Ryan Rampersad

Expo app with Auth0 – Authorization Code Grant Flow with PKCE

Auth0 offers Authorization Code Grant Flow with PKCE. This flow allows a native app to get an id_token, access_token and the refresh_token. There is an Auth0 tutorial on implementing this flow in iOS apps, Android apps and React Native apps. Unfortunately, there is little documentation available currently for using this flow with an Expo React Native app.

There is an example expo-auth0 github repo but it only covers the Auth0 implicit flow. It does provide the foundation for the flow though, and there is just a few of modificaitions needed to implement the PKCE portion.

The Auth0 documentation mentions that you need to first generate a cryptographically secure randomized string of at least a certain length, and then sha256 hash that value (these are called the verifier and the challenge, respectively). Both values will be used in subsequent payloads during authentication. The documentation makes use of crypto in its JavaScript examples.

This presents a problem because in React Native, there is no access to the Node crypto package directly. While there is an option to load the crypto library through browserify, it can potentially add 21K+ additional lines of JavaScript to your bundle. You also cannot dip into Android or iOS specific native code when using Expo without ejecting first. This is a very limiting situation.

Our compromise in this situation was actually to request the random string and hash from our own API service. This way, we can have unique verifier and challenge strings ready for each user, without app locally making these strings up itself. This is probably secure enough, given that our API service is protected with HTTPS, and if these simple strings are comproised somehow over the wire, there are even larger targets when going through the Auth0 authentication itself.

ReactJS: Synthetic Mouse Event Properties Null

While working with ReactJS, I added a click handler. I used console.log to dump the event object passed into the handler, but all the properties on the SyntheticMouseEvent were null.

synthetic-event

An insightful tip via StackOverflow point me in the right direction. Chrome and React interact strangely with the event object in this situation: Chrome does not copy the properties, and by the time Chrome prints the object to the console, React has nulled out the values. But at runtime, the properties are not actually null, they’re there.

Just reference your synthetic event properties directly instead of trying to dump the entire object.

Enable Custom Configuration Files in Lumen

Lumen does support custom configuration files, but they need to be enabled first.

You need to add calls to $app->configure('file.php') in your bootstrap/app.php. A cleaner method might be to make a config.php to contain the configure calls and then include that file from bootstrap/app.php.

If you want to use .env values directly, you can also uncomment Dotenv::load(__DIR__.'/../'); at the top of bootstrap/app.php. That will allow getenv('name') to work.

Open Atom from the Terminal

Opening you graphical text editor from the terminal is pretty convenient. Although not the most technical solution, this is the easiest method.

Just open Atom, go to the Atom menu, and click Install Shell Commands.

Be sure to have migrated Atom to /Applications first, otherwise there might be some weird bugs if you decide to move it there later.

Rename extensions with the terminal

I had a directory full of files with the same extension, and a script was design to process any file in the given directory with that specific extension – to ignore the processing on a file, all I had to do was rename the extensions of all the files except the one I wanted to process specifically.

There’s a great answer on Ask Ubuntu, of all places.

rename ‘s/.original$/.new/’ *.new

SML: operator and operand don’t agree

I am tired of having to look this up every time I forget everything I know about SML.

Error: operator and operand don’t agree [tycon mismatch]
operator domain: ‘Z * ‘Y
operand: ‘Z

When you get this error, you have called a function with the wrong argument types.

The operator domain is what the function called expects, and the operand is what the function was called with.

To fix the problem, call the function with the proper arguments.

You can learn more about a variety of SML errors at the SML NJ error document.

