Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

From Zero to Hero with REST and OAuth2 #jjug

2,358 views

Published on

JJUGナイトセミナー2016年6月

Published in: Technology

From Zero to Hero with REST and OAuth2 #jjug

  1. 1. ‹#›© 2016 Pivotal Software, Inc. All rights reserved. ‹#›© 2016 Pivotal Software, Inc. All rights reserved. From Zero to Hero with REST and OAuth2 Toshiaki Maki (@making) JJUG Night Seminar June 2016 2016-06-27
  2. 2. © 2016 Pivotal Software, Inc. All rights reserved. Who am I ? • Toshiaki Maki (@making) • Sr. Solutions Architect • Spring Framework enthusiast Perfect Java EE (Coming Soon) bit.ly/spring-book
  3. 3. © 2016 Pivotal Software, Inc. All rights reserved. Spring Boot
  4. 4. © 2016 Pivotal Software, Inc. All rights reserved. Spring Initializr https://start.spring.io/
  5. 5. © 2016 Pivotal Software, Inc. All rights reserved. Spring Initializr https://start.spring.io/
  6. 6. © 2016 Pivotal Software, Inc. All rights reserved. Spring Initializr https://start.spring.io/
  7. 7. © 2016 Pivotal Software, Inc. All rights reserved. Spring Initializr https://start.spring.io/
  8. 8. © 2016 Pivotal Software, Inc. All rights reserved. Today's topic Web UI Resource Server Resource Server Resource Server
  9. 9. © 2016 Pivotal Software, Inc. All rights reserved. Today's topic Web UI Resource Server Resource Server Resource Server 🔐 🔐 🔐
  10. 10. © 2016 Pivotal Software, Inc. All rights reserved. Today's topic Web UI Resource Server Resource Server Resource Server 🔐 🔐 🔐 ❓
  11. 11. © 2016 Pivotal Software, Inc. All rights reserved. Today's topic Web UI Resource Server Resource Server Resource Server 🔐 🔐 🔐 ❓❓ • Basic • OAuth2 • Spring Session • SAML
  12. 12. © 2016 Pivotal Software, Inc. All rights reserved. Today's topic Web UI Resource Server Resource Server Resource Server 🔐 🔐 🔐 ❓❓ • Basic • OAuth2 • Spring Session • SAML 👈
  13. 13. © 2016 Pivotal Software, Inc. All rights reserved. Today's topic Authorization Server Web UI Resource Server OAuth2 REST API + Access Token + SSO
  14. 14. © 2016 Pivotal Software, Inc. All rights reserved. Live Coding!! • Spring Data REST • Spring Security OAuth2 • @EnableAuthorizationServer • @EnableResourceServer • @EnableOAuth2Sso • JWT • Zuul Integration
  15. 15. ‹#›© 2016 Pivotal Software, Inc. All rights reserved. OAuth2
  16. 16. © 2016 Pivotal Software, Inc. All rights reserved. OAuth2 - Terminologies •Resource Owner •Client •Authorization Server •Resource Server
  17. 17. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server CUI Resource Server Resource Owner Password Credentials (grant_type=password)
  18. 18. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server CUI Resource Server username & password Resource Owner Password Credentials (grant_type=password)
  19. 19. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server CUI Resource Server username & password token Resource Owner Password Credentials (grant_type=password)
  20. 20. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server CUI Resource Server username & password token token Resource Owner Password Credentials (grant_type=password)
  21. 21. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server CUI Resource Server username & password token token response Resource Owner Password Credentials (grant_type=password)
  22. 22. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server
  23. 23. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize
  24. 24. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize redirect
  25. 25. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize redirect code
  26. 26. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize redirect code code
  27. 27. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize redirect code code token
  28. 28. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize redirect code code token token
  29. 29. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Code (grant_type=authorization_code) Authorization Server Web UI Resource Server authorize redirect code code token token response
  30. 30. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server Web UI Resource Server OAuth2 REST API + Access Token
  31. 31. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server Web UI Resource Server OAuth2 REST API + Access Token userinfo
  32. 32. © 2016 Pivotal Software, Inc. All rights reserved. Authorization Server Web UI Resource Server OAuth2 REST API + Access Token userinfo every time
  33. 33. © 2016 Pivotal Software, Inc. All rights reserved. JWT Authorization Server Web UI Resource Server OAuth2 REST API + Access Token (JWT)
  34. 34. © 2016 Pivotal Software, Inc. All rights reserved. JWT Authorization Server Web UI Resource Server OAuth2 REST API + Access Token (JWT) token_key
  35. 35. © 2016 Pivotal Software, Inc. All rights reserved. JWT Authorization Server Web UI Resource Server OAuth2 REST API + Access Token (JWT) token_key at startup
  36. 36. © 2016 Pivotal Software, Inc. All rights reserved. JWT Authorization Server Web UI Resource Server OAuth2 REST API + Access Token (JWT) token_key at startup Verify token
  37. 37. © 2016 Pivotal Software, Inc. All rights reserved. Links • https://github.com/Pivotal-Japan/from-zero-to-hero-with-rest- and-oauth2 • http://www.slideshare.net/WillTran1/securing-microservices- with-spring-cloud-security
  38. 38. © 2016 Pivotal Software, Inc. All rights reserved. Announce • Josh Long(@starbuxman) comes to Tokyo on July 6th !! https://jsug.doorkeeper.jp/events/47900

×