What I am trying to do
I am trying to implement Google OpenID Connect as a means to login to an ASP.NET Core 3.1 website using Google's instructions:
https://developers.google.com/identity/protocols/oauth2/openid-connect#server-flow
Under step 2 of the server flow (Send an authentication request to Google) they recommend retrieving information from their OpenID Discovery Document:
You should retrieve the base URI from the Discovery document using the authorization_endpoint metadata value.
I am currently trying to dynamically deserialize the JSON to a Dictionary<string, string> by using Newtonsoft.Json. But it is giving me some issues (can't seem to deserialize a JSON string array) and I am considering changing my strategy to creating a model for the Discovery Document and using System.Text.Json to deserialize.
Now my question is
How sensitive is Google's Discovery Document to changes that would lead to me having to update my DiscoveryDocument.cs model?
Dilemma
With the Newtonsoft.Json way everything will still work, even if Google decides to remove a random key.
But using the System.Text.Json is the easy way out for me now and removes a dependency on the Newtonsoft library, though I may run into trouble later if Google's Discovery Document changes.
I think you will have a much easier time to use the Microsoft.IdentityModel.Protocols and
Microsoft.IdentityModel.Protocols.OpenIdConnect NuGet packages and use the included parser to do it all for you. The items in the document is pretty standardized but not every provider provides all the items.
public class OpenIDSettings : IOpenIDSettings
{
public string Issuer { get; }
public string jwks_uri { get; }
public string authorization_endpoint { get; }
public string token_endpoint { get; }
public string userinfo_endpoint { get; }
public string end_session_endpoint { get; }
public string check_session_iframe { get; }
public string revocation_endpoint { get; }
public string introspection_endpoint { get; }
public string device_authorization_endpoint { get; }
public ICollection<string> scopes_supported { get; }
public ICollection<string> claims_supported { get; }
public OpenIDSettings(string endpoint)
{
var configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(
$"{endpoint}/.well-known/openid-configuration",
new OpenIdConnectConfigurationRetriever());
//If you get an exception here, then provider is not running or reachable
var document = configurationManager.GetConfigurationAsync().Result;
//Add the necessary code to populate the properties in this class
Issuer = document.Issuer;
jwks_uri = document.JwksUri;
authorization_endpoint = document.AuthorizationEndpoint;
token_endpoint = document.TokenEndpoint;
userinfo_endpoint = document.UserInfoEndpoint;
end_session_endpoint = document.EndSessionEndpoint;
check_session_iframe = document.CheckSessionIframe;
scopes_supported = document.ScopesSupported;
claims_supported = document.ClaimsSupported;
if (document.AdditionalData.ContainsKey("revocation_endpoint"))
revocation_endpoint = (string)(document.AdditionalData["revocation_endpoint"]);
if (document.AdditionalData.ContainsKey("introspection_endpoint"))
introspection_endpoint = (string)(document.AdditionalData["introspection_endpoint"]);
if (document.AdditionalData.ContainsKey("device_authorization_endpoint"))
device_authorization_endpoint = (string)(document.AdditionalData["device_authorization_endpoint"]);
}
}
Related
I get following error from an Azure Function App when using cosmos DB. I have got the same with HttpClient but seemed to solve that by doing HttpClient static. Can you solve the same problem just by making the CosmosDB client static? Something like:
public class DocRepoCoach
{
public string ConnStr { get; set; }
public Container XX1Container { get; set; }
public Container XX2Container { get; set; }
**public static CosmosClient Client { get; set; }**
public DocRepoCoach(string connectionString)
{
ConnStr = connectionString;
var options = new CosmosClientOptions() { AllowBulkExecution = true, MaxRetryAttemptsOnRateLimitedRequests = 1000 };
Client = new CosmosClient(ConnStr, options);
XX1Container = Client.GetContainer("XXXAPI", "XX");
XX2Container = Client.GetContainer("XXXAPI", "XX");
}
}
Yes, please make it static.
The recommended practice with Azure functions is to use a Singleton client for the lifetime of your application. The CosmosClient can manage connections when you use a static client.
Below are the recommendations
Do not create a new client with every function invocation.
Do create a single, static client that every function invocation can use.
Consider creating a single, static client in a shared helper class if different functions use the same service.
These are also documented here on Azure docs
I'm new to Xamarin forms and am up to the point where I now want to be persisting data entered by the user to an Sqlite db. Thankfully, there all plenty of examples to get you started, but thats as far as the help goes... I'm trying to implement a relationship between two entities 'Session' and 'HandHistory'.
A Session can have multiple HandHistories - immediately I saw that some sort of foreign key would be needed here to link these tables/entities together. I read in multiple articles and stack overflow questions that the standard 'sqlite-net-pcl' (by Frank A.Krueger) package offers nothing in terms of foreign keys, and that in order to acquire the functionality I needed to use the SQLiteNetExtensions library. I referred to this article for help:
https://bitbucket.org/twincoders/sqlite-net-extensions/overview
My entities look like this:
Session:
using SQLite;
using SQLiteNetExtensions.Attributes;
namespace PokerSession.Models
{
[Table("Session")]
[AddINotifyPropertyChangedInterface]
public class Session
{
public Session(bool newSession)
{
if (newSession)
{
CurrentlyActive = true;
//HandHistories = new ObservableCollection<HandHistory>();
}
}
[PrimaryKey, AutoIncrement]
public int Id { get; set; }
public SessionType SessionType { get; set; } = SessionType.Tournament;
public string Location { get; set; }
public DateTime Date { get; set; } = DateTime.Now;
public string GeneralNotes { get; set; }
public int MoneyIn { get; set; }
public int MoneyOut { get; set; }
public int ProfitLoss
{
get
{
var p = MoneyOut - MoneyIn;
if (p < 0)
return 0;
return p;
}
}
/// <summary>
/// If the session has not been completed, set this to true
/// </summary>
public bool CurrentlyActive { get; set; }
[OneToMany(CascadeOperations = CascadeOperation.All)]
public ObservableCollection<HandHistory> HandHistories { get; set; }
}
}
HandHistory:
using SQLite;
using SQLiteNetExtensions.Attributes;
namespace PokerSession.HandHistories
{
[Table("HandHistory")]
[AddINotifyPropertyChangedInterface]
public class HandHistory
{
public HandHistory()
{
}
[PrimaryKey, AutoIncrement]
public int Id { get; set; }
[ForeignKey(typeof(Session))]
public int SessionId { get; set; }
[ManyToOne]
public Session Session { get; set; }
}
}
I also followed this article for the platform specific implementations for obtaining the SQLiteConnection for the local db:
https://developer.xamarin.com/guides/xamarin-forms/application-fundamentals/databases/
The error I'm getting:
'SQLiteConnection' does not contain a definition for 'UpdateWithChildren' and the best extension method overload 'WriteOperations.UpdateWithChildren(SQLiteConnection, object)' requires a receiver of type 'SQLiteConnection' PokerSession.Android, PokerSession.iOS C:\Poker Notes Live\PokerSession\PokerSession\PokerSession\Services\DataService.cs 46 Active
private SQLiteConnection _database;
public DataService()
{
_database = DependencyService.Get<ISqLite>().GetConnection();
_database.GetTableInfo("HandHistory");
_database.CreateTable<Session>();
_database.CreateTable<HandHistory>();
var session = new Session(false)
{
Location = "Test Location",
Date = new DateTime(2017, 08, 26),
MoneyIn = 35,
MoneyOut = 0,
SessionType = SessionType.Tournament,
GeneralNotes = "blah blah"
};
var hh = new HandHistory();
_database.Insert(session);
_database.Insert(hh);
session.HandHistories = new ObservableCollection<HandHistory> {hh};
_database.UpdateWithChildren(session);
}
So basically it's not allowing me to use the SQLite Extension methods with my SQLiteConnection object (_database) which is confusing as this is the whole point behind the Extension methods? Surely they're made to work with the SQLiteConnection object?? I've also noticed through my playing around that there seems to be two different types of SQLiteConnection... The one I'm currently using is in the 'SQLite' namespace, and another one in the SQLite.Net namespace. I have checked the one in the SQLite.Net namespace and it does seem to like the Extension methods but it requires me to change my platform specific implementation for obtaining the SQLiteConnection, but it would fail at runtime (complaining about my Session entity not having a PK??).
