ã»ãã¥ãªãã£ãšèªèšŒã«ã€ããŠç¥ã
åŠç¿ã®ç®ç
ãã®åå ãå®äºãããšã次ã®ããšãã§ããããã«ãªããŸãã
- Salesforce ã¢ããªã±ãŒã·ã§ã³ã§äœ¿çšãããã»ãã¥ãªãã£ããã³èªèšŒæ¹æ³ãç¹å®ããã
- å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã®äœ¿çšããŠã¢ãã€ã«ã¢ããªã±ãŒã·ã§ã³ã Salesforce ãµãŒããŒã«çµ±åããæ¹æ³ã説æããã
- OAuth ã®åºæ¬çãªçšèªã説æããã
- OAuth èªèšŒããã³ PIN ã»ãã¥ãªãã£ã«ãããã€ãã³ããããŒã®æŠèŠã説æããã
OAuth 2.0 ã§ã¢ãã€ã«ã¢ããªã±ãŒã·ã§ã³ã®ã»ãã¥ãªãã£ãä¿è·ããŠèªèšŒãã
ã¢ãã€ã«ããã€ã¹ã§å®è¡ãããŠãããšã³ã¿ãŒãã©ã€ãºã¢ããªã±ãŒã·ã§ã³ã«ãšã£ãŠãå®å šãªèªèšŒã¯äžå¯æ¬ ã§ããOAuth 2.0 ã¯ããŠãŒã¶ãŒã®ããŒã¿ãžã®ã¢ã¯ã»ã¹ã«å¯Ÿããå®å šãªèªèšŒãå¯èœã«ããæ¥çæšæºã®ãããã³ã«ã§ããŠãŒã¶ãŒåããã³ãã¹ã¯ãŒããæž¡ãå¿ èŠããããŸãããOAuth ã¯ããœãããŠã§ã¢ã¢ã¯ã»ã¹ã®ãã¬ããããŒãšåŒã°ããããšããããããŸãããã¬ããããŒã䜿çšãããšãèªåè»ã®ç¹å®ã®éšåãžã®ã¢ã¯ã»ã¹ãå¶éã§ããŸããããšãã°ãé§è»å Žä¿ã«ãã¬ããããŒãé ããŠãããã©ã³ã¯ãããã·ã¥ããŒãã®å°ç©å ¥ããªã©ãéããããããšã¯ãããŸããã
ã¢ãã€ã«ã¢ããªã±ãŒã·ã§ã³ã®éçºè ã¯ãSalesforce OAuth2.0 ã®å®è£ ããã°ããç°¡åã«çµã¿èŸŒãããšãã§ããŸããå®è£ ã§ã¯ HTML ãã¥ãŒã䜿çšããŠãŠãŒã¶ãŒåãšãã¹ã¯ãŒããåéãããããããµãŒããŒã«éä¿¡ãããŸãããµãŒããŒããã»ãã·ã§ã³ããŒã¯ã³ãšæ°žç¶æŽæ°ããŒã¯ã³ãè¿ãããä»åŸã®ããåãã®ããã«ããã€ã¹ã«ä¿åãããŸãã
Salesforce å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã¯ãã¢ãã€ã«ã¢ããªã±ãŒã·ã§ã³ã Salesforce ã«æ¥ç¶ããããã®äž»èŠãªææ®µã§ããå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã«ãããéçºè ãšã·ã¹ãã 管çè ã¯ãã¢ããªã±ãŒã·ã§ã³ã®æ¥ç¶æ¹æ³ããã³ã¢ã¯ã»ã¹æš©ãä»äžãããŠãŒã¶ãŒãå¶åŸ¡ã§ããŸããããšãã°ãå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã§ã¢ã¯ã»ã¹ãäžé£ã®ãŠãŒã¶ãŒã«å¶éããããIP ç¯å²ã®èšå®ãŸãã¯ç·©åãªã©ãè¡ã£ããããããšãã§ããŸãã
OAuth ã®çšèªãçè§£ãã
Oauth ã«é¢ããŠããããªãããšãããã°ã以äžã®ãªã¹ãã圹ç«ã¡ãŸãããããã®çšèªããã¹ãŠææ¡ããã°ãOAuth ãååã«çè§£ã§ãããšãããŸãã
ã³ã³ã·ã¥ãŒããŒéµ |
ã³ã³ã·ã¥ãŒã㌠(ãã®å Žåã¯ãMobile SDK ã¢ããªã±ãŒã·ã§ã³) ã Salesforce ã«èªèº«ã®èº«åã蚌æããããã«äœ¿çšããå€ã§ãã |
