API .Net Core 6 and Azure
Introduction
This page was created to help the understanding of the APIs and how we can deploy it on Azure. An example will be used to demonstrate important steps.
API is a way of integrating systems, enabling benefits such as data security, and ease of exchanging information with different programming languages.
Installing Prerequisites
.NetCore 6 SDK - Download .NET 6.0 (Linux, macOS, and Windows)
Visual Studio Code - https://code.visualstudio.com/
Tutorial to create your API
Part-A: Create an API with the tutorial and add the authorization with Azure
Creating API example using Visual Studio 2022 with core .Net 6 use the following link:
Visual Studio 2020 API example with core .Net 6
when adding the Scaffold controller use the following option
I created an API example on DevOps to support you in this tutorial.
https://dev.azure.com/transport-canada/DSD-CIVAV%20Support/_git/CIVAV-EXAMPLE-API
To run the CivAv-Example-API with Visual Studio Code, execute the command below on the terminal.
dotnet run
Azure Website: https://civav-dev-api-ci-example.azurewebsites.net/swagger/index.html
AppSettings
The appsettings. json file is an application configuration file used to store configuration settings such as database connections strings, any application scope global variables, etc.
This file is important to understand to switch between environments.
Challenges
1- Use Visual Studio Code to run your API
2- Switch between environments with AppSettings.
Security and restricted access
When you create an API, the first thing you need to apply is security.
In .Net Core, we have the attribute Authorize. The Authorize attribute enables you to restrict access to resources based on roles. It is a declarative attribute that can be applied to a controller or an action method. If you specify this attribute without any arguments, it only checks if the user is authenticated
Simple authorization in ASP.NET Core
Configure the third-party layer
The configuration with the 3-party layer in your API is important to allow authorization and authentication for your users. For a better understanding of how it works behind the scenes, we have a diagram here to demonstrate the OAuth2 (standard protocol for authorization).
OAuth2 - Authentication with Azure AD
Microsoft identity platform and OAuth 2.0 implicit grant flow - Microsoft identity platform
Configure App Registration on Azure
App registration will be the layer between our API and Azure/Azure AD for Authentication and Authorization.
Add Azure configuration on appsettings
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "034gc.onmicrosoft.com",
"TenantId": "2008ffa9-c9b2-4d97-9ad9-4ace25386be7",
"ClientId": "",
"ClientSecret": "",
"ScopeImplicit" : "ClientID/access_as_user"
}
To integrate the Authorize in your API, verify the example code.
API Deployment - Part B
Create a new app service on the correct Medical RGP.
Note: We have 1 for Medical NPRD-CACN-CIVAV-MEDICAL-CERTIFICATE-DEV-RGP and 2 for our shared resources: NPRD-CACN-SAFSECSUR-DEV-RGP and NPRD-CACN-SAFSECSUR-TEST-RGP. The shared resources NPRD-CACN-SAFSECSUR-DEV-RGP will be used in this training only to publish the container images.If your image is not created on the container registry, you can just create your app as below
You can configure your image when you create your app services or change the configuration after. Deployment Center > Change to Azure Container Registry > Choose your subscription (in our case, NPRD) > Registry ncdsafsecsurcr
Create a Dockerfile in your project. You can use this one as an example
https://dev.azure.com/transport-canada/DSD-CIVAV Support/_git/CIVAV-EXAMPLE-API?path=/DockerfileCreate a new pipeline based on this
https://dev.azure.com/transport-canada/DSD-CIVAV Support/_build?definitionId=1011
Go to New Pipeline > Use the classic editor > Empty jobGo back into your app services and verify 2 things:
Configuration:
TLS/SSL settings: HTTPS Only = True
Design APIs for microservices
Conception d’API - Azure Architecture Center
API design - Azure Architecture Center