SharePoint, Office 365, Azure, and Front end JS geek. – Chicago IL
SharePoint, Office 365, Azure, and Front end JS geek. – Chicago IL

WebAPI

VIDEO – HTTP Header Client Secret protected Web API

Watch the video below to see a demo of protecting WebAPI with HTTP header and a Client Secret.    By default, new Web API projects lack any security mechanism and are open to any anonymous user.    Protecting Dot Net methods with an IF() statement condition provides a simple security mechanism to ensure only users who know the Client Secret are able to run the API and execute the method.

NOTE – Check out http://www.spjeff.com/2017/10/05/video-azure-ad-protected-web-api-in-an-angularjs-spa/ for more complete WebAPI security with Azure AD.

Cheers!

shades_smile

Video

Screenshots

image

Code

References

VIDEO – Azure AD protected Web API in an AngularJS SPA

Recently I walked through an Azure AD Web API sample project on GitHub at https://github.com/Azure-Samples/active-directory-angularjs-singlepageapp-dotnet-webapi and recorded a brief 14 minute video of the install and deployment steps.   Watch below and enjoy.  Cheers! 

shades_smile

Video

Screenshots

image
image

image
image

Error Message

Could not load type ‘System.IdentityModel.Tokens.TokenValidationParameters’ from assembly ‘System.IdentityModel.Tokens.Jwt, Version=5.0.0.127, Culture=neutral, PublicKeyToken=31bf3856ad364e35’.
( others at IdentityServer3#3017 saw the same with JWT breaking change)

Extra NuGet Package Step

References

VIDEO – code JS todo CRUD on Breeze & SQL Express (part 2 of 2)

Our next step in this series is cloud hosting.  Each of the local source components has a Microsoft cloud destination equivalent.   Here is the mapping:

  • SQL Express > SQL Azure
  • WebAPI > Azure Web App
  • Angular SPA > Office 365 SharePoint Content Editor

In the video below I walk through all of these steps to migrate the local “todo” CRUD application created earlier to be fully hosted in Microsoft’s cloud.    From there, we have a fully operational business application running on Office 365 with all custom code hosted in Azure.

Enjoy!

shades_smile

 

 

Video

VIDEO – code JS todo CRUD on Breeze & SQL Express (part 2 of 2) from Jeff Jones on Vimeo.

SPAuditAPI – Read SharePoint audit logs from JavaScript over REST

Recently I wanted to query Audit data from the web browser client and learned no native REST api was available.   So I created one.   Below is a demonstration video and link to the full source code.

This web API enables us to execute the server object model SPAuditQuery() method from HTTP POST and provide optional filter parameters.   More filters give a narrow match and faster server response.   We want to be specific, even if only a default time range (example – past 30 days) to improve user experience and reduce system load.

Cheers! 

shades_smile

 

 

Source Code

 

Video

 

Context Diagram

image

 

Screen Shots

image
image
image

image

© Copyright 2016
@ SPJeff

Return to Top ▲Return to Top ▲