Click here to Skip to main content
15,033,279 members

Welcome to the Lounge

   

For discussing anything related to a software developer's life but is not for programming questions. Got a programming question?

The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
 
GeneralRe: Thought of the Day Pin
Ron Anders29-Jul-21 7:32
MemberRon Anders29-Jul-21 7:32 
GeneralRe: Thought of the Day Pin
Daniel Pfeffer29-Jul-21 7:55
professionalDaniel Pfeffer29-Jul-21 7:55 
GeneralRe: Thought of the Day Pin
PIEBALDconsult29-Jul-21 8:18
professionalPIEBALDconsult29-Jul-21 8:18 
GeneralRe: Thought of the Day Pin
jeron129-Jul-21 9:49
Memberjeron129-Jul-21 9:49 
GeneralRe: Thought of the Day Pin
Slow Eddie29-Jul-21 11:04
professionalSlow Eddie29-Jul-21 11:04 
GeneralRe: Thought of the Day Pin
kmoorevs29-Jul-21 12:00
Memberkmoorevs29-Jul-21 12:00 
GeneralRe: Thought of the Day Pin
Richard Andrew x6430-Jul-21 4:26
professionalRichard Andrew x6430-Jul-21 4:26 
GeneralI may just have witnessed the biggest WTF in my career... Pin
Sander Rossel29-Jul-21 4:34
professionalSander Rossel29-Jul-21 4:34 
I just got a call "can you help me set up this API?"
"Sure, what do you need?"
"I got an example application in VB.NET and now I want to mimic the call in Postman, it simply gets the customer by an ID."
"Ok, sounds simple enough."
So I open up this VB code expecting to find some HttpClient with a GET and probably some authentication method.
Now, I've seen some horrors (a 41,000+ tables database, or anything with Crystal Reports, anyone?), but nothing could've prepared me for what I was about to witness...
What I found was that this API is not running on HTTPS and instead this company requires their customers to implement their own encryption exactly the way they want it WTF | :WTF: OMG | :OMG: Unsure | :~ Dead | X|

Steps to connect:
We take our API key and create an MD5 hash.
Then we take the first 16 characters of our API secret and use it together with the hash in some SHA256 algorithm.
We need a JSON like { "id": "1234" } (this is the ID of the customer we want to get) and then encrypt it using a Rijndael object and the SHA256 algorithm (I don't do this daily, can't tell you the specifics).
Take the resulting encrypted key and convert it to base64.
Then trim the ='s at the end and replace slashes and hyphens with underscores and some other character.
Now put our deformed base64 encrypted body in a form field named "data".
Include the key in the URL like so "http://baseaddress.com/getCustomer/apikey=[key]".
Do a POST.
Call an unsecure HTTP endpoint.

On the plus side, they provided a 100+ page document with examples in .NET and PHP on how to call something that should've been a standard REST API (I even think they're calling it that).
The company that created this abomination is named PRO[something].
I can tell you one thing, these people aren't pro's (in fact, I'd go as far to say these people aren't even developers (or at least not worthy of the title)) WTF | :WTF:

GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
g_p_l29-Jul-21 4:46
Memberg_p_l29-Jul-21 4:46 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
Jacquers29-Jul-21 5:37
MemberJacquers29-Jul-21 5:37 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
Sander Rossel29-Jul-21 23:05
professionalSander Rossel29-Jul-21 23:05 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
musefan29-Jul-21 5:55
Membermusefan29-Jul-21 5:55 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
obermd29-Jul-21 6:34
Memberobermd29-Jul-21 6:34 
QuestionRe: I may just have witnessed the biggest WTF in my career... Pin
David Crow29-Jul-21 9:39
MemberDavid Crow29-Jul-21 9:39 
AnswerRe: I may just have witnessed the biggest WTF in my career... Pin
Sander Rossel29-Jul-21 23:01
professionalSander Rossel29-Jul-21 23:01 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
Dave Kreskowiak29-Jul-21 11:32
mveDave Kreskowiak29-Jul-21 11:32 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
Sander Rossel29-Jul-21 22:59
professionalSander Rossel29-Jul-21 22:59 
GeneralRe: I may just have witnessed the biggest WTF in my career... Pin
Cp-Coder29-Jul-21 12:12
MemberCp-Coder29-Jul-21 12:12 
General@witch Pin
theoldfool29-Jul-21 0:37
professionaltheoldfool29-Jul-21 0:37 
GeneralRe: @witch Pin
honey the codewitch29-Jul-21 1:00
mvahoney the codewitch29-Jul-21 1:00 
Generalremember when you first realized you were going to be laid off ? Pin
BillWoodruff28-Jul-21 23:18
mveBillWoodruff28-Jul-21 23:18 
GeneralRe: remember when you first realized you were going to be laid off ? PinPopular
Matthew Dennis29-Jul-21 4:38
sysadminMatthew Dennis29-Jul-21 4:38 
GeneralRe: remember when you first realized you were going to be laid off ? Pin
Slacker00729-Jul-21 9:15
professionalSlacker00729-Jul-21 9:15 
GeneralRe: remember when you first realized you were going to be laid off ? Pin
BryanFazekas30-Jul-21 3:04
MemberBryanFazekas30-Jul-21 3:04 
GeneralRe: remember when you first realized you were going to be laid off ? Pin
Joe Woodbury29-Jul-21 8:47
professionalJoe Woodbury29-Jul-21 8:47 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.