User Profile
chilberto
Iron Contributor
Joined 8 years ago
User Widgets
Recent Discussions
Re: Authentication API on Azure AD
Hello - yes, I think this might be exactly what you are looking for: https://learn.microsoft.com/en-us/azure/active-directory-b2c/authorization-code-flow It takes some getting use (re., a bit of a learning curve), but I highly recommend spending the time exploring the REST APIs using https://developer.microsoft.com/en-us/graph/graph-explorerRe: API Tokens expiration
Best practice would be not to have long living tokens. Renewing tokens should be built into your API either proactively by refreshing before the token expires or as a reaction to an unauthorized response. Many frameworks have this capability built in or has guidance on implementing these patterns.Re: How do i test an application which uses OWIN login
Hello Gareth, I primarily work in c# and have not touched VB since the early 2000s. I see a good resource of examples at https://www.example-code.com/vbnet/oauth2.asp One thing that is interesting, is the examples use json files for the configuration. This makes me think in your situation the configuration might be coming from a file or database of some kind. Another good example: https://www.gemboxsoftware.com/email/examples/authenticate-using-oauth-c-sharp-vb/109 Unfortunately my only suggestion is keep searching. Keywords like Http, HttpWebRequest. And you might get lucky depending on who wrote the code with words like oauth and redirect.Re: How do i test an application which uses OWIN login
Yes, you do. The redirect information is in the URL that your application sends to AAD. In my words, your local application on your pc constructs a URL for AAD. That contains who the application is including what location (url) AAD should send the browser back to once AAD is done authenticating the user. This means your application needs to add the redirect url in the message. Your VB is already doing this and most likely it is in a configuration file. Have a search for the url in your code base. You might get lucky, find the value and simply be able to replace it with your local. Just don't forget to reverse the change before submitting your changes 🙂Re: How do i test an application which uses OWIN login
Hello Gareth, You will need to specify the re-direct to your local endpoint. In case you are not aware, the redirect happens at the client (browser) so a local reference (for example, https://localhost:7071/mywebsite) is ok. You will also need to add teh redirect url in your application registration in AAD.Re: Azure WAF - Resources for understanding policies
I have been sent this: https://github.com/libinjection/libinjection/blob/49904c42a6e68dc8f16c022c693e897e4010a06c/src/libinjection_xss.c This is the start of answering my question, but I am hoping to find a better resource for understanding what is triggering the rules.Azure WAF - Resources for understanding policies
I am looking for some guidance around setting up the WAF including suitable exclusions. The issue I am running into is the documentation does not identify why something was triggered. For example, I know the http header Referrer contains something that is triggering XSS. I believe it is because in the url there are the two characters "on" in the endpoint "https://mysite.com/onecode?para1=test¶2=fred", but I am just making an educated guess. I would then think I would create an exclusion to say do not trigger if the url contains "onecode". That is not really good enough though as what if the url contains onecode and another occurrence of "on" that should trigger XSS (for example in one of the parameters). I would think everyone would have this issue so I am surprised I did not find anything in docs or Architecture Centre.Azure AD B2C - Claims in Sign up and sign in are not showing
I am missing something simple I am sure... I have a user flow created for Sign up and sign in as follow: I am interested in returning the following claims: When using the run user flow with the reply URL to view the JWT: I am receiving a response without the claims I specified: So, is there a setting I am overlooking to ask Azure B2C to add the claims I specified or to disable the default behavior or ? Any pointers appreciated as I just cannot spot what I am doing wrong.Cognitive Services /vision/v3.1/read/analyze vs vision/v3.1/ocr
I am building a new Blazor application that will capture an image of a clothing label in order to extract information. I am looking at using Cognitive Services to extract the writing from the image. From the documentation I would think OCR would be the right service but I am getting better results using the vision read/analyze service. Can someone explain the pros/cons of these two services (or a better option is there is one) and/or point me towards some documentation or blogs that might help?Re: Use cosmosdb for small businesses
Hello khoinguyenict, really hard to say without more information. Whether or not to use CosmosDB depends on many factors. Let's look at its strengths: Massively scalable Really good at storing related data without requiring a strict definition Very, very fast Take a look at https://docs.microsoft.com/en-us/azure/cosmos-db/use-cases So yes, CosmosDB could be used but so could other repository technologies so I would think about how your application will be used. The biggest factor to me is the existing skillset of the team(s) that will be building the software. Budget is also another consideration; there might be less expensive alternatives. What High Availability requirements are there? Where is the customer base (global)? Does all the data need to be available to all locations? So, the question is not really a yes or no question.Re: ASP.NET azure Identity Services
Hello Christian Taveras, Unfortunately you will not be able to connect the dots without getting the dev team involved. There several common ways to secure ASP.Net, and there is always the possibility that the dev team created their own bespoke approach. I would ask them some basic questions to get started: What identity protocols are supported if any? You stated that they are not compatible with Azure Identity Services so does this mean that they do not support OAuth 2.0 or OpenID Connect? Do they have any security? If they do, is it only local user accounts stored in the database? Of course there is always a way but it will make more sense for them to upgrade their system as opposed to hacky and fragile workarounds. My suggestion is to get them to look at Azure B2C.Re: application insights: what is the difference between pageViews and requests?
