Friday, December 27, 2019

IntelliJ “Annotate” option is not working


Your VCS is not enabled. For that reason, this issue is raised. Solution is given below:

  1. From menu bar, Click on the VCS option
  2. Enable VCS  
  3. Select your version control. For my case it is “Git”
  4. Done. Now you will be able to use the annotate option

Thursday, December 12, 2019

3 Lock Key in Keyboard

There are 3 locks in keyboard.

  1. Caps Lock --> Toggle Key. It is used to switch lowercase to uppercase in your keyboard.
  2. Scroll Lock --> Toggle Key. It is used to scroll the contents using the arrow key.
  3. Num Lock --> Toggle Key. It is mainly used for partial numeric keypad. In some keyboard, there is a numeric section for right side. It is mainly used for [Home, Page Up, Page Down, End and 4 rows]. If Num Lock is on, those keys will be used for numerical value.


Monday, December 9, 2019

Why choose Jira Software over Azure DevOps (formerly VSTS/TFS)?

Why choose Jira Software over Azure DevOps (formerly VSTS/TFS)?

1. Out-of-the-box agile support
Jira Support for Scrum, Kanban, and any framework in between. Teams can begin with a lightweight approach and then progressively add more features.
Azure DevOps Supports Kanban, Scrum and CMMI. No ability switch between.

2. Simply powerful project configuration
Teams can easily customize their project workflow, issue types, and fields for the board they want and need, without affecting another project’s customizations.

3. Built-in roadmaps
Quickly create a timeline of your plans, update your priorities as they change, visualize dependencies, and communicate the status of work to your stakeholders.

4. Customizable dashboard - "both in Jira and Azure DevOps"
Create custom dashboards in Jira Software that contain all the information you need to effectively plan and track your work.

5. Comprehensive agile reporting
Teams have access to more than a dozen reports with real-time, actionable insights into how their team is performing sprint over sprint.

6. Powerful search
Jira Software comes with advanced search capabilities powered by Jira Query Language that offers teams detailed views into their work.

7. Developer environment agnostic
Jira Software works with every type of developer environment, meaning no team member will ever be forced to use any tool they don't want to.

8. Native mobile support
With Jira Software for iPhone and Android, your single source of truth is always in your pocket.

9. Marketplace with 1,000+ plug-and-play add-ons
Over 1,000 plug-and-play add-ons from the Atlassian Marketplace extend Jira Software to fit any use case or development process.

10. Enterprise-ready - "both in Jira and Azure DevOps"
Jira Software provides high availability, performance at scale and advanced security features like encryption at rest.

Resource Link: https://www.atlassian.com/software/jira/comparison/jira-vs-azure-devops

Azure DevOps Vs Jira

What is Azure DevOps?
Azure DevOps provides unlimited private Git hosting, cloud build for continuous integration, agile planning, and release management for continuous delivery to the cloud and on-premises. Includes broad IDE support.

What is Jira?
Jira's secret sauce is the way it simplifies the complexities of software development into manageable units of work. Jira comes out-of-the-box with everything agile teams need to ship value to customers faster.

Why do developers choose Azure DevOps?
1. Complete and powerful
2. Flexible and powerful
3. Huge extension ecosystem
4. One Stop Shop for Build server, Project Mgt, CDCI
5. Azure integration
6. Everything I need. Simple and intuitive UI
7. Integrations
8. Support Open Source
9. GitHub Integration
10. Crap
11. Jenkins Integration


Why do developers choose Jira?
1. Powerful
2. Flexible
3. Easy separation of projects
4. Run in the cloud
5. Code integration
6. Easy to use
7. Run on your own
8. Great customization
9. Easy Workflow Configuration
10. REST API
11. Great Agile Management tool
12. Integrates with virtually everything
13. Confluence
14. Sentry Issues Integration
15. Complicated

Cons of Azure DevOps:
1. Not a requirements management tool
2. Poor Jenkins integration
3. Capacity across cross functional teams not visible
4. Half Baked
5. Jack of all trades, master of none
6. Still dependent on C# for agents

Cons of Jira:
1. Rather expensive
2. Large memory requirement

I use Jira because
It's used widely as the best SW dev tool
It's so easy to use
Flexible to configure
Great for tracking of tickets while leading meetings
Accessible from Everywhere
In overall, especially for large projects, Confluence is must. On the other hands, for small-mid size projects, Trello is also great due to visualization power.

