Cryptic Error with Custom PowerShell Cmdlet

I was building a PowerShell cmdlet aimed at SharePoint 2013 earlier tonight and after deploying my WSP I was getting the following cryptic error.

Cannot process argument because the value of argument "implementingType" is null. Change the value of argument "implementingType" to a non-null value.

The error claimed to be a result of attempting to load the help XML file although this turned out to be a bit of a red-herring in my case.

Searching around online didn’t really show much so I thought I’d leave a quick note here about what eventually solved it for me. It turned out that in my registration XML (found under hive/CONFIG/POWERSHELL/Registration) I had declared the wrong assembly. By default my registration XML was using a $SharePoint.Project.AssemblyFullName$ token which would be fine in certain circumstances but as my assembly was being built in a different project with a different key, this was being filled in with the wrong details. After changing the <ps:Assembly Name=”$SharePoint.Project.AssemblyFullName$”> tag to declare the correct assembly, I stopped getting the above error.

Make Function Keys Default on Apple Keyboard in Ubuntu 16.04 Xenial Xerus

Even though I use a PC laptop, I have an Apple keyboard because I like how slim it is (means I don’t have to lift my palms too high off the table when typing). The problem I’ve had, since I started using Ubuntu heavily, is that Ubuntu will bind all the function keys to their related media functions. I’m sure that’s really intuitive if you’re not doing development – I am, and having to press fn+F5 all the time is a slight annoyance. After a little search I think I’ve found the best way to do it is detailed at the following link.

https://help.ubuntu.com/community/AppleKeyboard#Ubuntu_9.04_to_12.04_LTS_.28Precise_Pangolin.29

The method I’m using is the first method listed which involves adding a hid_apple.conf file to the /etc/modprobe.d directory with the contents

options hid_apple fnmode=2

Previously I was using a different method that involved adding the line “echo 2 | sudo tee /sys/module/hid_apple/parameters/fnmode” to rc.local but for some reason on my laptop this doesn’t always appear to work as my Apple keyboard hasn’t yet been detected/loaded when this particular line is executed.

Getting all folders in a SharePoint list

This blog post is no great revelation, it’s just a reminder to the future me about what SPList.Folders shows. I’ve forgotten the exact answer and subsequently tested it with PowerShell so many times but my memory for these little details is horrible. So the question I found myself asking, and what I tested in PowerShell, was whether SPList.Folders shows you ALL the folders, including sub-folders. The answer is yes.

Using Azure-Provided DNS

I came across this slight annoyance today. I have bunch of development servers on Azure with an AD deployment, SQL, etc. and I was wanting to modify the built-in Azure-provided DNS / Azure-managed DNS records. I’ve since found out at https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-name-resolution-for-vms-and-role-instances/#azure-provided-name-resolution that you can’t modify the records for the built-in DNS and you need to setup your own DNS if you want this level of control. Managing my own, internal only, DNS just seems a bit unnecessary for a development environment so I’ll just modify the hosts file for now.

After a bit more investigation I’ve found out that I can’t seem to add to the hosts file as the servers appear to be ignoring it for Domain controller name resolution. I’m not sure if I’ve ever attempted using hosts file name resolution for joining to a domain controller so unsure if this is a result of a Windows Security Update or just a general check done by Windows anyway. Regardless, it means I’m going to need to set a custom DNS server in Azure which can be done under Virtual Networks -> (Name of Virtual Network) -> DNS servers -> Custom DNS -> Primary DNS Server.

Sharing an ExpressJS / Connect / PassportJS Session with Golang – Part 1

TL;DR – I’ve confirmed the process to extract and verify the session ID and accompanying signature from the authentication cookies set by ExpressJS and Connect. For a “no-sh*t-sherlock” version of this article (bare bones research) check out my Oystr map here.

ConnectSid

 

I’ve begun the process of writing some of my microservices for my start-up, Oystr, in Golang and I have encountered a slight issue with authentication. My current authentication is all handled by PassportJS in a Node.JS and ExpressJS stack meaning I’m going to have to somehow share the the session information between the two different platforms. I’m a one man team at the moment so re-writing everything in Golang is out of the question and I’m just battling too much with the lack of type checking in JavaScript to be able to continue completely on Node.JS. The solution for me is to be able to access the cookie information saved by ExpressJS and then pull the user information from Redis into Golang.

The Connect.SID Cookie

So this is what I know from previous experience with setting up PassportJS – I know that it uses the information stored in the “connect.sid” cookie value to find the corresponding user IDs in the Redis session store I’m using to persist sessions. Verifying this was the easy bit and was just a matter of opening up Chrome’s developer tools (F12) and then looking at the cookies. Sure enough I found it as shown below.

connect.sid Cookie

Looking at the value, it was clear to see that it was URL encoded so once I decoded this I got something of the form “s:sessionid.signature”. At this point you could say “now that I have the session ID I can go look for that ID in the Redis session store… my work here is done”, smack your hands and walk away… BUT if you do that you’re opening yourself up to a massive security hole. Someone could easily just try brute forcing the session ID in the hope that they hit the session ID matching a logged in user. To really make this secure you need to be able to verify the signature is correct for the given session ID.

