Aaron Parecki

Contributions from: Egypt, Kuwait, Norway, Serbia, United Kingdom, United States

Fri, Aug 12, 2022 1:28pm -07:00
Throwback to the OAuth WG dinner at #IETF114 in Philadelphia!

Tag yourself if I missed you!

@vibronet @timcappalli @__b_c @PieterKasselman @hpsin_ @selfissued @rifaat_sy and @kristinayasuda even tho she arrived just after this photo

Portland, Oregon, USA • 73°F

12 likes

Fri, Aug 12, 2022 12:12pm -07:00 #ietf #oauth #ietf114
It was so great hanging out with my @OktaDev coworkers at @KC_DC this week! We fight for the users!

@quorralyne @alisaduncan @briandemers @qedunham @melissatherms

Portland, Oregon, USA • 71°F

15 likes 2 reposts

Fri, Aug 12, 2022 11:43am -07:00 #kcdc #oktadev
Contributions from: Egypt, Kuwait, Norway, Serbia, United Kingdom, United States

Fri, Aug 12, 2022 7:46am -07:00
Sakun https://twitter.com/sakofchit

so i made a lil #CSS library that allows you to implement a classic monochrome MacOS interface.

calling it System.css, as it's based on Apple’s Monochrome System OS that ran from 1984-1991.

🔗 https://github.com/sakofchit/system.css

Portland, Oregon • 58°F

Thu, Aug 11, 2022 3:27pm +00:00 (liked on Fri, Aug 12, 2022 6:55am -07:00) #CSS
Contributions from: Egypt, Germany, Kuwait, Norway, Saudi Arabia, Serbia, United Kingdom, United States

Fri, Aug 12, 2022 6:54am -07:00
Ashley Nicole Black https://twitter.com/ashleyn1cole

Right now the CDC sounds like when we would REALLY get on our mom’s nerves and she’d be like “You know what? Do whatever you want then.” And like, for a second you think you won. But you really did not.

Portland, Oregon • 58°F

Thu, Aug 11, 2022 11:15pm +00:00 (liked on Fri, Aug 12, 2022 6:10am -07:00)
10:41pm
Asleep

6:05am
Awake

7h 24m
Slept

25m
Awake for

Portland, Oregon, USA • 63°F

Fri, Aug 12, 2022 6:05am -07:00
170.9lbs
Weight

22.8%
Body Fat

Portland, Oregon • 61°F

Fri, Aug 12, 2022 5:27am -07:00
manton https://micro.blog/manton • Aug 11
@aaronpk Enjoy Austin! ☕️ I'm in California this week... Hope the weather isn't too ridiculously hot in Texas while you're there.

Thanks! It was okay in the morning but gosh does it get hot once the sun comes out!

Portland, Oregon • 81°F

Thu, Aug 11, 2022 8:03pm -07:00
Plane

1843.80mi
Distance

219:43
Duration

6:18pm
Start

7:58pm
End

Portland, Oregon • 81°F

Thu, Aug 11, 2022 7:58pm -07:00
George Fletcher https://twitter.com/gffletch • Aug 11
And of course Twitter opens the link in an in-app browser:-)

Oof yeah. At least they give you a button to pop out to the real browser easier.

Alaska Flight 1254 AUS to PDX in Mitchell, Oregon • 82°F

2 likes

Thu, Aug 11, 2022 7:37pm -07:00
Fruit and Cheese Plate

Alaska Flight 1254 AUS to PDX in Holly, Colorado • 90°F

Thu, Aug 11, 2022 7:32pm -05:00
Austin (AUS) to Portland (PDX)

August 11, 2022 from 5:35pm (-0500) to 7:45pm (-0700)

Alaska Flight 1254

Portland Intl in Portland

permalink #okta #oktadev
Ricky Mondello https://twitter.com/rmondello

Two-factor authentication doesn’t protect you in the way that many people think when the second factor is phishable.

Passkeys are phishing-resistant.

Austin, Texas • 99°F

Thu, Aug 11, 2022 4:57pm +00:00 (liked on Thu, Aug 11, 2022 5:14pm -05:00)
Dan Moore https://twitter.com/mooreds • Aug 11
So in your mind, no reason to ever use a webview/embedded browser?

Or do I misunderstand?

The only time you might be able to convince me that it's acceptable is if this account is only for one app and everything is all first party. If there's only ever one app then there's effectively no OAuth and everything (including the AS) is part of the app.

Austin, Texas • 99°F

1 like

Thu, Aug 11, 2022 5:05pm -05:00
Dan Moore https://twitter.com/mooreds • Aug 11
Agreed, as outlined here: https://datatracker.ietf.org/doc/html/rfc8252#section-8.12

However, many folks, esp when first party all the way through, are willing to accept the downsides for better UX (popping out to the system browser being a pretty horrible UX).

Hobson's browser is real:

https://infrequently.org/2021/07/hobsons-browser/

Frankly the "system browser is horrible UX" argument lost a long time ago once the OSs provided in-app browsers that share system cookies but aren't visible to the app.

Austin, Texas • 99°F

1 like 2 replies

Thu, Aug 11, 2022 4:56pm -05:00
PhotoJoseph https://twitter.com/photojoseph • Aug 11
The other side.

So when are you getting a drone to take some shots from higher up 😇

Austin, Texas • 99°F

1 like 2 replies

Thu, Aug 11, 2022 4:53pm -05:00
Faruk 🚀 ᴵᴾᴴᴼᴺᴱᴰᴼ https://twitter.com/iPhonedo • Aug 11
same hahah!!!

I still use it every day and add new venues and everything too! It's still the best source of up to date venue information anywhere, usually even beating Google!

Austin, Texas • 99°F

2 likes 1 reply

Thu, Aug 11, 2022 4:52pm -05:00
Dan Moore https://twitter.com/mooreds • Aug 11
Although if it is a first party oauth integration (where one company controls the mobile app, the APIs, and, through a legal contract the Authorization Server), this injection is less of an issue, right?

This particular issue isn't really a problem if you control the app and AS, but there are other reasons not to embed the AS page in an in-app web view.

Austin, Texas • 99°F

1 like 4 replies

Thu, Aug 11, 2022 4:44pm -05:00

older