Category

WebApi

Azure, Debugging, Web, WebApi

Debugging a managed identity connection to Azure SQL in Azure App Service using containers

So you’ve been eager to deploy your containerized web application that you’ve been working on for a while, to Azure App Service. You follow the best security practices which means you’ve setup your connection to your Azure SQL database using a managed identity. Upon loading your application, you get a dreadful exception that you can’t connect to the database. You then wonder, is this a database permission problem or some another problem, such as the application cannot connect to the database using its managed identity. This problem is even tougher to diagnose in applications such as Custom Off the Shelf (COTS) that you don’t have the source code. Rest assured, this happen to the best of us (yes, even me!)….

Read more
Azure, Development, Web, WebApi

Load testing your applications using Azure Load Testing, JMeter and GitHub Actions

I’ve been working with more customers that are starting to take testing (unit, integration, end to end and load testing) more seriously. You may ask, “Dom, really? I thought testing was trivial”. Unfortunately not. As we’re entering an era where businesses are producing software like never before, relatively speaking, these businesses are not software companies. They are seeking to prioritize the speedy creation of business value while disregarding the importance of testing. Development teams, most often than not, are under pressure when the applications they develop do not perform the way they intended it to work, after being released. Testing is not engrained within their DNA. If it would have been, the extra stress and anxiety associated with debugging the…

Read more
ASP.NET Core, C#, WebApi

Securing ASP.NET Core WebApi with an API Key

I read the article from Aram Tchekrekjian, which he goes in great length about techniques to secure a Web API, that is, using a Middleware and using an attribute that uses the IAsyncActionFilter. I would like to add another technique to this list using also an attribute, but one that uses the IAsyncAuthorizationFilter instead. This filter is called earlier in the chain of filters and can stop early a bad request using an invalid API Key. To learn more about filters, check out the documentation. I will use the starter ASP.NET Core 3 API template that comes with dotnet. You can create it through Visual Studio or using the command line dotnet new webapi <ProjectName>. In my scenario, I will use a combination…

Read more
C#, WebApi

Testing SignalR in ASP.NET Core with Integration Tests

As promised in my last post, I’m following up on how to test your SignalR hubs in an end to end manner using TestServer. This post is a build up on my last post so if you haven’t read it, go do so now! Setup I have a Hub named ChatHub that has the following method:

My clients all are connected to (listen to) a method to receive messages called  OnMessageReceived. Tests In my test class, I created a method to help me start my connection. If you plan on testing multiple hubs, you may want to move this method to a helper class.

Dom, my Hubs are protected with a Jwt Token… No worries, you can pass your…

Read more
C#, WebApi

Testing a WebAPI in .NET Core with Integration tests

NOTE: This posts targets ASP.NET Core 2.X. If you are looking for ASP.NET Core 3.1, see my repository. I’ve also made a NuGet package for easier consumption. You finished developing your API, and you are ready and eager to push it to production. You then realize that you are missing some tests to make it a real production ready API. Lucky for you, ASP.NET Core 2.X provides us with an In-Memory HTTP Server (TestServer) to help us achieve this. This post aims to help you write end to end tests (e2e) using ASP.NET Core 2.1 (and possibly future versions!) in order to test the flow of your API. Remember that having tests in place, whether they are unit or end to end,…

Read more
C#, Software Architecture, WebApi

Web APIs: The real existential questions

The real existential questions I was talking to my buddy Alexandre about Web APIs and we had a great general discussion on the subject. What he made me realize and what I want to bring up with you guys is that building APIs goes beyond the technical implementation. Sometimes you have to look at things from a higher point of view. He shared with me with the following questions that I found very interesting. How do you project your backend API? How do you protect your core business systems? How do you enforce your IT and business policies? How do you engage with developers? How do you reduce the time-to-first API call? How do you measure their use and impact? Before…

Read more
C#, Web, WebApi

Web APIs: what you should not forget

In today’s day and age, you probably have heard of (REST) Web APIs as the way to consume data over the web. This is especially true with the emergence of microservices. You are probably building, have built or thinking of building a/some Web API(s). You are or may be planning to consume a/some Web API(s). In this post, I want to highlight certain things not to forget, on a technical stand point, when consuming and building Web APIs. Remember that those are just a start. There are multiple resources on the internet to help you adopt good practices. A good one that I recommend is the Microsoft API Implementation guide. TL;DR In building APIs: Versioning Verbs to nouns Status codes overload…

Read more