Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
Search
Takuya Matsumoto
October 22, 2021
Technology
4
2.6k
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
https://kaigionrails.org/2021/talks/upinetree/
Takuya Matsumoto
October 22, 2021
Tweet
Share
More Decks by Takuya Matsumoto
See All by Takuya Matsumoto
STORES におけるセッションストアへの Amazon MemoryDB for Redis の活用と、移行戦略 / MemoryDB for STORES Session Store
upinetree
1
3.5k
バックエンド基盤チームのお仕事 / The value of the backend base team
upinetree
0
3.2k
CSSの技術的負債との向き合い方 / How to Deal with Technical Debt of CSS (ja)
upinetree
5
4.2k
How to Deal with Technical Debt of CSS
upinetree
1
540
書籍紹介LT:現場で使える Ruby on Rails 5 速習実践ガイド
upinetree
0
200
Introduction to Entering Test Design (Japanese)
upinetree
0
820
Hello React
upinetree
4
270
history of nicorepo gem and me
upinetree
0
150
Visualize team communications on github
upinetree
4
1.2k
Other Decks in Technology
See All in Technology
Amazon_CloudWatch_ログ異常検出_導入ガイド
tsujiba
4
1.5k
【若手エンジニア応援LT会】AWS Security Hubの活用に苦労した話
kazushi_ohata
0
160
pandasはPolarsに性能面で追いつき追い越せるのか
vaaaaanquish
4
4.5k
チームを主語にしてみる / Making "Team" the Subject
ar_tama
4
310
GitHub Universe: Evaluating RAG apps in GitHub Actions
pamelafox
0
170
日経電子版におけるリアルタイムレコメンドシステム開発の事例紹介/nikkei-realtime-recommender-system
yng87
1
500
新卒1年目が向き合う生成AI事業の開発を加速させる技術選定 / ai-web-launcher
cyberagentdevelopers
PRO
7
1.5k
最速最小からはじめるデータプロダクト / Data Product MVP
amaotone
5
730
LeSSに潜む「隠れWF病」とその処方箋
lycorptech_jp
PRO
2
120
AWSコンテナ本出版から3年経った今、もし改めて執筆し直すなら / If I revise our container book
iselegant
15
4k
バクラクにおける可観測性向上の取り組み
yuu26
3
410
大規模データ基盤チームのオンプレTiDB運用への挑戦 / dpu-tidb
