Posts

AWS DynamoDB SDK support for .NET DateTimeOffset

The AWS DynamoDB SDK does not support the .NET DateTimeOffset datatype by default . You may have received an exception similar to: System.InvalidOperationException: Type System.Nullable System.DateTimeOffset is unsupported, it cannot be instantiated. at Amazon.DynamoDBv2.DataModel But you can add a custom IPropertyConverter so that you can persist DateTimeOffset. public class DateTimeOffsetPropertyConverter : IPropertyConverter {     public static readonly string DateTimeOffsetPersistenceFormatString = "yyyy-MM-ddTHH:mm:ss.ffffzzz";     public object FromEntry(DynamoDBEntry entry)     {         if (entry == null)         {             throw new ArgumentNullException(nameof(entry));         }         var primitive = entry as Primitive;         if (primitive == null)         {             throw new ArgumentException($"{nameof(entry)} [{entry?.GetType()?.Name}] is not an instance of {nameof(Primitive)}.");         }         var dateString = primitive.Value as string;

ASP.NET .NET 6 OIDC Retrieve JWT AccessToken after SaveTokens

I was not able to find the docs for retrieving the JWT AccessToken in ASP.NET .NET 6 after they are saved so I decided to document it here. You may be familiar with the HttpContext.GetTokenAsync() method . This appears to have worked in previous version of .NET, but I could not get it to work in .NET 6. First, make sure you are saving the access tokens in the  AddOpenIdConnect configuration. builder     .Services     .AddAuthentication(options =>     {         options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;         options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;     })     .AddCookie()     .AddOpenIdConnect(options =>     {         options.SaveTokens = true;     }); Then, instead of HttpContext.GetTokenAsync(), call HttpContext.AuthenticateAsync(), and get the token out of the AuthenticateResult. var accessToken = authenticateResult?.Properties?.GetString(".Token.access_token"); Hope this helps, Aaron

Auth0: Restrict SPA Application Access to API Audience/Permissions/Scopes

Image
In Auth0  you can restrict the APIs/Permissions a Machine-to-Machine type Application has access to using the "APIs" section in the Application Configuration: However, SPA type Applications do not have an equivalent configuration option: There is no way to restrict the APIs a SPA type Application has access to directly . Instead, you must restrict the APIs/Permissions/Scopes a User has access to . (Most likely you'll want to do this using Roles.) You must also ensure the " Enable RBAC " setting is turned on for all of your APIs (this setting is off by default). If the "Enable RBAC" setting is NOT turned on, a SPA Application will be able to request a token for any API/Permission/Scope combination and Auth0 will return a valid token! And even with this setting turned on, a SPA Application will be able to request and receive a token for an API the user does NOT have access to!  The Audience value in the access token will be valid for the API, however the

Find Azure Application Insights Resource by InstrumentationKey

I had a need to query some Application Insights logs, but all I had was the InstrumentationKey. I didn't want to open each of the Application Insights instances and check the key (there were a lot), but as long as you have the Azure "Az" Powershell Module installed, you can run this script to print out all App Insights instances and their associated Instrumentation Key: https://gist.github.com/aaronhoffman/cf5bd0c59216b3e6a57c0c6ea134cafb # for each subscription in context foreach ( $subId in ( Get-AzSubscription ).Id | Get-Unique ) { write-host " Subscription $subId " # set context to the given subId Set-AzContext - SubscriptionId $subId # List the name and InstrumentationKey of all Application Insights resources in this sub Get-AzResource - ResourceType Microsoft.Insights / components - ExpandProperties | select - ExpandProperty Properties | select Name , InstrumentationKey | ft } Hope this helps! Aaron

Simple Rules Engine in C#

Image
There are some C# "Rules Engines" floating around however they rely on a no-longer-supported nuget package (dynamic linq)  https://github.com/microsoft/RulesEngine   I created this "SimpleRulesEngine" that does not rely on lambdas or expression trees. The expressions can be serialized to JSON.  https://github.com/aaronhoffman/SimpleRulesEngine   I hope to get a simple example web application added to this repo as well, but I'm not sure when I will have time. Please check out the unit tests for now to see how this can be used. Hope this helps, Aaron