This article shows how to setup a Visual Studio Azure Functions project to work with HTTPS for local development. HTTP is configured per default and not HTTPS. The command line arguments need to be set correctly, and then the Azure Functions can be started in Visual Studio with HTTPS and take advantage of the break […]

This article shows how ASP.NET Core Razor Pages can be run in the same application as a gRPC service. Code: https://github.com/damienbod/Secure_gRpc Posts in this series Security Experiments with gRPC and ASP.NET Core 3.0 Running Razor Pages and a gRPC service in a single ASP.NET Core application Adding Razor Pages to an existing gRPC service This […]

This article shows how a gRPC service could implement OAuth2 security using IdentityServer4 as the token service. Code: https://github.com/damienbod/Secure_gRpc Posts in this series Security Experiments with gRPC and ASP.NET Core 3.0 Running Razor Pages and a gRPC service in a single ASP.NET Core application History 2019-03-08: Removing the IHttpContextAccessor, no longer required 2019-03-07: Updated the […]

This article shows how to implement the OAuth 2.0 Device Flow for Browserless and Input Constrained Devices in an ASP.NET Core application. The tokens are then saved to a cookie for later usage. IdentityServer4 is used to implement the secure token server. Code: https://github.com/damienbod/AspNetCoreHybridFlowWithApi History 2019-02-24 Updated packages, API calls Note: The code in the […]

This article shows how auto generated code for a C# HTTP API client could be created using Swagger and NSwag . The API was created using ASP.NET Core MVC. Code https://github.com/damienbod/csvSwaggerExample Create the API using ASP.NET Core and Swashbuckle Swagger The API is created using ASP.NET Core with Swashbuckle. Add the required Nuget packages to […]

In this article, I show how Azure Key Vault can be used with a non Azure application. An example of this, is a console application used for data migrations, or data seeding during release pipelines. This app could then read the secret connection strings from the Key Vault, and then do the app logic as […]

This article shows how to setup a Vue.js SPA application to authenticate and authorize using OpenID Connect Code flow with PKCE. This is good solution when implementing SPA apps requesting data from APIs on separate domains. The oidc-client-js npm package is used to implement the client side authentication logic and validation logic. IdentityServer4 and ASP.NET […]