Using Azure SSO Tokens for Multiple AAD Resources From Native Mobile Apps

9th of December, 2014 / / 3 Comments

This blog post is the third in a series that cover Azure Active Directory Single Sign-On (SSO) authentication in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory
  2. How to Best handle AAD access tokens in native mobile apps
  3. Using Azure SSO tokens for Multiple AAD Resources From Native Mobile Apps (this post)
  4. Sharing Azure SSO access tokens across multiple native mobile apps.

Introduction

In an enterprise context it is highly likely there are multiple web services that your native mobile app needs to consume.… [Keep reading] “Using Azure SSO Tokens for Multiple AAD Resources From Native Mobile Apps”

How to Best Handle Azure AD Access Tokens in Native Mobile Apps

2nd of December, 2014 / / 6 Comments

This blog post is the second in a series that cover Azure Active Directory Single Sign On (SSO) Authentication in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory
  2. How to Best handle AAD access tokens in native mobile apps (this post)
  3. Using Azure SSO access token for multiple AAD resources from native mobile apps
  4. Sharing Azure SSO access token across multiple native mobile apps.

In my previous post, I talked about authenticating mobile app users using Azure AD SSO.… [Keep reading] “How to Best Handle Azure AD Access Tokens in Native Mobile Apps”

Implementing Azure Active Directory SSO (Single Sign on) in Xamarin iOS apps

2nd of December, 2014 / / 2 Comments

This blog post is the first in a series that cover Azure Active Directory Single Sign On (SSO) Authentication in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory (this post)
  2. How to Best handle AAD access tokens in native mobile apps
  3. Using Azure SSO access token for multiple AAD resources from native mobile apps
  4. Sharing Azure SSO access token across multiple native mobile apps.

Brief Start

Two weeks ago the Azure AD (AAD) team released the Active Directory Authentication Library (ADAL) to enable developers to implement SSO functionality leveraging AAD.… [Keep reading] “Implementing Azure Active Directory SSO (Single Sign on) in Xamarin iOS apps”

Addressing Cross-Site Request Forgery in public/hybrid APIs

6th of November, 2014 / / No Comments

Cross-Site Request Forgery (CSRF or Session Riding) is the invocation of unauthorised commands that are triggered by a trusted user. A malicious website could make use of the fact that a user is logged in to a vulnerable website to then ride that session and forge requests. CSRF is a very common type of attack and ASP.NET has had the AntiForgery library for a long time. What’s interesting is when you have a hybrid/public API that your website is using and it is also used by other clients like Powershell, Mobile, etc.… [Keep reading] “Addressing Cross-Site Request Forgery in public/hybrid APIs”

ASP.NET Web API Integration Testing with One Line of Code

26th of October, 2014 / / 13 Comments

A very popular post about integration testing ASP.NET Web API was published quite some time ago. However, since then, OWIN has been released. OWIN makes integration testing ASP.NET Web API much simpler. This post describes what is required to set an OWIN-based integration testing framework up.

This, believe it or not, only requires a single line of code with OWIN self-hosting! It assumes that your web API project is powered by ASP.NET Web API 2.2 with OWIN.… [Keep reading] “ASP.NET Web API Integration Testing with One Line of Code”

Do It Yourself Fiddler Service

23rd of February, 2014 / / 2 Comments

I recently upgraded to Windows 8.1 which required a full install (upgraded from the 8.1 Preview which annoyingly didn’t support upgrades). A full install of my laptop is getting easier and easier as more of the things I use are delivered as services. The install list is getting smaller due to the combined effect of software as a service and a simpler working life.

I still had to install these:

  • Microsoft Office 2013
  • Microsoft Visio 2013
  • Microsoft Project (yes yes I know but there really is no good alternative yet)
  • LastPass
  • Visual Studio 2013
  • And…Fiddler!
[Keep reading] “Do It Yourself Fiddler Service”