Linux Admin

Sunday, 11 September 2022

OAuth 2.0 Grant Type - Authorization Code

OAuth 2.0 Brief Idea - To solve the access delegation problem by issuing a temporary time-bound token to a third-party web application that is only good enough for a well-defined purpose

OAuth 2.0 Actors

OAuth 2.0 introduces four actors in a typical OAuth flow. The following explains the role of each of them with respect to Figure 4-1:

Resource owner: One who owns the resources. In our example earlier, the third-party web application wants to access the Facebook wall of a Facebook user via the Facebook API and publish messages on behalf of him/her. In that case, the Facebook user who owns the Facebook wall is the resource owner.
Resource server: This is the place which hosts protected resources. In the preceding scenario, the server that hosts the Facebook API is the resource server, where Facebook API is the resource.
Client: This is the application which wants to access a resource on behalf of the resource owner. In the preceding use case, the third-party web application is the client.
Authorization server: This is the entity which acts as a security token service to issue OAuth 2.0 access tokens to client applications. In the preceding use case, Facebook itself acts as the authorization server.

Step 1

https://authz.example.com/oauth2/authorize?
                   response_type=code&
                   client_id=0rhQErXIX49svVYoXJGt0DWBuFca&
                   redirect_uri=https%3A%2F%2Fmycallback

Step 5

https://callback.example.com/?code=9142d4cad58c66d0a5edfad8952192

Sunday, 11 December 2016

Communicating with Other Fragments through Inner Interface

https://developer.android.com/training/basics/fragments/communicating.html

Define an Inner Interface

public class HeadlinesFragment extends ListFragment {
    OnHeadlineSelectedListener mCallback;

    // Container Activity must implement this interface
    public interface OnHeadlineSelectedListener {
        public void onArticleSelected(int position);
    }

    @Override
    public void onAttach(Activity activity) {
        super.onAttach(activity);

        // This makes sure that the container activity has implemented
        // the callback interface. If not, it throws an exception
        try {
            mCallback = (OnHeadlineSelectedListener) activity;
        } catch (ClassCastException e) {
            throw new ClassCastException(activity.toString()
                    + " must implement OnHeadlineSelectedListener");
        }
    }

    ...
}

The following method in the fragment is called when the user clicks on a list item.

The fragment uses the callback interface to deliver the event to the parent activity.

 @Override
    public void onListItemClick(ListView l, View v, int position, long id) {
        // Send the event to the host activity
        mCallback.onArticleSelected(position);
    }

Implement the Interface

In order to receive event callbacks from the fragment, the activity that hosts it must implement the interface defined in the fragment class.

public static class MainActivity extends Activity
        implements HeadlinesFragment.OnHeadlineSelectedListener{
    ...

    public void onArticleSelected(int position) {
        // The user selected the headline of an article from the HeadlinesFragment
        // Do something here to display that article
    }

Deliver a Message to a Fragment

The host activity can deliver messages to a fragment by capturing the Fragment instance with findFragmentById(), then directly call the fragment's public methods.

public static class MainActivity extends Activity
        implements HeadlinesFragment.OnHeadlineSelectedListener{
    ...

    public void onArticleSelected(int position) {
        // The user selected the headline of an article from the HeadlinesFragment
        // Do something here to display that article

        ArticleFragment articleFrag = (ArticleFragment)
                getSupportFragmentManager().findFragmentById(R.id.article_fragment);

        if (articleFrag != null) {
            // If article frag is available, we're in two-pane layout...

            // Call a method in the ArticleFragment to update its content
            articleFrag.updateArticleView(position);
        } else {
            // Otherwise, we're in the one-pane layout and must swap frags...

            // Create fragment and give it an argument for the selected article
            ArticleFragment newFragment = new ArticleFragment();
            Bundle args = new Bundle();
            args.putInt(ArticleFragment.ARG_POSITION, position);
            newFragment.setArguments(args);

            FragmentTransaction transaction = getSupportFragmentManager().beginTransaction();

            // Replace whatever is in the fragment_container view with this fragment,
            // and add the transaction to the back stack so the user can navigate back
            transaction.replace(R.id.fragment_container, newFragment);
            transaction.addToBackStack(null);

            // Commit the transaction
            transaction.commit();
        }
    }
}

Monday, 12 January 2015

General Assignment and Declaration

[bob in ~] VARIABLE=12

[bob in ~] echo $VARIABLE
12

[bob in ~] VARIABLE=string

[bob in ~] echo $VARIABLE
string

Using a declare statement, we can limit the value assign to variables.

