SlideShare ist ein Scribd-Unternehmen logo

自社サービスのAPIをOAuth2対応にして公開した

Maki Toshio
Maki Toshio

This document contains code for configuring Doorkeeper for OAuth authentication in a Rails application. It defines resource owner authenticators to find an account from a token or credentials. It sets default and optional scopes. It customizes the Doorkeeper error response and adds authentication failure errors. It also shows code to automatically refresh an access token before expiration.

Ingenieurwesen
1 von 22
Downloaden Sie, um offline zu lesen
ALL-IN

 
 
 
 

# This block will be called to check whether the resource owner is authenticated or not. resource_owner_authenticator do if (token = doorkeeper_token).present? account = Account.find(doorkeeper_token.resource_owner_id) session[:actor] = account end end resource_owner_from_credentials do |routes| begin actor = Account.authenticate(username: params[:username], password: params[:password]) rescue => e raise Doorkeeper::Errors::AuthenticationFailed end end
default_scopes :login optional_scopes :"accounting:read", :"accounting:write", :"cockpit:read", :"cockpit:write", :"crm:read", :"crm:write", :"ssm:read", :"ssm:write", :"navigator:read", :"navigator:write", :"marketing:read", :"marketing:write", :"groupware:read", :"groupware:write", :"team:read", :"team:write", :"personnel:read", :"personnel:write", :"project_management:read", :"project_management:write", :"accounting:read", :"accounting:write", :"soms:read", :"soms:write", :"mail_delivery:read", :"mail_delivery:write", :"master:read", :"master:write", :all
class Api::V1::ProductsController < Api::V1::ApiController before_action :doorkeeper_authorize! # Requires access token for all actions # before_action -> { doorkeeper_authorize! :read, :write } # your actions end
module Doorkeeper module OAuth class ErrorResponse def body { code: name, message: description } end end end module Errors class AuthenticationFailed < DoorkeeperError def type :authentication_failed end end end end
# ALL-IN Doorkeeper # See https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-the-response-body-when-unauthorized def doorkeeper_render_error_with(error) case error.status when :unauthorized fail Unauthorized when :forbidden fail AccessDenied end end



 watch(): void { if (!!this.actor) { let grant: Grant = this.actor.getGrant()!; let isRefreshing: boolean = false; this.intervalId = setInterval(() => { if (!!this.actor && this.actor.isTokenExpired(grant) && !isRefreshing) { isRefreshing = true; this.oAuthTokenService.refreshToken(grant) .subscribe((result: Grant) => { if (this.actor) { this.actor.setGrant(result); this.actor.refresh({indicator: { isDisable: true}}).subscribe(() => { isRefreshing = false; }); } grant = result; }); } }, 10 * 1000); } }
自社サービスのAPIをOAuth2対応にして公開した
自社サービスのAPIをOAuth2対応にして公開した
自社サービスのAPIをOAuth2対応にして公開した

Empfohlen

CGI.pm - 3ло?!
CGI.pm - 3ло?!CGI.pm - 3ло?!
CGI.pm - 3ло?!Anatoly Sharifulin
 
SQL Injection Part 2
SQL Injection Part 2SQL Injection Part 2
SQL Injection Part 2n|u - The Open Security Community
 
Mojolicious: what works and what doesn't
Mojolicious: what works and what doesn'tMojolicious: what works and what doesn't
Mojolicious: what works and what doesn'tCosimo Streppone
 
Index
IndexIndex
Indexantseex
 
Blog Hacks 2011
Blog Hacks 2011Blog Hacks 2011
Blog Hacks 2011Yusuke Wada
 
Intro to OAuth
Intro to OAuthIntro to OAuth
Intro to OAuthmfrost503
 
Security in laravel
Security in laravelSecurity in laravel
Security in laravelSayed Ahmed
 
A Two-step Dance with Django and Jinja2 Templates
A Two-step Dance with Django and Jinja2 TemplatesA Two-step Dance with Django and Jinja2 Templates
A Two-step Dance with Django and Jinja2 Templatessmirolo
 

