Stephan van Rooij on Coding Stephan

Build a rail menu in WinUI

Tue, 07 Apr 2026 10:28:12 +0000

I wanted to build my next app in WinUI, and I wanted to have a rail menu, with big clickable icons that would navigate to a different page. AI Dev Gallery has a great example of this, and fortunately it is all open-source. In this post I will show you how you can replicate this in your own WinUI app.

AI Dev Gallery Menu

Automatic efficient API Client Generation with Kiota

Mon, 16 Mar 2026 13:41:21 +0000

I don’t like repeating myself. I also don’t like writing boilerplate code. Whenever I have to interact with an API, I hope that there is an openapi specification available, or even better a client library. Microsoft has built an open source project called Kiota that can generate client libraries for APIs based on their OpenAPI specifications.

You have to run a command line tool to generate your client library, but I also like to see that automated as part of my regular development lifecycle.

Introduction to Identity Proxy at DOTNET Zuid

Fri, 23 Jan 2026 10:28:29 +0000

After visiting DOTNET Zuid meetups several times past year, I decided that it was time to propose a talk myself. Over the past years, I’ve been building an Identity Proxy. This is a topic I am passionate about, and I know most developers struggle with authentication and authorization in their applications. So I thought it would be a great idea to share my knowledge and experience with the community.

Remove merged branches with PowerShell

Thu, 08 Jan 2026 11:53:16 +0000

When working with Git repositories, it’s common to have multiple branches that have already been merged into the main branch. To keep your repository clean and organized, you can use PowerShell to remove these merged branches easily.

PowerShell Solution

As a developer running Windows all search engine results pointed me to bash scripts or Linux commands. However, I wanted a solution that works natively in PowerShell. Here’s a simple script that accomplishes this:

OpenAPI in Dotnet 10: Number quirk

Fri, 19 Dec 2025 13:13:15 +0000

Did you already upgrade your API to Dotnet 10, and are you using OpenAPI specs? Then you might want to read on the next information. We use the Microsoft.AspNetCore.OpenApi package to generate openapi specifications for our api, which is in turn used to generate client code for various platforms.

I’m not sure when this started, but it seems numbers are now specified to be either a number or a string with a regex pattern. This causes issues in the generated code and we need it gone.

Check out the update below if you want to skip the context and go straight to the solution.

Do all your endpoints require authentication?

Mon, 24 Nov 2025 09:49:16 +0000

You built an API, where every endpoint requires the user to be authenticated. If you’re working with dotnet core minimal apis you can add the need for authentication by adding .RequireAuthentication() to that specific endpoint.

Below I’ll show you how you can test all endpoints for authentication with just a few lines of test code.

Introducing Identity Proxy

Wed, 19 Nov 2025 12:37:14 +0000

We built a lot of public and private APIs, they all have one thing in common, authentication works with JSON Web Tokens. Meaning there is an identity provider (IDP) that can create tokens and our API just accepts any token signed by that IDP. We also think it is a good idea to tests all your APIs, in that the new version does not break anything and works as intended.

CollabDays Belgium 2025

Mon, 20 Oct 2025 08:09:35 +0000

CollabDays Belgium 2025 took place on October 18th 2025 in Edegem, Belgium. This year I had the pleasure to give not one, but two sessions! What a day it was. A lot of positive energy, learnings and networking. Check out the key takeaways from this great event below.

Publish to nuget without a token

Thu, 16 Oct 2025 14:22:36 +0000

Ever got a message from nuget.org stating that your API key is expiring or has expired? Well, I sure did. Most of the 20 packages I maintain are published using GitHub Actions. I created separate API keys for each package, and stored them in the respective github repository secrets. So I have 20 keys to manage and rotate every year.

Fast-forward to September 2025, when NuGet announced support for Trusted Publishing from GitHub. And today I show you how to convert your existing GitHub Actions workflow to use trusted publishing instead of an API key.

Secretless confidential applications

Fri, 10 Oct 2025 12:26:07 +0000

The Microsoft Authentication Library (MSAL) is one of my favorite libraries. It eases the process of getting tokens for Entra ID protected resources, and since most developers seem to struggle with getting tokens that is great. What is not so great, is the (out-of-the-box) lack of support for managed identities in confidential client applications. And I’m all-in for trying to get rid of secrets in applications, so I wanted to help all other developers.

Let's talk App Roles

Wed, 27 Aug 2025 08:22:53 +0000

What are App roles in Microsoft Entra ID and why you should definitely be using them. Let’s talk app roles today.

Manage app roles in Entra ID

Vibe smarter not harder

Tue, 19 Aug 2025 12:45:03 +0000

Unobtanium.Web.Proxy is my new pet project. It is a http(s) inspection proxy that allows developers to add a web proxy to their own project. This is used in Microsoft DevProxy. In the next release the complete API of Unobtanium.Web.Proxy will be changed. Using just “native” dotnet objects to interact with Http requests.

I’ll show you how to use Github Copilot in your next breaking change migration project.

Breaking Changes 💣

This commit will show you exactly what changed, but I’ll summarize:

Deploy to Azure Static Web App the slim way

Thu, 26 Jun 2025 13:41:32 +0000

Have you ever used Azure Static Web Apps, and used the portal wizard to set it up? Then you’re probably using the Azure Static Web App deploy Github Actions. Which is a humongous Github Action (1.6 GB docker container), that is also capable of automatically discovering how to build any of the supported apps.

What if you don’t need any of the auto build capabilities? Microsoft does not officially support any other way to deploy to Azure Static Web Apps, so you’re out of luck. They might be some other way, read on if you want to know more.

Maester at ExpertsLive NL 2025

Tue, 10 Jun 2025 10:07:36 +0000

What is Maester and why did I want to give a talk about it at Experts live Netherlands? Did I spark your interest? Read on and I’ll explain all about it.

June 3rd - Experts Live Netherlands 2025

What is Maester?

Maester is an open-source security scanner for your Microsoft 365 tenant, made by community members. Several people had this idea that it would be cool to be able to automatically scan your tenants configuration. And if you can do it automatically you can also schedule it.

Intune requirement for ARM64 devices

Fri, 30 May 2025 09:26:31 +0000

Since Microsoft is support Windows 11 on ARM64 devices, we see more and more devices running arm. While Microsoft made sure that it will emulate support for x64 applications. Running native ARM64 applications is way more power efficient and faster. If you manage your environment with Microsoft Intune, you might want to push ARM64 applications to your devices as well.

Intune requirements not met

GitHub workflow commands in PowerShell

Wed, 14 May 2025 08:05:55 +0000

As an author of GitHub Actions, you have the ability to use workflow commands to control specific things that happen when your workflow is executed. All the samples are in bash, but what if you did everything else in PowerShell? Can you do the same in PowerShell? Read along to find out how to do that.

Configure JWT Authentication in Dotnet

Thu, 17 Apr 2025 08:44:30 +0000

When you develop an API you probably want an easy way to authenticate users. In this post, I will show you how to configure JWT authentication in a .NET API. This is a simple and effective way to secure your API endpoints. What is JWT? And how do you configure it the right way?

Write to Github Actions summary from DOTNET

Mon, 14 Apr 2025 09:00:00 +0000

Github action runs can have these nice generated summaries, like the one for my winget package index. But how do you set them? And can you do that with C#? Read on to see how you can do that as well.

