Tag: Snippets

Updating S3 CORS With Boto

November 17, 2014 » Geek

Sometimes you don’t have access to the S3 console, but you do have keys for a bucket. If you need to change CORS for that bucket, it turns out you can. Boto has API methods for this.

Tags: , , , ,

Addressing Nested Dictionaries in Python

March 13, 2012 » Geek

I think that post title is right. Essentially I mean dynamically accessing attributes from nested dictionaries or tuples.

Let’s say you’ve got a JSON response like this:

The JSON module would convert that into nested dictionaries, like this:

In my case, I was trying to provide a runtime specified format string which could use any of the values at any depth.

There isn’t (to my knowledge) an easy way to address into a deep structure with a single string. I considered value based format strings ('%(name)s' but there is no way to descend from there either.

My solution was to use a dot notation and evaluate it for field values.

This requires a strict policy not to use dots in your keys, but that is not an issue for my use case.

Here is my code for the dot notation:

And here it is in use against the object above:

The next (optional) step would be to create a wrapper object.

Which we can then use like so:

While this is just sugar, it does look nice doesn’t it? To be complete you would want to implement the other sequence methods such as __setitem__

So that’s my fix – what’s yours?

Replacing Kohana 3 Auth module hashing

November 9, 2011 » Geek

The password hashing in the Auth module provided with Kohana 3.1 is not very good. By default it is a simple sha256 hmac with a global salt.


This isn’t strong. If you loose the hashes and the salt it’s just a matter of winding up a GPU.

So how can we fix this? Well, thanks to Kohana’s structure we can easily override the Auth class and tweak it. However, due to Auth’s structure, we can’t drop the global salt. The hash function has to stand alone, so no passing in salts from the database.

That leaves us with key stretching.

Now, I don’t want to deal with a custom key stretching implementation, I’m not a cryptographer. So, let’s find an existing algorithm.

One that pops to mind is PBKDF2. This is a pretty simple algorithm, so it was easy to find and spot check a PHP implementation

We just take some test vectors from RFC 3962 and run them against the code we found.

Run it, and everything checks out:

So now all that’s left is to drop it in, which is pretty simple. One thing to note is that I wanted this to stay compatible with the default auth config file, so I just extended that a little bit.



One item to note is that I am packing these with base64_encode. This is to fit into the default field type for the ORM driver. That is also why my length is stunted to 45. If you really want to go all out, alter your table to use a TINYBLOB, up the length to 256 bit and up the rounds.

So that is how I replace weak hashing in K3 with something a bit better.

How do you do it?

iCloud Shimmer Effect

October 12, 2011 » Geek

Today Alex pointed out the new iCloud website had lot’s of fancy effects. One I liked best was the polished metal effect on the login box that shimmered when you moved your mouse.

I went ahead duplicated it as best I could in a short time. There are some obvious differences in approach, but it’s essentially the same.

Shimmery Effect
View The Demo

One thing I did not do was the easing on the mouse move. I really like that, but it would be time consuming to get it running.

Also, I’m not browser compatible. I only tested it in Chrome 14.

Most of the work is done in two functions.

mousemove takes the mouse position and converts it to a degree of rotation.

draw rotates the canvas and draws the image onto it.

That’s essentially it. Simple, but visually powerful. The source is embedded in the demo and commented.

Kohana 3 OAuth & Twitter Demo Code

October 6, 2011 » Geek

The Internet seems a bit sparse when looking for good demo code for using the Kohana 3 OAuth module with Twitter.

I think the main issue is that the OAuth module isn’t very well documented, and doesn’t do API requests. For that you need an API implementation, like shadowhand/apis.

Anyway, here is a gist I put together with an example controller for Twitter OAuth: