{"id":10264,"date":"2020-06-07T00:02:43","date_gmt":"2020-06-06T15:02:43","guid":{"rendered":"http:\/\/www.webcyou.com\/?p=10264"},"modified":"2020-06-09T00:22:22","modified_gmt":"2020-06-08T15:22:22","slug":"django-django-rest-auth-nuxt-js-auth-module-%e3%81%a7%e4%bd%9c%e3%82%8b-spa-jwt-oauth-%e3%83%ad%e3%82%b0%e3%82%a4%e3%83%b3%e3%82%b7%e3%82%b9%e3%83%86%e3%83%a0-%e3%81%9d%e3%81%ae%ef%bc%91","status":"publish","type":"post","link":"https:\/\/www.webcyou.com\/?p=10264","title":{"rendered":"Django django-rest-auth + Nuxt.js auth-module \u3067\u4f5c\u308b SPA JWT OAuth \u30ed\u30b0\u30a4\u30f3\u30b7\u30b9\u30c6\u30e0 \u305d\u306e\uff11"},"content":{"rendered":"

\u3069\u3082\u3067\u3059\u3002<\/p>\n

\u4eca\u56de\u306f\u3001Django<\/strong>\uff08django-rest-auth\uff09\u3068\u3001Nuxt.js<\/strong>\u3092\u4f7f\u3063\u3066\u3001SPA\u30b5\u30a4\u30c8\uff08\u30de\u30a4\u30af\u30ed\u30b5\u30fc\u30d3\u30b9\uff09<\/strong>\u306b\u304a\u3051\u308b\u3001OAuth\u8a8d\u53ef\u306e\u4ed5\u7d44\u307f\u3092\u4f7f\u3063\u3066JWT\u30ed\u30b0\u30a4\u30f3\u306e\u4ed5\u7d44\u307f<\/strong>\u3092\u4f5c\u3063\u3066\u884c\u304d\u307e\u3057\u3087\u3046\u3002<\/p>\n

\u3068\u3044\u3046\u4e8b\u3067\u3001\u3069\u3046\u3044\u3046\u4e8b\uff1f\u3068\u601d\u3063\u3066\u3044\u308b\u65b9\u3082\u5c11\u306a\u304f\u306a\u3044\u304b\u3068\u601d\u308f\u308c\u307e\u3059\u306e\u3067\u3001\u7aef\u7684\u306b\u8aac\u660e\u3055\u305b\u3066\u9802\u304d\u307e\u3059\u3002<\/p>\n

\u307e\u305a\u30d5\u30ed\u30f3\u30c8\u3001\u30b5\u30fc\u30d0\u30fc\u7b49\u306e\u69cb\u6210\u306f\u4ee5\u4e0b\u306e\u69d8\u306a\u611f\u3058\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n

\"\"<\/p>\n

SPA\u306a\u3069\u30de\u30a4\u30af\u30ed\u30b5\u30fc\u30d3\u30b9\u306b\u304a\u3051\u308b\u3088\u304f\u3042\u308b\u69cb\u6210\u304b\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n

\u30d5\u30ed\u30f3\u30c8\u30a8\u30f3\u30c9\u306bNuxt.js\u3001\u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u306bdjango\u3001OAuth\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u30b5\u30fc\u30d0\u30fc\u3068\u8a00\u3063\u305f\u69cb\u6210\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n

\u3053\u308c\u306f\u3001\u30d5\u30ed\u30f3\u30c8\u30a8\u30f3\u30c9\u304cReact\u3067\u3082Angular\u3067\u3082\u3001\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u30b5\u30fc\u30d0\u304cRails\u3067\u3082\u3001SpringBoot\u3067\u3082\u9055\u3044\u306f\u3042\u308a\u307e\u305b\u3093\u3002<\/p>\n

OAuth\u8a8d\u8a3c\u8a8d\u53ef\u30d5\u30ec\u30fc\u30e0\u30ef\u30fc\u30af\u3092\u7528\u3044\u305f\u3001\u30bd\u30fc\u30b7\u30e3\u30eb\u30ed\u30b0\u30a4\u30f3\u3092\u5b9f\u88c5\u3057\u3088\u3046\u3068\u3059\u308b\u3068\u3001\u8272\u3093\u306a\u5f62\u304c\u3042\u308a\u307e\u3059\u304c\u3001\u4e0a\u8a18\u306e\u69d8\u306a\u69cb\u6210\u306e\u5834\u5408\u306f\u3001OAuth2.0\u3001OIDC\uff08Open ID Connect\uff09<\/strong>\u3067\u306e\u3001\u30de\u30eb\u30c1\u30d7\u30eb\u30ec\u30b9\u30dd\u30f3\u30b9\u30bf\u30a4\u30d7\u3067\u3042\u308b\u3001\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc<\/strong>\u3067\u306e\u5b9f\u88c5\u304c\u6700\u9069\u306aOAuth\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3060\u3068\u8003\u3048\u307e\u3059\u3002<\/p>\n

 <\/p>\n

OAuth 2.0 Multiple Response Type Encoding Practices<\/strong><\/p>\n

https:\/\/openid.net\/specs\/oauth-v2-multiple-response-types-1_0.html<\/a><\/p>\n

 <\/p>\n

\u30e2\u30ce\u30ea\u30b7\u30c3\u30af\u306a\u69cb\u6210\u306e\u6642\u3068\u306f\u7570\u306a\u308a\u3001SPA\u69cb\u6210\u3067\u306f\u30d5\u30ed\u30f3\u30c8\u5074\u3067\u306e\u753b\u9762\u9077\u79fb\u306e\u51e6\u7406\u304c\u884c\u308f\u308c\u307e\u3059\u3002<\/p>\n

\u30d5\u30ed\u30f3\u30c8\u30a8\u30f3\u30c9\u5074\u306bOAuth\u30ed\u30b0\u30a4\u30f3\u306e\u70ba\u3001\u30b3\u30f3\u30d5\u30a3\u30c6\u3099\u30f3\u30b7\u30e3\u30eb\u3067\u3042\u308b\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u30ad\u30fc\u7b49\u3092\u4fdd\u6301\u3059\u308b\u3053\u3068\u306f\u3001\u5b89\u6613\u306b\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u60c5\u5831\u6f0f\u6d29\u3055\u305b\u308b\u5f62<\/strong>\u3068\u306a\u308a\u307e\u3059\u306e\u3067\u3001\u30b3\u30f3\u30d5\u30a3\u30c6\u3099\u30f3\u30b7\u30e3\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3067\u3042\u308bdjango\u5074\u306b\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u30ad\u30fc\u3092\u4fdd\u6301\u3057\u3001\u30d5\u30ed\u30f3\u30c8\u3001\u30b5\u30fc\u30d0\u30fc\u3068\u4e21\u65b9\u3067\u8a8d\u8a3c\uff08\u691c\u8a3c\uff09\u3092\u884c\u3046\u5f62\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n

\u4eca\u56de\u306f\u3001\u3053\u306eSPA\u3068\u30b3\u30f3\u30d5\u30a3\u30c6\u3099\u30f3\u30b7\u30e3\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u69cb\u6210\u306e\u5834\u5408\u3001\u6700\u9069\u3068\u601d\u308f\u308c\u308b\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc\u3092<\/strong>\u7528\u3044\u3066\u3001\u8a8d\u8a3c\u8a8d\u53ef\u306bJWT\u3092\u7528\u3044\u3066\u5b9f\u88c5\u3092\u884c\u3063\u3066\u3044\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n

\u3053\u3053\u3067\u3001\u8efd\u304f OAuth\u30d5\u30ed\u30fc\u7b49\u3092\u307e\u3068\u3081\u3066\u307f\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n

OAuth\u304a\u3055\u3089\u3044<\/h4>\n
OAuth \u30ed\u30fc\u30eb<\/h5>\n\n\n\n\n\n\n\n
\u540d\u79f0<\/th>\n\u6982\u8981<\/th>\n<\/tr>\n
\u30ea\u30bd\u30fc\u30b9\u30aa\u30fc\u30ca\u30fc\uff08\u30e6\u30fc\u30b6\u30fc\uff09<\/strong><\/td>\n\u00a0\u30e6\u30fc\u30b6\u30fc\u306e\u30c7\u30fc\u30bf\u306e\u6240\u6709\u8005\u3002<\/p>\n

