• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 05:56
CEST 11:56
KST 18:56
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
Serral wins HomeStory Cup 2910Serral wins Maestros of the Game 243ByuL, and the Limitations of Standard Play3Team Liquid Map Contest #22: Results and Winners7Code S Season 2 (2026): RO4 and Finals Preview12
Community News
Reynor: GSL Loss Wasn't About Preparation Format10[IPSL] Spring 2026 Grand Finals - This Weekend!1Weekly Cups (July 6 - 12): Protoss strike back5BSL Season 22 Full Overview & Conclusion8BSL Season 22 Full Overview & Conclusion8
StarCraft 2
General
Reynor: GSL Loss Wasn't About Preparation Format Weekly Cups (July 6 - 12): Protoss strike back Co-op Commander Guide: Kerrigan Serral wins HomeStory Cup 29 Is the larve respawn broken?
Tourneys
GSL CK #5 Race War WardiTV Summer Cup 2026 RSL Revival: Season 6 - Qualifiers and Main Event HomeStory Cup 29 Vespene Cup #1 — $300+ USD, July 10
Strategy
[G] Having the right mentality to improve
Custom Maps
New Map Maker - Looking for Advice - Love or Hate Work In Progress Melee Maps [D]RTS in all its shapes and glory <3
External Content
The PondCast: SC2 News & Results Mutation # 534 Burning Evacuation Mutation # 533 Die Together Mutation # 532 Nuclear Family
Brood War
General
Pros Debate: Zerg Unfairly Nerfed? (ASL S22 map) screpdb: new Starcraft reporting tool BSL Season 22 Full Overview & Conclusion BGH Auto Balance -> http://bghmmr.eu/ ASL 22 Proposed Map Pool
Tourneys
[ASL22] Wildcard Qualifier [IPSL] Spring 2026 Grand Finals - This Weekend! [Megathread] Daily Proleagues IPSL Spring 2026 Top 4!
Strategy
Fighting Spirit mining rates Simple Questions, Simple Answers Creating a full chart of Zerg builds Relatively freeroll strategies
Other Games
General Games
Nintendo Switch Thread General RTS Discussion Thread Stormgate/Frost Giant Megathread Path of Exile Summer Games Done Quick 2026!
Dota 2
Looking for a Dota Mentor Official 'what is Dota anymore' discussion
League of Legends
Heroes of the Storm
Simple Questions, Simple Answers Heroes of the Storm 2.0
Hearthstone
Deck construction bug
TL Mafia
NeO.D_StephenKing vs This Guy From 1 Million Dance TL Mafia Community Thread TL Mafia Power Rank Vanilla Mini Mafia
Community
General
US Politics Mega-thread Russo-Ukrainian War Thread UK Politics Mega-thread YouTube Thread Canadian Politics Mega-thread
Fan Clubs
The IdrA Fan Club The HerO Fan Club!
Media & Entertainment
Anime Discussion Thread [Req][Books] Good Fantasy/SciFi books Movie Discussion! Series you have seen recently...
Sports
2024 - 2026 Football Thread McBoner: A hockey love story Tennis[sport] Formula 1 Discussion TeamLiquid Health and Fitness Initiative For 2023
World Cup 2022
Tech Support
Simple Questions Simple Answers FPS when play League Of Legend on laptop How to clean a TTe Thermaltake keyboard?
TL Community
The Automated Ban List
Blogs
The Experiences We Want and …
TrAiDoS
An Exploration of th…
waywardstrategy
Gauntlet SC2: A Retrospectiv…
Ctone23
ramps on octagon
StaticNine
Funny Nicknames
LUCKY_NOOB
Evil Gacha Games and the…
ffswowsucks
Customize Sidebar...

Website Feedback

Closed Threads



Active: 8046 users

The Big Programming Thread - Page 900

Forum Index > General Forum
Post a Reply
Prev 1 898 899 900 901 902 1032 Next
Thread Rules
1. This is not a "do my homework for me" thread. If you have specific questions, ask, but don't post an assignment or homework problem and expect an exact solution.
2. No recruiting for your cockamamie projects (you won't replace facebook with 3 dudes you found on the internet and $20)
3. If you can't articulate why a language is bad, don't start slinging shit about it. Just remember that nothing is worse than making CSS IE6 compatible.
4. Use [code] tags to format code blocks.
BlueRoyaL
Profile Blog Joined February 2006
United States2493 Posts
August 10 2017 05:30 GMT
#17981
Hey guys, I'm looking into finding a job in the near future, so doing some prep. Currently working through tree and graph problems and such.

The current problem I'm working on is: Find the First Common Ancestor (FCA) given two tree nodes (binary tree).
Two assumptions I've made:
- Neither of the 2 given nodes can be the FCA, or else technically they wouldnt be an "ancestor".
- The 2 given nodes are part of the same tree (ie my implementation will always find a FCA unless one or both the nodes are the root of the tree)

I've implemented it, there's probably a better way to do this. I haven't checked the solutions yet (this is from Cracking the Coding Interview). However, I've been struggling in understanding how to determine the run times and space complexities of certain algorithms. Wondering if any of you guys that know this stuff well could help me analyze it.

My algorithm breakdown:
- Start by determining which of the two nodes is higher up on the tree
- Then, starting with that node's parent, we'll continue walking up using the parent pointers
- For each time we step up, we walk up the lower node, checking to see if it's the same as the current higher node.
- By the time the higher node has reached the root, if we still haven't found the FCA, the root is the FCA.

Below is my implemantation. I'm using C#, and "distanceFromRoot" is a local helper function (similar to how you can create local functions inside another function in javascript).


public class TreeNode
{
public TreeNode Left { get; set; }
public TreeNode Right { get; set; }
public TreeNode Parent { get; set; }
}

public static TreeNode FindFirstCommonAncestor(TreeNode a, TreeNode b)
{
int distA = distanceFromRoot(a);
if (distA == 0) return null;
int distB = distanceFromRoot(b);
if (distB == 0) return null;

TreeNode higher = distA <= distB ? a.Parent : b.Parent;
TreeNode lower = higher == a.Parent ? b.Parent : a.Parent;

while (higher.Parent != null)
{
TreeNode currLower = lower;
while (currLower != null)
{
if (currLower == higher) return currLower;
currLower = currLower.Parent;
}
higher = higher.Parent;
}

return higher;

// local functions
int distanceFromRoot(TreeNode n)
{
if (n.Parent == null) return 0;
return 1 + distanceFromRoot(n.Parent);
}
}


My (probably) wrong analysis of runtime and space:

From what I've seen and read, I believe that when you're working with trees, the input n used in big O represents the total number of nodes in the tree. So, if you were to walk up the entire tree once, starting at one of the leaves, this would be O(log n) right?

But that's only walking up the tree once. My algorithm has nested while loops, with the inner one potentially walking up the entire tree for each step of the outer loop. So, does that mean that my runtime is O(log n) x O(log n)?

I understand the simplest examples, such as having two nested loops walk through the same array. That gives a runtime of O(n^2). Does using that kind of logic make any sense in my example?

Also, if it is indeed O(log n) x O(log n), I assume that would be a worst-case analysis.

For space, I think it's just a constant of O(1) since the allocation of variables doesn't change while walking through the loops. It also doesn't use any external/auxiliary data structures which leads me to believe it has a constant space complexity.

I'm having a good time prepping, but analyzing this stuff has been a bit frustrating. I'm hoping it just becomes more intuitive as I do more problems, and maybe even reach a aha moment.

Thanks for any help!
WHAT'S HAPPENIN
Acrofales
Profile Joined August 2010
Spain18368 Posts
August 10 2017 08:38 GMT
#17982
Didn't check over your analysis or code, but given your description, it's inefficient. Why not just extract both paths to the root, and then find the last node that these paths are equal? That's O(log n).
Blisse
Profile Blog Joined July 2010
Canada3710 Posts
Last Edited: 2017-08-10 18:30:14
August 10 2017 08:53 GMT
#17983
> The current problem I'm working on is: Find the First Common Ancestor (FCA) given two tree nodes (binary tree).
Two assumptions I've made:
- Neither of the 2 given nodes can be the FCA, or else technically they wouldnt be an "ancestor".
- The 2 given nodes are part of the same tree (ie my implementation will always find a FCA unless one or both the nodes are the root of the tree)


Your first assumption should be incorrect, though fair game if stated. Your algorithm should be able to return the inputs as ancestors.
Because your first assumption is incorrect, "unless one or both the nodes are the root of the tree" should be handled as well.


From what I've seen and read, I believe that when you're working with trees, the input n used in big O represents the total number of nodes in the tree. So, if you were to walk up the entire tree once, starting at one of the leaves, this would be O(log n) right?


