Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
Search
Takuya Matsumoto
October 22, 2021
Technology
4
2.6k
STORES へのID基盤の導入と、ユーザーアカウントの移行を振り返って
https://kaigionrails.org/2021/talks/upinetree/
Takuya Matsumoto
October 22, 2021
Tweet
Share
More Decks by Takuya Matsumoto
See All by Takuya Matsumoto
STORES におけるセッションストアへの Amazon MemoryDB for Redis の活用と、移行戦略 / MemoryDB for STORES Session Store
upinetree
1
3.4k
バックエンド基盤チームのお仕事 / The value of the backend base team
upinetree
0
3.1k
CSSの技術的負債との向き合い方 / How to Deal with Technical Debt of CSS (ja)
upinetree
5
4.2k
How to Deal with Technical Debt of CSS
upinetree
1
540
書籍紹介LT:現場で使える Ruby on Rails 5 速習実践ガイド
upinetree
0
200
Introduction to Entering Test Design (Japanese)
upinetree
0
810
Hello React
upinetree
4
260
history of nicorepo gem and me
upinetree
0
150
Visualize team communications on github
upinetree
4
1.1k
Other Decks in Technology
See All in Technology
QAに対する超個人的な解釈 / Personal Take on QA
toma_sm
1
120
PDF Viewer作成の今までとこれから
hunachi
0
470
Fediverse Discovery Providers overview
andypiper
0
170
Agile in Automotive Industry, puzzles and lights.
hiranabe
3
1.4k
たった1人からはじめる【Agile Community of Practice】~ソース原理とFearless Changeを添えて~
ktc_corporate_it
1
480
可視化により内部品質をあげるAIドキュメントリバース/20240910 Hiromitsu Akiba
shift_evolve
0
220
再考 アクターモデル/ reconsider actor model
ytake
0
360
Analytics-Backed App Widget Development - Served with Jetpack Glance
miyabigouji
0
610
ついに出た!OpenAIの最新モデル「o1」って何がすごいの?
minorun365
PRO
3
1.2k
ロリポップ! for Gamersを支えるインフラ/lolipop for gamers infrastructure
takumakume
0
130
サーバー管理しないサーバーサービスManaged DevOps Pool
kkamegawa
0
130
eBPFのこれまでとこれから
yutarohayakawa
10
3.2k
Featured
See All Featured
GitHub's CSS Performance
jonrohan
1030
450k
Happy Clients
brianwarren
96
6.6k
Embracing the Ebb and Flow
colly
83
4.4k
The Cost Of JavaScript in 2023
addyosmani
42
5.7k
Speed Design
sergeychernyshev
22
430
Optimizing for Happiness
mojombo
375
69k
Mobile First: as difficult as doing things right
swwweet
221
8.8k
A Philosophy of Restraint
colly
202
16k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
190
16k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2k
Thoughts on Productivity
jonyablonski
66
4.2k
Adopting Sorbet at Scale
ufuk
73
8.9k
Transcript
STORES ͷ ID ج൫ͷ ಋೖͱɺϢʔβʔΞΧ ϯτͷҠߦΛৼΓฦͬͯ 2021.10.22 Kaigi on Rails
2021
Who? Takuya Matsumoto @upinetree • hey ࣾ • Ruby, EM
• ☕ , " , # • ڞஶ: ݱͰ͑Δ Ruby on Rails 5 श࣮ફΨΠυ, 2018 ϑϩϦμ WDW ʹͯ (2019)
ϓϥοτϑΥʔϜ Platform Photo by Roman Fox on Unsplash https://unsplash.com/photos/-iVNDAOeXn8
…ʁ • OSɺϋʔυΣΞɺήʔϜͱ͔ͷಈ࡞ڥ • ࣾͷج൫γεςϜ • App StoreɺSteam ͷΑ͏ͳ৴ڥ •
AWSɺGoogle Workspace ͷΑ͏ͳෳαʔϏεͷू߹ମ 4
͓ళͷσδλϧΛ·Δͬͱαϙʔτ 5
ϓϥοτϑΥʔϜ͕ఏڙ͍ͨ͠Ձ • STORES ϓϥοτϑΥʔϜͱͯ͠౷߹͞ΕͨମݧΛಘΒΕΔ • ҰճαΠϯΞοϓ͢ΕɺԣஅͰ͍ΖΜͳσδλϧԽͷࢧԉ Λड͚ΒΕΔ 6
ݱ࣌Ͱ • ͦΕͧΕͷϓϩμΫτ͕ಠཱͯ͠ଘࡏ͠ɺͦΕͧΕͰαΠϯ Ξοϓ͕ඞཁ • ϓϥοτϑΥʔϜͱͯ͠౷߹͞Εͨମݧݶఆత • ࠷ॳ͔ΒϓϥοτϑΥʔϜͱͯ͠ઃܭ͞Ε͍ͯͳ͍ͨΊ ٕज़తʹ·Δͬͱͭͳ͍͛ͯ͘ඞཁ͕͋Δ 7
ΞΧϯτͷ౷߹ Photo by Daniel Olah on Unsplash https://unsplash.com/photos/VS_kFx4yF5g
ࠓ͓͢Δ͜ͱ • ωοτγϣοϓ࡞αʔϏε STORES ͷ ID ج൫ಋೖͷ • ͬͨ͜ͱۤ࿑ͨ͜͠ͱΛৼΓฦΓɺֶͼΛڞ༗ •
৫ؒௐίϛϡχέʔγϣϯͷࠓճׂѪ ※νʔϜͷՌΛɺࢲ͕ද͓ͯ͠͠·͢ 9
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ • ID ج൫ͱ͍͏γεςϜΛ࡞Δ • طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ 10
ΞΧϯτͷ౷߹ʹඞཁͳ͜ͱ ID ج൫ͱ͍͏γεςϜΛ࡞Δ • ։ൃνʔϜ͕ൃ • Go + Next.js
• ຊൃදͷର֎ ! طଘαʔϏεʹ ID ج൫Λಋೖ͢Δ • ࠷ॳͷಋೖઌɺωοτγϣοϓ ࡞αʔϏεͷ STORES • Rails + Nuxt.js • զʑ͕୲ • 3 ਓνʔϜ w/ @HolyGrail, ۀҕୗͷํ • ຊൃදͰѻ͏༰ 11
STORES ͷ ID ج൫ͷಋೖํ • ೝূํࣜͷՃͰͳ͘ɺΞΧϯτҠߦ͠ೝূํࣜΛΓସ͑ Δ • ࠷ॳͷಋೖͳͷͰɺ৽͍͠ೝূํࣜͷૌٻ͍͠ •
ͨͱ͑ʮSTORES ϓϥοτϑΥʔϜͰϩάΠϯʯࠞཚͷ ͱ • ΞΧϯτҠߦͷͨΊʹϢʔβʔૢ࡞ΛٻΊͳ͍ • ཪଆͰ͍͍ײ͡ʹɺͰ͖ΕμϯλΠϜͳ͠Ͱ҆શʹΓସΘΔ 12
Ͳ͏ͬͨͷ͔ 13
ϓϩτίϧ • OpenID Connect (OIDC)1 ४ڌ • OAuth 2.0 ্ʹ͔ͬͬͨγϯϓϧͳΞΠσϯςΟςΟϨ
ΠϠʔ • ID ࿈ܞΛ͍͍ײ͢͡Δϓϩτίϧ • omniauth_openid_connect gem Λར༻ 1 https://openid.net/connect/ 14
ೝূํࣜͷΓସ͑ͰΔ͜ͱ • ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • طଘΞΧϯτͷσʔλҠߦ 15
ભҠઌϦμΠϨΫγϣϯͷΓସ͑ • Feature Toggle + τϥϯΫϕʔε։ൃ • ! • վमൣғ͕ͯ͘ڝ߹ͷϦεΫ͕
͍ • ৽͍͠γεςϜΛฒߦͯ͠࡞Γͳ͕ Βɺஈ֊తʹಋೖͷ४උ͕Մೳ • ϩʔϧόοΫ͕༰қ (σʔλΛআ͍ͯ) 16
طଘΞΧϯτͷσʔλҠߦ ରσʔλ • ϝʔϧΞυϨε • ϋογϡԽࡁΈύεϫʔυ 17
طଘσʔλҠߦͷྲྀΕ 1. ࣄલม 2. ҰׅҠߦ 3. ࡞ɾߋ৽ΛϑοΫͯ͠μϒϧϥΠτ 4. ID ج൫͔Βͷσʔλಉظ
18
19
20
21
22
ଞʹͬͨ͜ͱΛ͔͍ͭ·ΜͰ • ೝূೝՄྖҬͷֶश • ։ൃڥͷඋ 23
ೝূೝՄྖҬͷֶश ϦϞʔτษڧձΛ։࠵ • OAuth 2.1 RFC ΛಡΉձ • OpenID Foundation
Japan ͷΤόϯδΣϦετͷํʑʹ૬ஊ͢Δձ2 ޮՌ • ਖ਼֬ͳཧղͷଅਐɺෆ҆ཁૉͷղফɺΑΓΑ͍ํ๏ͷؾ͖ • ϝϯόʔͷೝࣝΛ߹Θͤͯڞ௨ݴޠΛ֫ಘ 2 https://www.openid.or.jp/blog/cat170/ 24
։ൃڥͷඋ • ID ج൫ͱ STORES ͦΕͧΕ docker compose Ͱ։ൃڥΛߏங •
ઃఆʹ݁߹Λ࡞Γͨ͘ͳ͍ʢΤϯυϙΠ ϯτࢦఆɺϙʔτ൪߸ॏෳճආͳͲʣ • => STORES ͔Β ID ج൫Λ Docker in Docker3 (dind) Ͱىಈ • ࿈ܞ͕ෆཁͳͱ͖ೝূϞοΫͰܰྔԽ • ಉظपΓͷ SNS, SQS localstack Ͱ ϞοΫ 3 https://hub.docker.com/_/docker 25
ۤ࿑ͨ͜͠ͱ 26
ۤ࿑ͨ͜͠ͱ ଓʑͱൃ۷͞ΕΔٕज़తɾ༷తͳෛ࠴ • ͍͟ઃܭํΛܾΊͯਐΊͯΈΔͱɺͲΜͲΜ͕ൃ۷͞ Εͯ͘Δ • ٕज़తͳͷɺ༷తͳͷͷ྆ํ͋ͬͨ 27
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔٕज़తෛ࠴ͨͪͷରॲ • ෆཁͳػೳɺ࣮ • ͲΜͲΜআͯ͠վमൣғΛڱΊΔ • ͔ΓͮΒ͍࣮ • ෳࡶੑ͕ߴ·ΔϦεΫΛݮΒ͢Α͏ϦϑΝΫλϦϯά
