Kevin Rich

Restricting Access to Routes without [Authorize] Filter

Locking down Swagger, Elmah, and other "magic" endpoints

Create a Delegating Handler

In this example, I want to lock down the \swagger endpoint from an ASP.NET 4.6.1 MVC web application.

 public class SwaggerAccessMessageHandler : DelegatingHandler
 {
 protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) . . .

Read More

December 05, 2016

AutoMapper / ReSharper Configuration

Fixing the cause of a ridiculous slowdown

The Challenge

While working on a project, I noticed that Visual Studio ground to a halt while I was working on a rather in-depth AutoMapper profile. Something clicked in the back of my head, remembering a similar issue I experience about a year ago. Both times I had experienced this issue, the slowdown happened while editing an . . .

Read More

November 20, 2016

Dealing with XML

A quick guide to the XmlSerializer

I don't work with XML Serialization much, but every now and again I find myself working on something that requires a little XML love. I recently answered a StackOverflow question regarding the subject.

What's covered

  • Understanding the parts of an XML document
  • Setting up a POCO class to mirror an XML document . . .

Read More

November 06, 2016

Configuring Swashbuckle for API key Authentication

A followup to adding Authentication Filters

Scenario

Recently, I wrote about adding custom authentication filters to a .NET MVC project. As a user of Swashbuckle, I needed to factor the filter into my swagger specs.To do this,we need to configure the Swagger configuration to include the api-key requirement information and configure the SwaggerUI configuration to inject some . . .

Read More

July 19, 2016

Adding User Claims via API keys in WebApi 2

Adding a Custom Authentication Filter

Update

Please for the love of all that is holy, don't do this. There are many great solutions out there now. I recommend Azure AD (cheap), Auth0(freeish), or Identity Server(open sou). This was a pretty terrible implementation that was meant as a stopgap.

Scenario

I have an API that I wish to lock down via an . . .

Read More

July 19, 2016

WebApi JSON Serialization

Circular References FTL

The Challenge

I was building a standard ASP.NET EntityFramework / WebApi / Swagger project. Attempting something a bit new, I decided my controller would return a CreatedAtRoute HttpActionResult. The code goes something a little like this:

[HttpPut]
public IHttpActionResult AddMyObject([FromBody] MyObject newObject)
{ . . .

Read More

July 13, 2016

Reading Embedded Files

Unit Testing a Stream (Part 1)

Scenario

There are several cases in which reading text from a file is more is more convenient than writing a string in the middle of my code. I've done this occasionally for SQL statements, text templates, and unit testing sample XML or JSON. For my money, it keeps the code looking cleaner and easier to read, as well as having . . .

Read More

June 01, 2016

Archive

Cover image credit: http://whoiskevinrich.com