No, the input n in Big O would usually be the number of nodes traversed in the algorithm, assuming that the node contains the most costly operation (generally accessing node.data).

No, if you walk up the entire tree, your worst case is O(n), where your tree is completely unbalanced.


But that's only walking up the tree once. My algorithm has nested while loops, with the inner one potentially walking up the entire tree for each step of the outer loop. So, does that mean that my runtime is O(log n) x O(log n)?


No, the height of a perfectly balanced tree is essentially log(n), where n is the number of elements in the tree, and thus the worst case traversal from leaf to root in a perfectly balanced tree is O(log(n)). But Big O is about worst case analysis, and a perfectly balanced tree isn't the worst case. In your algorithm's worst case, the tree is unbalanced on both sides, meaning lower and higher are at the same height, n / 2. This means in the worst case your algorithm will traverse the inner loop n/2 times, and then other loop n/2 times, which ends up being n^2/4, or O(n^2).


For space, I think it's just a constant of O(1) since the allocation of variables doesn't change while walking through the loops. It also doesn't use any external/auxiliary data structures which leads me to believe it has a constant space complexity.


This is an easy thing to overlook. Your distanceFromRoot function runs recursively, so you use up a new stack frame every function call, and since trees can be completely unbalanced, that means you've allocated n nodes on the stack to determine the height of the tree, a space complexity of O(n).


untested rusty C++ attempt

* returns null if there's no solution,
* runs in exactly 2*( height(ancestor) - height(a) ) or 2*( height(ancestor) - height(b) ), whichever is higher
* worst case of O(n)

+ Show Spoiler +


public Node* findFirstCommonAncestor(Node* a, Node* b) {

set<Node*> a_ancestors = { a };
set<Node*> b_ancestors = { b };

while (a != nullptr || b != nullptr) {

if (a != null && b_ancestors.count(a) != 0) {
return a;
}
if (b != null && a_ancestors.count(b) != 0) {
return b;
}

if (a != nullptr && a->parent != nullptr) {
a_ancestors.insert(a->parent);
a = a->parent;
}
if (b != nullptr && b->parent != nullptr) {
b_ancestors.insert(b->parent);
b = b->parent;
}

}

return nullptr;
}
There is no one like you in the universe.
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
August 16 2017 14:04 GMT
#17984
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).
Time is precious. Waste it wisely.
Blucan
Profile Joined August 2017
Canada2 Posts
August 16 2017 18:44 GMT
#17985
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
Last Edited: 2017-08-16 23:07:08
August 16 2017 19:34 GMT
#17986
On August 17 2017 03:44 Blucan wrote:
Show nested quote +
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.
Time is precious. Waste it wisely.
berated-
Profile Blog Joined February 2007
United States1134 Posts
August 16 2017 23:13 GMT
#17987
On August 17 2017 04:34 Manit0u wrote:
Show nested quote +
On August 17 2017 03:44 Blucan wrote:
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.


Are you guys the oauth provider as well? Also, are you able to do any of the flows other than auth code flow?

How are you trying to use oauth? Are you trying to call into a rest api that will then use oauth to access another resource? Or are you using oauth to protect the rest resource itself?

Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
August 16 2017 23:36 GMT
#17988
On August 17 2017 08:13 berated- wrote:
Show nested quote +
On August 17 2017 04:34 Manit0u wrote:
On August 17 2017 03:44 Blucan wrote:
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.


Are you guys the oauth provider as well? Also, are you able to do any of the flows other than auth code flow?

How are you trying to use oauth? Are you trying to call into a rest api that will then use oauth to access another resource? Or are you using oauth to protect the rest resource itself?



Our primary use case will be SSO since the customer already has all their employees registered at Okta (the IP). We want to use that to grab user info from there and create users within the API based on that. Auth code flow seemed the easiest to implement initially but I'm starting to have my doubts.

I mean, I've got everything handled on the API side (got an endpoint for auth codes which we exchange with IP for user info basically and then return our own token to services that use it). The problem is now getting web, desktop and mobile clients to get the code from the IP. Any suggestions? Do I have to put up some sort of auth server, to where I'll redirect users after logging in to the IP so it can return the code to the client as necessary?

It's generally one big API and all the other apps are pretty much different kinds of front-end for it and everything is using REST to communicate.
Time is precious. Waste it wisely.
berated-
Profile Blog Joined February 2007
United States1134 Posts
August 17 2017 03:06 GMT
#17989
On August 17 2017 08:36 Manit0u wrote:
Show nested quote +
On August 17 2017 08:13 berated- wrote:
On August 17 2017 04:34 Manit0u wrote:
On August 17 2017 03:44 Blucan wrote:
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.


