1 - 5 of 5 posts
  • Progressive Web Applications - Start Developing Today

    Introduction

    As a developer, by my nature, I'm really eager for code reuse and for different kind of universal approaches.

    When I first heard about Progressive Web Applications I exclaimed: "This is it! That's how application development should look like". Truly cross-platform, one solution for every platform, from mobile to desktop. Fast, offline, responsive, installable and many more.

    Then I decided to build my very first PWA! In this post, I want to share all my findings which accumulate my experience with Progressive Web Applications. Let's the story begin.

    PWA

    I want to start from the definition of what is actually Progressive Web Applications. First of all, PWA is not a programming language and not a framework; it's a set of web standards. For better understanding what it is, read the PWA characteristics below:

    • Discoverable — since PWA just a website, you can discover it on the web using search engines like Google and Bing.

    • Installable — thanks to Web App Manifest for this, you can install a regular website for offline use and pin it's icon to desktop.

    • Re-engageable — even when the PWA is not open you can still receive push notifications, thanks to service workers.

    • Network Independent — the PWA can work offline and on a slow network. This is achieved using service workers, which can cache static assets as well as API calls.

    • Progressive — work for every user, regardless of browser choice because they're built with progressive enhancement as a core tenet. It means if the browser missing some features, try to substitute them with something else.

    • Safe — data delivered over HTTPS protocol, which is a secure channel. It means that you need an SSL certificate for your app, but this is not a problem nowadays. You can get a free certificate with such services as Let's Encrypt.

    • Responsive — thanks to CSS media queries, it's not difficult to create responsive UI, which will look good on different screen sizes from desktop to phones.

    • Linkable — again, since PWA is a website, you can share it with your friends using URL.

    Basically, in a few words, you can transform your website and use as "native" mobile/desktop application with all advantages like offline work, push notifications, standalone mode, etc.

  • My experience with migration to ASP.NET Core 2.0

    I started developing my website in 2012, and it has gone through so many changes. The first version was written in PHP. Then I eventually moved to ASP.NET MVC 3.0. The UI changed a couple of times, and the major version already exceeded number 5.

    The last major iteration was switching from classic .NET Framework to .NET Core 2.0 and ASP.NET Core as well.

    With those changes, you can get many benefits. Some of them you will find on the official introduction page. You can find many articles regarding ASP.NET Core migration like this. However, they don't cover all cases, that's why I decided to share my own experience.

    aspnetcore-migration

  • Secrets auto-rotation in Azure: Part II - AAD certificates

    In the first post of the series regarding secrets auto-rotation, I mentioned AAD certificate as part of a communication process between a client and Key Vault. Now it's time to touch this topic in more details.

    You may need AAD application for different reasons, and Key Vault access is one of them (how it was in the case of the first post).

    NOTE: If you have Azure connected VM you can reach Key Vault using MSI (managed service identity). There are many other use cases where you may need AAD application, and you can't leverage the power of MSI so this post will be useful anyway.

    Certificate-based authentication with AAD application is not the only one option (you can use keys or user credentials), but this method indeed the most practical from my experience.

    Summarizing above, the algorithm of ADD certificate auto-rotation is on the way!

  • Secrets auto-rotation in Azure: Part I - IIS SSL certificates

    Introduction

    With the modern digital world, it's essential to be secure as possible to protect your business and your customers.

    To accomplish this goal, you need to separate secrets for each purpose. If something is compromised, you will need to revoke/rotate only one of many.

    Why do you need to rotate secrets? The answer is straightforward. Short living secrets have the advantage that in the event of a compromise they will work only for a short period until the next rotation.

    From another hand, having short living secrets means that you need to rotate them more often which will cause pain from a secrets management point of view. So you need to automate this process to make your life easier.

    In these series of posts, I want to share some experience in this non-trivial journey!

  • My very first blog post

    Hi everyone, my name is Alex, and this is my first blog post.

    I'm a software developer, and I'm about to share my ideas and thoughts with other people on programming and IT in general. I do a lot of coding in my job as well as in my spare time. My current favorite technologies based on .NET technology stack and JavaScript, I like desktop/web/cloud/mobile development.

    I'm excited to live in this time where everything is developing so quickly that is hard to catch up. There are a lot of things that we need to know to be in focus of IT world. With modern technologies, we have powerful tools such as blogging to share our knowledge, exchange opinions and express our thoughts.

    I hope you will find a lot in the future posts and don't forget to leave a comment. It's just the beginning!