Skip to content

damienbod/AspNetCoreExperiments

BranchesTags

Repository files navigation

ASP.NET Core

.NET

Blazor .NET 9 BFF WASM & server(BlazorHosted.Server to start)

Using the Backend for frontend pattern to secure application using Microsoft Entra ID

Improving application security in Blazor using HTTP headers

ASP.NET Core 9 Razor (AspNetCoreRazor)

Razor page application secured using Microsoft Entra ID

Improving application security in an ASP.NET Core Razor Page using HTTP headers

ASP.NET Core 9 Razor multiple tenants (AspNetCoreRazorMultiClients)

Sign-in using multiple clients or tenants in ASP.NET Core and Microsoft Entra ID

Blazor .NET 9 BFF WASM & server(BlazorHosted.Server to start) & API secured with JWT

Implement a secure API and a Blazor app in the same ASP.NET Core project with Microsoft Entra ID authentication

History

  • 2024-11-15 .NET 9
  • 2024-10-19 Updated packages, improved security headers
  • 2024-10-03 Updated packages, security headers
  • 2024-01-14 Updated .NET 8, Blazor uses CSP nonce
  • 2023-11-03 Updated packages, fixed security headers, removed XSS block
  • 2023-06-24 Updated packages, fixed CSP
  • 2023-03-11 Updated .NET 7, updates security headers, Update Microsoft.Identity.web
  • 2022-06-12 Updated nullables, implicit usings, bootstrap 5, packages
  • 2022-06-10 Updated nuget packages and BFF project
  • 2022-02-11 Updated nuget packages and namespaces
  • 2022-01-16 Updated nuget packages, code clean up
  • 2022-01-05 Updated nuget packages
  • 2021-11-21 Updated packages, improved Blazor CSP, removed inline style
  • 2021-11-08 Updated .NET 6 release
  • 2021-10-29 Updated packages
  • 2021-10-02 Updated packages
  • 2021-09-17 Updated .NET 6 packages added mixed auth Blazor & API example
  • 2021-09-15 Updated .NET 6
  • 2021-08-13 Added security headers
  • 2021-08-09 Updated nuget packages

Links

https://github.com/AzureAD/microsoft-identity-web/wiki/multiple-authentication-schemes

https://github.com/AzureAD/microsoft-identity-web/wiki/customization#openidconnectoptions

https://github.com/AzureAD/microsoft-identity-web

https://docs.microsoft.com/en-us/aspnet/core/security/authentication

Security header links

https://securityheaders.com/

https://csp-evaluator.withgoogle.com/

https://www.snigel.com/blog/a-simple-guide-to-coop-coep-corp-and-cors/

https://www.youtube.com/watch?v=J6BZ9IQELNA

https://github.com/andrewlock/NetEscapades.AspNetCore.SecurityHeaders

dotnet/aspnetcore#34428

https://w3c.github.io/webappsec-trusted-types/dist/spec/

https://web.dev/trusted-types/

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

https://docs.google.com/document/d/1zDlfvfTJ_9e8Jdc8ehuV4zMEu9ySMCiTGMS9y0GU92k/edit

https://scotthelme.co.uk/coop-and-coep/

https://github.com/OWASP/ASVS

About

ASP.NET Core Blazor BFF with Microsoft Entra ID and Razor page

damienbod.com/2021/06/28/sign-in-using-multiple-clients-or-tenants-in-asp-net-core-and-azure-ad/

Topics

csp aspnetcore openid-connect razor oidc bff authn samesite samesite-cookies aad azuread blazor antiforgery

Resources

Readme

License

MIT license
Activity

Stars

50 stars

Watchers

8 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages