Debug and View Expressions in VS 2013

1 ביולי 2014

Expressions are important constructs and working with them provides lots of capabilities. Unfortunately they are difficult to view and debug vith Visual studio. Li Chen found a way to use the good old Expression tree visualizer to solve this. Expression tree visualizer, as the name indicates, is a Visual Studio visualizer for visualizing expression trees. It is a must if you work with expressions frequently. Expression Tree Visualizer is a Visual Studio 2008 sample. There is a Visual Studio 2010 port available on codeplex. If you want to use it with a later version of Visual Studio, there is...
no comments

Spatial support in Web API and ODATA

3 ביוני 2014

The spatial support in ASP.NET WEB API is currently very limited. When creating a WEB API project a reference to System.Spatial is created automatically. When creating an OData 4.0 (WEB API 2.2) a reference to Microsoft.Spatial is created. Both System.Spatial and Microsoft.Spatial are actually the same. It is the spatial library that was developed for WCF Data Services and can be installed by importing the NuGet package Microsoft.Spatial. Microsoft.Spatial contains wide collection of spatial types and formatters for GeoJson and GML. Unfortunately this is where the WEB API and ODATA support for spatial functionality ends. The OData standard defines...
no comments

How to parse a SAML token

21 במרץ 2014

A customer asked me how to manually parse a saml token. Well I found this blog post with a detailed answer. To get the SAML token request from a request and decode it I do the following:// spec says "SAMLResponse=" string rawSamlData = Request; // the sample data sent us may be already encoded, // which results in double encoding if (rawSamlData.Contains('%')) { rawSamlData = HttpUtility.UrlDecode(rawSamlData); } // read the base64 encoded bytes byte samlData = Convert.FromBase64String(rawSamlData); // read back into a UTF string string samlAssertion = Encoding.UTF8.GetString(samlData);   Enjoy.
no comments

SignalR Message Format

12 במרץ 2014

I looked around for documentation about the message format of Asp.Net SignalR but I could not find any so I had to explore myself and produce the following summary about Asp.Net message format. Messages are serialized as JSON objects and contain metadata about the handlers and the connection as well as payload (i.e. the data to transfer) The following information is included in the messages: - Hubs (H): Handlers (i.e methods) on the server as well as on the clients are grouped in "Hubs".- Method (M): The name of the Handler that will process the message.- Groups: Clients can...
no comments

WAAD, OAuth and Javascript

4 במרץ 2014

As you probably know Microsoft released AAL (Windows Azure AD Authentication Library for .NET) which is a great API for interacting with WAAD and implement the OAuth code flow. This API is extremely easy to use yet it works only for single threaded (STA) clients. It means that you can use it in a console application or windows store app but not in a browser. The scenario in which a client wants to call a web api in a SPA (Single Page Application) looks very interesting so I searched for an JavaScript SDK for WAAD but I could not...
no comments

How To Parse a JWT token

2 במרץ 2014

I had to create a test that retrieves a JWT token from WAAD so I created a little class that parses and displays the token content. Here is the code:class TokenHelper { public static Encoding TextEncoding = Encoding.UTF8; private static char Base64PadCharacter = '='; private static char Base64Character62 = '+'; private static char Base64Character63 = '/'; private static char Base64UrlCharacter62 = '-'; private static char Base64UrlCharacter63 = '_'; public static void DisplayAccessToken(string accessToken) { ...
no comments

Is OAuth 2.0 Secure ?

4 בפברואר 2014

When ever I introduce OAuth to my clients they ask. “Is it secure? We heard that …” There is doubt that there is a lot controversy about OAuth yet there is also no doubt that OAuth 2.0 is the leading authorization standard / framework in the web today. Eran Hammer one of OAuth original creators published lots of criticism on the final OAuth 2.0 specification in which he claims that OAuth 2.0 is not a specification but a framework. In his view the spec is not specific enough and leave to much room for variations in the implementations. He...
no comments

Seven-Steps for Designing a web API

2 בינואר 2014

This is the procedure described by Leonard Richardson in his book : RESTful Web APIs . The procedure consist of seven steps. Doing some preparatory workup front will help you choose a representation format and keep your profile as simpleas possible. 1. List all the pieces of information a client might want to get out of your API or putinto your API. These will become your semantic descriptors.Semantic descriptors tend to form hierarchies. A descriptor that refers to a realworldobject like a person will usually contain a number of more detailed, moreabstract descriptors like givenName. Group your descriptors...
no comments

Basic rules for building REST web APIs

We have a client-server Internet protocol, HTTP, which assigns very general meanings to different kinds of requests: GET, POST, PUT,and so on.We have the idea of hypermedia, which allows the server to tell the client which HTTP requests it might want to make next. This frees the client from having to know the shape of the API ahead of time.We have the idea of application semantics, which extend hypermedia controls with information about what specifically will happen, to application or resource state, if the client makes a certain HTTP request.And finally we have a whole lot of standards for...
no comments

How does “Exports” work in Node JS

1 בינואר 2014

If you wandered how does “NodeJS exports” works under the covers here in the answer. The trick is simple: wrap your function (object definition) with a wrapper function that accepts the exports object from the global scope. This makes exports global, allows you to attach your code to it and prevents your code from reaching the global scope. Code Snippet //wrapper function (function (exports, require, module, __filename, __dirname) {     //your code     var calculator = function() {         return {             add: function(a, b) { return a + b; }         };     };     exports.add = calculator; }); ...
no comments