About

I am living in Switzerland interested in web development, application security and Azure. My favourite technologies are ASP.NET Core, OpenID Connect, OAuth, SQL, Angular, Typescript.

Find Me Online

Founded Angular Switzerland Group
Weekly updates from the community about Angular and related stuff

Member of ASP.NET Web API Contrib

Documentation:

Microsoft ASP.NET Core Documentation for Globalization and localization
http://localizationsqllocalizer.readthedocs.io/en/latest/index.html

NuGet packages which I created or helped with:

NPM packages which I created or helped with:

angular-auth-oidc-client

22 comments

DotNetKicks · January 8, 2016 - 13:54 · Reply→

have a twitter handle damien?
1. damienbod · January 8, 2016 - 14:04 · Reply→
  
  Hi, no, never got around to creating one, never had a need for it yet
  
  Greetings Damien
2. damienbod · January 13, 2016 - 21:53 · Reply→
  
  created a twitter account
  
  https://twitter.com/damien_bod
  
  Greetings Damien
Rad · May 18, 2016 - 07:35 · Reply→

Hi Damien,
I am interested in your ” ANGULAR2 OPENID CONNECT IMPLICIT FLOW WITH IDENTITYSERVER4″ article and sample. I am in the process of building a typescript definition file for https://github.com/IdentityModel/oidc-client-js/tree/dev (from dev branch where oidc js library was rewritten in ES6) so it can be used in Angular 2 applications for better code complition. I didn’t create strongly typed structures, I use only “any” type. this is my first attempt:

https://drive.google.com/file/d/0B1I1nQTGClv3STNfUmJSbkc1b2M/view?usp=sharing
I would like to use this library instead of your custom code that handles tokens because it offers a lots of useful functionality with UserManager adn Oidc
I am using https://github.com/ToddThomson/tsproject/wiki/Using-TsProject-with-Gulp project to help me build .d.ts for individual ES6 files (that I convert to .ts). I need a help in determining if my index.d.ts for oidc.js client written ES6 will properly function with Angular 2. Let me know. Regards,
Rad
damienbod · May 18, 2016 - 09:27 · Reply→

Hi Rad, thanks

sounds good, I’ll try it out. At present, I’m busy updating to ASP.NET Core RC2, which will take about a week. Then I’ll have a go.

Thanks for the code.

Greetings Damien
Rad · May 18, 2016 - 18:06 · Reply→

You can see here a folder with files I added to https://github.com/IdentityModel/oidc-client-js/tree/dev to automate my converstion to .ts :
https://drive.google.com/open?id=0B1I1nQTGClv3RWRPbTAzY2w3bWc
You need to run: npm install and then a series of gulp commands in this order:
1. clean
2. copy
3. rename
4. deleteconvertedjs
5. build

this will create .d.ts, and .js (based on .ts transpilation to es5).
I then manually create ./index.d.ts in the root copying all the content from all the files and remove imports and add a namespace and exprort 2 important classes.

If we can come up with github based repository where we can automate retrieval of oidc js client (currently under dev branch) and merging it with my build system that would be great especially if we can automate producing ts definition file.
Here is a good video that demonstrates usage of UserManager and OidcClient:

you can send a reply to my email address. I can share my skype id so we can connect that way and do a shared sessions via teamviewer.
John McKinzie (@johnmckinzie) · June 27, 2016 - 16:16 · Reply→

Hello Damien. Let me first thank you for you blog posts and source code examples. They have been extremely helpful up to this point. However, I’ve hit a bit of a wall. I’m try to use OpenID Connect to secure an API that is backed by several microservices. I’ve been successful in getting the API to authenticate using the access token JWT in the Bearer header. However, for some back-end microservices, I would like to pass the id_token to the services that need to know the end user. So a have a couple questions below:

1. Why are you using the UseJwtBearerAuthentication and not the UseIdentityServerAuthentication middleware?

2. Do either of these middleware allow for automatic retrieval of the id_token?

3. If not, would you create your own middleware to retrieve id_token?

4. Have you seen any examples a SPA, calling an API, which further calls back-end microservices?

Any help would be appreciated. If there is a better way to discuss this, let me know.
1. damienbod · August 30, 2016 - 11:44 · Reply→
  
  Hi John, sorry for the very slow slow answer. It’s hard to keep track and do a day job at the same time.
  
  When I set this up, UseIdentityServerAuthentication didn’t work and all platforms, now it’s ok, so I could update it.
  
  No, not that I know of.
  
  Yes, some examples in the IdentityServer 4 samples which use a C# HTTP Client
  
  Hopes this helps,
  
  Greetings Damien
Dave · November 4, 2016 - 09:45 · Reply→

Hi Damien,

I enjoy reading most of your articles and wanted to thank you.
Also wanted to suggest an article on “JavaScriptServices” and particularly http://blog.stevensanderson.com/2016/10/04/angular2-template-for-visual-studio/ great productivity template. Unfortunatly no one have wrote anything about them, yet.

It would probably make your wonderful collection even more complete.

Thanks,
Dave
rkrausse · January 23, 2017 - 15:54 · Reply→

Hi Damien,

I just came across your site, loving it so far. Great stuff. Hopefully you can answer this for me. I have been doing Angular 1.x work for a while. I decided to exclude any Microsoft from my front end and just use WebAPI for the back end – NO MVC. So I use Visual Studio, have a pure HTML, CSS, Angular front end, and then WebAPI to the backend.

