Padlock on a wooden door

Adding integration tests for permission-protected API endpoints in ASP.NET Core

This is the forth post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core (this post) In the previous post I demonstrated an approach to add authorization to our API endpoints....

May 12, 2021 · 9 min · Joao Grassi
Brick wall

Protecting your API endpoints with dynamic policies in ASP.NET Core

This is the third post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core (this post) Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core In this post, we’ll come full circle....

March 31, 2021 · 14 min · Joao Grassi
Blue jelly fishes in deep ocean

Deep dive into policy-based authorization in ASP.NET Core

This is the second post in the Authorization in ASP.NET Core series. Part 1: Using a middleware to build a permission-based identity in ASP.NET Core Part 2: Deep dive into policy-based authorization in ASP.NET Core (this post) Part 3: Protecting your API endpoints with dynamic policies in ASP.NET Core Part 4: Adding integration tests for permission-protected API endpoints in ASP.NET Core In the previous post, we set the foundation by creating a ClaimsIdentity containing all the logged-in user permissions with the help of a custom middleware....

March 15, 2021 · 14 min · Joao Grassi
No trespassing sign

Using a middleware to build a permission-based identity in ASP.NET Core

This post is the first in a series about Authorization in ASP.NET Core. I’ll guide you through a series of approaches you can use to implement authorization in your ASP.NET Core APIs, focusing on advanced/real-world scenarios. Here’s a sneak peek for what I plan to show you: Where to store and resolve authorization-like data How to protect your API endpoints using permission-based authorization using the built-in types in the framework Reduce duplication and make things smarter by implementing a custom Authentication Handler....

March 6, 2021 · 11 min · Joao Grassi
Octocat + GitHub Action + dotnet bot

ASP.NET Core integration tests with docker-compose on GitHub Actions

This is the forth (and last) post in the Integration tests in ASP.NET Core series. Part 1: Limitations of the EF Core in-memory database providers Part 2: Using docker-compose for your ASP.NET + EF Core integration tests Part 3: ASP.NET Core integration tests with docker-compose on Azure Pipelines Part 4: ASP.NET Core integration tests with docker-compose on GitHub Actions (this post) In the previous post of the series we saw how to create and run our tests in a CI fashion using Azure Pipelines....

December 12, 2020 · 5 min · Joao Grassi