sam's blog

Imagine the scenario when we need to expose one health check endpoint for checking application liveliness and another endpoint for checking application readiness. Lets assume, liveliness endpoint is responsible to see if the application is healthy and ready to receive traffic. On the other hand, readiness endpoint is responsible to check if the application is responsive, if not - the application will be restarted by some way to fix that. We can use the Health Checks provided by  ASP.NET Core  to achieve this with filtering by tags. Lets assume that we have a "/ping" endpoint in our application that responses with "pong". We can add a health check to hit the ping endpoint to see if our application is responsive or not. I am also assuming that the application relies on ElasticSearch for processing API requests. So, I am adding another health check for ElasticSearch. Now we need to register those health checks: And here is the implementation of ...

I was using openId connect authentication with IdentityServer (v4) in a recent project and my client application was throwing following error: Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolInvalidNonceException: IDX10311: RequireNonce is 'true' (default) but validationContext.Nonce is null. A nonce cannot be validated. If you don't need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to 'false'. at Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolValidator.ValidateNonce(JwtSecurityToken jwt, OpenIdConnectProtocolValidationContext validationContext) in c:\workspace\WilsonForDotNet45Release\src\Microsoft.IdentityModel.Protocol.Extensions\OpenIdConnectProtocolValidator.cs:line 332 at Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolValidator.Validate(JwtSecurityToken jwt, OpenIdConnectProtocolValidationContext validationContext) in c:\workspace\WilsonForDotNet45Release\src\Microsoft.IdentityModel.Protocol.Extensions\OpenIdCo...

Step 1: Open up visual studio and add your .Net Core app. Here, I have created an MVC application on .NET Core 2.0. Also I have Docker for Windows (Community Edition) installed in my machine. Step 2: Add a file named "Dockerfile" or any custom name of your preference to the project directory. Below is sample content of the docker file to build docker image of a simple MVC app. More details about Docker commands:  https://docs.docker.com/engine/reference/builder/ . Step 3: Add docker support to the app from Project menu. It will add a new docker-compose project to the solution. Set the new project as startup project for debugging. Here is a snapshot of how it should look like: Step 4: Update the contents of docker-compose.yml and docker-compose.override.yml. Below are sample contents from the example app (dockerfile command can be skipped if default filename is used). More details about docker compos...

As a developer, we need to consider security when designing and building web applications. HTTP Response Headers allow server to pass additional information to instruct browsers how to handle sensitive data and content of the application and/or from external or untrusted sources. HTTP response security headers provide an extra layer of protection to help mitigating vulnerabilities and attacks. One way to add those security headers from .Net Core application is by writing a custom action filter that would be executed before serving any response from the application. Below is a example of the custom attribute: To apply this globally for all responses, we can add this to the Startup class as in below: To apply trusted source for any particular action: And here is the outcome: HAPPY CODING   👌