Are you guys the oauth provider as well? Also, are you able to do any of the flows other than auth code flow?

How are you trying to use oauth? Are you trying to call into a rest api that will then use oauth to access another resource? Or are you using oauth to protect the rest resource itself?



Our primary use case will be SSO since the customer already has all their employees registered at Okta (the IP). We want to use that to grab user info from there and create users within the API based on that. Auth code flow seemed the easiest to implement initially but I'm starting to have my doubts.

I mean, I've got everything handled on the API side (got an endpoint for auth codes which we exchange with IP for user info basically and then return our own token to services that use it). The problem is now getting web, desktop and mobile clients to get the code from the IP. Any suggestions? Do I have to put up some sort of auth server, to where I'll redirect users after logging in to the IP so it can return the code to the client as necessary?

It's generally one big API and all the other apps are pretty much different kinds of front-end for it and everything is using REST to communicate.


If it's with something like Okta (which full disclaimer, I know nothing about) , it seems like resource owner password is probably out of the question. If I was a user I wouldn't trust typing in my Okta creds into a third party app.

For any of the web clients, auth code flow sounds best as you said. There is definitely the ability to just redirect to their stuff and have it come back to yours.

It sounds like you're going towards where we ended up going for ours. If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite? It would give you the ability to use oauth with the web client and then generate an api key that is associated with the user you created from the auth code flow.

As for desktop and mobile, my 5 minute search shows that okta has native clients for both of those. Can you leverage those some how?
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
Last Edited: 2017-08-17 11:20:15
August 17 2017 11:18 GMT
#17990
On August 17 2017 12:06 berated- wrote:
Show nested quote +
On August 17 2017 08:36 Manit0u wrote:
On August 17 2017 08:13 berated- wrote:
On August 17 2017 04:34 Manit0u wrote:
On August 17 2017 03:44 Blucan wrote:
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.


Are you guys the oauth provider as well? Also, are you able to do any of the flows other than auth code flow?

How are you trying to use oauth? Are you trying to call into a rest api that will then use oauth to access another resource? Or are you using oauth to protect the rest resource itself?



Our primary use case will be SSO since the customer already has all their employees registered at Okta (the IP). We want to use that to grab user info from there and create users within the API based on that. Auth code flow seemed the easiest to implement initially but I'm starting to have my doubts.

I mean, I've got everything handled on the API side (got an endpoint for auth codes which we exchange with IP for user info basically and then return our own token to services that use it). The problem is now getting web, desktop and mobile clients to get the code from the IP. Any suggestions? Do I have to put up some sort of auth server, to where I'll redirect users after logging in to the IP so it can return the code to the client as necessary?

It's generally one big API and all the other apps are pretty much different kinds of front-end for it and everything is using REST to communicate.


If it's with something like Okta (which full disclaimer, I know nothing about) , it seems like resource owner password is probably out of the question. If I was a user I wouldn't trust typing in my Okta creds into a third party app.

For any of the web clients, auth code flow sounds best as you said. There is definitely the ability to just redirect to their stuff and have it come back to yours.

It sounds like you're going towards where we ended up going for ours. If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite? It would give you the ability to use oauth with the web client and then generate an api key that is associated with the user you created from the auth code flow.

As for desktop and mobile, my 5 minute search shows that okta has native clients for both of those. Can you leverage those some how?


The problem I'm currently having is that I'm not sure how to configure the apps to redirect to the right places. After logging in to Okta you're supposed to be redirected to the target web page (where Okta sends the user auth code) but our API does not have any front-end of its own so we can't do that (can't redirect from html to json seemlessly) and I'm not sure how to handle that. Any ideas?


If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite?


No. The only way to acquire our token is to either log in as an existing API user or through Okta auth code. If you don't have API account and only Okta one you should be able to sign in using Okta (but we can't give you the token without first getting the auth code).
Time is precious. Waste it wisely.
berated-
Profile Blog Joined February 2007
United States1134 Posts
Last Edited: 2017-08-18 01:35:30
August 18 2017 01:30 GMT
#17991
On August 17 2017 20:18 Manit0u wrote:
Show nested quote +
On August 17 2017 12:06 berated- wrote:
On August 17 2017 08:36 Manit0u wrote:
On August 17 2017 08:13 berated- wrote:
On August 17 2017 04:34 Manit0u wrote:
On August 17 2017 03:44 Blucan wrote:
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.


