Category ASP.NET Core

Using Azure Service Bus Queues with ASP.NET Core Services

This article shows how to implement two ASP.NET Core API applications to communicate with each other using Azure Service Bus. The ASP.NET Core APIs are implemented with Swagger support and uses an Azure Service Bus Queue to send data from one service to the other ASP.NET Core application. Code: https://github.com/damienbod/AspNetCoreServiceBus Setting up the Azure Service […]

gRPC Bi-directional streaming with Razor Pages and a Hosted Service gRPC client

This article shows how a Bi-directional streaming gRPC service could be implemented using an .NET Core Hosted Service as a gRPC client, and a Razor Page to send Bi-directional streaming messages to the servers connected clients. Code: https://github.com/damienbod/Secure_gRpc Posts in this series Security Experiments with gRPC and ASP.NET Core 3.0 Running Razor Pages and a […]

Security Experiments with gRPC and ASP.NET Core 3.0

This article shows how a gRPC service could implement OAuth2 security using IdentityServer4 as the token service. Code: https://github.com/damienbod/Secure_gRpc Posts in this series Security Experiments with gRPC and ASP.NET Core 3.0 Running Razor Pages and a gRPC service in a single ASP.NET Core application gRPC Bi-directional streaming with Razor Pages and a Hosted Service gRPC […]

ASP.NET Core OAuth Device Flow Client with IdentityServer4

This article shows how to implement the OAuth 2.0 Device Flow for Browserless and Input Constrained Devices in an ASP.NET Core application. The tokens are then saved to a cookie for later usage. IdentityServer4 is used to implement the secure token server. Code: https://github.com/damienbod/AspNetCoreHybridFlowWithApi History 2019-02-24 Updated packages, API calls Note: The code in the […]

Using Azure Key Vault from a non-Azure App

In this article, I show how Azure Key Vault can be used with a non Azure application. An example of this, is a console application used for data migrations, or data seeding during release pipelines. This app could then read the secret connection strings from the Key Vault, and then do the app logic as […]

Securing a Vue.js app using OpenID Connect Code Flow with PKCE and IdentityServer4

This article shows how to setup a Vue.js SPA application to authenticate and authorize using OpenID Connect Code flow with PKCE. This is good solution when implementing SPA apps requesting data from APIs on separate domains. The oidc-client-js npm package is used to implement the client side authentication logic and validation logic. IdentityServer4 and ASP.NET […]

Securing Angular applications using the OpenID Connect Code Flow with PKCE

In this post, I show how an Angular application could be secured using the OpenID Connect Code Flow with Proof Key for Code Exchange (PKCE). The Angular application uses the OIDC lib angular-auth-oidc-client. In this example, the src code is used directly, but you could also use the npm package. Here’s an example which uses […]