28
ۤ࿑ͨ͜͠ͱ ͛ͱͳΔ༷ͨͪͷରॲ • ഇࢭ༧ఆ͕ͩͬͨௐະ࣮ࢪͷ··ͩͬͨػೳ • ϓϩμΫτνʔϜʹਪਐΛґཔɺҰ෦ר͖औ࣮ͬͯࢪ • ഇࢭݕ౼Ͱ͖ͦ͏ͳػೳ • ༻ঢ়گͷ֬ೝɺඞཁͳௐΛ࣮ࢪ͠ഇࢭ
• ͳͥ͜͏ͳ͍ͬͯΔͷ͔୭͔Βͳ͍༷ • ߟݹֶऀͱͳΔ͔ɺߟݹֶऀʹॿ͚ΛٻΊͯɺ͋Δ͖ঢ়ଶΛߟܾ͑Ί Λ࡞Δ 29
ۤ࿑ͨ͜͠ͱ طଘσʔλͷཧ • Ҡߦ͕͍͠σʔλͷରॲ • ෆཁͳσʔλΛҠߦ͠ͳ͍ͨΊͷҠߦରͷཧ • Ҡߦޙͷ߹ੑʹϦεΫͷ͋Δσʔλͷௐ 30
ۤ࿑ͨ͜͠ͱ αʔϏεݸผͷࣄ vs ڞ௨ج൫ͷීวੑ • ࠷ॳͷ࿈ܞαʔϏεͱͯ͠ɺࣗવͳϢʔβʔମݧΛఏڙͨ͠ ͍ • Ұ࣌తʹ ID
ج൫ͱ STORES Ͱີ݁߹ʹͳΔ෦͕ੜ͡Δ • ؾ࣋ͪѱ͍͕ɺظతͳతͷͨΊʹҰఆڐ༰͠ɺ࣍ͷऔ ΓΈͰղফΛܭը • ID ج൫ʹෛ࠴Λ๊͑ͯΒ͍ͬͯΔঢ়گ 31
େ͖ͳτϥϒϧͳ͘ϦϦʔεྃ Photo by Wil Stewart on Unsplash https://unsplash.com/photos/UErWoQEoMrc
ֶͼ 33
ֶͼ ٕज़తෛ࠴ͱͷ͖߹͍ํ • جຊతʹී௨ͷ։ൃͱಉ͕ͩ͡ɺଟ͘ޙ͕ͳ͍ঢ়ଶͰݱΕ Δ • Լखʹଥڠ͢ΔͱγεςϜԣஅͷෛ࠴ʹͳΔ • طଘͷ࣮ʹܟҙ͏͕͠ͳ͍ •
ԿΒ͔ͷཧ༝͕͋ͬͯੵΈ্͛ΒΕͨݱঢ়ͷܟҙ • ͜Ε͕ਖ਼͍͠ͱࢥ͏ͷͰ͜ΕͰߦ͖·͢ͱ͍͏༐ؾ 34
ֶͼ ਫ໘Լͷͷදग़λΠϛϯά • ҰาਐΉͨͼʹ࣍ʑͱ͕ൃ۷͞ΕΔͱ͖͕͋Δ • γεςϜҠߦׂʹ͓͍ͯɺଟ͘ͷ߹ͦ͏͍͏ͷͰ͋Δ • ӅΕͯͳΜͱ͔ͳ͍ͬͯͨॲཧɺ͍͔ͭΖ͏ͱอཹ͞Ε͍ͯͨ ༷ •
͜͏ͨ͠ੑ࣭͔Βɺظݶͷίϛοτͮ͠Β͍͜ͱΛཧղ͓ͯ͘͠ • ுΓ͚ͬͯͬͭΔνϟϯεͱલ͖ʹߟ͑Δ 35
ֶͼ ͍͠ͷམͱ͠ॴΛܾΊΔ • ਫ໘Լ͔Βදग़ͨ͠ɺγεςϜҠߦʹ͏ • ͍͕࣍͠ʑͱग़͖ͯͯɺϦϦʔεʹͳ͔ͳ͔͚ۙͮͳ͍যΓ • ᘳͳղܾࡦΛߟ͑ͯ͠·͏͜ͱ͕ཪʹग़Δ͜ͱ • ྫྷ੩ʹɺతʹཱͪฦͬͯஸΑ͍མͱ͠ॴΛܾΊΔ
• ෳࡶͳΛγϯϓϧʹղ͘ํ๏Λ୳͢ • ࠷ॳΘ͔Βͳ͍͜ͱଟ͍͕͜ͷஅͷ܁Γฦ͠Ͱਫ਼্͕͕͍ͬͯ͘ 36
ֶͼ ن֨ʹΔͱ҆શͰޮ͕ྑ͍ • ڞ௨ج൫ͷϓϩτίϧ࡞Γͱ͍ͯ͠ • OIDC ͷ͓͔͛ͰզʑͲ͏࣮͢Δͷ͔ͱ͍͏ݕ౼ʹྗͰ͖ͨ • طଘͷن͕֨͋Γɺతʹ߹க͍ͯ͠ΔͳΒɺΘͳ͍खͳ͍ •
ଟ͘ͷ͕ٞॏͶΒΕར༻࣮ͷ͋Δن֨ΑΓ༏ΕͨͷΛ࡞Δͷ͠ ͍ • ϥΠϒϥϦ͕ଘࡏ͢Δ͜ͱଟ͍ • RFC ΛͪΌΜͱಡΜͰΈΛཧղ͢Δͷॏཁ 37
ֶͼ ૣΊʹͭͳ͛ͯಈ͔͢ • ࠓճɺͦΕͧΕ͕ϞοΫΛ࡞ͬͯ։ൃΛਐߦ • ॳظͷ༷ΞʔΩςΫνϟͷண͕ෆ࣮֬ͩͬͨͨΊ • ͍ؒϞοΫΛཔͬͯ͠·͍࿈ܞʹඞཁͳؾ͖͕ΕΔ͜ ͱ •
ෆશͰྑ͍ͷͰɺૣΊʹͭͳ͛ͯϑΟʔυόοΫΛಘΒ ΕΔঢ়ଶʹͰ͖ͨΒΑ͔ͬͨ 38
·ͱΊ • ID ج൫ͷ STORES ͷಋೖͱΞΧϯτͷҠߦΛɺμϯλΠϜͳ ͠ɺϢʔβʔૢ࡞ෆཁͰߦͬͨࣄྫΛհͨ͠ • औΓΈͷதͰۤ࿑ͨ͜͠ͱಘΒΕֶͨͼΛհͨ͠ɻಛʹɺજΜ Ͱ͍ͨͷऔΓΈʹ͍͓ͭͯͨ͠͠
• ෳࡶͳ͕ଓʑͱग़ͯ͘Δͱࠞཚ͢Δ͜ͱ͋Δ͕ɺతʹूத͠ ͯγϯϓϧʹղ͘ɺͱ͍͏ͷΛΕͣʹ͍͍ͨ • γεςϜҠߦׂͱ͍ͬͨಉछͷɺଞͷ͍͠ʹऔΓ ·ΕΔํͷώϯτʹͳΔͱ͏Ε͍͠ 39
40