Winget index job summary

Github Action summaries

Back in 2022 Github released Github Actions job summaries. Which is a nice feature that allows you to not only write stuff to the console, but also to write stuff to the build summary.

Bitbash 2025: A Deep Dive into Managed Identity

Fri, 07 Feb 2025 10:40:46 +0000

Bitbash 2025 was an awesome conference, where I did a talk on managed identities. Here are the cliffnotes for that talk, and why I even do public speaking.

Bitbash 2025

Bitbash 2025: Two days packed with dotnet and cloud

Mon, 27 Jan 2025 13:29:00 +0000

January 24th and 25th, 2025, Bitbash was held in the Netherlands at Info Support HQ in Veenendaal. One day of workshops followed by one day packed with sessions. This was my second time attending and I enjoyed it a lot. What did I learn and what is now on my list of things I have to check into? They will probably organize it again next year and I will definitely be there.

Bitbash 2025

Connect

Wed, 01 Jan 2025 00:00:00 +0200

Hi, I’m Stephan van Rooij.

A software engineer with a passion for IoT, robots and Home Automation. I love to tinker with hardware and software to create new things. I’m always looking for new challenges and opportunities to learn.

Check out my LinkedIn page linkedin.com/in/stephanvanrooij to connect. Or browse around my blog to see what I’m up to.

Use multi tenant managed identity in Azure Automation

Sun, 29 Dec 2024 13:29:13 +0000

With the introduction of multi tenant support for managed identities it is time to take a look at how to use them in Azure Automation. This post will take you through all the steps needed to get this working.

Multi tenant managed identity is finally here

Tue, 24 Dec 2024 09:57:10 +0000

Microsoft just announced that you can now “officially” use managed identities in a multi-tenant scenario. This is a huge step forward security wise, if you’re in the business of building multi-tenant applications. Let me explain what this is, how it works and why it’s important.

Comparing Azure AD B2C to Entra External ID

Wed, 04 Dec 2024 09:52:34 +0000

Building an application that requires user authentication? We all used to build this directly in our api / web application, but with all the security requirements and continuing hacking attempts, I would recommend against doing this part yourself. You cannot possibly spent as much money on security as the big companies do. So why not leverage their knowledge and experience?

Azure AD B2C vs Entra External ID

Microsoft is one of those companies that can help you with user authentication for your application. They used to offer Azure AD B2C (Business to Consumer) for this, since a year or so they also offer Entra External ID. Both are identity solutions, but what are the differences between the two? And which one should you choose for your application? I’ll start with a comparison table and then try to explain those differences in more detail. Microsoft is not the only company that offers identity solutions, but they are the only one I have experience with. If you have experience with other solutions, please let me know in the comments.

Open-source explained for none developers

Wed, 18 Sep 2024 15:24:23 +0000

I recently saw a tweet from a well respected open-source developer, that someone was trying to use him as a free helpdesk. This is a common problem in the open-source community, and it’s a problem that I think is worth addressing. This explanation is not set in stone, but it’s a good starting point for understanding open-source.

Open-source helpdesk

What is open-source?

Open-source is a term that refers to software that is free to use, modify, and distribute. This means that anyone can use the software for any purpose, and they can modify the software to suit their needs. Open-source software is typically developed by a community of developers who work together to create and maintain the software.

Kiota serializing

Tue, 20 Aug 2024 13:22:32 +0000

Using Kiota to serialize your data sounds like a great idea for my new project. But why should I care about Kiota serializing? Let’s find out!

Hyper-V template for Intune

Fri, 02 Aug 2024 12:08:43 +0000

Want to test out autopilot device preparation in Hyper-V, but don’t know where to start? In this post, I’ll take you through the steps needed to create a Hyper-V virtual machine template for Intune.

Windows 11 Out-of-box-experience

Prerequisites

Windows 11 or Windows 10 (pro or enterprise)
Hyper-V installed
Windows 11 ISO (pro or enterprise), with at least the may 2024 updates

Create a new virtual machine

Open Hyper-V Manager
Click on Action and then New and Virtual Machine
Click Next
Choose a name for the virtual machine, for example, IntuneTemplate
(optional) Choose a different location for the virtual machine
Click Next
Choose Generation 2
Click Next
Assign at least 4GB of memory, (more is probably faster)
Click Next
Select the virtual switch you want, I picked Default Switch
Click Next
Create a new virtual hard disk, size needs to be at least 30 GB, change the location if needed
Click Next
Install an operating system from a bootable image file, select the Windows 11 ISO
Click Next
Click Finish
Right-click on the new virtual machine and click Settings
Go to Security and enable Enable Secure Boot and Enable TPM (needed for autopilot)
Click OK
Right click on the virtual machine and click Connect
In the new window, click on Start and press any key to boot from the ISO
Install Windows 11 as you would on a physical machine (next, next, …)

Don’t go through the OOBE (setup steps)! instead continue with the next step in this guide.

Integration tests on protected API

Wed, 10 Jul 2024 09:54:59 +0000

If you built an api that is protected with tokens from an external IDP, you got a challenge when you want to run integration tests. They would require an access token that is signed by the IDP. And if you want to test several roles, or access levels or flows. You would need several “accounts” in your IDP. Not only that, but not all IDPs allow you to get all tokens in a non-interactive way. So you would need to have a browser open to get the tokens, which is not feasible for automated tests.

Generate a token and use in integration test

Kiota with dependency injection

Wed, 03 Jul 2024 13:51:47 +0000

Kiota is an open-source application that allows you to generate a client for any api that is documented with open api. It’s a great tool and we use it for all our new projects where we call an api. What we also use in all our applications is dependency injection, and those two need to be combined to get the best performance and most stable application.

Kiota Dependency Injection

Why use dependency injection?

Dependency injection is a way to make your application more testable, maintainable, and scalable. It allows you to inject the dependencies into your classes, instead of creating them in the class. This way, you can easily replace the implementation of a class with another one, without changing the class itself. This is especially useful when you want to test your application, as you can easily mock the dependencies.

Authentication using certificate - Entra ID

Wed, 05 Jun 2024 11:05:42 +0000

If you want to do authentication for your multi-tenant application, you can use a secret (which you shouldn’t!) or a certificate. In almost all the samples I’ve seen, the certificate is stored in the Key Vault “to keep it safe”. But how does the authentication work? And are you sure this is the most secure way?

Process

The short version of the process is:

What have you been up to?

Tue, 21 May 2024 19:40:00 +0000

It has been pretty quite on this blog, are you still blogging? What is snooping up all the time you usually got for writing blog posts?

My first security coin

Azure SQL and Entra ID authentication, tips from the field

Wed, 27 Mar 2024 14:28:30 +0000

Azure SQL is a managed SQL server in the cloud. It’s a great service, but it can be a bit tricky to get it to work with Entra ID Authentication. Here are some tips from the field.

Azure SQL Entra ID Admin required

Azure Pipelines and commit messages

Wed, 27 Mar 2024 11:18:06 +0000

It’s just a little frustration this time, I was creating a new Azure Pipeline, and I was testing the deployment steps. After 2 PR’s to the main branch, which should be configured as the correct trigger, I was still having issues.

In the mean time my commit messages in the main branch will stay there forever.

