Thoughts on .Net & Coding

If you are tracking the development of ASP.NET Core 5, you are probably aware that RC1 of the framework is now available. One of the additions for Blazor Server and Blazor WebAssembly is the InputFile component to deal with file uploaded. In this article I am going to take a quick look at the InputFile component and discuss a possible file upload process for Blazor Server as well as Blazor WebAssembly apps.

ASP.NET Core supports creation of RPC style services using gRPC. Once created you might also want to secure them by authenticating and authorizing the service calls. To that end this article discusses a possible approach to implementing authentication in gRPC services.

In Part - 5 of this series you learned to stored IdentityServer configuration data such as identity resources, API resources, and clients into a SQL Server database. However, our sample application still uses TestUser objects to sign into the system. As you would have guessed, in a more real-world app you would like to rope in ASP.NET Core Identity to perform membership tasks. In such a case, instead of using TestUsers you would have IdentityUsers (or its subclass). Let's see how this can be accomplished in this concluding part of this series.

In Part 1, Part 2, Part 3, and Part 4 we touched upon various aspects of configuring IdentityServer, OAuth, and OIDC in ASP.NET Core Web API and MVC applications. Although our sample application is working as expected, it stores all the IdentityServer related configuration in-memory. In a more realistic app you would like to store the configuration in some persistent data store such as SQL Server database. In this part we will do just that.

In Part 1 of this series we configured a few pieces about user such as name, email, address, and phone in the Server project. But in Part 2 and Part 3 we didn't use them in any way. Now it's time to do that. In this part of the series we will access user's claims first in the Web API and then in the MVC application. We will also involve these claims in the authorization process by creating a custom policy.

In Part 2 of this series you protected the Employees Web API using IdentityServer. You also invoked the Web API using Postman tool and HttpClient. In this part of the series you will create an MVC application that is protected using IdentityServer and requires valid sign-in credentials from the end users. The MVC application then invokes the same Web API by passing a security token to it.

In the previous part of this series you created IdentityServerDemo.Server project and also added IdentityServer configuration. In this part we will first create the Employees Web API. Then we will configure the Web API project to use JWT issued by the authorization server. Finally, we will invoke the Web API using Postman and HttpClient.

IdentityServer is an implementation of OpenID Connect and OAuth2 specifications that ASP.NET Core developers can use to secure their applications and APIs. Beginners often find it bit tricky to setup and configure the applications to use this popular framework. To that end this article series attempts to provide a quick tour of setup and configuration required to put IdentityServer to use. I am not going to explain the basic OAuth2 and OpenID Connect terminology here. A lot of good resources are available on the internet explaining those basics. You can also go through the IdentityServer documentation to familiarize yourself with the framework.