Are you guys the oauth provider as well? Also, are you able to do any of the flows other than auth code flow?

How are you trying to use oauth? Are you trying to call into a rest api that will then use oauth to access another resource? Or are you using oauth to protect the rest resource itself?



Our primary use case will be SSO since the customer already has all their employees registered at Okta (the IP). We want to use that to grab user info from there and create users within the API based on that. Auth code flow seemed the easiest to implement initially but I'm starting to have my doubts.

I mean, I've got everything handled on the API side (got an endpoint for auth codes which we exchange with IP for user info basically and then return our own token to services that use it). The problem is now getting web, desktop and mobile clients to get the code from the IP. Any suggestions? Do I have to put up some sort of auth server, to where I'll redirect users after logging in to the IP so it can return the code to the client as necessary?

It's generally one big API and all the other apps are pretty much different kinds of front-end for it and everything is using REST to communicate.


If it's with something like Okta (which full disclaimer, I know nothing about) , it seems like resource owner password is probably out of the question. If I was a user I wouldn't trust typing in my Okta creds into a third party app.

For any of the web clients, auth code flow sounds best as you said. There is definitely the ability to just redirect to their stuff and have it come back to yours.

It sounds like you're going towards where we ended up going for ours. If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite? It would give you the ability to use oauth with the web client and then generate an api key that is associated with the user you created from the auth code flow.

As for desktop and mobile, my 5 minute search shows that okta has native clients for both of those. Can you leverage those some how?


The problem I'm currently having is that I'm not sure how to configure the apps to redirect to the right places. After logging in to Okta you're supposed to be redirected to the target web page (where Okta sends the user auth code) but our API does not have any front-end of its own so we can't do that (can't redirect from html to json seemlessly) and I'm not sure how to handle that. Any ideas?

Show nested quote +

If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite?


No. The only way to acquire our token is to either log in as an existing API user or through Okta auth code. If you don't have API account and only Okta one you should be able to sign in using Okta (but we can't give you the token without first getting the auth code).



Have you researched openid connect with okta?

Edit: Maybe that's the wrong way, trying to read.

The problem is that I think it just doesn't work. What i was trying to suggest is generating some new token , a bearer token, or something that is not the oauth token. The issue here is you are trying to establish (or it sounds like) identification , not authorization.

Edit 2: Is this getting closer? https://security.stackexchange.com/questions/129928/oidc-flow-for-spa-and-restful-api
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
August 18 2017 06:39 GMT
#17992
On August 18 2017 10:30 berated- wrote:
Show nested quote +
On August 17 2017 20:18 Manit0u wrote:
On August 17 2017 12:06 berated- wrote:
On August 17 2017 08:36 Manit0u wrote:
On August 17 2017 08:13 berated- wrote:
On August 17 2017 04:34 Manit0u wrote:
On August 17 2017 03:44 Blucan wrote:
On August 16 2017 23:04 Manit0u wrote:
Fuck me. Trying to introduce OAuth flow into REST only API is a fucking nightmare (and it has to support mobiles too).


What are you having problems with? It's pretty straight forward once you get the hang of it.


I'm not entirely sure where to redirect to after logging in to the IP since we have the authorization code grant flow. So mobile/web redirects to IP -> IP redirects it somewhere else -> web/mobile gets auth code -> it logs in to the API with the auth code. That's plenty of shit to do.


Are you guys the oauth provider as well? Also, are you able to do any of the flows other than auth code flow?

How are you trying to use oauth? Are you trying to call into a rest api that will then use oauth to access another resource? Or are you using oauth to protect the rest resource itself?



Our primary use case will be SSO since the customer already has all their employees registered at Okta (the IP). We want to use that to grab user info from there and create users within the API based on that. Auth code flow seemed the easiest to implement initially but I'm starting to have my doubts.

I mean, I've got everything handled on the API side (got an endpoint for auth codes which we exchange with IP for user info basically and then return our own token to services that use it). The problem is now getting web, desktop and mobile clients to get the code from the IP. Any suggestions? Do I have to put up some sort of auth server, to where I'll redirect users after logging in to the IP so it can return the code to the client as necessary?

It's generally one big API and all the other apps are pretty much different kinds of front-end for it and everything is using REST to communicate.


