Fork me on GitHub
#clojure
<
2020-06-24
>
the2bears03:06:02

Which is the Rich talk where he shows the complexity and insanity of the HTTPRequest objects?

ghadi03:06:50

I think that's "Clojure Made Simple" @the2bears

3
ghadi03:06:13

Was given to an audience at JavaOne

the2bears03:06:47

@ghadi that's it, thanks!

andy.fingerhut06:06:13

Text transcripts of many of his talks, which are more easily search/grep'able, are here: https://github.com/matthiasn/talk-transcripts

👍 3
murtaza5206:06:27

I am using a macro from a library which expects a value instead of a var so (third-party-macro [1 2 3]) works but the below fails -

(def data [1 2 3])
(third-party-macro data)
Is there a way I can pass the var in the macro ?

phronmophobic06:06:37

macros work at the syntactic level, so the macro will only receive the symbol data(not even the var). hopefully, the macro is just syntactic sugar and provides programmatic access to whatever functionality you're looking for

phronmophobic06:06:29

my editor has a keybinding to view source. so if that's easy, I would just peek at the source of the third-party-macro to figure out the non-sugared API. otherwise, hopefully the docs can help

murtaza5206:06:02

yup there is no way to pass a resolved var, it will just take the symbol, thanks let me dig into the code.

solf07:06:06

Any libraries to extract dates from a text? The only one I found in clojure is deprecated (https://github.com/facebookarchive/duckling_old). I've also looked into java ones, but the one I found isn't maintained and crashes on some texts (https://github.com/joestelmach/natty). I'm also considered just using regexes, but there's a lot of date formats out there, and I'm afraid of missing some.

plins13:06:12

not sure if if this is the best place to ask but, lets say I have a jwt token, and id like to check its contents WITHOUT verifying its signature (it was handled from a trusted source) how can I achieve that? took a look at buddy-sign but all functions to decode take a secret as well

dominicm13:06:07

Just to add a little note, you might still want to verify the "exp" field on the result. Expired JWT tokens should be ignored.

🙏 3
ghadi13:06:36

it's risky, but you can unbase64 the payload and read json

🙏 3
Ivar Refsdal14:06:39

Note that you should unbase64url the payload (and not just unbase64)

Ivar Refsdal14:06:59

For example eyJ4eXoiOiAiTm9yc2sgaW5zdGl0dXR0IGZvciBiaW_DuGtvbm9taSDigJMgTklCSU8ifQ is a valid base64-url string (and JWT), but not base64.

Ivar Refsdal14:06:18

Each part contains a base64url-encoded value. https://tools.ietf.org/html/rfc7519#section-3

Ivar Refsdal14:06:23

We've been bitten by this on client side in ClojureScript. Tricky to reproduce as it only happened for a handful of users. 😉

walterl19:06:20

TIL base64url. Thanks @UGJE0MM0W!

❤️ 3
dpsutton13:06:53

i think i put a patch in to buddy to allow for a failing signature?

dpsutton13:06:02

faulty memory. it was to allow overriding of expired claims so in testing

plins13:06:04

a :verify? parameter somewhere would be really handy

plins13:06:48

is a PR welcome?

dpsutton13:06:57

not my project

dpsutton13:06:01

but they accepted my PR

plins13:06:01

ill look more into the code to see how easy it is to do then create an issue, but thanks for the help 🙂

dpsutton13:06:45

but thinking back, i thought signature checking was an explicit step. and you could just read the token either way

dpsutton13:06:10

or is that "unsigning data"?

plins13:06:46

I wasnt able to find a function that would just returned the data without caring about secrets keys or whatever

plins13:06:52

maybe its there and I just couldnt find it

dpsutton13:06:59

no i think you're right

dpsutton13:06:12

that's why i had to do the patch. i wanted a jwt in the tests but it would always be expired

dpsutton13:06:21

so i had to allow a way to ignore checking the expiration

dpsutton13:06:47

but i think ghadi was right. its just base 64 encoded json objects

dpsutton13:06:34

i think that's the magic right there

plins13:06:41

oh thanks 😄

dpsutton13:06:28

and the important part from unsign is just verifying (and throwing) on header information and then (b64/decode payload)

ghadi14:06:37

You really, really should verify tokens...

plins17:06:25

its on the pipeline, im rewriting a python service in clojure, the current system does not verify the token, and folks dont know what is the secret when it gets sorted ill switch to the buddy-sign implementation

phronmophobic19:06:16

what's the best approach for adding metadata to a def from a macro? something like:

(defmacro def-my-fn [name params & impls]
  (let [name-with-meta (vary-meta name
                                  assoc :arglists (list 'quote (list params)))]
   `(def ~name-with-meta
      (make-my-fn ~params [email protected]))))

hiredman19:06:36

The best approach is don't create new def forms

💯 3
phronmophobic19:06:42

I'm writing a pull request for a library I'm using.

phronmophobic19:06:57

i'm not sure I agree with you generally, and it's impractical to write a pull request for a library that removes the def forms they created

hiredman19:06:48

I guess I would start by looking at what the underlying def form you are expanding to (defn or def) supports as arguments

hiredman19:06:20

I think def is fairly simple, you might just want to support an optional docstring. But if you are adding arglists you may want to expand into a defn instead, if you did the arglists stuff would be handled for you, however defn supports a lot of optional arguments

phronmophobic20:06:50

for context, this is the pull request i ended up with, https://github.com/redplanetlabs/specter/pull/290.

dbernal20:06:36

what's the functional equivalent of midje prerequisites in clojure.test?

noisesmith20:06:51

the closest thing I can think of is a function calling is, reused in various contexts

noisesmith20:06:07

I can't think of anything with the same functionality that wouldn't be excessively clever / brittle

noisesmith20:06:52

for example one could replace the function with one that validates the result using is, via alter-var-root but that seems very hackish

dominicm20:06:27

I'm monkey patching a bug in my dev environment, what's the best way to evaluate code in the context of another ns? I tried (in-ns 'xxx) (code) but that didn't work :)

hiredman20:06:28

define didn't work

hiredman20:06:19

a namespace isn't really something you evaluate code in the context of, it only effects compilation (which is the first half of evaluation)

dominicm20:06:32

@hiredman symbols I wanted to have be resolved weren't resolved.

hiredman20:06:42

so for example in (let [] (in-ns 'xxx) (code)) the namespace change doesn't happen until the whole let is run, by which point code has been compiled using whatever the current value of *ns* without the change of namespace

dominicm20:06:12

ah, I was inside a try.

dominicm20:06:39

Eval does the trick, which is good enough for a dev-time monkeypatch

phronmophobic20:06:15

here's an example for future reference https://github.com/clojure/clojure-contrib/blob/b8d2743d3a89e13fc9deb2844ca2167b34aaa9b6/src/main/clojure/clojure/contrib/with_ns.clj#L20

(defmacro with-ns
  "Evaluates body in another namespace.  ns is either a namespace
  object or a symbol.  This makes it possible to define functions in
  namespaces other than the current one."
  [ns & body]
  `(binding [*ns* (the-ns ~ns)]
     [email protected](map (fn [form] `(eval '~form)) body)))

drewverlee22:06:43

Would you say that clojure development workflows have a higher maintance and ceiling then other communities? e.g keeping a repl workflow where ever you go is both very powerful but also costly.

dpsutton22:06:31

what does it mean for a workflow to have a high ceiling than other communities?

dpsutton22:06:31

and in what way do you find it costly?

phronmophobic22:06:01

just to give an example for comparison, it's been a much bigger pain to maintain a running dev environment for the iOS and android apps that I work on

☝️ 3