Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)AB
abbadon420 @lemm.ee
Posts 42
Comments 1.5K
What would you do if a scraggly homeless person knocked on your door, and all he asked was for a sandwich, a bottle of water, a bath, and perhaps a beard trim?
  • There are very good reasons why some addictive substances are legal and others are not.

    First of all, those under the influence of nicotine or caffeine can function perfectly normal. Those under the influence of many other drugs can not.

    Second, the health impact are generally less severe. We've generally changed our opinion of the health impact of nicotine being negligible, but caffeine and alcohol can still be enjoyed in moderate amounts without too much of an impact on your health.

    Third, cafeine and alcohol are socially acceptable in most cases. Many otger drugs are less socially acceptable. Nicotine is a nice example how the social status of a drug can change over time

  • What's something that seems obvious within your profession, but the general public seems to misunderstand?
  • What you're taught in school is not the whole picture. Doesn't matter if it's maths, history, french or even a master's degree. After you finish school, there's still a shitload to learn. A curriculum is always a finite amount, so you have to make concessions. What makes it into the curriculum and what not is sometimes obviou or mandatory, but other times it's purely based on personal preferences or even internal politics.

  • NewPipe v0.27.0 No longer Working?
  • I've recently started a personal quest to de-google all my logins. I mean, oauth is super convenient, but I'll stick to the tried and tested password manager rather than google, these days.

  • MFW in the northern hemisphere right now
  • I'm in the Netherlands. We've had like three days of summer so far. Mostly rain. I'm not complaining though. It's nice change from previous years of serial heat waves. There's still time for the heat waves though, so we'll see how this year will go into the books.

  • Annoying marketing practices

    I recieved this email today. I don't use twitch, only made an account once for some specific purpose. I don't know these people and I'm a 100% certain they don't know me. This is just toxic marketing to lure me back in.

    24

    Voting on your wedding day

    nos.nl Ja, ik wil stemmen

    Ja, ik wil... stemmen! Mélanie en Bram stappen vandaag in het huwelijksbootje, maar gingen vanochtend eerst even stemmen in Oostdijk.

    Ja, ik wil stemmen
    0

    [Question] Are there any (simple) open source java projects I can study to better my understanding of real world code?

    I teach a course in java and springboot for beginners. I would like to walk my students through the code of a real world java or springboot application. Can anyone recommend a good example?

    7

    [History] An editor letter by Edsger Dijkstra, titled: "go to statements considered harmful" (march 1968).

    In this letter, Dijkstra talks about readability and maintainability in a time where those topics were rarely talked about (1968). This letter was one of the main causes why modern programmers don't have to trouble themselves with goto statements. Older languages like Java and C# still have a (discouraged) goto statement, because they (mindlessly) copied it from C, which (mindlessly) copied it from Assembly, but more modern languages like Swift and Kotlin don't even have a goto statement anymore.

    48

    [Question] Why does Auth0 allow for direct usage of social logins, but with Keycloak I have to register my app at each Identity Provider first?

    https://lemm.ee/post/29785400

    > So I'm making a project in SpringBoot with Oauth security. > > If I use Auth0 as my Authorization Server, I can register an application there and just say that I want user to be able to login with Google an Facebook. That's all it takes. > > If I use Keycloak as my Authorization Server, I can also have users choose Google or Facebook as there prefered login, but in order to provide that, I have to register my app with Google and Facebook first. > > So how come it's so easy with Auth0 and a little less easy with Keycloak? Is it a contract thing, does Auth0 have contracts with all these providers or something?

    1

    [Question] Why does Auth0 allow for direct usage of social logins, but with Keycloak I have to register my app at each Identity Provider first?

    So I'm making a project in SpringBoot with Oauth security.

    If I use Auth0 as my Authorization Server, I can register an application there and just say that I want user to be able to login with Google an Facebook. That's all it takes.

    If I use Keycloak as my Authorization Server, I can also have users choose Google or Facebook as there prefered login, but in order to provide that, I have to register my app with Google and Facebook first.

    So how come it's so easy with Auth0 and a little less easy with Keycloak? Is it a contract thing, does Auth0 have contracts with all these providers or something?

    3

    [Question] Are extensions a good solution for DTO mapping?

    I came across this post (and more like it) claiming extensions to be a good, or at least different, solution for mapping DTO's.

    Are they though? Aren't DTO's supposed to be pure data objects? I've always been taught to seperate my mappings in special mapping services or mapping libraries like MapStruct and ModelMapper for implementing the good practice of "seperation of concerns".

    So what about extensions?

    3

    In Postman, is there an easy way to change the athorisation of all request in a collection?

    I get postman exports from students which I use to check their work. The authorisation of those requests now often contain hardcoded jwt tokens that are invalid by the time I get to checking them and I have to change every individual request with a global variable.

    I do instruct my students to use variables, but there's always a couple who just don't, but that's a whole different issue.

    Right now I'm using a regex find and replace to remove the Request authorization header in the json export file (which than defaults to 'inherit from parent'). This sort of works, but isn't ideal.

    Do any of you know if postman offers an easier solution for this?

    2

    The world is going to shit. Is there anything I can do about it? No, so I move on.

    The world has always been going the shit and will continue to go to shit until the end of time. It takes mountains to influence the tides of nations. You should take the responsibilities you can bear, but no more.

    31

    i can't see the control buttons, like "mute" in gifs.

    The added image is a screenshot of how I see gifs in connect. There's supposed to be buttons in the bottom right corner, I've been told. But I can't see them. Do I need to add them in some setting somewhere?

    5

    [Question] What is the proper way to implement a pure-backend oauth security in SpringBoot?

    I know how to implement basic oauth. My problem is that if I make a simple security filter like:

    ` @Bean

    public SecurityFilterChain configure(HttpSecurity http) throws Exception { http .authorizeHttpRequests(authorize -> authorize .anyRequest().authenticated() ) .oauth2Login(withDefaults()); return http.build(); }`

    Than I can adress @GetMappings in my browser and get prompted a oauth login screen and login there, but I can't adress a PostMapping or GetMapping in postman, because it doesn't redirect to a login screen (you get the html for the login screen as the ResponseBody in postman)

    I can get a valid acces token from auth0 via 'https://{yourDomain}/oauth/token', but if I simply pass that jwt along as a "Bearer token" in postman, it doesn't work. It still shows me the login-screen-html in the response body.

    It seems to me there's two things I can do:

    • Make sure postman bypasses the login screen. I maybe don't really want to do that, since I want my backend and frontend to communicate their security through jwt. Or else I have to convince other people (from a different department) to change the way they implement frontend security, which is a pain for everyone. (If it needs to happen, it needs to happen though)
    • Make sure the backend parses the jwt somehow. Maybe an extra Filter that checks the jwt's validity with the provider? I'm not sure how to tackle this.
    2