However you like, REST doesn’t dictate anything there. Just be consistent and use hypermedia.

JSON APIs almost never follow REST because they almost never use JSON as hypertext. Worse, no complete stable hypertext JSON standard exists. There’s JSON-HAL, but it lacks a way to represent resource templates (think HTML’s <form>).

Therefore, with JSON APIs ignoring one of the most basic idea behind REST, why would anyone expect them to follow another idea of REST - consistency?

REST is a deceptively simple concept. Any time you build an HTML website a human can navigate without consulting documentation, you’re doing it better than vast majority of swagger documented corporate APIs.

JSON API almost always means “not REST”. In other words, it works as intended.

I can’t muster any sarcasm out of sheer disappointment. You win this time…

I’d probably add that for something like nextcloud granted scopes can be an „orthogonal”–for the lack of a better word–subset of requested scopes.

The set of requestable scopes has to be defined by the system itself, not its specific configuration. E.g. „files:manage”, „talk:manage”, „mail:read” are all general capabilities the system offers.

However, as a user I can have a local configuration that adds granularity to the grants I issue. E.g.: „files:manage in specific folders” or „mail:read for specific domains or groups only” are user trust statements that fit into the capability matrix but add an additional and preferably invisible layer of access control.

It’s a fairly rare feature in the wild and is a potential UX pitfall, but it can be useful as an advanced option on the grant page, or as a separate access control for issued grants.

https://oauth.net/articles/authentication/

That aside, why is nextcloud asking for scopes from remote API in the diagram? What is drawn on the diagram has little to do with OAuth scopes, but rather looks like an attempt to wrap ACL repository access into a new vocabulary.

Scopes issued by the OAuth authorization server can be hidden entirely. The issuer doesn’t hold any obligation to share them with authorized party since they are dedicated for internal use and can be propagated via invisible or opaque means.

I really can’t figure out what’s going on with that diagram.

As a Ruby fan having a blast with Elixir, where the hell is anything BEAM related?

The compass is truly political.

Yeah, had to dive in myself.

The answer is no, they can’t. You need to pass /dev/kvm and /dev/net/tun in a composefile for a reason.

There’s no „windows in docker”, but rather „handy windows vm orchestrator with nice UI in a container”. A bit of a mouthful.

My viewing history can legally drink in US in a year. What do you mean „guess”?

Googling at least until fairly recently meant „I consulted an index of Internet”. It is a means to get to the bit of information.

Asking ChatGPT is like asking a well-behaved parrot in the library and believing every word it says instead of reading the actual book the librarian would point you towards.

Live action at that

And then there’s hyperemparhy. Alice tells about getting a paper cut a year ago, and for a few seconds Bob feels like his guts are being pulled out.

• ssh to remote, forwarding some remote port to your local ssh port (-R)
• ssh from remote through the exposed port, starting socks proxy in the process (-D)
• use socks proxy explicitly or find some tool that can route the traffic into it

Similar approach can be used to establish VPN tunnel with no encryption (ssh already provides that), routing everything but your ssh connection through it.

• ssh to remote, reverse forwarding your VPN-over-tcp server’s listening port
• establish vpn connection on remote, route everything but your ssh connection through the newly established interface

It will be wasteful, but it will work.

Why did you mention git twice?

If the average user

Proceeds to describe a task average users never perform.

And no, you having been a smart child doesn’t excuse you being an obtuse adult.

It’s all about being comfortable with not knowing when you need to act. Believing that you can learn everything upfront is pure hubris, and once you hurt yourself enough times, you just drop the pretense.

In other words, life is Bayesian, not frequentist.

It’s not about business optimization, it’s about not having to defer to someone’s knowledge from the position of power.

AI bubble makes so much sense when you start looking at it this way.

Good point.

Gl.iNet is a great value router, but if you want to do anything really interesting, it won’t do.

I have Slate AX chugging along, and have been eyeing teklager boxes to do actual routing, with slate as an access point.

Same weird non-sequiturs chain that foobar2000 author uses.

They could’ve honestly said “I don’t wanna”, and that would be the end of it.

There are penalties. They require proof of intent, however. So there are no penalties.