SlideShare uma empresa Scribd logo

OpenID TechNight #6 - OpenID

Transferir como KEY, PDF
Nov Matake
Nov Matake
TecnologiaNegócios
1 de 17
by @nov
• (@nov) • Smart.fm • OpenID / OAuth / API • OpenID Foundation Japan • • http://j.mp/openid_trans
OpenID Tech Night Vol.6 OAuth AX OAuth Hybrid Web Identity
OpenID
OpenID ATND OpenID ATND OpenID Provider
OpenID • ID • OpenID Provider • OpenID Provider • docomo / goo / OCN ID => nttid.jp
OpenID Provider
OpenID ATND (RP) OP OP OP (Discovery) (Association) (Authentication Request) (Authentication Response) (Verification)
Discovery ATND (RP) NTT ID (OP) “www.nttid.jp” NTT ID?? http://www.nttid.jp X-XRDS-Location XRDS
Discovery ATND (RP) NTT ID (OP) <?xml version="1.0" encoding="UTF-8"?> “www.nttid.jp” <xrds:XRDS NTT ID?? xmlns:xrds="xri://$xrds" http://www.nttid.jp xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD> X-XRDS-Location <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/server</Type> <URI>https://login.nttid.jp/openid/auth</URI> </Service> <Service priority="1"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> <URI>https://login.nttid.jp/openid/rp/return</URI> </Service> XRDS </XRD> URL </xrds:XRDS>
OpenID (RP) Discovery
RP Discovery ATND (RP) http://atnd.org X-XRDS-Location XRDS OpenID Web
RP Discovery ATND (RP) NTT ID (OP) (Authentication Request) http://atnd.org (realm) X-XRDS-Location OP RP return_to URL XRDS
RP Discovery ATND (RP) NTT ID (OP) (Authentication Request) <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> http://atnd.org (realm) <XRD> <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> X-XRDS-Location <URI>http://atnd.org/session</URI> OP </Service> RP return_to URL </XRD> </xrds:XRDS> RP Discovery RP XRDS
RP Discovery ATND (RP) NTT ID (OP) (Authentication Request) <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS Authentication 2.0 OpenID xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" http://j.mp/openid_trans http://atnd.org (realm) xmlns="xri://$xrd*($v*2.0)"> <XRD> TechNight vol.4 & vol.5 <Service priority="0"> @zigorou <Type>http://specs.openid.net/auth/2.0/return_to</Type> X-XRDS-Location http://j.mp/zigorou <URI>http://atnd.org/session</URI> OP </Service> RP return_to URL </XRD> </xrds:XRDS> RP Discovery RP XRDS
OpenID • • http://j.mp/openid_trans • OpenID Simple Registration Extension (SREG) • OpenID Attribute Exchange (AX) • • OpenID OAuth Extension (OAuth Hybrid) • User Experience Extension • OpenID Contract Exchange Extension ... etc.
OpenID AX • OP - RP • : RP OP • etc. • RP (URL) • OP Yahoo! Japan AX => Yahoo! Japan @konfoo

Recomendados

Estados dependientes
Estados dependientesEstados dependientes
Estados dependientesEscuela de Derecho; Univ. Arturo Prat
 
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next StageNov Matake
 
FedCM - OpenID TechNight vol.19
FedCM - OpenID TechNight vol.19FedCM - OpenID TechNight vol.19
FedCM - OpenID TechNight vol.19Nov Matake
 
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...Nov Matake
 
Sign in with Apple
Sign in with Apple Sign in with Apple
Sign in with Apple Nov Matake
 
FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24Nov Matake
 
W3C Web Authentication - #idcon vol.24
W3C Web Authentication - #idcon vol.24W3C Web Authentication - #idcon vol.24
W3C Web Authentication - #idcon vol.24Nov Matake
 
NIST SP 800-63C - Federation and Assertions (FINAL)
NIST SP 800-63C - Federation and Assertions (FINAL)NIST SP 800-63C - Federation and Assertions (FINAL)
NIST SP 800-63C - Federation and Assertions (FINAL)Nov Matake
 

Recomendados

Estados dependientes
Estados dependientesEstados dependientes
Estados dependientesEscuela de Derecho; Univ. Arturo Prat
 
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next StageNov Matake
 
FedCM - OpenID TechNight vol.19
FedCM - OpenID TechNight vol.19FedCM - OpenID TechNight vol.19
FedCM - OpenID TechNight vol.19Nov Matake
 