Hello acehobbs, pageViews and requests are similar Request - Send information about a request handled by the application. PageViews - Send information about the page viewed in the application. In practice though the challenge is identifying what is sending the information and what settings have been applied. Assuming this is a asp.net web app, have a look at the application insights configuration file. Take a look to see if any sampling has been applied. A common way to do this is to add a TelemetryProcessor like the following: <Add Type="Microsoft.ApplicationInsights.WindowsServer.TelemetryChannel.AdaptiveSamplingTelemetryProcessor, Microsoft.AI.ServerTelemetryChannel"> <MaxTelemetryItemsPerSecond>5</MaxTelemetryItemsPerSecond> <ExcludedTypes>Event;Exception</ExcludedTypes> </Add>Re: How to bring master branch to previous state in azure devops git
Hello Descrierx, I know how working with DevOps and Git can be overwhelming to start. The most important thing is to get your code base back to how it should be. Secondary to that is having a history that reflects this. Based on your description, I did the similar activity: Added an incorrect commit reverted the wrong commit merged this back So, in my example, I want to get back to the commit 454456cb. There are multiple ways. The recommended way would be to revert the incorrect commits so you are back to 454456cb. This will mean you have the history including the whoops!. Another approach is to reset back to the last good commit. Let's show both using git bash. First I cloned the repo done to a new folder: If I use git log then I can see that I have all the commits: The command to https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-revert.html multiple commits is: git revert --no-edit -n c7c695fb..c0ea7366 The other approach (and only use if you really want to remove the history) uses a hard reset to the last good changeset: Going back to my history, you can see everything is now back to how it was: Hope this helps; if so, please mark as answer. Cheers, JeffRe: Azure AD B2C - Claims in Sign up and sign in are not showing
After trial and error, I believe the behavior is different than I was expecting. I had two boolean values defined in user attributes. These values were not added to the user attributes of the user flow but added to the application claims. My assumption was the values would be set to false in this case but they are not. In short, it is as simple as if a claim does not have a value then it will not be returned. So a boolean claim will then have three possible values: true, false, missing. I tested this with Postcode and it has the same behaviorRe: Which Azure technology for batch routine?
Hello jsefton - I would have approached your requirements in a similar way by seeing if I could achieve it with logic apps. You can, but I agree there is a learning curve. You might find that DataFactory is a better fit: https://docs.microsoft.com/en-us/azure/data-factory/control-flow-web-activity https://docs.microsoft.com/en-us/azure/data-factory/connector-azure-table-storage Of course, as an appdev; I would drop down to Azure Functions as a final resort. There might be some factors making the extract and load more difficult using Logic Apps. The benefit of persevering with Logic Apps is once you have it you can extend it easily. You might find that a combination of Azure Functions and Logic Apps might give you the flexibility you need while giving you the development.
Recent Blog Articles
GitHub Actions - Azure Function Apps zip deployment - ERROR: 'str' object has no attribute 'value'
A recent change has caused a lot of frustration with Azure Function App zip deployment: az functionapp deployment source config-zip. This article provides a temporary workaround until a fix is availa...
