Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
Search
Takuya Matsumoto
October 22, 2021
Technology
5
2.6k
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
https://kaigionrails.org/2021/talks/upinetree/
Takuya Matsumoto
October 22, 2021
Tweet
Share
More Decks by Takuya Matsumoto
See All by Takuya Matsumoto
STORES におけるセッションストアへの Amazon MemoryDB for Redis の活用と、移行戦略 / MemoryDB for STORES Session Store
upinetree
2
3.6k
バックエンド基盤チームのお仕事 / The value of the backend base team
upinetree
0
3.2k
CSSの技術的負債との向き合い方 / How to Deal with Technical Debt of CSS (ja)
upinetree
5
4.2k
How to Deal with Technical Debt of CSS
upinetree
1
550
書籍紹介LT:現場で使える Ruby on Rails 5 速習実践ガイド
upinetree
0
200
Introduction to Entering Test Design (Japanese)
upinetree
0
820
Hello React
upinetree
4
270
history of nicorepo gem and me
upinetree
0
150
Visualize team communications on github
upinetree
4
1.2k
Other Decks in Technology
See All in Technology
BLADE: An Attempt to Automate Penetration Testing Using Autonomous AI Agents
bbrbbq
0
320
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
310
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
300k
OS 標準のデザインシステムを超えて - より柔軟な Flutter テーマ管理 | FlutterKaigi 2024
ronnnnn
0
200
Incident Response Practices: Waroom's Features and Future Challenges
rrreeeyyy
0
160
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
OCI Security サービス 概要
oracle4engineer
PRO
0
6.5k
誰も全体を知らない ~ ロールの垣根を超えて引き上げる開発生産性 / Boosting Development Productivity Across Roles
kakehashi
1
230
Taming you application's environments
salaboy
0
190
FlutterアプリにおけるSLI/SLOを用いたユーザー体験の可視化と計測基盤構築
