Benoit J - My mostly tech blog

2021w50 - Weekly Summary

Published on 2021-12-17

Categories: summaries
Tags: summaries

Pssst - this is a RSS only post.
Please keep it secret. Read more about RSS Club.

For a while I’ve been thinking of capturing thoughts / experiences regularly.

You will find thoughts related to my work, my passions, and my life.

Work - Great managers are good partners with their employees

Having a great manager is important. One that will:

  1. create winning conditions
  2. help you grow
  3. support you when needed
  4. let you alone when you dont need anything

I will never work again with (not for) a bad manager.

IT

Learning - OAUTH2 w/ RSA certificate authentication

Been experimenting with RSA based OAUTH token generation.

The process is done this way:

  1. you encode headers with RS256 type
  2. you create json data containing a really short experiration, the necessary audience
  3. base64 url encode both the header and data
  4. your token is the encoded header.data
  5. RSA sign the token and base64 url encode the hash
  6. the signedJwtToken is comprised of base65 url encoded headers.data.signature

During testing, this process is relatively simple, but is tedious.

This can be achieved by implementing pre-scripts in postman, or shell scripts

Some findings:

  1. https://joolfe.github.io/postman-util-lib/

  2. https://stackoverflow.com/questions/49371771/postman-rsa-encryption/59338473#59338473

  3. https://stackoverflow.com/questions/53965446/how-to-sign-a-jwt-with-a-private-key-pem-in-cryptojs

  4. Using jsrsasign-js

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

    var navigator = {};
var window = {};
eval(pm.globals.get("jsrsasign-js"));

function addIAT(request) {
    var iat = Math.floor(Date.now() / 1000) + 257;
    data.iat = iat;
    return data;
}

var header = {"alg" : "RS256","typ" : "JWT"};
var data = {
    "fname": "name",
    "lname": "name",
    "email": "email@domain.com",
    "password": "abc123$"
};

data = addIAT(data);

var privateKey = "-----BEGIN RSA PRIVATE KEY----- \
MIIBOQIBAAJAcrqH0L91/j8sglOeroGyuKr1ABvTkZj0ATLBcvsA91/C7fipAsOn\
RqRPZr4Ja+MCx0Qvdc6JKXa5tSb51bNwxwIDAQABAkBPzI5LE+DuRuKeg6sLlgrJ\
h5+Bw9kUnF6btsH3R78UUANOk0gGlu9yUkYKUkT0SC9c6HDEKpSqILAUsXdx6SOB\
AiEA1FbR++FJ56CEw1BiP7l1drM9Mr1UVvUp8W71IsoZb1MCIQCKUafDLg+vPj1s\
HiEdrPZ3pvzvteXLSuniH15AKHEuPQIhAIsgB519UysMpXBDbtxJ64jGj8Z6/pOr\
NrwV80/EEz45AiBlgTLZ2w2LjuNIWnv26R0eBZ+M0jHGlD06wcZK0uLsCQIgT1kC\
uNcDTERjwEbFKJpXC8zTLSPcaEOlbiriIKMnpNw=\
-----END RSA PRIVATE KEY-----";

var sHeader = JSON.stringify(header);
var sPayload = JSON.stringify(data);

var sJWT = KJUR.jws.JWS.sign(header.alg, sHeader, sPayload, privateKey);

pm.variables.set('token', sJWT);

Emacs - towards stability

project.el

my project.el setup broke. still trying to fix it.

IntelliJ -> Emacs

Continue the IntelliJ -> Emacs research. More details soon.

nixos - home-manager - goimapnotify

My main work involve fixing goimapnotify setup with nix and home-manager.

So far, something is wrong with the config it generates. It seems to be related to single quoting and the password command parameter. When removing the single quotes, my script works.

Pictures - share

Configured a network share for our pictures. This will allow us to sort, and organize pictures we’ve been collected for the last 20 years.

The setup involve:

  1. TrueNAS
  2. Samba share
  3. New accounts setup on the NAS
  4. Moving all to that share
  5. Create a 00_inbox folder for things to process

home improvements

This week’s plan is the same as last week. I needed to procrastinate :)

So I’m still going to:

  1. finish some plastering / painting touch-ups.
  2. start planning the construction of my new office.
craftering

For comments, use email or Mastodon

Don't forget to subscribe to my RSS feed!