Skip to content

Instantly share code, notes, and snippets.

View ahelland's full-sized avatar

Andreas Helland ahelland

43 followers · 0 following
View GitHub Profile
@ahelland
ahelland / TokenController.cs
Created December 11, 2018 07:32
Returning claims from a token after authorization
[HttpGet]
[Authorize(Policy = "Certificate")]
[Route("Validate")]
public ActionResult<IEnumerable<string>> Validate()
{
var token = "{";
foreach (var claim in User.Claims)
{
//Datetimes are already escaped
if (claim.Type.ToString().Contains("time"))
@ahelland
ahelland / Startup.cs
Last active December 11, 2018 07:30
Startup file for bootstrapping client certificates / signed JWTs from ADFS (or Azure AD)
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.MetadataAddress = "https://adfs.contoso.com/adfs/.well-known/openid-configuration";
options.Validate();
options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
@ahelland
ahelland / token.json
Created December 11, 2018 07:26
Output of a combo token from ADFS + ADFS WAP
[{
"typ": "JWT",
"alg": "RS256",
"x5t": "..."
},{
"aud": "urn:AppProxy:com",
"iss": "http://adfs.contoso.com/adfs/services/trust",
"iat": 1543769125,
"exp": 1543772725,
"relyingpartytrustid": "...",
@ahelland
ahelland / TokenController.cs
Created December 11, 2018 07:17
Parsing a JWT and returning contents as JSON
[HttpGet]
[Route("Parse")]
public ActionResult<IEnumerable<string>> Parse()
{
var token = string.Empty;
//The token can be passed either via query string or headers
if (HttpContext.Request.QueryString.Value.Contains("token"))
{
token = HttpContext.Request.Query["token"].ToString();
@ahelland
ahelland / Program.cs
Last active December 11, 2018 07:15
Acquiring token using client certificate
using System;
using System.Security.Cryptography.X509Certificates;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
namespace SignedJwt
{
class Program
{
static void Main(string[] args)
{
@ahelland
ahelland / Index.cshtml
Created September 11, 2018 10:40
Implementing Multiple Identities in your .NET Core Web App – Part 2 - Index.cshtml
<div class="container">
<div class="row">
<hr />
<div class="col">
<a class="btn btn-default" href="https://login.microsoftonline.com/yourtenant.onmicrosoft.com/oauth2/v2.0/authorize?
p=B2C_1A_Signup_Signin_Dev&client_id=guid&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.ms&scope=openid
&response_type=id_token&prompt=login&domain_hint=commonaad">Partner Login</a>
</div>
<div class="col">
<hr/>
@ahelland
ahelland / PartnerCheck.csx
Created September 11, 2018 10:37
Implementing Multiple Identities in your .NET Core Web App – Part 2 - Azure Function for checking Partner role
#r "Newtonsoft.Json"
using System;
using System.Net;
using System.Net.Http.Formatting;
using Newtonsoft.Json;
public static async Task<object> Run(HttpRequestMessage request, TraceWriter log)
{
log.Info($"Webhook was triggered!");
@ahelland
ahelland / api-playground-storage.yaml
Created April 18, 2018 08:12
Kubernetes YAML storage append for api-playground referred to in "Building Microservices with AKS and VSTS — Part 4"
spec:
containers:
- name: myfrontend
image: nginx
volumeMounts:
- mountPath: "/mnt/azure"
name: volume
volumes:
- name: volume
persistentVolumeClaim:
@ahelland
ahelland / azure-file-pvc.yaml
Created April 18, 2018 08:10
Kubernetes YAML definition for azure-file-pvc referred to in "Building Microservices with AKS and VSTS — Part 4"
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: azurefile
spec:
accessModes:
- ReadWriteOnce
storageClassName: azurefile
resources:
requests:
@ahelland
ahelland / azure-file-sc.yaml
Created April 18, 2018 08:09
Kubernetes YAML definition for azure-file-sc referred to in "Building Microservices with AKS and VSTS — Part 4"
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: azurefile
provisioner: kubernetes.io/azure-file
parameters:
storageAccount: k8sazurefiles