Category angular

Implementing OAuth Pushed Authorisation Requests in Angular

This posts shows how an Angular application can be secured using Open ID Connect code flow with PKCE and OAuth Pushed Authorisation Requests using node-oidc-provider as the identity provider. This requires configuration on both the client and the identity provider. Code: par-angular Getting started using Schematics and angular-auth-oidc-client The Angular client is implemented using angular-auth-oidc-client. […]

Using multiple APIs in Angular and ASP.NET Core with Azure AD authentication

This article shows how an Angular application could be used to access many APIs in a secure way. An API is created specifically for the Angular UI and the further APIs can only be access from the trusted backend which is under our control. Code: https://github.com/damienbod/AzureADAuthRazorUiServiceApiCertificate Posts in this series Implement Azure AD Client credentials […]

Angular SPA with an ASP.NET Core API using Azure AD Auth and user access tokens

This post shows how to authenticate an Angular SPA application using Azure AD and consume secure data from an ASP.NET Core API which is protected by Azure AD. Azure AD App registrations are used to configure and setup the authentication and authorization. The Angular application uses the OpenID Connect Code flow with PKCE and the […]

Securing an Angular application using Azure B2C

This article shows how to secure an Angular application using Azure B2C with OpenID Connect Code Flow and PKCE. The silent renew is supported using iframes. Code: Angular Azure B2C Setting up Azure B2C In the Azure portal, create a new App registration in your B2C tenant. Configure a mobile and desktop application and add […]

Getting started with Angular development 2020

This post shows how you could setup your development environment to create and manage Angular applications. Of course many other tools and ways could be used to develop Angular applications, not just the ones used here, but this setup works great for me. Install Node.js, npm or yarn, git Before you can install the Angular […]

Securing browser based Javascript, Typescript applications

This article should help you in choosing the right security for your browser based Javascript or Typescript applications. You should aim to secure the application as best as possible. The following diagram should help you in making your decision. Also for any of these flows, you should always use HTTPS. Appendix SPA: Single page application […]

Securing Angular applications using the OpenID Connect Code Flow with PKCE

In this post, I show how an Angular application could be secured using the OpenID Connect Code Flow with Proof Key for Code Exchange (PKCE). The Angular application uses the OIDC lib angular-auth-oidc-client. In this example, the src code is used directly, but you could also use the npm package. Here’s an example which uses […]

Using an OData Client with an ASP.NET Core API

The article shows how to implement an OData client from an ASP.NET Core application. Bearer token authorization is used to secure the API. Code: https://github.com/damienbod/AspNetCoreOData This blog is part 2 from this blog: Part 1: OData with ASP.NET Core History 2020-11-22 Updated .NET 5 2020-07-06 Updated .NET Core 3.1, IdentityServer4 4.0.2 Setting up the applications […]

Uploading and sending image messages with ASP.NET Core SignalR

This article shows how images could be uploaded using a file upload with a HTML form in an ASP.MVC Core view, and then sent to application clients using SignalR. The images are uploaded as an ICollection of IFormFile objects, and sent to the SignalR clients using a base64 string. Angular is used to implement the […]

Using the dotnet Angular template with Azure AD OIDC Implicit Flow

This article shows how to use Azure AD with an Angular application implemented using the Microsoft dotnet template and the angular-auth-oidc-client npm package to implement the OpenID Implicit Flow. The Angular app uses bootstrap 4 and Angular CLI. Code: https://github.com/damienbod/dotnet-template-angular History 2019-09-23 Updated to ASP.NET Core 3.0, OIDC 10.0.8 2018-07-13 Removed static calls to the […]