InfoQ·2yASP.NET Core Updates in .NET 9 Preview 2: Blazor, OIDC, OAuth and Configuring HTTP.sys
ASP.NET Core in .NET 9 Preview 2 brings updates including Blazor component constructor injection, WebSocket compression for Blazor interactive server components, customizing OAuth and OIDC authorization parameters, and configuring HTTP.sys extended authentication flags.
Cerbos·2yThe importance of stateless architecture in authorization systems
Stateless architecture in authorization systems simplifies system deployment, maintenance, and integration. It offers benefits such as scalability, fault tolerance, and simplicity. By using stateless authorization, the application can fetch the necessary state upfront and present it as a token, eliminating the need for external dependencies. Implementing a basic stateless authorization system is straightforward, but best practices for token management, expiration, revocation, and encryption should be followed. Centralized authorization servers and established protocols like OAuth and SAML can enhance security and interoperability.
Okta Dev·2yAdd Step-up Authentication Using Angular and NestJS
This post demonstrates how to add step-up authentication to an Angular frontend and NestJS backend using the OAuth 2.0 Step Up Authentication Challenge Protocol. It covers setting up the authentication configuration, guarding routes with step-up authentication, and protecting API resources with the challenge. The post also mentions the possibility of ensuring authentication recency in step-up authentication.