Upgrade to Pro — share decks privately, control downloads, hide ads and more …

STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Takuya Matsumoto Takuya Matsumoto
October 22, 2021
Technology
3.3k
5

STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って

https://kaigionrails.org/2021/talks/upinetree/

Avatar for Takuya Matsumoto

Takuya Matsumoto

October 22, 2021

More Decks by Takuya Matsumoto

See All by Takuya Matsumoto
STORES におけるセッションストアへの Amazon MemoryDB for Redis の活用と、移行戦略 / MemoryDB for STORES Session Store
Avatar for Takuya Matsumoto upinetree
2
4.8k
バックエンド基盤チームのお仕事 / The value of the backend base team
Avatar for Takuya Matsumoto upinetree
0
3.8k
CSSの技術的負債との向き合い方 / How to Deal with Technical Debt of CSS (ja)
Avatar for Takuya Matsumoto upinetree
5
4.4k
How to Deal with Technical Debt of CSS
Avatar for Takuya Matsumoto upinetree
1
600
書籍紹介LT:現場で使える Ruby on Rails 5 速習実践ガイド
Avatar for Takuya Matsumoto upinetree
0
220
Introduction to Entering Test Design (Japanese)
Avatar for Takuya Matsumoto upinetree
0
860
Hello React
Avatar for Takuya Matsumoto upinetree
4
300
history of nicorepo gem and me
Avatar for Takuya Matsumoto upinetree
0
170
Visualize team communications on github
Avatar for Takuya Matsumoto upinetree
4
1.3k

Other Decks in Technology

See All in Technology
AIエージェントの権限管理 2: データ基盤の Fine grained access control 編
Avatar for Renya Kujirada ren8k
0
120
システムは「動く」だけでは足りない 実装編 - 非機能要件・分散システム・トレードオフをコードで見る
Avatar for nwiizo nwiizo
4
420
明日からドヤれる!超マニアックなAWSセキュリティTips10連発 / 10 Ultra-Niche AWS Security Tips
Avatar for Yuji Oshima yuj1osm
0
550
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
Avatar for Kenji Saito ks91
PRO
0
290
20260423_執筆の工夫と裏側 技術書の企画から刊行まで / From the planning to the publication of technical book
Avatar for nash_efp nash_efp
3
370
No Types Needed, Just Callable Method Check
Avatar for dak2 dak2
1
600
AI時代にデータ基盤が持つべきCapabilityを考える + Snowflake Data Superheroやっていき宣言 / Considering the Capabilities Data Platforms Should Have in the AI Era + Declaration of Commitment as a Snowflake Data Superhero
Avatar for Civitaspo civitaspo
0
120
Azure Static Web Apps の自動ビルドがタイムアウトしやすくなった状況に対応した件/global-azure2026
Avatar for TonyTonyKun thara0402
0
380
基盤を育てる 外部SaaS連携の運用
Avatar for Hiroto Gamo gamonges_dresscode
1
110
AWS認定資格は本当に意味があるのか?
Avatar for NRI Netcom nrinetcom
PRO
1
260
Amazon S3 Filesについて
Avatar for Yuuki Yamashita yama3133
2
200
Digitization部 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
1
7.3k

Featured

See All Featured
KATA
Avatar for Megan Lloyd mclloyd
PRO
35
15k
Groundhog Day: Seeking Process in Gaming for Health
Avatar for Sebastian Deterding codingconduct
0
140
What the history of the web can teach us about the future of AI
Avatar for Ines Montani inesmontani
PRO
1
520
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
Avatar for Aleyda Solis aleyda
1
2k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
55
8.1k
End of SEO as We Know It (SMX Advanced Version)
Avatar for Michael King ipullrank
3
4.1k
Test your architecture with Archunit
Avatar for Yoan thirion
1
2.2k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
Avatar for konakalab konakalab
0
400
We Are The Robots
Avatar for Honza Javorek honzajavorek
0
210
How to Talk to Developers About Accessibility
Avatar for Jason CranfordTeague jct
2
180
Skip the Path - Find Your Career Trail
Avatar for Mark Kilby mkilby
1
110
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
Avatar for Irina Nazarova irinanazarova
9
1.3k

