ASP.NET Core and Docker Environment Variables

18 April 2017 Docker

Docker Logo

When working with ASP.NET Core and Docker, it can be easy to get confused when trying to figure out who is setting what configuration variable and how. Especially if you are using one of the Visual Studio templates with Docker support.

In this article, we’re going to take a look at how configuration settings are applied in both ASP.NET Core, and Docker, and how they interoperate...

Read more

ASP.NET Identity 2 Configurable Password Hasher

06 March 2017 ASP.NET Identity

Default Password Hasher

The default password hasher that comes out of the box with ASP.NET Identity 2 ticks all the right boxes:

  • It actually uses a hashing algorithm (for some reason this is still something we need to congratulate in 2017)
  • It generates a per user salt
  • It iteratively hashes a password (not just once like in vanilla ASP.NET Membership)
  • It uses a derived key

The above can pretty much be summed up with "it uses PBKDF2", but that that didn’t read as nice.

Great, so that’s pretty good for an out of the box password hasher from 2014. But for some reason the password hasher contains the following line of code:

Read more

Yet Another MakeCert Tutorial

05 March 2017 Windows

I can’t remember how many times I’ve had to generate a new self-signed certificate for token signing when developing IdentityServer solutions, always going back to the same Google Doc, that I wrote years ago, containing a makecert script I pieced together from a collection of other articles. So, even though there is a silly number of these articles already, I’ve decided to put it online where I don’t need Google Docs access to view it!

This approach is a lot more UI driven for passwords and export processes, but I’ve had consistent results doing this over trying to include passwords and export filenames within the commands.

Read more

Software Design and Development Conference 2017

01 February 2017 General

SDDConf 2017

This year I’ll be speaking at the first conference I ever attended: London’s Software Design & Development Conference (SDDConf). This is a big first for me, as whilst I’m comfortable talking to user groups or companies in house, this will be the first paid-for conference I talk at.

I attended this conference back in 2015 and it opened a lot of doors for me, both in terms of...

Read more

Consuming External OAuth Services using IdentityModel

15 November 2016 OAuth

IdentityModel

Recently as part of my audition process to become a Pluralsight author I created a 10 minute video on 'Consuming External OAuth Services using IdentityModel'. I’m pretty pleased with how it turned out, and luckily so were Pluralsight, so I thought I would share it for all to see.

In the video, I talk about why OAuth exists, what a basic OAuth request looks like and how we can use the IdentityModel library to help us simplify the process in .NET.

Read more