This is an exciting course that will teach you how to secure sensitive data, such as passwords and connection strings in a ASP.NET Core 1.1 Web API.
These are skills that you must master as a serious developer.
*** NEW CONTENT: The same course for ASP.NET Core 1.1 in Visual Studio 2017 has been added ***
In this course you will:
In this lecture you will learn how to register for an Azure subscription.
In this lecture you will learn how to access the Azure portal.
In this lecture we will create a .NET Core 1.1 Web API solution in Visual Studio 2015.
In this lecture we will add sensitive data to the secret.json file using the User Secrets Manager. Data stored in this file will not be persisted to a source code repository, which will happen if you for instance store the sensitive data in the application.json or the web.config file.
In this lecture we will use Dependency Injection to make the secret values available in the controller's constructor and subsequently from the Get action. Note that we only return the secret values in the Get action to show that we can fetch them. In a real life scenario you wouldn't return them from the Web API, you would only use them internally.
In this lecture we will add sensitive data to the Web API App Settings in Azure. These values will then be merged with the setting from the application.json during run-time. We will see that these values will be used instead of the secret.json values, which only are available locally on the developer's computer.
In this lecture we will create a Key Vault in Azure and then add sensitive/secret values to it.
In this lecture we will fetch the endpoints needed to read the values stored in the Key Vault.
In this lecture you will learn how to set up an Active Directory App Registration, which is used to secure the Key Vault. A secret key will be created to use in conjunction with the Application Id when fetching values from the Key Vault.
In this lecture you will learn how to connect the Active Directory App Registration, from the previous video, with the Key Vault. This connection between the two will then add up to a secure vault where secret or sensitive information, such as passwords and connection strings, can be stored.
In this lecture we clean up the controller to make way for the Key Vault implementation. The secret keys and value endpoint will no longer be returned from the Get Action method, they will only be used in the constructor to fetch the values from the Key Vault.
In this lecture we look at how you can implement an extension method that use the secret information from the secrets.json or the project settings in Azure to create a connection to the Key Vault that then can be used to fetch the secret/sensitive data.
In this lecture we will fetch data from the Key Vault using the secret key, application id and the value endpoint. The values are returned in the Get action method and can be accessed through an HTTP request, which you will see in the next video.
In this lecture we make an HTTP call to the Web API in Azure using a Chrome tool called Postman.
Jonas started a company back in 1994 focusing on education in Microsoft Office and the Microsoft operating systems. While studying at the university in 1995, he wrote his first book about Widows 95 as well as a number of course materials.
In the year 2000, after working as a Microsoft Office developer consultant for a couple of years, he wrote his second book about Visual Basic 6.0.
Between 2000 and 2004 he worked as a Microsoft instructor with two of the largest educational companies in Sweden. First teaching Visual Basic 6.0, and when Visual Basic.NET and C# were released he started teaching these languages as well as the .NET Framework. Teaching classes on all levels for beginner to advanced developers.
From the year 2005, Jonas shifted his career towards consulting once again, working hands on with the languages and framework he taught.
Fore the past two years he has been teaching C#, SQL Server Programming, Entity Framework and MVC 5 to students at a vocational college.
Jonas wrote his third book C# programming aimed at beginners to intermediate developers in 2013 and in 2015 his fourth book C# for beginners - The Tactical Guide was published. Jonas has also produced a 24h+ video course called. In July 2016 his latest book ASP.NET MVC 5 - How to build a membership website will be released on Amazon which this video course is based on.