Azure functons v4 with .Net 6/7 and Azure B2C - authentication

There are no samples on how to secure Azure Functions v4 with Azure B2C authentication.
There are some work arounds such as this for v3 and this one for v4 but it uses a really version of Microsoft.Identity.Web V1.5.1, saying that later ones are not supported. The latest version is 1.25.10.
Any docs online are complex and I could not get them working for the latest versions of everything. Is this something that Microsoft actuall supports of does anyone have a working example.

Related

Where can I find latest version of iManage API documentation?

I am looking for a complete online reference for iManage's latest API. On googling, can see references to iManage v2 documentation, but that seems to be bit old and where can I find latest API if at all there is one
The latest version which is constantly updated is available at https://help.imanage.com/hc/en-us/sections/360000214214-iManage-Work-REST-API-Documentation - you'll need a login to IManage's support site to access this though. If you don't have credentials you can raise a ticket with your support provider to get access.
If you have an on premises server that's licenced for the API, you'll find the documentation for that specific version at https://YOURSERVERNAME/api-docs/
iManage has 3 different versions of API's
COM API > This is a legacy classic api which is reaching EOL on Dec 2023. So it is not recommended any more.
REST API v1.0 > EOL already reached (Dec 2022)
If you're on-prem technically you can use REST API 1.0 till iManage Work 10.4.4 (but please validate) but you will not have any support from iManage in case of any issues
REST API 2.0 (also called iManage Universal API)
This is the latest version and going forward you need to use this version. And if I am not wrong this is supported from iManage Work 10.2.3.
You can find latest documentation at iManage Universal API 2.0
Or you can find your Work server specific documentation https://YOURSERVERNAME/api-docs/ (Provided you entered API license while installing iManage Work software)

Why do some API versions in azure devops not work with some organizations?

Is there an option to select API version in Azure Devops, for example - we have a chart for TFS vs the API Version here - https://learn.microsoft.com/en-us/rest/api/azure/devops/?view=azure-devops-rest-6.1 Is there a mapping or some settings in the azure organization where we can find this?
Sample Request -
https://dev.azure.com/{OrganizationName}/{ProjectName}/{TeamId}/_apis/work/teamsettings/iterations?&timeframe=true&api-version=6.0
Reponse would be in the form of - Reponse of this API
https://learn.microsoft.com/en-us/rest/api/azure/devops/work/iterations/list?view=azure-devops-rest-6.0
Azure DevOps Services support all previous API-versions out of the box, the self hosted version (Azure DevOps server) support all previous versions up to some point in time. For a complete list of what versions are supported where, please see the documentation on supported versions
When making a call to the REST API the caller can specify which REST API version the call targets in one of the following ways
Through a HTTP request header:
Accept: application/json;api-version=6.0
Through a Query parameter:
GET https://dev.azure.com/{organization}/_apis/{area}/{resource}?api-version=6.0

WSO2 API manager migration from 2.0 to 2.5

We are trying to migrate the API manager from 2.0 to 2.5.
followed the instructions from the WSO2 Documentation.
After the migration we are have strange issues
1. No download wsdl link for the API's shown in Store (Though publisher shows)
2. Static never expiry tokens are also not visible in store(Though publisher shows)
https://docs.wso2.com/display/AM260/Removing+Unused+Tokens+from+the+Database#RemovingUnusedTokensfromtheDatabase-ConfiguringAPIManagerfortokencleanup
This documentation fixed the issue.