Resource Link: [Azure DevOps Vs Jira](https://stackshare.io/stackups/azure-devops-vs-jira)

Comments of Aaron Ibanez Werthermann:(https://www.itcentralstation.com/users/aaron-ibanez-werthermann)
-------------------------------------
The biggest difference between Jira vs Microsoft Azure Devops is that you need to know how Bitbucket and Bamboo in deep and how these tools work together. Prepare a DevOps environment with these Atlassian tools took me for about 3 times more than Azure Devops, because you need to create and configure your Bamboo agents by using a script.

Microsoft Azure is a more intuitive and practical solution to perform DevOps quickly, and also it lets you monitor the health of your application by using Application Insights at any time in any component.

Regarding the advantage in time and effort that Microsoft Azure has over Atlassian, many companies choose Atlassian because the cost is less expensive than Microsoft Azure. For me it is not a good reason to select a tool.

Comments of Jody Chmielewski:(https://www.itcentralstation.com/users/jody-chmielewski)
-----------------------------
My recommendation would be to identify your requirements (what features do you need), create a short RFP with specific requirements for what you would like to see in the tool and ask the vendors to show you how their product satisfies your requirements. This doesn't have to be a prolonged process but truly only the vendors can show you the possibilities with their tools. Most tools are only partially implemented...providing a biased viewpoint on their value. Any comments I would have would be specific to the functionality I have used in the tools and not a complete picture.

Any software solution purchase depends on what tools a client already owns (what they need to integrate), their business process, their budget their needs and their expertise.

Resource Link: https://www.itcentralstation.com/products/comparisons/jira_vs_microsoft-azure-devops

Sunday, December 8, 2019

Intellij Error: “Usage of API documented as @since 1.8+..”

Solution#1:

Add Java version in properies section of pom.xml
    <properties>
        ......
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
    </properties>
   
Solution#2:

You have to add build configuration in your pom.xml
    <build>
        .....
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.8.1</version>
                <configuration>
                    <source>1.8</source>
                    <target>1.8</target>
                </configuration>
            </plugin>
        </plugins>
    </build>

Solution#3: For IntelliJ users, add the following configuration.
Use both Solution#1 and Solution#2, Then add settings like below:

File -> Project Structure -> Project Settings -> Modules -> "Your Module Name" -> Sources -> Language Level

and change to your desired level i.e 1.8 or others.

Thursday, December 5, 2019

What is refresh token? How to retrieve google refresh token? What is the expiration time?

Refresh Token:

Refresh tokens are the credentials that can be used to acquire new access tokens. The lifetime of a refresh token is much longer compared to the lifetime of an access token. When current access tokens expire or become invalid, the authorization server provides refresh tokens to the client to obtain new access token.

Resource Link: https://www.tutorialspoint.com/oauth2.0/refresh_token.htm

I have also got a full blog post here: Google Refresh Tokens : Answers to Some Common Questions  It is really awesome. So I keep it in my blog as it is. So that I can read it again.

Google refresh tokens are used to generate an access token, even when the user is not available at the browser (the user is "offline"). Web applications typically save the refresh token of the user when he authorizes the Google application. The application can later use this refresh token to generate an access token, and make API calls on behalf of the user directly from the server.
The most popular use of a refresh token is during the execution of a cron job at the server. For example, a cron script would use the refresh token to generate a Google Analytics report for the user at a specific time.
Typically developers have some questions over the usage of Google refresh tokens. This article contains some of the common questions asked.

I got a refresh token previously, but now Google stopped sending refresh token

For the first time when the user authorizes your application he will see a consent screen. Through the consent screen he allows the application to get access to his data via API calls. Typically after the first time, user will not see a consent screen.
It is through this consent screen, you get a refresh token. No consent screen means no refresh token.
To force the application to show a consent screen, set prompt=consent in the Google OAuth url. This will ensure that Google returns a refresh token.
https://accounts.google.com/o/oauth2/v2/auth?
client_id=client_id&
scope=API_SCOPE&
redirect_uri=REDIRECT_URL&
response_type=code&
access_type=offline&
prompt=consent

I got a new refresh token. Does it mean that my older refresh token will not work ?

