Skip to content

damienbod/AspNetCoreExperiments

BranchesTags

Repository files navigation

ASP.NET Core

.NET

Blazor .NET 9 BFF WASM & server(BlazorHosted.Server to start)

Using the Backend for frontend pattern to secure application using Microsoft Entra ID

Improving application security in Blazor using HTTP headers

ASP.NET Core 9 Razor (AspNetCoreRazor)

Razor page application secured using Microsoft Entra ID

Improving application security in an ASP.NET Core Razor Page using HTTP headers

ASP.NET Core 9 Razor multiple tenants (AspNetCoreRazorMultiClients)

Sign-in using multiple clients or tenants in ASP.NET Core and Microsoft Entra ID

Blazor .NET 9 BFF WASM & server(BlazorHosted.Server to start) & API secured with JWT

Implement a secure API and a Blazor app in the same ASP.NET Core project with Microsoft Entra ID authentication

History

  • 2025-05-07 Updated packages,
  • 2024-11-15 .NET 9
  • 2024-10-19 Updated packages, improved security headers
  • 2024-10-03 Updated packages, security headers
  • 2024-01-14 Updated .NET 8, Blazor uses CSP nonce
  • 2023-11-03 Updated packages, fixed security headers, removed XSS block
  • 2023-06-24 Updated packages, fixed CSP
  • 2023-03-11 Updated .NET 7, updates security headers, Update Microsoft.Identity.web
  • 2022-06-12 Updated nullables, implicit usings, bootstrap 5, packages
  • 2022-06-10 Updated nuget packages and BFF project
  • 2022-02-11 Updated nuget packages and namespaces
  • 2022-01-16 Updated nuget packages, code clean up
  • 2022-01-05 Updated nuget packages
  • 2021-11-21 Updated packages, improved Blazor CSP, removed inline style
  • 2021-11-08 Updated .NET 6 release
  • 2021-10-29 Updated packages
  • 2021-10-02 Updated packages
  • 2021-09-17 Updated .NET 6 packages added mixed auth Blazor & API example
  • 2021-09-15 Updated .NET 6
  • 2021-08-13 Added security headers
  • 2021-08-09 Updated nuget packages

Links

https://github.com/AzureAD/microsoft-identity-web/wiki/multiple-authentication-schemes

https://github.com/AzureAD/microsoft-identity-web/wiki/customization#openidconnectoptions

https://github.com/AzureAD/microsoft-identity-web

https://docs.microsoft.com/en-us/aspnet/core/security/authentication

Security header links

https://securityheaders.com/

https://csp-evaluator.withgoogle.com/

https://www.snigel.com/blog/a-simple-guide-to-coop-coep-corp-and-cors/

https://www.youtube.com/watch?v=J6BZ9IQELNA

https://github.com/andrewlock/NetEscapades.AspNetCore.SecurityHeaders

dotnet/aspnetcore#34428

https://w3c.github.io/webappsec-trusted-types/dist/spec/

https://web.dev/trusted-types/

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

https://docs.google.com/document/d/1zDlfvfTJ_9e8Jdc8ehuV4zMEu9ySMCiTGMS9y0GU92k/edit

https://scotthelme.co.uk/coop-and-coep/

https://github.com/OWASP/ASVS

About

ASP.NET Core Blazor BFF with Microsoft Entra ID and Razor page

damienbod.com/2021/06/28/sign-in-using-multiple-clients-or-tenants-in-asp-net-core-and-azure-ad/

Topics

csp aspnetcore openid-connect razor oidc bff authn samesite samesite-cookies aad azuread blazor antiforgery

Resources

Readme

License

MIT license
Activity

Stars

51 stars

Watchers

7 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy