A blog about my coding adventures
Client Credentials and Resource Owner Password Flow Introduction In the previous post in this series, we discussed token based security, OAuth and OIDC. We also configured IdentityServer4 with some configurations. In this post, we will continue configuring IdentityServer4 and will also learn some of the client/server communication following OIDC flows. If you are new to … Read more
Introduction In previous post, we learned that OAuth is an authorization framework specially built for HTTP APIs. It allows a user to securely delegate scoped API Access to an application. By scoped access means, that user define exactly what parts of an API, they want application to be allowed to use. This application can then … Read more
Introduction We all know the username/password mechanism of login to a web application. We also might have heard, used or implemented authentication/authorization systems, with or without frameworks. Token-based security is one of common mechanism to secure backend APIs. A common architecture for web applications typically consist of a web client app (e.g. an Angular or … Read more
Introduction In previous few posts in this series, we deployed and ran couple of applications on our EC2 based infrastructure. Here is how our architecture currently looks like from the previous post: Our applications are running in private subnet and NGNIX working as reverse proxy is allowing access over the internet. Today, we will just … Read more
Introduction In previous two posts in this series, we have setup a VPC with public and private subnets, launched EC2 instances. Setup PostgreSQL database and deploy a Nodejs application which we served via NGINX reverse proxy mechanism. We have the following architecture in place: If you are new to these topics, you can first check … Read more
Introduction In the previous post of this series “AWS Application Deployment Basics”, we setup a PostgreSQL database and then we connect to it via a Nodejs application. However, the Nodejs application is running on the same machine and database access is local for it. It is a totally valid setup and because it is on … Read more
Introduction In this series about deploying applications in AWS, I will discuss different methods and steps required to run different applications in AWS. We will be covering different moving parts in AWS as needed to run typical applications. This series will be arranged in different parts to discuss different services, topics and/or technologies needed for … Read more
Introduction In my previous post about Nodejs – Dependency Management, we looked at basics of what is Nodejs module. How can we use module.exports and require to work with dependencies. How folder dependencies work and why they are useful. We all look at how Nodejs lookup system works to look for dependencies and some basics … Read more
Introduction Recently I was deploying IdentityServer4 to AWS and I needed self signing certificates for that purpose. I went online to get the settings for this configuration and there were a lot of articles describing in various different ways and sometimes a lot of extra information was there, which was rather confusing. Here I am … Read more
Introduction An Important concept, in Node.js is that you want to know the way dependency management is handled. This dependency management is the part of core Node.js experience. In this post, we will learn various pattern of dependency management and how Nodejs load dependencies. So, we could write our application using a single js file … Read more