-
![thumbnail]()
Principles for Standardized REST Authentication - O'Reilly Broadcast
January 18, 2017 at 10:38:03 AM GMT+1 - permalink -Stateless auth for rest api
Query Authentication
All REST queries must be authenticated by signing the query parameters sorted in lower-case, alphabetical order using the private credential as the signing token. Signing should occur before URL encoding the query string.
In other words, you don't pass the shared secret component of the API key as part of the query, but instead use it to sign the query. Your queries end up looking like this:
GET /object?timestamp=1261496500&apiKey=Qwerty2010&signature=abcdef0123456789
The string being signed is "/object?apikey=Qwerty2010×tamp=1261496500" and the signature is the HMAC-SHA256 hash of that string using the private component of the API key.
The main objection to this approach is that the private API key devolves into a kind of password for static calls. For example, if the query were instead:
GET /object?apiKey=Qwerty2010
The signature would be the same every time you made that specific query. However, you are using SSL, right? Furthermore, adding in a timestamp makes each query differ. For extra security, you can make the timestamp a more formal date-time value with time zone information and disallow queries outside of the query range.
The real controversy is whether signing should occur before or after URL encoding values. There is no "right" answer. I lean towards signing before encoding because most programming tools make it easier on the server side to get the unencoded values versus the encoded values. I'm sure good arguments can be made the other way. What I really care about is this: let's pick one and stick with it.
-
http://broadcast.oreilly.com/2009/12/principles-for-standardized-rest-authentication.html
-
Weboob s'offre une nouvelle version pour fêter la nouvelle année - LinuxFr.org
January 13, 2017 at 4:55:56 PM GMT+1 - permalink -Je ne connaissais pas du tout ce projet qui est bien interessant..
Surtout le module bank qui a l'air très actif
Je garde ça sous le coude, ça pourrait m'être utile dans mon application de gestion de compte
-
http://linuxfr.org/news/weboob-s-offre-une-nouvelle-version-pour-feter-la-nouvelle-annee
-
![thumbnail]()
IP address is incorrect in Apache access logs · Issue #27 · gnif/mod_rpaf · GitHub
January 11, 2017 at 11:29:12 AM GMT+1 - permalink -Contexte :
Derniere version de rpaf et apache 2.4 (jessie)La variable %h qui est utilisée dans les LogFormat de base n'est pas substituée par rpaf... il faut la remplacer par %a qui elle, est bien modifiée par rpaf
-
https://github.com/gnif/mod_rpaf/issues/27
-
![thumbnail]()
regex - Bash: One-liner to exit with the opposite status of a grep command? - Stack Overflow
January 4, 2017 at 10:46:12 AM GMT+1 - permalink -La commande eb d'amazon retourne toujours 0 même quand elle foire.. pas pratique pour repérer une erreur dans les script de CI..
Mes scripts bash commencent tous avec "set -e" pour sortir en erreur des qu'il y a un probleme
La commande eb me pose donc problème, j'ai fixé ça de cette mainère en attendant de trouver mieux :
eb blablabla 2>&1 | ( ! grep ERROR)
De cette manière, si dans le stdout ou dans le stderr on trouve 'ERROR', le grep va matcher et renvoyer 1 (dans une utilisation normale, grep retourne 0 si il match, mais avec le point d'exclamation, on inverse ce retour)
Ce qui aura pour effet de passer mon script en erreur !
-
http://stackoverflow.com/questions/15367674/bash-one-liner-to-exit-with-the-opposite-status-of-a-grep-command
-
![thumbnail]()
-
![thumbnail]()
-
![thumbnail]()
java - What is this date format? 2011-08-12T20:17:46.384Z - Stack Overflow
December 28, 2016 at 2:13:27 PM GMT+1 - permalink -TIL :
What is this date format? 2011-08-12T20:17:46.384
The T is just a literal to separate the date from the time, and the Z means "zero hour offset" also known as "Zulu time" (UTC). If your strings always have a "Z" you can use
-
http://stackoverflow.com/questions/8405087/what-is-this-date-format-2011-08-12t201746-384z
-
Note: cron currency
December 27, 2016 at 12:21:04 PM GMT+1 - permalink -cat bin/currency.bash
!/bin/bash
Today
echo -n "Today : "
curl -s "http://api.fixer.io/latest?symbols=EUR,CHF&base=CHF" | jq '.rates|.EUR'Last 10 days
for i in {1..10}; do
dc=$(date --date="$i day ago" +%Y-%m-%d)
echo -n "$dc : "
curl -s "http://api.fixer.io/${dc}?symbols=EUR,CHF&base=CHF" | jq '.rates|.EUR'
doneLien XE Graphique 1 month ago
echo "http://www.xe.com/currencycharts/?from=CHF&to=EUR&view=1M"
-
https://links.infomee.fr/?x9_68Q
-
![thumbnail]()
-
![thumbnail]()
How to Setup Additional Entropy for Cloud Servers Using Haveged | DigitalOcean
December 23, 2016 at 11:57:52 AM GMT+1 - permalink -- yum install -y gcc
- wget http://www.issihosts.com/haveged/haveged-1.9.1.tar.gz
- tar xf haveged-1.9.1.tar.gz
- cd haveged-1.9.1
- make
- ./configure
- make
- make install
- /usr/local/sbin/haveged -w 1024
To run this inside a container, you have to docker run --privileged
You can run this on host, then map /dev/random from host inside container/!\ In test environment ONLY :
Don't install anything, just map /dev/urandom from host into /dev/random container
docker run -v /dev/urandom:/dev/randomTest entropy : (rng-tools)
cat /dev/random | rngtest -c 1000
-
https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged
-
![thumbnail]()