\u30b5\u30fc\u30d3\u30b9\u4e0a\u3067\u3001\u753b\u50cf\u3084\u52d5\u753b\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u5f8c\u3001\u95b2\u89a7\u7de8\u96c6\u3067\u304d\u308b\u30e6\u30fc\u30b6\u30fc\u3002<\/td>\n<\/tr>\n

\u30af\u30e9\u30a4\u30a2\u30f3\u30c8<\/strong><\/td>\n\u4e0a\u8a18\u306e\u4fdd\u8b77\u3055\u308c\u305f\u30ea\u30bd\u30fc\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3002web\u3001\u30cd\u30a4\u30c6\u30a3\u30d6\u30a2\u30d7\u30ea\u554f\u308f\u305a\u3002<\/td>\n<\/tr>\n
\u8a8d\u53ef\u30b5\u30fc\u30d0\u30fc<\/strong><\/td>\n\u30ea\u30bd\u30fc\u30b9\u30aa\u30fc\u30ca\u30fc\u306e\u8a8d\u8a3c\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u30ea\u30bd\u30fc\u30b9\u30a2\u30af\u30bb\u30b9\u306e\u8a31\u53ef\u3001\u30a2\u30af\u30bb\u30b9\u30c8\u30fc\u30af\u30f3\u767a\u884c\u306a\u3069\u3092\u62c5\u3046\u3002<\/td>\n<\/tr>\n
\u30ea\u30bd\u30fc\u30b9\u30b5\u30fc\u30d0\u30fc<\/strong><\/td>\n\u753b\u50cf\u3084\u52d5\u753b\u306a\u3069\u306e\u6a5f\u80fd\u3092\u63d0\u4f9b\u3059\u308b\u30b5\u30fc\u30d3\u30b9\u3002<\/p>\n

\u30ea\u30bd\u30fc\u30b9\u30aa\u30fc\u30ca\u30fc\u304c\u30a2\u30af\u30bb\u30b9\u3092\u8a31\u53ef\u3057\u3001\u4e3b\u306b\u30a2\u30af\u30bb\u30b9\u30c8\u30fc\u30af\u30f3\u3092\u7528\u3044\u3066\u30ea\u30bd\u30fc\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

OAuth\u306e\u30ed\u30fc\u30eb\uff08\u767b\u5834\u4eba\u7269\uff09\u306f\u4e3b\u306b4\u3064\u3002<\/p>\n

\u8a73\u7d30\u306f\u5272\u611b\u3055\u305b\u3066\u3082\u3089\u3044\u307e\u3059\u3002<\/p>\n

 <\/p>\n

\u00a0\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7<\/h5>\n\n\n\n\n\n\n\n\n
\u540d\u79f0<\/th>\n\u6982\u8981<\/th>\n<\/tr>\n
\u8a8d\u53ef\u30b3\u30fc\u30c9\u30b0\u30e9\u30f3\u30c8<\/strong><\/td>\n\u00a0\u30b3\u30f3\u30d5\u30a3\u30c7\u30f3\u30b7\u30e3\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u6700\u9069\u5316\u3055\u308c\u305f\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3002<\/td>\n<\/tr>\n
\u30a4\u30f3\u30d7\u30ea\u30b7\u30c3\u30c8\u30b0\u30e9\u30f3\u30c8<\/strong><\/td>\n\u00a0\u975e\u63a8\u5968\u3002<\/p>\n

\u30d1\u30d6\u30ea\u30c3\u30af\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u305f\u3081\u306e\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3002<\/p>\n

\u8a8d\u53ef\u30b3\u30fc\u30c9\u30b0\u30e9\u30f3\u30c8+PKCE\u3092\u63a8\u5968\u3055\u308c\u3066\u3044\u308b\u3002<\/td>\n<\/tr>\n

\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30af\u30ec\u30c7\u30f3\u30b7\u30e3\u30eb\u30b0\u30e9\u30f3\u30c8<\/strong><\/td>\n\u00a0\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3068\u8a8d\u53ef\u30b5\u30fc\u30d0\u30fc\u9593\u3060\u3051\u306e\u3084\u308a\u53d6\u308a\u306e\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3002<\/td>\n<\/tr>\n
\u30ea\u30bd\u30fc\u30b9\u30aa\u30fc\u30ca\u30fc\u30d1\u30b9\u30ef\u30fc\u30c9\u30af\u30ec\u30c7\u30f3\u30b7\u30e3\u30eb\u30b0\u30e9\u30f3\u30c8<\/strong><\/td>\n\u30ea\u30bd\u30fc\u30b9\u30b5\u30fc\u30d0\u30fc\u53ca\u3073\u8a8d\u53ef\u30b5\u30fc\u30d0\u30fc\u3068\u30af\u30e9\u30a4\u30a2\u30f3\u3068\u63d0\u4f9b\u304c\u540c\u3058\u306e\u5834\u5408\u306e\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3002<\/td>\n<\/tr>\n
\u30cf\u30a4\u30d6\u30ea\u30c3\u30c9\u30d5\u30ed\u30fc<\/strong><\/td>\n\u00a0\u30a4\u30f3\u30d5\u309a\u30ea\u30b7\u30c3\u30c8\u30d5\u30ed\u30fc\u3068\u8a8d\u53ef\u30b3\u30fc\u30c8\u3099\u30d5\u30ed\u30fc\u306e\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u306a\u30d5\u30ed\u30fc\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u3053\u3053\u3067\u3001\u307e\u305a\u6ce8\u76ee\u3059\u308b\u3068\u3053\u308d\u306f\u300c\u30a4\u30f3\u30d7\u30ea\u30b7\u30c3\u30c8\u30b0\u30e9\u30f3\u30c8<\/strong>\u300d\u3067\u3057\u3087\u3046\u3002<\/p>\n

\u30d1\u30d6\u30ea\u30c3\u30af\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3002\u3064\u307e\u308aweb\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3084\u30cd\u30a4\u30c6\u30a3\u30d6\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u5411\u3051\u306e\u305f\u3081\u306e\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3067\u306f\u3042\u308a\u307e\u3059\u304c\u3001\u975e\u63a8\u5968\u3068\u306a\u3063\u3066\u304a\u308a\u307e\u3059\u3002<\/p>\n

\u975e\u63a8\u5968\u3068\u306a\u3063\u305f\u7406\u7531\u3068\u3057\u307e\u3057\u3066\u3001\u30a2\u30af\u30bb\u30b9\u30c8\u30fc\u30af\u30f3\u304c\u30ea\u30c0\u30a4\u30ec\u30af\u30c8\u3067\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u53d7\u3051\u6e21\u3055\u308c\u308b\u305f\u3081\u3001\u6f0f\u6d29\u3084\u7f6e\u304d\u63db\u3048\u306e\u30ea\u30b9\u30af\u304c\u751f\u3058\u308b\u306e\u304c\u4e3b\u306a\u7406\u7531\u3068\u306a\u3063\u3066\u307e\u3059\u3002<\/p>\n

\u305d\u306e\u305f\u3081\u3001\u7f6e\u304d\u63db\u3048\u3092\u9632\u3050\u305f\u3081Sender-Constrained\u30a2\u30af\u30bb\u30b9\u30c8\u30fc\u30af\u30f3\u3092\u7528\u3044\u308b\u65b9\u6cd5\u3082\u63d0\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u304c\u3001web\u3084\u30cd\u30a4\u30c6\u30a3\u30d6\u30a2\u30d7\u30ea\u306a\u3069\u30af\u30e9\u30a4\u30a2\u30f3\u30c8ID\u3084\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u3092\u30bb\u30ad\u30e5\u30a2\u306b\u4fdd\u5b58\u3067\u304d\u306a\u3044\u3001\u30d1\u30d6\u30ea\u30c3\u30af\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u306f\u9069\u5fdc\u3067\u304d\u305a\u3001\u8a8d\u53ef\u30b3\u30fc\u30c9\u30b0\u30e9\u30f3\u30c8+PKCE\u3092\u7528\u3044\u305f\u30d5\u30ed\u30fc\u304c\u63a8\u5968\u3055\u308c\u3066\u304a\u308a\u307e\u3059\u3002<\/p>\n

OAuth 2.0 Security Best Current Practice<\/a><\/p>\n

PKCE\uff08Proof Key for Code Exchange\uff09\u306f\u3001OAuth\u306e\u62e1\u5f35\u4ed5\u69d8\uff08RFC7636<\/a>\uff09\u3067\u3001\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u308b\u4ed5\u69d8\u3067\u3001\u30d1\u30d6\u30ea\u30c3\u30af\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3001\u30cd\u30a4\u30c6\u30a3\u30d6\u30a2\u30d7\u30ea\u3067\u306eOAuth\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8106\u5f31\u6027\u3092\u9632\u3050\u4ed5\u7d44\u307f\u3068\u306a\u3063\u3066\u304a\u308a\u307e\u3059\u3002<\/p>\n

