Things I Learned in 2013
Last year I had a series of things I learned in 2012. I decided not to continue the monthly posts this year but was still keeping track of things as I came across them. Here’s a short list from the year.
Technologies
- SAML 2.0 (utilizing OneLogin‘s ruby-saml gem)
- Salesforce Development (APEX, SOQL, REST/SOAP API, Chatter, Single Sign-On, etc.)
- Wrote soapforce gem based on Savon2 and restforce gem
- elasticsearch
- EngineYard – Excellent PaaS Provider
- Learned a number of things about MySQL and Postgres that I didn’t know before.
- Numerous remote APIs for integrating with service providers (Box, DocuSign, EasyPDFCloud, ConvertApi, DocRaptor)
HTML/CSS/Javascript
- fontawesome.io
- CSS content property
- HTML5 download attribute
- HTML5 Demos – contenteditable, storage, history
- CSS: user-select: none;
- $x(“//input[@type=’checkbox’]”) – Locate elements with XPath in FireBug
- IE has a maximum number of style tags and CSS rules it will load.
- Fire custom event with pure javascript: document.addEventListener(‘myAwesomeEvent’, function() { alert(‘hello world’); }); var evt = document.createEvent(“Event”); evt.initEvent(“myAwesomeEvent”,true,true); document.dispatchEvent(evt);
- @cc_on – IE specific conditional property
- href=”javascript:void(0)” triggers onbeforeunload event in IE (*sign*)
Rails/Ruby
- rake db:migrate:status
- Tire gem for elasticsearch
- Rails Model.update_all
- Time.now.xmlschema
- rails runner
- guard (jasmine, rspec, rails, cucumber, etc)
- gems: bullet, mailcatcher, quiet_assets, better_errors
- bundle outdated
- Gemfile: gem ‘name’, github: ‘user/repo’
- ActiveRecord Batches
- delayed_job
- respond_to_missing?
Development Support
- requestb.in – Great debugging tool for http requests
- base64decode.org & base64encode.org
- cssclean.com & codebeautifier.com
- xmlprettyprint.com
- jsonviewer.net
- www.downforeveryoneorjustme.com
- Freenode web chat
- findicons.com
- cssarrowplease.com
- www.email-standards.org
Products/Services
- sendgrid.net
- logentries
- Crocodoc – HTML5 Document Viewer (Acquired by Box May 2013)
- http://www.ilightbox.net
- http://getfractal.com/
- https://bitdeli.com/
- http://imperavi.com/redactor/
- http://www.neo4j.org/
- https://www.paywithatweet.com
- https://www.inkfilepicker.com/
Random
- CMD+L takes you to address bar in Google Chrome on OSX
- Option+Enter to duplicate a tab in Google Chrome on OSX
- Generate the public portion of the key: ssh-keygen -y -f <name of key>
- Email notes to Evernote
- Argument Dependent Lookup (ADL) (C++)
- Dump/Load over SSH: mysqldump <dbname> | ssh <new_db_master_host> “mysql <dbname>”
Life
- Made my first strawberry rhubarb pie. Rhubarb was ruled (by a New York court) to be a fruit in 1947 although technically a vegetable.
- Learned a lot about baseball after becoming a St Louis Cardinals fan this year.
- Bought my first motorcycle and have learned a lot about riding and taking care of a bike.
- Learned a bit about Seattle during my 6 week stay.
- Learned how to make a killer Egg Nog!
- Learned how to make soft pretzels
Introduction to SAML
I recently introduced myself to SAML, Security Assertion Markup Language, and thought I’d pass along what I learned. These two [1 and 2] YouTube videos by PingIdentity were a helpful introduction to SAML from a high level view.
The parties involved:
- Identity Provider (IdP) – OneLogin, Salesforce, Okta, etc.
- Service Provider (SP) – TinderBox, Box, Concur, etc.
- You (Me)
SAML Transaction
To see the following steps in action, check out this great walk through with more detail about the messages.
Step 1: Unauthenticated user (You) tries to access a hosted service (SP).
GET https//www.hostedservice.com/login
Step 2: SP generates an Authentication Request (AuthnRequest)
[gist https://gist.github.com/jheth/7961957]Step 3: SP submits request to IdP (HTTP Redirect)
GET https://app.onelogin.com/trust/saml2/http-post/sso/XXX?SAMLRequest=[encoded]
Step 4: IdP handles SAML Request and Authenticates User
In most cases the authentication step is done through the typical username/password login form. Since login was initiated with a SAML Request the IdP knows it must send the desired SAML Response.
Step 5: IdP generates SAML Response XML Document
[gist https://gist.github.com/jheth/7962107]Step 6: IdP submits response to SP
POST https//www.hostedservice.com/sso/saml/acs SAMLResponse: [base64 encoded XML]
Step 7: SP consumes and validates assertion
The XML document is checked for validity, which includes the conditions NotBefore and NotOnOrAfter (timestamps) and AudienceRestriction. Note: Watch out for clock-drift with the timestamp attributes, you may need to account for slight variations.
Step 8: SP grants or denies access based on the response.
Once determined to be a valid request your application is responsible for logging the user in without prompting for additional information. Once authenticated the user is redirected to the resource they originally requested.
Configuration
As you can see above, there are specific URLs used by both the IdP and SP during the request/response phase. This is where configuration and an exchange of information is necessary and where some of the security of SAML comes into play.
The SP at a minimum needs to know the following, which is provided by your IdP when you register with them.
- IdP SSO Target URL: https://app.onelogin.com/trust/saml2/http-post/sso/XXXXXX
- IdP Certificate Fingerprint (SHA-1): 8D:96:A0:99:BC:11:F7:2D:70:…
- Name Identifier Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
The IdP at a minimum needs to know where to send the assertions.
- Assertion Consumer Service URL: http://www.hostedservice.com/sso/saml/acs
SAML uses public/private key combination to sign and verify requests and their response. If a fingerprint is not provided you can generate it from the x.509 certificate.
openssl x509 -noout -in cert.pem -fingerprint
ruby-saml
Now that you understand the transaction and configuration, try adding SAML support to your Rails/Sinatra application. I chose the ruby-saml gem created by OneLogin to handle the technical details. The README has all the instructions you need to get started. ProTip: A helpful development tool for watching the request/response exchange is the SSO-Tracer plugin for Firefox.
The two routes you need are for initiating login (AuthnRequest) with the IdP (Ex./sso/saml/login) and for consuming the assertion messages (Ex. /sso/saml/acs).
User Provisioning with SAML
Not only can we authenticate existing users but we can auto-provision accounts for first-time logins. This is a great way to reduce account administration between systems. The SAML Response to the Service Provider can contain a list of user attributes (email, username, first/last name, etc) that can be used to provision a new account. In your assertion consumer method (/sso/saml/acs), if you find that the user does not exist in your system you can redirect to a new user workflow or auto-provision based on the provided attributes.
External routing to localhost
Over the last couple months I’ve thought many times: “How can I get public/external access to my local machine?” I’ve been working with OAuth providers that want a callback URL and integrating a Rails application with Salesforce. I wanted those public applications to talk to my local machine for ease of development. Sure I could push my project to Heroku or some other public server but it’s just so much easier to have things local for quick development and debugging.
These instructions assume you are connected to a router (probably wireless), that you can administer, which is connected to your ISP’s cable modem.
1) Enable the DMZ function of your router. I’m using DD-WRT which gives me some additional functionality so hopefully you can find a DMZ option in your configuration. NOTICE: “Enabling this option will expose the specified host to the Internet. All ports will be accessible from the Internet.” It’s recommended to have a firewall enabled on your machine to protect yourself.
The configuration should ask for a specific IP to route all public traffic to. Find the IP address assigned to you (typically in the 192.168.x.x range) and punch it in.
2) Now that you’re machine is accessible you need to know the external IP to use. The easiest way is to find the WAN IP listed in the admin console of your router. If your router allows shell access you can also ssh in and run ifconfig or some variant to get the external IP.
You should now be able to visit that external IP from your browser and it will resolve to port 80 on your local machine. Yay!