Finally success after so many tries

MVP Summit 2024

Sun, 24 Mar 2024 16:27:13 +0000

Did you know each Microsoft MVP is invited to a yearly MVP Summit? As one of those few, I was invited for the 2024 MVP summit.

This was my first summit, and boy what a trip. Seeing my own name on the MVP wall, between all those other people really made an impression.

MVP wall

Never forget the Authorize attribute

Tue, 05 Mar 2024 13:37:55 +0000

Did you ever deploy an application and forgot to add the [Authorize] attribute to a controller or action? I did, and it meant that the application was open to the public and one controller could be used without logging in. Let me show you how you can use reflection and Fluent Assertions to check for the existence of an attribute on a specific class. I’m using this to verify the Authorize attribute on all classed that inherit from ControllerBase in a .NET Core application, but this principle can be used on any class to check for the existence of a specific attribute.

Lego mini figures developer and security guard

Modify a HttpClientHandler with Dependency Injection

Tue, 27 Feb 2024 13:35:59 +0000

In the previous post we have seen how you can protect your application to Man-in-the-middle attacks. The sample code there, was not showing how you could do the same if you are not managing the HttpClient yourself. In this post we will see how you can utilize this with dependency injection and the Microsoft.Extensions.Http package, which allows you to also protect your application if you’re using dependency injection to manage your HttpClient instances.

Nuke the man-in-the-middle attack

Thu, 22 Feb 2024 13:18:53 +0000

Everybody should take security seriously! Let’s see what you can do to do the extra step to protect your applications. In this post we will have a look at how you can protect your application from Man-in-the-middle attacks.

Man-in-the-middle

What is a man-in-the-middle attack? It means the attacker has found a way to intercept the traffic between two parties. This is a serious problem, because the attacker can read, modify and even delete the traffic. This is a serious problem for users, but also for applications.

Validate JWT with OpenID Connect

Thu, 22 Feb 2024 10:55:07 +0000

Working with API’s, or calling the Microsoft Graph API, you’ve probably seen them those JSON Web Tokens (or JWT for short). It’s a way to securely transmit information between parties. But how do you validate them? In this post, I’ll show you how to validate a JWT using OpenID Connect.

JWT title screen

What is a JWT

A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. A JWT consists of three parts separated by dots (.):

Local API for appliances

Sun, 21 Jan 2024 09:57:06 +0000

I’m a home automation enthusiast, so that’s out. I’ve been using various systems for years, I even build some home automation packages, like sonos2mqtt and ipcam2mqtt. When buying devices I always look for devices that have a local API, so I can integrate them in my home automation system. Devices that require the cloud to be controllable are getting a points deduction when comparing devices.

In my opinion all devices should have a local api, and if they have a cloud api, it should be optional. I don’t want to be forced to use the cloud and I want to be able to control my devices locally.

I discovered that my oven talks to questionable countries so I disconnected it from the internet. Recently Haier threatened an open-source developer with legal action because he made a home assistant plugin for his own Haier applicance.

Dishwasher on a cloud

Using dependency injection in your C# PowerShell Modules

Thu, 18 Jan 2024 14:57:21 +0000

For those following along, this is the second post in a series about PowerShell development in C#. In the first post I showed you how to create a binary PowerShell module in C# and how to debug it in Visual Studio. This post will continue this journey and show you how to use dependency injection in your binary PowerShell module.

Dependency injection and async code in PowerShell

Stop asking for passwords

Tue, 16 Jan 2024 12:04:07 +0000

It’s been common practice for a long time to ask for passwords, surely we are migrating to passwordless authentication, but we are not there yet. So, what can we do to improve the security of our applications? What about setting a sign-in frequency?

Laptop asking for password

This is an opinionated post, I’m looking at this from the perspective of a security consultant that wants the best solution for the users, while still preserving security. I want to open a discussion about this topic, so please leave a comment if you have a different opinion.

Automate your SSH keys using GitHub

Mon, 15 Jan 2024 10:29:18 +0000

Using Windows Hello for SSH keys makes sure your SSH keys are secure, it also means that they are tied to a single computer. If you only have one computer that should not be too much trouble. But if you’re one of those users that uses multiple computers. You’ll need to distribute all those SSH keys to all the computers you want to use them on. Let me show you how you can automate distributing your SSH keys using GitHub.

Create your first PowerShell module with C#

Fri, 12 Jan 2024 15:00:58 +0000

Let’s say you have a C# project and you want to create a PowerShell module for it. Creating a PowerShell module for you project allows anyone to use your project without installing the .NET SDK or compiling the project. If your target audience consists mainly of system administrators, they will be more comfortable using PowerShell than compiling a C# project.

In this post I’ll show you how to create a binary PowerShell module, which means you’ll be writing your command lets in C# and not in PowerShell.

Secure SSH with Windows Hello

Mon, 01 Jan 2024 12:39:18 +0000

You currently have all these security keys these days that allow you to securely store your ssh private keys on a device to prevent them from being stolen. But what if you could use your face to unlock your ssh keys? Well, you can! And it’s pretty easy to set up.

Speaking at ESPC23 - Protect your API with Entra ID

Sun, 03 Dec 2023 12:02:36 +0000

I got accepted to speak at ESPC23 the European SharePoint, Office 365 & Azure Conference in 2023. As a Microsoft MVP in Security, the topic has to be security related.

Me in front of this huge screen

How do Federated credentials in GitHub Actions actually work

Tue, 07 Nov 2023 10:44:57 +0000

I’m super enthusiastic about managed identities, because it allows you to deploy your application without having to worry about credentials. Federated credentials are a way to accomplish the same for none Azure resources. You can use federated credentials to authenticate several tasks inside Github Actions, and thus securely deploy your app to Azure without the need of a secret configured in GitHub.

As the regular readers might expect this post will explain how federated credentials actually work inside GitHub Actions, a deep dive into the techniques that are actually driving this feature.

Get a federation token from GitHub

Creating IntuneWin files with C#

Tue, 24 Oct 2023 12:53:59 +0000

Now that I figured out how to decrypt IntuneWin files it is time to explain how you can create those files with just C# code. With this explanation you should be able to create IntuneWin files on any platform, that supports the .NET framework. And depending on your skills you might be able to port this code to other languages as well.

Super fast Content Prep

Introducing Content Prep PowerShell

Thu, 19 Oct 2023 12:34:58 +0000

Journey until now, I created WingetIntune on GitHub, an open-source app packager that downloads all the details from Winget and then packages the installer for Intune. In that last post I dove intune decrypting .intunewin files. With the end goal of being able to create those files with pure C# code. And I’m happy to announce that I succeeded in doing so.

Super fast Content Prep

Decrypting intunewin files

Mon, 09 Oct 2023 15:32:00 +0000

In my quest to build an open-source, cross platform, tool that packages Win32 apps from Winget for Intune WingetIntune on GitHub, I’ve been looking at the Win32 Content Prep Tool in my previous post. In this post I’ll try to decrypt the IntunePackage.intunewin file that is generated by the tool.

PowerShell module to create and decrypt .intunewin files

Analysing Win32 Content Prep Tool

Wed, 04 Oct 2023 08:05:41 +0000

In my quest to build an open-source, cross platform, tool that packages Win32 apps from Winget for Intune WingetIntune on GitHub, I’ve been looking at the Win32 Content Prep Tool. This tool is used by administrators to prepare Win32 apps for deployment in Intune. It’s a closed source application requiring windows to run. In this post I’ll be looking at the tool and how it works.

