search

blocks-web3 / t3

2 stars 0 forks source link

Cognit + AzureSSO ログイン #4

Closed nsgwr closed 1 year ago

nsgwr commented 1 year ago

以下にアクセスすると

https://t3-login.auth.ap-northeast-1.amazoncognito.com/oauth2/authorize?client_id=kjo4u77if92pir727ait80dvv&response_type=code&scope=openid&redirect_uri=http%3A%2F%2Flocalhost%3A5173

以下にリダイレクトで帰ってくるようになっています。 http://localhost:5173?code=XXXX

さらにcode=XXXXを使ってこのリクエストをするとIDToken,AccessTokern,RefreshTokenを取得できます。

POST https://t3-login.auth.ap-northeast-1.amazoncognito.com/oauth2/authorize&
                            Content-Type='application/x-www-form-urlencoded'&

                            grant_type=authorization_code&
                            client_id=kjo4u77if92pir727ait80dvv&
                            code=XXXX&
                            redirect_uri=http://localhost:5173

取れるトークンはこれ

curl -i -X POST \
   -H "Content-Type:application/x-www-form-urlencoded" \
   -d "grant_type=authorization_code" \
   -d "client_id=kjo4u77if92pir727ait80dvv" \
   -d "redirect_uri=http://localhost:5173" \
   -d "code=XXXX" \
 'https://t3-login.auth.ap-northeast-1.amazoncognito.com/oauth2/token'

