Posts

AWS DynamoDB SDK support for .NET DateTimeOffset

The AWS DynamoDB SDK does not support the .NET DateTimeOffset datatype by default . You may have received an exception similar to: System.InvalidOperationException: Type System.Nullable System.DateTimeOffset is unsupported, it cannot be instantiated. at Amazon.DynamoDBv2.DataModel But you can add a custom IPropertyConverter so that you can persist DateTimeOffset. public class DateTimeOffsetPropertyConverter : IPropertyConverter {     public static readonly string DateTimeOffsetPersistenceFormatString = "yyyy-MM-ddTHH:mm:ss.ffffzzz";     public object FromEntry(DynamoDBEntry entry)     {         if (entry == null)         {             throw new ArgumentNullException(nameof(entry));         }         var primitive = entry as Primitive;         if (primitive == null)         {             throw new ArgumentException($"{nameof(entry)} [{entry?.GetType()?.Name}] is not an instance of {nameof(Primitive)}.");         }         var dateString = primitive.Value as string;
Post a Comment
Read more

ASP.NET .NET 6 OIDC Retrieve JWT AccessToken after SaveTokens

I was not able to find the docs for retrieving the JWT AccessToken in ASP.NET .NET 6 after they are saved so I decided to document it here. You may be familiar with the HttpContext.GetTokenAsync() method . This appears to have worked in previous version of .NET, but I could not get it to work in .NET 6. First, make sure you are saving the access tokens in the  AddOpenIdConnect configuration. builder     .Services     .AddAuthentication(options =>     {         options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;         options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;     })     .AddCookie()     .AddOpenIdConnect(options =>     {         options.SaveTokens = true;     }); Then, instead of HttpContext.GetTokenAsync(), call HttpContext.AuthenticateAsync(), and get the token out of the AuthenticateResult. var accessToken = authenticateResult?.Properties?.GetString(".Token.access_token"); Hope this helps, Aaron
Post a Comment
Read more

Auth0: Restrict SPA Application Access to API Audience/Permissions/Scopes

Image
In Auth0  you can restrict the APIs/Permissions a Machine-to-Machine type Application has access to using the "APIs" section in the Application Configuration: However, SPA type Applications do not have an equivalent configuration option: There is no way to restrict the APIs a SPA type Application has access to directly . Instead, you must restrict the APIs/Permissions/Scopes a User has access to . (Most likely you'll want to do this using Roles.) You must also ensure the " Enable RBAC " setting is turned on for all of your APIs (this setting is off by default). If the "Enable RBAC" setting is NOT turned on, a SPA Application will be able to request a token for any API/Permission/Scope combination and Auth0 will return a valid token! And even with this setting turned on, a SPA Application will be able to request and receive a token for an API the user does NOT have access to!  The Audience value in the access token will be valid for the API, however the
Post a Comment
Read more

Find Azure Application Insights Resource by InstrumentationKey

I had a need to query some Application Insights logs, but all I had was the InstrumentationKey. I didn't want to open each of the Application Insights instances and check the key (there were a lot), but as long as you have the Azure "Az" Powershell Module installed, you can run this script to print out all App Insights instances and their associated Instrumentation Key: https://gist.github.com/aaronhoffman/cf5bd0c59216b3e6a57c0c6ea134cafb # for each subscription in context foreach ( $subId in ( Get-AzSubscription ).Id | Get-Unique ) { write-host " Subscription $subId " # set context to the given subId Set-AzContext - SubscriptionId $subId # List the name and InstrumentationKey of all Application Insights resources in this sub Get-AzResource - ResourceType Microsoft.Insights / components - ExpandProperties | select - ExpandProperty Properties | select Name , InstrumentationKey | ft } Hope this helps! Aaron
Post a Comment
Read more

Simple Rules Engine in C#

Image
There are some C# "Rules Engines" floating around however they rely on a no-longer-supported nuget package (dynamic linq)  https://github.com/microsoft/RulesEngine   I created this "SimpleRulesEngine" that does not rely on lambdas or expression trees. The expressions can be serialized to JSON.  https://github.com/aaronhoffman/SimpleRulesEngine   I hope to get a simple example web application added to this repo as well, but I'm not sure when I will have time. Please check out the unit tests for now to see how this can be used. Hope this helps, Aaron
Post a Comment
Read more