Today I Learned Notes to self about software development

    OAuth vs SAML

    TIL, OAuth and SAML are not the same and do slightly different things. You would never use them both at the same time.

    OAuth

    OAuth is for authorization. The best example I have is when I used my Google account for Pokémon Go. After logging in with my Google account, the Pokemon Go app prompted me to ask if they could have permission to access a bunch of things in my Google account. I didn’t follow it, but there was a bunch of news about how Pokémon Go requested you grant too much access to the Google account. Anywho, OAuth is the protocol used to authorize other services to have access to things in your Google account. Facebook does the same. You may even see apps that say, “Login with your Facebook or Google account and we’ll import all your contacts into our system.” That’s OAuth being used by Facebook and a Google to authorize other services to access resources in your account.

    SAML

    SAML is a protocol for authentication. Basically, you have a service provider (Salesforce, G Suite, Box, etc) and you have an identity provider (Okta, OneLogin, Ping Identity, etc). You’ll have a user account in both systems, let’s say for Jane. When Jane goes to login to Box, she would typically provide a username and password, then Box would authenticate the user. But the IT admins have setup SAML with Box and Okta. So when Jane goes to Box to login now, Box sends a SAML request to Okta. Okta receives that request and may ask the user to login to Okta, if they haven’t already. Okta is essentially tasked with authentication. Okta then sends a SAML response to Box. Box accepts this and creates a session for the user and they’re now logged in. To Box, the SAML response they received is used instead of them providing a username and password.

    Markdown footnotes

    I look up how to do footnotes in Markdown everytime I need to use them. Maybe if I write this post, I’ll finally remember.

    It works like this:

    Here is a simple footnote[^1]. With some additional text after it.
    
    [^1]: My reference.
    

    Copying records

    When I was setting up Ruby assignment1 this week, I wanted to copy all of the exercises and specs from last quarter and associate them with the assignment for this quarter.

    I came up with a pretty nice solution using .attributes which returns a Hash of the existing attributes for a record that I can pass straight to the .create method.

    new_assignment = Assignment.find(...)
    old_assignment = Assignment.find(...)
    old_assignment.exercises.each do |e|
      copy = e.attributes
      new_e = new_assignment.exercises.create(copy)
    end
    

    BUT this .attributes includes the id too, so this doesn’t work yet. You can exclude key/value pairs from a Hash using .except. You can provide multiple keys at the same time as well.

    new_assignment = Assignment.find(...)
    old_assignment = Assignment.find(...)
    old_assignment.exercises.each do |e|
      copy = e.attributes.except("created_at", "updated_at", "id")
      new_e = new_assignment.exercises.create(copy)
    end
    
    1. This “assignment” is a Rails app, where an “assignment” is a model, and each assignment has many exercises, and each exercise has many specs. 

    JS Polyfill

    I was just trying to do a simple loop over a list of elements in JS

    var inputs = document.getElementsByTagName('input');
    inputs.forEach(function(input, index) {
        // ...
    });
    

    but suprisingly to me I got an error:

    VM52:1 Uncaught TypeError: inputs.forEach is not a function
        at <anonymous>:1:8
    

    inputs is an HTMLCollection, which is array-like object so it should be iterable— right?

    Well it is— but in modern browsers, you need to use a for loop:

    for (const i of inputs) {
      // ...
    }
    

    Alternatively you can convert it to an Array with Array.from().

    This SO answer made me curious what a “polyfill” was so I looked it up.

    In web development, a polyfill is code that implements a feature on web browsers that do not support the feature. Most often, it refers to a JavaScript library that implements an HTML5 or CSS web standard, either an established standard (supported by some browsers) on older browsers, or a proposed standard (not supported by any browsers) on existing browsers.

    —Wikipedia, Polyfill (programming)

    Serving static files with Rack

    You can use a Proc like this to serve static files.

    # config.ru
    map '/' do
      path = '/index.html'
      default_homepage = File.read(path)
      app = proc do |env|
        [200, { 'Content-Type' => 'text/html' }, [default_homepage]]
        # last argument needs to be an array
      end
      run app
    end
    

    The proc keyword is the equivalent to Proc.new.