{
    "id_token": "eyJraWQiOiJBMUNVa1lWenJ2UkpVK3ZwbGNCUmdub2tncHZNcnhQK1k1WFwvS2R1ajNJOD0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiaUNlaEZxRHFYcXc4eWJnY285RnU0ZyIsInN1YiI6IjUxZjk0MTQxLTYwZmUtNDM4MC05NzYyLTE4NjRjYWRlNzdhMiIsImNvZ25pdG86Z3JvdXBzIjpbImFwLW5vcnRoZWFzdC0xX0ZYdjBzeGRKMF90My1wcm92aWRlciJdLCJjdXN0b206Z2l2ZW5uYW1lIjoi44GV44KTIiwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLmFwLW5vcnRoZWFzdC0xLmFtYXpvbmF3cy5jb21cL2FwLW5vcnRoZWFzdC0xX0ZYdjBzeGRKMCIsImN1c3RvbTpkaXNwbGF5bmFtZSI6IuiPheWOn-OBleOCkyIsImNvZ25pdG86dXNlcm5hbWUiOiJ0My1wcm92aWRlcl9zdWdhd2FyYUBzaW1wbGV4aW5jOTE4Lm9ubWljcm9zb2Z0LmNvbSIsImN1c3RvbTpzdXJuYW1lIjoi6I-F5Y6fIiwib3JpZ2luX2p0aSI6ImZiZmYwZTVkLWE5OTctNDgyNy04OTY0LTJmZTUyYTEwMmI0ZCIsImF1ZCI6ImtqbzR1NzdpZjkycGlyNzI3YWl0ODBkdnYiLCJpZGVudGl0aWVzIjpbeyJ1c2VySWQiOiJzdWdhd2FyYUBzaW1wbGV4aW5jOTE4Lm9ubWljcm9zb2Z0LmNvbSIsInByb3ZpZGVyTmFtZSI6InQzLXByb3ZpZGVyIiwicHJvdmlkZXJUeXBlIjoiU0FNTCIsImlzc3VlciI6Imh0dHBzOlwvXC9zdHMud2luZG93cy5uZXRcL2RiM2Q3ODA1LTVmOTMtNGE4ZC1hMzc2LTJiNmNjNGJmYWYxMFwvIiwicHJpbWFyeSI6InRydWUiLCJkYXRlQ3JlYXRlZCI6IjE2Nzc4Mzc2MTg0OTAifV0sInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNjc3ODM3OTMwLCJleHAiOjE2Nzc4MzgyMzAsImlhdCI6MTY3NzgzNzkzMCwianRpIjoiYThjYjM1NmEtYTM2Ny00MDcyLWIwOTYtMGMzMGFhNzMzMTRiIn0.X2kRtWCoLOMXPvfqURRnkuVuDUwUKgZy8sUCgXq0xZ3e2d7_-Ud1kdBtPllmbhisH3eOyzx6WpCTk0gtP3e-h9uYkfDg2R-Gxmm_-Z2IJfGHlEnNfbPpbUXhc8r25YQyKrYGXtTGgxnL4Kyc_b46akbZhlAIGhMVVu5AAKEAOHa-Yr5utkqhwgU4n-kBhwSraYUXzKbI6YnGHNlXVjekimdAe-2w-vIEZBxnf4K9VEhCEUkXEGC9ilojTfA9azZ8-TBizUMe9CLsweNZVCSqKJzCyO_iB5QYgbp1oZRAgZC-xX4FyyObPVRDGJ_8apk-Mr8eOtTwe93aIS_AnURu8Q",
    "access_token": "eyJraWQiOiJNSUJjVHVBOFAzclY5K3d4ME5qYU1MYkxFczRZSnVTVVVcL1h3dkt3anc4WT0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI1MWY5NDE0MS02MGZlLTQzODAtOTc2Mi0xODY0Y2FkZTc3YTIiLCJjb2duaXRvOmdyb3VwcyI6WyJhcC1ub3J0aGVhc3QtMV9GWHYwc3hkSjBfdDMtcHJvdmlkZXIiXSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLmFwLW5vcnRoZWFzdC0xLmFtYXpvbmF3cy5jb21cL2FwLW5vcnRoZWFzdC0xX0ZYdjBzeGRKMCIsInZlcnNpb24iOjIsImNsaWVudF9pZCI6ImtqbzR1NzdpZjkycGlyNzI3YWl0ODBkdnYiLCJvcmlnaW5fanRpIjoiZmJmZjBlNWQtYTk5Ny00ODI3LTg5NjQtMmZlNTJhMTAyYjRkIiwidG9rZW5fdXNlIjoiYWNjZXNzIiwic2NvcGUiOiJvcGVuaWQiLCJhdXRoX3RpbWUiOjE2Nzc4Mzc5MzAsImV4cCI6MTY3NzgzODIzMCwiaWF0IjoxNjc3ODM3OTMwLCJqdGkiOiI1YmU2ZTEzOC05MDcyLTRlZDItYjdjNy0yNmVkZWU0MmI0YjYiLCJ1c2VybmFtZSI6InQzLXByb3ZpZGVyX3N1Z2F3YXJhQHNpbXBsZXhpbmM5MTgub25taWNyb3NvZnQuY29tIn0.BpNg8WoFftRftjGcaEmYZVhZH3SXj6_Yg3mB9Z2nUIRsOKMXzEXzaGLJfIc1mFeLAy-zO9ddA6WCgdHAzk-jcV5_KyHqcxTLmzZR0flgiENzmrxRhy4blIgzeXEp5ZQ_qvRLbrvsxrh6oRM-MAdDzIAiubSD-W4eBx_YLyXiYUy3g2joJ-nSXQ93aqVuRmLqJlCWnulzCvBwd0fTyI8s8y2GEeZw9sn55VQL3SJ_AdAX0Yv7w_ZOQU9e5RcI5Z76S32va-bZh-nBDSrZnROI16T-zLahkC5p5_DxwKKgEARfSRZl3nDwEuAZpfzNbGdYulbi_0G6JSPhyVtzLbMBvQ",
    "refresh_token": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.DdznYqQYQUux4XxEeoUHUKBypT5XkWHIaQW9yGb7zVG_6GVyP__-Nio9Ihm1nVDVUWOBtRvEc_oxBfX3jYcqs750saH3fxUY4pAg-gpK7Daw6ecR-Kj3ck-VHmPBxLc22-wDyIaS4sxQZdHEOkqHXnFfwwpvac8MpE5oddfLTtsED5KEw7CC3hM_GxeVxjTkgqvlgaLCSwcM6Qbg8Rk5LbQSVRy-EOhgcfmATSKFucvVBMfgRj74_gfVAPFpAibP2EwzFg8vavV-LdNT33i5t22DIBwlDDju93lXMlfDfNn9di402atp7R6CON4661WnMD2Ptk2ULs3y6CHSUy6cig.a9_U9uChacKJJeYw.SwDZ-t-gyIusw3KjALlgRDhfaJkChUz38Y5tZ9sw9p_oHskwR8-9OwV2hfOsf5TL5nEB9FpiUmN3_dmuJ66ToEQYXeWc8CaVCGU6_M6I5tWlH3uJFtGU6bbUH2DkHtD75bJwD-5LfJbBIn61pdDliJQ3A3R_efDZYsCejBjQZ1OU-o7VODuV84DK3IiCTit4S1sp-ALjrxhi8X6GVf_KSurNBYKy_1qK_uWxZ6Vdc8I7r8K6w83XeYb1zWrvIUFtjdmeAsUuHELl75ypouGQfRjgs2-Jl907O1YJxMdZrxLTl9oyzkJn4CV6cv9CRRqmaIIhR3RJFcwPpt8eR9oTBQg3L37rKGePCxELp9NhH7UPuTJftegyMC9m2JLNAOPJG1eOoIA-vCVimdTfF84qKVLBN7zbvtjizSTUUoftZgNTtLtaLJetrvZIHj2cWCna6mloHklJ9-xNM50_bC8Mwq2GD_Ye_jJU0XVJvW-0umejmuGtpE4QejoXEudYoH6FPNlWggWNCEqNRWSmoMSU6SXLd117_2aGmZEFGiCIqotviwSxgEl8oXkBFQZD4cKe1GuoC5ZWNQL4PH5yIQXwwb7ETVhmlI7sTlW8U_jAallycxZTxdSxU0pr-sMqjFausGSG_6aHgWLQpg2y5FrxIH4r9MWEvccRY-wkgaYaxkBzcYNlto3lOAcmlIIVARql7ciZXQDvAtfG6dh_tDmySRrjSyLW7gFkZf99I7wSS-Pd7CUUKq-htSv9hVeP5ssGuM_A2eFZQUXV4XF5IGHND3gCnszJuH7LQcltCWLR8LZS8f0e4w8He8068F-w7onwl4mbMR_Q1KKfm_xqkH0q7X6sfonswpTshUEfKSAt4bNM5JwFanuxNozwqR8fTlvlA-KD8WIXQg_k6W8Rq5buL-mIHnY5mw-_TpEEbI-Nl0pJE70Jf6r2a4TedPQOGOt3zhNgFqf7l0uvwxn4oJOiQNBROo1w63LyqhWl2t8NQTGAP88JF6LliR-BErjNZSqsFIH1-fatxdjHoW4f24E-sryBa_vhdEfMFoPoWdMeE780mMCjAWGsdcfZ8z3YzGOCByg9ALh8p5KKmYa0xvJGDvXSOvBlnoWZcgLu5YRr1YIyh9aDpgsjTnWbQ9wyTSunce0x0i1WrS15BOK7aK-9FvwArPg6e7XjGi8IyDtW_ktAZdhbHUsbQMOueHTVve5TZbhqoYJn4_lk4e_f2H2ScFr89gh3oURr3oY_e3LjXKs4xvwDckiP0kg.HBfXmX9TEeszOUagfaSRhQ",
    "expires_in": 300,
    "token_type": "Bearer"
}
nsgwr commented 1 year ago

2 のタスク

これに KMSを追加する必要がある

nsgwr commented 1 year ago

AWS Cognitoまわり https://docs.aws.amazon.com/ja_jp/cognito/latest/developerguide/token-endpoint.html