Would also be cool if they had an aux jack

Oh wow, there’s no aux jack!?! Thanks for pointing that out. That kills this for me.

I am guessing they don’t have an IP protection for liquid/dust.

The product page’s specification’s section lists it as having “IP66 certification: Splash proof and dust resistant”

Before this launch, could you walk into a store in The Netherlands, pay cash, and walk out with a anonymously-purchased SHIFT phone?

Can you walk into a store in The Netherlands, pay cash, and walk out with a anonymously-purchased SHIFT phone?

looks like they’re collaborating by giving some of their profits upstream, and creating feature requests

hardened LinaegeOS forks seems like exactly what we need…

Isn’t the whole point that this thing can be upgraded?

Also, Pixel 3 still runs great, once you strip off all the google spyware.

Yeah, small dutch company that has a good history. They’ve been making highly customizable laptops for the EU market since 2015. And since 2021, they’ve been focusing on security and right-to-repair. You can watch an interview with the NovaCustom founder (Wessel Klein Snakenborg) here:

• https://techlore.tv/w/hAQNnw9eQndZRJe438DqRF

They’re one of very few laptop manufacturers that sell QubesOS certified laptops. And that come with coreboot.

That’s bad.

OAuth supports several types of flows. If I’m not mistaken (I’ve learned a bit more about OAuth since yesterday) you’re describing the Authorization Code Flow – as documented in RFC 6749 (The OAuth 2.0 Authorization Framework), Section 4.1 (Authorization Code Grant):

• https://www.rfc-editor.org/rfc/rfc6749.html#section-4.1

That RFC defines many other types of flows that do not require sharing the access keys with a third party, such as the Client Credentials Flow, as documented in RFC 6749 Section 4.4 (Client Credentials Grant):

• https://www.rfc-editor.org/rfc/rfc6749.html#section-4.4

The only reason you’d want to use the Authorization Code Flow is if the third party needs your access token for some reason, or if you want to hide the access key from the user agent.

The problem here is that Stripe is using the wrong flow (the third party doesn’t need the access token, as they claim they never save it anyway). And if keyCloak only supports that one flow, that’s would be a problem too (in this case).

Stripe Connect does not support Client Credentials flow.

Can you please tell me what is the name of the “flow” that Stripe Connect is using here?

I figured out the root technical cause. It’s because Stripe doesn’t allow the redirect during the OAuth flow to be dynamic. It must be a predefined value that’s hard-coded into the app.

For security purposes, Stripe redirects a user only to a predefined URI.

• https://docs.stripe.com/connect/oauth-reference#redirect-uri

That’s why Stripe forces you to expose your access tokens to the developer’s servers.

I’d still appreciate if someone with more experience with OAuth than me knows if this is common. Seems like a very bad design decision to require users to transmit their bearer tokens through the developer’s servers.

It’s called the Client Credentials flow (RFC 6749, Section 4.4).

Finally someone directs me to the actual RFC. Except that section is titled “Client Credentials Grant”

• https://www.rfc-editor.org/rfc/rfc6749.html#section-4.4

Why do I see this sometimes called a “Grant” and sometimes called a “Flow”?

What’s the definition and difference of each?

I’m not 100% sure, but my interpretation of that message is that you’re waiting for the federated servers to communicate, and you can close the page.

I recommend asking in its own post on !lemmy@lemmy.ml

If nobody answers in some days, then I’d create a feature request on GitHub.

Suddenly my server started getting thousands of requests per minute and my varnish cache hit rate jumped to 99%. Thank god for varnish!

Looks like the reddit blackout is #1 on the frontpage of hackernews, and this article is #2.

• https://news.ycombinator.com/

I actually posted this article to hackernews, but I never got a single upvote. This isn’t my first time getting on the frontpage of hackernews, but it always happens when someone else reposts my link.

Can anyone tell me how the fuck hackernews’ algorithm works to where I can’t ever get traction but someone else does after me?

Added to the article. Thanks for the suggestion :)

You should ask in /c/mlemapp

• https://lemmy.ml/c/mlemapp

And if it’s a bug, please report it on GitHub

• https://github.com/buresdv/Mlem

Edit: A quick search on github issues brought this up

• https://github.com/buresdv/Mlem/issues/45

Thanks! Yeah, I linked to it in the bottom of the article. There’s some other good links there that you may want to checkout as well :)

I made a text-and-images version of this guide:

• https://lemmy.ml/post/1204463

The only thing I need to improve this article is a short video demonstration showing how to find and add remote lemmy communities

• https://lemmy.ml/post/1193460

Are there any video producers on Lemmy that can help? You’ll easily get thousands unique views per day if you make a short “Guide to Lemmy” video :)