Feeds:
Posts
Comments

OAuth – a brief summary

December 9, 2012 by slackhack

OAuth is a simple standard for allowing an end user to authorize an application to access a third party service on behalf of said user.

Access is authorized on two levels by the third party as the application needs to be identified as does the the user on behalf of which it is acting.

Application authorization

The application obtains through an out-of-band channel, typically a web form at the third party service where the application developer submits an application for access, the following pair of credentials:

  1. Consumer key (a.k.a. API key, public key, application key). Transmitted to third party as oauth_consumer_key.
  2. Consumer secret (a.k.a API secret, private key, consumer secret key, application secret)

The consumer secret is never directly transmitted to the the third party, as it is used to calculate a signature for requests.

User authorization

The user typically authorizes the application to access the service using a 3-Legged OAuth process whereupon its completion the application obtains an access token consisting of:

  1. Token (a.k.a. access token). Transmitted to third party as oauth_token.
  2. Secret (a.k.a. access token secret, oauth token secret).

The secret is never directly transmitted to the the third party, as it is used to calculate a signature for requests.

Access

OAuth authorized http requests to the third party adds several OAuth specific parameters the most important of which are oauth_consumer_key, oauth_token and oauth_signature. The value of  oauth_signature is a SHA1 calculated hash of the consumer secret, access token secret and all the parameters sent in the request. OAuth parameters can be sent as standard URL parameters or as the value of the Authorization http header.

Posted in Uncategorized | Tagged , | Leave a Comment »

Testing logging behaviour sans Mockito

April 16, 2012 by slackhack

The most popular post in this somewhat dormant blog is Testing logging behaviour in four code lines flat. The approach described there relies on everyones favourite unit testing mocking swiss army knife – Mockito. To achieve the purpose of unit testing logging Mockito is however not a required drink, some simple Log4j coding goes a long way:

import org.apache.log4j.SimpleLayout;
import org.apache.log4j.WriterAppender;
import static org.hamcrest.CoreMatchers.is;
import org.junit.Test;
import static org.junit.Assert.assertThat;

public class FooTest {

  @Test
  public void testMethod() {

    StringWriter stringWriter = new StringWriter();

    Logger.getRootLogger().addAppender(new WriterAppender(new SimpleLayout(), stringWriter));

    doStuffThatCausesLogging();

    assertThat(stringWriter.toString(), is("WARN - doh\n"));
  }
}

The code is still acceptable and quite compact. However the expressive niceties Mockito provides are lost and making assertions about logging levels, timestamps and multiple logging invocations takes a lof of cruft. Hence I really see few reasons for this approach if Mockito is available.

Posted in Uncategorized | Tagged , , , | 4 Comments »

Setting up Erjang with MacPorts

December 5, 2010 by slackhack

To setup the JVM based Erlang VM (i.e. Erjang) follow this recipe:

  1. Install the Erlang port: sudo -i port install erlang
  2. Follow the build instructions on the Erjang wiki.
  3. export ERL_ROOT=/opt/local/lib/erlang
  4. Enjoy! :-)

Posted in Uncategorized | Tagged , , | Leave a Comment »

Learning to love Finder

October 24, 2010 by slackhack

Let’s face it.

The venerable OS X file manager, the Finder, is not a perfect tool. Finder is probably one of the aspects of OS X I like the least. It’s good for cruising around file systems in “column mode” and for browsing media files with Coverflow but for serious file management work I tend to want to drop into the Terminal as soon as possible. Problem is that the new Terminal window will not be in the same folder as to where I’ve navigated in Finder, causing me to lose context - every time.

Recently I stumbled on cdto – a little app that adds an icon to Finder that open a Terminal window. With the current working directory set to the folder shown in Finder! No context lost!

And remember, the opposite operation  – opening a Finder window in the current working directory of a Terminal – is trivial with the always useful open command:

$ open .

When applied together, these two small tips makes it possible to use Finder only for the tasks where it shines.

Posted in Uncategorized | Tagged | 1 Comment »

How to set a custom DNS server with Java System properties

July 21, 2010 by slackhack

Recently I was in the position of having to override the system default DNS server configuration with a custom DNS server for a Java app. Expecting this to be easily achievable along the line of the well-known http.proxyHost/http.proxyPort JVM parameters I whipped out Google.

Turned out to not to be so simple.

Obviously I got some search hits, but no simple recipe for the simple configuration change I was looking for. After spending some time with the leads I was able to conclude that, as a consequence of  an apparent exemple of over-engineering by Sun, the following is explicitly required just to change the JVM DNS server:

//Override system DNS setting with Google free DNS server
System.setProperty("sun.net.spi.nameservice.nameservers", "8.8.8.8");
System.setProperty("sun.net.spi.nameservice.provider.1", "dns,sun");

Posted in Uncategorized | Tagged | Leave a Comment »

Mercurial tooling reaching the tipping point

July 20, 2010 by slackhack

The MercurialEclipse context menu certainly looks comprehensive..

A tipping point can be defined as the levels at which the momentum for change becomes unstoppable.

I’d venture to state that distributed version control system Mercurial reached its tipping point when version 1.6.0 of MercurialEclipse recently was released.  At least for me. :-) During the last years I’ve been consistently and repeatedly underwhelmed with the state of Mercurial tooling in my favoured integrated development enviroment, resorting to use hg at the command line exclusively.  Command line interfaces are good for many things but it’s hard to let go of the comforts of a good GUI when one is used to the brilliant Subclipse Subversion plugin.

MercurialEclipse is a quantum leap. I sincerely hope the availability of first class Eclipse support for Mercurial will be the tipping point for distributed version control systems in general and Mercurial in particular!

Posted in Uncategorized | Tagged | 1 Comment »

Top Clojure Links

February 23, 2010 by slackhack

On my quest to pick up Clojure during 2010 I’m primarily accompanied by the very solid Programming Clojure by Stuart Halloway. I’ve however also stumbled upon some interesting, cool, thought-provoking etc. Clojure resources on the web. So here goes – in no particular order:

Clojure – Functional Programming for the JVM by R. Mark Volkmann is both a great introductory article and a handy reference. Actually a cheap aspiring functional programmers alternative to Programming Clojure!

MiGLayout: The one Java layout manager that does it all by Chris Hardin is another of the many excellent Java News Briefs by Object Computing, Inc. (OCI). MIGLayout is a Java Swing UI layout manager which is as powerful and expressive as the Clojure programming language. This makes MIGLayout an excellent choice for all your Clojure UI needs!

Full Disclojure is a series of easily digested screen casts highlighting a particular feature of Clojure in each episode. The screen casts are accompanied by clear audio and the well-paced action takes place directly at the REPL (as it should!). Full Disclojure is on an accessible level for newbies and covers, among other topics, many of the cool features introduced in Clojure 1.1.0.

Hot Code Swapping is not the exclusive domain of Erlang!

Posted in Uncategorized | Leave a Comment »

Older Posts »

Follow

Get every new post delivered to your Inbox.