torii
A set of clean abstractions for authentication in Ember.js
Torii
I am new to ember-cli, currently I am having trouble with oauth2 with LinkedIn, the server side is rails. This is also my first question so please let me know if there's any other information needed or if it's too verbose. When i attempt to sign in I get the linkedin popup but then get the following error:
POST http://localhost:9000/v1/sessions 400 (Bad Request)
jQuery.ajaxTransport.send @ jquery.js:9664jQuery.extend.ajax @ jquery.js:9215exports.default.Ember.default.Object.extend._fetchSession @ application.js:22initializePromise @ ember.debug.js:45486Promise @ ember.debug.js:47114_fetchSession @ application.js:21fetch @ application.js:15(anonymous function) @ session.js:72tryCatch @ ember.debug.js:45439invokeCallback @ ember.debug.js:45451(anonymous function) @ ember.debug.js:47350(anonymous function) @ ember.debug.js:26472Queue.invoke @ ember.debug.js:878Queue.flush @ ember.debug.js:943DeferredActionQueues.flush @ ember.debug.js:748Backburner.end @ ember.debug.js:173Backburner.run @ ember.debug.js:228Backburner.join @ ember.debug.js:247run.join @ ember.debug.js:15904run.bind @ ember.debug.js:15966jQuery.Callbacks.fire @ jquery.js:3148jQuery.Callbacks.self.fireWith @ jquery.js:3260jQuery.extend.ready @ jquery.js:3472completed @ jquery.js:3503
I get the same response when I actually hit the 'sign in with linkedin' button.
Here is my code for ember-cli:
app/adapters/application.js
import DS from 'ember-data';
export default DS.RESTAdapter.extend({
namespace: 'v1'
});
app/routes/application.js
import Ember from 'ember';
//takes place of App.IndexRoute =
export default Ember.Route.extend({
//allow session to persist after page refreshes & fetch wehn activated
//shoudl only happen once
activate: function() {
this.get('session').fetch();
},
actions: {
signInViaLinkedin: function(){
var route = this;
this.get('session').open('linked-in-oauth2').then(function(authorization){
// do the things after login, like redirect to dashboard
}, function(error) {
route.controller.set('error', 'Could not sign you in: ' + error.message);
});
}
}
});
config/environment.js
module.exports = function(environment) {
var ENV = {
modulePrefix: 'fetch',
environment: environment,
baseURL: '/',
locationType: 'auto',
EmberENV: {
FEATURES: {
// Here you can enable experimental features on an ember canary build
// e.g. 'with-controller': true
}
},
APP: {
// Here you can pass flags/options to your application instance
// when it is created
}
};
...
if (environment === 'development') {
// ENV.APP.LOG_RESOLVER = true;
ENV.APP.LOG_ACTIVE_GENERATION = true;
// ENV.APP.LOG_TRANSITIONS = true;
// ENV.APP.LOG_TRANSITIONS_INTERNAL = true;
ENV.APP.LOG_VIEW_LOOKUPS = true;
ENV.puppifi = {
sessionUrl: 'http://localhost:9000/v1/sessions'
};
ENV.torii = {
sessionServiceName: 'session',
providers: {
'linked-in-oauth2': {
apiKey: 'LINKED_IN_CLIENT_ID',
redirectUri: 'http://localhost:4200',
}
}
};
if (environment === 'test') {
// Testem prefers this...
ENV.baseURL = '/';
ENV.locationType = 'none';
// keep test console output quieter
ENV.APP.LOG_ACTIVE_GENERATION = false;
ENV.APP.LOG_VIEW_LOOKUPS = false;
ENV.APP.rootElement = '#ember-testing';
}
if (environment === 'production') {
ENV.torii = {
sessionServiceName: 'session',
providers: {
'linked-in-oauth2': {
apiKey: 'LINKED_IN_CLIENT_ID',
redirectUri: 'http://http://development.fetch.divshot.io',
}
}
};
ENV.puppifi ={
sessionUrl: '/__/proxy/v1/sessions'
};
}
return ENV;
}
};
Rails App
app/controller/v1/sessions_controller.rb
module V1
# session controller can fetch old sessions
class SessionsController < ApplicationController
# skipped because ember and rails are on different domains
skip_before_action :verify_authenticity_token
def create
linkedin_authenticator = LinkedinAuthenticator.new(linkedin_auth_code)
user_factory = UserFactory.new(linkedin_authenticator)
user_factory.find_or_create_user
render json: user, status: :created
end
private
def linkedin_auth_code
params.require(:'linkedin_auth_code')
end
end
end
services/linkedin_authenticator.rb
require "net/http"
require "net/https"
class LinkedinAuthenticator
LINKED_IN_OAUTH_PATH = "https://linkedin.com/uas/oauth2/authorization?response_type=code"
def initialize(auth_code)
@auth_code = auth_code
end
def name
linkedin_user[:login]
end
private
def linkedin_user
@linkedin_user ||= linkedin_client.user
end
def linkedin_client
OAuth2::Client.new(access_token: access_token)
end
def access_token
linkedin_response["access_token"]
end
def token_type
linkedin_response["token_type"]
end
def scope
linkedin_response["scope"]
end
def linkedin_response
@linkedin_response ||= JSON.parse(res.body)
end
def res
http.request(req)
end
def req
req = Net::HTTP::Post.new(uri.path)
req.set_form_data(post_data)
req["Accept"] = "application/json"
req
end
def http
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http
end
def uri
URI.parse(LINKED_IN_OAUTH_PATH)
end
def post_data
{
"client_id" => ENV["LINKED_IN_CLIENT_ID"],
"client_secret" => ENV["LINKED_IN_CLIENT_SECRET"],
"code" => @auth_code
}
end
end
Source: (StackOverflow)
I'm attempting to allow multiple oauth providers using ember-cli, ember-simple-auth, torii and devise on my rails backend. Everything seems to work, but the modal never closes and the session in the client is never updated.
Steps to repro:
- Click the link to login via google-oauth2 provider
- Observe modal open with list of account login options
- Select account and login
- Observe modal redirect to local rails server for token exchange (http://localhost:3000/login_profiles/auth/google_oauth2/callback?state=STATE&code=string)
Observe modal window populated with json response issued by local rails server
{
"access_token": "8gmvGfHsUx_1mrEAG1Vu",
"login_profile_id": 1
}
Observe modal remains open. If manually closed the browser reports the error:
Error: Popup was closed, authorization was denied, or a authentication message otherwise not received before the window closed.
Observe no updates to client session object
Included below are my lib versions and the relevant bits of my application code. Any help would be greatly appreciated.
DEBUG: Ember : 1.13.3
DEBUG: Ember Data : 1.13.5
DEBUG: jQuery : 2.1.4
DEBUG: Ember Simple Auth : 0.8.0
DEBUG: Ember Simple Auth Torii : 0.8.0
Server:
class LoginProfiles::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def google_oauth2
login_profile = LoginProfile.find_or_create_by_google_oauth2(request.env['omniauth.auth'])
render json: { access_token: login_profile.authentication_token, login_profile_id: login_profile.id }
end
def facebook
login_profile = LoginProfile.find_or_create_by_facebook_oauth2(request.env['omniauth.auth'])
render json: { access_token: login_profile.authentication_token, login_profile_id: login_profile.id }
end
end
Client:
config/environment.js
torii: {
providers: {
'google-oauth2': {
clientId: 'string',
redirectUri: 'http://localhost:3000/login_profiles/auth/google_oauth2/callback'
},
'facebook-oauth2': {
clientId: 'string',
redirectUri: 'http://localhost:3000/login_profiles/auth/facebook/callback'
}
}
},
'simple-auth': {
authenticationRoute: 'sign-in',
routeAfterAuthentication: 'index',
authorizer: 'authorizer:application',
crossOriginWhitelist: ['http://localhost:3000', 'http://localhost:4200']