ã¢ã¯ã»ã¹ããŒã¯ã³ |
ãŠãŒã¶ãŒã® Salesforce ãã°ã€ã³æ å ±ã䜿çšãã代ããã«ãä¿è·ããããªãœãŒã¹ãžã®ãŠãŒã¶ãŒã®ã¢ã¯ã»ã¹ãèš±å¯ããããã«ã³ã³ã·ã¥ãŒããŒã«ãã䜿çšãããå€ãã¢ã¯ã»ã¹ããŒã¯ã³ã¯ã»ãã·ã§ã³ ID ã§ãããçŽæ¥äœ¿çšã§ããŸãã |
æŽæ°ããŒã¯ã³ |
æ°ããã¢ã¯ã»ã¹ããŒã¯ã³ãååŸããããã«ã³ã³ã·ã¥ãŒããŒã䜿çšããããŒã¯ã³ããšã³ããŠãŒã¶ãŒãã¢ã¯ã»ã¹ãå床æ¿èªããå¿ èŠããããŸããã |
èªèšŒã³ãŒã |
ãšã³ããŠãŒã¶ãŒã«ãã£ãŠä»äžãããã¢ã¯ã»ã¹ã衚瀺ãããæå¹æéã®çãããŒã¯ã³ãèªèšŒã³ãŒãã¯ãã¢ã¯ã»ã¹ããŒã¯ã³ãšæŽæ°ããŒã¯ã³ãååŸããããã«äœ¿çšãããŸãã |
å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ |
OAuth ãããã³ã«ã䜿çšã㊠Salesforce ãŠãŒã¶ãŒãšå€éšã¢ããªã±ãŒã·ã§ã³ã®äž¡æ¹ãæ€èšŒãããSalesforce ã®å€éšã¢ããªã±ãŒã·ã§ã³ã |
OAuth2 èªèšŒãããŒ
OAuth èªèšŒæã®ã€ãã³ãã®ãããŒã¯ãããã€ã¹ã®èªèšŒç¶æ ã«ãã£ãŠç°ãªããŸãã
ååã®èªèšŒãããŒ
- 顧客ã Mobile SDK ã¢ããªã±ãŒã·ã§ã³ãéããŸãã
- èªèšŒããã³ããã衚瀺ãããŸãã
- 顧客ããŠãŒã¶ãŒåãšãã¹ã¯ãŒããå
¥åããŸãã
- ã¢ããªã±ãŒã·ã§ã³ã顧客ã®ãã°ã€ã³æ
å ±ã Salesforce ã«éä¿¡ããèªèšŒæåã®ç¢ºèªãšããŠã»ãã·ã§ã³ ID ãåä¿¡ããŸãã
- 顧客ããã¢ããªã±ãŒã·ã§ã³ã®èŠæ±ãæ¿èªããŠã¢ããªã±ãŒã·ã§ã³ã«ã¢ã¯ã»ã¹æš©ãä»äžããŸãã
- ã¢ããªã±ãŒã·ã§ã³ãèµ·åããŸãã
ç¶ç¶çãªèªèšŒ
- 顧客ãã¢ãã€ã«ã¢ããªã±ãŒã·ã§ã³ãéããŸãã
- ã»ãã·ã§ã³ ID ãæå¹ãªå Žåã¯ãã¢ããªã±ãŒã·ã§ã³ãçŽã¡ã«èµ·åããŸããã»ãã·ã§ã³ ID ãæéåãã®å Žåã¯ãåæèªèšŒããååŸãããæŽæ°ããŒã¯ã³ãã¢ããªã±ãŒã·ã§ã³ã§äœ¿çšããŠãæŽæ°ãããã»ãã·ã§ã³ ID ãååŸããŸãã
- ã¢ããªã±ãŒã·ã§ã³ãèµ·åããŸãã
ã¢ããªã±ãŒã·ã§ã³ããã¯ã»ãã¥ãªãã£
å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã§ã¯ãä»»æã®ã»ãã¥ãªãã£æ©èœãšããŠãæå®ãããæéããã¯ã°ã©ãŠã³ãç¶æ ãç¶ããåŸã«ã¢ããªã±ãŒã·ã§ã³ãããã¯ãããããã«èšå®ã§ããŸããã¢ããªã±ãŒã·ã§ã³ã®ããã¯ãè§£é€ããã«ã¯ããŠãŒã¶ãŒã«å¯ŸããŠãPIN ããã¹ã³ãŒããªã©ããªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã®çäœèªèšŒãŸãã¯æå·åã«ãããã£ã¬ã³ãžãæ±ããããŸãã
ã¢ããªã±ãŒã·ã§ã³ããã¯ä¿è·ã䜿çšããã«ã¯ãéçºè ãå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã®äœææã« [Screen Lock (ç»é¢ããã¯)] ãã§ãã¯ããã¯ã¹ããªã³ã«ããå¿ èŠããããŸããã¢ãã€ã«ã¢ããªã±ãŒã·ã§ã³ã®ã·ã¹ãã 管çè ã¯ãç»é¢ãããã¯ããããŸã§ã®ã¿ã€ã ã¢ãŠãæéãèšå®ã§ããŸãã
