Posts

Showing posts from February, 2018

Logging in ASP NET Core with Serilog

Logging in ASP NET Core with Serilog At each stages of an application development cycle, good logs are necessary to debug and fix bugs efficiently. Serilog is a logging framework allowing developers to log structured logs into different ouput platforms. Today we will see how we can set it up in three parts Serilog for ASP.NET Core Console sink Rolling File sink Environment enricher All the code discussed here can be found on my GitHub https://github.com/Kimserey/SerilogTest . 1. Serilog for ASP.NET Core 1.1 Structured logs Logs are string messages describing an event in the system. They are built by assembling pieces of information, elapsed time or process name, into a string message. Once constructed into a message, they are written into an ouput stream, console or file for example. The message contains the timestamp the log message. The log message being a string, all we can do to query it is a full text search query. If our log contained the elapsed time, it would n

OAuth 2.0, OpenID Connect and Identity Server

OAuth 2.0, OpenID Connect and Identity Server When it comes to authentication and authorization, the most used standard is OAuth 2.0 with OpenID Connect (OIDC). Few weeks ago I discussed Resource owner password and Implicit flows focusing mainly on implementations with Identity Server. There is a lot of confusion revolving around OAuth 2.0 and OIDC, what they are, how they differ and even what Identity Server is and what is it used for. Today I will give more insights on what is OAuth 2.0 and OIDC are and how Identity Server relates to them. 1. What is OAuth 2.0 2. What is OpenID Connect 3. What is Identity Server 4 1. What is OAuth 2.0 OAuth 2.0 is an authorization protocol enabling applications to have a limited access to protected resources. The authorization is handled in the Identity provider (Idp) who is in charge of delivering an access token to the client apppication after having authenticated the resource owner (usually the user). Why do we need it? Let’s take an exa

SSL with Let’s Encrypt

Image
SSL with Let’s Encrypt Few months ago I explained briefly how SSL could be setup with CloudFlare. Today I would like to share another way to get a SSL certificate for free via a browser based implementation of Let’s Encrypt. This post will be composed by two parts: 1. How SSL works 2. How to get the certificate 1 . How SSL works SSL provides a secure layer on top of HTTP. It allows to encrypt communication between client and server in order to prevent man in the middle attacks and eavesdropping. An SSL is composed by two pieces, a certificate and a private key. The private key must be securely kept by the server while the certificate is distributed to all client. The goal of the SSL is to ensure two things: Encryption of data between server and client Authenticity of the certificate provided 1.1 Encryption of data between server and client The encryption is established by an asymetric key pair. The private key is held by the server while the public key is distributed to

Params inheritance strategy with Angular Router

Params inheritance strategy with Angular Router Few weeks ago I discussed about Angular router, how we could make sure our data are loaded before accessing a component. If you aren’t familiar with Angular router, I suggest you have a look at my previous blog post where I introduced the router . The example was loading data from the store (ngrx store) to check if data were loaded. But it would have been difficult if we needed to load data from the route params. Today we will see the problem faced when taking params from the route and how it can be resolve with a newly introduced feature in Angular router since 5.2.x. 1. Getting data from the route params 2. paramsInheritanceStrategy 1. Getting data from the route params To get data from the route params we take can use the ActivatedRouteSnapshot or the .snapshot property of the ActivatedRoute and use the .params property. Suppose that we have a route /test/:myKey , and we navigate to /test/hello , we could do the following: c