Rust: core::ops::Fn(char) -> bool

Here’s a Rust error:

error: the trait `core::ops::Fn(char) -> bool` is not implemented for the type `&str`

I was trying to split a string of numbers with spaces a delimiter. Here’s the line for which this error occured:

let split: Vec<&str> = input_string.as_slice().split(" ").collect();

Apparently, split was expecting a single character, not a substring. This obtuse error was easily solved by changing the double-quotes to single-quotes.

let split: Vec<&str> = input_string.as_slice().split(' ').collect();

Nexus 6: Battery Life

The embargo on the Nexus 6 has been lifted and I took the liberty of reading at least three reviews, numerous reddit threads and countless tweets. The most important concern of mine with the new Nexus 6 is the battery life. After all of that reading, I wanted to collate the once again strange battery life discrepancies these reviews have revealed.

AnandTech portrays the Nexus 6 battery life as a let down:

Compared to Samsung’s Galaxy Note 4 which has essentially the same specifications on paper, the Nexus 6 lasts 4.27 hours shorter. It is likely that this can be attributed to the display, which may not be as efficient as the latest and greatest AMOLED panel used in the Note 4.

This beautiful graph, specifies the Nexus 6 below the Nexus 5 in “web browsing on wifi”: Nexus 6 scored 7.7 hours while the Nexus 5 scored 8.99 hours, which is a 14% difference. I have no idea what makes the Samsung Galaxy Note 4 score 11.97 hours in the wifi test, but that difference is kind of spooky, especially in considerations of stock Android, the lack of TouchWiz and the refinements to the OS that were alleged to boost battery life. There are other graphs in the review that show the Nexus 5, 6, Note 4, iPhones and others doing better than the Nexus 6 in a variety of “tests”.

Update: Brandon, the author of AnandTech’s review on the Nexus 6, continued on Twitter a few days later after rerunning his tests on the Nexus 6 with the “late firmware update“. He says it made no difference.

Android Police offer a less stinging opinion of the battery, but their charts show some numbing results.

That said, I have found the Nexus 6 to have respectable battery life. Here’s a look at an average day with the N6. While using the Nexus 6, my brightness was almost always at maximum, and I was connected to mobile data exclusively.

Their charts are not as organized as AnandTech’s, but plainly: ~1pm to ~10pm reaching down to 9% (which would result at 54 minutes at the current usage rate), and by the way, they say this was their “light day of use”. The heavier day usage is more akin to my usage so: ~11am to 5pm reaching down to 7%.

Even after all that, Liam Spradlin defends it:

On the whole, the first set of shots is what I experienced most days, which comfortably got me through an entire day and evening. The phone definitely still needs to be charged every single day…

The Verge offers the most optimistic description in my opinion:

The Nexus 6 has a 3220 mAh battery, which in my week or so with the device initially lasted a solid day and a half. Very heavy use did make it die out after 14 hours or so, while lighter use let me push it to two days.

The Verge did not provide graphs of any kind (because it’s too hard for their readers to parse, perhaps), but there is no reason to disregard Dieter Bohn’s usage here so far. Despite the criticism The Verge recieves over their Apple affinity, this review and Dieter’s earlier sneak peak preview are fair. It is worth noting that The Verge scored the Nexus 6, 8.6 overall and 8 in battery life while the iPhone 6 Plus scored, 8.7 overall and 9 in battery life. The Note 4 scored an identical overall score to the Nexus 6 while its battery life score was 9 just like the iPhone 6 Plus.

Three reviews of varying angles detailing the good enough or lackluster battery life of the Nexus 6. These are the battery life discrepancies that plagued the Moto 360 reviews as well, at least initially. The common opinion now seems to be the Moto 360 has “okay” battery life. To get any sensible result in these tests, it is clear that the reviewing needs to happen over a long time, and perhaps with the actual OS installed (because, in the Nexus 6’s case, there was a late update that could have changed something).

It’s a shame that Google and their OEM provider struggle to make their products stand out in some of the most important factors. It is clear that nobody knows the true battery life expectations for the Nexus 6 yet. Which is fine, because right now, there is no stock – anywhere.

We’ll see.

Android Screen Recording

I am developing an Android app for class. Every night after I am done working with the code, I like to send my team a short video on the development progress thus far. ADB has decent screen recording functionality built in.