Transcript

  1. STORES ΁ͷ ID ج൫ͷ ಋೖͱɺϢʔβʔΞΧ΢ ϯτͷҠߦΛৼΓฦͬͯ 2021.10.22 Kaigi on Rails

    2021

  2. Who? Takuya Matsumoto @upinetree • hey ࣾ • Ruby, EM

    • ☕ , " , # • ڞஶ: ݱ৔Ͱ࢖͑Δ Ruby on Rails 5 ଎श࣮ફΨΠυ, 2018 ϑϩϦμ WDW ʹͯ (2019)

  3. ϓϥοτϑΥʔϜ Platform Photo by Roman Fox on Unsplash https://unsplash.com/photos/-iVNDAOeXn8

  4. ౔୆…ʁ • OSɺϋʔυ΢ΣΞɺήʔϜͱ͔ͷಈ࡞؀ڥ • ࣾ಺ͷج൫γεςϜ • App StoreɺSteam ͷΑ͏ͳ഑৴؀ڥ •

    AWSɺGoogle Workspace ͷΑ͏ͳෳ਺αʔϏεͷू߹ମ 4

  5. ͓ళͷσδλϧΛ·Δͬͱαϙʔτ 5

  6. ϓϥοτϑΥʔϜ͕ఏڙ͍ͨ͠Ձ஋ • STORES ϓϥοτϑΥʔϜͱͯ͠౷߹͞ΕͨମݧΛಘΒΕΔ • ҰճαΠϯΞοϓ͢Ε͹ɺԣஅͰ͍ΖΜͳσδλϧԽͷࢧԉ Λड͚ΒΕΔ 6

  7. ݱ࣌఺Ͱ͸ • ͦΕͧΕͷϓϩμΫτ͕ಠཱͯ͠ଘࡏ͠ɺͦΕͧΕͰαΠϯ Ξοϓ͕ඞཁ • ϓϥοτϑΥʔϜͱͯ͠౷߹͞Εͨମݧ͸ݶఆత • ࠷ॳ͔ΒϓϥοτϑΥʔϜͱͯ͠ઃܭ͞Ε͍ͯͳ͍ͨΊ ٕज़తʹ΋·Δͬͱͭͳ͍͛ͯ͘ඞཁ͕͋Δ 7

  8. ΞΧ΢ϯτͷ౷߹ Photo by Daniel Olah on Unsplash https://unsplash.com/photos/VS_kFx4yF5g

  9. ࠓ೔͓࿩͢Δ͜ͱ • ωοτγϣοϓ࡞੒αʔϏε STORES ΁ͷ ID ج൫ಋೖͷ࿩ • ΍ͬͨ͜ͱ΍ۤ࿑ͨ͜͠ͱΛৼΓฦΓɺֶͼΛڞ༗ •

    ૊৫ؒௐ੔΍ίϛϡχέʔγϣϯͷ࿩͸ࠓճ͸ׂѪ ※νʔϜͷ੒ՌΛɺࢲ͕୅ද͓ͯ͠࿩͠·͢ 9

  10. ΞΧ΢ϯτͷ౷߹ʹඞཁͳ͜ͱ • ID ج൫ͱ͍͏γεςϜΛ࡞Δ • طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ 10

  11. ΞΧ΢ϯτͷ౷߹ʹඞཁͳ͜ͱ ID ج൫ͱ͍͏γεςϜΛ࡞Δ • ։ൃνʔϜ͕ൃ଍ • Go + Next.js ੡

    • ຊൃදͷର৅֎ ! طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ • ࠷ॳͷಋೖઌ͸ɺωοτγϣοϓ ࡞੒αʔϏεͷ STORES • Rails + Nuxt.js ੡ • զʑ͕୲౰ • 3 ਓνʔϜ w/ @HolyGrail, ۀ຿ҕୗͷํ • ຊൃදͰѻ͏಺༰ 11

  12. STORES ΁ͷ ID ج൫ͷಋೖํ਑ • ೝূํࣜͷ௥ՃͰ͸ͳ͘ɺΞΧ΢ϯτҠߦ͠ೝূํࣜΛ੾Γସ͑ Δ • ࠷ॳͷಋೖͳͷͰɺ৽͍͠ೝূํࣜͷૌٻ͸೉͍͠ •

    ͨͱ͑͹ʮSTORES ϓϥοτϑΥʔϜͰϩάΠϯʯ͸ࠞཚͷ΋ ͱ • ΞΧ΢ϯτҠߦͷͨΊʹϢʔβʔૢ࡞ΛٻΊͳ͍ • ཪଆͰ͍͍ײ͡ʹɺͰ͖Ε͹μ΢ϯλΠϜͳ͠Ͱ҆શʹ੾ΓସΘΔ 12

