Your SlideShare is downloading. ×
0
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
OAuth Echo の Rails Gem
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

OAuth Echo の Rails Gem

4,439

Published on

補足などはこちら …

補足などはこちら
http://d.hatena.ne.jp/tkawa/20111222/p1

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,439
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
9
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. OAuth Echo の Rails Gem 2011.12.21 第2.1回Twitter API勉強会 #twtr_hack
  • 2. @tkawa
  • 3. REST
  • 4. REST 今回は関係ありません
  • 5. OAuth Echo
  • 6. TwitPic • 画像アップロードサービス • アカウント登録不要 • TwitterのID・パスワードも入力不要 • どうやって認証してるの?
  • 7. OAuth Echo • 認証をService Provider(Twitterなど)に 委譲するしくみ • クライアントがOAuth登録してあれば、 事前の登録やトークン取得が不要
  • 8. GET https://api.twitter.com/1/account/ verify_credentials.json Authorization: OAuth oauth_consumer_key="GDdmIQH6jhtmLUypg82g", oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0A QR3Fmi7Q6Y", oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272325550", oauth_token="819797- Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", oauth_version="1.0"
  • 9. POST http://api.twitpic.com/2/upload.json X-Auth-Service-Provider: https://api.twitter.com/1/ account/verify_credentials.json X-Verify-Credentials-Authorization: OAuth oauth_consumer_key="GDdmIQH6jhtmLUypg82g", oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0A QR3Fmi7Q6Y", oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272325550", oauth_token="819797- Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", oauth_version="1.0"
  • 10. POST http://api.twitpic.com/2/upload.json X-Auth-Service-Provider: https://api.twitter.com/1/ account/verify_credentials.json X-Verify-Credentials-Authorization: OAuth oauth_consumer_key="GDdmIQH6jhtmLUypg82g", oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0A QR3Fmi7Q6Y", oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272325550", oauth_token="819797- Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", oauth_version="1.0" (ほぼ)これだけ
  • 11. GET https://api.twitter.com/1/account/ verify_credentials.json Authorization: OAuth oauth_consumer_key="GDdmIQH6jhtmLUypg82g", oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0A QR3Fmi7Q6Y", oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272325550", oauth_token="819797- Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", oauth_version="1.0"
  • 12. OAuth Echo • Delegator(TwitPic)はリクエストごとに Service Provider(Twitter)に認証を求める • 1リクエストで完結する単純なAPIの実装 に向いている • 認証だけなので、Service Provider(Twitter) 側に書き込んだりすることはできない
  • 13. • 非公式仕様 - ほぼTwitterでしか使われていない • OAuth 1.0仕様に基づいており、OAuth 2.0 になると使えない - Google, Facebook, GitHubなどがOAuth 2.0 問題点?
  • 14. class PostsController < ApplicationController http_basic_authenticate_with :name => "tkawa", :password => "secret" def index render :json => { :message => "Limited Access" } end ... end かんたんBasic認証
  • 15. class PostsController < ApplicationController oauth_echo_authenticate_with :twitter def index render :json => { :message => "Limited Access" } end ... end かんたんOAuth Echo認証
  • 16. https://github.com/tkawa/ oauth_echo_authentication
  • 17. きっかけ http://www.atmarkit.co.jp/news/201004/21/twitterapi.html
  • 18. きっかけ • Twitterのアノテーションの話がいつのま にか消滅 • 自分で使いたい分だけでも自分で作る か
  • 19. Web認知行動療法 http://u2plus.jp/ 開発中

×