PKCE\u306f\u3001code_verifier\u3084code_challenge\u3092\u7528\u3044\u3066\u691c\u8a3c\u3059\u308b\u30d5\u30ed\u30fc\u3068\u306a\u308a\u307e\u3059\u304c\u3001\u8a73\u7d30\u306b\u95a2\u3057\u3066\u306f\u4ed6\u306e\u6709\u5fd7\u305f\u3061\u306a\u3069\u304c\u30cd\u30c3\u30c8\u306a\u3069\u306b\u30a2\u30c3<\/p>\n

\u30d7\u3055\u308c\u3066\u3044\u3066\u3001\u591a\u304f\u306e\u89e3\u8aac\u3082\u3042\u308b\u3053\u3068\u3068\u3001\u4eca\u56deOAuth\u8a8d\u8a3c\u30d5\u30ed\u30fc\u306e\u89e3\u8aac\u3067\u306f\u306a\u304f\u5b9f\u88c5\u306b\u95a2\u3059\u308b\u89e3\u8aac\u3068\u3044\u3046\u3053\u3068\u3082\u3042\u3063\u3066\u5272\u611b\u3055\u305b\u3066\u9802\u304d\u307e\u3059\u3002<\/p>\n

\u305d\u308c\u3068\u3001\u4eca\u56deDjango\u3067\u306e\u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u304c\u3042\u308a\u3001\u30b3\u30f3\u30d5\u30a3\u30c6\u3099\u30f3\u30b7\u30e3\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c\u5b58\u5728\u3059\u308b\u306e\u3082\u3042\u3063\u3066\u3001\u5225\u306e\u30d5\u30ed\u30fc\u3092\u691c\u8a0e\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n

OpenID connect\uff08OIDC\uff09<\/h4>\n

\u3068\u3044\u3046\u8a33\u3067\u3001OAuth\u8a8d\u8a3c\u306b\u95a2\u3057\u3066\u898b\u3066\u304d\u307e\u3057\u305f\u306e\u3067\u3001OpenID connect\uff08OIDC\uff09\u3082\u898b\u3066\u3044\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n

OpenID connect\uff08OIDC\uff09\u306f\u3001OAuth\u306e\u62e1\u5f35\u3055\u308c\u305f\u3082\u306e\u3067\u3001ID\u30c8\u30fc\u30af\u30f3\u3068UserInfo\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u304c\u52a0\u3048\u3089\u308c\u305f\u4ed5\u7d44\u307f\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n

OpenID connect\uff08OIDC\uff09 \u30ed\u30fc\u30eb<\/h5>\n\n\n\n\n\n\n\n
\u540d\u79f0<\/th>\n\u6982\u8981<\/th>\n<\/tr>\n
\u30a8\u30f3\u30c9\u30e6\u30fc\u30b6\u30fc<\/strong><\/td>\nOAuth\u3067\u306e\u30ea\u30bd\u30fc\u30b9\u30aa\u30fc\u30ca\u30fc\u306b\u76f8\u5f53\u3002<\/p>\n

OIDC\u3067\u306f\u3001\u30ea\u30bd\u30fc\u30b9\u306e\u6982\u5ff5\u304c\u306a\u3044\u306e\u3067\u5358\u306b\u30a8\u30f3\u30c9\u30e6\u30fc\u30b6\u30fc\u3068\u306a\u308b\u3002<\/td>\n<\/tr>\n

\u30ea\u30e9\u30a4\u30f3\u30b0\u30fb\u30d1\u30fc\u30c6\u30a3\u30fc<\/strong><\/td>\nOAuth\u3067\u306e\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u76f8\u5f53\u3002<\/td>\n<\/tr>\n
ID\u30d7\u30ed\u30d0\u30a4\u30c0<\/strong><\/td>\nOAuth\u3067\u306e\u8a8d\u53ef\u30b5\u30fc\u30d0\u30fc\u306b\u76f8\u5f53\u3002<\/p>\n