  13. Ͳ͏΍ͬͨͷ͔ 13

  14. ϓϩτίϧ • OpenID Connect (OIDC)1 ४ڌ • OAuth 2.0 ্ʹ৐͔ͬͬͨγϯϓϧͳΞΠσϯςΟςΟϨ

    ΠϠʔ • ID ࿈ܞΛ͍͍ײ͢͡Δϓϩτίϧ • omniauth_openid_connect gem Λར༻ 1 https://openid.net/connect/ 14

  15. ೝূํࣜͷ੾Γସ͑Ͱ΍Δ͜ͱ • ભҠઌ΍ϦμΠϨΫγϣϯͷ੾Γସ͑ • طଘΞΧ΢ϯτͷσʔλҠߦ 15

  16. ભҠઌ΍ϦμΠϨΫγϣϯͷ੾Γସ͑ • Feature Toggle + τϥϯΫϕʔε։ൃ • ! • վमൣғ͕޿ͯ͘΋ڝ߹ͷϦεΫ͕௿

    ͍ • ৽͍͠γεςϜΛฒߦͯ͠࡞Γͳ͕ Βɺஈ֊తʹಋೖͷ४උ͕Մೳ • ϩʔϧόοΫ͕༰қ (σʔλΛআ͍ͯ) 16

  17. طଘΞΧ΢ϯτͷσʔλҠߦ ର৅σʔλ • ϝʔϧΞυϨε • ϋογϡԽࡁΈύεϫʔυ 17

  18. طଘσʔλҠߦͷྲྀΕ 1. ࣄલม׵ 2. ҰׅҠߦ 3. ࡞੒ɾߋ৽ΛϑοΫͯ͠μϒϧϥΠτ 4. ID ج൫͔Βͷσʔλಉظ

    18

  19. 19

  20. 20

  21. 21

  22. 22

  23. ଞʹ΍ͬͨ͜ͱΛ͔͍ͭ·ΜͰ • ೝূೝՄྖҬͷֶश • ։ൃ؀ڥͷ੔උ 23

  24. ೝূೝՄྖҬͷֶश ϦϞʔτษڧձΛ։࠵ • OAuth 2.1 RFC ΛಡΉձ • OpenID Foundation

    Japan ͷΤόϯδΣϦετͷํʑʹ૬ஊ͢Δձ2 ޮՌ • ਖ਼֬ͳཧղͷଅਐɺෆ҆ཁૉͷղফɺΑΓΑ͍ํ๏΁ͷؾ෇͖ • ϝϯόʔͷೝࣝΛ߹Θͤͯڞ௨ݴޠΛ֫ಘ 2 https://www.openid.or.jp/blog/cat170/ 24

  25. ։ൃ؀ڥͷ੔උ • ID ج൫ͱ STORES ͸ͦΕͧΕ docker compose Ͱ։ൃ؀ڥΛߏங •

    ઃఆʹ݁߹఺Λ࡞Γͨ͘ͳ͍ʢΤϯυϙΠ ϯτࢦఆɺϙʔτ൪߸ॏෳճආͳͲʣ • => STORES ͔Β ID ج൫Λ Docker in Docker3 (dind) Ͱىಈ • ࿈ܞ͕ෆཁͳͱ͖͸ೝূϞοΫͰܰྔԽ • ಉظपΓͷ SNS, SQS ͸ localstack Ͱ ϞοΫ 3 https://hub.docker.com/_/docker 25

  26. ۤ࿑ͨ͜͠ͱ 26

  27. ۤ࿑ͨ͜͠ͱ ଓʑͱൃ۷͞ΕΔٕज़తɾ࢓༷తͳෛ࠴ • ͍͟ઃܭํ਑ΛܾΊͯਐΊͯΈΔͱɺͲΜͲΜ໰୊͕ൃ۷͞ Εͯ͘Δ • ٕज़తͳ΋ͷɺ࢓༷తͳ΋ͷͷ྆ํ͋ͬͨ 27