If you don’t have anything running on port 80 you’ll likely get an error response. If you’re running a rails server, use pu.bl.ic.ip:3000.
3) Taking it a step further is routing an official domain name to the public IP we found in step 2. I purchased a domain for personal use and then created a new DNS A Record that points a specific subdomain (localhost.mydomain.com) to the public IP of my cable modem.
Now I can just type in a domain name and I’m routed directly to my laptop.
Yes, my locally assigned IP could change and I’d need to update the router DMZ configuration.
Yes, it’s possible that my cable modem IP will change and I’d need to update the DNS A Name record.
Apache Virtual Host and Rails
I started working on a new rails project and wanted to use specific domain names and route traffic through port 80. There are several ways to setup Apache as front to your Rails application but I only wanted stock Apache and a standalone rails instance. I didn’t want to hassle with anything else.
1) Start your Rails server as you normally would. Let’s assume it’s running at http://localhost:3000
2) Create an Apache Virtual Host that proxies requests to http://localhost:3000
<VirtualHost *:80>
ServerName test.application.vhost
ProxyPreserveHost On
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
3) Edit your /etc/hosts file to route test.application.vhost to 127.0.0.1
Notes for Mac OS Lion
Virtual Hosts are configured in /etc/apache2/extra/httpd-vhosts.conf
If necessary, modify “/etc/apache2/httpd.conf” and uncomment the line “Include /private/etc/apache2/extra/httpd-vhosts.conf”
sudo apachectl configtest
sudo apachectl restart
Things I Learned in December
- Got sucked into Downton Abbey. Watched Season 1 using Amazon Video On Demand. Thanks to the 30 day Amazon Prime trial.
- Learned about the engineyard gem for command line deployments (ey deploy).
- Introduced to Librarian-Chef and the Cheffile for managing infrastructure repositories (
gem install librarian)
. - Static analyzer tool for numerous languages – Code Surveyor
- Learned that Google is offering all these services from their Cloud Platform
- Linter for Opscode Chef cookbooks: foodcritic
- Learning how to make sourdough bread from a starter.
- https://testflightapp.com/
- Learned how to do a many-to-many relationship in Rails using both has_many => :through and has_and_belongs_to_many
- The screenshot.png file in your WordPress theme is displayed when selecting a theme.
- Learned that oci_fetch_all doesn’t respect the OCI_BOTH flag but oci_fetch_array does. Boo.
- How to deploy to Heroku via TravisCI
- Learned the formula for converting between Celsius and Farhrenheit: (C * 9/5) + 32 = F and the opposite is (F – 32) * 5/9 = C
- Learned about http://pygments.appspot.com/ while learning about Resque for Rails.
- The YUM package manager stands for “Yellowdog Updater, Modified”. A rewrite of Yellowdog Updater (YUP).
- Learned about the sudoku-like kenken
- Used GitHub OAuth Plugin to setup authentication on a local Jenkins instance.
- Implemented DbalSessionStorage object for Symfony 2.0, based on the 2.2 version
- Learned how to make homemade flour tortillas.
- Learned about
__PHP_Incomplete_Class
and that I needed to autoload a class to avoid it. - Signed up for NewRelic.com and got a free Nerd Life t-shirt.
- Got a history lesson about Hanakkah, never knew much about it.
- Experienced Raclette for the first time.
- Made croissant dough from scratch on my way to making egg souffles.
- Learned that a movie runtime includes the closing credits.
- How to setup custom domains with Heroku.
- Learned why NORAD started tracking Santa.
- LEGO – Comes from Danish words LEG GODT (play well). LEGO in Latin means “I put together”
- YARD – Ruby Documentation
- NatGeo LEGO is impressive.
- 12 Days of Christmas has more meaning than I realized. The 12 days are between Dec 25 and Jan 6.
Things I Learned in November
- Learned about Ruby’s & operator to switch between a Proc to block and block to Proc.
- dbms_utility.format_error_backtrace();
- Learned how to create a custom UIViewTableCell and respond to different static table rows.
