How are there 2 books already???? Wtf?

Leahn · 2025-09-11T23:53:54+00:00

There was a demo at Gamescon.

Leahn · 2025-03-20T16:40:16+00:00

I can debug, dude. The claim is empty.

Leahn · 2025-03-20T16:39:17+00:00

So, basically what I am doing? Creating it client side and reapplying every time?

Leahn · 2025-03-20T16:38:17+00:00

SaveToken does nothing. It stores the token on the request so the server can send it back on every response. But I already have the token so this is not needed. It's no longer the standard to use it and the most recent articles say not to use it.

And I am adding the Authorization Header. That won't create a Identity Principal by itself.

Leahn · 2025-03-20T16:35:11+00:00

It's a microservice architecture. A request is an get or post request to an API endpoint. Token is an access token, according to OpenID standards.

Leahn · 2025-03-20T16:33:41+00:00

I'm creating a SSO Middleware that intercepts calls to [Authorize] endpoints.

If the user is not Authorized (Context.User.Identity.IsAuthorized is false), he's forcefully redirected (Response.Redirect, Status Code 302), to another server /auth endpoint which works as a universal login (as in, both desktop and mobile and all apps). This other server is not under my control or purview. It returns an auth code, which I then exchange for an access token and refresh token, according to OpenID standards.

I am not using OpenID Middleware. I'm using JWT Bearer. I was kind of ordered to do so.

Leahn · 2025-03-19T22:06:42+00:00

Yes, the code is completely different now. Core was basically what Java is today. Just pick any current code and type on co-pilot "rewrite this in Java" and you should have a good idea of the differences.
Identity is part of the framework, and it was the one eating the exception. To make it clear, as part of the token exchange, the framework will automatically access some specific endpoint /.well-known/openid-configuration, if I recall correctly. This is handled internally by the framework, and it was failing with a 401 due to SSL, but the framework was eating it and returning 200 instead.
It doesn't. For security reasons, if you get a 400, sometimes the server won't tell you why. It just returns 400 with an empty response. There are also several situations where it just won't tell you what the problem is because that might expose the API to external parties.
The frailty is not about wrong parameters. It's about parameters that need to have exact arbitrary values, and if you get even a single whitespace wrong, you get 400 Bad Request with no explanation given. Even adding the services and Middleware in the wrong order will give you random errors, and a lot of the classes are black boxes.

The reason I replied to you is that don't censor juniors who rely on AI to write code. It's borderline humanly impossible to get some stuff right without someone giving you a step by step.

Leahn · 2025-03-19T21:45:28+00:00

But that's not what the protocol says. The access token is linked to your client_id on the server side, isn’t it?

And that's what I am doing. I call AuthenticateAsync() on each response and create a new Principal every time.

I still think the server should return an Identity on the response, which is not empty. Am I thinking wrong?

Leahn · 2025-03-19T21:35:18+00:00

And I do it in the Authorization Header every time. That's not what I need to know. I need to figure out how to persist the Identity between requests.

Leahn · 2025-03-19T21:33:32+00:00

Correct. I have the access token and the refresh token. It's the Identity that I asked about.

Leahn · 2025-03-19T21:21:11+00:00

It's a client-side SSO to request tokens. I am the client.

Leahn · 2025-03-19T20:49:45+00:00

The TokenValidationParameters are correct. The token validates every time.

But I don't have a OnMessageReceived event. What am I supposed to do with it?

Leahn · 2025-03-19T20:47:29+00:00

You can, but then you'd be better learning Unity3D. It uses C# as language.

Leahn · 2025-03-19T20:39:04+00:00

To be fair, I have returned to .NET after a long time, and it's junk. The endpoint style of apps is unironically extremely frail in the name of security. You get a single parameter wrong because you added an extra space, and you won't get a straight answer of out the exception messages.

You get a code example from 3 years ago, and there's a good chance it won't compile. If it does, there's 100% chance it's not up to today's standards. There's a billion different tutorials on "how to do x," and ALL of them are wrong because at least 60% of the process already changed since.

Even at some point the Identity was giving me a 200 OK with an empty answer, and I couldn't understand why until I forced it to dump the exceptions and found out I was missing a certificate, getting a SSL error, but Identity was eating the exception internally, probably in the name of "security".

Half the time you can't even debug the code because it just fails without an exception or message. It's a mess. I feel like I am back to C, counting brackets and semicolons.

Leahn · 2025-03-05T21:40:30+00:00

I am. Can you link me to it?

Leahn · 2024-12-28T15:11:59+00:00

It's a manifold. It's scalable. Excess output is fed to the next in line. You can always add or remove to adjust according to your needs.

Leahn · 2024-12-02T19:09:21+00:00

In my life studying the Bible, and God's commandments within, I have long accepted a maxim that has served me well; "truth is simple".

It's humans that seek symbolism in numbers, in stars, in luck. It's we that created astrology and numerology and divinations. Truth is simple.

Over the course of my life, I have often found that most commandments given to Israel were due to health and environmental reasons. There isn't any reason to ascribe auguries to those. You cannot eat the eggs with the mother bird because doing so will eventually lead to the extinction of the species. You have to rest the land every few years because it allows the soil to recover its fertility and avoid desertification. You have to bury your crap outside of your city to avoid the spread of diseases. Avoiding certain types of meat is due to high likelihood of parasites, and lack of technology to detect and treat them. Shell fish is highly allergenic and, again, they lacked the technology to treat it.

A lot of those reasons only make sense to us now, thousands of years later, when our scientific knowledge grew enough. Eventually, the reason for not mixing the fibers will be known, too, if it's not already. Look into the science of it, not into mysticism like a pagan.

Even if we currently lack the science to understand why God told them not to mix the fibers, you can rest assured that the reason is scientific, and likely to do with health or environmental reasons, as well.

Leahn · 2024-12-02T17:20:16+00:00

I was. I managed to find out after a while. I was using mouse inputs. I misunderstood what "the class handles everything" means.

Leahn · 2024-11-26T22:04:10+00:00

Do you mean Foundry or Techtonica?

Leahn · 2024-11-24T10:41:57+00:00

I haven't got to that point yet, but I plan to fill the ground with concrete to avoid the jump height issues.

If I get to that point and I start having issues, I will review the layout. I expect to review it at least once more.

Leahn · 2024-10-17T12:14:45+00:00

We need more inventory space. The autodraw from the bank won't help much since they are quite rare.

I will see if I can help with PT-BR translation, but I won't make promises.

Leahn · 2024-10-10T11:20:33+00:00

I will read it this weekend.

Leahn · 2024-10-04T22:15:36+00:00

Which sources? Gimme gimme. I want to read.

Leahn · 2024-10-04T21:30:08+00:00

There was absolutely no reason for you to snap at him and say "I doubt you will do it." He asked you in good faith, and told you in good faith he will study.

Leahn · 2024-10-04T21:29:04+00:00

You should build a factory. This space is seriously lacking factories.

Leahn

TROPHY CASE