hops | An extension for Google Chrome to browse through the code

I have a master slave setup with 1 master and 2 slaves. When I kill the master, one of the slave tries to become master but fails with following exception:

I have a below dataframe:

When I want to compute the shortest path through a timedelta-weighted graph in networkx like the following

I have a few concerns with an OpenId Connect strategy that I would like to use and have been unable to find specifics on what the security concerns may be and any glaring issues with it I am overlooking.

Currently, I have an OpenId Connect implementation using Openiddict with Authorization Code flow. For the client, I have a React-Native app using react-native-app-auth.

I see from other questions on SO and from issues posted on the Openiddict repo that the recommended approach to third-party providers (e.g. Google) is: Client -> Auth server -> Google Auth -> Auth server -> Client/Auth server code and token exchange

However, it seems that a better approach from a UX standpoint (when using a SPA or native app) would be to implement something similar to GoogleSignIn on the client and either handle the identity on the server using an IdToken or authorization code from Google. This introduces an issue as the flow previously recommended could not be used as the entire initial challenge and redirect from Auth server to Google Auth has been skipped.

I have seen that this issue is mitigated by not using the authorization code grant and instead implementing a custom assertion grant. This seems to be an alright approach but would require exposing a custom grant and handling the flow differently on the client and server for local and third-party logins.

My proposed solution continues to use the authorization code flow and instead of adding a custom grant type the client could just pass a third-party identifier "Google" and the token or authorization code in the additional parameters of the OIDC authorize request. The authorize endpoint could then detect the provider and token, perform token validation, create a user or principal from it, and create an authorization code to send back to the client for the code/token exchange. This flow would look like the following:

1. Get the id token from the provider Client -> GoogleSignIn -> Client

2. Pass token to auth server and initiate code / token exchange Client -> Auth Server -> Auth server Verify Google IdToken (JWKS, issuer, audience, provider specific validation, etc...) or exchange auth code -> Auth server -> Client/Auth server code and token exchange

One downside to this approach would be the additional hops to verify the token on the server side. If the token was returned from GoogleSignIn, they themselves said that it could be trusted. https://developers.google.com/identity/protocols/oauth2/openid-connect#obtainuserinfo

I see that it is generally recommended to place the auth server between the client and the third-party but in this process the server is still between the client and auth server but only after the initial exchange from the client and third-party.

Questions,

1. In general am I missing something with this flow?

2. In this case would it be necessary to verify the token on the server side?

3. Is there some better way to approach this that I have completely overlooked?

4. Am I making this too complicated and UX should not be this much of a concern?

5. Instead of adding the provider and token to the additional parameters would it make more sense to pass it in the body of a post request? I don't see the issue with passing it via query string but that's also part of the reasoning for the authorization code grant from my understanding.

Apologies in advance for anything I have missed or omitted for brevity that should have been included.

Thanks.

I have a simplified react native app here that makes a network call and sets a flag when it loads. There is a button onPress handler which calls another method doSomething, both methods which are in a useCallback and the dependency arrays are correct as per the exhaustive-deps plugin in vscode.

When the app loads I can see the isInitialized flag is set to true, however pressing the button afterwards shows the flag is still false in the doSomething method. It seems like the useCallback methods are not being regenerated according to their dependency arrays in this situation.

Are there any performance tradeoffs when conducting a Firestore write operation through a call to a cloud function that performs writes via the admin SDK versus directly performing that write through the Firestore client SDK (assuming the cloud function runs in the same region as the Firestore instance and no cold starts)?

To add some more details: In https://stackoverflow.com/a/52175817/7446235 it is mentioned that reads through cloud functions are less performant than direct calls because of the "two hops".

However, also direct calls first have to pass the security rules - so isn't that an extra "hop" as well?

PS Unfortunately I don't have enough rep to comment so I have to ask this question here.

I have a JS object array as :

I am unable to connect to my webserver on port 80 when not in localhost, on a debian 9 with nginx 1.14.2. I curl the IPv6 address with

I have a simple container created by:

docker run -it --rm -d -p 8080:80 --name web nginx

This is on my laptop at home. I am connected to our corporate VPN. The resource I need my container to access is over the VPN. My initial thought was that this shouldn’t be an issue. When the traffic leaves my container it will just use my laptops routing and figure out where to go–that seems to not be the case. I am running wsl2 containers, I add traceroute to my container and when I to a traceroute I see: