You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the TechnologyThink of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.About the BookOAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides.What's InsideCovers OAuth 2 protocol and designAuthorization with OAuth 2OpenID Connect and User-Managed AccessImplementation risksJOSE, introspection, revocation, and registrationProtecting and accessing REST APIsAbout the ReaderReaders need basic programming skills and knowledge of HTTP and JSON.About the AuthorJustin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.Table of ContentsPart 1 - First stepsWhat is OAuth 2.0 and why should you care?The OAuth dance Part 2 - Building an OAuth 2 environmentBuilding a simple OAuth clientBuilding a simple OAuth protected resourceBuilding a simple OAuth authorization serverOAuth 2.0 in the real world Part 3 - OAuth 2 implementation and vulnerabilitiesCommon client vulnerabilitiesCommon protected resources vulnerabilitiesCommon authorization server vulnerabilitiesCommon OAuth token vulnerabilities Part 4 - Taking OAuth furtherOAuth tokensDynamic client registrationUser authentication with OAuth 2.0Protocols and profiles using OAuth 2.0Beyond bearer tokensSummary and conclusions

    Authors Drew Conway and John Myles White help you understand machine learning and statistics tools through a series of hands-on case studies, instead of a traditional math-heavy presentation.Each chapter focuses on a specific problem in machine learning, such as classification, prediction, optimization, and recommendation. Using the R programming language, you'll learn how to analyze sample datasets and write simple machine learning algorithms. "Machine Learning for Hackers" is ideal for programmers from any background, including business, government, and academic research.Develop a naive Bayesian classifier to determine if an email is spam, based only on its textUse linear regression to predict the number of page views for the top 1,000 websitesLearn optimization techniques by attempting to break a simple letter cipherCompare and contrast U.S. Senators statistically, based on their voting recordsBuild a "whom to follow" recommendation system from Twitter data

    Instead of hard-coding dependencies, such as specifying a database driver, you inject a list of services that a component may need. The services are then connected by a third party. This technique enables you to better manage future changes and other complexity in your software.About this BookDependency Injection in .NET introduces DI and provides a practical guide for applying it in .NET applications. The book presents the core patterns in plain C#, so you'll fully understand how DI works. Then you'll learn to integrate DI with standard Microsoft technologies like ASP.NET MVC, and to use DI frameworks like StructureMap, Castle Windsor, and Unity. By the end of the book, you'll be comfortable applying this powerful technique in your everyday .NET development.This book is written for C# developers. No previous experience with DI or DI frameworks is required. Purchase of the print book comes with an offer of a free PDF, ePub, and Kindle eBook from Manning. Also available is all code from the book. Winner of 2013 Jolt Awards: The Best Books—one of five notable books every serious programmer should read.What's InsideMany C#-based examplesA catalog of DI patterns and anti-patternsUsing both Microsoft and open source DI frameworksTabel of ContentsPART 1 PUTTING DEPENDENCY INJECTION ON THE MAPA Dependency Injection tasting menuA comprehensive exampleDI ContainersPART 2 DI CATALOGDI patternsDI anti-patternsDI refactoringsPART 3 DIY DIObject CompositionObject LifetimeInterceptionPART 4 DI CONTAINERSCastle WindsorStructureMapSpring.NETAutofacUnityMEF

    This book isn't about that - it's about everything else. As such, there's very little code inside, meaning everyone from PHP hackers to hardcore embedded C programmers will get a lot out of it.This book covers 10 topics crucial to being an amazing developer:Focus on Delivering ResultsFix Bugs Efficiently and CleanlyAdd Features with EaseDeal With Technical Debt and SlopPlay Well With OthersMake Technical DecisionsBootstrap a Greenfield SystemLearn to WriteInterview Potential Co-WorkersLead a Team

    Savvy Java developers know that not all testing is created equal. In addition to traditional functional testing, many shops are adopting developer testing techniques such as unit testing. Specific, automated tests are created to verify the accuracy and function of code while or even before it's written - to catch bugs early.Unit Testing in Java teaches how to write good tests that are concise and to the point, useful, and maintainable. This book focuses on tools and practices specific to Java. It introduces emerging techniques like specification by example and behavior-driven development, and shows how to add robust practices into developers' toolkits.Table of ContentsI. FOUNDATIONS1. The promise of good tests2. In search of good3. Test doublesII. CATALOG4. Readability5. Maintainability6. TrustworthinessIII. DIVERSIONS7. Testable design8. Writing tests in other JVM languages9. Speeding up test executionsAppendix A: JUnit primerAppendix B: Extending JUnitIndex

