abbadon420

I recieved this email today. I don't use twitch, only made an account once for some specific purpose. I don't know these people and I'm a 100% certain they don't know me. This is just toxic marketing to lure me back in.

[Update: It seems to have been fixed now]

I teach a course in java and springboot for beginners. I would like to walk my students through the code of a real world java or springboot application. Can anyone recommend a good example?

In this letter, Dijkstra talks about readability and maintainability in a time where those topics were rarely talked about (1968). This letter was one of the main causes why modern programmers don't have to trouble themselves with goto statements. Older languages like Java and C# still have a (discouraged) goto statement, because they (mindlessly) copied it from C, which (mindlessly) copied it from Assembly, but more modern languages like Swift and Kotlin don't even have a goto statement anymore.

https://lemm.ee/post/29785400

So I'm making a project in SpringBoot with Oauth security.

If I use Auth0 as my Authorization Server, I can register an application there and just say that I want user to be able to login with Google an Facebook. That's all it takes.

If I use Keycloak as my Authorization Server, I can also have users choose Google or Facebook as there prefered login, but in order to provide that, I have to register my app with Google and Facebook first.

So how come it's so easy with Auth0 and a little less easy with Keycloak? Is it a contract thing, does Auth0 have contracts with all these providers or something?

I get postman exports from students which I use to check their work. The authorisation of those requests now often contain hardcoded jwt tokens that are invalid by the time I get to checking them and I have to change every individual request with a global variable.

I do instruct my students to use variables, but there's always a couple who just don't, but that's a whole different issue.

Right now I'm using a regex find and replace to remove the Request authorization header in the json export file (which than defaults to 'inherit from parent'). This sort of works, but isn't ideal.

Do any of you know if postman offers an easier solution for this?

I know how to implement basic oauth. My problem is that if I make a simple security filter like:

` @Bean

public SecurityFilterChain configure(HttpSecurity http) throws Exception {
    http
            .authorizeHttpRequests(authorize -> authorize
                    .anyRequest().authenticated()
            )
            .oauth2Login(withDefaults());
    return http.build();
}`

Than I can adress @GetMappings in my browser and get prompted a oauth login screen and login there, but I can't adress a PostMapping or GetMapping in postman, because it doesn't redirect to a login screen (you get the html for the login screen as the ResponseBody in postman)

I can get a valid acces token from auth0 via 'https://{yourDomain}/oauth/token', but if I simply pass that jwt along as a "Bearer token" in postman, it doesn't work. It still shows me the login-screen-html in the response body.

It seems to me there's two things I can do:

• Make sure postman bypasses the login screen. I maybe don't really want to do that, since I want my backend and frontend to communicate their security through jwt. Or else I have to convince other people (from a different department) to change the way they implement frontend security, which is a pain for everyone. (If it needs to happen, it needs to happen though)
• Make sure the backend parses the jwt somehow. Maybe an extra Filter that checks the jwt's validity with the provider? I'm not sure how to tackle this.

cross-posted from: https://lemm.ee/post/12034711

Hello Lemmy,

I have to grade student work. Students who have made their first springboot applications. I'm wary for idiots who don't understand anything about java, yet somehow manage to include code that wipes my entire User folder, so I run the projects in docker these days.

One criterium is that they include a upload/download functionality. Some students decide to do that by storing the files in the DB, other store it in an "uploads" folder.

The first one works fine in docker. The second one not so much. The java code refers to a path "sourceroot/uploads", but that doesn't exist in the docker container. How can I make it exist in the docker container?

This is the DOCKERFILE I use to docker build -t image .

FROM eclipse-temurin:17-jdk-alpine
VOLUME /tmp
EXPOSE 8080
EXPOSE 5432
COPY target/*.jar application.jar
ENTRYPOINT ["java", "-jar", "application.jar"]

This is the yaml I use to run docker compose up -d

version: '2'

services:
  app:
    image: 'image'
    ports: 
        - "8080:8080"
    container_name: app
    depends_on:
      db:
        condition: service_healthy
    environment:
      - SERVER.PORT=8080
      - SPRING_DATASOURCE_URL=jdbc:postgresql://db:5432/testing
      - SPRING_DATASOURCE_USERNAME=postgres
      - SPRING_DATASOURCE_PASSWORD=postgres
      - SPRING_JPA_HIBERNATE_DDL_AUTO=create-drop
          
  db:
    image: 'postgres:13.1-alpine'
    ports:
      - "5432:5432"
    expose: 
      - "5432"
    container_name: db
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_HOST_AUTH_METHOD=trust
      - POSTGRES_DB=testing
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 10s
      timeout: 5s
      retries: 5
  

networks:
  default:
    name: docker

I'm sorry if this code offends anybody. I've made this Frankenstein's monster myself from bits and pieces. However, I can't seem to figure out how to add a working "uploads folder" to it that could be used by the springboot application inside the container. Any help would be appreciated.

Today I got fed up with my boss, so I decided to quicksafe and shit on his desk. I also punched the hr rep in the face and set half the lobby on fire.

When i tried to reload the quicksafe, it didn't work. It says "file corrupted". My last safe file is from 2 years ago (in-game). I don't want to loose all that progress or my 3 months old daughter.

Help!