ostk0069
0
100
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
180
Application Development WG Intro at AppDeveloperCon
salaboy
0
190
Featured
See All Featured
Git: the NoSQL Database
bkeepers
PRO
427
64k
The Invisible Side of Design
smashingmag
298
50k
Intergalactic Javascript Robots from Outer Space
tanoku
269
27k
Fireside Chat
paigeccino
34
3k
RailsConf 2023
tenderlove
29
900
A better future with KSS
kneath
238
17k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
93
16k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
It's Worth the Effort
3n
183
27k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
27
840
Transcript
STORES ͷ ID ج൫ͷ ಋೖͱɺϢʔβʔΞΧ ϯτͷҠߦΛৼΓฦͬͯ 2021.10.22 Kaigi on Rails
2021
Who? Takuya Matsumoto @upinetree • hey ࣾ • Ruby, EM
• ☕ , " , # • ڞஶ: ݱͰ͑Δ Ruby on Rails 5 श࣮ફΨΠυ, 2018 ϑϩϦμ WDW ʹͯ (2019)
ϓϥοτϑΥʔϜ Platform Photo by Roman Fox on Unsplash https://unsplash.com/photos/-iVNDAOeXn8
…ʁ • OSɺϋʔυΣΞɺήʔϜͱ͔ͷಈ࡞ڥ • ࣾͷج൫γεςϜ • App StoreɺSteam ͷΑ͏ͳ৴ڥ •
AWSɺGoogle Workspace ͷΑ͏ͳෳαʔϏεͷू߹ମ 4
͓ళͷσδλϧΛ·Δͬͱαϙʔτ 5
ϓϥοτϑΥʔϜ͕ఏڙ͍ͨ͠Ձ • STORES ϓϥοτϑΥʔϜͱͯ͠౷߹͞ΕͨମݧΛಘΒΕΔ • ҰճαΠϯΞοϓ͢ΕɺԣஅͰ͍ΖΜͳσδλϧԽͷࢧԉ Λड͚ΒΕΔ 6
ݱ࣌Ͱ • ͦΕͧΕͷϓϩμΫτ͕ಠཱͯ͠ଘࡏ͠ɺͦΕͧΕͰαΠϯ Ξοϓ͕ඞཁ • ϓϥοτϑΥʔϜͱͯ͠౷߹͞Εͨମݧݶఆత • ࠷ॳ͔ΒϓϥοτϑΥʔϜͱͯ͠ઃܭ͞Ε͍ͯͳ͍ͨΊ ٕज़తʹ·Δͬͱͭͳ͍͛ͯ͘ඞཁ͕͋Δ 7
ΞΧϯτͷ౷߹ Photo by Daniel Olah on Unsplash https://unsplash.com/photos/VS_kFx4yF5g
ࠓ͓͢Δ͜ͱ • ωοτγϣοϓ࡞αʔϏε STORES ͷ ID ج൫ಋೖͷ • ͬͨ͜ͱۤ࿑ͨ͜͠ͱΛৼΓฦΓɺֶͼΛڞ༗ •
৫ؒௐίϛϡχέʔγϣϯͷࠓճׂѪ ※νʔϜͷՌΛɺࢲ͕ද͓ͯ͠͠·͢ 9
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ • ID ج൫ͱ͍͏γεςϜΛ࡞Δ • طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ 10