    Fueled by significant benefits and an impressive portfolio of real-world applications already in production, Rails is destined to continue making significant inroads in coming years.Each new Rails application showing up on the web adds yet more to the collective wisdom of the Rails development community. Yesterday's best practices yield to today's latest and greatest techniques, as the state of the art is continually refined in kitchens all across the Internet. Indeed, these are times of great progress.At the same time, it's easy to get left behind in the wake of progress. Advanced Rails Recipes keeps you on the cutting edge of Rails development and, more importantly, continues to turn this fast-paced framework to your advantage.Advanced Rails Recipes is filled with pragmatic recipes you'll use on every Rails project. And by taking the code in these recipes and slipping it into your application you'll not only deliver your application quicker, you'll do so with the confidence that it's done right.The book includes contributions from Aaron Batalion, Adam Keys, Adam Wiggins, Andre Lewis, Andrew Kappen, Benjamin Curtis, Ben Smith, Chris Bernard, Chris Haupt, Chris Wanstrath, Cody Fauser, Dan Benjamin, Dan Manges, Daniel Fischer, David Bock, David Chelimsky, David Heinemeier Hansson, Erik Hatcher, Ezra Zygmuntowicz, Geoffrey Grosenbach, Giles Bowkett, Greg Hansen, Gregg Pollack, Hemant Kumar, Hugh Bien, Jamie Orchard-Hays, Jamis Buck, Jared Haworth, Jarkko Laine, Jason LaPier, Jay Fields, John Dewey, Jonathan Dahl, Josep Blanquer, Josh Stephenson, Josh Susser, Kevin Clark, Luke Francl, Mark Bates, Marty Haught, Matthew Bass, Michael Slater, Mike Clark, Mike Hagedorn, Mike Mangino, Mike Naberezny, Mike Subelsky, Nathaniel Talbott, PJ Hyett, Patrick Reagan, Peter Marklund, Pierre-Alexandre Meyer, Rick Olson, Ryan Bates, Scott Barron, Tony Primerano, Val Aleksenko, and Warren Konkel.

    Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief." Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.

    However, data structures for these languages do not always translate well to functional languages such as Standard ML, Haskell, or Scheme. This book describes data structures from the point of view of functional languages, with examples, and presents design techniques that allow programmers to develop their own functional data structures. The author includes both classical data structures, such as red-black trees and binomial queues, and a host of new data structures developed exclusively for functional languages. All source code is given in Standard ML and Haskell, and most of the programs are easily adaptable to other functional languages. This handy reference for professional programmers working with functional languages can also be used as a tutorial or for self-study.

    The books also provides a companion web site that provides the toold and materials necessary to build the hardware and software.

    Over the past five years, authors Dustin Boswell and Trevor Foucher have analyzed hundreds of examples of "bad code" (much of it their own) to determine why they’re bad and how they could be improved. Their conclusion? You need to write code that minimizes the time it would take someone else to understand it—even if that someone else is you.This book focuses on basic principles and practical techniques you can apply every time you write code. Using easy-to-digest code examples from different languages, each chapter dives into a different aspect of coding, and demonstrates how you can make your code easy to understand.Simplify naming, commenting, and formatting with tips that apply to every line of codeRefine your program’s loops, logic, and variables to reduce complexity and confusionAttack problems at the function level, such as reorganizing blocks of code to do one task at a timeWrite effective test code that is thorough and concise—as well as readable"Being aware of how the code you create affects those who look at it later is an important part of developing software. The authors did a great job in taking you through the different aspects of this challenge, explaining the details with instructive examples." —Michael Hunger, passionate Software Developer

    Ready to take JavaScript beyond the browser, explore dynamic languages features and embrace evented programming? Explore the fun, growing repository of Node modules provided by npm. Work with multiple protocols, load-balanced RESTful web services, express, 0MQ, Redis, CouchDB, and more. Develop production-grade Node applications fast. JavaScript is the backbone of the modern web, powering nearly every web app's user interface. Node.js is JavaScript for the server. This book shows you how to develop small, fast, low-profile, useful, networked applications. You'll write asynchronous, non-blocking code using Node's style and patterns. You'll cluster and load balance your services with Node core features and third-party tools. You'll work with many protocols, creating RESTful web services, TCP socket clients and servers, and more. This short book packs a hefty dose of Node.js. You'll test your code's functionality and performance under load. You'll learn important aspects of Node development--from its architecture and core, to its ecosystem of third-party modules. You'll discover how Node pairs a server-side event loop with a JavaScript runtime to produce screaming fast, non-blocking concurrency. Through a series of practical programming domains, you'll use the latest available ECMAScript Harmony features and harness key Node classes such as EventEmitter and Stream. Throughout the book, you'll develop real programs that are small, fast, low-profile, and useful. Get ready to join a smart community that's rapidly advancing the state of the art in web development.What You Need: Latest stable release of Node.js, this book was written with 0.12.x in mind. The 0MQ (ZeroMQ) library, version 3.2 or higher.