Empfohlen

CGI.pm - 3ло?!
CGI.pm - 3ло?!CGI.pm - 3ло?!
CGI.pm - 3ло?!Anatoly Sharifulin
 
SQL Injection Part 2
SQL Injection Part 2SQL Injection Part 2
SQL Injection Part 2n|u - The Open Security Community
 
Mojolicious: what works and what doesn't
Mojolicious: what works and what doesn'tMojolicious: what works and what doesn't
Mojolicious: what works and what doesn'tCosimo Streppone
 
Index
IndexIndex
Indexantseex
 
Blog Hacks 2011
Blog Hacks 2011Blog Hacks 2011
Blog Hacks 2011Yusuke Wada
 
Intro to OAuth
Intro to OAuthIntro to OAuth
Intro to OAuthmfrost503
 
Security in laravel
Security in laravelSecurity in laravel
Security in laravelSayed Ahmed
 
A Two-step Dance with Django and Jinja2 Templates
A Two-step Dance with Django and Jinja2 TemplatesA Two-step Dance with Django and Jinja2 Templates
A Two-step Dance with Django and Jinja2 Templatessmirolo
 
20151128 firefoxos-handson
20151128 firefoxos-handson20151128 firefoxos-handson
20151128 firefoxos-handsonNoritada Shimizu
 
Mojolicious
MojoliciousMojolicious
MojoliciousLenz Gschwendtner
 
Enlace de prezi
Enlace de preziEnlace de prezi
Enlace de preziProf. Edwin M. Ocasio
 
Insertcustomer
InsertcustomerInsertcustomer
Insertcustomeramirthalingam m
 
Perl调用微博API实现自动查询应答
Perl调用微博API实现自动查询应答Perl调用微博API实现自动查询应答
Perl调用微博API实现自动查询应答琛琳 饶
 
WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3Mizanur Rahaman Mizan
 
MyBB account hijacking
MyBB account hijackingMyBB account hijacking
MyBB account hijackingChris Illusion
 
Convidar para page !!
Convidar para page !!Convidar para page !!
Convidar para page !!Jhonny Batista
 
Codigo
CodigoCodigo
Codigonildar76
 
Securing WordPress
Securing WordPressSecuring WordPress
Securing WordPressShawn Hooper
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreMattias Geniar
 
Ejemplo para modificar el enlace de prezi para presentarlo en wordpress
Ejemplo para modificar el enlace de prezi para presentarlo en wordpressEjemplo para modificar el enlace de prezi para presentarlo en wordpress
Ejemplo para modificar el enlace de prezi para presentarlo en wordpressgmrs81
 
Practical PHP by example Jan Leth-Kjaer
Practical PHP by example Jan Leth-KjaerPractical PHP by example Jan Leth-Kjaer
Practical PHP by example Jan Leth-KjaerCOMMON Europe
 
قالب المواضيع
قالب المواضيعقالب المواضيع
قالب المواضيعkhaliled
 
Php web backdoor obfuscation
Php web backdoor obfuscationPhp web backdoor obfuscation
Php web backdoor obfuscationSandro Zaccarini
 
Php security
Php securityPhp security
Php securityssrajsathya
 
Writing Secure Code for WordPress
Writing Secure Code for WordPressWriting Secure Code for WordPress
Writing Secure Code for WordPressShawn Hooper
 
Clearance: Simple, complete Ruby web app authentication.
Clearance: Simple, complete Ruby web app authentication.Clearance: Simple, complete Ruby web app authentication.
Clearance: Simple, complete Ruby web app authentication.Jason Morrison
 
Make your own wp cli command in 10min
Make your own wp cli command in 10minMake your own wp cli command in 10min
Make your own wp cli command in 10minIvelina Dimova
 
Bioinformatica p4-io
Bioinformatica p4-ioBioinformatica p4-io
Bioinformatica p4-ioProf. Wim Van Criekinge
 
devise tutorial - 2011 rubyconf taiwan
devise tutorial - 2011 rubyconf taiwandevise tutorial - 2011 rubyconf taiwan
devise tutorial - 2011 rubyconf taiwanTse-Ching Ho
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기JeongHun Byeon
 

Weitere ähnliche Inhalte

Was ist angesagt?

20151128 firefoxos-handson
20151128 firefoxos-handson20151128 firefoxos-handson
20151128 firefoxos-handsonNoritada Shimizu
 
Perl调用微博API实现自动查询应答
Perl调用微博API实现自动查询应答Perl调用微博API实现自动查询应答
Perl调用微博API实现自动查询应答琛琳 饶
 
WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3Mizanur Rahaman Mizan
 
MyBB account hijacking
MyBB account hijackingMyBB account hijacking
MyBB account hijackingChris Illusion
 
Securing WordPress
Securing WordPressSecuring WordPress
Securing WordPressShawn Hooper
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreMattias Geniar
 
Ejemplo para modificar el enlace de prezi para presentarlo en wordpress
Ejemplo para modificar el enlace de prezi para presentarlo en wordpressEjemplo para modificar el enlace de prezi para presentarlo en wordpress
Ejemplo para modificar el enlace de prezi para presentarlo en wordpressgmrs81
 
Practical PHP by example Jan Leth-Kjaer
Practical PHP by example Jan Leth-KjaerPractical PHP by example Jan Leth-Kjaer
Practical PHP by example Jan Leth-KjaerCOMMON Europe
 
قالب المواضيع
قالب المواضيعقالب المواضيع
قالب المواضيعkhaliled
 
Php web backdoor obfuscation
Php web backdoor obfuscationPhp web backdoor obfuscation
Php web backdoor obfuscationSandro Zaccarini
 
Writing Secure Code for WordPress
Writing Secure Code for WordPressWriting Secure Code for WordPress
Writing Secure Code for WordPressShawn Hooper
 
Clearance: Simple, complete Ruby web app authentication.
Clearance: Simple, complete Ruby web app authentication.Clearance: Simple, complete Ruby web app authentication.
Clearance: Simple, complete Ruby web app authentication.Jason Morrison
 
Make your own wp cli command in 10min
Make your own wp cli command in 10minMake your own wp cli command in 10min
Make your own wp cli command in 10minIvelina Dimova
 

Was ist angesagt? (20)

20151128 firefoxos-handson
20151128 firefoxos-handson20151128 firefoxos-handson
20151128 firefoxos-handson
 
Mojolicious
MojoliciousMojolicious
Mojolicious
 
Enlace de prezi
Enlace de preziEnlace de prezi
Enlace de prezi
 
Insertcustomer
InsertcustomerInsertcustomer
Insertcustomer
 
Perl调用微博API实现自动查询应答
Perl调用微博API实现自动查询应答Perl调用微博API实现自动查询应答
Perl调用微博API实现自动查询应答
 
WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3
 
MyBB account hijacking
MyBB account hijackingMyBB account hijacking
MyBB account hijacking
 
Convidar para page !!
Convidar para page !!Convidar para page !!
Convidar para page !!
 
Codigo
CodigoCodigo
Codigo
 
Securing WordPress
Securing WordPressSecuring WordPress
Securing WordPress
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & more
 
Ejemplo para modificar el enlace de prezi para presentarlo en wordpress
Ejemplo para modificar el enlace de prezi para presentarlo en wordpressEjemplo para modificar el enlace de prezi para presentarlo en wordpress
Ejemplo para modificar el enlace de prezi para presentarlo en wordpress
 
Practical PHP by example Jan Leth-Kjaer
Practical PHP by example Jan Leth-KjaerPractical PHP by example Jan Leth-Kjaer
Practical PHP by example Jan Leth-Kjaer
 
قالب المواضيع
قالب المواضيعقالب المواضيع
قالب المواضيع
 
Php web backdoor obfuscation
Php web backdoor obfuscationPhp web backdoor obfuscation
Php web backdoor obfuscation
 
Php security
Php securityPhp security
Php security
 
Writing Secure Code for WordPress
Writing Secure Code for WordPressWriting Secure Code for WordPress
Writing Secure Code for WordPress
 
Clearance: Simple, complete Ruby web app authentication.
Clearance: Simple, complete Ruby web app authentication.Clearance: Simple, complete Ruby web app authentication.
Clearance: Simple, complete Ruby web app authentication.
 