Detection.xml file from .intunewin

Compute file hash in C# asynchronously

Tue, 03 Oct 2023 14:58:44 +0000

In my recent quest I’ve been building a tool that publishes any apps from winget to Intune, called WingetIntune. One of the things that was still on the todo list was to compute and check the hash of the installer. We wouldn’t want to package a corrupted or maliciously changed installer, right?

Since I’m building my application with the cloud in mind, using synchronous code is a big no-no. So I went looking for a way to compute the hash of a file asynchronously. Only to find out there is no such thing in .NETStandard 2.0 which I was targeting.

Compute file hash asynchronously

Remove platform dependency for WingetIntune

Sat, 23 Sep 2023 10:55:03 +0000

WingetIntune, my latest open-source project to publish apps to Intune, has a dependency on Windows. This post explains why and how I’m planning to remove that dependency.

Open-source winget community index

Publish apps to Intune

Thu, 31 Aug 2023 08:57:38 +0000

I’ve been taking you through the process of getting you apps in Intune. In the previous post I explained how to package apps for Intune. In this post I’ll go into publishing apps to Intune.

Publish an app in seconds

Package apps for Intune

Wed, 30 Aug 2023 19:58:20 +0000

In the previous post I explained that you can use Intune to install applications for all you colleagues. In this post I’ll go into packaging apps for Intune

Package an app in seconds

Get your apps in Intune

Wed, 30 Aug 2023 10:00:10 +0000

Microsoft has this great tool to manage corporate devices, called Intune. Companies use it to manage their devices, and to deploy apps to them. But how do you get your apps in Intune? In this post I will explain how to get your apps in Intune, and how to deploy them to your devices.

Apps in Company Portal

The Best GitHub workflow for a .NET app

Wed, 09 Aug 2023 15:11:47 +0000

I might have build the best continues integration pipeline for a .NET app ever. How do you set up a workflow to automatically test your .NET application? I’ve created a workflow that has all the things you might need to get started.

Github actions build summary

Emulate Managed Identities during development

Thu, 03 Aug 2023 07:38:58 +0000

Ever used Managed Identities in Azure? You should, it’s a great way to get rid off passwords in your code and configuration. In this post I’ll show you how managed identities actually work. And how I built a small app that should help you use the ManagedIdentityCredential in Docker and or during development.

App running in docker using Managed Identity

Use System.Text.Json in Azure Functions

Wed, 26 Jul 2023 10:06:24 +0000

In 2019 Microsoft has released some new build-in API’s to (de/)serialize JSON. All the API’s in the System.Text.Json namespace should allow you to work with JavaScript Object Notation files without the need for Newtonsoft.JSON, the longtime go-to library to handle JSON. In this post I’ll explorer how to use the new api’s right from Azure Functions C#.

Fake banking security

Mon, 24 Jul 2023 14:13:01 +0000

I have this bank account, at a bank (I will not shame publicly for now), but I’m really frustrated with their “fake” security. I don’t own a bank, nor do I work for one, but in my opinion they should think differently about security. I also provide some alternative security measures that I thought up myself.

Photo by cottonbro studio

Configure SQL with managed identity

Wed, 19 Jul 2023 13:42:02 +0000

This post will show you how we configure Azure SQL Server with a managed identity, it will also show you the most common pitfalls.

Configure Azure Groups as database users

VanMoof going bankrupt, what about my digital bike key?

Mon, 17 Jul 2023 17:39:19 +0000

A few days ago VanMoof (a Dutch E-bike vendor) applied for a suspension of payment, this usually means the company might go bankrupt in the near future. What does that mean for their customers? In this post I’ll share some toughs on the cloud dependency products have these days.

There was a tweet here, but it is deleted forever.

Hiding in plain Graph, an issue with Azure AD Audit log

Fri, 07 Jul 2023 11:27:01 +0000

The audit log in Azure AD in super important. If I was an attacker that got access to some tenant, I would make sure my details would not show up in there. I would probably use a VPN/TOR of sorts just to hide my tracks. But what if I tell you that the Microsoft Graph API does already covers your tracks?

Not my IP showing in the audit log

Blog migrated to hugo on Static Web Apps

Mon, 26 Jun 2023 14:23:33 +0000

The blog you’re currently reading is a written in Markdown, then an application runs and generates static html files. This is called a static site generator, there are several static site generators. Previously I used Jekyll and recently I decided it was time for something new, I migrated to Hugo. Let my explain why I did this and what was needed to make this happen.

Teams Hacktogether: Entry

Thu, 22 Jun 2023 08:21:17 +0000

Microsoft organized a Teams Hacktogether hackathon, we had a great idea. This post will show you our entry.

Remove PowerShell modules by name

Wed, 21 Jun 2023 09:46:12 +0000

Let’s say you installed a lot of PowerShell modules, and maybe several different versions. Cleaning this up or upgrading to the latest version is a terrible job.

Luckily you can use PowerShell to fix this for you.

Assign additional permissions to service principal

Mon, 19 Jun 2023 15:00:48 +0000

You have a service principal in your tenant. Either you created it yourself or it’s a service principal for an app registration from another tenant (multi tenant application). Now this service principal needs access to an addition role. It’s not always possible to do a new admin consent sometimes you want the change just for a single service principal in a single tenant.

I wrote about this before, but since the Azure AD module is depreciated, it’s time to do the same with the new Microsoft Graph PowerShell module.

Teams Hacktogether: Blazor

Wed, 14 Jun 2023 10:46:41 +0000

In the previous post I shared my first experience with the teams toolkit. For the Teams Hacktogether, we started our Teams Tab in Blazor. What is Blazor, what flavours are there and what about hosting your app?

Teams Hacktogether: Toolkit

Tue, 13 Jun 2023 09:12:39 +0000

There were some ground rules for the Teams Hacktogether, we were going to build our Teams tab in Blazor. And this post describes the experience we had with the Visual Studio template for a Teams Tab in Blazor.

Teams Hacktogether: Getting access

Mon, 12 Jun 2023 12:30:21 +0000

For our Teams app we wanted to access the applications from the My Apps page, but how do you access data from an app that does not have a public api? Let me start by saying that accessing an internal api, like I’ll be showing is never recommended to use in production. Only use this information for proof-of-concepts, like what we are building.

Teams Hacktogether: Idea

Mon, 12 Jun 2023 12:30:21 +0000

A few months ago, my friend Jan Bakker came to me, with a great idea. He had a client that asked “Can we show the applications from the My Apps page inside of Teams?” I thought this was an interesting idea, and checked the documentation on the Microsoft Graph only to find out that you cannot easily access that information.

Sonos TypeScript

Tue, 06 Jun 2023 10:03:53 +0200

Sonos speakers have an extensive local api which was not documented anywhere. In my other project sonos2mqtt I wanted to control everything on the Sonos speakers you could with the official application.

So I decided it was time to parse the xml service documentation and write a custom client generator and a matching template to generate a Sonos client library that could do everything you can do with the original application.

Check out this library and control your sonos speakers from your own application.

Sonos2mqtt

Tue, 06 Jun 2023 10:03:53 +0200

Sonos2mqtt is my pet project for years. It allows you to control your Sonos speakers through a mqtt server. This pub/sub mechanism is perfect in a smarthome environment. There is an event and you want to ack on in.