    The most common operation done with sed is substitution, replacing one block of text with another. awk is a complete programming language. Unlike many conventional languages, awk is "data driven" -- you specify what kind of data you are interested in and the operations to be performed when that data is found. awk does many things for you, including automatically opening and closing data files, reading records, breaking the records up into fields, and counting the records. While awk provides the features of most conventional programming languages, it also includes some unconventional features, such as extended regular expression matching and associative arrays. sed & awk describes both programs in detail and includes a chapter of example sed and awk scripts. This edition covers features of sed and awk that are mandated by the POSIX standard. This most notably affects awk, where POSIX standardized a new variable, CONVFMT, and new functions, toupper() and tolower(). The CONVFMT variable specifies the conversion format to use when converting numbers to strings (awk used to use OFMT for this purpose). The toupper() and tolower() functions each take a (presumably mixed case) string argument and return a new version of the string with all letters translated to the corresponding case. In addition, this edition covers GNU sed, newly available since the first edition. It also updates the first edition coverage of Bell Labs nawk and GNU awk (gawk), covers mawk, an additional freely available implementation of awk, and briefly discusses three commercial versions of awk, MKS awk, Thompson Automation awk (tawk), and Videosoft (VSAwk).

    If you're new to Elixir, its functional style can seem difficult, but with help from this hands-on introduction, you'll scale the learning curve and discover how enjoyable, powerful, and fun this language can be. Elixir combines the robust functional programming of Erlang with an approach that looks more like Ruby and reaches toward metaprogramming with powerful macro features.Authors Simon St. Laurent and J. David Eisenberg show you how to write simple Elixir programs by teaching you one skill at a time. You’ll learn about pattern matching, recursion, message passing, process-oriented programming, and establishing pathways for data rather than telling it where to go. By the end of your journey, you’ll understand why Elixir is ideal for concurrency and resilience.* Get comfortable with IEx, Elixir's command line interface* Become familiar with Elixir’s basic structures by working with numbers* Discover atoms, pattern matching, and guards: the foundations of your program structure* Delve into the heart of Elixir processing with recursion, strings, lists, and higher-order functions* Create processes, send messages among them, and apply pattern matching to incoming messages* Store and manipulate structured data with Erlang Term * Storage (ETS) and the Mnesia database* Build resilient applications with the Open Telecom Platform (OTP)* Define macros with Elixir's meta-programming tools.

    Russ Olsen has done a great job of selecting classic patterns and augmenting these with newer patterns that have special relevance for Ruby. He clearly explains each idea, making a wealth of experience available to Ruby developers for their own daily work."--Steve Metsker, Managing Consultant with Dominion Digital, Inc."This book provides a great demonstration of the key 'Gang of Four' design patterns without resorting to overly technical explanations. Written in a precise, yet almost informal style, this book covers enough ground that even those without prior exposure to design patterns will soon feel confident applying them using Ruby. Olsen has done a great job to make a book about a classically 'dry' subject into such an engaging and even occasionally humorous read."--Peter Cooper"This book renewed my interest in understanding patterns after a decade of good intentions. Russ picked the most useful patterns for Ruby and introduced them in a straightforward and logical manner, going beyond the GoF's patterns. This book has improved my use of Ruby, and encouraged me to blow off the dust covering the GoF book."--Mike Stok" Design Patterns in Ruby is a great way for programmers from statically typed objectoriented languages to learn how design patterns appear in a more dynamic, flexible language like Ruby."--Rob Sanheim, Ruby Ninja, RelevanceMost design pattern books are based on C++ and Java. But Ruby is different--and the language's unique qualities make design patterns easier to implement and use. In this book, Russ Olsen demonstrates how to combine Ruby's power and elegance with patterns, and write more sophisticated, effective software with far fewer lines of code.After reviewing the history, concepts, and goals of design patterns, Olsen offers a quick tour of the Ruby language--enough to allow any experienced software developer to immediately utilize patterns with Ruby. The book especially calls attention to Ruby features that simplify the use of patterns, including dynamic typing, code closures, and "mixins" for easier code reuse.Fourteen of the classic "Gang of Four" patterns are considered from the Ruby point of view, explaining what problems each pattern solves, discussing whether traditional implementations make sense in the Ruby environment, and introducing Ruby-specific improvements. You'll discover opportunities to implement patterns in just one or two lines of code, instead of the endlessly repeated boilerplate that conventional languages often require. Design Patterns in Ruby also identifies innovative new patterns that have emerged from the Ruby community. These include ways to create custom objects with metaprogramming, as well as the ambitious Rails-based "Convention Over Configuration" pattern, designed to help integrate entire applications and frameworks.Engaging, practical, and accessible, Design Patterns in Ruby will help you build better software while making your Ruby programming experience more rewarding.

    Siracusa's overview, wrap-up, and critique of everything new in OS X 10.10 Yosemite.