Quite a long winded question I know but it's better to provide more information than not enough, and I'm sure there must be others experiencing similar problems so please comment and offer any help possible, thank you.
I'm using OData v5/Web API 2.2 to create an endpoint that will return a list of employees from each company.
My problem occurs when I try to implement server-side paging while also using the OData $expand property. When I try to make a call to
http://localhost:60067/Companies?$expand=Employees
I get an error that says "Could not find a property named 'Employees' on type 'System.Web.OData.Query.Expressions.SelectAllAndExpand_1OfCompanyApiModel'"
However, when I removed the EnableQuery attribute the call to the endpoint or when I didn't expand it works as expected. Does anyone have an idea of what I am doing wrong? I've been googling this for a while but haven't found anything.
Here are some code snippets -
Data Models:
public class CompanyApiModel
{
[Key]
public Guid CompanyGuid { get; set; }
[Required]
public string Name { get; set; }
// other properties
public List<EmployeeApiModel> Employees { get; set; }
}
public class EmployeeApiModel
{
[Key]
public Guid EmployeeGuid { get; set; }
[Required]
public string Name { get; set; }
// other properties
}
CompaniesController.cs:
[EnableQuery(PageSize = 10)] // If I comment this out everything works
//[EnableQuery] // This fails as well
public IHttpActionResult Get(ODataQueryOptions<CompanyApiModel> queryOptions)
{
var companies = GetCompanies(queryOptions);
return Ok(companies);
// return Ok(companies.AsQueryable()); // This doesn't work either
}
WebApiConfig.cs:
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;
var routingConventions = ODataRoutingConventions.CreateDefault();
routingConventions.Insert(0, new OptionsRoutingConvention());
config.MapODataServiceRoute("odata", null, GetEdmModel(), new DefaultODataPathHandler(), routingConventions);
// below code allows endpoints to respond with either XML or JSON, depending on accept header preferences sent from client
// (default in absence of accept header is JSON)
var odataFormatters = ODataMediaTypeFormatters.Create();
config.Formatters.InsertRange(0, odataFormatters);
config.EnsureInitialized();
}
public static IEdmModel GetEdmModel()
{
ODataConventionModelBuilder builder = new ODataConventionModelBuilder();
builder.Namespace = "Demos";
builder.ContainerName = "DefaultContainer";
builder.EntitySet<CompanyApiModel>("Companies");
builder.EntitySet<EmployeeApiModel>("Employees");
var edmModel = builder.GetEdmModel();
return edmModel;
}
}
Figured out the problem. We were overriding the EnableQuery attribute somewhere in our code and calling it EnableMappedQuery and applying it to the controller. Thus instead of having [EnableQuery(PageSize = 10)] I should have had [EnableMappedQuery(PageSize = 10)].
EnableQuery Attribute do many works,
1. it will validate the queryoption for you.
2. it will apply the queryoption for you.
3. it can add some querysettings like PageSize.
Your scenario not working is because your GetCompanies is already applied the queryoption, so when EnableQuery get the result and apply the queryoption again, it fails, it can't find the expand property, my suggestion is just return original Company and let EnableQuery do the reset of work for you, ODataQueryOption in parameter is also not needed.
If you realy do some custom work in GetCompanies and don't need EnableQuery to apply for you, you can add PageSize in ODataQuerySettings when you call method ODataQueryOptions.ApplyTo(IQueryable, ODataQuerySettings).
Considering the document { "userName": "user1" } stored in the User collection, and the following User class:
public class User
{
public string Id { get; set; }
public string UserName { get; set; }
}
With the following JSON.net settings:
JsonConvert.DefaultSettings = () =>
{
return new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver(),
};
};
When I query with Linq as such:
var t = _client.CreateDocumentQuery<User>(_collection.SelfLink)
.Where(u => u.UserName == "user1").AsDocumentQuery().ExecuteNextAsync();
t.Wait();
var users = t.Result;
var user = users.FirstOrDefault();
user is null. Changing the Document to have a pascal casing or the POCO to use a camel casing solves the issue. Of course I do not want any of those as I want my JSON objects and C# objects to be "standarized".