OAuth2 Web ãµãŒããŒãããŒ
ã»ãã¥ãªãã£ã匷åããããã«ãSalesforce ã§ã¯ Proof Key Code Exchange (PKCE) ãå«ãŸãã Web ãµãŒããŒãããŒã䜿çšããããšãæšå¥šããŠããŸãã詳现ã¯ããOAuth 2.0 Web Server Flow for Web App Integration (Web ã¢ããªã±ãŒã·ã§ã³ã€ã³ãã°ã¬ãŒã·ã§ã³ã®ããã® OAuth 2.0 Web ãµãŒããŒãããŒ)ããåç §ããŠãã ããã
OAuth 2 ãŠãŒã¶ãŒãšãŒãžã§ã³ããããŒ
ãŠãŒã¶ãŒãšãŒãžã§ã³ããããŒã§ã¯ãã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã Salesforce API ãšçµ±åããå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã¯ãã¢ã¯ã»ã¹ããŒã¯ã³ã HTTP ãªãã€ã¬ã¯ããšããŠåä¿¡ããŸããå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã¯ããŠãŒã¶ãŒãšãŒãžã§ã³ãã Web ãµãŒããŒãŸãã¯ã¢ã¯ã»ã¹å¯èœãªããŒã«ã«ãªãœãŒã¹ã«ãªãã€ã¬ã¯ãããããèªèšŒãµãŒããŒã«èŠæ±ããŸãã
Web ãµãŒããŒã¯å¿çããã¢ã¯ã»ã¹ããŒã¯ã³ãæœåºããŠå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã«æž¡ãããšãã§ããŸããã»ãã¥ãªãã£äžã®çç±ã«ãããããŒã¯ã³å¿çã¯ãURL ã§ããã·ã¥ã¿ã° (#) ãã©ã°ã¡ã³ããšããŠæå®ãããŸãããã®åœ¢åŒã¯ããµãŒããŒããåç §ããããŒå ã®ã»ãã®ãµãŒããŒã«ããŒã¯ã³ãæž¡ãããªãããã«ããŸãã
èŠå
ã¢ã¯ã»ã¹ããŒã¯ã³ã¯ãšã³ã³ãŒããããŠãªãã€ã¬ã¯ã URI ã«æ¿å ¥ãããŠããããããŠãŒã¶ãŒããããã€ã¹äžã®ã»ãã®ã¢ããªã±ãŒã·ã§ã³ã«å ¬éãããå ŽåããããŸãã
ç¯å²ãã©ã¡ãŒã¿ãŒã®å€
OAuth ã§ã¯ããµãŒããŒããã³ã¯ã©ã€ã¢ã³ãã®äž¡æ¹ã«ç¯å²èšå®ãå¿ èŠã§ãããµãŒããŒåŽãšã¯ã©ã€ã¢ã³ãåŽéã®åæã«ãã£ãŠãç¯å²ã«é¢ããå¥çŽãå®çŸ©ãããŸãã
-
ãµãŒããŒåŽ: Salesforce ãµãŒããŒã®å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã§ãç¯å²æš©éãå®çŸ©ããŸãããã®èšå®ã«ãããMobile SDK ã¢ããªã±ãŒã·ã§ã³ãªã©ãã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãèŠæ±ã§ããã¢ã¯ã»ã¹ã¬ãã«ã決ãŸããŸããå°ãªããšããã³ãŒãã§æå®ããå
容ã«åãããŠå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã® OAuth èšå®ãæå®ããŸããã»ãšãã©ã®ã¢ããªã±ãŒã·ã§ã³ã§ã¯ãrefresh_tokenãwebãapi ã§ååã§ããç¯å²ã®å®å
