OSQA is a python/django based StackOverflow clone with a lot of nice capabilities. You might’ve seen me mention it on twitter.

Hernâni and Rick were tremendously helpful on IRC to help get past some of the things not covered in the installation documentation. Here are my notes on how to get OSQA working on OS X with SQLite (something very similar should work for Linux and mysql):

My OS X setup is: OS X 10.6.3, Python 2.6.4, Django 1.1.1.

First, install the pre-requisites:

sudo easy_install south
sudo easy_install markdown
sudo easy_install html5lib

Now create your local settings file:

cp settings_local.py.dist settings_local.py
vi settings_local.py

Setup your database settings in settings_local.py. Here are mine with sqlite:

DATABASE_NAME = '/Users/darugar/Packages/OSQA/db/osqa.sqlite3'
DATABASE_USER = ''
DATABASE_PASSWORD = ''
DATABASE_ENGINE = 'sqlite3'
DATABASE_HOST = ''
DATABASE_PORT = ''

Now it’s time to create the database:

python manage.py syncdb --all
python manage.py south --fake

That should do it, now you can run your server:

py manage.py runserver 0.0.0.0:9876

Once you’re up and running you should be able to go to http://localhost:9876/ and see OSQA in action.

Most of the examples I found for python-oauth2 show how to use the library to request and approve tokens, but not how to use the access token to access a protected resource (ie. how to actually make a call to the service you’re trying to access). Here’s an example:

import oauth2 as oauth
consumer = oauth.Consumer('consumer-key-here','consumer-secret-here')
token = oauth.Token('access-key-here','access-key-secret-here')
client = oauth.Client(consumer, token)
response = client.request('http://someservice.com/api/something/')

And here’s how you make a POST call:

import urllib
response, content = myclient.request("http://someservice.com/api/something/", \
    method="POST", body=urllib.urlencode({'name': 'value', 'another_name': 'another value'}) )

The scenario: user Alice wants to allow SimpleService to access Twitter on her behalf.

Before OAuth this would be done by having Alice give SimpleService her login credentials for Twitter. She would type in her Twitter username and password into SimpleService, and SimpleService would use those credentials to access Twitter on her behalf. This was bad because SimpleService now knew Alice’s credentials, and could do malicious things or carelessly leak her credentials to malicious people.

With OAuth Alice doesn’t have to give SimpleService her Twitter credentials. Instead she goes through a process wherein she tells Twitter that SimpleService is allowed to act on her behalf.

The flow is:

First, before Alice is involved, Twitter and SimpleService exchange secret information: SimpleService requests Twitter to provide it with a consumer token and a secret. The consumer token will be used to identify SimpleService to Twitter, and the secret will be used to secure the communications to prevent others from pretending to be SimpleService.

This is setup once, allowing SimpleService and Twitter to communicate in general.

Once setup, for each user that wants to allow SimpleService to access Twitter on their behalf, the following happens:

• The user Alice goes to the SimpleService website and requests SimpleService to access her Twitter account.
• SimpleService calls Twitter with a request_token call. This tells Twitter SimpleService is about to have a conversation with it regarding authorization.
• Twitter responds with a request_token.
• SimpleService, having received the token from Twitter, redirects the user’s browser to a Twitter authorize page, passing the along the request_token as part of the url.
• Twitter grabs the token (along with various signatures and timestamps to verify the request is not forged).
• Twitter displays a page to the user asking her if she wants to give SimpleService access to her Twitter account.
• If the user says no the game is over, and the token is not authorized.
• If the user says yes, Twitter redirects the user back to SimpleService, passing along an authorization token, letting SimpleService know the user authorized access.
• SimpleService now exchanges the authorization token for an access token: it calls Twitter with the authorization token, and requests Twitter to give it an access token.
• Twitter examines the token SimpleService sent it, verifies that it’s not forged and that the user Alice had earlier authorized that token for access. It now believes that Alice wants to grant SimpleService access to her Twitter account. Twitter responds to SimpleService with an Access token.
• SimpleService grabs the access token and stores it, associating it with the user Alice.

Now the initial authorization dance is done: SimpleService has an access token that allows it to access Twitter on behalf of Alice.

To actually access Twitter on behalf of Alice, SimpleService includes the access token with each call it makes to Twitter on behalf of Alice. Twitter checks the token, verifies that is valid, and allows SimpleService to access Alice’s resources.

To be an OAuth service provider (that is, play the part of Twitter), you need to:

• Have a way to exchange consumer tokens and secret keys with third parties (eg. SimpleService) that want to access your APIs.
• Provide a request_token service that provides tokens that start the conversation for each authorization.
• Provide an authorization page that tells the user that a third party (eg. SimpleService) is requesting access to her resources, and allows her to accept or reject the request.
• Make a callback to the service (eg. SimpleService), informing it that the request has been authorized.
• Provide an access_token service that accepts a request token that’s been authorized and provides an access token to the third party (eg. SimpleService).
• Store the access token for the user that authorized it.
• Accept access tokens as an authentication mechanism for API calls, verifying the token’s validity and authenticating the user associated with that token.

Having managed to blow the 140A fuse in my Lexus RX 300 by hooking up the wrong battery (thanks Kragen!), I wrestled with how to replace it for quite a while. It’s complicated and I didn’t find any good explanations on the web, so I’m writing it up here:

The 140A fuse is bolted into the fuse box, so no matter how hard you try to pull it from the top it won’t come off. You’ll need to disassemble the fuse box, remove the bolts, and then replace it.

First disconnect your battery to prevent any accidental shorts or sparks.

