コマース用スマフォアプリにおける AWS構成&Cognito · PDF...

Click here to load reader

  • date post

    07-Feb-2018
  • Category

    Documents

  • view

    241
  • download

    8

Embed Size (px)

Transcript of コマース用スマフォアプリにおける AWS構成&Cognito · PDF...

  • CROOZ,Inc. 1

    AWSCognito

    SHOPLIST.com

    /

    TeamZeus

  • CROOZ

    CROOZ,Inc. 2

    CROOZ

  • CROOZ,Inc. 3

    SHOPLIST.comAWS/ Congito AWS AWS

  • CROOZ,Inc. 4

    SHOPLIST.com AWS/

  • CROOZ,Inc. 5

    SHOPLIST.com

    100(2014) 10(2015/4) 90%

  • CROOZ,Inc. 6

    AWS cloud

    Web on instances

    DB on instance MariaDB / ElasticSearch

    CloudFront

    Route 53

    S3

    ELB (Front)

    ElastiCache (Redis)

    nginx on instances EMR

    Amazon Redshift

  • CROOZ,Inc. 7

    OS/Middleware OS:CentOS6.4 Web:apache2.2/PHP5.4

    VENUS Cache:Amazon ElastiCache(Redis) DB():MariaDB 10.0.13 DB():Elasticsearch 1.5.2 Amazon Elastic MapReduce(Spark 1.3.1)

  • CROOZ,Inc. 8

    (2015/5)

    3-6 /

    3()

    Webc3.2xlargec3.xlarge DBr3.4xlarger3.2xlarge

    EBSgp2 Cachecache.r3.large ()m3.xlarge

  • CROOZ,Inc. 9

    5(10)

    1,000r/s Latency900ms

  • CROOZ,Inc. 10

    1requests/s

    Web(c3.2xlarge) 100r/s DB(r3.2xlarge gp2) 200r/s Cache(r3.large) 500r/s

    requests/s ?%

  • CROOZ,Inc. 11

    CloudFront

    S3 nginx/SMALL LIGHT Reports & Analytics TB/ 3-4

  • CROOZ,Inc. 12

    Congito

  • CROOZ,Inc. 13

    AWS cloud

    Web on instances

    DB on instance MariaDB / ElasticSearch

    CloudFront

    Route 53

    S3

    ELB (Front)

    ElastiCache (Redis)

    nginx on instances EMR

    Cognito

    Amazon Redshift

  • CROOZ,Inc. 14

    Cognito EC2 SHOPLIST.com

  • CROOZ,Inc. 15

    / id Latency

  • CROOZ,Inc. 16

    SHOPLIST.comdeveloper authenticated identities (unauthenticated identities)

  • CROOZ,Inc. 17

    iOS // AWSCognitoCredentialsProvider *credentialsProvider = [AWSCognitoCredentialsProvider

    credentialsWithRegionType:AWSRegionUSEast1

    accountId:_accountId

    identityPoolId:_identityPoolId

    unauthRoleArn:nil // Arnnil authRoleArn:nil]; // Arnnil

    AWSServiceConfiguration *configuration = [AWSServiceConfiguration

    configurationWithRegion:AWSRegionUSEast1

    credentialsProvider:credentialsProvider];

    [AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;

    // Developer authenticated identities

    CustomIdentityProvider *customIdentityProvider = [[CustomIdentityProvider alloc] initWithIdProvider:idProvider

    accountId:_accountId

    identityPoolId:_identityPoolId

    token:token];

    customIdentityProvider.logins = @{name:token};

    AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc] initWithRegionType:AWSRegionUSEast1

    identityProvider:customIdentityProvider

    unauthRoleArn:nil // Arnnil authRoleArn:nil]; // Arnnil AWSServiceConfiguration *configuration = [AWSServiceConfiguration configurationWithRegion:AWSRegionUSEast1

    credentialsProvider:credentialsProvider];

    [AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;

  • CROOZ,Inc. 18

    iOS(CustomIdentityProvider) - (BFTask *)getIdentityId {

    // self.identityId if (self.identityId && model.isMemberLoginRequest) {

    return [BFTask taskWithResult:@{@"result" : @"1"}];

    } else {

    return [[BFTask taskWithResult:nil] continueWithBlock:^id(BFTask *task) {

    if ( self.identityId && model.isMemberLoginRequest) {

    return [BFTask taskWithResult:@{@"result" : @"1"}];

    } else {

    return [self refresh];

    }

    }];

    }

    }

    - (BFTask *)refresh {

    BFTaskCompletionSource *source = [BFTaskCompletionSource taskCompletionSource];

    ApiRequest *authApi = [_idProvider.apiManager generateAuthApiByToken:_token]; // SHOPLISTAPI [authApi requestAsyncCompletionHandler:^(ApiRequest *request) {

    NSDictionary *response = request.response;

    if (![request hasSucceeded]) {

    [source setResult:response];

    } else if ([[response valueForKey:@"result"] intValue] == 1) {

    model.isMemberLoginRequest = YES;

    self.identityId = [[response valueForKey:@"data"] valueForKey:@"identityId"];

    self.token = [[response valueForKey:@"data"] valueForKey:@"token"];

    [source setResult:response];

    } else {

    [source setResult:response];

    }

    }];

    return [source task];

    }

  • CROOZ,Inc. 19

    (PHP) class CognitoAuthenticator {

    public function register($token, $oldToken = false) {

    $result = array();

    $config = array('key' => 'XXXXXXX, 'secret' => 'XXXXXXX, 'region' => 'us-east-1);

    try {

    $idClient = CognitoIdentityClient::factory($config);

    $response = $idClient->GetOpenIdTokenForDeveloperIdentity(array(

    'IdentityPoolId' => 'xxxxxxxxxxxxxx,

    'Logins' => array(

    'name' => $token,

    )

    ));

    $identityId = $response->get('IdentityId');

    $openIdToken = $response->get('Token');

    // token(token) if ($oldToken) {

    $mergeResponse = $idClient->MergeDeveloperIdentities(array(

    'DestinationUserIdentifier' => $token,

    'DeveloperProviderName' => xxxxxxxxxxxxxxxx,

    'IdentityPoolId' => xxxxxxxxxxxxxxxxxxx,

    'SourceUserIdentifier' => $oldToken)

    );

    $identityId = $mergeResponse->get('IdentityId');

    }

    $result['identityId'] = $identityId;

    $result['token'] = $openIdToken;

    } catch (Exception $e) {

    // }

    return $result;

    }

    }

  • CROOZ,Inc. 20

    AWS

  • CROOZ,Inc. 21

    AWS AWS cloud

    Web on instances

    DB on instance Maria / ES

    CloudFront

    Route 53

    S3

    ELB (Front)

    ElastiCache (Redis)

    Varnish on instances

    EMR

    Cognito

    Amazon Redshift DynamoDB

    Amazon Kinesis

  • CROOZ,Inc. 22

    EC

  • CROOZ,Inc. 23

    AWS

  • CROOZ,Inc. 24

    Machine Learning

    Aurora

    &RDB Lambda

    etc

  • CROOZ,Inc. 25

    AWS WAF(Web Application Firewall) EC2

  • CROOZ,Inc. 26