mirror of https://iceshrimp.dev/Crimekillz/jointrashposs.git synced 2024-11-24 09:49:06 +01:00

かっこかり 811461f235

* New translations thread-mute.md (Chinese Simplified)

* New translations webhook.md (Chinese Simplified)

* New translations 1.troubleshooting.md (Chinese Simplified)

* New translations donate.md (Chinese Simplified)

* New translations misskey-hub.md (Chinese Simplified)

* New translations announcement.md (Chinese Simplified)

* New translations role.md (Chinese Simplified)

* New translations 1.index.md (Chinese Simplified)

* New translations bash.md (Chinese Simplified)

* New translations docker.md (Chinese Simplified)

* New translations kubernetes.md (Chinese Simplified)

* New translations manual.md (Chinese Simplified)

* New translations ubuntu-manual.md (Chinese Simplified)

* New translations cdn.md (Chinese Simplified)

* New translations disable-timelines.md (Chinese Simplified)

* New translations 1.index.md (Chinese Simplified)

* New translations permission.md (Chinese Simplified)

* New translations 1.index.md (Chinese Simplified)

* New translations 2.miauth.md (Chinese Simplified)

* New translations 5.releases.md (Chinese Simplified)

* New translations 1.index.md (Chinese Simplified)

* New translations 3.oauth.md (Chinese Simplified)

* New translations ja-jp.yml (Chinese Traditional)

* New translations 1.about-misskey.md (Chinese Traditional)

* New translations 2.get-started.md (Chinese Traditional)

* New translations 3.join-server.md (Chinese Traditional)

* New translations 4.things-to-know.md (Chinese Traditional)

* New translations ads.md (Chinese Traditional)

* New translations drive.md (Chinese Traditional)

* New translations mfm.md (Chinese Traditional)

* New translations mute-and-block.md (Chinese Traditional)

* New translations pages.md (Chinese Traditional)

* New translations poll.md (Chinese Traditional)

* New translations share-form.md (Chinese Traditional)

* New translations thread-mute.md (Chinese Traditional)

* New translations webhook.md (Chinese Traditional)

* New translations 1.troubleshooting.md (Chinese Traditional)

* New translations donate.md (Chinese Traditional)

* New translations misskey-hub.md (Chinese Traditional)

* New translations announcement.md (Chinese Traditional)

* New translations role.md (Chinese Traditional)

* New translations 1.index.md (Chinese Traditional)

* New translations bash.md (Chinese Traditional)

* New translations docker.md (Chinese Traditional)

* New translations kubernetes.md (Chinese Traditional)

* New translations manual.md (Chinese Traditional)

* New translations ubuntu-manual.md (Chinese Traditional)

* New translations cdn.md (Chinese Traditional)

* New translations disable-timelines.md (Chinese Traditional)

* New translations 1.index.md (Chinese Traditional)

* New translations permission.md (Chinese Traditional)

* New translations 1.index.md (Chinese Traditional)

* New translations 2.miauth.md (Chinese Traditional)

* New translations publish-on-your-website.md (Chinese Traditional)

* New translations 5.releases.md (Chinese Traditional)

* New translations 1.index.md (Chinese Traditional)

* New translations 3.oauth.md (Chinese Traditional)

* New translations 1.about-misskey.md (English)

* New translations 2.get-started.md (English)

* New translations 3.join-server.md (English)

* New translations 4.things-to-know.md (English)

* New translations ads.md (English)

* New translations drive.md (English)

* New translations mfm.md (English)

* New translations mute-and-block.md (English)

* New translations pages.md (English)

* New translations poll.md (English)

* New translations share-form.md (English)

* New translations thread-mute.md (English)

* New translations webhook.md (English)

* New translations 1.troubleshooting.md (English)

* New translations donate.md (English)

* New translations misskey-hub.md (English)

* New translations announcement.md (English)

* New translations role.md (English)

* New translations 1.index.md (English)

* New translations bash.md (English)

* New translations docker.md (English)

* New translations kubernetes.md (English)

* New translations manual.md (English)

* New translations ubuntu-manual.md (English)

* New translations cdn.md (English)

* New translations disable-timelines.md (English)

* New translations 1.index.md (English)

* New translations permission.md (English)

* New translations 1.index.md (English)

* New translations 2.miauth.md (English)

* New translations 5.releases.md (English)

* New translations 1.index.md (English)

* New translations 3.oauth.md (English)

* New translations 1.about-misskey.md (Indonesian)

* New translations 2.get-started.md (Indonesian)

* New translations 3.join-server.md (Indonesian)

* New translations 4.things-to-know.md (Indonesian)

* New translations ads.md (Indonesian)

* New translations drive.md (Indonesian)

* New translations mfm.md (Indonesian)

* New translations mute-and-block.md (Indonesian)

* New translations pages.md (Indonesian)

* New translations poll.md (Indonesian)

* New translations share-form.md (Indonesian)

* New translations thread-mute.md (Indonesian)

* New translations webhook.md (Indonesian)

* New translations 1.troubleshooting.md (Indonesian)

* New translations donate.md (Indonesian)

* New translations misskey-hub.md (Indonesian)

* New translations announcement.md (Indonesian)

* New translations role.md (Indonesian)

* New translations 1.index.md (Indonesian)

* New translations bash.md (Indonesian)

* New translations docker.md (Indonesian)

* New translations kubernetes.md (Indonesian)

* New translations manual.md (Indonesian)

* New translations ubuntu-manual.md (Indonesian)

* New translations cdn.md (Indonesian)

* New translations disable-timelines.md (Indonesian)

* New translations 1.index.md (Indonesian)

* New translations permission.md (Indonesian)

* New translations 1.index.md (Indonesian)

* New translations 2.miauth.md (Indonesian)

* New translations 5.releases.md (Indonesian)

* New translations 1.index.md (Indonesian)

* New translations 3.oauth.md (Indonesian)

* New translations 5.releases.md (Korean)

* New translations ja-jp.yml (English)

* New translations docker.md (English)

* New translations ja-jp.yml (Indonesian)

* New translations 5.releases.md (Korean)

* New translations ja-jp.yml (Indonesian)

* New translations 1.about-misskey.md (Indonesian)

* New translations 1.index.md (Indonesian)

* New translations ads.md (Indonesian)

* New translations antenna.md (Indonesian)

* New translations charts.md (Indonesian)

* New translations clip.md (Indonesian)

* New translations custom-emoji.md (Indonesian)

* New translations deck.md (Indonesian)

* New translations drive.md (Indonesian)

* New translations favorite.md (Indonesian)

* New translations follow.md (Indonesian)

* New translations hashtag.md (Indonesian)

* New translations mention.md (Indonesian)

* New translations mfm.md (Indonesian)

* New translations 1.index.md (Indonesian)

* New translations announcement.md (Indonesian)

* New translations bash.md (Indonesian)

* New translations ja-jp.yml (Indonesian)

* New translations mute-and-block.md (Indonesian)

* New translations pages.md (Indonesian)

* New translations apps.md (Indonesian)

* New translations donate.md (Indonesian)

* New translations bash.md (Indonesian)

* New translations docker.md (Indonesian)

* New translations manual.md (Indonesian)

* New translations 1.about-misskey.md (Chinese Traditional)

* New translations 1.about-misskey.md (Chinese Traditional)

* New translations create-plugin.md (French)

* New translations create-plugin.md (Italian)

* New translations create-plugin.md (Polish)

* New translations create-plugin.md (Chinese Simplified)

* New translations create-plugin.md (Chinese Traditional)

* New translations create-plugin.md (Indonesian)

* New translations aiscript.md (French)

* New translations aiscript.md (Italian)

* New translations aiscript.md (Korean)

* New translations aiscript.md (Polish)