Verifying the Signature

So after a bit of research (go look at my research map in Oystr, here, if you want to see my sources for yourself) I figured out the process for creating the signature. I decided that initially I’d prove the process works with the sample I took from my browser using commands on the Linux command line as I hate writing code for a process that doesn’t actually work. Writing code for something that isn’t even correct is a million times more annoying than having to continuously check your typing in JavaScript (and if you read my last post https://mymemorysucks.wordpress.com/2016/05/19/why-javascript-is-giving-me-depression/ you’ll realise how big of annoyance that is to me).

The basic process to create the signature from the session ID is –

  1. Create a SHA256 HMAC signature based upon the secret you declare in your ExpressJS middle-ware setup code. The code itself should look something like app.use(session({secret: ‘my secret’})).
  2. Creating the signature will generate a long hexadecimal value like “6F0AD0BFEE7D4B478AFED096E03CD80A”. You need to convert this to base64 and that value should match the signature stored in the “connect.sid” cookie.

It’s only two steps so it’s pretty basic. After some searching around I figured out you could do the conversion from the Linux command line using the “openssl”, “xxd”, and “base64” commands.

  1. You use “openssl” to first create the signature for the session ID.
  2. You use “xxd” to convert the signature, which is actually just a “string” of numbers and letters, into the actual bytes represented by the hexadecimal characters.
  3. You use “base64” to convert the bytes from “xxd” into a base64 format.

You can do all of that pretty easily with the following commands –

  1. echo -n <session id> | openssl sha256 -hmac <my secret>

    This dumps out a string like “6F0AD0BFEE7D4B478AFED096E03CD80A”. This is the <signature> to be used in the next set of commands.

  2. echo -n <signature> | xxd -r -p | base64

After that second command, assuming you did all that correctly and used the correct values, you should have a base64 signature that matches exactly the signature part of your example connect.sid cookie.

What next?

So now that I can calculate the correct signature, I can make sure that the session ID I’m being supplied by the user hasn’t been tampered with and that they are unlikely to be attempting a brute force hack. In my part 2 post I’ll give details and code as to how I made use of all of this in developing a Golang package to share the sessions and user profiles between my two platforms.

Why JavaScript is giving me depression…

Disclaimer: This is not a serious post. It’s intended to be a little tongue-in-cheek. Before you try and start a war in the comments section for either the “JS sucks” camp or the “JS is the second coming” camp, I won’t be approving any of those comments as THIS POST ISN’T SERIOUS and I’m not speaking for either side.

For the last year I’ve been building Oystr, a collaborative problem solving platform, upon Node.JS. Prior to moving entirely into JavaScript for the full stack, I had been developing on top of .NET using C# for about 15 years. Over the last year I’ve found working with JavaScript on the server to be liberating at times compared to the .NET/C# world. But this has come at a huge cost. My initial elation with JavaScript is now beginning to turn to depression. For a while I’ve been going backwards and forwards between elation and depression so much that I started to feel kind of bi-polar. But now, I think I’m ready to call it. JavaScript is making me depressed.

I think one of the biggest annoyances is the lack of types. I know people are probably thinking “I could’ve told you that” but let me explain. It’s not so much the lack of any strong typing, it’s more what strong typing provides you… auto-complete. Man I miss proper VS.NET auto-complete. The thing I love about JavaScript is it’s duck typing. But obviously this has come at the cost of my sanity.

But really auto-complete is just a convenience. That’s not the main reason I feel depressed with JavaScript. The main reason I feel depressed when I go back to working with JavaScript, is that re-factoring just feels so much harder. I don’t have any quantitative data to back this up, it’s just a feeling. But damn it’s stressful when I want to do something simple like rename a method. I’m always worried that WebStorm will accidentally rename similarly named methods or properties. And here is the worst part… I can’t do a compile to do a simple sanity check. Sure if something compiles it doesn’t mean it works for sure, but it sure goes a long way in giving you the peace of mind that “oh, it seems to be OK…” which is a hell of a lot better than feeling “have I missed or forgotten anything?!?!?!” and never actually feeling comfortable with saying it’s all fine until you’ve done a full systems test.

This compile-time related depression (I’m calling it CTSD for Compile-Time Stress Disorder) extends beyond the fact my compiler safety net no longer exists. It’s the fact that when I started programming 22 years ago, what got me so excited as a child when I moved from BASIC to C / C++ was that I could compile my code and when it compiled / linked properly, it felt like a milestone. Programming, for me, is more than just work. I love to code, it’s part of who I am. Taking away one of the things that makes me feel like I’m getting somewhere (whether that’s actually true or not) just sucks the fun out of programming for me.

I think for the sake of my sanity and to bring joy back into my nerd life, it may be time I put down JavaScript and start looking for something not CTSD prone.