If it's with something like Okta (which full disclaimer, I know nothing about) , it seems like resource owner password is probably out of the question. If I was a user I wouldn't trust typing in my Okta creds into a third party app.

For any of the web clients, auth code flow sounds best as you said. There is definitely the ability to just redirect to their stuff and have it come back to yours.

It sounds like you're going towards where we ended up going for ours. If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite? It would give you the ability to use oauth with the web client and then generate an api key that is associated with the user you created from the auth code flow.

As for desktop and mobile, my 5 minute search shows that okta has native clients for both of those. Can you leverage those some how?


The problem I'm currently having is that I'm not sure how to configure the apps to redirect to the right places. After logging in to Okta you're supposed to be redirected to the target web page (where Okta sends the user auth code) but our API does not have any front-end of its own so we can't do that (can't redirect from html to json seemlessly) and I'm not sure how to handle that. Any ideas?


If you are already generating a separate token to make future rest calls with, is it possible that they could acquire that through the web application as a pre-requisite?


No. The only way to acquire our token is to either log in as an existing API user or through Okta auth code. If you don't have API account and only Okta one you should be able to sign in using Okta (but we can't give you the token without first getting the auth code).



Have you researched openid connect with okta?

Edit: Maybe that's the wrong way, trying to read.

The problem is that I think it just doesn't work. What i was trying to suggest is generating some new token , a bearer token, or something that is not the oauth token. The issue here is you are trying to establish (or it sounds like) identification , not authorization.

Edit 2: Is this getting closer? https://security.stackexchange.com/questions/129928/oidc-flow-for-spa-and-restful-api


I've managed to implement auth code flow described in the answer to that stack overflow question pretty much exactly. The only problem I'm having is that I will now have to introduce a front-end endpoint in the API (I don't like it one bit) because I can't redirect users to the SPA after login (our SPA front doesn't have any real backend, it's pure JS/HTML with React so the API has to handle all of it, and obviously there's no way to redirect mobiles back to themselves).
Time is precious. Waste it wisely.
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
August 22 2017 19:16 GMT
#17993
Guys, have any of you worked in Denmark/are currently working there?

I've got a job offer from Copenhagen and I'm seriously considering it...
Time is precious. Waste it wisely.
berated-
Profile Blog Joined February 2007
United States1134 Posts
August 22 2017 21:44 GMT
#17994
On August 23 2017 04:16 Manit0u wrote:
Guys, have any of you worked in Denmark/are currently working there?

I've got a job offer from Copenhagen and I'm seriously considering it...


I've never worked in Denmark but I did just accept my second job, 9 yrs at job one and now moving on. Feels like as good of a time as any!
IyMoon
Profile Joined April 2016
United States1249 Posts
August 22 2017 22:31 GMT
#17995
On August 23 2017 04:16 Manit0u wrote:
Guys, have any of you worked in Denmark/are currently working there?

I've got a job offer from Copenhagen and I'm seriously considering it...



Beer is REALLY expensive in those countries. (Scandinavian) So watch out for that, otherwise why the hell would you not take this job?
Something witty
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
August 22 2017 23:43 GMT
#17996
On August 23 2017 07:31 IyMoon wrote:
Show nested quote +
On August 23 2017 04:16 Manit0u wrote:
Guys, have any of you worked in Denmark/are currently working there?

I've got a job offer from Copenhagen and I'm seriously considering it...



Beer is REALLY expensive in those countries. (Scandinavian) So watch out for that, otherwise why the hell would you not take this job?


Such decisions are not that easy once you're married with children. There's a gazillion things I have to think about now...
Time is precious. Waste it wisely.
Nesserev
Profile Blog Joined January 2011
Belgium2760 Posts
August 23 2017 06:25 GMT
#17997
--- Nuked ---
Manit0u
Profile Blog Joined August 2004
Poland17788 Posts
August 23 2017 12:27 GMT
#17998
On August 23 2017 15:25 Nesserev wrote:
Show nested quote +
On August 23 2017 08:43 Manit0u wrote:
On August 23 2017 07:31 IyMoon wrote:
On August 23 2017 04:16 Manit0u wrote:
Guys, have any of you worked in Denmark/are currently working there?

I've got a job offer from Copenhagen and I'm seriously considering it...



Beer is REALLY expensive in those countries. (Scandinavian) So watch out for that, otherwise why the hell would you not take this job?


