Tag: General

While working on SpaceDotNet, a strong-typed client SDK to access the JetBrains Space HTTP API, I came across a scenario to deserialize JSON into polymorphic classes. In this post, I’ll explain how to write a custom JsonConverter for System.Text.Json to help with deserialization for such cases.

This week, I was presenting at IglooConf (Indexing and searching NuGet org with Azure Functions and Search). During one of the demos, I casually used a feature we shipped with the latest Azure Toolkit for JetBrains Rider: when the Azure Functions host is running on a development machine, Rider lets us trigger functions from the gutter by generating an HTTP request for it.

Right now, I’m having fun building a .NET Core client library for JetBrains Space. Part of that client library will be ASP.NET Core authentication, to help in making authentication with your Space organization easy. Think of something like this: This should look very familiar if you are building an ASP.NET Core application that uses something like Microsoft Account, Google, Azure Active Directory/B2C, or anything that uses the Microsoft.AspNetCore.Authentication.OAuth namespace. There are many of those extensions that help register an authentication handler for a specific service.

Many developers are building Single-Page Applications (SPAs) using popular frameworks like Angular, React or VueJS. They all come with an easy way to generate all required HTML, CSS, JavaScript and Webpack artifacts required to deploy to production, usually an NPM script like npm run build away. Having to build all those artifacts multiple times while developing on our local machine is not too pleasant, all of them come with a way to launch a development server that hot reloads artifacts when needed, usually another NPM script (such as npm run start) away.

I know, I know. That title is probably a bit too harsh and opinionated. But it got your attention, right? A friend of mine this week asked me whether they could use middleware in their HTTP-triggered Azure Functions, ideally even the same ones they use in ASP.NET Core applications. After all, the SDK comes with HTTP triggers that seem to use the same infrastructure, right? My immediate response was “whyyyyyy?!?”. And in this blog post, I’ll try to explain. via GIPHY

In 2013, I was asked to be part of a conference agenda committee. Since, I have been part of a couple more, for conferences in different parts of the world. Being “on the other side” of a Call for Papers has been very interesting, and taught me that this is a difficult job. There’s lots of reading, discussion, re-reading and more discussion involved. At some point there comes the rewarding bit of accepting sessions to the agenda, and the part I hate the most: having to reject sessions.

In an application I’m writing, I need to deserialize some JSON. I know the class to use is JsonConvert, but which NuGet package was that type in again? Granted, that’s an obvious one. Yet, there are many uses for a “NuGet reverse package search” that helps finding the correct NuGet package based on a public type.

Usually on my development machine, I run ASP.NET Core applications in Kestrel. It’s easy to do, the project templates .NET Core provide create a nice launchSettings.json to start it from the command line, etc. However, I was asked to help someone out with hosting ASP.NET Core in IIS Express. Great! The default launchSettings.json contain an entry for that as well, so I ran dotnet run --launch-profile "IIS Express".

We all know it’s important to prevent Cross-Site Request Forgery (CSRF) attacks against our application. Unfortunately, our inherited code base has zero measures implemented - not one action methods with a [ValidateAntiForgeryToken] attribute in sight!

As discussed in the previous post, we all know it is important to perform validations to prevent a Cross-Site Request Forgery (CSRF) attack against our application. Imagine inheriting a code base that has zero measures implemented? How would you find which action methods need a [ValidateAntiForgeryToken]? Today, we will look at using ReSharper to find all action methods that need [ValidateAntiForgeryToken] added. In this series: