Posts

Showing posts from May, 2020

Integration test experiments - running IdentityServer and ASP.NET Core WebApi inside a Process

Hello.  I'll get to the main topic of this post shortly (and a link to my github repository with the sample code at the end) but just wanted to give you a bit of background first.  Recently I've been studying security engineering with a view toward strengthening my skills in that area.  - I attended a two-day workshop on Identity and Access Control by Dominic Baier (one of the creators of IdentityServer4 ) at NDC London.  This was a real eye-opener, and in turn led me to a few other avenues of research.  It turns out this extra time I've got in lockdown can be put to use... - I'm reading a book he recommended to me which is considered a seminal work in the field, "Security Engineering" by Ross Anderson.  It's a massive tome so I'm working my way through it slowly but it's clearly essential reading. - I'm reading up on OAuth 2.0 and Open ID Connect  with a view toward eventually being thoroughly conversant with all the concepts,...