Thursday, August 24, 2017

Google Cloud Web API c#

1. Create Project  > Google Cloud ASP.NET Core Web API C#
2. Choose Google Project ID (can link with FireBase)

If you want run locally you need to add credential


3. Create  json file,
4. Copy this .json file to locally (outside cannot browse)


public Startup(IHostingEnvironment env)
{
      //Here is the Code for Credential
    string credential_path = "CargoTracking-2e89f93ec38b.json";
    Environment.SetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS", credential_path);

------------------------

[GCP Command]
gcloud config list
gcloud auth login
gcloud config set project [myproject]
Posted by at No comments:
Labels:

Wednesday, August 16, 2017

AWS Lambda - Custom Authorization

Lambda Code

Refer
https://stackoverflow.com/questions/41451582/c-sharp-implementation-of-aws-api-gateway-custom-authorization-lambda
http://docs.aws.amazon.com/apigateway/latest/developerguide/use-custom-authorizer.html

public AuthPolicy Authorization(TokenAuthorizerContext request)
{
    var token = request.AuthorizationToken;

    switch (token.ToLower())
    {
        case "allow":
            return generatePolicy("user", "Allow", request.MethodArn);
        case "deny":
            return generatePolicy("user", "Deny", request.MethodArn);
    }

    return null;
}


At Lambda to Custom Authorization


Add Custom Authorization to API Gateway Method


POSTMAN Test



Posted by at No comments:
Labels:

Monday, August 7, 2017

AWS Lamda

  • Service that lets you run code without managing servers (server-less)
  • Execute your code when needed and scales automatically. (no charge when your code not running)
  • Included Server and OS maintenance, auto scaling,  code monitoring and logging (FOC)
  • Support Node.js, Java, C# and Python.
  • It can run your code in response to events. E.g. Data Processing trigger for Amazon S3 or Amazon DyanamoDB
  • It can build Serverless applications. (only concern your code)
  • Outsider call Lambda thru API Gateway
  • Lambda can be custom authorization  at API Gateway
Step to create Lambda Project in VS2017


1) Need to Install AWS Extension



2) Deployment



3) API Gateway



Posted by at No comments:
Labels: ,

.NET Core


  • Open Source
  • Cross-platform (Linux, MAC, Windows) framework for building modern cloud-based web applications (UI and API) using .NET
  • ASP.NET Core MVC = MVC + Web API + Web Pages
  • It can run on IIS or Self-hosted


Posted by at No comments:
Labels:

Tuesday, August 1, 2017

Single Sign On (SSO)

ASP.NET Forms Authentication allow to share the same cookie across sites under same domain using configuration key <machineKey>

 
<machineKey 
  validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D" 
  decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
  validation="SHA1" decryption="AES"/>

Why need <machineKey>, because each ASP.NET web application use it own encryption keys for cookie data and others e.g. ViewState for security purpose. So if the same <machineKey>, across all applications under same domain, each will able to read cookie values.

After that, you need to instruct ASP.NET runtime to define the cookie so it can match with the domain name.

<forms name="name" loginUrl="URL" defaultUrl="URL" domain="mydomain.com"/>

ASP.NET is not able to share cookie across different domain.
_______________________________________________________________________________

Work Around (1)

1)User request domain1.com, no authentication cookie, redirect to domain1.com/login.
2) Login
3) domain1.com accept the login credential, verify from database. and Create authentication cookie  and add to the response
4) Response set ReturnURL to domain2.com.
5) domain2.com accept the response with cookie and store in browser.
6) domain2.com redirect to the  ReturnURL address (domain1.com) with reading the cookie value.
7) domain1.com accept the response with cookie and store in browser.

So both domain1.com and domain2.com authenicaton cookie are stored in the browser.

Problem : You need to implement for all the sites (costly and complex). Not recommend for domain more than 2


Basic_SSO_model_overview.png
_______________________________________________________________________________

Work Around (2)

Browser will not store authentication cookies for each site. It will store an authentication cookie for only in a site (sso.com). Every request to any site will redirect to sso.com for setting and checking authentication cookie. If not found, the user redirected to the login page.

1) User request domain1.com, redirect to sso.com to check cookie, with adding a ReturnURL query string paramater to back domain1.com.
2) If no cookie, request to domain1.com with query string has indicate the cookie not found and redirect to domain1.com/login
3) Login in domain1.com/login and invoke web service of sso.com to check user credentials, and return Token.
4) domain1.com mark the user as logged in, redirect to sso.com with Token to set authentication cookie, with ReturnUrl (domain1.com)

https://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic
https://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl#_articleTop

Posted by at No comments:
Subscribe to: Posts (Atom)