šãªãªã¹ãã«ã€ããŠã¯ããOAuth Tokens and Scopes (OAuth ããŒã¯ã³ãšç¯å²)ãã確èªããŠãã ããã
-
ã¯ã©ã€ã¢ã³ãåŽ: Mobile SDK ã¢ããªã±ãŒã·ã§ã³ã§ç¯å²èŠæ±ãæå®ããŸããã¯ã©ã€ã¢ã³ãã®ç¯å²èŠæ±ã¯ãå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã®ç¯å²æš©éã®ãµãã»ããã§ããå¿
èŠããããŸããMobile SDK 13.2 以éã§ã¯ãç¯å²ãæå®ããªããšããµãŒããŒã§èšå®ããããã¹ãŠã®ç¯å²ãä»äžãããŸãã
å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³
å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã¯ããµãŒãããŒãã£ã¢ããªã±ãŒã·ã§ã³ã API ãšã»ãã¥ãªãã£ãããã³ã«ã䜿çšã㊠Salesforce ãšçµ±åã§ããããã«ãããããã±ãŒãžåå¯èœãªãã¬ãŒã ã¯ãŒã¯ã§ãããŸããæ§é äžã®æ¹åã«ããããŠãŒã¶ãŒããŒã«ãå¥ã ã«ç®¡çãããã第 2 äžä»£ç®¡çããã±ãŒãžã䜿çšãããã§ããããã«ãªã£ãŠããŸããSalesforce ã§ã¯å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã®äœ¿çšãæšå¥šããŠãããæ¢åã®ããŒã«ã«æ¥ç¶ã¢ããªã±ãŒã·ã§ã³ã¯ããŒã«ã«å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã«ç§»è¡ããããšããå§ãããŸãã
å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãäœæãã
å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ã¯ç°¡åã«äœæã§ããŸãããã·ã¹ãã 管çè æš©éãå¿ èŠã§ããDeveloper Edition çµç¹ãŸã㯠Trailhead Playground çµç¹ã§ã¯ãèªåçã«ãããã®æš©éãä»äžãããŠããŸãã
- Trailhead Playground çµç¹ãŸã㯠Developer Edition çµç¹ã§ã[Setup (èšå®)] ã«ç§»åããŸãã
- [Setup (èšå®)] ããã[Quick Find (ã¯ã€ãã¯æ€çŽ¢)] ããã¯ã¹ã«
Apps(ã¢ããªã±ãŒã·ã§ã³) ãšå ¥åãã[External Client Apps Manager App Manager (å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãããŒãžã£ãŒ)] ãéžæããŸãã
-
[New External Client App (æ°èŠå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³)] ãéžæããŸãã
-
[Basic Information (åºæ¬æ
å ±)] ã§ããã©ãŒã ã«æ¬¡ã®ããã«å
¥åããŸãã
- External Client App Name (å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³å):
Trailhead Intro
- API Name (API åç
§å): æšå¥šå€ãåãå
¥ããŸãã
- Contact Email (ååŒå
責任è