OIDC\u3067\u306f\u3001ID\u30c8\u30fc\u30af\u30f3\u3001\u30a2\u30af\u30bb\u30b9\u30c8\u30fc\u30af\u30f3\u3092\u767a\u884c\u3059\u308b\u3082\u306e\u306fID\u30d7\u30ed\u30d0\u30a4\u30c0\u3068\u306a\u308b\u3002<\/td>\n<\/tr>\n

UserInfo\u30a8\u30f3\u30c9<\/b><\/td>\nOAuth\u3067\u306e\u30ea\u30bd\u30fc\u30b9\u30b5\u30fc\u30d0\u30fc\u306b\u76f8\u5f53\u3002<\/p>\n

OIDC\u3067\u63d0\u4f9b\u3055\u308c\u308b\u30ea\u30bd\u30fc\u30b9\u306f\u30d7\u30ed\u30d5\u30a3\u30fc\u30eb\u60c5\u5831\u306e\u307f\u3068\u306a\u308b\u305f\u3081\u3001UserIfo\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u304c\u5b9a\u7fa9\u3055\u308c\u3066\u3044\u308b\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

scope\u306b\u300copenid\u300d\u3092\u6307\u5b9a\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u3001OIDC\u3067\u306e\u30b7\u30fc\u30b1\u30f3\u30b9\u3092\u958b\u59cb\u3059\u308b\u3053\u3068\u3092\u5ba3\u8a00\u3057\u307e\u3059\u3002<\/p>\n

\u3088\u3063\u3066\u3001OIDC\u3067\u306fscope\u306bopenid\u306e\u6307\u5b9a\u304c\u5fc5\u9808\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n

 <\/p>\n

\u30d5\u30ed\u30fc<\/h5>\n\n\n\n\n\n\n
\u540d\u79f0<\/th>\n\u6982\u8981<\/th>\n<\/tr>\n
\u8a8d\u53ef\u30b3\u30fc\u30c9\u30d5\u30ed\u30fc<\/strong><\/td>\n\u00a0\u30b3\u30f3\u30d5\u30a3\u30c7\u30f3\u30b7\u30e3\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u6700\u9069\u5316\u3055\u308c\u305f\u30d5\u30ed\u30fc\u3002<\/td>\n<\/tr>\n
\u30a4\u30f3\u30d7\u30ea\u30b7\u30c3\u30c8\u30d5\u30ed\u30fc<\/strong><\/td>\n\u00a0\u30d1\u30d6\u30ea\u30c3\u30af\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u305f\u3081\u306e\u30d5\u30ed\u30fc\u3002<\/td>\n<\/tr>\n
\u30cf\u30a4\u30d6\u30ea\u30c3\u30c9\u30d5\u30ed\u30fc<\/strong><\/td>\n\u30a4\u30f3\u30d5\u309a\u30ea\u30b7\u30c3\u30c8\u30d5\u30ed\u30fc\u3068\u8a8d\u53ef\u30b3\u30fc\u30c8\u3099\u30d5\u30ed\u30fc\u306e\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u306a\u30d5\u30ed\u30fc\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

OpenID connect\uff08OIDC\uff09\u3067\u306f\u3001\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3068\u547c\u3070\u308c\u3066\u3044\u305f\u3082\u306e\u304c\u30d5\u30ed\u30fc\u3068\u3057\u3066\u547c\u3070\u308c\u3066\u304a\u308a\u307e\u3059\u3002<\/p>\n

\u307e\u305f\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30af\u30ec\u30c7\u30f3\u30b7\u30e3\u30eb\u30b0\u30e9\u30f3\u30c8<\/strong>\u3084\u3001\u30ea\u30bd\u30fc\u30b9\u30aa\u30fc\u30ca\u30fc\u30d1\u30b9\u30ef\u30fc\u30c9\u30af\u30ec\u30c7\u30f3\u30b7\u30e3\u30eb\u30b0\u30e9\u30f3\u30c8<\/strong>\u306a\u3069\u306b\u8a72\u5f53\u3059\u308b\u3082\u306e\u304c\u306a\u304f3\u3064\u3068\u306a\u3063\u3066\u304a\u308a\u307e\u3059\u3002<\/p>\n

