Category

C#

Microsoft C#

Azure, AzureFunctions, C#

Deploying EOL .NET Core to Azure App Services

As you all know, .NET Core 3.1 is now out of support since December 13 2022. If you follow me on my social media, I reminded my followers about this a little over a month ago. Unfortunately, some of the customers my colleagues and I deal with, have yet to migrate, and were caught by surprise at the last minute. I am and have been advising my customers to plan some time to migrate to .NET 6 (which is LTS), however, the time and priorities issue always come back. Fortunately, there are 2 solutions that you can put in place today to be able to continue deploying EOL .NET core versions. Solution 1: Deploying the application using the self-contained method…

Read more
C#, Visual Studio

Executing ad hoc C# code snippets

It may happen that you want to test some C# code without having to start the full car, i.e. open up Visual Studio or Visual Studio code. You may even want to test some of the libraries you’re developing to see how a scenario or behavior you are thinking about would react. Say no more. In this post, I will show you 2 ways to do so. It won’t require you to create a console app or even run your actual application with your code snippet. This will allow you to quickly test your code and scenarios. Note that the techniques below are to produce outputs, not to actually debug your code. For debugging, you will need an IDE that…

Read more
Azure, C#, DevOps, Docker

Integration tests using Azure Storage emulator and .NET Core in Azure DevOps

I had a friend contact me about a situation that he was trying to do and I was about to have the same situation myself so I decided to tackle it. That situation is that we both need to test our code, but our code is dependent on Azure Storage. As you know, you can emulate Azure Storage on Windows using the (now deprecated) Azure Storage Emulator, or using Azurite. Since my code is built and tested on linux, I decided on using Azurite. Azurite v3 runs in a container. Azurite v2 runs using node.js but the container is not officially available. You need to build the image yourself. Azurite v2 is necessary if you need to have access to…

Read more
Azure, C#, Microsoft365

Connecting to SharePoint Online using an Azure AD Service Principle (Application) and CSOM

Microsoft is giving us a push to use Microsoft Graph as an alternative to using SharePoint CSOM. Unfortunately, not everything is available in Microsoft Graph. When you are automating, you want to use a service account that has no user identity (delegation) in it and can be autonomous. However, the only way right now to get an application token that can be used to consume the SharePoint Online CSOM, is to authenticate your application using an authentication certificate. This post continues on the SPOAuthentication code, as discussed in my other post. We will make use of the KeyVault to store the authentication certificate and then add it to the application as a key credential used for authentication. KeyVault and Application…

Read more
Azure, C#, Microsoft365

Connecting to SharePoint Online CSOM using a non-interactive, headless application, through user delegation

It may happen to you that you need to run a process which has no user interaction for automation purposes. This may be a console application or an Azure Function that has a timer trigger. How is it possible to call the CSOM (client side object model) API of SharePoint online in such fashion? Usually people authenticate in other ways. Today, I want to show you how this can be done, using a .NET Core console application. Preface Before getting cracking with the code, I want to brush on the the On-Behalf-Flow, as it is important to understand it to understand why the code does certain things. The OAuth 2.0 On-Behalf-Of flow (OBO) serves the use case where an application…

Read more
Azure, C#

Migrating to the new C# Azure KeyVault SDK Libraries

You may be familiar with the Microsoft.Azure.KeyVault SDK. This SDK is being retired in favor of 3 new SDKs: Azure.Security.KeyVault.Keys Azure.Security.KeyVault.Secrets Azure.Security.KeyVault.Certificates As you can see, the Microsoft Azure SDK team split the KeyVault functionality in 3 distinct SDKs. All those SDKs are unified with the Azure.Identity SDK to manage authentication. Let’s deep dive a little bit into those SDKs. I wanted to brush up on those, as usually what people do, when they have the KeyVault setup in their application, they tend to forget about it. If you want to migrate to the new SDKs (or you’re looking to consume the KeyVault through code), this post can be of interest to you. Azure.Identity SDK The Azure Identity library is…

Read more
C#

C# ways of handling when being throttled by an API

I’ve been building a service application that is responsible to grab data from a REST API. The API has mechanisms in place to reduce abuse and make sure that everyone can consume its service in a fair way. That being said, this means that sometimes you may need to do a lot of requests to extract the data you need. If you get throttled, that is being told that you are sending too many requests and get served with a “temporary” ban, you will need to way and retry. You know it is a “temporary” ban so why would you send back an error (exception) to your client when it’s something you can possibly handle yourself. How can you deal…

Read more
ASP.NET Core, C#, WebApi

Securing ASP.NET Core WebApi with an API Key

I read the article from Aram Tchekrekjian, which he goes in great length about techniques to secure a Web API, that is, using a Middleware and using an attribute that uses the IAsyncActionFilter. I would like to add another technique to this list using also an attribute, but one that uses the IAsyncAuthorizationFilter instead. This filter is called earlier in the chain of filters and can stop early a bad request using an invalid API Key. To learn more about filters, check out the documentation. I will use the starter ASP.NET Core 3 API template that comes with dotnet. You can create it through Visual Studio or using the command line dotnet new webapi <ProjectName>. In my scenario, I will use a combination…

