SlideShare a Scribd company logo

Introduction OpenID Authentication 2.0 Revival

Toru Yamaguchi
Toru Yamaguchi
Technology
1 of 72
Download to read offline
OpenID Tech Night #5
Identity Provider Identity Provider Identity Provider identity IdP     Identity Identity OpenID
           見     一           
zigorou.myopenid.com            自      入力  
                   
         
           
                           
User-Supplied Identifier OP Identifier     Claimed Identifier      
              Discovery             Association                     Authenticate Request       Authenticate Response               Verification  
              Discovery             Association                     Authenticate Request       Authenticate Response               Verification  
[zigorou ~] $ lwp-request -S -e -d http://zigorou.myopenid.com/ | grep XRDS X-XRDS-Location: http://zigorou.myopenid.com/?xrds=1 [zigorou ~] $ lwp-request http://zigorou.myopenid.com/?xrds=1 <?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?> <xrds:XRDS xmlns:xrds=quot;xri://$xrdsquot; xmlns:openid=quot;http://openid.net/xmlns/1.0quot; xmlns=quot;xri://$xrd*($v*2.0)quot;> <XRD version=quot;2.0quot;> <Service priority=quot;0quot;> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/sreg/1.0</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> <Type>http://openid.net/srv/ax/1.0</Type> <URI>http://www.myopenid.com/server</URI> <LocalID>http://zigorou.myopenid.com/</LocalID> </Service>
              Discovery               Association                   Authenticate Request       Authenticate Response               Verification  
#!/usr/bin/perl sub sig { my %pairs = @_; use strict; my $keyval = format_keyval(%pairs); use warnings; hmac_sha256_hex($keyval, $hmac_key); use Digest::SHA qw(hmac_sha256_hex); } use Perl6::Say; say sig( foo => quot;abcquot;, bar => quot;xyzquot; ); our $hmac_key = quot;common_secretquot;; 89b7f51ec9b76e97d5a179f313af38e6cc8b5cb086 sub format_keyval { 0e266caf6847ded05428ce my %pairs = @_; join quot;nquot; => map { $_ . ':' . $pairs{$_} } keys %pairs; }
              Discovery               Association                   Authenticate Request       Authenticate Response               Verification  
              Discovery             Association                     Authenticate Request   Authenticate     Response               Verification  
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival
Introduction OpenID Authentication 2.0 Revival

Recommended

Building Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social NetworksBuilding Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social Networks
Henry Story
 
Badges 2.5 X 3.5
Badges 2.5 X 3.5Badges 2.5 X 3.5
Badges 2.5 X 3.5
Ray Huff
 
紛亂市場中的投資大未來
紛亂市場中的投資大未來紛亂市場中的投資大未來
紛亂市場中的投資大未來
guest8a5c29
 
Sim4Com Profile (Training Division)
Sim4Com Profile (Training Division)Sim4Com Profile (Training Division)
Sim4Com Profile (Training Division)
Sim4Com
 
Intro Allagile Software Dev
Intro Allagile Software DevIntro Allagile Software Dev
Intro Allagile Software Dev
federicobotti
 
Apresentacao Ubs 070307
Apresentacao Ubs 070307Apresentacao Ubs 070307
Apresentacao Ubs 070307
Marcopolo
 
これからの Microservices
これからの Microservicesこれからの Microservices
これからの Microservices
Toru Yamaguchi
 
OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015
OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015
OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015
Toru Yamaguchi
 

Recommended

Building Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social NetworksBuilding Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social Networks
Henry Story
 
Badges 2.5 X 3.5
Badges 2.5 X 3.5Badges 2.5 X 3.5
Badges 2.5 X 3.5
Ray Huff
 
紛亂市場中的投資大未來
紛亂市場中的投資大未來紛亂市場中的投資大未來
紛亂市場中的投資大未來
guest8a5c29
 
Sim4Com Profile (Training Division)
Sim4Com Profile (Training Division)Sim4Com Profile (Training Division)
Sim4Com Profile (Training Division)
Sim4Com
 
Intro Allagile Software Dev
Intro Allagile Software DevIntro Allagile Software Dev
Intro Allagile Software Dev
federicobotti
 
Apresentacao Ubs 070307
Apresentacao Ubs 070307Apresentacao Ubs 070307
Apresentacao Ubs 070307
Marcopolo
 
これからの Microservices
これからの Microservicesこれからの Microservices
これからの Microservices
Toru Yamaguchi
 
OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015
OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015
OAuth 2.0 Web Messaging Response Mode - OpenID Summit Tokyo 2015
Toru Yamaguchi
 
Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015
Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015
Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015
Toru Yamaguchi
 
革新的ブラウザゲームを支えるプラットフォーム技術
革新的ブラウザゲームを支えるプラットフォーム技術革新的ブラウザゲームを支えるプラットフォーム技術
革新的ブラウザゲームを支えるプラットフォーム技術
Toru Yamaguchi
 
