The Ruby Reflector

Brakeman 1.9.3 Released - With Slim and HAML 4.0 support, better reporting, and more.

jQuery 2.0 Beta 2 Released - Just what you want if you're ready to kick IE 6/7/8 users to the curb.

Spectrum - jQuery colorpicker that just works with HTML5 color input controls, and degrades gracefully when it needs to.

Bootstrap 2.3.1 released - A handful of bugfixes.

OAuth1, OAuth2, OAuth...? - Egor Homakov picks apart OAuth and isn't impressed with what he finds.

• Topics: OAuth, Beta, Slim, Internet Explorer, HAML
• Labnotes: Rack OAuth 2.0 Server Goes 2.0
• Stake Ventures Inc.: Open Web Payments - PayPal's answer to OpenTransact
• Jake Scruggs: Ruby Midwest 2010 Saturday
• omgbloglol: Attention API Provider: How to make people using your API love you
• RubyLearning Blog: The Ongoing Vigil of Software Security
• : Web Service API Design By Example

Phycocauth is a sample project that combines the following: PHP, YouTube, OAuth2, CodeIgniter, the CodeIgniter Youtube API Library, and the Google APIs Client Library for PHP.

I'm releasing this proof of concept to show that it's possible to integrate the CodeIgniter Youtube API Library with the Google APIs Client Library for PHP. Once version 3 of the YouTube API is ready, the CodeIgniter Youtube API Library will no longer be necessary. All …

• Topics: Library, PHP, CodeIgniter, YouTube
• Ruby Inside: The Mega Ruby News and Release Roundup for May 2012
• occasionally useful: MVC, Games, and a message bus
• Talk Like A Duck: Installing Oracle on OS X Snow Leopard
• A Fresh Cup: Double Shot #848
• Intridea - Company Blog: A Visual Guide to Creating an Embeddable Framework for Mac OSX
• Luke Redpath: Deploying your iOS ad-hoc builds with the BetaBuilder gem and TestFlight

…allows you to publish a gist from Ruby or the command line including file uploads and OAuth2 authentication.

ffi-http-parser: Ruby FFI Bindings to the 'http-parser' Library

http-parser is a high performance HTTP message parser written in C by Joyent. ffi-http-parser can hook your Ruby scripts up to it for parsing both HTTP requests and responses.

R18n: I18N Tool to Translate Your Ruby Application

OmniAuth StackExchange: StackExchange OAuth Strategy…

• Topics: Ruby on Rails, Ruby Motion, CoffeeScript, JavaScript, Mark Bates
• Engine Yard Developer Blog: Come See Us in May!
• Luke Melia: GoRuCo 2008
• Practicing Ruby: IDEA: Ruby Mendicant University
• The Majestic Sea Creature: BohConf: The Best Ruby Conference Ever
• Joseph Wilk: Testing Outside of the Ruby World
• a Freelance Web Developer: Lightning Talk about the OneOfZombies project

It's based on OAuth2, Ajax, and Backbone.js models.

They've integrated persistence to StackMob into their Backbone.js-based API.

They have a nice looking dashboard.

It looks like their datastore is schemaless.

They use a mix of MySQL and MongoDB.

You can fetch an object as well as all of its related objects, up to depth of 3. I'm worried about the security implications of retrieving things you shouldn't have access to.

I'm also worried that someone …

• Topics: JavaScript, Cascading Style Sheets, Yahoo!, CoffeeScript, Android
• Riding Rails - home: Why HTTP Streaming?
• Ruby Inside: 16 Ruby and Rails Jobs for February 2011 (including UK and Australia)
• the evolving ultrasaurus: Why Flash Lost but HTML Still Sucks
• The "Tech. Arch.": Creating Rich Interactive Web Apps With KnockOut.js - Part 2
• Labnotes: The road to Zombie.js 1.0
• ZURB: What We Learned from Open Source in 2011

…culture ?

Respect among peers forms the foundation for any type of open communication. A place where people feel comfortable challenging each other's ideas is one where sound ideas get forged through debate. A place where people easily get offended is one where crucial feedback gets withheld.

QotD Niall O'Higgins :

OAuth2 is all fun and games until some provider makes you implement refresh tokens.

