Easy Auth is a great way to authenticate your users. However, when used in the context of Azure Container Apps, .NET applications do not, by default, recognise that Easy Auth is in place. You might be authenticated but .NET will still act as if you aren't. builder.Services.AddAuthentication()
and app.UseAuthentication()
doesn't change that. This post explains the issue and solves it through the implementation of an AuthenticationHandler
.
52 posts tagged with "asp.net"
View All TagsESLint your C# in VS Code with Roslyn Analyzers
ESLint provides a great linting experience for TypeScript and JavaScript in VS Code. The suggestions, fixes and ignore options make creating clean code a joy. A similar experience is available for C# in VS Code through Roslyn Analyzers - this post tells us more.
Azure DevOps: consume a private artifact feed
Private Azure Artifact feeds in in Azure DevOps can be used to serve NuGet packages. To build applications both locally and in an Azure Pipeline using those packages, there are a few steps to follow which this post will demonstrate.
Swashbuckle & inheritance: Give. Me. The. Types
For API endpoints that return multiple types, you can use inheritance with Swashbuckle to get create a Swagger / Open API definition featuring the variety of available types. Serving all these types is not the default behaviour. This post shows you how to opt in.
Directory.Build.props: C# 9 for all your projects
.NET Core can make use of C# 9 by making some changes to your .csproj
files. There is a way to opt all projects in a solution into this behaviour in a single place, through using a Directory.Build.props
file and / or a Directory.Build.targets
file. Here's how to do it.
C# 9 in-process Azure Functions
C# 9 has some amazing features. Azure Functions are have two modes: isolated and in-process. Whilst isolated supports .NET 5 (and hence C# 9), in-process supports .NET Core 3.1 (C# 8). This post shows how we can use C# 9 with in-process Azure Functions running on .NET Core 3.1.
Azure Functions and .NET 5: Query params, Dependency Injection, Bicep & Build
The upgrade of Azure Functions from .NET Core 3.1 to .NET 5 is significant. There's an excellent guide for the general steps required to perform the upgrade. However there's a number of (unrelated) items which are not covered by that post:
Goodbye Client Affinity, Hello Data Protection with Azure
I've written lately about zero downtime releases with Azure App Service. Zero downtime releases are only successful if your authentication mechanism survives a new deployment. We looked in my last post at how to achieve this with Azure's in-built authentication mechanism; Easy Auth.
Making Easy Auth tokens survive releases on Linux Azure App Service
I wrote recently about zero downtime deployments on Azure App Service. Many applications require authentication, and ours is no exception. In our case we're using Azure Active Directory facilitated by "Easy Auth" which provides authentication to our App Service.
ASP.NET, Serilog and Application Insights
If you're deploying an ASP.NET application to Azure App Services / Azure Container Apps or similar, there's a decent chance you'll also be using the fantastic Serilog and will want to plug it into Azure's Application Insights.
Azure App Service, Easy Auth and Roles with .NET and Microsoft.Identity.Web
I wrote recently about how to get Azure App Service Easy Auth to work with roles. This involved borrowing the approach used by MaximeRouiller.Azure.AppService.EasyAuth.
As a consequence of writing that post I came to learn that official support for Azure Easy Auth had landed in October 2020 in v1.2 of Microsoft.Identity.Web. This was great news; I was delighted.
However, it turns out that the same authorization issue that MaximeRouiller.Azure.AppService.EasyAuth
suffers from, is visited upon Microsoft.Identity.Web
as well. This post shows hoew to resolve it with IClaimsTransformation
.
Make Microsoft.Identity.Web respond with 403 forbidden instead of a 302 redirect
By default Microsoft.Identity.Web
responds to unauthorized requests with a 302 (redirect). Do you want a 403 (forbidden) instead? Here's how.
Autofac 6, integration tests and .NET generic hosting
I blogged a little while ago around to support integration tests using Autofac. This was specific to Autofac but documented a workaround for a long standing issue with ConfigureTestContainer
that was introduced into .NET core 3.0 which affects all third-party containers that use ConfigureTestContainer
in their tests.
Autofac, WebApplicationFactory and integration tests
Updated 2nd Oct 2020: for an approach that works with Autofac 6 and ConfigureTestContainer
see this post.
Up to the clouds!
This last four months has been quite the departure for me. Most typically I find myself building applications; for this last period of time I've been taking the platform that I work on, and been migrating it from running on our on premise servers to running in the cloud.
Dual boot authentication with ASP.NET
This is a post about having two kinds of authentication working at the same time in ASP.Net Core. But choosing which authentication method to use dynamically at runtime; based upon the criteria of your choice.
ASP.NET Core authentication: hard-coding a claim in development
This post demonstrates how you can hard code user authentication claims in ASP.NET Core; a useful technique to facilate testing during development.
Google Analytics API and ASP.Net Core
I recently had need to be able to access the API for Google Analytics from ASP.Net Core. Getting this up and running turned out to be surprisingly tough because of an absence of good examples. So here it is; an example of how you can access a simple page access stat using the API:
ASP.NET Core: Proxying HTTP Requests with an AllowList
This post demonstrates a mechanism for proxying HTTP requests in ASP.NET Core. It doesn't proxy all requests; it only proxies requests that match entries on an "allowlist" - so we only proxy the traffic that we've actively decided is acceptable as determined by taking the form of an expected URL and HTTP verb (GET / POST etc).
IMemoryCache and GetOrCreateForTimeSpanAsync
One thing that ASP.Net Core really got right was caching. IMemoryCache
is a caching implementation that does just what I want.