Authentication and Authorization in ASP.NET Core 6 Web API

https://www.pluralsight.com/courses/asp-dot-net-core-6-web-api-authentication-authorization

by Roland Guijt


Mod 1: Course Overview

  1. Course Overview

Mod 2: API Authentication with Keys and Cookies

  1. The Starting Situation
  2. Key Protection with Middleware
    • a rudimentary way of protecting a webapi; use a middleware to check for api key in header (not recommended by author) 
    • to be able to use security headers in swagger, you have to configure it in code. use the OpenApiSecurityRequirement object
  3. Key Protection with an Attribute
    • the solution from previous clip can be implemented as an attribute
    • if an attribute requires dependency injection, attribute will need to be used like this: [TypeFilter(typeof(ApiKeyAttribute))]
  4. Cookie Authentication
  5. Configuring Cookies and Schemes
  6. Restricting Access with the Authorize Attribute
  7. Accessing User Information

Mod 3: Protecting APIs with Tokens

  1. OAuth2 and the Identity Provider
    • tokens for APIs are called access token; for front ends, it is called identity token
  2. Protecting an API Using Access Tokens
    • audience is a microsoft invention, it is not part of OAuth
  3. Setting up an Identity Provider with Duende IdentityServer
  4. Scopes and Clients
  5. Requesting and Sending Access Tokens
  6. Using a Filter to Fetch and Include Access Tokens
    • use case for a ServiceFilter
  7. Automatic Token Management
  8. Anatomy of an Access Token
  9. Reference Tokens
Mod 4: Using Front-ends to Obtain Tokens

  1. OpenID Connect and the Authorization Code Flow
  2. Applying Authorization Code Flow
  3. Accessing and Using the Access Token
  4. Refresh Tokens and Token Management
  5. Adding Claims to the Access Token
Mod 5: Adding Authorization
  1. Checking Audience
  2. ClaimsPrincipal and Claims Mapping
  3. Authorization Policies
  4. Global Policies
  5. Deciding on an Authorization Strategy
  6. The Authorization API
  7. Requirements and Handlers

Comments

Post a Comment

Popular posts from this blog

Angular Routing and Navigation Playbook

Image
https://www.pluralsight.com/courses/angular-routing-navigation-playbook by Lara Newsom Course Overview Course Overview Course Introduction and Code Examples Course Introduction and Code Examples Basic Angular Routing Setup Introduction to Angular Routing Discussion: Angular RouterModule Exports Demo: Bootstrap Angular RouterModule Discussion: Declaring Routes angular has tow route path match strategies: prefix based or full match prefix is the default Demo: Declaring Default and Home Routes two options for declaring a default route: {path: ' ', componenet: DefaultComponent} {path: ' ', redirectTo: 'home', pathMatch: 'full'} Discussion: Child Routes and Route Order Demo: Declaring a Wildcard Route wild card routes is: path: '**' to enabled logging all navigation events to the console, enable tracing Demo: Hooking into Router Events Routing in Standalone Component Applications Introduction to Standalone Components and Routing Demo: Bootstrapping Ro...
Read more

Working with Files in C# 10

https://www.pluralsight.com/courses/c-sharp-10-working-files by Jason Roberts Course Overview Course Overview Sandbox Managing Files and Directories Introduction Creating a New Console App Checking if a File Exists you can use to check if file path is an absolute path: Path.IsPathFullyQualified Getting the Parent Directory of a Path Checking if a Directory Exists and Creating New Directories Copying a File Moving a File Getting the File Extension from a File Name Checkpoint 01- Get the Parent Directory for a Path Changing a Filename Extension Checkpoint 02 - Get the Extension Part of a Filename Deleting a Directory Enumerating All the Files in a Directory Summary Exercise 01- Copying and Deleting Files Monitoring the File System for Changes Introduction Introducing the FileSystemWatcher Class The IntemalBufferSize Property Configuring Notification Filters Additional Properties Refactoring to Use a FileSystemWatcher use FileSystemWatcher to watch for file changes in a folder Checkpo...
Read more

Mastering Git

https://app.pluralsight.com/library/courses/master-git/table-of-contents by Paolo Perrotta Module 1: Course Overview Course Overview Module 2: The Four Areas: Introduction Version Check About This Training A Note About the Command Line Introducing the Four Areas The Working Area The Repository The Index Module 3: The Four Areas: Basic Workflow Revisiting the Basics Moving Data to the Right Moving Data to the Left Removing Files Renaming Files A Quick Summary Module 4: The Four Areas: Git Reset Understanding Reset A Reset Example More Reset Examples Module 5: The Four Areas: Advanced Tools Stashing Data Solving Conflicts Working with Paths Committing Parts of a File Introducing Switch and Restore Git Is a Toolbox Module 6: History: Exploring the Past Becoming a History Surgeon Referencing Commits to show changes in a commit: git show HEAD to show changes in a commit parent: git show HEAD^ Tracking Changes in History Browsing the Log Module 7: History: Fixing Mistakes Reviewing the Golde...
Read more