The older refresh token will work too. However Google imposes a limit of 50 refresh tokens per user for each application. If this limit is reached, creating a new token automatically will invalidate the oldest token without warning.
This means that for the first 50 times, you will get a new refresh token, and all the 50 refresh tokens will work.
However when the 51st refresh token comes, the first refresh token becomes invalidated. The 52nd refresh token will invalidate the 2nd refresh token. And so on.
Also the limit of 50 is not a fixed one. For Google Analytics API is is set to 25. The exact limit can be found in the documentation of the API. The documentation of each Google API typically has a section "Authorization". In this section, you can find the exact limit. If the limit is not listed, it is safe to consider it as 50.
In general it is not a good idea to request a refresh token each time when the user logs in. A refresh token is returned each time when the Google OAuth url contains the parameter prompt=consent. Setting prompt=none would not return a refresh token.
In the worst case, when your application is forced to get a new refresh token each time, make sure that your application is saving the latest refresh token, and removing the older refresh token.

When does a refresh token expire ?

Refresh tokens do not expire, unless there are few special conditions :
  1. The user has removed your Google application.
  2. The refresh token has not been used for six months.
  3. The user changed password and the refresh token contained Gmail scopes.
    This means that the refresh token will be invalidated only when he had previously given the permisions for managing his Gmail, and then later changed his password.
    For the rest of Google services like Youtube, Calendar etc, a changed password will not invalidate the refresh token.
  4. The application generated a new refresh token for the user for more than 50 times.
    See the above question I got a new refresh token. Does it mean that my older refresh token will not work for more information.

Is it a good idea to get a new refresh token from the user every time he logs-in to my Google application ?

No. As discussed above there is a limit of 50 refresh tokens for each user. This does not mean that Google will not return a refresh token after the 50th API call. A refresh token will be returned, but the older refresh token will be invalidated. See the question I got a new refresh token. Does it mean that my older refresh token will not work for more information on this.

How can we test google oauth2 using curl?

Answer is available in this link with full description:

https://github.com/jhanley-com/google-oauth-2-0-testing-with-curl

What is Access Token, ID Token? How can we retreive User info from Access Token or ID Token?

What is an Access Token?
An Access token is a Bearer token that you will have to add in all request headers to be authenticated as a concrete user.

Resource Link: https://stackoverflow.com/questions/25838183/what-is-the-oauth-2-0-bearer-token-exactly/25843058

What is an ID Token?


An ID Token is a JWT (JSON Web Token), that is, a cryptographically signed Base64-encoded JSON object. Normally, it is critical that you validate an ID token before you use it, but since you are communicating directly with Google over an intermediary-free HTTPS channel and using your client secret to authenticate yourself to Google, you can be confident that the token you receive really comes from Google and is valid. If your server passes the ID token to other components of your app, it is extremely important that the other components validate the token before using it.

Since most API libraries combine the validation with the work of decoding the base64 and parsing the JSON, you will probably end up validating the token anyway as you access the fields in the ID token.

An ID token's payload
An ID token is a JSON object containing a set of name/value pairs. Here’s an example, formatted for readability:

{
  "iss": "accounts.google.com",
  "at_hash": "HK6E_P6Dh8Y93mRNtsDB1Q",
  "email_verified": "true",
  "sub": "10769150350006150715113082367",
  "azp": "1234987819200.apps.googleusercontent.com",
  "email": "jsmith@example.com",
  "aud": "1234987819200.apps.googleusercontent.com",
  "iat": 1353601026,
  "exp": 1353604926,
  "nonce": "0394852-3190485-2490358",
  "hd": "example.com"
}

Resource Link: https://developers.google.com/identity/protocols/OpenIDConnect#obtainuserinfo

How can we retreive User info from Access Token or ID Token?

Answer is available in this link: https://www.oauth.com/oauth2-servers/signing-in-with-google/verifying-the-user-info/

Resource Link:

  1. https://stackoverflow.com/questions/16501895/how-do-i-get-user-profile-using-google-access-token
  2. https://stackoverflow.com/questions/22516693/how-to-get-user-profile-on-google-api-using-the-java-library