cyberagentdevelopers
PRO
1
110
Featured
See All Featured
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
37
1.8k
Fashionably flexible responsive web design (full day workshop)
malarkey
404
65k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
14
1.9k
Practical Orchestrator
shlominoach
186
10k
A designer walks into a library…
pauljervisheath
202
24k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
Navigating Team Friction
lara
183
14k
Happy Clients
brianwarren
97
6.7k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
27
1.9k
Building Applications with DynamoDB
mza
90
6.1k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
3
370
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Transcript
STORES ͷ ID ج൫ͷ ಋೖͱɺϢʔβʔΞΧ ϯτͷҠߦΛৼΓฦͬͯ 2021.10.22 Kaigi on Rails
2021
Who? Takuya Matsumoto @upinetree • hey ࣾ • Ruby, EM
• ☕ , " , # • ڞஶ: ݱͰ͑Δ Ruby on Rails 5 श࣮ફΨΠυ, 2018 ϑϩϦμ WDW ʹͯ (2019)
ϓϥοτϑΥʔϜ Platform Photo by Roman Fox on Unsplash https://unsplash.com/photos/-iVNDAOeXn8
…ʁ • OSɺϋʔυΣΞɺήʔϜͱ͔ͷಈ࡞ڥ • ࣾͷج൫γεςϜ • App StoreɺSteam ͷΑ͏ͳ৴ڥ •
AWSɺGoogle Workspace ͷΑ͏ͳෳαʔϏεͷू߹ମ 4
͓ళͷσδλϧΛ·Δͬͱαϙʔτ 5
ϓϥοτϑΥʔϜ͕ఏڙ͍ͨ͠Ձ • STORES ϓϥοτϑΥʔϜͱͯ͠౷߹͞ΕͨମݧΛಘΒΕΔ • ҰճαΠϯΞοϓ͢ΕɺԣஅͰ͍ΖΜͳσδλϧԽͷࢧԉ Λड͚ΒΕΔ 6
ݱ࣌Ͱ • ͦΕͧΕͷϓϩμΫτ͕ಠཱͯ͠ଘࡏ͠ɺͦΕͧΕͰαΠϯ Ξοϓ͕ඞཁ • ϓϥοτϑΥʔϜͱͯ͠౷߹͞Εͨମݧݶఆత • ࠷ॳ͔ΒϓϥοτϑΥʔϜͱͯ͠ઃܭ͞Ε͍ͯͳ͍ͨΊ ٕज़తʹ·Δͬͱͭͳ͍͛ͯ͘ඞཁ͕͋Δ 7
ΞΧϯτͷ౷߹ Photo by Daniel Olah on Unsplash https://unsplash.com/photos/VS_kFx4yF5g
ࠓ͓͢Δ͜ͱ • ωοτγϣοϓ࡞αʔϏε STORES ͷ ID ج൫ಋೖͷ • ͬͨ͜ͱۤ࿑ͨ͜͠ͱΛৼΓฦΓɺֶͼΛڞ༗ •
৫ؒௐίϛϡχέʔγϣϯͷࠓճׂѪ ※νʔϜͷՌΛɺࢲ͕ද͓ͯ͠͠·͢ 9
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ • ID ج൫ͱ͍͏γεςϜΛ࡞Δ • طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ 10
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ ID ج൫ͱ͍͏γεςϜΛ࡞Δ • ։ൃνʔϜ͕ൃ • Go + Next.js
• ຊൃදͷର֎ ! طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ • ࠷ॳͷಋೖઌɺωοτγϣοϓ ࡞αʔϏεͷ STORES • Rails + Nuxt.js • զʑ͕୲ • 3 ਓνʔϜ w/ @HolyGrail, ۀҕୗͷํ • ຊൃදͰѻ͏༰ 11
STORES ͷ ID ج൫ͷಋೖํ • ೝূํࣜͷՃͰͳ͘ɺΞΧϯτҠߦ͠ೝূํࣜΛΓସ͑ Δ • ࠷ॳͷಋೖͳͷͰɺ৽͍͠ೝূํࣜͷૌٻ͍͠ •
ͨͱ͑ʮSTORES ϓϥοτϑΥʔϜͰϩάΠϯʯࠞཚͷ ͱ • ΞΧϯτҠߦͷͨΊʹϢʔβʔૢ࡞ΛٻΊͳ͍ • ཪଆͰ͍͍ײ͡ʹɺͰ͖ΕμϯλΠϜͳ͠Ͱ҆શʹΓସΘΔ 12
Ͳ͏ͬͨͷ͔ 13
ϓϩτίϧ • OpenID Connect (OIDC)1 ४ڌ • OAuth 2.0 ্ʹ͔ͬͬͨγϯϓϧͳΞΠσϯςΟςΟϨ
ΠϠʔ • ID ࿈ܞΛ͍͍ײ͢͡Δϓϩτίϧ • omniauth_openid_connect gem Λར༻ 1 https://openid.net/connect/ 14
ೝূํࣜͷΓସ͑ͰΔ͜ͱ • ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • طଘΞΧϯτͷσʔλҠߦ 15
ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • Feature Toggle + τϥϯΫϕʔε։ൃ • ! • վमൣғ͕ͯ͘ڝ߹ͷϦεΫ͕
͍ • ৽͍͠γεςϜΛฒߦͯ͠࡞Γͳ͕ Βɺஈ֊తʹಋೖͷ४උ͕Մೳ • ϩʔϧόοΫ͕༰қ (σʔλΛআ͍ͯ) 16
طଘΞΧϯτͷσʔλҠߦ ରσʔλ • ϝʔϧΞυϨε • ϋογϡԽࡁΈύεϫʔυ 17
طଘσʔλҠߦͷྲྀΕ 1. ࣄલม 2. ҰׅҠߦ 3. ࡞ɾߋ৽ΛϑοΫͯ͠μϒϧϥΠτ 4. ID ج൫͔Βͷσʔλಉظ
18
19
20
21
22
ଞʹͬͨ͜ͱΛ͔͍ͭ·ΜͰ • ೝূೝՄྖҬͷֶश • ։ൃڥͷඋ 23
ೝূೝՄྖҬͷֶश ϦϞʔτษڧձΛ։࠵ • OAuth 2.1 RFC ΛಡΉձ • OpenID Foundation
Japan ͷΤόϯδΣϦετͷํʑʹ૬ஊ͢Δձ2 ޮՌ • ਖ਼֬ͳཧղͷଅਐɺෆ҆ཁૉͷղফɺΑΓΑ͍ํ๏ͷؾ͖ • ϝϯόʔͷೝࣝΛ߹Θͤͯڞ௨ݴޠΛ֫ಘ 2 https://www.openid.or.jp/blog/cat170/ 24
։ൃڥͷඋ • ID ج൫ͱ STORES ͦΕͧΕ docker compose Ͱ։ൃڥΛߏங •
ઃఆʹ݁߹Λ࡞Γͨ͘ͳ͍ʢΤϯυϙΠ ϯτࢦఆɺϙʔτ൪߸ॏෳճආͳͲʣ • => STORES ͔Β ID ج൫Λ Docker in Docker3 (dind) Ͱىಈ • ࿈ܞ͕ෆཁͳͱ͖ೝূϞοΫͰܰྔԽ • ಉظपΓͷ SNS, SQS localstack Ͱ ϞοΫ 3 https://hub.docker.com/_/docker 25
ۤ࿑ͨ͜͠ͱ 26
ۤ࿑ͨ͜͠ͱ ଓʑͱൃ۷͞ΕΔٕज़తɾ༷తͳෛ࠴ • ͍͟ઃܭํΛܾΊͯਐΊͯΈΔͱɺͲΜͲΜ͕ൃ۷͞ Εͯ͘Δ • ٕज़తͳͷɺ༷తͳͷͷ྆ํ͋ͬͨ 27
