27
OAuth 2.0 & OpenID Connect

OAuth 2.0 & OpenID Connect #MA7

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: OAuth 2.0 & OpenID Connect #MA7

OAuth 2.0 &OpenID Connect

Page 2: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

@nov

OpenID Foundation Japan Evangelist

OAuth.jp

Ruby Libraries

rack-oauth2

openid_connect

fb_graph

Page 3: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Platform ♥ 3rd-party Developers

Page 4: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Access Control for APIs

API Integration

Page 5: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

NG

Page 6: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Page 7: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

OAuth 1.0 OAuth 2.0

Page 8: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

OAuth 1.0 in Japaneseju.mp/oauth1_ja

Page 9: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Page 10: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

ResourceOwner

Client

ResourceServer

APIAccess

AccessToken

AuthorizationServer

AuthorizeClient Access

Page 11: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Get Access TokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Code

Code

Access Token

Page 12: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Get Access TokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Access Token

client_id=...&response_type=code&redirect_uri=https://...&scope=...

Code

Code

Page 13: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Get Access TokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Access Token

Code

Code

Page 14: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Get Access TokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Access Token

Code

Code

Page 15: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Get Access TokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Access Token

Code

Code

code=...&client_id=...&client_secret=...&grant_type=authorization_code&redirect_uri=https://...

Page 16: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Get Access TokenResource Owner Client Authorization Server

Initiate

Require Approval

Approve

Access Token

Code

Code

[NOTE] Facebook API returns access token in x-www-form-urlencoded

Page 17: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Access APIs

Page 18: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Page 19: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Page 20: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

OpenID is dead!?Poor UX? URL as identifier?

Page 21: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Lack of API access!?You need “stream access”, don’t you?

Page 22: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

♥OpenID Connect

~ OpenID based on OAuth 2.0 ~

Page 23: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

connect-rp.heroku.com

Page 24: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyotoref.) slideshare.net/oid4/openidconnect-nat

Page 25: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

Page 26: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

OpenID AsiaPac Technology Summitin Tokyo, Japan December 1, 2011

Page 27: OAuth 2.0 & OpenID Connect #MA7

#MA7 Mashup Caravan & Meetup in Kyoto

openid-foundation-japan.github.com

slideshare.net/matake

github.com/nov

twitter.com/nov