The fuse box is attached to the body of the car with 2 bolts, and there are multiple latches connecting the top portion of the fuse box to the bottom portion. Remove the bolts, then insert a flat screw driver head into each latch, pushing it apart to let the latch release. The top of the fuse box lifts up, so you’ll see each latch get free and be able to move up. There are 4 or 5 latches all around, including one semi-hidden one where the fuse box lays against the body of the car. You’ll only be able to see it when you remove the bolts.

Once the latches are open, pull the top half of fuse box up and move it around to give yourself some room to maneuver. You’ll see lots of wires connected to it. You may want to open up the air filter to open up more.

Now you need to remove the top panel in the top half of the fuse box. This is where I wasted a lot of time – it just didn’t seem to want to come out.

The trick is to push it down and get it out from the bottom of the top part of the fuse box, not to try to pull it up. Look for the latches around the top of the panel where the 140A fuse is – there’ll be little openings that a flat screw driver head can fit through. Put the screw driver in and free up the latch so the top panel can slide down towards the bottom of the fuse box. Once you have all the latches freed the top panel comes out fairly easily.

Now all you have to do is to remove the blots that hold the fuse in place. Replace the fuse and put everything back as you found it. The trickiest part is getting the hidden latch back in place, but once you have that you’ll be set.

Good luck. It’s tricky, so hang in there. I spoke with several mechanics, including a couple of mechanics from the dealership, and none of them could give a good explanation – in particular, 2 of them told me the top piece of the panel would come out from the top, and that the housing would probably break when removing it. Not true – it comes out from the bottom, and there’s no need to break anything.

I’d tried to use Google Wave on several occasions as a tool for remote collaboration. All attempts had ended in various degrees of disaster, so I didn’t have high hopes for this round. In fact we tried Google Docs, Zoho Docs, and even Etherpad as alternatives first, with Etherpad being the most effective solution. That is, until we tried Wave again.

It turns out effective remote collaboration for document authoring requires two distinct things:

• A shared document with:
  • near real-time updates for everyone
  • an indicator of who’s editing what and what’s recently changed
  • the ability to view and restore earlier versions
• A separate communications side channel

Wave provides strong shared document capabilities, as well as very nice communication capabilities via chat.

The problem, however, is that the “chat” can and often does take place within the document. The “chat” quickly becomes graffiti all over your nicely formatted document, and you have expend serious effort cleaning it up .

The solution is to separate out the discussion or chat mechanism from the document completely. In this case we used iChat with voice and video for all participants. I’m no fan of video conferencing, but I have to admit even the video was useful – particularly to gauge the level of engagement of each person at any point in time.

It is also very useful, by the way, to have multiple screens available. The document can live on one screen while the talking heads occupy the other.

I was surprised at how effective the setup was. We will definitely be using this again in lieu of travel.

For future reference:

I needed to simulate a slow connection for testing an HTTP file upload, time the results, and see how reliable it was. Turns out it’s all doable with curl using the right set of incantations. Here they are:

curl -F file=@/tmp/sample-large-image.jpg -F some_parameter=1027504 \

    -u myusername:mypassword -w "\nTIME: %{time_total}\n" \

    --limit-rate 10k http://somewebsite.com/api/upload/

What this is saying is:

• Upload the file /tmp/sample-large-image.jpg . Note the “@” symbol – that’s what tells curl this his a file upload.
• Set the parameter some_parameter to 1027504
• Use HTTP basic auth to login, with user “myusername” and password “mypassword”
• Include the word “TIME” followed by how long the upload took in the output
• Limit the upload bandwidth to 10k bytes per second

curl continues to amaze with its flexibility.

dpkg -L package-name

Note to self, as I seem to need to do this on every new install:

Ubuntu ships with vim-tiny, which doesn’t support syntax highlighting. Do this:

sudo apt-get remove vim-tiny
sudo apt-get install vim
sudo vi /etc/vim/vimrc
( Remove the quote mark from the "syntax on" line, uncommenting it)

I hear complaining about the Windows/DOS command line window and how unusable it is, which is surprising considering how easy it is to make it usable. Here we go:

• Start a new cmd session. On Vista, click on the round windows icon at the bottom left of the screen and type “cmd” into the “Start Search” box. On XP, click Start->Run and type in cmd.
• Right click on the top cmd window area and select “Properties”
• Options: Enable “Quick Edit Mode” and “Insert Mode”
• Font: Size: 10 , Font: Lucida Console
• Layout: Window Size: Width: 100, Height: 50
• Click ok
• Select “Set properties for future windows”, click Ok.

In need of scanning quite a few pages to pdf and without the scanning software that came with my printer and with a dead fax machine, I came up with the following fairly painless method. Noting here for future use:

• Scan each page of the document via the command line cmdTwain:

"\Program Files\CmdTwain\cmdtwain.exe" page1.jpg

"\Program Files\ImageMagick-6.4.0-Q16\convert.exe" -adjoin page*.jpg someDocument.pdf

Another one in the category of always-forget-how-to-do-this-so-noting-here:

class Entry(models.Model):
    blog = models.ForeignKey(Blog)

b = Blog.objects.get(id=1)
b.entry_set.all() # Returns all Entry objects related to Blog.

# b.entry_set is a Manager that returns QuerySets.
b.entry_set.filter(headline__contains='Lennon')
b.entry_set.count()

Full docs here.

The following worked for me for unlocking the Cingular BlackBerry Pearl I recently got:

• Figure out your IMEI number. Press *#06# to find it.
• Go to unlock8800 and pay for your unlock code. Mine arrived via email the next morning. I paid $20.
• Use the instructions here to enter the unlock code. The instructions you get from the unlock8800 guys aren’t too clear; you don’t need to press each key for MEPPD and MEPP2 twice; ie. to get the letter P you push the [OP] key just once.
• Note that when you first go the “SIM Card” page you won’t see what you type, but once you enter MEPPD correctly you’ll see a menu.