This project started because I had no way to control my Sonos speakers without the Sonos application (which kinda sucks). And now years later it’s downloaded 335k times from Dockerhub

Nginx fault finding

Thu, 30 Mar 2023 00:00:00 +0000

I had an issue with a NGINX server not starting after an upgrade, sudo nginx -t did not help.

Betatalks, I was their guest

Mon, 06 Mar 2023 00:00:00 +0000

I was asked to be a guest in Betatalks the Podcast, and I like sharing knowledge on security and home automation, so I taught why not.

Beware, spoilers ahead. First listen to the episode then read this post.

Batching with Microsoft Graph

Fri, 03 Mar 2023 00:00:00 +0000

Microsoft has this great api where you can control almost everything in the Microsoft 365 cloud. To speed up your requests, you can combine up to 20 requests in a batch. This post will explain how to use batching and how it got implemented in the Graph SDK for DOTNET.

I disconnected our smart oven, and maybe you should as well

Wed, 25 Jan 2023 00:00:00 +0000

Arstechnica published an article yesterday, called “Appliance makers sad that 50% of customers won’t connect smart appliances”. Let me tell you, I’m glad people don’t connect their oven to the internet. We own two of these smart appliances from AEG and I disconnected them as soon as I discovered what they do.

Creating a Home Assistant component

Wed, 18 Jan 2023 00:00:00 +0000

Home automation is a topic that speaks to the imagination for most of us. Rooms that light up if you enter them, a notification on your phone when someone rings the doorbell. These thing tickled my personal interest years ago. Back then nobody was doing these kinds of things and as a developer I was intrigued.

If you talk about Home Automation in 2023 you’re probably also talking about Home Assistant, if you’ve never heard about that. Go on check their website, it’s awesome. Open-source mostly local home automation with, “components” or “integrations” (they mix these terms, don’t know why) for thousands of devices. Out-of-the-box you have support for a lot of devices, but because it’s open-source you can easily add your own custom components. Home Assistant started as an applciation you would run on a simple raspberry pi you had laying around, recently more and more people are switching to a slightly more powerful system because the pi is no longer sufficient for their needs.

Extract all users with powershell and what to do about it part two

Mon, 16 Jan 2023 00:00:00 +0000

In a previous post I showed how to extract all users from a Microsoft 365 tenant, and what you should do about that. If you followed along that leak got restricted. The Azure AD module isn’t the only way to extract user information from a tenant. This post will show you how to do the same (extract all users to csv file) with the Graph PowerShell modules and what you should do about that.

An introduction to cmd.ms

Wed, 11 Jan 2023 00:00:00 +0000

Developers and admins love to open apps using their keyboard, with all kinds of shortcuts. Merill Fernando made something really usefull called cmd.ms. Continue reading to see what it is and how you can use it yourself.

2022: An exciting year

Mon, 02 Jan 2023 00:00:00 +0000

Previous year was quite exciting, a lot has happened. In this post I look back on my most popular posts in 2022 and some of the open-source projects I enjoyed building.

Every project needs a badge

Mon, 02 Jan 2023 00:00:00 +0000

You just created a new open-source project. Great, you rock! A lot of repositories have these nice images showing dynamic details of the repository. How does that work? By using these dynamic badges you can really make your repository stand out.

Proof of concept: Multi tenant managed identity

Fri, 16 Dec 2022 00:00:00 +0000

Ever since Microsoft created managed identities, people are asking how/if they work for multi-tenant applications. They even spend a faq on it.

In my previous post I wrote that it was possible to use a managed identity to get access tokens for some multi tenant application, if you haven’t seen that post be sure to check it out since this post uses the knowlage from that post to demo the process.

Hacking Primary refresh tokens, oops created a virus

Tue, 18 Oct 2022 00:00:00 +0000

Windows has some cleaver ways to handle SSO in combination with Azure AD. They use this so called Primary Refresh Token. These highly sensitive key materials, are usually stored in the systems TPM (trusted platform module), a hardware device that can protect keys. And are “unlocked” when the user logs in.

A post, by Lee Christensen and the accompanying RequestAADRefreshToken source, inspired me to check out what he had found.

Cancellable task with timeout

Tue, 04 Oct 2022 00:00:00 +0000

Don’t you like the async and await way of asynchronously programming in C#? I can tell you I like them a lot. Recently I came across a case where I wanted to add a timeout to an asynchronous task.

Create Outlook category for everyone

Tue, 27 Sep 2022 00:00:00 +0000

Did you know you can categorize items in your Outlook calendar to give them a different color (in most official Outlook clients)? You can help your users by pre-configuring some default categories. You can also create categories for your users if you have some automation to create items in their calendar by some automated way.

Protect against SSO for Graph PowerShell

Wed, 14 Sep 2022 00:00:00 +0000

Why would you want to disable SSO for some cloud app, we love SSO, it makes our life easier? I agree, single-sign-on is great, until it is used without the knowledge of a user that logged-in with his admin account (don’t do that!).

Replace an owner in all their Teams

Tue, 13 Sep 2022 00:00:00 +0000

Microsoft Teams without an owner are no longer manageable, so what happens if some user leaves the company and he/she was an owner in several Teams?

Externalize user accounts: OpenID Connect

Fri, 05 Aug 2022 00:00:00 +0000

Externalizing user accounts, what is he thinking? The previous post should give you a clear view what this means and why you should consider it. This post will go a into details of “delegating login” to a separate application.

Externalize user accounts: An introduction

Thu, 28 Jul 2022 00:00:00 +0000

Externalizing user accounts, what is he thinking? In this post I’ll explain why every company should consider externalizing their user account management from their applications.

Using a managed identity as a client credential

Tue, 21 Jun 2022 00:00:00 +0000

Ever since Microsoft created managed identities, people are asking how/if they work for multi-tenant applications. They even spend a faq on it.

Previously you had to go through some hoops to use managed identities with your multi tenant app.

Let’s have a look if we can solve this with in combination with federated credentials.

Federated credentials, wait what?

Mon, 20 Jun 2022 00:00:00 +0000

Workflow identity federation of “federated credentials” as they are called in the Azure Portal are brand new in the Microsoft identity suite. As of writing they are still in preview.

What are they and how does it work? This will all be explained in the post below.

Building a GitHub Action in .NET

Thu, 09 Jun 2022 00:00:00 +0000

GitHub Actions allow you to run some program every time an event (or trigger) happens in GitHub. You can respond to a new PR, a new issue or even periodically run some job. There are thousands of little actions you can use in your own workflow.

Protect against certificate extraction - encryption

Wed, 01 Jun 2022 00:00:00 +0000

You’re encrypting sensitive data with RSA encryption, great start! But how do you protect your certificates from being extracted? You get hacked and they steal your encrypted data, no problem, it’s encrypted! If they hack you, are you sure they can’t also steal the certificate? This series covers several risks of Certificate Extraction and what you can do about it.

Protect against certificate extraction - Client credentials

Fri, 27 May 2022 00:00:00 +0000

You have this multi-tenant application that is protected with Azure AD, great! How about the certificate you’re using as a client credential? If you followed the Microsoft samples it’s probably stored in the Azure Key Vault. This seems really secure, but there is one thing no one thought about Certificate Extraction.

Extract all Azure AD admin accounts

Tue, 17 May 2022 00:00:00 +0000

Powershell is pretty powerful for all kind of administrative tasks, especially if you load some extra modules. We use the AzureAD module for a lot of tasks that can be (semi-)automated with the use of some script. In this post I described how to extract all users from Azure AD as a regular user, and what you should do about it.

Extracting users isn’t the only thing you can do with Azure AD powershell and this page shows how to export all Azure AD global admins (which can be executed by ANY user in your tenant unless you take action against that.)

Extract all users with powershell and what you should do about it

Mon, 16 May 2022 00:00:00 +0000

Deploy to Azure Static Web App with only the name

Thu, 05 May 2022 00:00:00 +0000

Ever heard of Azure Static Web Apps? It combines a single page app (Angular/React/?) with Azure Functions, and manages it all for you.

The deployment is a breeze, as long as you have the deployment token available to your build pipeline. The deployment token should be kept a secret and you should save it somewhere secure.

Access Azure AD protected API with managed Identity

Thu, 21 Apr 2022 00:00:00 +0000

Managed identities are a great way to improve the security of your application. Microsoft “manages” the rotation of secrets and makes sure they cannot be extracted or used anywhere outside their platform. That is the reason I’m a big fan off Managed Identities!

You should use managed identities wherever possible. It’s possible to use managed identities for accessing (custom) api’s, an that is exactly what I’ll be explaining in this post. At the and you will be able to call any Azure AD protected api with using a managed identity.

UPDATE: Elektrische steps in Nederland

Wed, 30 Mar 2022 00:00:00 +0000

Nederland roept al jaren dat het technologisch voor wil lopen op de rest. We hebben enorm veel dingen uitgevonden in Nederland, Videobanden, bluetooth, enzovoort. Maar op het gebied van vervoersmiddelen lopen we echt enorm achter. In heel Europa zie je overal elektrische steps, in mijn ogen een super goede manier om mensen uit hun auto te krijgen.

Update Deze pagina sprak over een pagina die is verwijderd van rijksoverheid.nl, dat is inmiddels rechtgezet zie update WOB Verzoek.

Open-source sonos apps

Sun, 06 Mar 2022 00:00:00 +0000

Out of personal interest I’ve build several apps to have better control your Sonos speakers. This page will give you a brief overview of these apps.

KeyVault proxy demo

Thu, 03 Mar 2022 00:00:00 +0000

Today I’ll demo my new KeyVault proxy in the 425show. This page will allow you to follow along.

Check out the recording and if you have any questions, contact me on twitter @svrooij.

Clean developer install - Winget

Fri, 18 Feb 2022 00:00:00 +0000

A clean windows installation just feels faster, and as a developer I want a fast machine! Why don’t you just reinstall your machine once a month, you ask? Because it takes a lot of time to set it up just right.

Introducing OBS Clock

Tue, 15 Feb 2022 00:00:00 +0000

I like to make my Team meetings a little more interactive, so I use OBS to make my webcam look more awesome. I’ve setup hosting for some javascript clock I found on the web somewhere.

Securing credentials during development

Fri, 04 Feb 2022 00:00:00 +0000

Protecting client credentials for (multi-tenant) application should be your highest priority, not only in production also during development.

We developed a small application that helps you do just that. Use your Visual Studio credentials to sign a token request while the certificate stays in the KeyVault. You could even only authorize developers to use the certificates in a KeyVault when they need it and de-authorize then when it’s no longer needed.

Jekyll website to progressive web app

Sat, 29 Jan 2022 00:00:00 +0000

A PWA (or Progressive web application) is a website which can be installed on a desktop and acts like an app. It has an icon and a title. And it can even receive messages from the server if the app isn’t running. It can also show notification messages to the users.

So in short it’s a website acting like an app. This post shows you how to turn a Github Pages website into a pwa in three easy steps.

Twitter cards for static web page

Fri, 21 Jan 2022 00:00:00 +0000

My personal page is a static website hosted on Github pages. Posts are written in markdown and the source of all the posts is in my public repository. I tweet about most posts at least once, and it just shows the link, that’s not what I want.

All tweets to my blog should at least show the title and a short description. Maybe even a large image related to the post.

Securing multi-tenant app with Managed Identity

Thu, 20 Jan 2022 00:00:00 +0000

Keeping your secrets secure, can be a huge challenge. And keeping secrets becomes a huge responsibility, especially if you’re in the business of building multi-tenant applications. Microsoft created managed identities to ease this responsibility, but according to the faq, you cannot use them to secure resources in other tenants. And that is exactly where we could use extra help is securing secrets.

Clone a BIG git repository

Wed, 19 Jan 2022 00:00:00 +0000

Wanted to clone a repository to do a quick text fix and create a pull request. Created the fork, and tried to clone. Cloning the repository took way longer than I’m used to.

Github Actions: Use secret file

Tue, 17 Aug 2021 00:00:00 +0000

Github Actions are great for automating tests and builds, among other things. If you need a secret (key/token/password), you can add those in the configuration and use them in your workflow.

Sometimes you need a file that is meant to be secret inside your workflow. This post shows you how to securely save this file as a secret and recreate the file during build. We use base64 encoding for a way to convert any file to a string that can be saved in the secrets.

This is all done in powershell core, which is available in all (Windows/Mac/Linux) runners on Github. The code below should work on any platform, but is only tested on a windows-latest runner.

Using Managed Identity without Azure

Tue, 20 Jul 2021 00:00:00 +0000

Azure managed identities are great. You just turn it on and your Azure Resource can request a token for other resources that support it in your tenant. This way each resource in Azure can get it’s own “identity” and Microsoft will manage the credentials for you. You’ll no longer have to store credentials in the configuration as this is all part of the managed services.

This post will give you an in-depth view of how Azure allows several client apps to requests tokens for Azure Resources.

Home automation setup

Wed, 09 Jun 2021 00:00:00 +0000

I’m big fan of smart homes, almost everything in our home is controlable over the network. And I’ve build some awesome apps for it. This post will describe all the components used in my home, and how they connect to each other.

Azure Functions with multi tenant authentication

Wed, 05 May 2021 00:00:00 +0000

Azure Functions (and Azure App Service) support authentication out of the box. They even made a wizard to get you started quickly. This is really useful if you just want users from your tenant (or a specific other tenant) to login.

Check-out the documentation to get started.

Azure Functions restore app settings

Wed, 28 Apr 2021 00:00:00 +0000

Azure Functions share a lot with ASP.NET core, but some really useful things aren’t supported by default. I was missing the configuration stuff when building an Azure Functions app.

Generate awesome flows in markdown

Thu, 01 Apr 2021 00:00:00 +0000

Flow diagrams can help greatly to explain some flow, it works much better the just text. To generate visual flows from text (markdown), Knut Sveidqvist created Mermaid-js. It’s awesome, go check out the docs.

Schijnveiligheid van Marktplaats gelijk oversteken service

Thu, 01 Apr 2021 00:00:00 +0000

Marktplaats is in Nederland de website voor tweedehands spullen (als ik Alexa ranking moet geloven). Hier worden jaarlijks vele dingen verhandeld en weggegeven.

UPDATE 13-04-2022 deze pagina ging over hoe slecht de gelijkoversteken service van Marktplaats was. Op 13 april 2022 komt eindelijk het bericht dat marktplaats stopt met gelijkoversteken service. Dit is enorm goed nieuws, want dit was niet eens een service te noemen.