• Topics: Assaf, UI, SMS, JavaScript, Precompiled
• A Fresh Cup: Double Shot #882

…today and OpenID Connect is being worked on a very simple extension on top of OAuth2 which solves most of the real world problems people saw from using OAuth to replace OpenID.

Run through of Manu's sections

I wont be able to go through all of the sections today as it will take me all day. I will come back and do the rest at a later date.

IRIs for Identifiers

Manu's section

I'm sorry calling URI's IRI just smells of political correctness. …

• Topics: OAuth, Uniform Resource Identifier, OpenID, ManU, Hypertext Transfer Protocol
• Stake Ventures Inc.: OpenTransact vs PaySwarm part 2 - yes it's still mostly out of scope
• RubyLearning Blog: Writing modular web applications with Rack
• The "Tech. Arch.": Transform Your Ruby Camping Web App Into An OAuth Provider
• Zerosum Dirt(nap): OpenID, Simplified
• CaelumObject Developers' Blog: Restfulie at Thoughtworks' radar
• Lee Munroe: Great user experience with gradual engagement sign ups

Doorkeeper - OAuth2 provider for Rails, still a work in progress.

Python Ecosystem - An Introduction - If I was going to switch to Python, this looks like a quick way to get the lay of the land.

YaCy - Decentralized open source search engine. A valiant quixotic effort.

Watch a VC use my name to sell a con - I've been through the "work insane hours, sleep under your desk" phase myself. Didn't get me jack shit in the long run. …

• Topics: VC, Ruby on Rails, ecosystem, Web application, Python

…it's much easier to simply kill the process in question, since it is automatically restarted through launchd : killall -9 mDNSResponder

Using Pow makes it a piece of cake to setup all of the required instances to, for example, test rather involved OAuth2 setups with OAuth provider and consumer. You can find more about Pow including a very detailed user manual at its homepage at pow.cx .

• Topics: Pow, Mac OS X, Domain name system, Ruby on Rails, Mac OS X v10.6
• Trevor Turk: Installing Varnish with nginx, Passenger, and Monit on Ubuntu 8.10 intrepid
• igvita.com: Rails Performance Needs an Overhaul
• codahale.com: When Formality Works
• » Product Launch Blog: Upgrading Rails Applications - Some things to keep in mind!
• kahfei: thin on windows
• Jerrett Taylor: Memcache Problems with Rails 2.3 and Litespeed or Passenger?

Testing OmniAuth callbacks is in general cumbersome but for OAuth2 providers it is a bit easier as it uses Faraday internally to connect to the provider. With Faraday, we can configure a test adapter and stub calls to return what we want.

The OmniAuth strategy provides an entry point to the Faraday connection, but we don't have an access to the strategy directly, so we need to store it globally. For a Facebook strategy, we can achieve it as below whenever configuring Omniauth…

• Topics: OmniAuth, Faraday, Facebook, Debian GNU/Linux, Configuring
• Rails Rumble: Separating Authentication and Identity with OmniAuth
• Viget.com Blogs: Anatomy of a Rails Rumble Project
• RailsCasts: Episode 235: OmniAuth Part 1
• Intridea - Company Blog: OmniAuth: Flexible, Unassuming Multi-Provider Authentication for Rack
• Comments on: blog: Link dump for December 16th
• Trevor Turk: Links for 10-21-10

…simple API, by making them available as class methods of Rack:: OAuth2::Server . Adding documentation and usage samples could surely help. If you need to register client applications from your code, or change existing registrations, that's also easier now with the register method.

Security Issue With 1.4

While working on 2.0, I find a potential security issue with 1.4. I strongly urge you to upgrade.

Prior to 2.0, I made the assumption all client applications …

• Topics: Web, OAuth, UI, API, ISSUE
• Labnotes: Zombie.js: insanely fast, full-stack, headless testing
• AkitaOnRails.com - English: Locos x Rails Wrap up
• JJinuxLand: Rails: The REST Religion
• Luigi Montanez: Drafting Guidelines for Government Data Catalogs
• Mislav's blog: Things I learned from iPhone and Droid ads
• 41 technologies: Ruby Fools conference in Copenhagen