YConnect(Yahoo! JAPAN)ã¸ã®èªè¨¼ããããomniauth-yahoojpããä½ã£ã¦ã¿ã
omnauth-yahoojpã¨ã¯
railsã¨ãå種ID(facebook, twitter, mixi, Googleãªã©ãªã©)ã®èªè¨¼æ©è½ã追å ãã¦ãããomniauthã®YConnect(Yahoo! JAPAN)çãçªè²«ã§ä½ã£ã¦ã¿ã¾ããï¼ãã¹ãã¨ãé©å½ï¼ãGithub ã§å ¬éãã¦ãã¾ãã
ãã¼ã¹ã¯omnioauth-oauth2ã§ãStrategyã¨ããå½¢ã§YConnectã®æ©è½ã追å ããYConnectãæä½éã«å©ç¨ã§ããããã«ãã¦ãã¾ãã
git clone ãã¦ããããgem build & gem install ããã°å©ç¨ã§ãã¾ãããèªåã§ãã ãã ãé¢åããããªã£ã¦ããã®ããã£ã¦ãå¢ã㧠rubygems ã«ãããã¦ã¾ãã
omniauth-yahoojp(0.1.0) - rubygems.org
gem install omniauth-yahoojp
ominiauth-yahoojpã¯ãYConnect(OAuth2.0 + OpenID Connect)ã§èªè¨¼ã»èªå¯ãããå¾ã«ãUserInfoAPIã«ã¢ã¯ã»ã¹ãã¦ãï¼ãªããªãã®ï¼ã¦ã¼ã¶ã¼å±æ§æ å ±ãåå¾ããå¦çãç°¡åã«ãã¾ãï¼ããããã§ããªãã¨ããï¼
äºã®çºç«¯
Yahoo! JAPANã§éå¬ãããOpen Hack Day Japan(2013/2/16ã2/18)ã®åå¨æ¦ãOpen Hack Day Conference(2013/2/9)ã§Yahoo! JAPANã®ä»£è¡¨ã¨ãã¦YConnectã®è©±ããã¾ããã
ä¼å ´ã«ã¦ @makimoto æ°ãããRubyã®ã©ã¤ãã©ãªãªãã®ï¼ãªãã¦è©±ã«ãªãããã¾ãã«twitterã§ã¯ä¸è¨ã®ããã«ãã¤ã®ã¾ã«ãã¬ã¼ã¹ã«ãªã£ã¦ããï¼åºæ¥ã¬ã¼ã¹æããããã©ï¼ã¨ããããä½ã£ã¦ã¿ã¾ããï¼githubã§å ¬éä¸ï¼
使ãæ¹
sinatraã¨ããããã¾ããï¼ããããããªãã®ã§ï¼ä»åã¯ãRuby on Railsã§ã®ä½¿ãæ¹ãä¾ç¤ºãã¾ãã
1. Gemfileã«è¿½è¨ãã
gem 'omniauth-yahoojp'
2. Gemfileã«åºã¥ãã¦å¿ è¦ãªgemãã¤ã³ã¹ãã¼ã«ãã
bundle install
3. config/initializers/omniauth.rb
config/initializers/omniauth.rbã«ä»¥ä¸ãè¨è¼ãã¾ããããã¯ä»ã®Strategy(facebook, twitter, mixi, Googleãªã©ãªã©)ã§ãåãæ¸ãæ¹ã§ãã
Rails.application.config.middleware.use OmniAuth::Builder do provider :yahoojp, ENV['YAHOOJP_KEY'], ENV['YAHOOJP_SECRET'], { :scope => 'openid profile email address' } end
client_idãclient_secretãç´æ¥è¨è¼ãã¦ãè¯ãã§ãããã¨ã¬ã¬ã³ããã«æ¬ ããã®ã§ããã¯ç°å¢å¤æ°ããã¨ãããã«ãã¾ãã
第4ãã©ã¡ã¼ã¿ã¯ Authorization ã¨ã³ããã¤ã³ãã§å©ç¨ãããã©ã¡ã¼ã¿ã§ããUserInfoAPI ã§åå¾ãããå±æ§ã® scope ãæå®ããã»ãããã°ã¤ã³ç»é¢ãåæç»é¢ã®æåãå¤æ´ãã :display, :prompt ãæå®ã§ãã¾ãã
4. config/routes.rb
Railsã®ä¸ããYConnectã§èªè¨¼ãããå ´åã¯ãé常YConnectã®Authorization Codeã¨ã³ããã¤ã³ãã«ãªãã¤ã¬ã¯ããããã®ã§ãããomniauth-yahoojpã§ã¯omniauth-yahoojpãæä¾ãã¦ãã /auth/yahoojp ã«ä¸è¨ã®ãããªæ¹æ³ã§é£ã°ãã¾ãã
viewã ã¨ãããªæã
<%= link_to "Yahoo! JAPAN ã§login", "/auth/yahoojp" %>
controllerã ã¨ãããªæã
redirect_to /auth/yahoojp
YConnectããæ»ã£ã¦ããæã¯ã /auth/yahoojp/callback ã«èªåçã«æ»ã£ã¦ããããã«ãªã£ã¦ããã®ã§ããããã³ã³ããã¼ã©ã«ãããã³ã°ããããã« config/routes.rb ã«ä»¥ä¸ãè¨è¼ãã¾ãã
