Azure Boxes →

The folks at Ch9 have just released (today) a video announcing details on a computing appliance for Azure.

Some time ago, when Azure was first announced, I spoke with a number of colleagues about whether this would work out for Microsoft. There seemed to be some trepidation about whether it would be worth targeting Azure, as it is essentially a new OS and platform to support.

I felt it had some merit, until I looked at the cost. Ouch. The only competitor with higher operating cost was Amazon. But, it does allow most windows developers to continute to write code to something familiar. Perhaps if it were possible to host Azure on-site, this would have a lot of value to developers.

One thing that isn’t mentioned in the video on Ch9, is how the Azure box will be setup. I don’t think people will settle for single units. Also, it would be huge if the boxes can be scaled horizontally by merely adding more to a group and deploying (within reasonable limits).

I can definitely see some of these being purchased for testing purposes, if the price of the box is low enough. It seems debatable whether local use is also worthwhile against the compute/traffic cost.

Finally, the failover abstraction may be lost if one does switch to local hosting. This may not be a big deal for people who are wary of things such as PCI/PABP compliance; as they have a lot of hurdles to conquer to be able to use cloud hosting. But, some of those who actually need the abstraction over any other benefits may fool themselves into thinking they don’t. The number of nines of uptime possible with a local solution remains to be seen.

Adventures in OAuth Echo with twitpic

Sometime this summer, use of Basic Authentication with the twitter API will be coming to an end. During the transition period, all of the third-party services that delegate calls have to stop using Basic Auth and will now have to use OAuth Echo for authorization.

Fortunately, OAuth Echo is pretty straightforward, with two catches that aren’t initially obvious but trivial to overcome. For reference, here is a link to the documentation of twitpic’s upload method.

http://dev.twitpic.com/docs/2/upload/

The two required headers are X-Verify-Credentials-Authorization and X-Auth-Service-Provider. The verify-credentials header is the same as a properly signed Authorization header pointed at the auth-service endpoint at twitter.

Herein lies the first snag that caught me. The current value used by twitpic is the following (not a clickable link):

https://api.twitter.com/1/account/verify_credentials.json

When signing the string for OAuth Echo, the URL you send in should be this, not the endpoint for twitpic (not https://api.twitpic.com/2/upload.json ).

The second snag that caught me was the HTTP method call. Calls to verify_credentials at twitter are GET, but calls to upload at twitpic are POST. The generated OAuth signature should use GET.

At first this didn’t make sense to me, but after some muddling about, I realize that this is about the easiest way for twitter’s third parties to be delegated control over a single call. The OAuth signature ensures that the only thing they can do at twitter is lookup credentials, and the middleman (twitpic) already has the work of generating the signature done for them by the client. The only thing that twitpic or others would have to do is copy the verify-credentials header into the authorization header when making the checkup call to twitter.

This is hardly just the first chapter, though, in what I expect will be further adventures in OAuth. The other, more important, API call at twitpic is the uploadAndPost call. This call, I speculate, is the root of where a ton of their homefront traffic is eventually generated. Right now, there is no equivalent OAuth Echo procedure that can allow twitpic to post to twitter. I’d imagine it isn’t too much effort (if any at all) to allow the twitter update-status method to be the target of the auth-service provider.

Some possible hijinks stand out with that particular method. One, is that the delegate may not necessarily be 100% trusted. Since the signer has already created a valid access token, the delegate could post content as it sees fit for that one call. It is unlikely anyone would do this, as that would open up a breach in trust, possibly causing them to lose access to twitter. There are some high-follow accounts where it may be worth it to a malicious insider to attempt this once, though.

Another potential issue is in error handling. Because a delegate is being used, the caller may be misinformed in a number of scenarios. The first is if twitter reports an error but succeeds, causing the delegate to report an error on the relayed call. The second is if the delegate fails internally after a call to twitter, leaving the potential result completely unknown to the caller. In recent times, under load, there have been gateway errors reported by twitter while API calls were actually succeeding; fortunately there were only two nights (that I recall) where this resulted in double-posts.

Last, it is unknown whether it will be possible to delegate by a single call to cover cases where the delegate needs to make several calls to the twitter api in a single unit of work. This will probably open up a number of questions as to whose API limit pays for the calls. I haven’t checked the results of rate-limit-headers yet, but I would guess that the client’s tally pays for the expense. This may not be good for delegates if they are performing tasks that might significantly cut into the caller’s hourly limit, which might make some clients wary of using their services.

More thoughts on VS. Also, Temporary Projects. Huh? →

My best friend, who is also a developer/engineer, asked me today if there were any VS add-ons that I’d ever dreamed of creating.

Well, to be honest, I’ve spent a lot of time in the past, writhing and bitter over broken Macro projects that no longer worked between versions of Visual Studio. And thus, given up on trying to extend the environment to suit me. One thing, though, stands out as something that I think would be useful. I’ve always wanted to be able to right-click on any project/file/solution item; and go to the physical location where that item is stored.

My friend feels this is useful as well. But, he warned, what about the case of temporary projects?

Whoa, hold the presses, temporary projects?

A little bit of digging, and sure enough, temporary projects that may be thrown away are a new feature in VS2010.

I have some reservations about this feature. It isn’t that much work to make a throwaway project. Also, I usually have an extra prototype-only solution open that I use for reference. Not really impressed, here.

Well, as they say, a rising tide lifts all boats. Maybe it is just too hard to preach a good workflow to the developer masses. I’m sure there are many things that I’ve missed out on; but I do try to keep my eyes and ears open to new things that make me better. My friend and I agree, though, that sometimes there is too much effort spent on features that demo well; but haven’t added real value to those who get things done.