Make your own wp cli command in 10min
Make your own wp cli command in 10minMake your own wp cli command in 10min
Make your own wp cli command in 10min
 
Bioinformatica p4-io
Bioinformatica p4-ioBioinformatica p4-io
Bioinformatica p4-io
 

Ähnlich wie 自社サービスのAPIをOAuth2対応にして公開した

devise tutorial - 2011 rubyconf taiwan
devise tutorial - 2011 rubyconf taiwandevise tutorial - 2011 rubyconf taiwan
devise tutorial - 2011 rubyconf taiwanTse-Ching Ho
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기JeongHun Byeon
 
Intro to PAS REST API
Intro to PAS REST APIIntro to PAS REST API
Intro to PAS REST APIJoe Garcia
 
Applications secure by default
Applications secure by defaultApplications secure by default
Applications secure by defaultSlawomir Jasek
 
Applications secure by default
Applications secure by defaultApplications secure by default
Applications secure by defaultSecuRing
 
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...Andrey Devyatkin
 
HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...
HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...
HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...Andrey Devyatkin
 
Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019Balázs Tatár
 
Secure Coding for NodeJS
Secure Coding for NodeJSSecure Coding for NodeJS
Secure Coding for NodeJSThang Chung
 
Ansible tips & tricks
Ansible tips & tricksAnsible tips & tricks
Ansible tips & tricksbcoca
 
What's new in Rails 4
What's new in Rails 4What's new in Rails 4
What's new in Rails 4Fabio Akita
 
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby MeetupBecoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby MeetupAndy Maleh
 
Tame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapperTame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapperGiordano Scalzo
 
Acceptance Testing with Webrat
Acceptance Testing with WebratAcceptance Testing with Webrat
Acceptance Testing with WebratLuismi Cavallé
 
Evolution Of Web Security
Evolution Of Web SecurityEvolution Of Web Security
Evolution Of Web SecurityChris Shiflett
 
Security: Odoo Code Hardening
Security: Odoo Code HardeningSecurity: Odoo Code Hardening
Security: Odoo Code HardeningOdoo
 
ELK: a log management framework
ELK: a log management frameworkELK: a log management framework
ELK: a log management frameworkGiovanni Bechis
 

Ähnlich wie 自社サービスのAPIをOAuth2対応にして公開した (20)

devise tutorial - 2011 rubyconf taiwan
devise tutorial - 2011 rubyconf taiwandevise tutorial - 2011 rubyconf taiwan
devise tutorial - 2011 rubyconf taiwan
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기
 
Intro to PAS REST API
Intro to PAS REST APIIntro to PAS REST API
Intro to PAS REST API
 
Applications secure by default
Applications secure by defaultApplications secure by default
Applications secure by default
 
Applications secure by default
Applications secure by defaultApplications secure by default
Applications secure by default
 
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...
 
Magic of Ruby
Magic of RubyMagic of Ruby
Magic of Ruby
 
HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...
HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...
HashiConf Digital 2020: HashiCorp Vault configuration as code via HashiCorp T...
 
Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019
 
Secure Coding for NodeJS
Secure Coding for NodeJSSecure Coding for NodeJS
Secure Coding for NodeJS
 
Ansible tips & tricks
Ansible tips & tricksAnsible tips & tricks
Ansible tips & tricks
 
Webauthn Tutorial
Webauthn TutorialWebauthn Tutorial
Webauthn Tutorial
 
What's new in Rails 4
What's new in Rails 4What's new in Rails 4
What's new in Rails 4
 
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby MeetupBecoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
 
PHP Secure Programming
PHP Secure ProgrammingPHP Secure Programming
PHP Secure Programming
 
Tame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapperTame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapper
 
Acceptance Testing with Webrat
Acceptance Testing with WebratAcceptance Testing with Webrat
Acceptance Testing with Webrat
 