Read more
C#

Getting feedback from EntityFramework Core through diagnostics

Have you ever wanted to get some diagnostics information about Entity Framework Core when it comes to the actions it’s doing such as when a command is executing or executed, when it’s opening a connection to the database or even when there’s an error, to name just a few? I was searching for a way to be able to get the duration of the query it was executing. I was glad to find out that Entity Framework Core hooks itself into DiagnosticSource, a simple module that allows code to be instrumented for production-time logging of rich data payloads for consumption within the process that was instrumented.1 Getting hooked into the diagnostic pipeline DiagnosticSource uses the observer pattern to notify its observers. If you…

Read more
C#, Docker

Running an ASP.NET Core application targeting .NET Framework in Docker

Recently, I’ve came across an interesting challenge that was to dockerize an ASP.NET Core 2.2 application targeting .NET Framework 4.7.2. The reason this application was targeting .NET Framework was because it was using a library that unfortunately had no plans to move to the .NET Core platform. That library was a port from Java. As such I had to take a decision: rewrite the whole application in Java to support this library more natively, or try to find an alternative library that did the same thing. Sometimes it’s better to sleep on such decision. Well it paid off. I had forgotten that possibly I could use mono to run it. I took this as a challenge and used one of…

Read more
Azure, C#

Loading a X509 certificate from Azure KeyVault into a .NET Core application

In a context where we are now using APIs a lot more than we used to, it becomes important to secure them. One way we can secure them is using the OAUTH/OpenId protocol, which relies on Json Web Tokens (JWTs).  A JWT needs to be generated and digitally signed by the authority (what we call a Security Token Service (STS)) your APIs trust. They require signed JWTs to prevent attackers from altering or counterfeiting such tokens in an attempt to gain unauthorized access to the resources secured by the APIs. A good open source implementation of such authority is IdentityServer4 which also gives you a lot more features than just being a STS. In development mode, IdentityServer4 provides you with…

Read more
C#, WebApi

Testing SignalR in ASP.NET Core with Integration Tests

As promised in my last post, I’m following up on how to test your SignalR hubs in an end to end manner using TestServer. This post is a build up on my last post so if you haven’t read it, go do so now! Setup I have a Hub named ChatHub that has the following method:

My clients all are connected to (listen to) a method to receive messages called  OnMessageReceived. Tests In my test class, I created a method to help me start my connection. If you plan on testing multiple hubs, you may want to move this method to a helper class.

Dom, my Hubs are protected with a Jwt Token… No worries, you can pass your…

Read more
C#, WebApi

Testing a WebAPI in .NET Core with Integration tests

NOTE: This posts targets ASP.NET Core 2.X. If you are looking for ASP.NET Core 3.1, see my repository. I’ve also made a NuGet package for easier consumption. You finished developing your API, and you are ready and eager to push it to production. You then realize that you are missing some tests to make it a real production ready API. Lucky for you, ASP.NET Core 2.X provides us with an In-Memory HTTP Server (TestServer) to help us achieve this. This post aims to help you write end to end tests (e2e) using ASP.NET Core 2.1 (and possibly future versions!) in order to test the flow of your API. Remember that having tests in place, whether they are unit or end to end,…

Read more
Azure, C#, Web

Connecting Azure AD and Azure AD B2C to IdentityServer4

I’ve been playing with IdentityServer4 lately and I wanted to share you guys the findings I’m finding while I am playing with it. IdentityServer4 for the ones who don’t know it, is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core 2. You can read all about it here. In today’s post, I would like to show you how you can connect Azure AD and Azure AD B2C to IdentityServer4 as external providers. When doing so, IdentityServer becomes a federated gateway. Both implementation are similar, however, Azure AD and Azure AD B2C have specificities that are particular to them. Connecting to Azure AD We can connect Azure AD to IdentityServer through an external OpenIdConnect provider. To do that, you…

Read more
Azure, C#, Visual Studio

The moment I came to play with .NET Standard 2.0 – Azure Functions

A lot has changed ever since I played with Azure Functions and .NET Standard 2.0. If you remember from my previous post, I was talking about how you had to set the FUNCTIONS_EXTENSION_VERSION to beta in order to benefit from the new runtime. I also talked about how I had a problem with the connection manager to access the app settings. Well the good news is that the team now fully migrated to the new Configuration modeling from ASP.NET core. You can now easily refer to your configurations by importing the following packages and using the following code to have access to your configuration: Nuget package Description Microsoft.Extensions.Logging Main logging package Microsoft.Extensions.Logging.Abstractions Makes SetBasePath() available Microsoft.Extensions.Logging.Json Makes AddJsonFile() method available…

Read more