Such decisions are not that easy once you're married with children. There's a gazillion things I have to think about now...

So, what are some of the aspects that make you 'consider' it?

All I can say is: Write down the positives and the negatives; weigh them, and compare them, don't be too limiting and always be honest to yourself and your family.


I did just that. The only real problem is that for this particular job I have to decide within a week and I simply can't do that (it'll take me more than that to leave my current job if I want to do it properly) so it's a no go for now. Maybe in the near future...

[image loading]
Time is precious. Waste it wisely.
Nesserev
Profile Blog Joined January 2011
Belgium2760 Posts
August 23 2017 16:31 GMT
#17999
--- Nuked ---
emperorchampion
Profile Blog Joined December 2008
Canada9496 Posts
August 23 2017 18:58 GMT
#18000
Looking to do a bit of GUI programming in python, any recommended frameworks?
TRUEESPORTS || your days as a respected member of team liquid are over
Prev 1 898 899 900 901 902 1032 Next
Please log in or register to reply.
Live Events Refresh
Next event in 4m
[ Submit Event ]
Live Streams
Refresh
StarCraft 2
WinterStarcraft559
SortOf 47
StarCraft: Brood War
Hyuk 1538
Mong 746
Bisu 539
Horang2 307
Shuttle 298
Leta 258
Mini 256
Killer 196
Jaedong 190
actioN 154
[ Show more ]
Dewaltoss 116
Soulkey 92
sorry 89
EffOrt 68
Light 45
Free 41
Sacsri 35
ToSsGirL 34
scan(afreeca) 25
Rush 25
soO 24
hero 23
910 18
ZergMaN 17
Bale 15
Noble 14
JYJ 14
Aegong 14
League of Legends
Doublelift1817
Other Games
ceh9687
Pyrionflax244
B2W.Neo176
XaKoH 151
Sick151
RuFF_SC233
Organizations
Other Games
gamesdonequick2299
StarCraft: Brood War
UltimateBattle 55
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
[ Show 15 non-featured ]
StarCraft 2
• StrangeGG 28
• LUISG 10
• AfreecaTV YouTube
• intothetv
• Kozan
• IndyKCrew
• LaughNgamezSOOP
• Migwel
• sooper7s
StarCraft: Brood War
• BSLYoutube
• STPLYoutube
• ZZZeroYoutube
Dota 2
• lizZardDota291
League of Legends
• Jankos1942
• Stunt414
Upcoming Events
The PondCast
4m
Kung Fu Cup
1h 4m
Replay Cast
23h 4m
CrankTV Team League
1d 1h
Replay Cast
1d 23h
CrankTV Team League
2 days
Replay Cast
2 days
RSL Revival
2 days
Clem vs Lambo
Scarlett vs Cure
CranKy Ducklings
3 days
IPSL
3 days
Dragon vs Hawk
[ Show More ]
RSL Revival
3 days
Classic vs Trap
herO vs SHIN
Sparkling Tuna Cup
4 days
IPSL
4 days
Bonyth vs Ret
WardiTV Weekly
5 days
Monday Night Weeklies
5 days
PiGosaur Cup
6 days
Liquipedia Results

Completed

YSL S3
HSC XXIX
Eternal Conflict S2 E2

Ongoing

IPSL Spring 2026
Acropolis #4
CSL 2026 Summer (S21)
RSL Revival: Season 6
CranK Gathers Season 4: BW vs SC2 Team League
SCTL 2026 Spring
Stake Ranked Episode 3
XSE Pro League 2026
IEM Cologne Major 2026
Stake Ranked Episode 2
CS Asia Championships 2026
Asian Champions League 2026
IEM Atlanta 2026
PGL Astana 2026
BLAST Rivals Spring 2026

Upcoming

Escore Tournament S3: W3
ASL S22 SEASON OPEN Day 1
Escore Tournament S3: W4
ASL S22 SEASON OPEN Day 2
Escore Tournament S3: W5
CSLAN 4
Blizzard Classic Cup 2026
HSC XXX
SC4ALL II: StarCraft II
Kung Fu Cup 2026 Grand Finals
Light Tournament 2026
Eternal Conflict S2 Finale
Eternal Conflict S2 E3
Logitech G Connect 2026
StarSeries Fall 2026
FISSURE Playground #5
BLAST Open Fall 2026
Esports World Cup 2026
BLAST Bounty Summer 2026
BLAST Bounty Summer Qual
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2026 TLnet. All Rights Reserved.