The Daily Parker

I've spent about four hours doing a shit ton of A-B tests and a lot of Internet searching to figure out why I kept getting a specific error.

The app is a .NET Core 6 WebAssembly, and the app registration is set for "any organization," meaning anyone with a Microsoft ID (work, school, or XBox) can authenticate with the app.

The error began when I added a client certificate. The relevant section appSettings.config file looks like this:

{
	"AzureAD": {
		"Instance": "https://logon.microsoftonline.com",
		"Domain": "ourdomain.onmicrosoft.com",
		"ClientId": "our client ID",
		"TenantId": "organizations",
		"CallbackPath": "/signin-oidc",
		"SignedOutCallbackPath:": "/signout-oidc",
		"ClientCapabilities": [ "cp1" ],
		"ClientCertificates": [
			{
				"SourceType": "KeyVault",
				"KeyVaultUrl": "https://our-key-vault.vault.azure.net/",
				"KeyVaultCertificateName": "our-certificate-name"
			}
		]
	}
}

So far, all good. Except when I tested the code, I got this:

{
	"error": {
		"code": "Unauthorized",
		"message": "AKV10032: Invalid issuer. Expected one of https://sts.windows.net/tenant1guid/, https://sts.windows.net/tenant2guid, found https://sts.windows.net/tenant3guid"
	}
}

Our Key Vault lives in tenant1, and also has access to tenant2, but tenant3 is my login ID from my company's AD tenant.

Let me skip to the end, because I'd like to finish this fix today.

The solution was to go into launchSettings.json and add this:

{
	"profiles": {
		"App Name": {
			"AZURE_TENANT_ID": "tenant1guid"
		}
	}
}

Boom. Done. And if I ever need this information again, or anyone else does, I hope they find this blog entry.

I always find it interesting when a literary magazine takes on technology. In that spirit, the New Yorker does its best to explain the Network Time Protocol:

Today, we take global time synchronization for granted. It is critical to the Internet, and therefore to civilization. Vital systems—power grids, financial markets, telecommunications networks—rely on it to keep records and sort cause from effect. N.T.P. works in partnership with satellite systems, such as the Global Positioning System (G.P.S.), and other technologies to synchronize time on our many online devices. The time kept by precise and closely aligned atomic clocks, for instance, can be broadcast via G.P.S. to numerous receivers, including those in cell towers; those receivers can be attached to N.T.P. servers that then distribute the time across devices linked together by the Internet, almost all of which run N.T.P. (Atomic clocks can also directly feed the time to N.T.P. servers.) The protocol operates on billions of devices, coördinating the time on every continent. Society has never been more synchronized.

In N.T.P., [David] Mills built a system that allowed for endless tinkering, and he found joy in optimization. “The actual use of the time information was not of central interest,” he recalled. The fledgling Internet had few clocks to synchronize. But during the nineteen-eighties the network grew quickly, and by the nineties the widespread adoption of personal computers required the Internet to incorporate millions more devices than its first designers had envisioned. Coders created versions of N.T.P. that worked on Unix and Windows machines. Others wrote “reference implementations” of N.T.P.—open-source codebases that exemplified how the protocol should be run, and which were freely available for users to adapt. Government agencies, including the National Institute of Standards and Technology (nist) and the U.S. Naval Observatory, started distributing the time kept by their master clocks using N.T.P.

A loose community of people across the world set up their own servers to provide time through the protocol. In 2000, N.T.P. servers fielded eighteen billion time-synchronization requests from several million computers—and in the following few years, as broadband proliferated, requests to the busiest N.T.P. servers increased tenfold. The time servers had once been “well lit in the US and Europe but dark elsewhere in South America, Africa and the Pacific Rim,” Mills wrote, in a 2003 paper. “Today, the Sun never sets or even gets close to the horizon on NTP.” Programmers began to treat the protocol like an assumption—it seemed natural to them that synchronized time was dependably and easily available. Mills’s little fief was everywhere.

This being the New Yorker, one could describe the article as the author explaining how he met this programmer Mills and the politics around Mills' retirement from computing. It's better-written than the Wikipedia article, anyway.

I'm movin' out. A lovely young couple have offered to buy Inner Drive World Headquarters v5.0, and the rest of the place along with it. I've already gotten through the attorney-review period for IDTWHQ v6.0, so this means I'm now more likely than not to move house next month.