  28. ۤ࿑ͨ͜͠ͱ ๦͛ͱͳΔٕज़తෛ࠴ͨͪ΁ͷରॲ • ෆཁͳػೳɺ࣮૷ • ͲΜͲΜ࡟আͯ͠վमൣғΛڱΊΔ • ෼͔ΓͮΒ͍࣮૷ • ෳࡶੑ͕ߴ·ΔϦεΫΛݮΒ͢Α͏ϦϑΝΫλϦϯά

    28

  29. ۤ࿑ͨ͜͠ͱ ๦͛ͱͳΔ࢓༷ͨͪ΁ͷରॲ • ഇࢭ༧ఆ͕ͩͬͨௐ੔ະ࣮ࢪͷ··ͩͬͨػೳ • ϓϩμΫτνʔϜʹਪਐΛґཔɺҰ෦ר͖औ࣮ͬͯࢪ • ഇࢭݕ౼Ͱ͖ͦ͏ͳػೳ • ࢖༻ঢ়گͷ֬ೝɺඞཁͳௐ੔Λ࣮ࢪ͠ഇࢭ

    • ͳͥ͜͏ͳ͍ͬͯΔͷ͔୭΋෼͔Βͳ͍࢓༷ • ߟݹֶऀͱͳΔ͔ɺߟݹֶऀʹॿ͚ΛٻΊͯɺ͋Δ΂͖ঢ়ଶΛߟܾ͑Ί Λ࡞Δ 29

  30. ۤ࿑ͨ͜͠ͱ طଘσʔλͷ੔ཧ • Ҡߦ͕೉͍͠σʔλͷରॲ • ෆཁͳσʔλΛҠߦ͠ͳ͍ͨΊͷҠߦର৅ͷ੔ཧ • Ҡߦޙͷ੔߹ੑʹϦεΫͷ͋Δσʔλͷௐ੔ 30

  31. ۤ࿑ͨ͜͠ͱ αʔϏεݸผͷࣄ৘ vs ڞ௨ج൫ͷීวੑ • ࠷ॳͷ࿈ܞαʔϏεͱͯ͠ɺࣗવͳϢʔβʔମݧΛఏڙͨ͠ ͍ • Ұ࣌తʹ ID

    ج൫ͱ STORES Ͱີ݁߹ʹͳΔ෦෼͕ੜ͡Δ • ؾ࣋ͪѱ͍͕ɺ୹ظతͳ໨తͷͨΊʹҰఆ͸ڐ༰͠ɺ࣍ͷऔ Γ૊ΈͰղফΛܭը • ID ج൫ʹෛ࠴Λ๊͑ͯ΋Β͍ͬͯΔঢ়گ 31

  32. େ͖ͳτϥϒϧ΋ͳ͘ϦϦʔε׬ྃ Photo by Wil Stewart on Unsplash https://unsplash.com/photos/UErWoQEoMrc

  33. ֶͼ 33

  34. ֶͼ ٕज़తෛ࠴ͱͷ޲͖߹͍ํ • جຊతʹ͸ී௨ͷ։ൃͱಉ͕ͩ͡ɺଟ͘͸ޙ͕ͳ͍ঢ়ଶͰݱΕ Δ • Լखʹଥڠ͢ΔͱγεςϜԣஅͷෛ࠴ʹͳΔ • طଘͷ࣮૷ʹܟҙ͸෷͏͕዁౓͠ͳ͍ •

    ԿΒ͔ͷཧ༝͕͋ͬͯੵΈ্͛ΒΕͨݱঢ়΁ͷܟҙ • ͜Ε͕ਖ਼͍͠ͱࢥ͏ͷͰ͜ΕͰߦ͖·͢ͱ͍͏༐ؾ 34

  35. ֶͼ ਫ໘Լͷ໰୊ͷදग़λΠϛϯά • ҰาਐΉͨͼʹ࣍ʑͱ໰୊͕ൃ۷͞ΕΔͱ͖͕͋Δ • γεςϜҠߦ΍෼ׂʹ͓͍ͯ͸ɺଟ͘ͷ৔߹ͦ͏͍͏΋ͷͰ͋Δ • ӅΕͯͳΜͱ͔ͳ͍ͬͯͨॲཧɺ͍͔ͭ΍Ζ͏ͱอཹ͞Ε͍ͯͨ࢓ ༷ •