- Rails Authorization with CanCan
- iPhone SDK: NSUserDefaults
- https://codeclimate.com/
- http://www.cherrypy.org/
- Learned about mod_rpaf and passing client ips to apache from nginx.
- Learned about rails_upgrade plugin for converting app from Rails 2 to Rails 3
- Attended my first Virginia Tech football game (VT vs FSU)
- Ate at Biscuitville for the first time
- Indonesia consists of ~17,500 islands and ~742 different languages and dialects.
- Learning about Rails after_find and after_initialize callbacks and their usage difference with Rails 2 and 3.
- Used UISwitch and NSUserDefaults in an iPhone application to create a Favorites table view.
- Learned how to use savon to talk to the MindBody API
- Learned how to use UIView tag property to store an integer value and pass it along to the next view controller when performing a segue.
- Learned about http://platform.fatsecret.com/ and the fatsecret Ruby gem for talking to their RESTful API.
- Used devise gem in a rails application for the first time.
- Made my first real pumpkin pie from scratch. Included roasting the pumpking and making the crust by hand.
- Cryptic Ruby Global Variables and Their Meanings
- http://www.fleetio.com/
- Learned about gettinderbox.com for proposal and contract management.
- Learned that letting dough rise all day causes the yeast and sugar to ferment and make perfectly good cinnamon rolls taste bad.
- Signed up for Amazon CloudDrive (5G free and dirt cheap for larger plans)
- Discovered ‘Send to Kindle‘ Chrome plugin.
- Shot a SigSauer P229 9MM, GLOCK .45 and S&W 38 Special revolver for the first time.
- Learned about some really cool work being done at http://www.invincea.com/ for threat prevention and detection.
- Learned that Jenkin’s LDAP managerPassword is stored base64 encoded.
- Learned about http://www.browserstack.com/ for cloud based browser testing.
- Learned about rack-offline and html manifest file to support offline browsing.
- https://www.cubby.com/
Things I Learned in October
October
- KnpLabs/snappy and mreiferson/php-wkhtmltox based on wkhtmltopdf
- Learned how to associate a filetype for VIM syntax highlighting.
- Learning how to write a PHP extension in C.
- http://geekli.st/
- http://thebrooklyngarage.com/about_new.html
- Visited local motorcycle dealer and learned about rear, mid and forward controls. Since I’m tall, forward is preferred.
- Motorcycle Lingo: Hardtail has no rear suspension, Softtail does.
- Learned how to work with PHP ZVALs and resources when writing an extension in C.
- JavaScript on the Command Line via the wat talk.
- HATEOAS
- SQLPlus: NEW_VALUE
- git archive ––format=zip
- Learned of Oracle’s DBMS_SQL package.
- Learned “basima” means thank you (to a man) in Assyrian. Their language has specific words when directed towards men or women.
- Yonanas
- Learned Little Nemo by Winsor McCay was a comic strip before it was an NES game. Thanks Google.
- Learned more about Symfony2 custom authentication providers.
- Learned what a Tail call is.
- Switch between Mac Terminal windows using CMD+1, CMD+2, CMD+N
- HTTP Status Code 418
- Learned from a friend how iPhone Application submission and acceptance/rejection works.
- http://mosh.mit.edu/
- http://lxr.php.net/
- Twitter’s recess project
- Learned about XCode’s Storyboard functionality (iPhone).
- Learned how to use NSURLConnection to fetch JSON data and then parse and display it on the screen.
- Learned how to use the MapView object and plot locations on a map (iPhone).
- Used Google’s Geocoding API to turn an address into a Coordinate.
- Watched first Stanford University iPhone Development course on iTunes. Learning Objective-C syntax.
- Learned how to use NSNotificationCenter to notify controllers when data is available (iPhone).
- Learned how to post JSON data to a Rails create endpoint from an iPhone application.
- Learned and used Ruby Geocoder via Railscast.
- Learned how to pass data between view controllers with segue (iPhone).
- http://smarterer.com (Skills Tests) and http://typing.io (Typing Test for Programmers)
- GitHub’s http://get.gaug.es/
Things I Learned in September
September
- Wine is stored on its side to keep the cork moist so it doesn’t shrink and let in oxygen which ruins the flavor.
