feliperomero3 / contosoconference Goto Github PK

View Code? Open in Web Editor NEW

0.0 1.0 0.0 57 KB

ASP.NET Core 3.1 Web API to manage the *ficticious* world-famous Contoso Conference

License: MIT License

C# 100.00%

aspnet-core-webapi microsoft-identity-platform

contosoconference's Introduction

Contoso Conference

ASP.NET Core 3.1 Web API to manage the fictitious world-famous Contoso Conference.

Overview

Contoso Conference is held every other year and it presents speakers from all around the world to talk about the latest technologies.

Prerequisites

An Azure account with an active subscription
An Azure AD tenant
An Azure AD Application to represent the Web API you want to protect
An Azure AD Application to represent the client (e. g. Postman) you want to allow access to the protected Web API
Visual Studio 2019

Getting started

Clone this project.

Replace AzureAd configuration section in appsettings.json file with the values generated for your Azure AD registered Application that represents the Web API you want to protect.

"AzureAd": {
  "Instance": "https://login.microsoftonline.com/",
  "Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
  "ClientId": "[Enter the Client Id (obtained from the Azure portal), e.g. ba74781c2-53c2-442a-97c2-3d60re42f403]",
  "TenantId": "[Enter the Tenant Id (obtained from the Azure portal), e.g. da41245a5-11b3-996c-00a8-4d99re19f292]",
  "Audience": "Enter the Application ID URI (obtained from the Azure portal), e.g. api://ba74781c2-53c2-442a-97c2-3d60re42f403"
}
...

Build the solution file.
Press F5 to start the debug session.

Notes

This is my attempt at building a Web API on ASP.NET Core protected with Azure Active Directory using Microsoft Identity Platform. The domain model is based on a Demo Conference API hosted in Azure used by Microsoft in an API Management tutorial.

License

MIT License

contosoconference's People

Contributors

Watchers

contosoconference's Issues

Enable Microsoft Identity Web logging level

Microsoft Identity Web integrates with the logging available in ASP .NET Core. Starting in Microsoft Identity Web v1.4.1, the MSAL .NET logs are also enabled to assist with troubleshooting and understanding any issues that may occur during token acquisition.

To enable the MSAL .NET logs, just explicitly enable the Microsoft Identity Web logs, for example, in appsettings.json

"Logging": {
        "LogLevel": {
            "Default": "Information",
            "Microsoft": "Warning",
            "Microsoft.Identity.Web":  "Information"
        }
...

Adding this line "Microsoft.Identity.Web": "Information" will enable the MSAL .NET logs at the "information" level.

Source: https://github.com/AzureAD/microsoft-identity-web/wiki/Logging

Implement data access with EF Core

Extend OpenAPI Generator to add common responses for all operations

Common responses

404 Not Found
400 Bad Request
503 Service Unavailable

Example https://stackoverflow.com/a/58973635/5394326

Extend OpenAPI Generator to add 403 Forbidden response for all operations

Similar to #4

Extend OpenAPI Generator to add 401 Unauthorized response for all operations

For example, the following filter lists an additional "401" response for all actions that are decorated with the AuthorizeAttribute: https://github.com/domaindrivendev/Swashbuckle.AspNetCore#operation-filters