Uncategorized

Angular Projects and Lessons Learned

Throughout my career, I have worked on quite a few Angular projects. In this post, I will go through some of the different projects I have worked on and explain the lessons learned in each so you can learn from them. Ionic + Cordova mobile app with AngularJS (2015) This app was about creating an …

Angular Projects and Lessons Learned Read More »

How to structure Graphql, Typescript and Express app for scalability

In this post I will share a great structure for structuring your Graphql application, using Typescript and Express. The structure consists of these folders/layers (from outer to inner): IOC: Inversion of control provides testability and control over the dependencies in the system. For this, I use “Inversify” Schema: The definition of the GraphQL schemas defined …

How to structure Graphql, Typescript and Express app for scalability Read More »

Configure IdentityServer with Entity Framework (OIDC Part 6)

In this post, we are going to build upon our IdentityServer setup with ASP.NET Core Identity for user management by moving the previously hardcoded IdentityServer configuration data to the database. This enables dynamic change of how IdentityServer is configured instead of needed a rebuild of the server for every configuration change. For this, we are …

Configure IdentityServer with Entity Framework (OIDC Part 6) Read More »

OpenID Connect with IdentityServer and ASP.NET Core Identity (OIDC Part 5)

Great that you made it this far! Now we are getting closer to what would be a “normal” scenario. Until now we have played around with authenticating with client credentials, authorization code flow, and hybrid flow – all with hardcoded test users. Of course, this would not work in a production setup, so we will …

OpenID Connect with IdentityServer and ASP.NET Core Identity (OIDC Part 5) Read More »

OpenID Connect Hybrid Flow for calling resource API (OIDC Part 4)

In the last post we created an authorization code client, enabling the client to get the user claims from the id token, exchanged for the post-login authorization code. That way we were able to display the user roles on an authorized MVC view. This time, instead of getting the user roles from the userInfo endpoint …

OpenID Connect Hybrid Flow for calling resource API (OIDC Part 4) Read More »

Creating an OpenID connect system with Angular 8 and IdentityServer4 (OIDC part 1)

OpenID connect authentication with dotnet core and Angular will demonstrate how to set up an app that supports authentication and access control of certain resources in the system. This guide is based on the Identity Server docs which seems to favor a setup with a client, an Identity server and an API being with authorized resources. This …

Creating an OpenID connect system with Angular 8 and IdentityServer4 (OIDC part 1) Read More »

OpenID Connect Interactive authentication with Authorization Code Flow (OIDC Part 3)

In part 2 we created a simple OIDC setup using hard-coded client credentials for the client to obtain an access token, so it could invoke the resource API. In this post, we are gonna enable interactive login on the identity server with hard-coded test users using authorization flow. After the users have successfully logged in, …

OpenID Connect Interactive authentication with Authorization Code Flow (OIDC Part 3) Read More »