\u3068\u3001OAuth\u30b0\u30e9\u30f3\u30c8\u30bf\u30a4\u30d7\u3067\u3082\u3042\u3063\u305f\u300c\u30cf\u30a4\u30d6\u30ea\u30c3\u30c9\u30d5\u30ed\u30fc\u300d\u306b\u3064\u3044\u3066\u898b\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n

\u3053\u3053\u3067\u3001\u3088\u3046\u3084\u304f\u5192\u982d\u306eOAuth 2.0 Multiple Response Type<\/strong>\u306b\u95a2\u3057\u3066\u306e\u304a\u8a71\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n

OAuth 2.0 Multiple Response Type Encoding Practices<\/strong><\/p>\n

https:\/\/openid.net\/specs\/oauth-v2-multiple-response-types-1_0.html<\/a><\/p>\n

GET \/authorize?\r\n    response_type=id_token%20token\r\n    &client_id=s6BhdRkqt3\r\n    &redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb\r\n    &state=af0ifjsldkj HTTP\/1.1\r\n  Host: server.example.com<\/pre>\n
 <\/p>\n
\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc\u3068\u306f\uff1f<\/strong><\/p>\n
\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc\u306f\u30a4\u30f3\u30d5\u309a\u30ea\u30b7\u30c3\u30c8\u30d5\u30ed\u30fc\u3068\u8a8d\u53ef\u30b3\u30fc\u30c8\u3099\u30d5\u30ed\u30fc\u306e\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u306a\u30d5\u30ed\u30fc\u3066\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n
\u30cf\u309a\u30d5\u3099\u30ea\u30c3\u30af\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\uff08\u4eca\u56de\u3067\u3044\u3046\u3068Nuxt.js\uff09\u3068\u30b3\u30f3\u30d5\u30a3\u30c6\u3099\u30f3\u30b7\u30e3\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\uff08\u4eca\u56de\u3067\u3044\u3046\u3068Django\uff09\u306e\u4e21\u65b9\u3066\u3099\u69cb\u6210\u3055\u308c\u3066\u3044\u308b\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b\u4e3b\u306b\u5229\u7528\u3055\u308c\u307e\u3059\u3002<\/p>\n
\u30d5\u30ed\u30fc\u306e\u5207\u308a\u66ff\u3048\u306f\u8a8d\u8a3c\u30ea\u30af\u30a8\u30b9\u30c8\u306b\u542b\u307e\u308c\u308b\u300cresponse_type\u300d\u306e\u5024\u3068\u3057\u3066\u300ccode\u300d\u300ctoken\u300d\u300cid_token\u300d\u3092\u8907\u6570\u6307\u5b9a\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u5207\u308a\u66ff\u3048\u308b\u3053\u3068\u304c\u3067\u304d\u3001\u8a8d\u8a3c\u30ec\u30b9\u30db\u309a\u30f3\u30b9\u306b\u542b\u307e\u308c\u308b\u30c8\u30fc\u30af\u30f3\u3082\u5909\u5316\u3055\u308c\u307e\u3059\u3002<\/p>\n
\u6307\u5b9a\u65b9\u6cd5\u3068\u3001\u30d5\u30ed\u30fc\u306e\u5207\u308a\u66ff\u3048\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n
 <\/p>\n
response_type \u3068\u30d5\u30ed\u30fc<\/h5>\n\n\n\n\n\n\n\n\n\n\n
response_type<\/th>\n\u30d5\u30ed\u30fc<\/th>\n<\/tr>\n<\/thead>\n
code<\/td>\n\u8a8d\u53ef\u30b3\u30fc\u30c8\u3099\u30d5\u30ed\u30fc<\/td>\n<\/tr>\n
id_token<\/td>\n\u30a4\u30f3\u30d5\u309a\u30ea\u30b7\u30c3\u30c8\u30d5\u30ed\u30fc<\/td>\n<\/tr>\n
id_token token<\/td>\n\u30a4\u30f3\u30d5\u309a\u30ea\u30b7\u30c3\u30c8\u30d5\u30ed\u30fc<\/td>\n<\/tr>\n
code id_token<\/td>\n\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc<\/td>\n<\/tr>\n
code token<\/td>\n\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc<\/td>\n<\/tr>\n
code id_token token<\/td>\n\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
 <\/p>\n
\u5b9f\u88c5\u3059\u308bresponse_type \u3068\u30d5\u30ed\u30fc\u3068\u30b7\u30fc\u30b1\u30f3\u30b9<\/h4>\n
