Trying to use a coworker's new API endpoint and I keep getting an "OAuth2 Bearer Token missing" error, despite triple-checking that I set the Authorization header correctly... finally dig into the source code and I find out that all their endpoints require that the bearer token be put into the request body. The fuck?

Someone needs a refresher on OAuth2 🤨 what kind of crazy puts tokens into request body - unless you have no choice 😞

@C0D4 We have a choice 😞These people make me so tired, I s2g.

@HollowKitty I’d be swearing at your coworker 😅

@C0D4 I would but I work remote so there'd be a written record, plus I'm doing client work and the shitty programmers I work with are direct employees of the client so politically it's a no-no. But trust me, I am swearing at them on the inside. These are the same folks who don't want to do testing, code review, or project planning because they think it's a waste of time.

@HollowKitty oh wow how are they even in business?

I won’t let anything go to prod regardless of the business if it hasn’t been tested.

Code review - bit hard when your a solo dev , so excusable in some circumstance 🙃
but planning and testing are a must.
If you don’t know what your building or if it works as expected why are you even building it in the first place. 😵

@C0D4 They "test" in that the developer will run it once or twice to make sure it works. This works about as well as you would guess.

Nobody here is a solo dev, there are 2 dev teams (in-house and contract). Their management wants good, cheap, fast work, and they don't have enough sense to make a real decision about which 2/3 they really want. Their in-house team is pushing for fast and cheap, and we're pushing for good and cheap. (We have no impact over budget.)

Honestly I think they are stripmining a reputation that was earned in an earlier era. Revenue is down and layoffs are coming. We try to help, but we can't force them to change. We have other clients so we'll be fine. ¯\_(ツ)_/¯