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ ID ج൫ͱ͍͏γεςϜΛ࡞Δ • ։ൃνʔϜ͕ൃ • Go + Next.js
• ຊൃදͷର֎ ! طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ • ࠷ॳͷಋೖઌɺωοτγϣοϓ ࡞αʔϏεͷ STORES • Rails + Nuxt.js • զʑ͕୲ • 3 ਓνʔϜ w/ @HolyGrail, ۀҕୗͷํ • ຊൃදͰѻ͏༰ 11
STORES ͷ ID ج൫ͷಋೖํ • ೝূํࣜͷՃͰͳ͘ɺΞΧϯτҠߦ͠ೝূํࣜΛΓସ͑ Δ • ࠷ॳͷಋೖͳͷͰɺ৽͍͠ೝূํࣜͷૌٻ͍͠ •
ͨͱ͑ʮSTORES ϓϥοτϑΥʔϜͰϩάΠϯʯࠞཚͷ ͱ • ΞΧϯτҠߦͷͨΊʹϢʔβʔૢ࡞ΛٻΊͳ͍ • ཪଆͰ͍͍ײ͡ʹɺͰ͖ΕμϯλΠϜͳ͠Ͱ҆શʹΓସΘΔ 12
Ͳ͏ͬͨͷ͔ 13
ϓϩτίϧ • OpenID Connect (OIDC)1 ४ڌ • OAuth 2.0 ্ʹ͔ͬͬͨγϯϓϧͳΞΠσϯςΟςΟϨ
ΠϠʔ • ID ࿈ܞΛ͍͍ײ͢͡Δϓϩτίϧ • omniauth_openid_connect gem Λར༻ 1 https://openid.net/connect/ 14
ೝূํࣜͷΓସ͑ͰΔ͜ͱ • ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • طଘΞΧϯτͷσʔλҠߦ 15
ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • Feature Toggle + τϥϯΫϕʔε։ൃ • ! • վमൣғ͕ͯ͘ڝ߹ͷϦεΫ͕
͍ • ৽͍͠γεςϜΛฒߦͯ͠࡞Γͳ͕ Βɺஈ֊తʹಋೖͷ४උ͕Մೳ • ϩʔϧόοΫ͕༰қ (σʔλΛআ͍ͯ) 16
طଘΞΧϯτͷσʔλҠߦ ରσʔλ • ϝʔϧΞυϨε • ϋογϡԽࡁΈύεϫʔυ 17
طଘσʔλҠߦͷྲྀΕ 1. ࣄલม 2. ҰׅҠߦ 3. ࡞ɾߋ৽ΛϑοΫͯ͠μϒϧϥΠτ 4. ID ج൫͔Βͷσʔλಉظ
18
19
20
21
22
ଞʹͬͨ͜ͱΛ͔͍ͭ·ΜͰ • ೝূೝՄྖҬͷֶश • ։ൃڥͷඋ 23
ೝূೝՄྖҬͷֶश ϦϞʔτษڧձΛ։࠵ • OAuth 2.1 RFC ΛಡΉձ • OpenID Foundation
Japan ͷΤόϯδΣϦετͷํʑʹ૬ஊ͢Δձ2 ޮՌ • ਖ਼֬ͳཧղͷଅਐɺෆ҆ཁૉͷղফɺΑΓΑ͍ํ๏ͷؾ͖ • ϝϯόʔͷೝࣝΛ߹Θͤͯڞ௨ݴޠΛ֫ಘ 2 https://www.openid.or.jp/blog/cat170/ 24
։ൃڥͷඋ • ID ج൫ͱ STORES ͦΕͧΕ docker compose Ͱ։ൃڥΛߏங •
ઃఆʹ݁߹Λ࡞Γͨ͘ͳ͍ʢΤϯυϙΠ ϯτࢦఆɺϙʔτ൪߸ॏෳճආͳͲʣ • => STORES ͔Β ID ج൫Λ Docker in Docker3 (dind) Ͱىಈ • ࿈ܞ͕ෆཁͳͱ͖ೝূϞοΫͰܰྔԽ • ಉظपΓͷ SNS, SQS localstack Ͱ ϞοΫ 3 https://hub.docker.com/_/docker 25
ۤ࿑ͨ͜͠ͱ 26
ۤ࿑ͨ͜͠ͱ ଓʑͱൃ۷͞ΕΔٕज़తɾ༷తͳෛ࠴ • ͍͟ઃܭํΛܾΊͯਐΊͯΈΔͱɺͲΜͲΜ͕ൃ۷͞ Εͯ͘Δ • ٕज़తͳͷɺ༷తͳͷͷ྆ํ͋ͬͨ 27
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔٕज़తෛ࠴ͨͪͷରॲ • ෆཁͳػೳɺ࣮ • ͲΜͲΜআͯ͠վमൣғΛڱΊΔ • ͔ΓͮΒ͍࣮ • ෳࡶੑ͕ߴ·ΔϦεΫΛݮΒ͢Α͏ϦϑΝΫλϦϯά