\u3068\u3001\u8a00\u3046\u308f\u3051\u3067\u3001\u3056\u3063\u304f\u308a\u3068OAuth\u3068OIDC\u306b\u95a2\u3057\u3066\u304a\u3055\u3089\u3044\u3092\u3057\u3066\u304d\u307e\u3057\u305f\u3002<\/p>\n
\u305d\u3053\u3067\u3001\u4eca\u56de\u5b9f\u88c5\u3059\u308bresponse_type\u3068\u30d5\u30ed\u30fc\u306f\u3001\u4e0a\u8a18\u306e\u8868\u306e<\/p>\n
\u300ccode token\u300d\u306e\u30cf\u30a4\u30d5\u3099\u30ea\u30c3\u30c8\u3099\u30d5\u30ed\u30fc<\/strong> \u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n
\u30d5\u30ed\u30f3\u30c8\u30a8\u30f3\u30c9\u306bNuxt.js\u3001\u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u306bdjango\u3092\u7528\u3044\u305f\u7c21\u6613\u306a\u30b7\u30fc\u30b1\u30f3\u30b9\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n
\"\"<\/p>\n
 <\/p>\n
\u3053\u3046\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u3001\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u60c5\u5831\u6f0f\u6d29\u3055\u305b\u308b\u3053\u3068\u306a\u304fSPA\u30b5\u30a4\u30c8\u3067\u306eOAuth\u8a8d\u8a3c\u30ed\u30b0\u30a4\u30f3\u306e\u4ed5\u7d44\u307f\u304c\u4f5c\u308c\u305d\u3046\u3067\u3059\u3002<\/p>\n
\u3068\u3001\u3061\u3087\u3063\u3068\u9577\u304f\u306a\u308a\u305d\u3046\u306a\u306e\u3067\u3001\u7d9a\u304d\u306f\u6b21\u56de\u306b\u3057\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n
\u307e\u305a\u3001\u6b21\u56de\u306fDjango\u5074\u306e\u5b9f\u88c5\u304b\u3089\u9032\u3081\u3066\u884c\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n
\u3067\u306f\u3067\u306f\u3041\u3002<\/p>\n
\u7d9a\u304d\u306f\u3053\u3061\u3089\u3001<\/p>\n
Django django-rest-auth + Nuxt.js auth-module \u3067\u4f5c\u308b SPA JWT OAuth \u30ed\u30b0\u30a4\u30f3\u30b7\u30b9\u30c6\u30e0 \u305d\u306e\uff12<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\u3069\u3082\u3067\u3059\u3002 \u4eca\u56de\u306f\u3001Django\uff08django-rest-auth\uff09\u3068\u3001Nuxt.js\u3092\u4f7f\u3063\u3066\u3001SPA\u30b5\u30a4\u30c8\uff08\u30de\u30a4\u30af\u30ed\u30b5\u30fc\u30d3\u30b9\uff09\u306b\u304a\u3051\u308b\u3001OAuth\u8a8d\u53ef\u306e\u4ed5\u7d44\u307f\u3092\u4f7f\u3063\u3066JWT\u30ed\u30b0\u30a4\u30f3\u306e\u4ed5\u7d44\u307f\u3092\u4f5c\u3063\u3066\u884c\u304d\u307e\u3057\u3087\u3046\u3002 \u3068\u3044\u3046 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[257],"tags":[176,40,166,37,47,107,262,173,44,45,39,78,114,118,263],"class_list":{"0":"post-10264","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"hentry","6":"category-python","7":"tag-html5","8":"tag-ios-sdk","9":"tag-iphone","10":"tag-iphone-","11":"tag-javascript-2","12":"tag-mamp","13":"tag-oauth","14":"tag-php","15":"tag-web","17":"tag-39","18":"tag-78","19":"tag-114","20":"tag-118","21":"tag-263"},"_links":{"self":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts\/10264","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10264"}],"version-history":[{"count":26,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts\/10264\/revisions"}],"predecessor-version":[{"id":10355,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts\/10264\/revisions\/10355"}],"wp:attachment":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10264"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10264"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10264"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}