Someday, I hope my VS plugin exists, whether via add-on or native integration. I think I would pay for someone else to make it for me, too. I also think people would find it useful, when importing files extraneous to VS; like unit test-case data.

partial (methods) in .NET

I’ve been working on writing a library that provides functionality using fluent syntax, as a practice exercise. During the course of mapping an existing prototype into the syntax, I came across a rather bizarre bit of .NET language functionality.

In .NET, it is well known by now to any ASP.NET or Forms developer that you can have partial classes, where the body of the class’s source is split up among a number of locations. Similarly, an interface and structure may be declared using the partial keyword with the same segmentation as well.

In C# 3.0, lesser known, is the fact that you may also declare partial methods, where the body is defined in one place, and the declaration in another. These appear to act as forward declarations in C/C++. But in .NET they are restricted, as any partial method must return void.

This seems strange to me, but in digging through some articles written by other people, it became clear the body of the function doesn’t necessarily need to be defined. How bizarre. But, with this capability, things make sense. These partial methods now become optional- if an implementation exists, it will be called. If not, then they won’t. One of the blog articles I read, points out that this is similar to how conditional methods are supported.

http://bartdesmet.net/blogs/bart/archive/2007/07/28/c-3-0-partial-methods-what-why-and-how.aspx

Partial methods must return void because no action occurs if there is no body, and no return value can exist if there is no implementation.

In all, this is a rather curious thing, but I think this has some decent uses. The first thing that comes to mind is the creation of logging stubs. If the logging methods are present, they get called. If not, then no action. I don’t know if this is necessarily better than conditional compilation, but the ability to defer the actual handling would be nice. Separation of Concerns, as usual.

discovering more stuff in .net 4.0

Found a few more interesting things in the past week.

SortedSet - Sorted version of HashSet, which should allow you to do foreach() on items with a determinate order. Regarding LINQ, this is a good alternative to doing a Take() on the first N after a sortby, as you can avoid repeating the LINQ query over and over, especially if the taken portion is not necessarily the same amount each time, and if the data set is always the same group.

Here’s the link:
http://msdn.microsoft.com/en-us/library/dd412070.aspx (SortedSet)

System.Numerics - A namespace containing two new classes, BigInteger, and Complex (complex numbers).

BigInteger is .NET’s native arbitrary-precision integer class, while Complex is a complex number class (a + bi).

Here are the links to each:
http://msdn.microsoft.com/en-us/library/system.numerics.biginteger.aspx (BigInteger)
http://msdn.microsoft.com/en-us/library/system.numerics.complex.aspx (Complex)

Finally, parallel extensions to LINQ are pretty sweet. My current favorite is ForAll(), which significantly reduces the amount of code to run heavyweight processing of items on a list in parallel fashion. This is incredibly powerful, given that you can also write a lambda / anonymous method in place for the Action() parameter.

http://msdn.microsoft.com/en-us/library/dd383744.aspx (ParallelEnumerable.ForAll())

sometimes things are blindingly simple

Haven’t tested this out just yet, but it compiles, and while i’m sure there is a better way of doing this, I spent more time thinking about the implications than I did on writing the actual code.

Ready? Check this out.

public class ChannelMultiplex
{
  public static IEnumerable<Tuple<short, short>> MonoToStereo(IEnumerable<short> source)
  {
    foreach (short sample in source)
    {
      yield return new Tuple<short, short>(sample, sample);
    }
  }
}


Too easy, right? Of course, this probably isn’t going to run very fast. But nonetheless… I <3 you Tuple<>.

first three impressions of vs2010 and .NET 4.0

1. WPF Text rendering is gorgeous

2. VS2010 is pretty. Superfluous, but other than that, no complaints here.

3. DispatchTimer feels different. Seems that AppIdle priority really means when the application is idle, not when the message queue is empty. Had to adjust for this.

Also, I can’t really make any claim to this, but using ThreadPool feels different too.

I look forward to trying out the DLR languages as well.

quick and dirty auto-disposing timer that can be used to measure times for blocks of code by gaming the using() statement →

This is not as accurate as putting a Stopwatch in your source code, but for quick and dirty profiling, good enough. I feel it is handy to be able to /abuse/use/ using() semantics for this scenario. I think this could also be improved by adding another constructor that takes a delegate to handle printing out the timer element; or perhaps a delegate to a given logging method of choice.

Syntax is straightforward.

using(new AutoTimer())
{
// do stuff here
}

using(new AutoTimer(“working in fn()”))
{
// stuff that allegedly is inside of fn()
}

One drawback is that the using() semantics become overhead even if you #ifdef away code for non-debug builds. I might be wrong about that, though. I’m sure someone with more knowledge than me can figure out a way for the using() block to be optimized away for a retail build.

ASP.NET generic handler that converts a blip.fm user's recent blips into RSS 2.0 format, suitable for embedding on flavors.me [.NET 2.0 compatible!] →

quick and dirty converter that calls blip.fm’s api to pickup recent blips from a user.

some notes:

only plucks the most recent 25
embeds youtube players if the content was sourced from youtube
silverlight support redacted, as i was unable to source the xap from my domain and use it on flavors.me
individual song links on blip.fm are not documented, but the following URL layout works, replace USERNAME and BLIPID with respective items from the api
-> http://blip.fm/profile/USERNAME/blip/BLIPID
i used a stringbuilder because the output size is pretty small, and if the handler dies, i can still override the output and set the content type too.

REF: http://api.blip.fm/

see the results in action here: http://flavors.me/meklarian

port Processing to WPF/Silverlight?

I’ve been thinking… there really isn’t a metafile format out there for WPF or Silverlight. While Processing wouldn’t cover all the bases, it would certainly do enough to allow people to program meta-elements for the canvas tag.

Just a thought.