In my previous blog post about my shed I teased about a wireless access point, and that it would be the subject of a future blog post. I had intended that to be the next enhancement to my shed that I blogged about. Unfortunately having had a shed for a few weeks now, and stuff that needs somewhere to live (the point of buying the shed in the first place), my wife insisted that the shed should be used for storage. It’s not like I didn’t want this as well, so I have had to re-prioritise my sub-projects within the shed. So once again that will have to wait. This week I have built a set of two shelves.
If you’ve been following my blog you’ll know I’ve recently built a new shed. And I’ve installed a solar panel. Well I’ve done some more work on the shed. But not all of the work is related to electricity.
Just a quick update. The solar panel is up on my shed roof.
In my last post I said I wanted to add solar power to my shed. Well I made a start on that. This post is about what I’ve done so far.
So my wife wanted a new shed (for good reason, the old one was literally falling apart), and I wanted a new project, one that was less computer related. So I ordered a prefabricated shed from B&Q. That was back at the tail end of March. Well that shed arrived about a week ago. And we now have a shed. I have plans for this shed, I intend to set it up with lighting, and power, but without the need to connect it to my domestic electricity supply, it’s at the bottom of the garden after all, and a mains cable running the length of the garden is dangerous. So I intend to build a small off grid solar power system for the shed. But that is for another time, this post is about building the shed.
I always intended to give the app an open-source license. Now that it’s in a state that I feel is functional I asked my employer who sponsored about 10% of the code if they would allow me to apply an open source license, and as the code is unrelated to my job, or their core business, they said yes. So I’ve applied an MIT license. The code is available here.
Since my last post about the location sharing app I was building I stopped working on it. But I came back to it this week to get it working with Azure AD, the protocol is OpenID Connect, and Microsoft’s documentation is very good. I had already got LDAP authentication working, but I didn’t deploy that version of the app as I didn’t want to have to install an LDAP service on a web facing server. But as I don’t have to support Azure AD I could deploy the version with that working, but before I could I do that I needed to allow for disabling LDAP authentication. So having sorted that out I have deployed the current version, with LDAP authentication disabled. It’s also configured to only allow consumer Microsoft accounts to authenticate against it, because this is a demo, not a commercial service. It is once again available at https://location.craig-james-stewart.co.uk/.
It’s been a while, and honestly I haven’t really done much work on this since my last post. I’d like to claim I’ve had too much on, but honestly I just haven’t had the motivation. My employer does “Learning and Development” days, and my manager allowed me to work on my location app as part of this. So the progress since my last blog post is thanks to this.
So in my last post I mentioned random numbers, and talked about needing to trade off between security, speed, and the randomness of the source of random numbers. I stand by the considerations that need to be made, but it was brought to my attention that I was looking at math/rand in go where they also have crypto/rand which makes using /dev/urandom much simpler. The trade offs are the same in practice, but the work was much easier to implement that way, so thank you Liam
I'd try crypto/rand. There seems to be a debate about having to create the seed for math/rand but apparently that's not something they are planning on fixing as it's not meant for true randomness.— liam sorsby (@liamsorsby) September 2, 2019
I have nothing to show on the location app I’ve been building, but I’ve hit a hurdle that I felt warrants some discussion. I want to use two random strings that are unrelated to each other in order to make the app more secure. An ID for each location shared, and a key to prevent someone simply trying to enumerate all the ID’s. Because the key is a security device it is important that it is not derived from the ID, or from the same deterministic source as the ID. With this in mind I have been reading about the random number generator available in Go.