- Rails gems: versionist, doorkeeper
- http://www.devswag.com/
- MooTools : periodical function
- Signed up for Hosted Chef
- Rails gem: http://brakemanscanner.org/
- Started using AWS Free Usage Tier with Hosted Chef
- Created my first Chef Cookbook
- PL/SQL – Turn a list of numbers into a table:
create type number_tab as table of number; SELECT column_value AS my_id FROM TABLE(number_tab(1, 2, 3, 4, 5, 6));
- Oracle Error
- Error: A Partition Maintenance Operation (PMOP) has been performed on the materialized view, and no materialized view supports fast refresh after container table PMOPs.
- Solution: dbms_mview.refresh(‘my_mview’, ‘C‘);
- Oracle Error
- Learned the differences between coffee, espresso, cappuccino, and latte. Also learned how they do Latte Art, which is now on my list to conquer.
- Ruby: Details on exit, exit!, at_exit
- Learned a lot about RSpec internals (matchers, use of method_missing, mocks/stubs), the features shared_examples_for, it _behaves_like, expect{}.to change, and explicit vs implicit subject().
- SQL*Loader Conventional vs Direct Path Loading.
- YouTube query string parameter to start video at a certain time.: Ex. t=7s and t=2m7s
- PL/SQL can pass parameters by reference or value.
- How to use RSpec with Rails Views (render, rendered, contain, assign) and Controllers (mock_model, stub_model).
- How to setup Autotest with RSpec using Bundler and Autotest with Cucumber.
- How to integrate Twitter’s Bootstrap project with Rails using bootstrap-sass.
- Learned about Rosetta Stones new TOTALe program and tried out the demo.
- Vapiano gives out gummy candy instead of mints as you walk out.
- vim file +100 – Jump directly to line 100
- vim -O file1 file2 – Opens files side by side
- Check load average on Unix: cat /proc/loadavg
- Test::Unit : ruby some_test.rb -n test_specific_method
- Incorporated HAML into an existing Rails application using haml-rails gem.
- Learned how to assemble several different items from Ikea. I have a brand new standing desk!
- http://mmonit.com/monit/
- Since PHP/PDO can’t return custom Oracle types. Use XMLTYPE to convert the type to a string so you can test against it:
SELECT XMLTYPE(get_custom_type()) as xml_string from dual;
- Since PHP/PDO can’t return custom Oracle types. Use XMLTYPE to convert the type to a string so you can test against it:
- https://www.ruby-toolbox.com/
- Goats have square pupils. Nutmeg is poisonous. My Proof
- https://www.coursera.org/
- Show *nix port usage (I’ve learned this probably 10x but still have to look it up each time): netstat -lpnt
- Learned that suhosin.session.cryptkey is determined by docroot and can be different on each vhost (unless specifically set). This caused session replication between servers to fail since data was being encrypted with two different keys.
- Google: do a barrel roll
- Learned there are a number of people speculating on the Iraqi Dinar as an investment opportunity. I’m not one of them.
Things I Learned in August
- PL/SQL – EXIT leaves a LOOP, RETURN immediately leaves a subprogram
- Unix: lsof
- Libero – Volleyball
- Native PL/SQL Compilation
- alter session set plsql_code_type=’NATIVE’;
- CSS adjacent child selector can be used to target specific child: columnLayout > div + div + div. Nice way to remove right margin/padding from the last column
- CSS “position: absolute” respects all four corners: top, left, bottom, right
- WordPress Functions: make_clickable, get_page_link, wp_list_pages
- http://apt-mirror.sourceforge.net/
- Oracle query using INTERSECT
- First time exchanging money and having Euros and British Pounds. Thanks Amex.
