Showing posts from March, 2015

Google Login Tutorial - Part 5

In previous part of Google Login Tutorial we have discussed step 4 Authenticating User . Now in this part we are going to discuss step 5 and step 6. Note that this is the last part of tutorial. Step 5 : Obtaining user information from ID Token: An ID Token is a JWT (JSON Web Token), that is, a cryptographically signed Base64-encoded JSON object. Normally, it is critical that you validate an ID token before you use it, but since we are communicating directly with Google over an intermediary-free HTTPS channel and using your client secret to authenticate yourself to Google, we can be confident that the token you receive really comes from Google and is valid. If our server passes the ID token to other components of your app, it is extremely important that the other components validate the token before using it. An ID token’s payload : An ID token is a JSON object containing a set of name/value pairs. Here’s an example, formatted for readability: {"iss":"

Google Login Tutorial - Part 4

In part 3 of Google Login Tutorials we have discussed step three in implementing Google login process. Now in this part we will be discussing step four of implementing Google login process with OAuth 2.0 Step 4: Authenticating User This is the main and most important step in our overall discussion. Authenticating the user involves obtaining a onetime authorization code from Google Servers and then an ID token and validating it.

Google Login Tutorial - Part 3

In part 2 of Google Login Tutorial we had discussed first two steps, now we will be moving forward and discussing Third Step. Step 3: Setting up Consent Screen: Consent screen is nothing but a view which user will see once he entered correct username and password. If user is already logged on Google then he will be directly redirected to this screen. Consent Screen contains information that the user is releasing and the terms that apply.

Google Login Tutorial - Part 2

In previous part of Google Login Tutorials we had just discussed to general idea about how Google Login with OpenID Connect (OAuth 2.0) works. As we mentioned earlier we gone see the whole process step by step,  so from here we begin. There are six main steps involved in implementing this whole Google Login process. 

How to add Google Login to your Website or WebApp ?

Hello readers 🙂 If you want to know how to add Google Login to your website or WebApp without using existing Google’s API, then this series of tutorial is for you. Hoping that you will find it useful. So let’s begin. There are two ways of adding Google Login (Authentication) to your website or web app. Using OpenID Connect (OAuth 2.0 for Login) Using Google+ Sign-In client library that is built on the OAuth 2.0 and OpenID Connect protocols.

Python code to find maximum recursion limit on a machine

Python script given here is to finds the maximum safe recursion limit on a particular platform.  If you need to change the recursion limit on your system, this script will tell you a safe upper bound.  To use the new limit, call sys.setrecursionlimit(). This python script implements several ways to create infinite recursion in Python.  Different implementations end up pushing different numbers of C stack frames, depending on how many calls through Python ‘s abstract C API occur. After each round of tests, it prints a message  “Limit of NNNN is fine”. The highest printed value of “NNNN” is therefore the highest potentially safe limit for your system (which depends on the OS, architecture and the compilation flags). As it is practically impossible to test all possible recursion paths in the interpreter , so the results of this test should not be trusted blindly, although they give a good hint of which values are reasonable. import sysimport itertoolsclass RecursiveBlowup1: def __in

Difference between IPv4 and IPv6

     On the Internet, data is transmitted in the form of network packets. IPv6 specifies a new packet format, designed to minimize packet header processing by routers. Because the headers of IPv4  and IPv6 header packets are significantly different, the two protocols are not interoperable. However, in most respects, IPv6 is a conservative extension of IPv4. Most transport and application-layer protocols need little or no change to operate over IPv6 ; Address space: The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. The address space therefore has 2128 or approximately 3.4×1038 addresses. By comparison, this amounts to approximately 4.8×1028 addresses for each of the seven billion people alive in 2011. In addition, the IPv4 address space is poorly allocated, with approximately 14% of all available addresses utilized. While these numbers are large, it wasn’t the intent of the designers of the IPv6 ad

Security issues with IPv6

Deployment of a new generation of Internet protocols is on its way. It is a process that may take several years to complete. In the meantime, the deployment raises considerable new issues, being security one of the most compelling. From a security point of view, the new IPv6 protocol stack represents a considerable advance in relation to the old IPv4 stack . However, despite its innumerable virtues, IPv6 still continues to be by far vulnerable. Dual-stack related security issues with IPv6 : Presently, the Internet continues to be mostly IPv4 based. However, it is reasonable to expect that this scenario will change soon as more and more networks are migrated to the new protocol stack. Unfortunately, migrating millions of networks is going to take quite some time. In the meantime, some form of 6 to 4 dual-stack will supply the desired functionality. Without a doubt, IPv6-IPv4 dual stacks increase the potential for security vulnerabilities—as a consequence of having two infrastructure

Python script to print files statistics

import osimport sysclass Stats: def __init__(self): self.stats = {} def statargs(self, args): for arg in args: if os.path.isdir(arg): self.statdir(arg) elif os.path.isfile(arg): self.statfile(arg) else: sys.stderr.write("Can't find %s\n" % arg) self.addstats("<???>", "unknown", 1) def statdir(self, dir): self.addstats("<dir>", "dirs", 1) try: names = os.listdir(dir) except os.error, err: sys.stderr.write("Can't list %s: %s\n" % (dir, err)) self.addstats("<dir>", "unlistable", 1) return names.sort() for name in names: if name.startswith(".#"): continue # Skip CVS temp files if name.endswith("~"): continue# Skip Emacs bac