C# Reflection: Application Name & Version
My friend Christian Caspers showed me this trick and I thought it was a great idea. I've always saved these values in a configuration file but this little snippet is great for pulling that information from the assembly file.
View Gist on GitHub
Repository Pattern (C#)
There are some really good articles out there about the repository pattern but I haven't seen one that strongly demonstrates different data providers, sample code, or some of the tricks I've learned. I primarily build internal business applications so I've used this pattern at almost every .NET job I've ever had. It's very common and I've learned...
Hardening ASP.NET Response Headers (Code)
A reliable way to harden your ASP.NET web application is to remove and skew the response headers via code. This will throw off automated scans that are performing banner grabbing in an attempt to identify vulnerabilities. There are ways to do this in IIS, however, performing this in code means it's applied everywhere that the...
Identity Server 4 ClientCredentials with POSTMAN
This tutorial will demonstrate how to set up security within microservices using Identity Server 4 with OpenID. This will use a Client and Secret for microservice to microservice (machine-to-machine) communication that way a compromised microservice can't interact with resources it's not authorized to. I will also demonstrate how to use POSTMAN to get tokens,...
Force TLS in .NET
Versions before ASP.NET 4.7 default to making outbound connections using TLS 1.0. This is a real problem for security for many reasons. It's now been deprecated with many CVEs. Some of these vulnerabilities make TLS 1.0 vulnerable to man-in-the-middle attacks. A lot of APIs will not accept incoming requests from TLS 1.0 because of this.
TLS 1.0...
Docker: Jenkins Build Server on Windows Server Core
Big fan of Jenkins! I've really enjoyed the flexibility that this CI server provides. While it's easy to run a Linux container with Jenkins and do .NET Core builds it's not possible to build traditional ASP.NET projects... unless you install Mono.. but I could never get that to work. After contemplating my...
TypeScript Experimental Decorator Error in Visual Studio/Code
I ran into this issue in Visual Studio 2019 while working on a .NET Core/Angular 8 project. It seems like every new component I created displayed an error or a warning for experimental decorators. After doing a bunch of research this issue seems more prominent in Visual Studio Code so I thought I...
Kubernetes ConfigMaps with .NET Core
This tutorial will cover how to mount a Kubernetes ConfigMap into a pod and how to read that configuration in .NET. I will also demonstrate the different ways a .NET application can read configuration from an appsettings.json file. One demonstration will reload configuration on change and how to listen for those changes. That does not...
.NET Health Checks: Azure Key Vault
There isn't much documentation on how to use the Azure Key Vault Health Checks so I thought I would demonstrate and teach what I've learned using C#. I typically use Azure App Configuration and reference Key Vault entries with microservices. It's not very intuitive but the way this works is your Key Vault Health...