What is OAuth 2.0 and how its flows can be applied for securing my applications? What does a token do and how it is useful in securing API’s? Is there any way to implement all these nice and easy in ASP.NET Core? In this post I will cover these topics, by first discussing about why token based security is so successful in security scenarios, and the OAuth protocol play in this. We’ll see more closely one of OAuth flows, the client credentials flow and implement it to secure an ASP.NET Web API application.
Since the release of 7.0 version for C#, we’ve seen many small, yet useful features added to the language, aiming to aid developers, directly or indirectly. A new keyword was added in version 7.2, the
in keyword, which makes the reference semantics of the language richer. In this post, I will explore this new keyword, along with
readonly structs and the
ref readonly modifier.
Which are the common techniques to search for a key in an array? This is Learning data structures and in today’s series I will go through the fundamental search algorithms for arrays.
In previous posts of this series, ASP.NET Core 2.0 Authentication, I talked about local logins, where you have your own identity management solution and also social logins, where you work with social media or third party providers to sign in users in your application. In this one, I am going to talk about Azure Active Directory, which is a cloud based solution for identity management and how you can make this work with your ASP.NET Core 2.0 application.
C# 7 is available on new Visual Studio 2017 and comes with some new features. I wouldn’t call them ‘revolutionary’ features, but they add on the language very well and some of them can be very helpful. Personally, I have anticipated some features since C# 6 version.
This post continues from earlier article on Unit testing and code coverage for ASP.NET Web API (1/2).
Much about the topic is inspired from the truly magnificent book “The Clean Coder: A Code of Conduct for Professional Programmers” of Robert C. Martin Series, which of course, I definitely recommend.
Specifying the low level architecture
Professional software developers always test their code. It is part of our daily job, we should be proud and flexible on writing tests. It is a proof that our code actually follows our intent, at least on system’s low level. There are many more tests to be followed, composing a testing strategy, but this post is going to focus solely on one aspect of such strategy, the unit tests.
This is the second post in the series on Web API. Topic is TDD and code coverage, so I am going to demonstrate how to unit test your core code, as well as the API code and in the end, how to measure the code coverage you achieved on testing your code base. First, I am going through the changes needed to take place in the application architecture and then I will go to tests, so this article is divided into two parts.
In this post we are going to talk a little bit about OWIN. What is it, how can we use it with ASP.NET Web API to expose API endpoints, as well as how to secure those endpoints.
The application uses OWIN to self-host the Web API as well as ASP.NET Identity as underlying membership mechanism. Users can fetch public data from /api/people endpoint, as well as secured private data from /api/user endpoint. The latter one is to demonstrate security in Web API.
Let’s say we have the following, one class named
Implementor which has an
DoWork of the class, we call the interface’s method, but we also call another method, which comes by casting the dependency to a derived interface.
All, good, we go ahead and create a unit test project, adding the Moq package as well, in order to mock dependencies.