- Thunderbolt Interface
- CSS vendor specific prefix for IE: -ms-
- Interesting tidbit on memory allocation for stringstream.str().c_str()
- http://linux-mm.org/OOM_Killer
- When Oracle 11.2 Client and 11.2 Server have different timezone configuration it raises ORA-01805
- NetWrix Account Lock Examiner
- opensrs.com wholesale unit of Tucows.com
- Twig Merge: []|merge(array) and {}|merge(hash)
- HTML5 required attribute cannot be used on HIDDEN elements
- Travertine
- If This Then That – http://ifttt.com/
- Oracle NVL2
- List javascript properties (Mootools): for (a in $(‘element_id’) { console.log (a); }
- Open files in tabs: vim file1 file2 -p
- Ruby load vs require
- Ruby load vs require
- Learned about different language concat operators.
- Heard about Perl 6 for the first time.
- ~4 hours of motorcycle classrom training on my way to being licensed.
- ~5 hours of motorcycle driving time
- Passed the DMV driving and written exams for my motorcycle license.
- Screen’s aclchg command
- First flight on Icelandair on my way to England
- First time in Iceland and England (London).
- Visited Bath, England – Saw Roman Baths
- Learned quite a few words that have different meaning between America and UK. (Ex. pants = underwear, trousers = long pants, bin = trash can, boot = car trunk)
- Learned a bit about Marlborough College
- Saw Platform 9 3/4 (Harry Potter) at London’s King Cross station
- Took The Original Tour bus all around London and saw some great sights.
- Took train from London to Durham, England
- Visited Durham University and Durham Cathedral
- Saw and stepped in the North Sea
- First time to Edinburgh, Scotland, visited Edinburgh Castle
- National Museum of Scotland and National Portrait Gallery
- Saw Holyrood House and Scottish Parlament buildings.
- Flew out of Glasgow International Airport
- MooTools Class.refactor
Things I Learned in July
- How It’s Made Baseballs
- Chrome for iPhone
- Andy Griffith Died
- Derecho
- Searching for tabs: grep -rl -P ‘\t’ –exclude-dir=.svn *
- http://www.omnigroup.com/products/omnifocus/
- Dynamo Magician Impossible
- Tour of the US Naval Academy in Annapolis, MD
- The goat is their mascot
- plebe is a latin term for common person or “low order”.
- plebes cannot walk on curved sidewalks
- Bancroft Hall is the largest college dormitory in the world and houses all ~4500 midshipmen. Has 8 wings and 5 miles of corridor.
- All 4500 students eat their meals family style at the same time in < 30 minutes.
- chrome://flags/
- A tilde (“~”) represents Nil / Empty in YAML (Ruby and PHP Symfony)
- curl -b/–cookie and -d/–data
- Moved to previous directory: cd –
- http://www.codeschool.com/courses/try-git
- Include javascript files directly: https://developers.google.com/speed/libraries/devguide
- CSS Selectors: h1 + p (adjacent sibling) and h1 ~ p (general sibling)
- http://jqueryair.com/
- Learned how to create a Custom WordPress Template and Custom Static pages for Home and Blog pages.
- https://github.com/facebook/codemod/
- https://stripe.com/
- Oracle: Pipelined functions require SQL types to be able to pipe collections of data to the consumer. Oracle will generate these SYS_PLSQL_* types on you behalf. http://www.oracle-developer.net/display.php?id=423
- MooTools: Cookie.write(‘XHPROF_PROFILE’); and Cookie.dispose(‘XHPROF_PROFILE’);
- Created first Symfony Console class and a Composer script class.
- http://en.wikipedia.org/wiki/Sitemaps
- Learned to make Bananas Fosters
- Oracle 11g SecureFiles
- git stash pop
- Hops are what make beer taste bitter.
- http://www.phparch.com/
- NTFS = New Technology File System…. probably should have known that by now.
- Disable specific Oracle patches: alter session set “_fix_control“=’11814428:off’;
- Dotted Notes and Rests
- Olympic Symbol – 5 rings for the inhabited continents and 6 colors for all the nations flags in 1931.
- Learned about jacketed rounds and non-jacketed. Flat nose and round nose bullets.
- Oracle: select * from v$version;
- Four Commonwealths in the US: Kentucky, Virginia, Pennsylvania, Massachusetts.
- http://www.kickstarter.com/projects/ouya/ouya-a-new-kind-of-video-game-console