* New translations aiscript.md (Chinese Simplified)

* New translations aiscript.md (Chinese Traditional)

* New translations aiscript.md (English)

* New translations aiscript.md (Indonesian)

* New translations ja-jp.yml (Chinese Traditional)

* New translations ja-jp.yml (Chinese Traditional)

* New translations troubleshooting.md (French)

* New translations libraries.md (French)

* New translations troubleshooting.md (Italian)

* New translations libraries.md (Italian)

* New translations troubleshooting.md (Korean)

* New translations libraries.md (Korean)

* New translations troubleshooting.md (Polish)

* New translations libraries.md (Polish)

* New translations troubleshooting.md (Chinese Simplified)

* New translations libraries.md (Chinese Simplified)

* New translations troubleshooting.md (Chinese Traditional)

* New translations libraries.md (Chinese Traditional)

* New translations troubleshooting.md (English)

* New translations libraries.md (English)

* New translations troubleshooting.md (Indonesian)

* New translations libraries.md (Indonesian)

* New translations ja-jp.yml (Chinese Traditional)

* New translations ja-jp.yml (French)

* New translations 2.miauth.md (French)

* New translations ja-jp.yml (Italian)

* New translations 2.miauth.md (Italian)

* New translations ja-jp.yml (Korean)

* New translations ja-jp.yml (Polish)

* New translations 2.miauth.md (Polish)

* New translations ja-jp.yml (Chinese Simplified)

* New translations 2.miauth.md (Chinese Simplified)

* New translations 2.miauth.md (Chinese Traditional)

* New translations ja-jp.yml (English)

* New translations 2.miauth.md (English)

* New translations ja-jp.yml (Indonesian)

* New translations 2.miauth.md (Indonesian)

* Revert "New translations 1.about-misskey.md (English)"

This reverts commit 2b9572c2cf.

* Revert "New translations 2.get-started.md (English)"

This reverts commit 2fa05a5aee.

* Revert "New translations 4.things-to-know.md (English)"

This reverts commit 698c5e980d.

* Revert "New translations ads.md (English)"

This reverts commit f0e1cd2965.

* Revert "New translations mfm.md (English)"

This reverts commit 51dcc0fc10.

* Revert "New translations webhook.md (English)"

This reverts commit cfbebc5783.

* Revert "New translations 1.index.md (English)"

This reverts commit 67d2bec45c.

* Revert "New translations disable-timelines.md (English)"

This reverts commit 19ead90df6.

* Revert "New translations webhook.md (French)"

This reverts commit 52e6a8429a.

* Revert "New translations webhook.md (Chinese Traditional)"

This reverts commit 395f0fbc4a.

* Revert "New translations webhook.md (Polish)"

This reverts commit ac4e2c534e.

* Revert "New translations webhook.md (Korean)"

This reverts commit 14853e1eab.

* Revert "New translations pages.md (Korean)"

This reverts commit f88e73d1ce.

* Revert "New translations bash.md (Korean)"

This reverts commit 60c9fae6a8.

* Revert "New translations kubernetes.md (Korean)"

This reverts commit 2239e8fd23.

* Revert "New translations ubuntu-manual.md (Korean)"

This reverts commit 3aab982625.

* Revert "New translations 1.about-misskey.md (Chinese Traditional)"

This reverts commit 5ac92102db.

* Revert "New translations 2.get-started.md (Chinese Traditional)"

This reverts commit d090253e34.

* Revert "New translations 3.join-server.md (Chinese Traditional)"

This reverts commit 634db4d49b.

* Revert "New translations 4.things-to-know.md (Chinese Traditional)"

This reverts commit 383ee08013.

* Revert "New translations ads.md (Chinese Traditional)"

This reverts commit 6ed3b6885f.

* Revert "New translations drive.md (Chinese Traditional)"

This reverts commit 988cacb17e.

* Revert "New translations mfm.md (Chinese Traditional)"

This reverts commit 6b53e36fc4.