Evolution Of Web Security
Evolution Of Web SecurityEvolution Of Web Security
Evolution Of Web Security
 
Security: Odoo Code Hardening
Security: Odoo Code HardeningSecurity: Odoo Code Hardening
Security: Odoo Code Hardening
 
ELK: a log management framework
ELK: a log management frameworkELK: a log management framework
ELK: a log management framework
 

Mehr von Maki Toshio

Rails 6.1 → 7.0アップデート記録
Rails 6.1 → 7.0アップデート記録Rails 6.1 → 7.0アップデート記録
Rails 6.1 → 7.0アップデート記録Maki Toshio
 
Searched gems which supports only ruby 2.6
Searched gems which supports only ruby 2.6Searched gems which supports only ruby 2.6
Searched gems which supports only ruby 2.6Maki Toshio
 
ActiveRecordで複雑なクエリを書くのは間違っているのか
ActiveRecordで複雑なクエリを書くのは間違っているのかActiveRecordで複雑なクエリを書くのは間違っているのか
ActiveRecordで複雑なクエリを書くのは間違っているのかMaki Toshio
 
やさしいGemパッチの作り方
やさしいGemパッチの作り方やさしいGemパッチの作り方
やさしいGemパッチの作り方Maki Toshio
 
ファイルシステムのスナップショット機能でバックアップを取得する
ファイルシステムのスナップショット機能でバックアップを取得するファイルシステムのスナップショット機能でバックアップを取得する
ファイルシステムのスナップショット機能でバックアップを取得するMaki Toshio
 
Cloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the Proxy
Cloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the ProxyCloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the Proxy
Cloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the ProxyMaki Toshio
 
メール製品を作って気づいたmailライブラリの光と闇について語る
メール製品を作って気づいたmailライブラリの光と闇について語るメール製品を作って気づいたmailライブラリの光と闇について語る
メール製品を作って気づいたmailライブラリの光と闇について語るMaki Toshio
 
明日から使える(?)Rubyトリビア
明日から使える(?)Rubyトリビア明日から使える(?)Rubyトリビア
明日から使える(?)RubyトリビアMaki Toshio
 
Rubyで簡単にremote access apiを実行する
Rubyで簡単にremote access apiを実行するRubyで簡単にremote access apiを実行する
Rubyで簡単にremote access apiを実行するMaki Toshio
 
レガシーコード改善ガイド
レガシーコード改善ガイドレガシーコード改善ガイド
レガシーコード改善ガイドMaki Toshio
 
Ruby on rails on hudsonの活用事例
Ruby on rails on hudsonの活用事例Ruby on rails on hudsonの活用事例
Ruby on rails on hudsonの活用事例Maki Toshio
 

Mehr von Maki Toshio (11)

Rails 6.1 → 7.0アップデート記録
Rails 6.1 → 7.0アップデート記録Rails 6.1 → 7.0アップデート記録
Rails 6.1 → 7.0アップデート記録
 
Searched gems which supports only ruby 2.6
Searched gems which supports only ruby 2.6Searched gems which supports only ruby 2.6
Searched gems which supports only ruby 2.6
 
ActiveRecordで複雑なクエリを書くのは間違っているのか
ActiveRecordで複雑なクエリを書くのは間違っているのかActiveRecordで複雑なクエリを書くのは間違っているのか
ActiveRecordで複雑なクエリを書くのは間違っているのか
 
やさしいGemパッチの作り方
やさしいGemパッチの作り方やさしいGemパッチの作り方
やさしいGemパッチの作り方
 
ファイルシステムのスナップショット機能でバックアップを取得する
ファイルシステムのスナップショット機能でバックアップを取得するファイルシステムのスナップショット機能でバックアップを取得する
ファイルシステムのスナップショット機能でバックアップを取得する
 
Cloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the Proxy
Cloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the ProxyCloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the Proxy
Cloud Foundry Day in Tokyo Lightning Talk - Cloud Foundry over the Proxy
 