match '/top' => 'sessions#top' # toppage match '/auth/:provider/callback' => 'sessions#callback' #æ»ãå
ãã㧠SessionController ã¯ã©ã¹ã® callback ã¡ã½ãããå¼ã°ããããã«ãªãã¾ãã/top ã¯ãªãã¨ãªãã¹ã¿ã¼ããã¼ã¸(YConnectã¸ã®ããã¯å )ã¨ãã¾ããã
5. SessionControllerãè¨è¿°ãã
rails g controller sessions
㧠SessionControllerã¯ã©ã¹ ãä½ããä¸è¨ãè¨è¼ãã¾ãã
class SessionsController < ApplicationController def top render 'sessions/top' end def callback auth = request.env['omniauth.auth'] @user_id = auth.uid @name = auth.info.name @email = auth.info.email @first_name = auth.info.first_name @last_name = auth.info.last_name @token = auth.credentials.token; @refresh_token = auth.credentials.refresh_token; @expires_at = auth.credentials.expires_at; render 'sessions/callback' end end
èªè¨¼çµæã¯ã request.env['omniauth.auth'] ã®ä¸ã«å ¥ã£ã¦ãã¾ããuid()ã§user_idããinfo()ã§UserInfoAPIã§å¾ãããå±æ§ãåå¾ã§ãã¾ãã
6. viewãè¨è¼
SessionsControllerã«ããã¦renderã§æå®ããHTMLãã¡ã¤ã«(erb)ãè¨ç½®ãã¾ãã
app/views/sessions/top.html.erb
<h1>Hello! YConnect (Authorization Code Grant Flow)</h1> <div id="user_nav"> <%= link_to "Yahoo! JAPAN ã§login", "/auth/yahoojp" %> </div>
app/views/sessions/callback.html.erb
<div id="user"> <p>Hello, <%= @name %> ãã</p> <div id="credentials"> Credentials: <ul> <li>access_token: <%= @token %></li> <li>refresh_token: <%= @refresh_token %></li> <li>expires_at: <%= @expires_at %></li> </ul> </div> <div id="userinfo"> UserInfo: <ul> <li>user_id: <%= @user_id %></li> <li>email: <%= @email %></li> <li>name: <%= @name %></li> <li>first_name: <%= @first_name %></li> <li>last_name: <%= @last_name %></li> </ul> </div> </div>
7. ãã£ã¨èµ·å
rails server
æããã¨
omniauth-oauth2ã¯ãå é¨çã«rubygemã®oauth2ã使ã£ã¦ããããããRFC6749ãRFC6750ã«å®å ¨ã«å¯¾å¿ãã¦ããªãããã§ãï¼ã³ã¼ãã®ã³ã¡ã³ãã§ã¯ãã©ãã15ã«ãªã£ã¦ã¾ããï¼ã
Authorization Code Grant Flow ã® tokenåå¾ã§Basicèªè¨¼å¨ããã¤ããæãã«ãªã£ã¦ããããããããOpenID Connectã«å¯¾å¿ãã¦ããªãã£ã½ãã®ã§id_tokenãå©ç¨ã§ããªãé°å²æ°ã«è¦ãã¾ãããæ¬å½ã¯ã§ããã®ããªããã
ãã®ä»
rubyãããpythonã®æ¹ããã£ãããã¨æãï¼åè¦ï¼ãrubyãå ¨ç¶ãã£ãããªãã£ãã®ã§ï¼è¨ã訳ï¼ãå ¨ç¶ãªãã¦ããªãæãã§å人çã«ã¯ã ãã ããªå°è±¡ã§ãããã¾ãã®ã§ããªã«ãããã¾ãããGitHubã¸pull requestãã ããã
â»ããå人ã®åµä½ç©ãªã®ã§ãæå±çµç¹ã¨ã¯é¢ä¿ãªããï¼
ã¤ãã§ã«とあるエンジニアのメモランダムã¨ããfacebookãã¼ã¸ãããã¾ãã®ã§ããããï¼ãé¡ããã¾ãï¼å®£ä¼ï¼