How can I tell the DocumentDB SDK to map my object's property names using camel casing, similar as JSON.net?
The DocumentDB LINQ provider does not pick up the JsonConvert.DefaultSettings. In general you can use the DefaultSettings to control camelCase, but for those properties you wish to use in a LINQ Where clause must have the name explicitly set using JsonProperty attribute on your DTO.
public class User
{
public string Id { get; set; }
[JsonProperty("userName")]
public string UserName { get; set; }
}
Although a bit tedious and a good source for bugs, it seems to be your only option for now.
In a similar case with Cosmos DB, I was able to set all properties to Camel case for my objects at the class declaration level, as in:
[JsonObject(NamingStrategyType = typeof(CamelCaseNamingStrategy))]
public class User
{
public string Id { get; set; }
public string UserName { get; set; }
}
This is how you tell NewtonSoft.Json to use Camel case for serializing.
In newer SDK's you can control the linq serialization in the following way:
container.GetItemLinqQueryable<T>(
linqSerializerOptions: new CosmosLinqSerializerOptions
{
PropertyNamingPolicy = CosmosPropertyNamingPolicy.CamelCase
});
Where container is an Microsoft.Azure.Cosmos.Container.
I am really struggling deserializing a PHP json encoded string in ASP.NET.
I am using nusoap and CakePHP 1.3 on the PHP side and mvc.net 4.0 on the web service side and everything was working well. However, I couldn’t figure out how to pass a complex array as one parameter of the webservice, so I had the idea of serializing it as json and passing a simple string. So far so good...
But I cannot for the life of me de-serialize the json_encoded string in ASP.NET [well, I’ve been trying for the last two hours at least ;)]
Here is what I have so far:
The PHP sends an array of products (product id as a GUID - sent as a string then converted on the web service side) and the number of products:
$args['products'] = json_encode($booking['Booking']['prs_products']);
This is received ok by the webservice as the following json string (products):
[{"BookingProducts":{"id":"2884f556-67ed-4eb8-98ca-a99dc27a2665","quantity":2}},{"BookingProducts":{"id":"f57854ba-0a9b-400b-bea0-bafdcb179b01","quantity":2}},{"BookingProducts":{"id":"7ff81128-c33c-4e6c-a33c-3ca40ccfb5d0","quantity":2}}]
I then try and populate a BookingProducts List<>. The BookingProducts class is as follows:
public class BookingProducts
{
public String id { get; set; }
public int quantity { get; set; }
public BookingProducts()
{
}
public BookingProducts(string id, int quantity)
{
this.id = id;
this.quantity = quantity;
}
}
I have tried both the [System.Web.Script.Serialization][2] and Newtonsoft.Json libraries as follows, but without success:
List<BookingProducts> productsList = new List<BookingProducts>();
try
{
productsList = JsonConvert.DeserializeObject<List<BookingProducts>>((products));
}
catch (Newtonsoft.Json.JsonSerializationException)
{
productsList = new JavaScriptSerializer().Deserialize<List<BookingProducts>>(products);
}
In both cases I get a list of empty products (or a serialization exception).
Hopefully someone has done this before, or can spot an obvious mistake!
What you really have here is a list of objects containing BookingProducts object. In order to deserialize it, you need to have something like this for your entity:
public class BookingProductsWrapper
{
public class BookingProductsInner
{
public string id { get; set; }
public int quantity { get; set; }
}
public BookingProductsInner BookingProducts { get; set; }
}
Now you can deserialize it using JavaScriptSerializer (for example):
System.Web.Script.Serialization.JavaScriptSerializer jsSerializer = new System.Web.Script.Serialization.JavaScriptSerializer();
List<BookingProductsWrapper> productsList = jsSerializer.Deserialize<List<BookingProductsWrapper>>(products);
That will do the trick.