技術選択とアーキテクトの役割 (要約版)
技術選択とアーキテクトの役割 (要約版)技術選択とアーキテクトの役割 (要約版)
技術選択とアーキテクトの役割 (要約版)
Toru Yamaguchi
 
技術選択とアーキテクトの役割
技術選択とアーキテクトの役割技術選択とアーキテクトの役割
技術選択とアーキテクトの役割
Toru Yamaguchi
 
How to bake delicious cookie (RESTful Meetup #03)
How to bake delicious cookie (RESTful Meetup #03)How to bake delicious cookie (RESTful Meetup #03)
How to bake delicious cookie (RESTful Meetup #03)
Toru Yamaguchi
 
JSON Based Web Services
JSON Based Web ServicesJSON Based Web Services
JSON Based Web Services
Toru Yamaguchi
 
Yapc asia 2011_zigorou
Yapc asia 2011_zigorouYapc asia 2011_zigorou
Yapc asia 2011_zigorou
Toru Yamaguchi
 
ngCore engine for mobage platform
ngCore engine for mobage platformngCore engine for mobage platform
ngCore engine for mobage platform
Toru Yamaguchi
 
Inside mobage platform
Inside mobage platformInside mobage platform
Inside mobage platform
Toru Yamaguchi
 
mbga Open Platform and Perl
mbga Open Platform and Perlmbga Open Platform and Perl
mbga Open Platform and Perl
Toru Yamaguchi
 
Inside mbga Open Platform API architecture
Inside mbga Open Platform API architectureInside mbga Open Platform API architecture
Inside mbga Open Platform API architecture
Toru Yamaguchi
 
OpenID Mobile Profile
OpenID Mobile ProfileOpenID Mobile Profile
OpenID Mobile Profile
Toru Yamaguchi
 
Introduction OpenID Authentication 2.0
Introduction OpenID Authentication 2.0Introduction OpenID Authentication 2.0
Introduction OpenID Authentication 2.0
Toru Yamaguchi
 
OpenID 2009
OpenID 2009OpenID 2009
OpenID 2009
Toru Yamaguchi
 
Mobile Openid
Mobile OpenidMobile Openid
Mobile Openid
Toru Yamaguchi
 
Client Side Cache
Client Side CacheClient Side Cache
Client Side Cache
Toru Yamaguchi
 
The Security of OpenID Authentication 2.0
The Security of OpenID Authentication 2.0The Security of OpenID Authentication 2.0
The Security of OpenID Authentication 2.0
Toru Yamaguchi
 
Customization of DBIC::Schema::Loader
Customization of DBIC::Schema::LoaderCustomization of DBIC::Schema::Loader
Customization of DBIC::Schema::Loader
Toru Yamaguchi
 
Yadis/XRI and OpenID
Yadis/XRI and OpenIDYadis/XRI and OpenID
Yadis/XRI and OpenID
Toru Yamaguchi
 
OpenID 2.0 Quick Note
OpenID 2.0 Quick NoteOpenID 2.0 Quick Note
OpenID 2.0 Quick Note
Toru Yamaguchi
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 

More Related Content

More from Toru Yamaguchi

技術選択とアーキテクトの役割
技術選択とアーキテクトの役割技術選択とアーキテクトの役割
技術選択とアーキテクトの役割
Toru Yamaguchi
 
JSON Based Web Services
JSON Based Web ServicesJSON Based Web Services
JSON Based Web Services
Toru Yamaguchi
 
Inside mbga Open Platform API architecture
Inside mbga Open Platform API architectureInside mbga Open Platform API architecture
Inside mbga Open Platform API architecture
Toru Yamaguchi
 
The Security of OpenID Authentication 2.0
The Security of OpenID Authentication 2.0The Security of OpenID Authentication 2.0
The Security of OpenID Authentication 2.0
Toru Yamaguchi
 
Customization of DBIC::Schema::Loader
Customization of DBIC::Schema::LoaderCustomization of DBIC::Schema::Loader
Customization of DBIC::Schema::Loader
Toru Yamaguchi
 

More from Toru Yamaguchi (20)

Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015
Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015
Mobage Connect と Identity 関連技術への取り組み - OpenID Summit Tokyo 2015
 
革新的ブラウザゲームを支えるプラットフォーム技術
革新的ブラウザゲームを支えるプラットフォーム技術革新的ブラウザゲームを支えるプラットフォーム技術
革新的ブラウザゲームを支えるプラットフォーム技術
 
技術選択とアーキテクトの役割 (要約版)
技術選択とアーキテクトの役割 (要約版)技術選択とアーキテクトの役割 (要約版)
技術選択とアーキテクトの役割 (要約版)
 
