Marco De Sanctis — Deep down in Blazor authentication and authorization
Thanks to Blazor, every NET developer can now build Single Page Applications with a familiar syntax, sharing code with the server and leveraging C# instead of JavaScript However, the technical architecture is fundamentally different than the one of ASPNET MVC or Razor Pages, especially when it comes to supporting modern security protocols, such as OpenID Connect and OAuth
During this talk, we'll do a deep dive into the security model of Blazor, understanding the components involved and the differences between Blazor Server and Web Assembly
We'll start with a practical example on how to integrate our Blazor application with Identity Server 4 and use OAuth to securely call an external API After having established our baseline, we'll gradually start adding complexity: we'll first be introducing roles, and then we'll show how policies can allow us to achieve a bigger abstraction over the permissions and actions a user can perform in the application
As the last step, we'll see what changes are needed to make sure that our application behaves correctly in a PWA scenario when we need to support an offline mode
Видео Marco De Sanctis — Deep down in Blazor authentication and authorization канала DotNext
During this talk, we'll do a deep dive into the security model of Blazor, understanding the components involved and the differences between Blazor Server and Web Assembly
We'll start with a practical example on how to integrate our Blazor application with Identity Server 4 and use OAuth to securely call an external API After having established our baseline, we'll gradually start adding complexity: we'll first be introducing roles, and then we'll show how policies can allow us to achieve a bigger abstraction over the permissions and actions a user can perform in the application
As the last step, we'll see what changes are needed to make sure that our application behaves correctly in a PWA scenario when we need to support an offline mode
Видео Marco De Sanctis — Deep down in Blazor authentication and authorization канала DotNext
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Maarten Balliauw — Building and generating a .NET client for a large APIMads Torgersen — What’s new in C# 9.0 and beyondBartosz Adamczewski — Data-oriented design for business applicationsMartin Ullrich — Tips & tricks to improve your .NET build setup with MSBuildВладимир Хориков — Domain-driven design: Cамое важноеMiguel de Icaza — Interview and Q&A with Miguel de IcazaOAuth 2.0 and OpenID Connect (in plain English)Станислав Сидристый — Делаем zero-allocation код на примере оптимизации крупной библиотекиPhotoshop for Beginners | FREE COURSEForms, Validation & HTTP POST with Blazor WebAssembly | Blazor Blog Series #5Building Microsoft Teams Apps with Blazor.NET 5 Blazor WebAssembly Authentication Against an API- A TimCo Retail Manager VideoBlazor examples course | Example 3 | Product submissionBlazor Architecture PatternsАртём Акуляков — DDD, любовь, F#Blazor Server Vertical Slice ArchitectureCreating Blazor Components the right wayАндрей Дятлов — Source Generators в действииBasic Javascript Projects