- モバイルアプリのバックエンドサーバーがOAuth 2.0のEndpointを持ってて、Access Tokenを発行してアプリのセッション代わりに使う
- バックエンドサーバーがOAuth Server、モバイルアプリがOAuth Client
- モバイルアプリがソーシャルログインやりたい
- SNSからすると(モバイルアプリ + バックエンドサーバー)全体がOAuth Client
- SNSから受け取るものは、AuthZ CodeとかAccess TokenとかID Tokenとかけっこうバラバラ
- バックエンドサーバーとしてはそれらを受けとって、Access Tokenを返す、汎用的なToken Endpointのgrant_typeが欲しい
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use Crypt::JWT qw(encode_jwt decode_jwt); | |
use Crypt::PK::ECC; | |
use MIME::Base64 qw(decode_base64url); | |
use Data::Dumper; | |
warn "=== Example JWS Using ECDSA P-256 SHA-256 ===\n"; | |
warn "see https://tools.ietf.org/html/rfc7515#appendix-A.3\n"; | |
warn "=== Private Key ===\n"; | |
my $ec_jwk_data = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use Crypt::JWT qw(encode_jwt decode_jwt); | |
use Crypt::PK::RSA; | |
use MIME::Base64 qw(decode_base64url); | |
use Data::Dumper; | |
warn "see https://tools.ietf.org/html/rfc7515#appendix-A.2\n"; | |
my $payload = decode_base64url("eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"); | |
my $rsa_priv_data = { | |
"kty" => "RSA", | |
"n" => "ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use Crypt::JWT qw(encode_jwt decode_jwt); | |
use Data::Dumper; | |
# encode | |
my $payload = "Payload"; | |
my $ecc_priv = { | |
kty => "EC", | |
crv => "P-521", | |
x => "AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use Crypt::OpenSSL::CA; | |
use Crypt::OpenSSL::Bignum; | |
use Crypt::OpenSSL::RSA; | |
use MIME::Base64 qw/encode_base64url decode_base64url/; | |
use Data::Dumper; | |
# Crypt::OpenSSL::CA to n and e | |
my $rsa_pubkey = "-----BEGIN PUBLIC KEY----- | |
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XxKc3Rz/8EakvZG+Ez9 | |
nCpdn2HGVq0CRD1GZ/fEuM7nHfmy1LzC0VyNa8YkU7Qrb4s/BgSxjFrLvbpFHcUo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
わりと細かく分けました。 | |
担当する宣言はコメント or メールでください! | |
URL : http://openid.net/specs/openid-connect-core-1_0.html | |
(1) 1 - 1.2 : ritou | |
(2) 1.3 - 2 : kura | |
(3) 3 - 3.1,1 : konfoo | |
(4) 3.1.2 - 3.1.2.1 : bangyy | |
(5) 3.1.2.2 - 3.1.2.4 : sat_toke |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ cat test.pl | |
use strict; | |
use warnings; | |
use Authen::OATH; | |
use Data::Dumper; | |
my $oath = Authen::OATH->new(); | |
my $totp = $oath->totp( "1234567890", 1332083784 ); | |
print Dumper($totp); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env perl | |
use strict; | |
use warnings; | |
use Data::Password qw(:all); | |
$DICTIONARY = 8; | |
$FOLLOWING = 0; | |
$FOLLOWING_KEYBOARD = 0; |
medyでログインしてるサービス
http://med.astrazeneca.co.jp/login/relogin.asp
ボタン押した後に送られるリクエスト
https://medy-id.jp/openid/endpoint.html?
openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<title>Google+ Sign-in button demo</title> | |
<style type="text/css"> | |
html, body { margin: 0; padding:0;} | |
#signin-button { | |
padding: 5px; | |
} | |
#oauth2-results pre { margin: 0; padding:0;} |