Microsoft Teams Desktop with multiple accounts

Wed, 13 Jan 2021 00:00:00 +0000

We use Microsoft Teams a lot for communication, but once you start using it with multiple accounts you continuously have to switch accounts. That means logging out and signin back in with the other account.

Adding device support to zigbee2mqtt

Thu, 31 Dec 2020 00:00:00 +0000

I’ve been using zigbee2mqtt for years (for the people that don’t know zigbee2mqtt, it’s a great way to get rid of proprietary Zigbee hubs). At the moment I have 38 zigbee devices connected.

Github pages (Jekyll) live reload with docker

Thu, 31 Dec 2020 00:00:00 +0000

I really like Github Pages to host static webpages. Static in this case means the files are generated at build time (so once when you publish a new version), instead of every time like with a wordpress website. One of the main benefits is that it results in a blazing fast website.

Azure Functions serve static files

Thu, 05 Nov 2020 00:00:00 +0000

Azure functions are great to quickly create an API. But did you know you can also host static files with it? Anthony Chu made a great post about hosting static files in Azure Functions. His code is from March 9, 2017 however, and can be improved in the mean time.

Git extra author

Fri, 31 Jul 2020 00:00:00 +0000

If someone else created some source code, but for whatever reason they aren’t the one adding it to the repository. You can still have their name/photo in the git commit.

Fork proof actions

Wed, 08 Jul 2020 00:00:00 +0000

Github actions are a great tool to setup automatic build and tests. I also use it for any of my automatic releases. See this post. Until now there was one thing missing. If someone would fork the repository, all builds would fail because of missing secrets needed for the release.

Yesterday I released my first github action, it allows you to check if certain secrets are set, and then decide to continue yourself. Or skip specific steps, this functionallity seemed to be missing from the actions marketplace. So now yoou can check the existens of certain secrets (or other inputs), and decide to either have the actioon run fail or just continue and skip some steps.

Query github sponsors with graphql

Tue, 07 Jul 2020 00:00:00 +0000

Github exposes all their data at a GraphQL endpoint, that you can also try out with the Github GraphQL explorer.

If you want to query who is sponsoring you, use the following GraphQL. You can use this query at the explorer of in your own graphql client.

Wordpress plugin REST in peace

Mon, 29 Jun 2020 00:00:00 +0000

In January 2017 I released a plugin for Wordpress called WP REST API - filter fields it had a somewhat limited reach (2000+ active installs according to the stats), but people where using it. It was a plugin on the wordpress rest api (which was also a plugin at that time), it allowed the user to tell the server which fields from the api they wanted back. Because I wasn’t changing the api, I was only filtering the output (after everything was retrieved from the database), this didn’t make it much faster, but the resulting data to transfer was smaller (which was a big thing 4 years ago).

Daily rebuild github pages

Sat, 27 Jun 2020 00:00:00 +0000

Today I switched to personal website for my new personal page on Github. It’s a pretty nice template to generate a static page with the use of Jekyll, at build time it loads some details from github (like my repositories). This means that the page will only show the data of the last time it was build.

Automate your release with Github Actions

Sun, 07 Jun 2020 12:15:22 +0000

I’ve got several node/typescript packages on my Github page. And one of the struggles I faced when starting these, was the manual work needed to release a new version to npm and/or docker hub.

Smart energy meter

Fri, 10 Apr 2020 11:33:12 +0000

A lot of people in the Netherlands have a smartenergy meter. They send the total usage to the power network provider on a regular interval. But is also has a port that can be used to monitor the usage yourself, and this can be really interesting.

Quickly connect to Exchange online powershell

Wed, 08 Apr 2020 09:51:06 +0000

Microsoft is making it really easy to manage your Exchange Online environment from every device. You’ll need an active Azure subscription and be an Exchange Online admin though.

Open the online shell https://shell.azure.com and pick powershell.
Typ Connect-EXOPSSession and press enter
Wait a little bit for it to connect
Use all the supported commands.

Professioneel online presenteren

Tue, 07 Apr 2020 15:37:47 +0000

Iedereen is steeds meer online aan het communiceren op dit moment, dat is heel begrijpelijk in de huidige situatie. Hier zal ik in het kort proberen uit te leggen hoe je redelijk eenvoudig een professionele presentatie kan geven.

Expose home automation from the internet

Wed, 22 Jan 2020 19:28:09 +0000

I’ve got a lot of home automation devices in my house, most of them are controllable while I’m on my local (wifi) network. The web interfaces are in various security levels, ranging from no security to password security.

Sonos goodness

Sat, 28 Dec 2019 22:42:11 +0000

I’m a big fan of the sonos devices, but I’m not a big fan of the Sonos app (mac/windows/android/ios), it just isn’t that good. At least the following points should be fixed before I would consider changing my mind:

Android/iOS -> Alarm settings are hidden to far in the application. (two clicks, a long scroll and another click).
Slowly startup, they do device discovery even though all my speakers have a semi-static (dhcp reservation) ip.
The playbar should rejoin the previous group after watching tv.
Memory usage on mac
No integration with other systems

Developing a typescript library

Sat, 28 Dec 2019 21:56:08 +0000

I’ve been building node libraries for home automation purposes for a while now, see my repositories. I decided that it was time to try out the strong-type goodness you get when using Typescript.

Interesting dotnet blogs

Sat, 28 Dec 2019 20:38:24 +0000

Andrew Lock – Dependency injection, dotnet core, amazon.
Scott Hanselman – dotnet core stuff, diy hacks
Scott Brady – Identity server, security in general
Damien Bod – mainly Dotnet security/indentity
Rick Strahl’s Web log – Angular and dotnet core
Steve Gordon – HttpClient, new dotnet core features.
Brock Allen – Identity management
Visual studio geeks – Azure devops

Install wordpress server site

Thu, 22 Aug 2019 16:01:16 +0000

You can install wordpress by using FTP, but sometimes it’s much quicker to do it server site. Basic linux knowledge is needed!. First SSH into the server.

Cache-aside in dotnet core

Tue, 30 Apr 2019 23:37:59 +0000

A really nice way to improve performance in any web application is to using caching. This is also true for dotnet core. The Cache-aside pattern is a best described as. Let’s check the cache if we got the required result, if we got this item cached return that. If we don’t have it in cache, get it from the data store and save it for next time.

In dotnet core you can use both Microsoft.Extentions.Caching.Memory or some Distributed Cache. Choose either one because you’re going to use it down the line.

JWT: Part 3 – Sign your own

Fri, 29 Mar 2019 17:26:29 +0000

This is part of my JSON Web Token series. This time to show you how to create your own JWTs in dotnet core. Small note, creating your own token server isn’t something I would recommend! If you need your own token (identity/login/openid connect) server, have a look at Identity Server and the Identity server with Asp.net Identity quickstart.

JWT: Part 2 – In the wild

Tue, 26 Mar 2019 10:00:28 +0000

JSON Web Tokens are used everywhere. Microsoft uses them as access tokens for their entire Authentication platform and their Graph API. Google uses them in their applications both in the Login with Google system and in their apis.

JWT: Part 1 – Introduction

Mon, 25 Mar 2019 22:03:28 +0000

What exactly is a Json Web Token? I like to describe them as an easy way to digitally sign some json data about a user, that can then be used as an access token for some kind of api. Check out JSON Web Token on wikepedia for an exact description.

I really like JWTs because they are verifiable without an additional call to some identity server. They are short-lived by default (at least should be). And it is the best option for access tokens at the moment.

Generate X509Certificate2 in C#

Wed, 18 Apr 2018 13:05:45 +0000

Sometimes you just need a X509Certificate2 in your C# code. For authenticating to an external webservice for instance.

This will show you how to create such a certificate right from your C# code. By the way you’ll need the Bouncy castle or Bouncy castle core library

Visual studio geeks

Wed, 11 Apr 2018 22:01:06 +0000

I just found a really cool article about using deployment gates in VSTS, that use Azure functions to check Github issues.

Visual studio geeks - Check it out

XS4All glasvezel met eigen router

Fri, 04 Aug 2017 13:46:58 +0000

UPDATE: XS4ALL drukt de laatste tijd zijn routed IPTV bij iedereen door de strot. Deze handleiding ging over bridged IPTV, dat is niet meer mogelijk. De reacties zijn daarom ook gesloten.

Standaard krijg je bij XS4All glasvezel tegenwoordig een Fritz!Box 5490. Dit is een consumenten router met een rechtstreekse glasvezel aansluiting. Vanuit XS4All gezien een slimme keuze, want dat scheelt een kastje in de meterkast dat ook kapot kan gaan.

Maar er zijn ook andere mogelijkheden, met een beetje technische kennis en wat extra apparatuur is het ook mogelijk om gewoon je oude router te blijven gebruiken. En nog steeds TV te kunnen kijken.

Angular2 CLI with ASP.NET Core

Tue, 16 May 2017 12:47:50 +0000

If you’re creating a new Angular2 application, you definitely want to use the Angular2 CLI. It help you setup a new Angular application. It has a build-in development server and it will generate Components for you. This means less typing (isn’t that always better?).

Review: FactuurSturen.nl

Wed, 18 Jan 2017 20:33:43 +0000

Ik vind het leuk om opdrachten voor bedrijven te doen vanuit mijn bedrijf Smartersoft, maar ik heb een hekel aan administratie. Het gevolg, mijn administratie is een beetje een zooi en daardoor kost het elke keer meer tijd dan er eigenlijk voor nodig is.

Ik heb afgelopen jaar Invoice2Go gebruikt, maar deze website is niet zo goed bevallen omdat ik daarnaast ook nog los iets moest bijhouden voor de inkomende facturen. Vanaf dit jaar gebruikt ik FactuurSturen.nl en ik ben tot nu toe erg enthousiast.

Getting started with Angular2 and .NET core

Tue, 10 Jan 2017 15:23:43 +0000

I’ve found a few nice articles to get you started with Angular 2 and .NET core. Normally it would be somewhat of a hassle to get started, but this should provide you with some working samples.

This is a series of posts by Jon Hilton and uses the ASP.NET Core Template Pack to get started.

Youtube link to Embed code

Thu, 29 Dec 2016 01:04:50 +0000

Allowing users of your website to include a video into a message, can be done in two ways.

You instruct all the users to go to the video page, find the embed code, let them upload html to your website and displaying the raw html to all users.
You tell them to paste the link to the youtube page, and your website generates the embed code right from that link.

CreatedAt property with Entity framework

Wed, 15 Jun 2016 14:13:48 +0000

You’re building a new application, and you’re using Entity Framework Code First. Probably all your entities need an Id and CreatedAt/UpdatedAt property.

The sample below shows you how to define these properties in a base class, and (more importantly) how to set them correctly on every save, without setting them manually on every place where you’re changing things.

WordPress just got even better!

Wed, 09 Dec 2015 23:47:48 +0000

Yesterday WordPress 4.4 was released, with this version they improved this product even more.

The most notable new features are, support for oEmbed and an integrated REST API.

What is oEmbed and why is this a new amazing feature? oEmbed is a specification for embedding content from an other website right inside the consuming website. This enables (for instance) Twitter to display the excerpt of a post instead of just a link to your wordpress website. This specification is originally design by (members of) Flicr, but with the wordpress implementation the adoption will get even bigger.

Hosting a wordpress plugin on Github

Thu, 29 Oct 2015 13:04:59 +0000

Someone at WordPress decided that if you want to create a plugin for WordPress, you’ll have to host it at their SVN server. Personally I’m not a big fan of SVN, I’m more a GIT person.

Lucky for me, it appears I’m not the only one. So for my latest WordPress plugin (REST API – Filter Fields) I used Github. Then I came to a few problems that had to be solved.

Filter the fields returned by the wordpress api

Thu, 29 Oct 2015 12:22:08 +0000

WordPress is a great platform for running a website with a content management system behind it. Around a year ago the released a plugin called WordPress REST API. And this is a really nice addition to WordPress. This plugin enables you to retrieve all the posts/comments/terms in a really easy JSON format.

Mooie aanbieding of misleiding?

Wed, 21 Oct 2015 13:03:30 +0000

Op advies van mijn moeder heb ik mijzelf laatst aangemeld voor een proefabonnement voor de Volkskrant. Bij het aanmelden stond al een opmerkelijk Ik accepteer vinkje, namelijk:

Ik ga akkoord met de voorwaarden en ontvang per e-mail, sms en telefoon exclusieve abonnee- en kortingsaanbiedingen.

Maar ik wil toch wel eens proberen of deze krant iets voor mij is, dus ik heb het gewoon aangevinkt (zonder overigens de rest van de voorwaarden te lezen).

Shutdown your mac with the keyboard

Fri, 01 May 2015 21:34:20 +0000

With my Windows computer I could control the power button action.

I was a bit disappointed that you cannot control this action on a Mac. But now I found out that there is a keyboard shortcut to instantly shutdown your mac.

CMD + alt + ctrl + Power button

I know it is a horrible shortcut, but it works!!

WordPress mail with Gmail

Fri, 01 May 2015 19:38:09 +0000

At some point you would like your wordpress website to be able to send email. You’ll need it for:

Password recovery
New User notifications
Contact forms

Homescreen application

Sun, 26 Apr 2015 10:42:48 +0000

It is quitte easy to create a mobile website. With these tweaks it will look even more like a real application.

You’ll just have to append some items to the html source code.

Resolve exchange alias to SMTP address

Sat, 04 Apr 2015 13:16:52 +0000

When working with Exchange, you’ll sometimes need the primary address and not some kind of alias. This snippet helps you with that.

Why most C# apps lack https security

Sat, 04 Apr 2015 13:10:35 +0000

A lot of apps build in C# (or probably any other language) lack the basic protection against Man-in-the-middle-attacks. One of the reasons I could find for this is because of the following.

Block certain facebook apps?

Thu, 04 Apr 2013 12:44:54 +0000

Don’t you hate those games that keep appearing on your facebook timelime or in the notifications? Facebook has a feature to totally block an app.

Block (annoying) facebook apps

The apps I blocked are most of the apps containing *ville or *sage or *bash. They also have a nice search function. Just type one of these words and click the most used ones.

Github extra author

Mon, 01 Jan 0001 00:00:00 +0000

Sometimes you just want to include someone as a co-contributor of a certain commit. You can do this, but you'll need their personal (possibly hidden) mail address.

Luckily for us Github also creates a secret no-reply email for each user.