Skip to content
This repository was archived by the owner on May 17, 2024. It is now read-only.

Update 3.1 to follow BASHER and Zero Trust guidelines #182

Merged
merged 26 commits into from
Aug 25, 2022
Merged

Update 3.1 to follow BASHER and Zero Trust guidelines #182

merged 26 commits into from
Aug 25, 2022

Conversation

@derisen
Copy link
Contributor

@derisen derisen commented Jul 6, 2022

Purpose

  • ...

Does this introduce a breaking change?

[ ] Yes
[ ] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

  • Get the code
git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install
  • Test the code

What to Check

Verify that the following are valid

  • ...

Other Information

@derisen derisen changed the title Update 2.1 to follow BASHER and Zero Trust guidelines Update 3.1 to follow BASHER and Zero Trust guidelines Jul 6, 2022
@derisen derisen marked this pull request as draft July 6, 2022 17:08
@derisen derisen marked this pull request as ready for review July 12, 2022 17:37
@kalyankrishna1
Copy link
Contributor

kalyankrishna1 commented Jul 12, 2022
edited
Loading

Angular single-page application using MSAL Angular to sign-in users with Azure Active Directory and call a .NET Core web API

nit:An Angular SPA using MSAL Angular to sign-in users with Azure Active Directory and call a protected .NET Core web API

In reply to: 1182140157

In reply to: 1182140157

Refers to: 3-Authorization-II/1-call-api/README.md:1 in 4a60819. [](commit_id = 4a60819, deletion_comment = False)

kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
@kalyankrishna1
Copy link
Contributor

kalyankrishna1 commented Jul 12, 2022
edited
Loading

this is an outdated link

In reply to: 1182164196

In reply to: 1182164196

Refers to: 3-Authorization-II/1-call-api/README.md:40 in 4a60819. [](commit_id = 4a60819, deletion_comment = False)

kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
3-Authorization-II/1-call-api/README.md
| `API/appsettings.json` | Authentication parameters for API project reside here. |
| `API/Startup.cs` | Microsoft.Identity.Web is initialized here. |
| `API/TodoListAPI/appsettings.json` | Authentication parameters for API project reside here. |
| `API/TodoListAPI/Startup.cs` | Microsoft.Identity.Web is initialized here. |
Copy link
Contributor

@kalyankrishna1 kalyankrishna1 Jul 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Microsoft.Identity.Web is initialized here.

Microsoft.Identity.Web is initialized to protect the web API here. #Closed

kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
3-Authorization-II/1-call-api/README.md
| File/folder | Description |
|-------------------------------------|------------------------------------------------------------|
| `SPA/src/app/auth-config.ts` | Authentication parameters for SPA project reside here. |
| `SPA/src/app/app.module.ts` | MSAL Angular is initialized here. |
Copy link
Contributor

@kalyankrishna1 kalyankrishna1 Jul 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MSAL Angular is initialized here

MSAL Angular to sign-in user is initialized here #Closed

kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
3-Authorization-II/1-call-api/README.md
## About the code

### Access token validation
### CORS settings
Copy link
Contributor

@kalyankrishna1 kalyankrishna1 Jul 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CORS settings

very good section, please add to Code gen too #Closed

kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
@kalyankrishna1
Copy link
Contributor

kalyankrishna1 commented Jul 12, 2022
edited
Loading

  • A user account in your Azure AD tenant. This sample will not work with a personal Microsoft account. Therefore, if you signed in to the Azure portal with a personal account and have never created a user account in your directory before, you need to do that now.

add tow lines,

  1. get latest NPM
  2. get latest .NET core

In reply to: 1182223110

In reply to: 1182223110

Refers to: 3-Authorization-II/1-call-api/README.md:41 in 4a60819. [](commit_id = 4a60819, deletion_comment = False)

kalyankrishna1
kalyankrishna1 reviewed Jul 12, 2022
View reviewed changes
3-Authorization-II/1-call-api/README.md
In your controller, add [Authorize] decorator, which will make sure all incoming requests have an authentication bearer:
For validation and debugging purposes, developers can decode **JWT**s (*JSON Web Tokens*) using [jwt.ms](https://jwt.ms).

### Verifying permissions
Copy link
Contributor

@kalyankrishna1 kalyankrishna1 Jul 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

brilliant, put this section in Codegen too ! #Closed

salman90
salman90 reviewed Jul 12, 2022
View reviewed changes
Copy link
Contributor

@salman90 salman90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@v-michaelmi
Copy link
Contributor

Aside from a couple of nits LGTM 👍

kalyankrishna1
kalyankrishna1 approved these changes Aug 10, 2022
View reviewed changes
Copy link
Contributor

@kalyankrishna1 kalyankrishna1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@derisen derisen merged commit 3122a9f into main Aug 25, 2022
@derisen derisen deleted the basher-3-1 branch August 25, 2022 00:44
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@aremo-ms aremo-ms Awaiting requested review from aremo-ms

@v-michaelmi v-michaelmi Awaiting requested review from v-michaelmi

@tonyYuhaoYangMcrS tonyYuhaoYangMcrS Awaiting requested review from tonyYuhaoYangMcrS

2 more reviewers

@salman90 salman90 salman90 left review comments

@kalyankrishna1 kalyankrishna1 kalyankrishna1 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@derisen @kalyankrishna1 @v-michaelmi @salman90