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...Nov Matake
 
Sign in with Apple
Sign in with Apple Sign in with Apple
Sign in with Apple Nov Matake
 
FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24Nov Matake
 
W3C Web Authentication - #idcon vol.24
W3C Web Authentication - #idcon vol.24W3C Web Authentication - #idcon vol.24
W3C Web Authentication - #idcon vol.24Nov Matake
 
NIST SP 800-63C - Federation and Assertions (FINAL)
NIST SP 800-63C - Federation and Assertions (FINAL)NIST SP 800-63C - Federation and Assertions (FINAL)
NIST SP 800-63C - Federation and Assertions (FINAL)Nov Matake
 
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016Nov Matake
 
NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22Nov Matake
 
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22Nov Matake
 
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016Nov Matake
 
ID連携概要 - OpenID TechNight vol.13
ID連携概要 - OpenID TechNight vol.13ID連携概要 - OpenID TechNight vol.13
ID連携概要 - OpenID TechNight vol.13Nov Matake
 
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idconミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idconNov Matake
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014Nov Matake
 
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18Nov Matake
 
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11Nov Matake
 
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014Nov Matake
 
OAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devloveOAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devloveNov Matake
 
ID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-onID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-onNov Matake
 
JWT Translation #technight
JWT Translation #technightJWT Translation #technight
JWT Translation #technightNov Matake
 
MIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon satteliteMIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon satteliteNov Matake
 
Self isssued-idp
Self isssued-idpSelf isssued-idp
Self isssued-idpNov Matake
 
IIW 16th Report at #idcon
IIW 16th Report at #idconIIW 16th Report at #idcon
IIW 16th Report at #idconNov Matake
 
Whats wrong oauth_authn
Whats wrong oauth_authnWhats wrong oauth_authn
Whats wrong oauth_authnNov Matake
 
OAuth 2.0 #idit2012
OAuth 2.0 #idit2012OAuth 2.0 #idit2012
OAuth 2.0 #idit2012Nov Matake
 
Account Chooser #idit2012
Account Chooser #idit2012Account Chooser #idit2012
Account Chooser #idit2012Nov Matake
 
諸外国の国民ID制度 #idcon 13th
諸外国の国民ID制度 #idcon 13th諸外国の国民ID制度 #idcon 13th
諸外国の国民ID制度 #idcon 13thNov Matake
 

Mais conteúdo relacionado

Mais de Nov Matake

OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016Nov Matake
 
NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22Nov Matake
 
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22Nov Matake
 
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016Nov Matake
 
ID連携概要 - OpenID TechNight vol.13
ID連携概要 - OpenID TechNight vol.13ID連携概要 - OpenID TechNight vol.13
ID連携概要 - OpenID TechNight vol.13Nov Matake
 
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idconミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idconNov Matake
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014Nov Matake
 
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18Nov Matake
 
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11Nov Matake
 
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014Nov Matake
 
OAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devloveOAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devloveNov Matake
 
ID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-onID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-onNov Matake
 
JWT Translation #technight
JWT Translation #technightJWT Translation #technight
JWT Translation #technightNov Matake
 
MIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon satteliteMIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon satteliteNov Matake
 
Self isssued-idp
Self isssued-idpSelf isssued-idp
Self isssued-idpNov Matake
 
IIW 16th Report at #idcon
IIW 16th Report at #idconIIW 16th Report at #idcon
IIW 16th Report at #idconNov Matake
 
Whats wrong oauth_authn
Whats wrong oauth_authnWhats wrong oauth_authn
Whats wrong oauth_authnNov Matake
 
OAuth 2.0 #idit2012
OAuth 2.0 #idit2012OAuth 2.0 #idit2012
OAuth 2.0 #idit2012Nov Matake
 
Account Chooser #idit2012
Account Chooser #idit2012Account Chooser #idit2012
Account Chooser #idit2012Nov Matake
 
諸外国の国民ID制度 #idcon 13th
諸外国の国民ID制度 #idcon 13th諸外国の国民ID制度 #idcon 13th
諸外国の国民ID制度 #idcon 13thNov Matake
 

Mais de Nov Matake (20)

OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
 
NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22
 
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22
 
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016
 
ID連携概要 - OpenID TechNight vol.13
ID連携概要 - OpenID TechNight vol.13ID連携概要 - OpenID TechNight vol.13
ID連携概要 - OpenID TechNight vol.13
 
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idconミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
 
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18
 
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11
 
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
 
OAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devloveOAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devlove
 
ID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-onID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-on
 
JWT Translation #technight
JWT Translation #technightJWT Translation #technight
JWT Translation #technight
 
MIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon satteliteMIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon sattelite
 
Self isssued-idp
Self isssued-idpSelf isssued-idp
Self isssued-idp
 
IIW 16th Report at #idcon
IIW 16th Report at #idconIIW 16th Report at #idcon
IIW 16th Report at #idcon
 
Whats wrong oauth_authn
Whats wrong oauth_authnWhats wrong oauth_authn
Whats wrong oauth_authn
 
OAuth 2.0 #idit2012
OAuth 2.0 #idit2012OAuth 2.0 #idit2012
OAuth 2.0 #idit2012
 
Account Chooser #idit2012
Account Chooser #idit2012Account Chooser #idit2012
Account Chooser #idit2012
 
諸外国の国民ID制度 #idcon 13th
諸外国の国民ID制度 #idcon 13th諸外国の国民ID制度 #idcon 13th
諸外国の国民ID制度 #idcon 13th
 

OpenID TechNight #6 - OpenID

  • 2. (@nov) • Smart.fm • OpenID / OAuth / API • OpenID Foundation Japan • • http://j.mp/openid_trans
  • 3. OpenID Tech Night Vol.6 OAuth AX OAuth Hybrid Web Identity
  • 5. OpenID ATND OpenID ATND OpenID Provider
  • 6. OpenID • ID • OpenID Provider • OpenID Provider • docomo / goo / OCN ID => nttid.jp
  • 8. OpenID ATND (RP) OP OP OP (Discovery) (Association) (Authentication Request) (Authentication Response) (Verification)
  • 9. Discovery ATND (RP) NTT ID (OP) “www.nttid.jp” NTT ID?? http://www.nttid.jp X-XRDS-Location XRDS
  • 10. Discovery ATND (RP) NTT ID (OP) <?xml version="1.0" encoding="UTF-8"?> “www.nttid.jp” <xrds:XRDS NTT ID?? xmlns:xrds="xri://$xrds" http://www.nttid.jp xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD> X-XRDS-Location <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/server</Type> <URI>https://login.nttid.jp/openid/auth</URI> </Service> <Service priority="1"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> <URI>https://login.nttid.jp/openid/rp/return</URI> </Service> XRDS </XRD> URL </xrds:XRDS>
  • 11. OpenID (RP) Discovery
  • 12. RP Discovery ATND (RP) http://atnd.org X-XRDS-Location XRDS OpenID Web
  • 13. RP Discovery ATND (RP) NTT ID (OP) (Authentication Request) http://atnd.org (realm) X-XRDS-Location OP RP return_to URL XRDS
  • 14. RP Discovery ATND (RP) NTT ID (OP) (Authentication Request) <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> http://atnd.org (realm) <XRD> <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> X-XRDS-Location <URI>http://atnd.org/session</URI> OP </Service> RP return_to URL </XRD> </xrds:XRDS> RP Discovery RP XRDS
  • 15. RP Discovery ATND (RP) NTT ID (OP) (Authentication Request) <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS Authentication 2.0 OpenID xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" http://j.mp/openid_trans http://atnd.org (realm) xmlns="xri://$xrd*($v*2.0)"> <XRD> TechNight vol.4 & vol.5 <Service priority="0"> @zigorou <Type>http://specs.openid.net/auth/2.0/return_to</Type> X-XRDS-Location http://j.mp/zigorou <URI>http://atnd.org/session</URI> OP </Service> RP return_to URL </XRD> </xrds:XRDS> RP Discovery RP XRDS
  • 16. OpenID • • http://j.mp/openid_trans • OpenID Simple Registration Extension (SREG) • OpenID Attribute Exchange (AX) • • OpenID OAuth Extension (OAuth Hybrid) • User Experience Extension • OpenID Contract Exchange Extension ... etc.
  • 17. OpenID AX • OP - RP • : RP OP • etc. • RP (URL) • OP Yahoo! Japan AX => Yahoo! Japan @konfoo

Notas do Editor