Author Archives: dpc

Do you use curl? Stop using -u. Please use .netrc

An unsolicited tech tip. Those of you who are API people, should exhibit good API hygiene. One aspect of that is: “stop using curl -u” !! Sometimes you have the urge to run a command like this: curl -X POST -v -u 'yourusername:password' . https://foobar/slksls Avoid this. OK, … Continue reading »

No related posts found

Uncategorized

It’s that time of year… when people think about exchanging JWT for opaque tokens

Yes, it’s that time of year when people think about RFC7523, which describes how to exchange JWT for opaque OAuth tokens. Right? If you’re like me, the waves of acronyms, jargon, and IETF RFCs (see what I did there?) seem to never end. OAuth, JWT, RFC 7523, JTI, … Continue reading »


Developer , , , ,

Stackoverflow and the early mover advantage

Browsing HN this morning, I found an interesting piece discussing Stackoverflow. Apparently hackernoon wrote a piece entitled “The decline of Stackoverflow” and it got some attention on reddit. Bozho’s perspective aligns pretty closely with mine. I’m in the top 0.1% overall on SO, but I have not contributed … Continue reading »

No related posts found

Random

Drupal 7, #states, and mutually exclusive checkboxes

This post will be a bit techy. I confronted and solved a minor problem yesterday, and in the spirit of the internet, thought I’d share the solution, in case anyone else tries something similar. This is about Drupal forms, and specifically within forms, the #states capability, which is … Continue reading »


Developer , ,

Bryan Kirshner on Passing the Digital Strategy Laugh Test

Bryan Kirschner of Apigee on what it takes for a CEO to pass the laugh test when it comes to digital strategy. He proposes a handful of metrics that CEOs should be managing; and says that observers should judge CEOs on their progress on these metrics. Makes a … Continue reading »


Strategy ,

Google Guava – sweet and succulent

I have a bit of java code that handles JWT. It generates a MACVerifier and then uses that to verify a signature. Someone commented that it was taking more time than they expected. I didn’t see a ton of opportunity for optimization, but I thought I might wrap … Continue reading »


Developer , , ,

restclient.el – sending API Requests directly from within Emacs

Hey, something new! (to me!) the restclient.el library, for emacs. I tried it. I like it. I recommend it. What does it do? Allows you to send REST requests (really just http requests) right from emacs, interactively. And then pretty-prints the results if possible (if XML or JSON … Continue reading »


Developer , ,

Webinar on OpenID Connect and JWT in Apigee Edge, featuring yours truly

Here’s the replay of the Webinar, on OpenID Connect and JWT that I did with Vinit Mehta a week ago or so. It’s about 45 minutes long. If you have questions, you can post them to The Apigee Community


Developer , ,

letsencrypt and NearlyFreeSpeech

I’ve been running this site on nearlyfreespeech for some time now. Last week I created a cert using the tools and service made available by letsencrypt.org, and then configured my NFS server to use it. It was pretty easy, but not documented. I’ll share here what I did … Continue reading »


Developer , , ,

Use PHP code to make WordPress redirect to secure site

Lots of people use the .htaccess redirect rules to force their wordpress sites to load with the secure option. It looks like this: But if you have a hoster that does not provide you the ability to modify the .htaccess file, that won’t work. These hosters typically set … Continue reading »


Developer , , ,