* Revert "New translations mute-and-block.md (Chinese Traditional)"

This reverts commit 44b1b3c723.

* Revert "New translations pages.md (Chinese Traditional)"

This reverts commit 4e60747a55.

* Revert "New translations poll.md (Chinese Traditional)"

This reverts commit 00385dc6a1.

* Revert "New translations share-form.md (Chinese Traditional)"

This reverts commit 8858eaf2f7.

* Revert "New translations thread-mute.md (Chinese Traditional)"

This reverts commit d07bd70000.

* Revert "New translations 1.troubleshooting.md (Chinese Traditional)"

This reverts commit 7405a91ff9.

* fix

* New translations aiscript.md (Korean)

* New translations ja-jp.yml (Chinese Traditional)

* New translations troubleshooting.md (Korean)

* New translations ja-jp.yml (French)

* New translations ja-jp.yml (Italian)

* New translations ja-jp.yml (Korean)

* New translations ja-jp.yml (Polish)

* New translations ja-jp.yml (Chinese Simplified)

* New translations ja-jp.yml (English)

* New translations ja-jp.yml (Indonesian)

* New translations 5.releases.md (Korean)

* fix

* fix

* fix

* fix

2024-01-23 13:18:36 +09:00

7.3 KiB

Raw Blame History

description
v2023.9.0以降で使用できる、OAuth2.0方式での認証方法について説明しています。

OAuth方式でのアクセストークン取得方式

アプリケーションを利用するユーザー(以下単に「ユーザー」と呼びます)のアクセストークンを取得するには、以下の手順で発行をリクエストします。

:::tip

以下に説明する方法は、OAuth 2.0と呼ばれるものです。普通のOAuthはアプリを作成しますが、IndieAuthの拡張でアプリ作成なしで使えるようになっています。

OAuth方式は使えるライブラリが多いので、出来ればライブラリを使うのをおすすめします。

現在、この方式を使うためにはウェブページが必要になります。どうしてもウェブページを用意できない場合、もしくはMisskey 2023.9.0以前のバージョンをサポートしたい場合、以下の方式を使ってください。

:::

Step 1

アプリ紹介のためのウェブページを作ります。ページがHTTPSアドレスでアクセスできるようにしてください。ページのとこかに以下のようなHTMLコードを書きます。

<!-- （必須項目）hrefのアドレスが認証コードの転送先になります。 -->
<link rel='redirect_uri' href='/redirect'>

<!-- ユーザーに見せるアプリの名前になります。なかったらこのページのアドレスが名前になります。 -->
<div class='h-app'>
	<a href="/" class="u-url p-name">My Misskey App</a>
</div>

あとでredirect_uriのアドレスに認証コードが転送されます。

Step 2

PKCE code_verifierとcode_challenge文字列, 及びstate文字列を生成します。

code_verifierの場合は最低43字、最高128字でアルファベット大・小文字及び-._~の中の文字に限られます。
code_challenge文字列はcode_verifier文字列をSHA256アルゴリズムでハッシュしてbase64urlでエンコードした結果を使います。
state文字列には特別な制限はありません。ランダムな文字列を使います。

:::danger

この文字列は毎回生成し、使いまわさないようにしてください。

:::

:::tip

pkce-challengeとかのライブラリを使ったり、OAuthライブラリのPKCE機能を使うのがおすすめです。

:::

:::tip{label='例'}

import crypto from "node:crypto";

const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-._~";
const codeVerifier = new Array(128)
  .fill(0)
  .map(() => chars[Math.floor(chars.length * Math.random())])
  .join("");
console.log('code_verifier', codeVerifier);

const codeChallenge = crypto
  .createHash("sha256")
  .update(codeVerifier, "ascii")
  .digest("base64url");
console.log('code_challenge', codeChallenge);

const state = crypto.randomUUID();
console.log('state', state);

:::

