Today, I learned how to handle custom claims in an Open ID Connect authenticated ASP.NET Core app. The scenario goes like this. I have an ASP.NET Core app that authenticates with Open Id Connect. It receives a bearer token from the authentication server. Besides OIDC claims, this token has been forged with additional custom claims for use in the app. However, only ODIC claims exist when I parse HttpContext.User.Identity.Claims in my middleware. If I retrieve the token with HttpContext.GetTokenAsync and decode it, I confirm it contains all the claims I need. Where have my custom claims gone? Or, how can I get User.Identity to provide them along with the OIDC ones? ...

Two years after its launch, Kagi, the pay-per-use search engine is profitable. We are also thrilled to report that we have achieved profitability. This significant milestone is a testament to our sustainable growth and fiscal responsibility. It demonstrates that our approach of offering a premium, ad-free search experience resonates with users who support a service aligning with their values. Becoming profitable allows us to reinvest in the business, further enhancing our offerings and ensuring that we can continue to provide a top-notch search experience. ...

Simon Willison has a new article explaining an important and often ununderstood aspect of LLMs. There’s a remarkable difference between chatting with an LLM, as we users do, and training it. Short version: ChatGPT and other similar tools do not directly learn from and memorize everything that you say to them. Every time you start a new chat conversation, you clear the slate. Each conversation is an entirely new sequence, carried out entirely independently of previous conversations from both yourself and other users. Understanding this is key to working effectively with these models. Every time you hit “new chat” you are effectively wiping the short-term memory of the model, starting again from scratch. This has a number of important consequences. ...

In 2021, in Russian courts, the fate of 783000 people was decided. There were 2190 acquittals. Two thousand one hundred and ninety. The probability of being acquitted is 0.28 per cent. – Elena Kostyuchenko in I Love Russia, which I’m currently reading.

Today I released Fattura Elettronica for .NET v3.4.15. The Fattura Elettronica project allows for the validation and de/serialization of electronic invoices that adhere to the standard defined by Italian Revenue Agency (Agenzia Entrate). See the changelog for details (Italian).

Last night, I returned from Trifest 75, a motorcycle rally organized by the Triumph Owners Motorcycle Club1 at the Shelsley Walsh Hill Climb, Worcester, UK. Crossing Europe from South to North took us a whole week across Italy, Switzerland, and France before reaching the soil of England. This outing was conceived long ago (Trifest happen every year) and has always been postponed because of the high cost and time required. This year, we took the opportunity of the 75th anniversary to go, partly because I sensed the great interest while talking about the idea at various rallies we had last year in Italy. ...

The video my OAuth2 and OpenID Connect session at WebDay 2024 Milan is available online. It is in Italian, and you need to login or register in order to see it (sorry, I don’t have control over it.)

Thirty-seven years ago, at about 11 a.m., at the Rocca Brancaleone Park, my then-girlfriend and I kissed for the first time under a tree. We decided immediately not to get together because we were classmates1, and we didn’t want to complicate our lives. Right. We have been together ever since and will celebrate our 27th wedding anniversary next week. Our three sons are the fruitful result of that teenage affair. ...

Open AI just released ChatGPT 4o. The launch demo is available on YouTube, and yes, it is impressive. They did not launch v5, though, and 4o is only incremental, not exponential, as v4 has been compared to its predecessor. It may mean we’re at the end of the “exponential growth” phase of LLM models. However, the most critical aspect of this release is not technical, as Ethan Mollick correctly pinpoints in his timely What Open AI Did post: ...

I took a walk on the beach last weekend. I never frequent Lido Adriano. It is much better than I expected, especially out of season.