Skip to content

SDD London, May 2017

March 6, 2017

As is the tradition in the spring, I will be speaking at SDD in London this May. I have sessions on ASP.NET Identity, securing SPAs and we’re also doing our workshop in a 1-day format. Hope to see you there!

 

NDC London 2017

March 1, 2017

leastprivilege.com

As always – NDC was a very good conference. Brock and I did a workshop, two talks and an interview. Here are the relevant links:

Check our website for more training dates.

View original post

OpenID Connect Client Library for JavaScript/SPA-style Applications

February 7, 2017

leastprivilege.com

In addition to our native library – Brock successfully certified his JavaScript library with the OpenID Foundation.

oidc-client-js is by far the most easy and elegant way I have seen so far for integrating OpenID Connect and OAuth 2 client functionality into JavaScript – highly recommended!

See here for a step-by-step tutorial on how to use it.

View original post

MVP MIX Dallas 2017

January 30, 2017

I’ll be doing a 1-day version of our workshop on Identity and Access Control for Modern Applications and APIs using ASP.NET Core at MVP MIX in Dallas this March 2017.

Hope to see you there!

 

 

Demos — Boston Code Camp, November 2016

November 19, 2016

Here are the slides/demos from my ASP.NET Core security talk today at the Boston Code Camp. Thanks!

https://1drv.ms/f/s!AjXKCyy1XZYBjWhdGgGY2qR0-R28

Also, here’s the link to the IdentityServer website.

Process.Start for URLs on .NET Core

September 24, 2016

Apparently .NET Core is sort of broken when it comes to opening a URL via Process.Start. Normally you’d expect to do this:

Process.Start("http://google.com")

And then the default system browser pops open and you’re good to go. But this open issue explains that this doesn’t work on .NET Core. So instead you have to do this (credit goes to Eric Mellino):

public static void OpenBrowser(string url)
{
    try
    {
        Process.Start(url);
    }
    catch
    {
        // hack because of this: https://github.com/dotnet/corefx/issues/10361
        if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
        {
            url = url.Replace("&", "^&");
            Process.Start(new ProcessStartInfo("cmd", $"/c start {url}") { CreateNoWindow = true });
        }
        else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
        {
            Process.Start("xdg-open", url);
        }
        else if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
        {
            Process.Start("open", url);
        }
        else
        {
            throw;
        }
    }
}

I added a few more fixes for Windows — one was suppressing the second command prompt, and another was escaping the “&” with “^&” so the shell does not treat them as command separators.

Fun times in this cross-platform world.

 

SDD Deep Dive, London 2016

September 13, 2016

In November 2016, Dominick and I will be speaking together at SDD Conf in London. We’re doing a 3-day version of our Identity & access control for modern web applications & API workshop which now targets ASP.NET Core and IdentityServer4.

The 3-day format allows much more time for hands-on labs, as well as in-depth discussions of how to architect for single sign-on and web API security. Also, we have extra time allotted to show how to customize and configure IdentityServer4.

Hope to see you there!