技術選択とアーキテクトの役割
技術選択とアーキテクトの役割技術選択とアーキテクトの役割
技術選択とアーキテクトの役割
 
How to bake delicious cookie (RESTful Meetup #03)
How to bake delicious cookie (RESTful Meetup #03)How to bake delicious cookie (RESTful Meetup #03)
How to bake delicious cookie (RESTful Meetup #03)
 
JSON Based Web Services
JSON Based Web ServicesJSON Based Web Services
JSON Based Web Services
 
Yapc asia 2011_zigorou
Yapc asia 2011_zigorouYapc asia 2011_zigorou
Yapc asia 2011_zigorou
 
ngCore engine for mobage platform
ngCore engine for mobage platformngCore engine for mobage platform
ngCore engine for mobage platform
 
Inside mobage platform
Inside mobage platformInside mobage platform
Inside mobage platform
 
mbga Open Platform and Perl
mbga Open Platform and Perlmbga Open Platform and Perl
mbga Open Platform and Perl
 
Inside mbga Open Platform API architecture
Inside mbga Open Platform API architectureInside mbga Open Platform API architecture
Inside mbga Open Platform API architecture
 
OpenID Mobile Profile
OpenID Mobile ProfileOpenID Mobile Profile
OpenID Mobile Profile
 
Introduction OpenID Authentication 2.0
Introduction OpenID Authentication 2.0Introduction OpenID Authentication 2.0
Introduction OpenID Authentication 2.0
 
OpenID 2009
OpenID 2009OpenID 2009
OpenID 2009
 
Mobile Openid
Mobile OpenidMobile Openid
Mobile Openid
 
Client Side Cache
Client Side CacheClient Side Cache
Client Side Cache
 
The Security of OpenID Authentication 2.0
The Security of OpenID Authentication 2.0The Security of OpenID Authentication 2.0
The Security of OpenID Authentication 2.0
 
Customization of DBIC::Schema::Loader
Customization of DBIC::Schema::LoaderCustomization of DBIC::Schema::Loader
Customization of DBIC::Schema::Loader
 
Yadis/XRI and OpenID
Yadis/XRI and OpenIDYadis/XRI and OpenID
Yadis/XRI and OpenID
 
OpenID 2.0 Quick Note
OpenID 2.0 Quick NoteOpenID 2.0 Quick Note
OpenID 2.0 Quick Note
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Introduction OpenID Authentication 2.0 Revival

  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Identity Provider Identity Provider Identity Provider identity IdP     Identity Identity OpenID
  • 7.
  • 8.            見     一           
  • 9. zigorou.myopenid.com            自      入力  
  • 10.                    
  • 11.          
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.            
  • 19.                            
  • 20.
  • 21.
  • 22.
  • 23. User-Supplied Identifier OP Identifier     Claimed Identifier      
  • 24.
  • 25.
  • 26.
  • 27.               Discovery             Association                     Authenticate Request       Authenticate Response               Verification  
  • 28.
  • 29.               Discovery             Association                     Authenticate Request       Authenticate Response               Verification  
  • 30.
  • 31. [zigorou ~] $ lwp-request -S -e -d http://zigorou.myopenid.com/ | grep XRDS X-XRDS-Location: http://zigorou.myopenid.com/?xrds=1 [zigorou ~] $ lwp-request http://zigorou.myopenid.com/?xrds=1 <?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?> <xrds:XRDS xmlns:xrds=quot;xri://$xrdsquot; xmlns:openid=quot;http://openid.net/xmlns/1.0quot; xmlns=quot;xri://$xrd*($v*2.0)quot;> <XRD version=quot;2.0quot;> <Service priority=quot;0quot;> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/sreg/1.0</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> <Type>http://openid.net/srv/ax/1.0</Type> <URI>http://www.myopenid.com/server</URI> <LocalID>http://zigorou.myopenid.com/</LocalID> </Service>
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.               Discovery               Association                   Authenticate Request       Authenticate Response               Verification  
  • 46.
  • 47.
  • 48.
  • 49. #!/usr/bin/perl sub sig { my %pairs = @_; use strict; my $keyval = format_keyval(%pairs); use warnings; hmac_sha256_hex($keyval, $hmac_key); use Digest::SHA qw(hmac_sha256_hex); } use Perl6::Say; say sig( foo => quot;abcquot;, bar => quot;xyzquot; ); our $hmac_key = quot;common_secretquot;; 89b7f51ec9b76e97d5a179f313af38e6cc8b5cb086 sub format_keyval { 0e266caf6847ded05428ce my %pairs = @_; join quot;nquot; => map { $_ . ':' . $pairs{$_} } keys %pairs; }
  • 50.
  • 51.
  • 52.
  • 53.               Discovery               Association                   Authenticate Request       Authenticate Response               Verification  
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.               Discovery             Association                     Authenticate Request   Authenticate     Response               Verification