mfonism

This morning, I got into a bus with a large group of English-speaking tourists. One of them, a little girl, was singing. Everyone around her was smiling. Clapping along. Cheering her on as she moved from song to song.

I couldn't relate.

I had my noise-cancelling headphones on. And I was listening to white noise underneath it. You know, that static sound old grainy TVs make... Yeah, that's what I had playing. It helped me shut out that happy bubble that was building up in the bus. Really, I just wanted to stay inside myself and not feel anything else.

You see, yesterday was awful!

And I hadn't really processed it. So I stayed in my own bubble of white noise. Trying not to be anywhere else.

mziwisky

OAUTH2

The Problem

I’m a web app that wants to allow other web apps access to my users’ information, but I want to ensure that the user says it’s ok.

The Solution

I can’t trust the other web apps, so I must interact with my users directly. I’ll let them know that the other app is trying to get their info, and ask whether they want to grant that permission. Oauth defines a way to initiate that permission verification from the other app’s site so that the user experience is smooth. If the user grants permission, I issue an AuthToken to the other app which it can use to make requests for that user's info.

Note on encryption

Oauth2 has nothing to do with encryption -- it relies upon SSL to keep things (like the client app’s shared_secret) secure.

atbradley

public static String stripTags(String input) {
    return input.replaceAll("\\<.*?>","");
}