Step 3

相手サーバーのOAuth情報を取得します。データはJSON形式になっています。

https://{host}/.well-known/oauth-authorization-server

{host}の部分は、ユーザーのサーバーのホストに置き換えます。通常ホストはユーザーが入力します。

ここではauthorization_endpointとtoken_endpointを使います。

:::tip

次のステップで使われるscopeの情報もscopes_supportedで確認できます。

:::

Step 4

アプリケーション認証フォームをユーザーのブラウザで表示させます。認証フォームは、以下の形式のURLで開くことができます:

{authorization_endpoint}?client_id={client_id}&response_type=code&redirect_uri={redirect_uri}&scope={scope}&code_challenge={code_challenge}&code_challenge_method=S256&state={state}

ここで、

{authorization_endpoint}の部分は、前の情報取得で得たアドレスに置き換えます。
{client_id}の部分は、アプリの紹介ページのアドレスに置き換えます。
{code_challenge}の部分は、前に生成したcode_challenge文字列に置き換えます
code_challenge_methodの部分は常にS256にします。
{redirect_uri}の部分は、紹介ページで使っている配達先のアドレスに置き換えます。
{scope}の部分は、アプリケーションが要求する権限に置き換えます。要求する権限をで区切って列挙します。権限の一覧はこちらで確認できます。
{state}の部分は、前に生成したstate文字列に置き換えます。

:::tip{label='例'}

https://misskey.local/oauth/authorize?client_id=http%3A%2F%2Fexample.com&code_challenge=C6hwMO2bmIzg3nqppTE9b79fvuOjlrKmH2xNiZSMHzw&code_challenge_method=S256&response_type=code&redirect_uri=http%3A%2F%2Fexample.com%2Fredirect&scope=write%3Anotes&state=87c11f05-86eb-4eb2-9057-f6a98fc5e9ab

:::

Step 5

ユーザーがアプリケーションアクセスを許可したら、redirect_uriのアドレスに認証コードがURLパラメータの形式で転送されます。

名前	説明
`code`	ユーザーの認証コード。
`state`	認証リクエストに使われた`state`文字列。

:::tip{label='例'}

https://example.com/redirect?code=...&state=87c11f05-86eb-4eb2-9057-f6a98fc5e9ab

:::

state文字列がちゃんと一致しているのか確認して、次のステップに進みます。

Step 6

転送された認証コードを使ってアクセストークンをPOSTでリクエストします。リクエスト先はtoken_endpointになります。データ形式はapplication/jsonとapplication/x-www-form-urlencodedを使えます。各パラメータは以下のようになります。

名前	説明
`grant_type`	常に`authorization_code`にします。
`client_id`	認証リクエストに使われた`client_id`文字列。
`redirect_uri`	認証リクエストに使われた`redirect_uri`文字列。
`scope`	認証リクエストに使われた`scope`文字列。
`code`	取得した認証コード。
`code_verifier`	前に生成した`code_verifier`文字列。

:::tip{label='例'}

const res = await fetch(endpoint, {
  method: "POST",
  body: JSON.stringify({
    grant_type: "authorization_code",
    client_id: "https://example.com",
    redirect_uri: "https://example.com/redirect",
    scope: "write:notes",
    code: "...",
    code_verifier: "hjjbCYDmDpSLjirkO-PrfWKsRhDdJr-PAEGRClRwzUKlmFIIIrZNmSvUIraeIa~WqbqQnfbJV-Hc_IfuQkesBYUpukUi~lInDfU_AZjoZqbU.ioQTRzaFfZFfGnT-OAA",
  }),
  headers: {
    "Content-Type": "application/json"
  }
});

:::

レスポンスはJSONオブジェクト形式で、そこからaccess_tokenを取得して使います。

7.3 KiB Raw Blame History Unescape Escape

OAuth方式でのアクセストークン取得方式

Step 1

Step 2

Step 3

Step 4

Step 5

Step 6

7.3 KiB

Raw Blame History