メール製品を作って気づいたmailライブラリの光と闇について語る
メール製品を作って気づいたmailライブラリの光と闇について語るメール製品を作って気づいたmailライブラリの光と闇について語る
メール製品を作って気づいたmailライブラリの光と闇について語る
 
明日から使える(?)Rubyトリビア
明日から使える(?)Rubyトリビア明日から使える(?)Rubyトリビア
明日から使える(?)Rubyトリビア
 
Rubyで簡単にremote access apiを実行する
Rubyで簡単にremote access apiを実行するRubyで簡単にremote access apiを実行する
Rubyで簡単にremote access apiを実行する
 
レガシーコード改善ガイド
レガシーコード改善ガイドレガシーコード改善ガイド
レガシーコード改善ガイド
 
Ruby on rails on hudsonの活用事例
Ruby on rails on hudsonの活用事例Ruby on rails on hudsonの活用事例
Ruby on rails on hudsonの活用事例
 

Kürzlich hochgeladen

Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesRAJNEESHKUMAR341697
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projectssmsksolar
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Servicemeghakumariji156
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdfKamal Acharya
 
Bridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxBridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxnuruddin69
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationBhangaleSonal
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapRishantSharmaFr
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxSCMS School of Architecture
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Call Girls Mumbai
 
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills KuwaitKuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwaitjaanualu31
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdfKamal Acharya
 
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadkiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadhamedmustafa094
 
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...Health
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startQuintin Balsdon
 
Rums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfRums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfsmsksolar
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 

Kürzlich hochgeladen (20)

Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planes
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdf
 
Bridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptxBridge Jacking Design Sample Calculation.pptx
Bridge Jacking Design Sample Calculation.pptx
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equation
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
 
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills KuwaitKuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadkiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal load
 
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
Rums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfRums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdf
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 

自社サービスのAPIをOAuth2対応にして公開した

  • 1.
  • 2.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 10. # This block will be called to check whether the resource owner is authenticated or not. resource_owner_authenticator do if (token = doorkeeper_token).present? account = Account.find(doorkeeper_token.resource_owner_id) session[:actor] = account end end resource_owner_from_credentials do |routes| begin actor = Account.authenticate(username: params[:username], password: params[:password]) rescue => e raise Doorkeeper::Errors::AuthenticationFailed end end
  • 11. default_scopes :login optional_scopes :"accounting:read", :"accounting:write", :"cockpit:read", :"cockpit:write", :"crm:read", :"crm:write", :"ssm:read", :"ssm:write", :"navigator:read", :"navigator:write", :"marketing:read", :"marketing:write", :"groupware:read", :"groupware:write", :"team:read", :"team:write", :"personnel:read", :"personnel:write", :"project_management:read", :"project_management:write", :"accounting:read", :"accounting:write", :"soms:read", :"soms:write", :"mail_delivery:read", :"mail_delivery:write", :"master:read", :"master:write", :all
  • 12.
  • 13. class Api::V1::ProductsController < Api::V1::ApiController before_action :doorkeeper_authorize! # Requires access token for all actions # before_action -> { doorkeeper_authorize! :read, :write } # your actions end
  • 14. module Doorkeeper module OAuth class ErrorResponse def body { code: name, message: description } end end end module Errors class AuthenticationFailed < DoorkeeperError def type :authentication_failed end end end end
  • 15. # ALL-IN Doorkeeper # See https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-the-response-body-when-unauthorized def doorkeeper_render_error_with(error) case error.status when :unauthorized fail Unauthorized when :forbidden fail AccessDenied end end
  • 16.
  • 17.
  • 18.
  • 19. 
 watch(): void { if (!!this.actor) { let grant: Grant = this.actor.getGrant()!; let isRefreshing: boolean = false; this.intervalId = setInterval(() => { if (!!this.actor && this.actor.isTokenExpired(grant) && !isRefreshing) { isRefreshing = true; this.oAuthTokenService.refreshToken(grant) .subscribe((result: Grant) => { if (this.actor) { this.actor.setGrant(result); this.actor.refresh({indicator: { isDisable: true}}).subscribe(() => { isRefreshing = false; }); } grant = result; }); } }, 10 * 1000); } }