We have been migrating couple of projects to ASP.NET Core 2.0 recently. Amongst the major changes in ASP.NET Core 2.0, probably the biggest change has been done in the Authentication. I have written an article about cookie size in ASP.NET Core which explains the basic issue with too many claims in the identity. ASP.NET Core 2.0 OIDC addresses this by removing some of the token values from the identity on the background.
Sometimes, when browsing Microsoft’s sites, you can run into some weird errors – like Bad Request – Request too long or sometimes even Connection refused. These errors are mostly caused by cookies. In this article, I am going to show you the most common causes and also tips on how to avoid these issues on your sites.
Based on my previous post about B2B guest access to application, I made another sample called MyGroups. I think it demonstrates practical usage of both B2B guest access, Office 365 Groups and Microsoft Graph.
MyGroups can be used to display all Office 365 Groups to which the user has been added and additionally list direct links to the group’s SharePoint site, which is something we have been in need of internally within our company.
In the HomeController, you can find the call which is being made to Microsoft Graph’s groups endpoint to get the group’s site information – it is being made in parallel to make the request shorter for the user – generally, on average, it took about 1 second to get the site details of each group.
If you would like to use the code, just go ahead and grab the source from GitHub!
Since Microsoft’s Azure AD got the Business-to-Business (B2B) functionality, it has enabled a broad variety of new scenarios to be developed. It for example makes sharing various resources and information within applications much more easier. Today we are going to investigate the way to build an application which is not only a multi-tenant one, but also supports the user to be member of multiple directories.
When you attempt to deploy an ASP.NET Core project to App Service on Linux, you may run into an error during the build process – Object reference not set to an instance of an object. When you try to deploy the project to App Service on Windows, everything works, so where is the issue?
When I was writing a web application with ASP.NET Core with Azure AD and Microsoft Graph, I ran into a very interesting issue – the identity cookies would get really large (8 kB or more in chunked authentication cookies) and therefore all the requests to the site would contain this much data in headers. This was bearable because it just “worked” but then I tried accessing the site from Safari on a MacBook or an iPhone and the server would return errors when trying to rebuild the user’s identity.
Whenever you are collecting a date with Application Insights, it might be handy to have the ability to filter the telemetry based on currently signed in user. The documentation is quite confusing about it, so I decided to write an article and clear it up.
While working on a project, I stumbled upon an interesting issue – how to force the user to reauthenticate in an application – for example when accessing some sensitive information? While it may seem quite straightforward from the documentation of Azure AD, it is not that simple, and if you are using prompt=login to reauthenticate the user, I quite suggest you read on.
Recently I have been working on a project in ASP.NET Core and DotVVM accompanied by a WebJob using Azure WebJob SDK. The idea behind publishing was that whenever I push code to the repository (VSTS in my case), App Service would pull the code, build it and deploy it automatically (this is achieved by setting up Continuous Deployment). This method works just great for ASP.NET Core application, however when accompanied by a WebJob, things weren’t as smooth as I was expecting them to be.