ADFS 3.0 federated authentication in .NET Core 2

I am in need of a solution for using ADFS 3.0 identities in a ASP.NET Core 2 Web Api application. The Windows Enterprise Support team at my organization has informed me that they are only familiar with SAML or WS-Fed based relying parties within ADFS, and are not interested in allowing me to help them configure OAuth, which I could consume directly within the application. As far as I am aware, neither SAML nor WS-Fed are compatible with anything currently available targeting netcore or netstandard.
I've been looking at Identity Server 4, and it's so-called "Federation Gateway" functionality, but I can't find much in the way of documentation. Is this something that could be useful for my use case? I'm guessing that it's only set up to interface via OAuth or OpenID, but I could be wrong.
I've also looked at using Amazon Cognito as the middleman to issue JWTs based on the SAML response, but after I got a proof of concept working with this configuration, I realized the cost at $0.45/MAU is prohibitively high, as the application will have around 10-15k regular users.
If Identity Server isn't the solution, are there any other similar "Federation Gateway" type solutions available as preferably open source/free software? Even if the solution wasn't .NET-based, I'd be interested in looking at it. I'm toying with the idea of building something like this in Java or Ruby as a last resort.
As of version 2.0, IDS4 can be a WS-Fed relying party. This would allow it to act as a middleman between ADFS and OIDC/OAuth RPs.
This vid from the IDS4 guys covers the available options: https://vimeo.com/254635632
It's also worth noting that you can run ADFS 2016 servers in a 2008R2 or higher domain and that natively supports OpenID Connect but given what you've said about your internal "support" team, deploying IDS4 may be a better option, although probably more work.
Just for completeness, the issue with WS-Fed was cyptographic support in .NET Core. This is now resolved so WS-Fed is supported.
SAML support is available via Sustainsys or Rock Solid Knowledge.
You can implement SAML 2.0 federation with AD FS 3.0 in ASP.NET Core 2.1 using the ITfoxtec Identity Saml2 package. NuGet package: https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/
Project https://itfoxtec.com/IdentitySaml2 and code samples https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/tree/master/test

DocumentDb Identity Provider for ASP.NET Core

I am trying to provide authorization to the user, using DocumentDb at the backend - But I am unable to find any resources regarding the same. The documentation provided is for SQL based ones (https://docs.asp.net/en/latest/security/authentication/identity.html).
Any help?
To provide you with a starting point, there are several important issues to bear in mind when looking at using Identity with ASP.Net Core:
Framework Compatibility
You mention that you will be using ASP.Net Core, and this can be used with either .Net Core, or the 'full' .Net Framework (e.g. .Net Framework 4.5.1), which can be specified in your project.json under the frameworks property.
The Microsoft DocumentDB native .Net client does not support .Net Core; so, you must configure ASP.Net Core to target the 'full' .Net Framework. If you are unsure how to do this, you can create a new project in Visual Studio 2015, and select the 'ASP.Net Core (.Net Framework)' Project Template; the project.json will have its framework property correctly configured for you.
'Identity' Version
There are several versions of ASP.Net Identity; be aware when selecting a provider, that most currently reference ASP.Net Identity 2.2.1; however, the latest version is 3, released alongside ASP.Net Core, supported by the NuGet package Microsoft.AspNetCore.Identity 1.0.0, which has some differences and additional features. (Note that you can use this latter package with the full .Net Framework.)
No Official Implementation
Microsoft has decided not to create an official DocumentDB implementation for ASP.Net Identity, citing that 'there are two community projects available' (reference here)
Third-Party Support
Of the available third-party implementations, this one by Adrian Fernandez is the most widely used that provides support for ASP.Net Identity 3 using the Microsoft native DocumentDB client. Samples are included in the GitHub repository. (Please see update below.)
Example Usage
An example of using this DocumentDB provider with ASP.Net, including additional features, can be found here.
An additional example of using ASP.Net Core with the Microsoft DocumentDB provider can be found here.
I have written my own Identity 3 provider for DocumentDB; if I release this on GitHub I will update this answer with a link.
UPDATE 19/04/2017
For those looking for a solution, I now recommend the AspNetCore.Identity.DocumentDb project by Bernhard Koenig. It is feature-complete, includes Unit Tests, and a sample ASP.Net Core project. Also available via Nuget. It supports netstandard1.6 an net46 profiles.
my understanding is the Microsoft made it possible to use Mongo drivers with DocumentDb so maybe you could use this Mongo implementation for asp.net core identity
or google further for existing work that others may have done in this direction.
To implement it yourself you would need to implement at minimum IUserStore and IRoleStore you can also refer to the EF implementations UserStore and RoleStore for inspiration and guidance on implementing those.
The best solution would be using a DocumentDB provider for the .NET Core Identity framework. But there were none so far which is why I created AspNetCore.Identity.DocumentDB and decided to publish it on GitHub under the MIT license.
It is a port of an existing mongodb provider for .NET Core Identity and stores Claims, Tokens & Logins as nested objects. Although one could use DocumentDB with a mongodb interface it's recommended to use the native SDK if possible.
The library is already quite stable and available as a NuGet package.
Notice:
The DocumentDB SDK for C# itself does not support .NET Core as a target platform in the stable release. Fortunately Microsoft is already working on adding .NET Core support and published a preview of the DocumentDB SDK with :NET Standard support at the Connect(); 2016 event.
AspNetCore.Identity.DocumentDB supports both SDKs.
.NET Standard is a specification of APIs that should be available on all .NET runtimes and is currently supported by .NET Core and .NET Framework.