We are gonna create an actual Azure Active Directory B2C tenant with user flows for registering and sign in scenarios. After that, we create a web application that will be using it to authenticate users.
Continue reading
Secure your Web App easily. In today’s world, it is risky to have a website that isn’t properly secured from outside attacks. Luckily Azure offers some features that can help to protect your WebApps from outside attacks.
In this blog post, I will create a Virtual Network (VNet) and show you how you can secure your Webapp using a VNET and an Azure Application Gateway. The picture will show you what you can configure. But please enter your own information if you need other configurations.
Picture a company that has a nice web application, but also has plans to create a Native Application for mobile devices. Unfortunately creating a complete Native app, will cost a lot of time and money to develop. If this is your situation, maybe transforming your web application into a Progressive Web App can help you.
The term “Progressive Web App” isn’t a formal or official name. It’s just a shorthand used initially by Google for the concept of creating a flexible, adaptable app using only web technologies.
The goal of Progressive Web Apps is to make the end-user feel as if they are working in a Native App, as we know it from mobile devices (Android and Ios).
Another big advantage of a Progressive Web App is the fact that any existing web application can easily become a Progressive Web App.
Continue reading
Most of the time when I need to use a self-signed certificate, I use Openssl. But I saw that you can easily create a self-signed certificate with Azure Key Vault.
In this blog post, I will use the Azure portal to create a simple self-signed certificate and make it available in your Azure App service.
In my previous article, I explained that every company has to think about what they want to do with the old AngularJs application? For some companies, it’s better to completely rewrite the application. Maybe even not in Angular anymore? (if you have the resources for it) And for some companies, it’s better to create a hybrid situation/application in which you can let the AngularJs application, with new Angular components, co-exist. This can really help you to easily make the transition from AngularJs to Angular.
This blog post is the first part of a series of blogs that will help you to take a look at a hybrid AngularJs/Angular application. Let’s start by setting up an environment for our migration.
Continue reading
In 2010 Google introduced AngularJs. Originally it is developed in 2009 by Miško Hevery en Adam Abrons. AngularJs is a Model View Controller (MVC) javascript framework. It has been / or still is used by many companies for creating SPA (Single Page Applications). Few years later AngularJs became part of the MEAN Stack. MEAN stands for MongoDB, Express.js, AngularJS, and Node.js. MEAN is an end-to-end JavaScript stack used for cloud-ready applications.
AngularJs became very popular because of a set of features that really helped programmers constructing stable, scalable and robust web-applications. AngularJs reached the top segment of the market and was compared to ReactJs and EmberJs also a good choice to build your product with.
But all good things, come to an end.
These past few weeks I have worked on the implementation of OpenID within a Hybrid AngularJs / Angular application. For this implementation, I used the Angular OpenID client from Manfred Steyer. This client is OpenID certified and makes it easy to connect your Identity Provider (IdP). It supports implicit flow and PKCE code flow. There is also good documentation and examples so I am not gonna show you the code because it’s pretty clear in the documentation.
But what I do want to tell, is that by using implicit flow you are vulnerable to a couple of security issues.