- Wednesday
- 10:20 - "ASP.NET Web API 2: HTTP Services for the Modern Web and Mobile Applications", Dan Roth
- 11:40 - "Scripting your web API development using scriptcs", Glenn Block
- 13:40 - "The missing link – hypermedia in Web API.", Darrel Miller
- 15:00 - "API Client library V2", Darrel Miller
- 16:20 - "ASP.NET and OWIN - Better Together", Dan Roth
- Thursday
- 9:00 - "A deep dive into the ASP.NET Web API runtime architecture", Pedro Felix
- 10:20 - "Pragmatic ASP.NET Web API Solutions - beyond ValuesController", Christian Weyer
- 11:40 - "Securing ASP.NET Web API (v2)", Dominick Baier
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---- | |
| HTTP/1.1 401 Unauthorized | |
| ... | |
| WWW-Authenticate: Basic realm="Web API Book" | |
| ... | |
| ---- | |
| ---- | |
| GET /resource HTTP/1.1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class ParentChildController : ApiController | |
| { | |
| public string Get(int pid, int cid) | |
| { | |
| return string.Format("{0}:{1}",pid,cid); | |
| } | |
| } | |
| class ParentChildRoutingTranslator : DelegatingHandler | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var config = new HttpConfiguration(); | |
| var builder = new ContainerBuilder(); | |
| foreach (var type in config.Services | |
| .GetHttpControllerSelector() | |
| .GetControllerMapping().Select(p => p.Value.ControllerType)) | |
| { | |
| builder.RegisterType(type); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Net; | |
| using System.Net.Http; | |
| using System.Web.Http; | |
| using System.Web.Http.Routing; | |
| namespace Drum.Example.Controllers | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // based on http://www.asp.net/web-api/overview/formats-and-model-binding/parameter-binding-in-aspnet-web-api | |
| // and http://blogs.msdn.com/b/jmstall/archive/2012/04/20/how-to-bind-to-custom-objects-in-action-signatures-in-mvc-webapi.aspx | |
| public class Can_use_TypeConverter_to_handle_simple_values | |
| { | |
| [TypeConverter(typeof(LocationTypeConverter))] | |
| public class Location | |
| { | |
| public double Latitude { get; set; } | |
| public double Longitude { get; set; } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Net; | |
| using System.Net.Security; | |
| using System.Security.Cryptography.X509Certificates; | |
| using Xunit; | |
| namespace CertificateValidationAndConnections | |
| { | |
| public class CertificateValidationAndConnectionsFacts | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // definition | |
| public static class IdentityServerServiceFactoryExtensions | |
| { | |
| public static void Wrap<T>(this IdentityServerServiceFactory fact, | |
| Func<T, T> wrapper, | |
| Func<IdentityServerServiceFactory,Registration<T>> getter, | |
| Action<IdentityServerServiceFactory,Registration<T>> setter) | |
| where T: class | |
| { | |
| fact.Register(new HelperRegistration<T>(getter(fact), GetRegistrationNameFor(typeof(T)))); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "projects": [ | |
| "src" | |
| ,"C:/home/code/cli/asp.net.5/Hosting/src" | |
| ,"C:/home/code/cli/asp.net.5/KestrelHttpServer/src" | |
| ,"C:/home/code/cli/asp.net.5/HttpAbstractions/src" | |
| ,"C:/home/code/cli/asp.net.5/Mvc/src" | |
| ] | |
| } |
- Use an OAuth 2.0 Authorization Server (AS) to issue access tokens containing (or refering to) the required information, typically the user's identity (i.e. resource owner identity), the client app identity and the authorization scope.
- The Web API (i.e. the Resource Server) will only accept access tokens from the AS. Namely, the Web API will not have to deal with tokens from the external identity providers.
- The AS will delegate the user's authentication process to an external identity provider, therefore also acting as an Federation Gateway.
- If account linking is necessary (e.g. linking two different external accounts to one internal account), then this can be done at the AS level. Otherwise, the AS will only forward the external identity claims into the Web API.
- IdentityServer 3 can be used to implement both the AS and the Federation Gateway functionality. There is OWIN Middleware available to process access tokens issued by IdentityServer 3.
- If the Web API is OWIN based (or supports OWIN middlewa