Kimserey's blog

ApiController attribute in ASP NET Core 2.1ASP NET Core 2.1 brings a set a enhacements for Web API development, Web API being a service accessible via HTTP and returning result in Json format. Those enhancements aim to simplify the composition of those APIs and also remove unecessary functionalities. Today we will explore those enhancements in five partsControllerBaseand ApiControllerAutomatic model validationInferred model bindingActionResult<T>1. ControllerBase and ApiControllerPrior everything, we should set the compatibility version of ASP NET Core by using the .SetCompatibilityVersion.services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); In the past, we used to inherit from Controller which was providing functions to return different HTTP status code results together with optional data like Ok(...) or Json(...), but it was also used to display Razor views like View(...) or PartialView(...).Starting from 2.1, it is now recommended to inherit from Contr…

Update NPM packages for frontend projects with npm-check-updatesFrontend libraries progress very rapidly. After just one month, a project can see all its packages needing an upgrade. Today how we can achieve that in ways:install vs updateUsing npm-check-updates1. Install vs Update1.1 npm installnpm install will install packages which are found in package.json but aren’t downloaded.For example, we have a project where we installed Primeng 6.0.0 with npm install --save primeng@6.0.0. The sementic versioning rule placed in package.json is as followed:"dependencies": { ... some packages, "primeng": "^6.0.0" } The ^ (caret) specifies that minor or patches upgrades are allowed for packages above 1.0.0. For 0.x.x changes, minor changes are considered major therefore only patches upgrades are allowed. Official documentation of the versioning can be found on npm site https://docs.npmjs.com/misc/semver.If we run npm ls primeng, we will see that 6.0.0 is ins…

SignalR Core with AngularLast week we saw how to Configure SignalR and get a server notifying a client built as Razor page via Websockets. We completed the post by having a fully functional backend setup with SignalR and authentication done via Resource Owner Password. Today we will see how we can connect to SignalR hub from an Angular application and demonstrate how we can authenticate in five parts:SignalR serverSetup an Angular applicationConnect to SignalR hubSend messagesAuthentication1. SignalR serverWe won’t be describing the server here, instead we will take from where we left in my previous blog post with the code fully available on my Github https://github.com/Kimserey/signalr-core-sample/tree/master/Example.Get the repository and run signalr-core-sample/Example. It will run a server on http://localhost:5000 with a SignalR hub on /chathub and Identity server configured with a client my-app setup with Resource owner password flow.2. Setup an Angular applicationOnce we have th…

Manage configurations with ASP NET Core on UbuntuManaging configurations can be challenging. We cannot simply check-in in our repository secrets and connection strings and at the same time we want an easy way to maintain them.
Today we will see how we can manage secrets is am easy way on Ubuntu with systemd.Make secrets available on server with systemdManage secrets locally with UserSecrets on ASP NET CoreManage UserSecrets for dotnet Console ApplicationGoalWe need to keep secrets out of the source code. Therefore we want to have our application get secrets locally for local testing and we want the application to get them in our hosted environment.
In order to achieve that we will use systemd override configuration to hold configuration of secrets on our server and in our local machine we will use UserSecrets which holds configurations in the user app folder.Take note that UserSecrets file is not encrypted. The only protection we get is the OS user protection.If you are not familiar w…

Nginx 502 bad gateway after SSL setupWhen proxying a request to an underlying server, it is necessary to validate its SSL certificate. For example, if we have a process running on https://localhost:5001, we can configure Nginx to validate the certificate used by localhost:5001. But if we miss one step, we face the common error 502 Bad Gateway returned by Nginx. Today we will see two scenarios where we can face the error and how to fix them:Setup SSL verificationScenario 1: self-signed certificateScenario 2: upstream server1. Setup SSL verificationWe can tell Nginx to verify the underlying SSL by adding the following directives, either on server or location level:server { // ... more config proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt; proxy_ssl_verify on; proxy_ssl_session_reuse on; location / { proxy_pass https://localhost:5001/; } } proxy_ssl_trusted_certificate indicates to Nginx the location of the trusted CA certificates.
proxy_ssl_verify on…

HTTPS with SSL for Nginx, Kestrel and AngularInternet is moving toward secure connections whereby HTTPS is a priority. Browsers are now warning users when navigating to non secured website. With this movement, Kestrel and ASPNET Core have adopted the mentality of security by default rather than security when needed. HTTPS will now be the default and HTTP will be a necessity due to implementation constraints. Together with Lets Encrypt and ACME protocol, we do not have excuses for not implementing an SSL connection.Setup the exampleSSL self signed certificate for NginxSSL self signed certificate for KestrelSSL self signed certificate for Angular CLI1. Setup the exampleWe assume that our environment is on Ubuntu, with nginx and dotnet installed.
If you are on Windows, you can install the linux subsystem with Ubuntu 16.04 as describe on my previous post. This will give access to most of the features of Ubuntu via a bash prompt.To start we create a HelloWorld application with dotnet. Here…

HttpClientFactory in ASP NET Core 2.1ASP.NET Core 2.1 ships with a factory for HttpClient called HttpclientFactory. This factory allows us to no longer care about the lifecycle of the HttpClient by leaving it to the framework. Today we will see few ways of instantiating clients:Default clientTyped clientNamed client1. Default clientTo use the factory, we start first by registering it to the service collection with .AddHttpClient() which is an extension coming from Microsoft.Extensions.Http.public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services.AddHttpClient(); } This gives us access to the IHttpClientFactory which we can inject and using it, we can create a HttpClient.[HttpPost] public async Task<ActionResult<string>> PostDefaultClient([FromServices]IHttpClientFactory factory, [FromBody] ValueDto value) { var client = factory.CreateClient(); client.BaseAddress = new System.Uri("http://localhost:5100"); va…

SignalR with ASP Net CoreSignalR is a framework from ASP NET Core allowing us to establish a two way communication between client and server. This two way communication allows the client to send messages to the server but more importantly allows the server to push messages to the client.
SignalR makes use of Websocket when available else it falls back to SSE or pulling. Today we will focus on how to setup SignalR to work with WSS, Websocket secure and how we can authenticate the user requesting to connect to our SignalR hub via Webscoket.Getting started with SignalRSSL encryption for Websocket Secure WSSWebsocket Authentication with Identity Server 4SignalR behind Nginx1. Getting started with SignalRThe Hubs are the main components of SignalR. It is an abstraction of a two way communication available for both client and server. Public functions from the hub can be called from the server code and can be called from the client. The frontend NPM package @aspnet/signalr library makes the …