Showing posts from 2018

OAuth 2.0, OpenID Connect and Identity Server

OAuth 2.0, OpenID Connect and Identity ServerWhen it comes to authentication and authorization, the most used standard is OAuth 2.0 with OpenID Connect (OIDC).
Few weeks ago I discussed Resource owner password and Implicit flows focusing mainly on implementations with Identity Server. There is a lot of confusion revolving around OAuth 2.0 and OIDC, what they are, how they differ and even what Identity Server is and what is it used for. Today I will give more insights on what is OAuth 2.0 and OIDC are and how Identity Server relates to them.1. What is OAuth 2.0 2. What is OpenID Connect 3. What is Identity Server 4 1. What is OAuth 2.0OAuth 2.0 is an authorization protocol enabling applications to have a limited access to protected resources. The authorization is handled in the Identity provider (Idp) who is in charge of delivering an access token to the client apppication after having authenticated the resource owner (usually the user).Why do we need it?Let’s take an example.I have an…

SSL with Let’s Encrypt

SSL with Let’s EncryptFew months ago I explained briefly how SSL could be setup with CloudFlare. Today I would like to share another way to get a SSL certificate for free via a browser based implementation of Let’s Encrypt.
This post will be composed by two parts:1. How SSL works 2. How to get the certificate 1 . How SSL worksSSL provides a secure layer on top of HTTP. It allows to encrypt communication between client and server in order to prevent man in the middle attacks and eavesdropping.An SSL is composed by two pieces, a certificate and a private key.
The private key must be securely kept by the server while the certificate is distributed to all client.The goal of the SSL is to ensure two things:Encryption of data between server and clientAuthenticity of the certificate provided1.1 Encryption of data between server and clientThe encryption is established by an asymetric key pair.
The private key is held by the server while the public key is distributed to clients within the cert…

Params inheritance strategy with Angular Router

Params inheritance strategy with Angular RouterFew weeks ago I discussed about Angular router, how we could make sure our data are loaded before accessing a component. If you aren’t familiar with Angular router, I suggest you have a look at my previous blog post where I introduced the router.
The example was loading data from the store (ngrx store) to check if data were loaded.
But it would have been difficult if we needed to load data from the route params. Today we will see the problem faced when taking params from the route and how it can be resolve with a newly introduced feature in Angular router since 5.2.x.1. Getting data from the route params 2. paramsInheritanceStrategy 1. Getting data from the route paramsTo get data from the route params we take can use the ActivatedRouteSnapshot or the .snapshot property of the ActivatedRoute and use the .params property. Suppose that we have a route /test/:myKey, and we navigate to /test/hello, we could do the following:const key = route.…

Start processes from C# in DotNet Core

Start processes from C# in DotNet CoreBeing able to run batch during the lifecycle of an application is always useful. It gives a way to programmatically interact with any programs which implements a CLI. Today we will see how we can start processes from C# on .NET Core applications and how it can be useful in a real scenario1. Unzip from CLI 2. Use CLI from C# 1. Unzip from CLIIn this tutorial we will use a process to execute a 7zip command to extract files into a particular input.If we have 7zip installed and added to PATH, using a terminal, we should able to execute the following from the folder containing the archive:7z x .\\ -o.\\archive x stands for extract and -o stands for output directory. The result of this command should be the list of files in extract unzipped into the archive folder.There are times where it comes handy to zip and unzip as part of an application lifecycle, for example to allow a user to download multiple files from our server, we could zip them …

DotNet Framework, Standard, Core and ASP Net Core

DotNet Framework Standard Core and ASP Net CoreLot of things have changed from the past few years in the DotNet ecosystem. In many occasions, I have seen people get confused with the differences between DotNet Core, DotNet Standard and DotNet Framework and how do they all relate to ASP Net Core.
I don’t blame them, so many new keywords that it is quite confusing to first look at.
Today, I would like to explain the differences in term of project templates. What is the difference between DotNet Standard library or DotNet Core library, what is the difference between DotNet Core application or DotNet Framework application, etc… This post will contain 5 points:1. DotNet Framework 2. DotNet Standard 3. DotNet Core 4. How to choose 5. ASP.Net Core 1. DotNet FrameworkEverything started from DotNet framework.
We would build libraries, console app and web application using ASP.Net MVC on top of DotNet Framework.
DotNet framework provides a set of API available for application to use in order to…

The Steps Toward Leadership

The Steps Toward LeadershipAs a Software Engineer, I have gone through many managements, different countries, different companies, different projects which all left me with a bitter taste.
After years of reflection, I realized that half of the feeling came from my inexperience while the other half was meant to be fulfilled by the management under which I was working. This management was meant to provide me, a Software Engineer, the direction, vision and ideology to carry on my work. Management composed of line managers, higher management, directors and company, I expected them to lead me to success.
It is incredibly hard to find the right way to get a Software Engineering team to work well. Most of the challenges aren’t well understood by those coming from different backgrounds. Not that it is harder or easier, it is just different. Tasks aren’t easily measured, it is hard to make KPI, goals aren’t easily defined and set, and many more issues. We have seen that giving management respo…

Setup environments for your AspNetCore backend and Angular frontend

Setup environments for your AspNetCore backend and Angular frontendLast week we saw how we could use angular cli and dotnet cli to pack and publish our application with simple commands. The application had no settings therefore there wasn’t a need to differentiate multiple deployments. But if we do need different settings, how should we handle it?
Today I will amswer this question by explaining how we can setup targets and environments for our application. This post will be composed by three parts:1. What is the difference between a target and an environment 2. Setup target and nvironment settings for AspNetCore app 3. Setup target and environment settings for Angular CLI 1. What is the difference between a target and an environmentA target refers to a target build. A target build is a set of configurations used to build the application. For development, the optimization is usually disabled as build time is more important than the optimization of code for example which would slow down…