[bob in ~] declare -i VARIABLE=12

[bob in ~] VARIABLE=string

[bob in ~] echo $VARIABLE
0

[bob in ~] declare -p VARIABLE
declare -i VARIABLE="0"

Constant

[bob in ~] readonly TUX=penguinpower

[bob in ~] TUX=Mickeysoft
bash: TUX: readonly variable

Array Variables

Access the Values of the Array

bob in ~] ARRAY=(one two three)

[bob in ~] echo ${ARRAY[*]}
one two three

[bob in ~] echo $ARRAY[*]
one[*]

[bob in ~] echo ${ARRAY[2]}
three

[bob in ~] ARRAY[3]=four

[bob in ~] echo ${ARRAY[*]}
one two three four

[bob in ~] echo ${ARRAY[@]}
one two three four

Deleting Array

[bob in ~] unset ARRAY[1]

[bob in ~] echo ${ARRAY[*]}
one three four

[bob in ~] unset ARRAY

[bob in ~] echo ${ARRAY[*]}
<--no output-->

Length of Array

[root@localhost ~]# ary1=(a b c d)
[root@localhost ~]# echo ${#ary1[@]}
4
[root@localhost ~]# ary1[4]=e
[root@localhost ~]# echo ${ary1[@]}
a b c d e
[root@localhost ~]# echo ${#ary1[@]}
5

Looping through the Array

Put the content of a file in an array

a=( $( cat /tmp/ReqUrl.txt ) );
for i in ${a[@]};
do
echo ${i}
done

Loop the array item by item in a for loop

for (( k = 0 ;k < ${#a1[@]} ; k++ ))
do
echo ${a1[$k]} ${a2[$k]} `timediff ${a1[$k]} ${a2[$k]}`
done

Loop until we find an empty string

count=0
while [ "x${wholist[count]}" != "x" ]
do
   count=$(( $count + 1 ))
done

Bash Variable Expansion

Shell Parameter and Variable Expansion

The "$" character introduces parameter expansion, command substitution, or arithmetic expansion.

e.g
[root@localhost ~]# echo $SHELL
/bin/bash
[root@localhost ~]# echo ${SHELL}
/bin/bash

The basic form of parameter expansion is "${PARAMETER}". The value of "PARAMETER" is substituted. The braces are required when "PARAMETER" is a positional parameter with more than one digit, or when "PARAMETER" is followed by a character that is not to be interpreted as part of its name.

Length of Variable

[root@localhost ~]# echo $SHELL
/bin/bash
[root@localhost ~]# echo ${#SHELL}
9
[root@localhost ~]# declare -i a=123
[root@localhost ~]# declare -p a
declare -i a="123"
[root@localhost ~]# echo ${#a}
3

Indirect Expansion

If the first character of "PARAMETER" is an exclamation point, Bash uses the value of the variable formed from the rest of "PARAMETER" as the name of the variable; this variable is then expanded and that value is used in the rest of the substitution, rather than the value of "PARAMETER" itself. This is known as indirect expansion.

[root@localhost ~]# echo ${!SH*}
SHELL SHELLOPTS SHLVL

Command Substitution

$(COMMAND) or `COMMAND`

[root@localhost ~]# date
Thu Jan 8 17:01:43 PST 2015
[root@localhost ~]# echo date
date
[root@localhost ~]# echo `date`
Thu Jan 8 17:01:51 PST 2015
[root@localhost ~]# echo This is the date: `date`
This is the date: Thu Jan 8 17:01:56 PST 2015

