book

Building Microservices with ASP.NET Core

Name: Building Microservices with ASP.NET Core
Author: Kevin Hoffman
ISBN: 9781491961735

by Kevin Hoffman

September 2017

Intermediate to advanced

229 pages

5h 43m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
What You’ll BuildWhy You’re Building ServicesWhat You’ll Need to Build ServicesOnline ResourcesConventions Used in This BookUsing Code ExamplesO’Reilly SafariHow to Contact UsAcknowledgments
1. ASP.NET Core Primer
Distilling the CoreCoreCLRCoreFX.NET Platform StandardASP.NET CoreInstalling .NET CoreBuilding a Console AppBuilding Your First ASP.NET Core AppAdding ASP.NET Packages to the ProjectAdding the Kestrel ServerAdding a Startup Class and MiddlewareRunning the AppSummary
2. Delivering Continuously
Introducing DockerInstalling DockerRunning Docker ImagesContinuous Integration with WerckerBuilding Services with WerckerInstalling the Wercker CLIAdding the wercker.yml Configuration FileRunning a Wercker BuildContinuous Integration with CircleCIDeploying to Docker HubSummary
3. Building a Microservice with ASP.NET Core
Microservices DefinedIntroducing the Team ServiceAPI First DevelopmentWhy API First?The Team Service APITest-First Controller DevelopmentInjecting a Mock RepositoryCompleting the Unit Test SuiteCreating a CI PipelineIntegration TestingRunning the Team Service Docker ImageSummary
4. Backing Services
Microservice EcosystemsBound ResourcesStrategies for Sharing Models Between ServicesBuilding the Location ServiceEnhancing the Team ServiceConfiguring Service URLs with Environment VariablesConsuming a RESTful ServiceRunning the ServicesSummary
5. Creating a Data Service
Choosing a Data StoreBuilding a Postgres RepositoryCreating a Database ContextImplementing the Location Record Repository InterfaceTesting with the Entity Framework Core In-Memory ProviderDatabases Are Backing ServicesConfiguring a Postgres Database ContextIntegration Testing Real RepositoriesExercising the Data ServiceSummary
6. Event Sourcing and CQRS
Introducing Event SourcingReality Is Event SourcedEvent Sourcing DefinedLearning to Love Eventual ConsistencyThe CQRS PatternEvent Sourcing and CQRS in Action—Team Proximity SampleThe Location Reporter ServiceThe Event ProcessorThe Reality ServiceThe Proximity MonitorRunning the SamplesStarting the ServicesSubmitting Sample DataSummary
7. Building an ASP.NET Core Web Application
ASP.NET Core BasicsAdding ASP.NET MVC MiddlewareAdding a ControllerAdding a ModelAdding a ViewInvoking REST APIs from JavaScriptBuilding Cloud-Native Web ApplicationsAPI FirstConfigurationLoggingSession StateData ProtectionBacking ServicesEnvironment ParityPort BindingTelemetryAuthentication and AuthorizationSummary
8. Service Discovery
Refresher on Cloud-Native FactorsExternal ConfigurationBacking ServicesIntroducing Netflix EurekaDiscovering and Advertising ASP.NET Core ServicesRegistering a ServiceDiscovering and Consuming ServicesDNS and Platform Supported DiscoverySummary
9. Configuring Microservice Ecosystems
Using Environment Variables with DockerUsing Spring Cloud Config ServerConfiguring Microservices with etcdCreating an etcd Configuration ProviderSummary

10. Securing Applications and Microservices
Security in the CloudIntranet ApplicationsCookie and Forms AuthenticationEncryption for Apps in the CloudBearer TokensSecuring ASP.NET Core Web AppsOpenID Connect PrimerSecuring an ASP.NET Core App with OIDCOIDC Middleware and Cloud NativeSecuring ASP.NET Core MicroservicesSecuring a Service with the Full OIDC Security FlowSecuring a Service with Client CredentialsSecuring a Service with Bearer TokensSummary
11. Building Real-Time Apps and Services
Real-Time Applications DefinedWebsockets in the CloudThe WebSocket ProtocolDeployment ModelsUsing a Cloud Messaging ProviderBuilding the Proximity MonitorCreating a Proximity Monitor ServiceCreating a Real-Time Proximity Monitor UISummary
12. Putting It All Together
Identifying and Fixing Anti-PatternsCleaning Up the Team Monitor SampleContinuing the Debate over Composite MicroservicesMitigating Risk with Circuit BreakersEliminating the Synchronous Composite PatternWhat Next?
Index

Content preview from Building Microservices with ASP.NET Core

Chapter 10. Securing Applications and Microservices

Developers’ perception of security concerns can range from true love to pure evil. In some organizations, security is a checklist that happens after an application has been developed, and in others it is such a burden that it often doesn’t get done properly or is simply skipped altogether.

When building applications for the cloud—applications built around the assumption that they might not run on infrastructure you own—security cannot be an afterthought or some mindless checkbox on a to-do list. Security must be a first-class citizen in all development efforts for user-facing applications and services alike.

In this chapter we’ll discuss security topics as they relate to cloud-native applications and develop samples that illustrate some ways we can secure our ASP.NET Core web applications and microservices.

Security in the Cloud

Securing applications that run at scale in the cloud is not as straightforward as it is when you deploy applications to a local data center where you have full control over the operating system and the installation environment.

In this section, we’ll cover some of the main issues that developers often run into when trying to adapt their existing ASP.NET skills or legacy codebases to running securely in the cloud. Some of these problems might be obvious (like the lack of Windows authentication), whereas others are more subtle.

Intranet Applications

Intranet applications are everywhere and are often ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781491961728Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design