػೳ • ϓϩμΫτνʔϜʹਪਐΛґཔɺҰ෦ר͖औ࣮ͬͯࢪ • ഇࢭݕ౼Ͱ͖ͦ͏ͳػೳ • ༻ঢ়گͷ֬ೝɺඞཁͳௐΛ࣮ࢪ͠ഇࢭ
• ͳͥ͜͏ͳ͍ͬͯΔͷ͔୭͔Βͳ͍༷ • ߟݹֶऀͱͳΔ͔ɺߟݹֶऀʹॿ͚ΛٻΊͯɺ͋Δ͖ঢ়ଶΛߟܾ͑Ί Λ࡞Δ 29
ۤ࿑ͨ͜͠ͱ طଘσʔλͷཧ • Ҡߦ͕͍͠σʔλͷରॲ • ෆཁͳσʔλΛҠߦ͠ͳ͍ͨΊͷҠߦରͷཧ • Ҡߦޙͷ߹ੑʹϦεΫͷ͋Δσʔλͷௐ 30
ۤ࿑ͨ͜͠ͱ αʔϏεݸผͷࣄ vs ڞ௨ج൫ͷීวੑ • ࠷ॳͷ࿈ܞαʔϏεͱͯ͠ɺࣗવͳϢʔβʔମݧΛఏڙͨ͠ ͍ • Ұ࣌తʹ ID
ج൫ͱ STORES Ͱີ݁߹ʹͳΔ෦͕ੜ͡Δ • ؾ࣋ͪѱ͍͕ɺظతͳతͷͨΊʹҰఆڐ༰͠ɺ࣍ͷऔ ΓΈͰղফΛܭը • ID ج൫ʹෛ࠴Λ๊͑ͯΒ͍ͬͯΔঢ়گ 31
େ͖ͳτϥϒϧͳ͘ϦϦʔεྃ Photo by Wil Stewart on Unsplash https://unsplash.com/photos/UErWoQEoMrc
ֶͼ 33
ֶͼ ٕज़తෛ࠴ͱͷ͖߹͍ํ • جຊతʹී௨ͷ։ൃͱಉ͕ͩ͡ɺଟ͘ޙ͕ͳ͍ঢ়ଶͰݱΕ Δ • Լखʹଥڠ͢ΔͱγεςϜԣஅͷෛ࠴ʹͳΔ • طଘͷ࣮ʹܟҙ͏͕͠ͳ͍ •
ԿΒ͔ͷཧ༝͕͋ͬͯੵΈ্͛ΒΕͨݱঢ়ͷܟҙ • ͜Ε͕ਖ਼͍͠ͱࢥ͏ͷͰ͜ΕͰߦ͖·͢ͱ͍͏༐ؾ 34
ֶͼ ਫ໘Լͷͷදग़λΠϛϯά • ҰาਐΉͨͼʹ࣍ʑͱ͕ൃ۷͞ΕΔͱ͖͕͋Δ • γεςϜҠߦׂʹ͓͍ͯɺଟ͘ͷ߹ͦ͏͍͏ͷͰ͋Δ • ӅΕͯͳΜͱ͔ͳ͍ͬͯͨॲཧɺ͍͔ͭΖ͏ͱอཹ͞Ε͍ͯͨ ༷ •
͜͏ͨ͠ੑ࣭͔Βɺظݶͷίϛοτͮ͠Β͍͜ͱΛཧղ͓ͯ͘͠ • ுΓ͚ͬͯͬͭΔνϟϯεͱલ͖ʹߟ͑Δ 35
ֶͼ ͍͠ͷམͱ͠ॴΛܾΊΔ • ਫ໘Լ͔Βදग़ͨ͠ɺγεςϜҠߦʹ͏ • ͍͕࣍͠ʑͱग़͖ͯͯɺϦϦʔεʹͳ͔ͳ͔͚ۙͮͳ͍যΓ • ᘳͳղܾࡦΛߟ͑ͯ͠·͏͜ͱ͕ཪʹग़Δ͜ͱ • ྫྷ੩ʹɺతʹཱͪฦͬͯஸΑ͍མͱ͠ॴΛܾΊΔ
• ෳࡶͳΛγϯϓϧʹղ͘ํ๏Λ୳͢ • ࠷ॳΘ͔Βͳ͍͜ͱଟ͍͕͜ͷஅͷ܁Γฦ͠Ͱਫ਼্͕͕͍ͬͯ͘ 36
ֶͼ ن֨ʹΔͱ҆શͰޮ͕ྑ͍ • ڞ௨ج൫ͷϓϩτίϧ࡞Γͱ͍ͯ͠ • OIDC ͷ͓͔͛ͰզʑͲ͏࣮͢Δͷ͔ͱ͍͏ݕ౼ʹྗͰ͖ͨ • طଘͷن͕֨͋Γɺతʹ߹க͍ͯ͠ΔͳΒɺΘͳ͍खͳ͍ •
ଟ͘ͷ͕ٞॏͶΒΕར༻࣮ͷ͋Δن֨ΑΓ༏ΕͨͷΛ࡞Δͷ͠ ͍ • ϥΠϒϥϦ͕ଘࡏ͢Δ͜ͱଟ͍ • RFC ΛͪΌΜͱಡΜͰΈΛཧղ͢Δͷॏཁ 37
ֶͼ ૣΊʹͭͳ͛ͯಈ͔͢ • ࠓճɺͦΕͧΕ͕ϞοΫΛ࡞ͬͯ։ൃΛਐߦ • ॳظͷ༷ΞʔΩςΫνϟͷண͕ෆ࣮֬ͩͬͨͨΊ • ͍ؒϞοΫΛཔͬͯ͠·͍࿈ܞʹඞཁͳؾ͖͕ΕΔ͜ ͱ •
ෆશͰྑ͍ͷͰɺૣΊʹͭͳ͛ͯϑΟʔυόοΫΛಘΒ ΕΔঢ়ଶʹͰ͖ͨΒΑ͔ͬͨ 38
·ͱΊ • ID ج൫ͷ STORES ͷಋೖͱΞΧϯτͷҠߦΛɺμϯλΠϜͳ ͠ɺϢʔβʔૢ࡞ෆཁͰߦͬͨࣄྫΛհͨ͠ • औΓΈͷதͰۤ࿑ͨ͜͠ͱಘΒΕֶͨͼΛհͨ͠ɻಛʹɺજΜ Ͱ͍ͨͷऔΓΈʹ͍͓ͭͯͨ͠͠
• ෳࡶͳ͕ଓʑͱग़ͯ͘Δͱࠞཚ͢Δ͜ͱ͋Δ͕ɺతʹूத͠ ͯγϯϓϧʹղ͘ɺͱ͍͏ͷΛΕͣʹ͍͍ͨ • γεςϜҠߦׂͱ͍ͬͨಉछͷɺଞͷ͍͠ʹऔΓ ·ΕΔํͷώϯτʹͳΔͱ͏Ε͍͠ 39
40