28
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔ༷ͨͪͷରॲ • ഇࢭ༧ఆ͕ͩͬͨௐະ࣮ࢪͷ··ͩͬͨػೳ • ϓϩμΫτνʔϜʹਪਐΛґཔɺҰ෦ר͖औ࣮ͬͯࢪ • ഇࢭݕ౼Ͱ͖ͦ͏ͳػೳ • ༻ঢ়گͷ֬ೝɺඞཁͳௐΛ࣮ࢪ͠ഇࢭ
• ͳͥ͜͏ͳ͍ͬͯΔͷ͔୭͔Βͳ͍༷ • ߟݹֶऀͱͳΔ͔ɺߟݹֶऀʹॿ͚ΛٻΊͯɺ͋Δ͖ঢ়ଶΛߟܾ͑Ί Λ࡞Δ 29
ۤ࿑ͨ͜͠ͱ طଘσʔλͷཧ • Ҡߦ͕͍͠σʔλͷରॲ • ෆཁͳσʔλΛҠߦ͠ͳ͍ͨΊͷҠߦରͷཧ • Ҡߦޙͷ߹ੑʹϦεΫͷ͋Δσʔλͷௐ 30
ۤ࿑ͨ͜͠ͱ αʔϏεݸผͷࣄ vs ڞ௨ج൫ͷීวੑ • ࠷ॳͷ࿈ܞαʔϏεͱͯ͠ɺࣗવͳϢʔβʔମݧΛఏڙͨ͠ ͍ • Ұ࣌తʹ ID
ج൫ͱ STORES Ͱີ݁߹ʹͳΔ෦͕ੜ͡Δ • ؾ࣋ͪѱ͍͕ɺظతͳతͷͨΊʹҰఆڐ༰͠ɺ࣍ͷऔ ΓΈͰղফΛܭը • ID ج൫ʹෛ࠴Λ๊͑ͯΒ͍ͬͯΔঢ়گ 31
େ͖ͳτϥϒϧͳ͘ϦϦʔεྃ Photo by Wil Stewart on Unsplash https://unsplash.com/photos/UErWoQEoMrc
ֶͼ 33
ֶͼ ٕज़తෛ࠴ͱͷ͖߹͍ํ • جຊతʹී௨ͷ։ൃͱಉ͕ͩ͡ɺଟ͘ޙ͕ͳ͍ঢ়ଶͰݱΕ Δ • Լखʹଥڠ͢ΔͱγεςϜԣஅͷෛ࠴ʹͳΔ • طଘͷ࣮ʹܟҙ͏͕͠ͳ͍ •
ԿΒ͔ͷཧ༝͕͋ͬͯੵΈ্͛ΒΕͨݱঢ়ͷܟҙ • ͜Ε͕ਖ਼͍͠ͱࢥ͏ͷͰ͜ΕͰߦ͖·͢ͱ͍͏༐ؾ 34
ֶͼ ਫ໘Լͷͷදग़λΠϛϯά • ҰาਐΉͨͼʹ࣍ʑͱ͕ൃ۷͞ΕΔͱ͖͕͋Δ • γεςϜҠߦׂʹ͓͍ͯɺଟ͘ͷ߹ͦ͏͍͏ͷͰ͋Δ • ӅΕͯͳΜͱ͔ͳ͍ͬͯͨॲཧɺ͍͔ͭΖ͏ͱอཹ͞Ε͍ͯͨ ༷ •
͜͏ͨ͠ੑ࣭͔Βɺظݶͷίϛοτͮ͠Β͍͜ͱΛཧղ͓ͯ͘͠ • ுΓ͚ͬͯͬͭΔνϟϯεͱલ͖ʹߟ͑Δ 35
ֶͼ ͍͠ͷམͱ͠ॴΛܾΊΔ • ਫ໘Լ͔Βදग़ͨ͠ɺγεςϜҠߦʹ͏ • ͍͕࣍͠ʑͱग़͖ͯͯɺϦϦʔεʹͳ͔ͳ͔͚ۙͮͳ͍যΓ • ᘳͳղܾࡦΛߟ͑ͯ͠·͏͜ͱ͕ཪʹग़Δ͜ͱ • ྫྷ੩ʹɺతʹཱͪฦͬͯஸΑ͍མͱ͠ॴΛܾΊΔ
• ෳࡶͳΛγϯϓϧʹղ͘ํ๏Λ୳͢ • ࠷ॳΘ͔Βͳ͍͜ͱଟ͍͕͜ͷஅͷ܁Γฦ͠Ͱਫ਼্͕͕͍ͬͯ͘ 36
ֶͼ ن֨ʹΔͱ҆શͰޮ͕ྑ͍ • ڞ௨ج൫ͷϓϩτίϧ࡞Γͱ͍ͯ͠ • OIDC ͷ͓͔͛ͰզʑͲ͏࣮͢Δͷ͔ͱ͍͏ݕ౼ʹྗͰ͖ͨ • طଘͷن͕֨͋Γɺతʹ߹க͍ͯ͠ΔͳΒɺΘͳ͍खͳ͍ •
ଟ͘ͷ͕ٞॏͶΒΕར༻࣮ͷ͋Δن֨ΑΓ༏ΕͨͷΛ࡞Δͷ͠ ͍ • ϥΠϒϥϦ͕ଘࡏ͢Δ͜ͱଟ͍ • RFC ΛͪΌΜͱಡΜͰΈΛཧղ͢Δͷॏཁ 37
ֶͼ ૣΊʹͭͳ͛ͯಈ͔͢ • ࠓճɺͦΕͧΕ͕ϞοΫΛ࡞ͬͯ։ൃΛਐߦ • ॳظͷ༷ΞʔΩςΫνϟͷண͕ෆ࣮֬ͩͬͨͨΊ • ͍ؒϞοΫΛཔͬͯ͠·͍࿈ܞʹඞཁͳؾ͖͕ΕΔ͜ ͱ •
ෆશͰྑ͍ͷͰɺૣΊʹͭͳ͛ͯϑΟʔυόοΫΛಘΒ ΕΔঢ়ଶʹͰ͖ͨΒΑ͔ͬͨ 38
·ͱΊ • ID ج൫ͷ STORES ͷಋೖͱΞΧϯτͷҠߦΛɺμϯλΠϜͳ ͠ɺϢʔβʔૢ࡞ෆཁͰߦͬͨࣄྫΛհͨ͠ • औΓΈͷதͰۤ࿑ͨ͜͠ͱಘΒΕֶͨͼΛհͨ͠ɻಛʹɺજΜ Ͱ͍ͨͷऔΓΈʹ͍͓ͭͯͨ͠͠
• ෳࡶͳ͕ଓʑͱग़ͯ͘Δͱࠞཚ͢Δ͜ͱ͋Δ͕ɺతʹूத͠ ͯγϯϓϧʹղ͘ɺͱ͍͏ͷΛΕͣʹ͍͍ͨ • γεςϜҠߦׂͱ͍ͬͨಉछͷɺଞͷ͍͠ʹऔΓ ·ΕΔํͷώϯτʹͳΔͱ͏Ε͍͠ 39
40