Lessons learnt: Of Spring Boot + OAuth2 + redirect URIs

TL;DR: make sure NGINX is setup correctly (proxy_set_header) before messing around with your code. Scenario: Deploying a Spring Boot micro-service behind an NGINX reverse proxy gave us issues when using default Google OAuth2 configuration as described here , basically showing the "Redirect URI Mismatch" mentioned at the very end of the linked article Trying the solution based … Continue reading Lessons learnt: Of Spring Boot + OAuth2 + redirect URIs

Advertisements

Google Yolo and Spring Boot 2.0 Authentication

Back in 2016, Google announced the "Open Yolo" project: You Only Login Once. It originally seemed to be an Android library but during Google's last Dev Summit in October 2017, Google released "One-tap Sign-ups On Websites and API Integrations" which brings Google Yolo to your website via JavaScript goodness. There's a very easy guide that … Continue reading Google Yolo and Spring Boot 2.0 Authentication

How to create a “heatmap” graph network visualization

What we're after @CyberSiftIO we've been going through an exercise of adding "confidence levels" to our visualizations. In other words, how confident is the CyberSift engine that an alert really is an anomaly/outlier? The above screenshot shows one of the ways we visualize the output from this exercise. Each blue node is an internal PC/Server, while … Continue reading How to create a “heatmap” graph network visualization

How we built the CyberSift Attack Map

Recently we launched a small site called the "CyberSift Attack Map" hosted at http://attack-map.cybersift.io. Any one involved in the InfoSec industry will be instantly familiar with the site:   It's basically a map of attacks which either trip some rule in a signature based IPS such as SNORT, or land in a honeypot. In this article we'll list … Continue reading How we built the CyberSift Attack Map

From JQuery to ReactJS

I have previously worked with ReactJS - most notably during my Master's dissertation, however the main Javascript library I work with when working for clients and companies still remains the venerable JQuery. This is changing as more and more organizations I interact with move to more modern frameworks like Angular and ReactJS. Where to start … Continue reading From JQuery to ReactJS

Nugget Post: Pouchdb-find regex example

Here's an example of using the excellent pouchdb-find plugin's (https://github.com/nolanlawson/pouchdb-find) regex features. I couldn't really find a good example in the documentation, but looking at the source code we come up with something like this: https://gist.github.com/dvas0004/a67f1093bc323d7556ed Note that the $regex command cannot be run on an indexed field, so this will be a slow query … Continue reading Nugget Post: Pouchdb-find regex example

Got 15 minutes? Easy webRTC android app in 3 steps!

WebRTC is an exciting feature in newer browsers. It allows you to transfer any data between two peers. In conjunction with HTML5 elements like the <video> tag, it enables browser-to-browser audio and video conference calls ... with no extra plugins or help needed, it all lives in your browser. You can check out a demo here: http://www.webrtc.org/demo The … Continue reading Got 15 minutes? Easy webRTC android app in 3 steps!