},
routes/application.coffee
`import Ember from 'ember'`
`import ApplicationRouteMixin from 'simple-auth/mixins/application-route-mixin'`
ApplicationRoute = Ember.Route.extend ApplicationRouteMixin,
actions:
authenticateWithFacebook: ->
@get('session').authenticate('simple-auth-authenticator:torii', 'facebook-oauth2')
authenticateWithGooglePlus: ->
@get('session').authenticate('simple-auth-authenticator:torii', 'google-oauth2')
`export default ApplicationRoute`
templates/application.hbs
<p>
Sign in with
<a {{action "authenticateWithGooglePlus"}}>Google</a>
or
<a {{action "authenticateWithFacebook"}}>Facebook</a>
or
{{#link-to 'register' id="register"}}register a new account.{{/link-to}}
</p>
bower.json
{
"name": "brand-management-client",
"dependencies": {
"ember": "1.13.3",
"ember-cli-shims": "ember-cli/ember-cli-shims#0.0.3",
"ember-cli-test-loader": "ember-cli-test-loader#0.1.3",
"ember-data": "1.13.5",
"ember-load-initializers": "ember-cli/ember-load-initializers#0.1.5",
"ember-qunit": "0.4.1",
"ember-qunit-notifications": "0.0.7",
"ember-resolver": "~0.1.18",
"jquery": "^2.1.4",
"loader.js": "ember-cli/loader.js#3.2.0",
"qunit": "~1.17.1",
"foundation": "~5.5.0",
"ember-simple-auth": "0.8.0"
}
}
package.json
{
"name": "brand-management-client",
"version": "0.0.0",
"description": "Small description for brand-management-client goes here",
"private": true,
"directories": {
"doc": "doc",
"test": "tests"
},
"scripts": {
"start": "ember server",
"build": "ember build",
"test": "ember test"
},
"repository": "",
"engines": {
"node": ">= 0.10.0"
},
"author": "",
"license": "MIT",
"devDependencies": {
"broccoli-asset-rev": "^2.0.2",
"broccoli-clean-css": "1.0.0",
"ember-cli": "1.13.1",
"ember-cli-app-version": "0.4.0",
"ember-cli-babel": "^5.0.0",
"ember-cli-coffeescript": "0.11.0",
"ember-cli-dependency-checker": "^1.0.0",
"ember-cli-foundation-sass": "1.1.1",
"ember-cli-htmlbars": "0.7.9",
"ember-cli-htmlbars-inline-precompile": "^0.1.1",
"ember-cli-ic-ajax": "^0.2.1",
"ember-cli-inject-live-reload": "^1.3.0",
"ember-cli-qunit": "0.3.15",
"ember-cli-release": "0.2.3",
"ember-cli-sass": "3.1.0",
"ember-cli-simple-auth": "0.8.0",
"ember-cli-simple-auth-torii": "0.8.0",
"ember-cli-uglify": "^1.0.1",
"ember-data": "1.13.5",
"ember-disable-proxy-controllers": "^1.0.0",
"ember-export-application-global": "^1.0.2",
"torii": "^0.5.1"
}
}
Source: (StackOverflow)
I've been working all week to get authentication working. I have gotten it working with
- Ember-CLI
- Ember-Simple-Auth
- Torii
However I have proven unsuccessful in getting the users information from google. I have tried creating a torii-adapter as stated in their documentation but it doesn't appear to be called
// app/torii-adapters/application.js
export default Ember.Object.extend({
open: function(authorization){
console.log('authorization from adapter', authorization);
}
});
I've exhausted my google-foo and am asking for your assistance. This is a great library combination for authorization however the documentation is lacking for this case, and when figured out I will be sure to contribute back.
Thank you
Source: (StackOverflow)
I'm having a lot of trouble getting ember simple auth with torii working at all at the moment using Ember CLI.
After creating a new Ember CLI app and installing torii, ember-cli-simple-auth and ember-cli-simple-auth-torii, I have a couple of buttons on my login page
Here is the contents of my routes/login.js:
import Ember from 'ember';
export default Ember.Route.extend({
actions: {
googleLogin: function() {
this.get('session').authenticate('simple-auth-authenticator:torii', 'google-oauth2');
return;
},
facebookLogin: function() {
this.get('session').authenticate('simple-auth-authenticator:torii', 'facebook-oauth2');
return;
}
}
});
The relevant part of my environment.js file is:
var ENV = {
...
torii: {
providers: {
'google-oauth2': {
apiKey: 'api-key-here',
scope: 'profile',
redirectUri: 'http://localhost:4200'
},
'facebook-oauth2': {
apiKey: 'api-key-here',
redirectUri: 'http://localhost:4200'
}
}
},
...
};
When I hit the actions in my login.js, I get the following error:
Error: Expected configuration value providers.facebook-oauth2.apiKey to be defined!
or
Error: Expected configuration value providers.google-oauth2.apiKey to be defined!
