Cyclomatic
IoC and messy factory methods
Hi... so I've made a class library that uses IoC - i.e. ServiceCollectionExtensions and registering all the dependencies.
In the library I have SomeClass that has 3 dependencies injected in the constructor. Those dependencies also themselves have dependencies, and so on, such that initializing SomeClass without an IoC container becomes messy... Now I need to consume SomeClass from a project that doesn't use IoC. It would be too much work to be able to use the IoC in my new project. What's the general approach for this type of thing?? How can I support an IoC container but also not have to make horrendous factory methods for classes in my class library so that I can consume them without an IoC container...
25 replies
IdentityServer4, oauth and re-logging in
Hi,
I have a web app that relies on Azure AD (Entra ID) to authenticate and authorize users in my web app.
My app looks like the following:
Angular SPA -> IdentityServer4 -> AzureAD
And
Angular SPA -> Web API
At a certain point, I need the user to re-enter their credentials. I can force the credentials to be re-entered, but the issue is that the user can log in using different credentials at that stage. I can pass the login_hint to the identityserver to prepopulate the user's email address, but they can still request to log in as a different user when the pop up window shows. I can also pass id_token_hint as well so I assume that I can use that to check whether the current logged in user is different to the one trying to log in.
What I am unsure of is how I can force an error when logging in and how I can handle it gracefully. One location I was trying is in on OnTokenValidated event of the middleware for aad (AzureAD), and I can for example set context.Fail("Some error message") but that shows an exception page. Ideally I'd like to redirect to something a bit more useful. Currently the CallbackPath of my middle where is /signin-aad. It does call back to this, but shows the exception.
1 replies
Why is the antiforgery token in MS example appending the token only on "/" or "/index/html"
I'm working on an angular SPA front end and C# web api backend. I want to use antiforgery cookies. The front end and backend live on the same server on different ports (not sure if any of this is relevant to the question).
I've got the antiforgery cookie correctly working - if I visit my page directly, www.mywebsite.com, then the token is appended and everything works fine.. However, if I visit my angular SPA starting at a URL that is not "/" or "/index.html" then the cookie is not appended and I get exceptions in my backend when trying to make calls. I think this is because I am implementing it as suggested here:
https://learn.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-8.0#generate-antiforgery-tokens-with-iantiforgery
Why do they only append the XSRF-TOKEN when the path is "/" or "/index.html"? And, if I should continue doing as in the example, how do I solve the problem I am having? i.e. if I visit www.mywebsite.com/en for example, the cookie is not appended and I get forgery token errors.
Thanks in advance!
1 replies
XML Deserialization
Hi, I want to deserialize an XML document and I'm using an XmlSerializer. That's all fine, but the order of the elements in the XML is important to me.
For example, I might have some xml that looks like:
Where the title and header order is important to me. Is there any way to pull out the "index" of the xml tag when deserializing?
28 replies
SSL error with entity core
Or malformed SQL, it varies...
I have web api that access and database using entity core. I have an angular frontend. If I call my endpoints invidually, or successively, it works fine. But for some reason when I do something like this:
let patientsObs = forkJoin(neededPatientId.map(id => patientService.getPatientById(id))).pipe(defaultIfEmpty([]));
let doctorObs = forkJoin(needDoctorId.map(id => doctorService.getDoctorById(id))).pipe(defaultIfEmpty([]));
return combineLatest([patientsObs, doctorObs]).pipe(
where neededPatientId and needDoctorId are arrays if integers, the backend throws an exception.
But when i get the patientObs first, and then the doctorObs, it works fine10 replies
Passing DateOnly to controller
What's wrong with this snippet?
[HttpGet("ondate")]
public async Task<IActionResult> GetAppointmentsByDate([FromQuery]DateOnly date)
{
var appointments = await _appointmentDatabaseService.GetAppointmentByDate(date);
if (appointments != null)
{
return Ok(appointments);
}
return NotFound();
}
I'm using swagger, and the JSON looks like this:
{
"year": 2024,
"month": 5,
"day": 5,
"dayOfWeek": 1
}
yet I get the default(DateOnly) in my request
13 replies
Naming conventions with Dto
I've got a PatientDto and it has an Id in it from entity core. Sometimes I want a PatientDto without an Id, i.e. if I've got an endpoint GetPatientById(int id) there isn't much point in returning the Id. Should I just returning it anyway and avoid the hassle or should i have a different dto?
52 replies
Entity Framework IQueryable question
I'm trying to get a list of prescriptions from my Patients entity:
var kk = await _context.Patients.Where(p => p.Id == id)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Medicine)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Doctor)
.ToListAsync();
var gg = await _context.Patients.Where(p => p.Id == id)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Medicine)
.Include(p => p.Prescriptions)
.ThenInclude(p => p.Doctor)
.Select(p => new
{
Prescription = p.Prescriptions.Select(p => p.ToDto())
})
.ToListAsync();
kk works, but gg returns an empty list;. Any ideas why this might be happening? I know it's a short snippet, but I figured there would be something obvious I am doing wrong...
Thanks!33 replies
Model, Dto, Entity - Id?
Hi,
I'm messing with a simple CRUD application.
My PatientEntity looks like this:
public class PatientEntity
{
public int Id { get; set; }
public string FirstName { get; set; }
public string Surname { get; set; }
public int Age { get; set; }
public string Gender { get; set; }
}
And my model looks like this (no id):
public class Patient
{
public string FirstName { get; set; }
public string Surname { get; set; }
public int Age { get; set; }
public string Gender { get; set; }
}
And my dto looks like this (no id):
public class PatientDto
{
public string FirstName { get; set; }
public string Surname { get; set; }
public int Age { get; set; }
public string Gender { get; set; }
}
And currently a method in my DatabaseService looks like this:
public async Task<Patient> GetPatientById(int id)
{
PatientEntity patientEntity = await _context.Patients.FindAsync(id);
if (patientEntity != null)
{
return patientEntity.ToPatient(); // i.e. returning the Patient model
}
_logger.LogInformation("Patient not found in the database.");
return null;
}
Should my DatabaseService return a PatientEntity i.e. with an id, and my PatientDto contain the Id? My PatientDto is returned by a web api controller.
I feel like my PatientDto should contain the Id. I guess the problem is that the DatabaseService is returning a Patient (Model) rather than the PatientEntity. Does it make sense to return the model from the Database service?
Here's the git:
https://github.com/billymaat/MedTrackDash
81 replies