Monthly Archives: January 2019

An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth 2.0 and ProxyKit)

You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow. Brock has written up a good summary here. The whole implicit vs … Continue reading

Posted in ASP.NET Core, OAuth, OpenID Connect, WebAPI | 2 Comments

Automatic OAuth 2.0 Token Management in ASP.NET Core

As part of the recent discussions around how to build clients for OpenID Connect and OAuth 2.0 based systems (see e.g. Brock’s post here), we substantially updated our workshop and supporting libraries. The updated material (both workshop and break-out sessions) will … Continue reading

Posted in ASP.NET Core, Uncategorized | 8 Comments