Now I am trying to migrate to Angular2, finding it hard to find examples of this. It seems the articles I can find have MVC baked in, ASP.NET Core or not.

So my questions. Can replicate my dev envorinment with Angular2? I really do not want to embark on a new backend using ASP.NET Core – A) I have all my C# code working already and B) my brain can’t handle all that at once.

I currently have a grunt process transpiles all my TS to JS so I can use it. Would I be doing the same with A2 but using webpack instead?

I was doing a bit of R&D and using the A2 cli, I can get a project and run it but the ‘compile’ step seem to talk very long. Not sure if that is just the way it is, seems that people would accept that so not sure if that was me, or again, just the way webpack it. I see that AOT is where it is, everyone is moving away from JIT.

In short, I want to compile all my code in VS. So C# and A2. Then run it in IE for debugging or Chrome.

Thanks
Ralph
Ralph Krausse · February 3, 2017 - 14:39 · Reply→

First off – Angular2WebpackVisualStudio VERY nice and what I had been looking for. But a few newbie questions.
• In the Task Runner Explorer there are tasks defined ( like build-dev, etc) from the package.json and I see them define in the json file. But where do the tasks in the webpage.config.js come from? Like hot, cold, etc.
• What is the difference between all these options.
• If I run ‘hot’, it runs webpack-server-dev and love that I can make my changes in ts and see them automatically in the browser but the webapi doesn’t work. I need to run this from dotnet with dotnet run, the webservice works but now I do not get the auto loading. Is there a way to get both?

Again, awesome work, this helped me a ton.
Ralph Krausse · February 27, 2017 - 13:35 · Reply→

Hi Damien,

When I create a production deployment and deploy it in a subfolder so the URL would be http://www.sitename.com/products/main for example, the site fails. I realize there are changes need to the prod weback site and I have made progess but I do not have it all figured out. I changed output.publicPath and added plugin to change my base in the index.html. That fixes some of the issues but not all and the biggest, looks like the routing is messed up. I can navigate to pages but not type them in and go to them directly, like if you saved it in a bookmark.

Awesome code.. Very helpful.

Thanks
Ralph
Andy Poots · August 30, 2017 - 15:01 · Reply→

Hi Damien, I was looking for an article on how to log into SQL Server, via NLog, in ASP.NET Core 2.0? Do you know how to do this?
Neel · August 10, 2018 - 08:31 · Reply→

Nice blog Damien. You should create a LinkedIn account as well.
manohar · October 23, 2018 - 13:49 · Reply→

Hi damienbod, did you find solution for below url issue?. If you found can you please share with me.
https://github.com/aspnet/Security/issues/1465.
Ofir · February 27, 2019 - 14:00 · Reply→

Hi Damien – How can I get in touch with you?
Can’t find email/LinkedIn…
Luke · June 19, 2019 - 01:25 · Reply→

Hi Damien, great blog, you have been really helpful with our ID4 solution.
we are experiencing an IOS 9 issue however where the ID4 javascript is not being executed and is producing a whitescreen of death. it appears to be an IOS issue only relating to CSP, we have researched and implemtned “CSP Level One” however we are still hitting the whitescreen of death.

do you by any chance have any experience with this?
Satyen · July 29, 2019 - 12:16 · Reply→

Hello Damien,
Hope you are doing great !!

I have been using the angular-auth-oidc-client library to integrate oidc in my Angular 7 project.
I would like to pass the “acr-values: idp:AdAzure” in the auth url parameter. I cannot find any property as such (alike “custome_param:” used in angular-oauth2-oidc library).

Could you please let me know is there any update on this library or documented anywhere ?

My purpose is to: use the acr_values – to get auto redirect to external login page from Identity server 4. This can be only achieved if i pass the IDP value in client url.
This is used to bypass home realm discovery(HRD). This is provided via the “idp:” prefix to the acr parameter on the authorize request.

I need your pointers on this sooner, Appreciate your help !
1. damienbod · July 29, 2019 - 13:00 · Reply→
  
  Hi Satyen
  
  you can add custom parameters to the request with this in it
  
  Here’s an example
  
  https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow/blob/master/src/AngularClient/angularApp/app/app.component.ts#L82
  
  Greetings Damien
Valentin Anghel · January 3, 2020 - 16:02 · Reply→

Hello Damien,

My name is Anghel Valentin and I am a young programmer. Me and another colleague (Barbu Leonard) started a website to generate random things (https://randommer.io) : number, text, social security numbers, names, phone numbers, hash generator, etc.

We read your article (https://damienbod.com/2019/05/10/handling-access-tokens-for-private-apis-in-asp-net-core/) and helped us a lot for our website, because we use ASP.NET core Web apis. Also, this link from article is broken http://docs.identityserver.io/en/release/quickstarts/5_hybrid_and_api_access.html

Can you add our link on your blog under tools sections ? This will help us a lot.
https://randommer.io/

Many thanks
1. damienbod · January 3, 2020 - 17:45 · Reply→
  
  thanks for the info, nice tools thanks, added it, and will tweet, Greetings Damien
  1. Valentin Anghel · January 4, 2020 - 06:35 ·
    
    Thank you!