Arithmetic Expansion

BASH only supports interger arithmetic
[root@localhost ~]# product=$((3.6*4.9))
-bash: 3.6*4.9: syntax error: invalid arithmetic operator (error token is ".6*4.9")
Interpret as command expansion
[root@localhost ~]# product=$("36*49")
-bash: 36*49: command not found
[root@localhost ~]# product=$(36*49)
-bash: 36*49: command not found
[root@localhost ~]# product=$((36*49))
[root@localhost ~]# echo $product
1764

[root@localhost ~]# expr 4 + 5
9
[root@localhost ~]# a=$(expr 4 + 5)
[root@localhost ~]# echo $a
9

Arithmetic for decimal number

- bc
[root@localhost ~]# echo "scale=100;3.222553*8.77777" | bc
28.28682904681
[root@localhost ~]# echo "3.222553*8.77777" | bc
28.286829
[root@localhost ~]# echo "scale=2;3/8" | bc
.37
[root@localhost ~]# echo "scale=5;3/8" | bc
.37500
[root@localhost ~]# echo "scale=1;3/8" | bc
.3
[root@localhost ~]# echo "scale=2;3/8" | bc
.37
[root@localhost ~]# echo "3/8" | bc
0

Tuesday, 26 August 2014

Tomcat SSL requirement from client

    <Connector port="443"
               keystoreFile="/root/certificates/keystore.store"
               keystorePass="<keystorePass>"
               SSLEnabled="true"
               maxThreads="150"
               scheme="https"
               secure="true"
               connectionTimeout="2000"
               clientAuth="true"
               sslProtocol="TLS"
               address="172.16.95.162"
               restrictedUserAgents="^.*MS Web Services Client Protocol.*$"/>

clientAuth - Set to true if you want the SSL stack to require a valid certificate chain from the client before accepting a connection. Set to want if you want the SSL stack to request a client Certificate, but not fail if one isn't presented. A false value (which is the default) will not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication.

Monday, 23 June 2014

Rebuild initrd in Redhat Linux

Reference (Rebuild initrd and boot sequence): http://advancelinux.blogspot.ca/2013/06/how-to-rebuild-initrd-or-initramfs-in.html

What is initrd?

The initial RAM disk (initrd) is an initial root file system that is mounted prior to when the real root file system is available. The initrd is bound to the kernel and loaded as part of the kernel boot procedure.

When do we need to rebuild initrd?

If adding new hardware to a system that may be used very early in the boot process.
If changing configuration files that may be used very early in the boot process
If changing the options on a kernel module.

How to rebuild initrd?

mkinitrd -f -v /boot/initrd-$(uname -r).img $(uname -r)

mkinitrd -f -v /boot/initrd-2.6.18-164.el5.img 2.6.18-164.el5

Kernel and initrd path in grub.conf

[root@localhost grub]# pwd
/boot/grub
[root@localhost grub]# cat grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux Server (2.6.18-348.el5)
        root (hd0,0)
        kernel /vmlinuz-2.6.18-348.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet crashkernel=128M@16M
        initrd /initrd-2.6.18-348.el5.img

Wednesday, 11 June 2014

Mysql admin

Running mysql commands stored in a file without headers (Batch mode):

mysql --skip-column-names -h10.10.1.50 -u<username> -p < batch_file.txt

Execute mysql in one line,
mysql -u<user> -p -e "show processlist"

"show proceslist" shows you which threads are running. This statement is very useful if you get the “too many connections” error message and want to find out what is going on.

mysql> show FULL processlist;
+-------+----------+---------------------+--------+---------+------+-------+-----------------------+
| Id    | User     | Host                | db     | Command | Time | State | Info                  |
+-------+----------+---------------------+--------+---------+------+-------+-----------------------+
| 20484 | User1 | localhost           | NULL   | Sleep   | 1381 |       | NULL                  |
| 20485 | User1 | 172.16.95.15:49580 | portal | Sleep   | 3056 |       | NULL                  |

mysql> show FULL processlist\G
*************************** 1. row ***************************
     Id: 20484
   User: user1
   Host: localhost
     db: NULL
Command: Sleep
   Time: 1414
State:
   Info: NULL
*************************** 2. row ***************************
     Id: 20485
   User: user1
   Host: 172.16.95.15:49580
     db: portal
Command: Sleep
   Time: 3089
State:
   Info: NULL

Pages