20161219

ID

Yahoo! JAPANOpenID Certified Mark

OpenID TechNight Vol.14

2

kura

ID

OpenID

@kura_lab

3

http://hr.yahoo.co.jp/workplace/culture.html

4

1. 2. Yahoo! ID3. OpenID Certification 4. Yahoo! IDOpenID Certified Mark5. 6. 7. 8. 9.

5

OpenID Certified Mark

6 https://techblog.yahoo.co.jp/advent-calendar-2016/openid_certified/

OpenID Certified Mark

7

Yahoo! IDYahoo! ID FederationOpenID Connect protocolOP Basic, OP Implicit, OP Hybrid, OP ConfigOpenID Certified

OpenID Certified by Yahoo Japan Corporation to the of OP Basic, OP Implicit, OP Hybrid and OP Config of the OpenID Connect protocol.

8

Yahoo! ID

Yahoo! ID

9

Yahoo! JAPAN IDID

OpenID Connect

SDK PHP / Java / iOS / Android

Yahoo! JAPAN ID

10

l Yahoo! JAPAN IDYahoo! JAPAN

l Yahoo!!Yahoo!Yahoo!Yahoo!

l Yahoo! JAPAN ID

3,600ID*

* 20162

No.1

11

56.5%22.1%

17.8%

3.1% 0.5%

Yahoo! JAPAN

Facebook

Google/Google+

Twitter

mixi

2015/07/16

Yahoo! JAPAN IDNo.1

PLUS

OpenID Connect

12

OAuth 2.0 OAuth 2.0 + +

13

OpenID Certification

OpenID Certification

14

IDOpenID Connect

OpenID ConnectOpenID FoundationOpenID Certified Mark

OpenID Certification

15http://openid.net/certification/

Google, Microsoft, Ping Identity, Salesforce, PayPal, NRI, NEC, 34OpenID Certified

201612

Yahoo! ID

16

Yahoo! IDOpenID Certified Mark

OpenID Certified Mark

17

OpenID Certified Mark=

Google Federated Identity

Yahoo! ID

OpenID Certified Mark

18

OSS

Libraries, Products, and Tools http://openid.net/developers/libraries/ C, C#, Go, Java, JavaScript, Perl, PHP,

Ruby...etc

Yahoo! IDdraft

19

Yahoo! IDOpenID Connect

OpenID Connect20142Yahoo! JAPAN2012draft

draft

20

1. draft2. draft

3. draft

Yahoo! JAPANGoogleMicrosoftdraft

draft

21

Yahoo! JAPANOpenID 2.0, BBAuth, OAuth 1.0aID

ID2RP

draft

22

2012draft2014

Hybrid Flow

23

201612Yahoo! IDOpenID CertificationOpenID Certified

OpenID Certified Mark

24

Yahoo! IDYahoo! ID FederationOpenID Connect protocolOP Basic, OP Implicit, OP Hybrid, OP ConfigOpenID Certified

OpenID Certified by Yahoo Japan Corporation to the of OP Basic, OP Implicit, OP Hybrid and OP Config of the OpenID Connect protocol.

25

26

Yahoo! ID ID TokenClaim Hybrid Flow

draft

ID TokenClaim

27

ID TokenUserInfo Endpointuser_idsub subsubject

ID TokenCheck ID Endpoint ID TokenJSON

ID TokenClaim

28

ID TokenHMAC-SHA256RSA-SHA256 ID

Token ID Token

ID TokenClaim

29

ID TokenPayloadauth_time, arm auth_timeAuthentication Time amrAuthentication Method Reference

IdPID Provider

RP

ID TokenClaim

30

ID TokenPayloadat_hash, c_hash at_hashAccess Token Hash c_hashAuthorization Code Hash SHA1 ID Token

Access Token, Authorization CodeID Token

Hybrid Flow

31

Hybrid Flow

Authorization Code FlowHybrid FlowToken EndpointID Token OpenID Connect

Hybrid Flow

32

Authorization Server

Resource Server

API

RP IdP

33

redirect_uri

34

redirect_uri

35

redirect_uri This URI MUST exactly match one of

the Redirection URI values for the Client pre-registered at the OpenID Provider, with the matching performed

OpenID Connect Core 1.0 incorporating errata set 1http://openid.net/specs/openid-connect-core-1_0.html

redirect_uri

36

redirect_uriURI

RP(Relying Party) https://example.com/site?id=

redirect_uri

37

RP

Yahoo! IDredirect_uri

state

38

39

display

page/popup/touch/wap RP

40

displaypage(PC)

User Agent

RPdisplay=auto

Claim

41

UserInfo EndpointClaim formatted street_address locality region postal_code contry

Claim

42

RPRPstreet_address

Claim2 street_address_block street_address_building

Access/Refresh Token

43

expires_in Access Token

RPAccess TokenRefresh TokenUnix

Access/Refresh Token

44

Access/Refresh TokenIdP(ID Provider)

Access Token

45

Yahoo! IDcode

stateredirect_uri

RPerrorerror_description

46

47

Yahoo! ID

-- http://developer.yahoo.co.jp/developer/contact/

48

2017

49

50

Yahoo! IDOpenID Certified Mark

OSSRP

Yahoo! ID

51

52

53

Appendix

Appendix

54

http://hr.yahoo.co.jp/workplace/culture.html

Yahoo! ID http://developer.yahoo.co.jp/yconnect/

OpenID Certification http://openid.net/certification/

OpenID Certified Mark http://openid.net/certification/mark/

OpenID Certification Program http://oixnet.org/openid-certifications/yahoo-japan/

Appendix

55

Yahoo! ID -OAuth 2.0 OpenID Connect http://developer.yahoo.co.jp/yconnect/introduction.html

OpenID Connect ?ID? http://www.slideshare.net/kura_lab/openid-connect-id

OpenID Connect Core 1.0 incorporating errata set 1 http://openid.net/specs/openid-connect-core-1_0.html