Why is torii not picking up my environment.js configuration?
Source: (StackOverflow)
I have a custom authenticator which inherits from the torii authenticator:
https://github.com/wayne-o/sonatribe-ui/blob/master/app/authenticators/sonatribe-facebook.js
It works in so far as I can log in and I can see the session data in local storage:
{"authenticator":"authenticator:custom","userId":"698671479","accessToken":"********","provider":"facebook-connect","user_id":"1111","user":{"slug":null,"name":null,"username":null,"profilePictureUrl":"https://fbcdn-profile-a.akamaihd.net/hprofile-ak-xfp1/v/t1.0-1/p111x111/10325277_","auth":"1111","eventsAttending":[]}}
However, upon refreshing most of the data has gone and I am left with:
{"authenticator":"authenticator:custom","provider":"facebook-connect"}
What part am i missing so that all of my session data is re-hydrated?
Source: (StackOverflow)
I am trying to set up an authenticator which would be valid for many providers, because in the backend I am using doorkeeper assertion method which handles the whole flow.
I have installed:
* "ember-cli-simple-auth": "0.8.0-beta.1"
* "ember-cli-simple-auth-oauth2": "^0.8.0-beta.2"
* "ember-cli-simple-auth-torii": "^0.8.0-beta.2"
* "torii": "^0.3.4"
I was looking at this issue Workflow for Ember-simple-auth, Torii and Facebook Oauth2 so I could write this:
# templates/login
<a {{action 'oauth2Authenticate' 'facebook-oauth2'}}>Login with facebook</a>
<a {{action 'oauth2Authenticate' 'google-oauth2'}}>Login with google</a>
# controllers/login
actions: {
oauth2Authenticate: function(provider) {
this.get('session').authenticate('authenticator:oauth2', { torii: this.get('torii'), provider: provider });
}
}
# initializers/authentication
import Oauth2Authenticator from '../authenticators/oauth2';
export function initialize(container) {
container.register('authenticator:oauth2', Oauth2Authenticator);
}
export default {
name: 'authentication',
initialize: initialize
};
# authenticators/oauth2
import Ember from 'ember';
import OAuth2 from 'simple-auth-oauth2/authenticators/oauth2';
export default OAuth2.extend({
authenticate: function(options) {
var self = this;
console.log(options.provider);
return new Ember.RSVP.Promise(function(resolve, reject) {
options.torii.open(options.provider).then(function(data) {
var data = {
grant_type: 'assertion',
provider: options.provider,
assertion: data.authorizationCode
};
self.makeRequest(self.serverTokenEndpoint, data).then(function(response) {
Ember.run(function() {
var expiresAt = self.absolutizeExpirationTime(response.expires_in);
self.scheduleAccessTokenRefresh(response.expires_in, expiresAt, response.refresh_token);
resolve(Ember.$.extend(response, { expires_at: expiresAt }));
});
}, function(xhr, status, error) {
Ember.run(function() {
reject(xhr.responseJSON || xhr.responseText);
});
});
}, reject);
});
}
});
# config/environment
ENV['simple-auth'] = {
authorizer: 'simple-auth-authorizer:oauth2-bearer',
crossOriginWhitelist: ['*']
};
ENV['simple-auth-oauth2'] = {
serverTokenEndpoint: ENV.host + '/oauth/token',
refreshAccessTokens: true
};
ENV['torii'] = {
providers: {
'facebook-oauth2': {
apiKey: '631252926924840',
redirectUri: 'http://localhost:4200'
},
'google-oauth2': {
apiKey: '631252926924840',
redirectUri: 'http://localhost:4200'
}
}
};
- POST /oauth/token:
I pass to server the following params: 1. grant_type="assertion" 2. provider 3. assertion="3dPartyToken"
I am not sure if it is the better way for my requirements, for now I am getting the problem that I cannot run open method of torii, anybody know what I am doing wrong? if you have a better solution to this issue would be very appreciated.
error:
Source: (StackOverflow)
I have a Torii adapter that is posting my e.g. Facebook and Twitter authorization tokens back to my API to establish sessions. In the open() method of my adapter, I'd like to know the name of the provider to write some logic around how to handle the different types of providers. For example:
// app/torii-adapters/application.js
export default Ember.Object.extend({
open(authorization) {
if (this.provider.name === 'facebook-connect') {
var provider = 'facebook';
// Facebook specific logic
var data = { ... };
}
else if (this.provider.name === 'twitter-oauth2') {
var provider = 'twitter';
// Twitter specific logic
var data = { ... };
}
else {
throw new Error(`Unable to handle unknown provider: ${this.provider.name}`);
}
return POST(`/api/auth/${provider}`, data);
}
}
But, of course, this.provider.name is not correct. Is there a way to get the name of the provider used from inside an adapter method? Thanks in advance.