C:\Users\ryan>cd^ C:\apps\sdk\platform-tools

C:\apps\sdk\platform-tools>adb.exe shell screenrecord --bit-rate 8000000 --time-
limit 60 /sdcard/odin-app.mp4

You can read about the switches too.

Updated: I also use this frequently on the Mac with ADB as well. It’s the same, but it’s handy to have anyway.

ryans-mba:~ ryanrampersad$  adb shell screenrecord --bit-rate 8000000 --time-limit 60 /sdcard/odin-app.mp4

After these videos are done recording, I like using ES File Explorer to transfer them for uploading rather than using ADB file transfer.

Oracle SQL: Running and Logging

For my database class, I needed to write an SQL file and then run it in SQLPLUS, I also had to log SQLPLUS output to a file.

Start SQLPLUS.

SQL > spool "output.file";

SQL > @file.sql;

SQL > spool off;

Spool will channel all of the commands output to a specific file, and then @ will load and run the specified file.

Big week, world!

Big week, world?

Previously, I wrote Hello World!. The first time I wrote it to say hello, and subsequently I added more thoughts over the years, almost every year. Almost every one starts with a hello world post, and I will not deviate here either.

Writing at my old blog, well, the blog you are reading now but in its previous form, stopped just a little over a year ago. I was tired of the maintenance of the codebase, tired of the design, tired of keeping up with the work of writing. Twitter and Google+ kept me busy enough, and Google+ in paritcular allowed me to kinda-sorta blog when I wanted to, and it handled mobile links well. The importance of this blog decreased until it was ignored.

But here we are a year later. What has changed? Twitter will become algorithmic and Google+ has a tumultuous future ahead. In any case, writing anywhere, regardless if it is a long form post, a brief code snippet or error log, or even a link, I wanted to be able to own it and keep it forever. Platforms come and go.

Over the years, between theme changes, migrations between servers and my fledging web-developer ineptitude, the old blog was a mess. The content needed to stay around for you and history. Once something made, destroying it is the worst possible outcome. I felt it held me back though. I felt responsible continuously for what I wrote there, especially as some of it was not considered as well as I wished it were. But everything else, the code and the design, needed to go.

The chronicle blog was set up to hold onto the posts and other content I made. Every post is preserved in time – everything there is frozen. Right now, it still runs WordPress, but soon too, will change as it transitions to a static after-image of its former glory. There are some subtleties to this chronicle though. Many visitors find much of my legacy posts useful so keeping them around is important, that is to say, keeping search compatibility is very important to me. I devised a clever solution to prevent the breaking of URLs between this blog and the chronicle. Anytime there is a 404 here, this blog will politely ask the chronicle if a page exists or not, if it does, the page is redirect transparently as if the URL had never changed and never not-existed. Because of this clever trickery, I can be happy and perhaps someone searching on “How to Force Quit in Ubuntu” can be happy.

By having the chronicle, I can write whatever I want freely again with no legacy in the way and with a design that seems a bit more timeless (and potentially, pretty familiar).

So thanks for sticking around.

Transistor

Transistor came out this week1 and after hearing about it on Eight Bit, The Nexus’ gaming show, I decided to buy it and play it. I had no idea what I was getting into, but there are few things that made me take the leap.

Game, front cover art

Game, front cover art

  1. The cover art image is beautiful. The girl, Red, in this art looks a lot different than when portrayed in game, but she is adorable here, and that is what the world fights for. The art is amazing elsewhere too.
  2. The music was simply enthralling. The reveal trailer shows off the headlining song for the game. This has been on loop for four days now.
  3. The gameplay, in the launch trailer, was pretty convincing. It was a mixture of real-time and turn-based combat.

And so, I took the plunge. I had some free time, so I beat the game the first time just seven hours after purchasing it (and I bought the album too). And then, I beat for a second and third time.

So here’s my critique.

(more…)