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔٕज़తෛ࠴ͨͪͷରॲ • ෆཁͳػೳɺ࣮ • ͲΜͲΜআͯ͠վमൣғΛڱΊΔ • ͔ΓͮΒ͍࣮ • ෳࡶੑ͕ߴ·ΔϦεΫΛݮΒ͢Α͏ϦϑΝΫλϦϯά
28
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔ༷ͨͪͷରॲ • ഇࢭ༧ఆ͕ͩͬͨௐະ࣮ࢪͷ··ͩͬͨػೳ • ϓϩμΫτνʔϜʹਪਐΛґཔɺҰ෦ר͖औ࣮ͬͯࢪ • ഇࢭݕ౼Ͱ͖ͦ͏ͳػೳ • ༻ঢ়گͷ֬ೝɺඞཁͳௐΛ࣮ࢪ͠ഇࢭ
• ͳͥ͜͏ͳ͍ͬͯΔͷ͔୭͔Βͳ͍༷ • ߟݹֶऀͱͳΔ͔ɺߟݹֶऀʹॿ͚ΛٻΊͯɺ͋Δ͖ঢ়ଶΛߟܾ͑Ί Λ࡞Δ 29
ۤ࿑ͨ͜͠ͱ طଘσʔλͷཧ • Ҡߦ͕͍͠σʔλͷରॲ • ෆཁͳσʔλΛҠߦ͠ͳ͍ͨΊͷҠߦରͷཧ • Ҡߦޙͷ߹ੑʹϦεΫͷ͋Δσʔλͷௐ 30
ۤ࿑ͨ͜͠ͱ αʔϏεݸผͷࣄ vs ڞ௨ج൫ͷීวੑ • ࠷ॳͷ࿈ܞαʔϏεͱͯ͠ɺࣗવͳϢʔβʔମݧΛఏڙͨ͠ ͍ • Ұ࣌తʹ ID
ج൫ͱ STORES Ͱີ݁߹ʹͳΔ෦͕ੜ͡Δ • ؾ࣋ͪѱ͍͕ɺظతͳతͷͨΊʹҰఆڐ༰͠ɺ࣍ͷऔ ΓΈͰղফΛܭը • ID ج൫ʹෛ࠴Λ๊͑ͯΒ͍ͬͯΔঢ়گ 31
େ͖ͳτϥϒϧͳ͘ϦϦʔεྃ Photo by Wil Stewart on Unsplash https://unsplash.com/photos/UErWoQEoMrc
ֶͼ 33
ֶͼ ٕज़తෛ࠴ͱͷ͖߹͍ํ • جຊతʹී௨ͷ։ൃͱಉ͕ͩ͡ɺଟ͘ޙ͕ͳ͍ঢ়ଶͰݱΕ Δ • Լखʹଥڠ͢ΔͱγεςϜԣஅͷෛ࠴ʹͳΔ • طଘͷ࣮ʹܟҙ͏͕͠ͳ͍ •
ԿΒ͔ͷཧ༝͕͋ͬͯੵΈ্͛ΒΕͨݱঢ়ͷܟҙ • ͜Ε͕ਖ਼͍͠ͱࢥ͏ͷͰ͜ΕͰߦ͖·͢ͱ͍͏༐ؾ 34
ֶͼ ਫ໘Լͷͷදग़λΠϛϯά • ҰาਐΉͨͼʹ࣍ʑͱ͕ൃ۷͞ΕΔͱ͖͕͋Δ • γεςϜҠߦׂʹ͓͍ͯɺଟ͘ͷ߹ͦ͏͍͏ͷͰ͋Δ • ӅΕͯͳΜͱ͔ͳ͍ͬͯͨॲཧɺ͍͔ͭΖ͏ͱอཹ͞Ε͍ͯͨ ༷ •
͜͏ͨ͠ੑ࣭͔Βɺظݶͷίϛοτͮ͠Β͍͜ͱΛཧղ͓ͯ͘͠ • ுΓ͚ͬͯͬͭΔνϟϯεͱલ͖ʹߟ͑Δ 35
ֶͼ ͍͠ͷམͱ͠ॴΛܾΊΔ • ਫ໘Լ͔Βදग़ͨ͠ɺγεςϜҠߦʹ͏ • ͍͕࣍͠ʑͱग़͖ͯͯɺϦϦʔεʹͳ͔ͳ͔͚ۙͮͳ͍যΓ • ᘳͳղܾࡦΛߟ͑ͯ͠·͏͜ͱ͕ཪʹग़Δ͜ͱ • ྫྷ੩ʹɺతʹཱͪฦͬͯஸΑ͍མͱ͠ॴΛܾΊΔ
• ෳࡶͳΛγϯϓϧʹղ͘ํ๏Λ୳͢ • ࠷ॳΘ͔Βͳ͍͜ͱଟ͍͕͜ͷஅͷ܁Γฦ͠Ͱਫ਼্͕͕͍ͬͯ͘ 36
ֶͼ ن֨ʹΔͱ҆શͰޮ͕ྑ͍ • ڞ௨ج൫ͷϓϩτίϧ࡞Γͱ͍ͯ͠ • OIDC ͷ͓͔͛ͰզʑͲ͏࣮͢Δͷ͔ͱ͍͏ݕ౼ʹྗͰ͖ͨ • طଘͷن͕֨͋Γɺతʹ߹க͍ͯ͠ΔͳΒɺΘͳ͍खͳ͍ •
ଟ͘ͷ͕ٞॏͶΒΕར༻࣮ͷ͋Δن֨ΑΓ༏ΕͨͷΛ࡞Δͷ͠ ͍ • ϥΠϒϥϦ͕ଘࡏ͢Δ͜ͱଟ͍ • RFC ΛͪΌΜͱಡΜͰΈΛཧղ͢Δͷॏཁ 37
ֶͼ ૣΊʹͭͳ͛ͯಈ͔͢ • ࠓճɺͦΕͧΕ͕ϞοΫΛ࡞ͬͯ։ൃΛਐߦ • ॳظͷ༷ΞʔΩςΫνϟͷண͕ෆ࣮֬ͩͬͨͨΊ • ͍ؒϞοΫΛཔͬͯ͠·͍࿈ܞʹඞཁͳؾ͖͕ΕΔ͜ ͱ •
ෆશͰྑ͍ͷͰɺૣΊʹͭͳ͛ͯϑΟʔυόοΫΛಘΒ ΕΔঢ়ଶʹͰ͖ͨΒΑ͔ͬͨ 38
·ͱΊ • ID ج൫ͷ STORES ͷಋೖͱΞΧϯτͷҠߦΛɺμϯλΠϜͳ ͠ɺϢʔβʔૢ࡞ෆཁͰߦͬͨࣄྫΛհͨ͠ • औΓΈͷதͰۤ࿑ͨ͜͠ͱಘΒΕֶͨͼΛհͨ͠ɻಛʹɺજΜ Ͱ͍ͨͷऔΓΈʹ͍͓ͭͯͨ͠͠
• ෳࡶͳ͕ଓʑͱग़ͯ͘Δͱࠞཚ͢Δ͜ͱ͋Δ͕ɺతʹूத͠ ͯγϯϓϧʹղ͘ɺͱ͍͏ͷΛΕͣʹ͍͍ͨ • γεςϜҠߦׂͱ͍ͬͨಉछͷɺଞͷ͍͠ʹऔΓ ·ΕΔํͷώϯτʹͳΔͱ͏Ε͍͠ 39
40