UPDATE: I think there are a couple ways to do it. The first way would be to set the provider name in localStorage (or sessionStorage) before calling open(), and then use that value in the above logic. For example:
localStorage.setItem('providerName', 'facebook-connect');
this.get('session').open('facebook-connect');
// later ...
const providerName = localStorage.getItem('providerName');
if (providerName === 'facebook-connect') {
// ...
}
Another way is to create separate adapters for the different providers. There is code in Torii to look for e.g. app-name/torii-adapters/facebook-connect.js before falling back on app-name/torii-adapters/application.js. I'll put my provider-specific logic in separate files and that will do the trick. However, I have common logic for storing, fetching, and closing the session, so I'm not sure where to put that now.
UPDATE 2: Torii has trouble finding the different adapters under torii-adapters (e.g. facebook-connect.js, twitter-oauth2.js). I was attempting to create a parent class for all my adapters that would contain the common functionality. Back to the drawing board...
Source: (StackOverflow)
In an ember cli project using firebase, I've installed (using ember install) emberfire and torii. I have put the following configuration in my config/environment.js right after my firebase app url:
torii = {
sessionServiceName: 'session',
}
And I've put an adapter into app/torii-adapters/application.js:
import Ember from 'ember';
import ToriiFirebaseAdapter from 'emberfire/torii-adapters/firebase';
export default ToriiFirebaseAdapter.extend({
firebase: Ember.inject.service()
});
However, when I try to get torii's session variable on any route or controller:
this.get("session").fetch().catch(function() {});
the session is undefined:
Error while processing route: app Cannot read property 'fetch' of undefined TypeError: Cannot read property 'fetch' of undefined
I've followed the firebase docs/examples to the best of my knowledge, so I'm not sure what I'm missing. Is another step needed to have torii inject the session variable into all routes and controllers?
The versions in my stack are:
Ember-CLI: 1.13.7
Firebase (package.json): 2.2.9
EmberFire (package.json): 1.5.0
Torii (package.json): 0.5.1
NOTE: I currently have firebase itself working great—all of my models are in sync—so it is not likely the result of a faulty firebase setup. Also, this.get('session') returns undefined anywhere in any route or controller in my app.
Source: (StackOverflow)
I've followed the EmberFire guide to setting up authentication with the torii provider and it works perfectly. I'm looking to store the users data in firebase after the user has been authenticated and to have access to the user object throughout the application.
I have previously done this with ember awhile back but i'm unsure how to do it using the new torii provider.
I'm thinking i should test wether the user is already stored in firebase in an initialiser function and then inject the user into the controllers/routes.
Any help pointing me in the right direction would be helpful or some example code.
Thanks
Source: (StackOverflow)
I'm using ember-simple-auth-torii with a custom Facebook OAuth2 authenticator, but I never seem to be able to have the promise return any data (for the data.authorizationCode). The popup window just hangs until I close it, at which point I get the popupClosed error message.
What am I missing that I should be doing?
Thanks!
FacebookAuthenticator = OAuth2.extend
torii: null
provider: "facebook-oauth2"
authenticate: (credentials) ->
that = this
new Ember.RSVP.Promise((resolve, reject) ->
that.torii.open(that.provider).then((data) ->
data =
facebook_auth_code: data.authorizationCode
that.makeRequest(that.serverTokenEndpoint, data).then ((response) ->
Ember.run ->
expiresAt = that.absolutizeExpirationTime(response.expires_in)
that.scheduleAccessTokenRefresh response.expires_in, expiresAt, response.refresh_token
resolve Ember.$.extend(response,
expires_at: expiresAt,
access_token: response.access_token,
user_id: response.user_id
)
), (xhr) ->
Ember.run ->
reject xhr.responseJSON or xhr.responseText
)
)
FacebookAuthentication =
name: "facebook-authentication"
before: "simple-auth"
after: 'torii'
initialize: (container) ->
Session.reopen
user: (->
userId = @get('user_id')
if (!Ember.isEmpty(userId))
return container.lookup('store:main').find('user', userId)
).property('userId')
torii = container.lookup('torii:main')
authenticator = FacebookAuthenticator.create
torii: torii
container.register("authenticator:facebook", authenticator, {
instantiate: false
})
`export default FacebookAuthentication`
Source: (StackOverflow)
I have used torii auth to get token from facebook/google
And this is what gets saved in local storage -
{"authenticator":"simple-auth-authenticator:torii","authorizationCode":"AQBngUP7iiAdRQoPql1_0oTlMHjBehtDkEXYk8M9rRK_1xJ_WBOH99cdjGBZ38uH5sOABn79z3t7qTvWhLrafb_isPsqlxHUdqWKJCKo5UiEbbGmWXDBvc-vRE-QQNN_Vf2oiVFOOHZKCmnL2PZMwat3u8ZvHa35bxIa4qAI3es-dNCi3SLlZ-qWDemA6F5xunYmc6WHBdr4PKyEeXbQWILlZU2OP0ntvbahBDivq1VjECXBa6npdLihX6gnTmSoD5-6Z6xM8x9dw5uKdVDPmSj6k0OfKVXsUU7CXEmko379fslA_jr7c2UIe0Gs1vowGTrGi9fTKayIkl-HhehFlVwT","provider":"facebook-oauth2","redirectUri":"http://localhost:4200/"}
But my node sever is unaware of the communication between my ember app and facebook/google.
I could send the authorizationCode to my node server and then create a token for my ember app.
I want to add one more layer of security and check whether the token received on node is valid.
How do I determine whether the token is a valid token or not ?
Source: (StackOverflow)
I have the following code to make ember-simple-auth work with torii to authenticate my ember js app using facebook: https://github.com/wayne-o/sonatribe/blob/master/src/sonatribe-ui/app/routes/application.js
My NodeJs API (sails / waterlock) has an endpoint which accepts the access token to authenticate the user on the backend.
My flow ATM is to fire off torii through ember-simple-auth which provides me with a token - this can't be used with my backend as it would have already been consumed by torii / simple auth.
To overcome this I am having to use the FB JS library to re-login and grab the access_token which is then sent to my API and the login completes.
This is a complete faff and loging the user in twice in the ember app seems ridiculous and is almost certainly down to my lack of understanding of how this should work.
Can anyone shed some light on how I am supposed to be doing this?
Source: (StackOverflow)
Just to clarify my understanding of what Torii provides for client side static apps:
OAuth 2.0's Implicit Grant workflow is the only OAuth workflow which works in client side static apps.
Torii only supports this via torii/providers/oauth2-bearer, which returns tokens not codes.
If 1. and 2. are true, then I suppose all client side static apps which use Torii would only use the oauth2-bearer approach. The rest of the providers in Torii, like stripe-connect etc. which are code workflow based would need server support to get an AccessToken based on the code.
Is this right?
Thanks in advance.
Source: (StackOverflow)
Now that I'm looking to use Ember-cli for my front-end, I'd need to use OpenID Connect for authentication and authorisation.
Has anyone done anything like this before?. I couldn't find any examples so far. I came across 'ember-cli-simple-auth', 'ember-cli-simple-auth-oauth2', 'ember-cli-simple-auth-token'.
I'm guessing I should be using 'ember-cli-simple-token'? Has anyone tried this? if so could you point me to any examples/reading resources?
Update: (11 Jul 15 )
I've been looking into 'torii' in particular 'ember-cli-torii-azure-provider'. I could get Authorization code fine, but no Id_Token (I guess its because it isn't asking Azure AD for Id_Token ), looks like I do need to look at writing a new torii provider. As per the Torii documentation,
Torii will lookup providers in the Ember application container, so if you name them conventionally (put them in the app/torii-providers directory) they will be available automatically when using ember-cli or ember app kit.
Does it mean, in my ember-cli project, I need to create 'torii-providers' folder and create the new provider? lets say 'torii-azure-openidconnect.js'?
Source: (StackOverflow)