    ͜͏ͨ͠ੑ࣭͔Βɺظݶ΁ͷίϛοτ͸ͮ͠Β͍͜ͱΛཧղ͓ͯ͘͠ • ுΓ੾ͬͯ΍͚ͬͭΔνϟϯεͱલ޲͖ʹߟ͑Δ 35

  36. ֶͼ ೉͍͠໰୊ͷམͱ͠ॴΛܾΊΔ • ਫ໘Լ͔Βදग़ͨ͠໰୊ɺγεςϜҠߦʹ൐͏໰୊ • ೉͍͠໰୊͕࣍ʑͱग़͖ͯͯɺϦϦʔεʹͳ͔ͳ͔͚ۙͮͳ͍যΓ • ׬ᘳͳղܾࡦΛߟ͑ͯ͠·͏͜ͱ͕ཪ໨ʹग़Δ͜ͱ΋ • ྫྷ੩ʹɺ໨తʹཱͪฦͬͯஸ౓Α͍མͱ͠ॴΛܾΊΔ

    • ෳࡶͳ໰୊Λγϯϓϧʹղ͘ํ๏Λ୳͢ • ࠷ॳ͸Θ͔Βͳ͍͜ͱ΋ଟ͍͕͜ͷ൑அͷ܁Γฦ͠Ͱਫ਼౓্͕͕͍ͬͯ͘ 36

  37. ֶͼ ن֨ʹ৐Δͱ҆શͰޮ཰͕ྑ͍ • ڞ௨ج൫ͷϓϩτίϧ࡞Γ͸ͱͯ΋೉͍͠໰୊ • OIDC ͷ͓͔͛Ͱզʑ͸Ͳ͏࣮૷͢Δͷ͔ͱ͍͏ݕ౼ʹ஫ྗͰ͖ͨ • طଘͷن͕֨͋Γɺ໨తʹ߹க͍ͯ͠ΔͳΒɺ࢖Θͳ͍ख͸ͳ͍ •

    ଟ͘ͷٞ࿦͕ॏͶΒΕར༻࣮੷ͷ͋Δن֨ΑΓ༏Εͨ΋ͷΛ࡞Δͷ͸೉͠ ͍ • ϥΠϒϥϦ͕ଘࡏ͢Δ͜ͱ΋ଟ͍ • RFC ΛͪΌΜͱಡΜͰ࢓૊ΈΛཧղ͢Δͷ͸ॏཁ 37

  38. ֶͼ ૣΊʹͭͳ͛ͯಈ͔͢ • ࠓճɺͦΕͧΕ͕ϞοΫΛ࡞ͬͯ։ൃΛਐߦ • ॳظͷ࢓༷΍ΞʔΩςΫνϟͷண஍఺͕ෆ࣮֬ͩͬͨͨΊ • ௕͍ؒϞοΫΛཔͬͯ͠·͍࿈ܞʹඞཁͳؾ෇͖͕஗ΕΔ͜ ͱ΋ •

    ෆ׬શͰ΋ྑ͍ͷͰɺૣΊʹͭͳ͛ͯϑΟʔυόοΫΛಘΒ ΕΔঢ়ଶʹͰ͖ͨΒΑ͔ͬͨ 38

  39. ·ͱΊ • ID ج൫ͷ STORES ΁ͷಋೖͱΞΧ΢ϯτͷҠߦΛɺμ΢ϯλΠϜͳ ͠ɺϢʔβʔૢ࡞ෆཁͰߦͬͨࣄྫΛ঺հͨ͠ • औΓ૊ΈͷதͰۤ࿑ͨ͜͠ͱ΍ಘΒΕֶͨͼΛ঺հͨ͠ɻಛʹɺજΜ Ͱ͍ͨ໰୊΁ͷऔΓ૊Έʹ͍͓ͭͯ࿩ͨ͠͠

    • ෳࡶͳ໰୊͕ଓʑͱग़ͯ͘Δͱࠞཚ͢Δ͜ͱ΋͋Δ͕ɺ໨తʹूத͠ ͯγϯϓϧʹղ͘ɺͱ͍͏ͷΛ๨Εͣʹ͍͍ͨ • γεςϜҠߦ΍෼ׂͱ͍ͬͨಉछͷ໰୊΍ɺଞͷ೉͍͠໰୊ʹऔΓ૊ ·ΕΔํͷώϯτʹͳΔͱ͏Ε͍͠ 39

  40. 40