ã¡ãŒã«): ã¡ãŒã«ã¢ãã¬ã¹ãå
¥åããŸãã
- [Distribution State (é
ä¿¡ç¶æ
)]: ããŒã«ã«çµç¹åãã«å€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãéçºããã«ã¯ã[Local (ããŒã«ã«)] ãéžæããŸããå€éšã¯ã©ã€ã¢ã³ãã¢ããªã±ãŒã·ã§ã³ãããã±ãŒãžåããŠé
ä¿¡ããã«ã¯ã[Distribution State (é
ä¿¡ç¶æ
)] ã [Packaged (ããã±ãŒãžåæžã¿)] ã«èšå®ããŸãã
- [API (Enable OAuth Settings) (API ([OAuth èšå®ã®æå¹å]))] ã§ã[Enable OAuth (OAuth ãæå¹å)] ããªã³ã«ããŸãã
- [Callback URL (ã³ãŒã«ãã㯠URL)] ã«ã
mysampleapp://auth/successãªã©ãä»»æ (å®åšãŸãã¯æ¶ç©º) ã® URL ãèšå®ããŸããèªåå ¥åã§åè£ã衚瀺ãããŠãéžæããªãã§ãã ããã代ããã«ãã³ãŒã«ãã㯠URL ã貌ãä»ããŸãã
- [Available OAuth Scopes (å©çšå¯èœãª OAuth ç¯å²)] ã§ã以äžãéžæããŸãã
-
API ã䜿çšããŠãŠãŒã¶ãŒããŒã¿ã管ç (api)
-
Web ãã©ãŠã¶ãŒã䜿çšããŠãŠãŒã¶ãŒããŒã¿ã管ç (web)
-
ãã€ã§ãèŠæ±ãå®è¡ (refresh_token, offline_access)
-
API ã䜿çšããŠãŠãŒã¶ãŒããŒã¿ã管ç (api)
-
[Add (远å )] ç¢å°ãã¯ãªãã¯ããŠãåéžæé
ç®ã [Selected OAuth Scopes (éžæãã OAuth ç¯å²)] ã«ç§»åããŸãããã®æå°ã®ç¯å²ã»ããã¯ãã»ãšãã©ã® Mobile SDK ã¢ããªã±ãŒã·ã§ã³ã«é©ããŠããŸãã
-
[Security (ã»ãã¥ãªãã£)] ã§ãæ¬¡ã®æäœãè¡ããŸãã
-
[Require Secret for Web Server Flow (Web ãµãŒããŒãããŒã®ç§å¯ãå¿
èŠ)] ããªãã«ããŸãã
-
[Require Secret for Refresh Token Flow (æŽæ°ããŒã¯ã³ãããŒã®ç§å¯ãå¿
èŠ)] ããªãã«ããŸãã
- (æšå¥š) [Issue JSON Web Token (JWT)-based access tokens for named users (æåãŠãŒã¶ãŒã® JSON Web ããŒã¯ã³ (JWT) ããŒã¹ã®ã¢ã¯ã»ã¹ããŒã¯ã³ãçºè¡)] ããªã³ã«ããŸãã
-
[Require Secret for Web Server Flow (Web ãµãŒããŒãããŒã®ç§å¯ãå¿
èŠ)] ããªãã«ããŸãã
-
[Create (äœæ)] ãã¯ãªãã¯ããŸãã
Mobile SDK ã¢ãŒããã¯ãã£ãšã»ãã¥ãªãã£ã«ã€ããŠå€å°ãªããšãããã£ããšããã§ãMobile SDK ãå®éã«è©ŠããŠã¿ãŸãããããŸãã¯æ¬¡ã® Challenge ãå§ããŸããããå¿ èŠãªãã®ã¯ Developer Edition ãŸã㯠Trailhead Playground ã®ã¿ã§ãããã®åŸãSet Up Your Mobile SDK Developer Tools (Mobile SDK éçºè ããŒã«ã®èšå®)ããããžãå®äºããããšããå§ãããŸãã