Which means I have even less time to read stuff like this:

• Illinois Governor JB Pritzker (D) has withdrawn from the Daily Herald candidate forum after the Herald's publisher allowed a right-wing Republican group to use its mail permit for deceitful and misleading postal ads.
• New York Attorney General Letitia James's (D) lawsuit against the XPOTUS's company hits the XPOTUS where it hurts the most: his ego. And Matt Ford says the NYAG complaint shows "it's fraud all the way down."
• Mark Leibovich explains how the XPOTUS makes everyone around him look like an imbecile (possibly because he's always the biggest one in the room).
• John Scalzi can't help you with your writer's block.
• If you find an AI that responds to natural-language prompts, you can probably break it.

Finally, American Airlines plans to get rid of its First Class offerings, replacing them with high-tech Business Class and more premium coach seats. I'd better use my miles soon.

I've had two parallel tasks today, one of them involving feeding 72 people on Saturday. The other one involved finishing a major feature for work. Both seem successful right now but need testing with real users.

Meanwhile, outside my little world:

• The XPOTUS seems to have backed himself into a corner by lying about "declassifying" things psychically, after the Special Master that he asked for called bullshit. Greg Sargent has thoughts.
• Pro Publica reported on Colorado's halfway-house system that sends more people back to prison than it rehabilitates.
• The Navy has begun its court-martial of Seaman Recruit Ryan Mays, accused of lighting the fire that destroyed the USS Bonhomme Richard in 2020.

Finally, Ian Bogost (and I) laments the disappearance of the manual transmission.

It happens every September in the mid-latitudes: one day you've got over 13 hours of daylight and sunsets around 7:30, and two weeks later you wake up in twilight and the sun sets before dinnertime. In fact, Chicago loses 50 minutes of evening daylight and an hour-twenty overall from the 1st to the 30th. We get it all back in March, though. Can't wait.

Speaking of waiting:

• Buckingham Palace just warned people that the queue to see Queen Elizabeth's coffin has a 24-hour wait at the moment, so...dress warmly!
• Drivers on the New Jersey Turnpike will have to wait even longer to get into the Holland Tunnel after a planned $4.7-billion project adds even more induced demand.
• Via Bruce Schneier, Uber has had a data breach. No, scratch that—Uber lost control of its entire computing universe, because the company culture of cheapness and bullshittery extends to their IT security as well.
• Ronald Brownstein finds this year's election...really weird.
• David Brooks asks, why do we not have a strategy to defeat the XPOTUS?
• Matt Ford points to Florida governor Ron DeSantis (R) as the future of Republican campaigning: trolling the libs.
• The Cook County State's Attorney has charged two Chicago cops with multiple felonies after they shot an unarmed man in Pilsen and lied about it.

Finally, Fareed Zakaria visited Kyiv, Ukraine, to learn the secret of the country's success against Russia.

My commute to work Friday might get a little longer, as Metra has announced that 9 out of its 11 lines (including mine) would likely not operate if railroad engineers and conductors go on strike Friday. Amtrak has already started cancelling trains so they won't get stranded mid-route should the strike happen.

In other news:

• Cook County tax bills won't come out until late autumn, according to the County President, meaning no one knows how much cash they have to escrow when they sell real estate.
• The Post has an interactive map showing everywhere in the US that hit a record high temperature this summer.
• US Rep. Marjorie Taylor "Still Smarter than Lauren Boebert" Greene (R-GA) has come up with a climate-change theory so dumb it actually seems smart.
• US Sen. Lindsay Graham (R-SC), another intellectual giant of the 117th Congress, proposed a Federal abortion ban, demonstrating a keen command of how most people in the United States view the issue.
• Robert Wright explores "why we're so clueless about Putin."
• Block Club Chicago explains why my neighborhood and a few others experienced massive geysers coming out of storm drains during Sunday's flooding rains.

Finally, right-wing lawyer Kenneth Starr died at age 76. No reaction yet from Monica Lewinsky.

Just a few before I take a brick to my laptop for taking a damned half-hour to reformat a JSON file:

• The King has a long history of meddling in architecture and urban planning, with the divisive planned community of Poundbury, Dorset, his largest project to date.
• Meanwhile, in the US, architect Adam Paul Susaneck argues that cities need to remove highways that segregate communities. (Plus they're ugly and they cause the traffic they're built to alleviate, but that's another argument.)
• The Queen's death has gotten a lot of people's Irish up over the colonial history she oversaw as monarch. (I even decided to pause someone on Facebook for a month for dancing on her grave.)
• Developers found three time capsules while redeveloping Chicago's Tribune Tower this past year, one of which apparently contained a ball from the 1919 World Series.
• In a case that will make school administrators think thrice about joining student protests, Oberlin College in Ohio has agreed to pay a local bakery $37 million after a jury found the college had endorsed students labeling the bakery "racist."

Oh, good. My laptop has finished parsing the file. (In fairness it's 400,000 lines of JSON, but still, that's only 22 megabytes uncompressed.) I will now continue with my coding.

The Washington Post Fact Checker digs deep into the allegations of mishandling classified material against former Secretary of State Hillary Clinton and finds, nah, she good:

The Justice Department investigation of classified documents found at former president Donald Trump’s Mar-a-Lago Club has brought inevitable comparisons to the controversy over Hillary Clinton’s private email server that she used while secretary of state. The FBI investigation into her emails arguably tipped the close 2016 presidential election to Trump.

During the contest between Trump and Clinton, we wrote 16 fact checks on the email issue, frequently awarding Pinocchios to Clinton for legalistic parsing. But in light of the Trump investigation, Clinton is trying to draw a distinction between Trump’s current travails and the probe that targeted her.

As shown in an FBI photo of some of the documents seized from Trump, many have clear markings indicating they contained highly sensitive classified information. Clinton, in her tweet, suggests none of her emails were marked classified. That’s technically correct. Whether those emails contained classified information was a major focus of the investigation, but a review of the recent investigations, including new information obtained by the Fact Checker, shows Clinton has good reason for making a distinction with Trump.

In other words, [two] State Department probes under Trump knocked Clinton for maintaining a private server for State Department communications — but did not hold her responsible for mishandling classified information.

Of course, all the Benghazi and email server hearings that Clinton had to endure had nothing at all to do with their subject matters, because the current Republican Party doesn't care at all about substance. Everything they do is performance, for political points. And they've been at that so long, in fact, that many Republicans can't fathom that the probe of the XPOTUS's mishandling of classified material has nothing to do with political points and everything to do with the damage that he did to national security.

Every time I commute to work from the Ravenswood Metra station, I get annoyed. Metra has yet to finish the inbound platform after almost 10 years of delays. So I emailed the alderman to ask why, and CC:d Block Club Chicago, the local news outlet. Reporter Alex Hernandez called me the next morning, and ran this story today:

The Ravenswood Metra station overhaul that began more than a decade ago is hitting yet another bump. 

The $30 million project to renovate 11 bridges along Metra’s Union Pacific North line was announced in 2010. Construction of the western side of the Ravenswood station, 4800 N. Ravenswood Ave., was completed in 2015 — but the rest of the project is ongoing.

Previous delays to the project were caused in part by a polar vortex in 2014 and cuts in funding to Metra in 2010. The work was fully funded in 2020, and officials planned to begin the final phase of the eastern portion of the station in the spring.

But now it’s supply chain issues that are delaying work, Metra spokesperson Meg Reile said. 

“It’s still up in the air because of supply chain issues,” Reile said. “That’s what’s holding up the end of this project.” 

Reile did not provide specifics about what items crews are waiting for, but she said the goal is to complete the eastern side of the Ravenswood station by the end of the year.

Good to know. My conversations with Hernandez Wednesday and yesterday were enlightening to both of us. And today, I actually saw someone in a hard hat and vest working on the platform, though I have no idea what he was doing.

Will the platform open by year's end? Will the Cubs lose 95 games this season? Will any former presidents get indicted this fall? No one can yet know the answer to any of those questions.

With the death of Queen Elizabeth II, the British National Anthem has changed back to "God Save the King" for the third time in 185 years. In other news:

• The Guardian explains Elizabeth's funeral and other events that will take place over the next 10 days.
• James Fallows takes a second look at President Biden's speech from last week, in the context of the predictable reaction cycle about anything he does.
• Dana Milbank doesn't worry the MAGA folks want a Mussolini, since some of them keep going on about having a Caesar instead.
• Tina Nguyen wonders what Liz Cheney actually plans to do now.
• Matt Ford says, welp, "there are 'Trump Judges' after all."
• The Economist projects that the Democratic Party will keep its majority in the Senate come January, and probably even pick up a seat.
• Why is the United States the deadliest country in the OECD?
• Via Schneier, Facebook admitted it has no earthly idea what data it has on anyone.

By the way, the UK has a vacancy for the post of Prince of Wales, in case anyone would care to apply. I think we can bet on nepotism, though.