.NET Dev Show: Authentication for .NET MAUI Apps

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

all right well folks uh welcome back to code is live uh i'm your host for today sam and i have my very good friend uh dan here with me how are you doing dan good it's been way too long um yeah it has well i have not been as uh consistent as we try to be because it's summer time you know it's streaming uh we've been traveling a little bit we have more travels coming up so you know what do you do with kids out of school this is the time to travel a little bit well um we normally do dot and maui stuff on this and uh daniel's been uh busy um with a lot of different things and i think dan you wanted to talk a little bit about authentication with dr maui yeah um yeah we can talk about auth uh today um you know it's something that i know nobody ever adds to their application um [Laughter] [Music] did you want to know who your user was but yeah yeah uh it probably is best left to the professionals if you're doing it yeah uh there is a lot about that that is definitely um best left to professionals but you know there there's a lot that goes into authentication obviously there are a lot of different solutions out there um you know uh we have our good friends at octa of course that you know have a great product for authentication uh microsoft of course has uh azure active directory they've got the uh azure active directory b2c uh which is a very interesting product uh there are some cool things that you can do with that i know um the state of arizona for um uh what is their the driver they call they yeah they call it like their department of transportation um you know it's one of those weird things in the u.s i've noticed is like some states call it like the department of motor vehicles some is like the department of transportation whatever but they're you know they're kind of d.o.t that like where you go to get your driver's license or or uh you know update your registration on your car or whatever their whole portal actually runs on azure active directory b2c um uh in fact uh you know sam and i we were talking uh you know about some of the diving that i've been doing and i've gone down to roatan a few times and uh just the immigration process actually uh going into honduras um honduras's um what do you call it like their immigration department basically they have a website portal that you have to go to and you know you have to say i'm coming from here and i'm going to there and i've you know i'm vaccinated or i've taken a covid test or whatever and that whole portal is actually authenticated through azure active directory b2c as well so there are a lot of different cases for it um but there's a lot i personally don't like about it uh when you're integrating this into a mobile app you have to get you know the client id the client secret into um your your mobile app you know so you're setting up a lot of things in your mobile application for it uh you have this very kind of tightly coupled um authentication scheme uh with um with azure active directory b2c in in your app so for mobile i like to try to avoid it these days um because there are certain pitfalls and luckily um you know for better or worse we have uh the essentials library from you know the xamarin.nowthe.net maui team and uh in.net maui i actually like it i know sam you know i love interfaces and we have that we have that first class in maui yeah so i was going to say like before we dive into authentication let me pull up your desktop here could you let's step back for a second um tell us where um or how you see the state of dot mali right now are you happy with interfaces are we happy with essentials and apis uh are you happy with tooling you know framework pieces because i know you and you know you do a lot with prism i'm maintaining that open source library so what's your take right now with uh the state of dhaka maui um my my take is uh would contain language that's probably not appropriate for the stream growing pains right yeah yeah um you know what one of the problems that i've actually come across so i'll just kind of code it up here let me let me increase the size um so i'll just do like a little code sample so let's say we have uh our window right now this is just kind of just for code that we can work with this is obviously not something you would actually have but let's say that you know we get our window from our application and we want to reset the content and since we're talking about authentication today uh you know the authentication sample is a great example of kind of where you might do what i'm about to show so the idea here is um you know and this is kind of a pattern that i always advocate is when you go into your application uh that application should have like a splash page and when i say a splash page i don't mean like the native splash page that's just kind of like a static image um you know it's more of a dynamic it's that maui page or that xamarin forms page where you have like an activity indicator you might update a label or something um you know this is where you know maybe you may need to download some resources you want to check the state of your users authentication are they already authenticated we can go into the application do we need to update that token whatever our process may be and so you have that initial page that you've gone to and now let's say that the user isn't authenticated right so uh what i might need to do is i might need to take that window and go new login page right and now they've authenticated and now i'm going to say you know window.page equals new main page right and so this is something that is uh you know realistic for us to do in our application and the problem that we run into in maui right now as of sr 2 is that this actually will not work on all platforms um so android for example uh just goes yeah i don't care i'm gonna show the last page that was showing i'm not gonna acknowledge that you changed the page on the window and and i think that kind of says a lot about the state of uh of maui right now um there's a really great framework but it's got a long way to go before it's really truly usable so you mentioned um the authentication sample like could you pull up the you know dr maui docs site like is there what do they have for authentication right now uh give me just one second to get off of something here okay so let's bring that over and so you know the first thing that comes up microsoft is really good at seo uh so you know everyone thought oh man you know you have maui i'm going to get people on the beach and blah blah but no actually we do get their docs pretty easily um and just you know just for phones just say maui off on occasion so i don't even have to put docs and i'm still going to get those docs as the number one result so all those fears by the way that people have had and i do hear it a lot i don't know about you but i've heard it a lot like you know people are afraid they're not going to be able to find what they need so we have the web authenticator that comes from essentials um you know this is in xamarin essentials today it's in maui essentials uh if you're using maui and this is what i actually really kind of like because you're not tied to a specific authentication mechanism and you get a little bit finer control over how to handle the security around that token that comes back they're not doing everything for you you know this is give me a url to go to we're going to go display the login and then you know uh you will give you back a token um so th this is uh i think actually really really nice uh and now before you go on i think your camera froze for a second or maybe can you do it freeze again yeah i mean i i hear you just fine just the camera for maybe what the heck man let's see if i you see if you can turn it off and then on again just you know from your settings so here how about now there you go okay um thank you for letting me know because i like don't even have that window visible to me as i'm going here um anyway so you know we have uh you know these great docs um and they do kind of break out what we need to do on android ios mac um you know there's a little bit of setup on each of these platforms that we need to do uh it's not a whole heck of a lot you know we need to just add this protocol here um what is this thing meant to do like you give it a url amazon google microsoft whatever it goes and talks to it tries to get the token out or what is it trying to do uh so we're actually not going to go directly to that oauth provider um you know you know we will get a token back from them obviously but what we really want to do is we want to go to our own api um you know and that's one of those things it's one of the reasons why i don't care for um you know for the microsoft azure active directory b2c um you know there's still some wire up we need to do um you know it's much easier if i can just say you know go to go to this authentication endpoint with my api and then you know now i'm generating uh jwt that's good you know for me to use with that api and you know i'm letting that api kind of figure out uh everything that it needs to to do so um the the real kind of key takeaway here is you know when we redirect back to the app uh we are gonna have a custom scheme um and what i mean by that you know if i click in here um you know if i click in here we can kind of see in the url we have https and that's the scheme of the url okay is that https and so when we have this callback scheme my app all that's saying is that instead of seeing uh https it's going to be my app you know um you know a colon whack and then you know whatever comes after that um and so we're registering that in our application so that way the native os whether it's android ios mac windows they know when you see that url that comes back with you know this scheme you need to open up our app and you need to call into our app yeah that hopefully makes sense a little bit yeah yeah perfect um you know there are also some additional things in here that are kind of nice so you have the web authenticator obviously this kind of gives us an example of like okay i'm going to call you know my api and i have um you know this is the authentic so you know my you know maybe i have you know mobile authors the endpoint and then i have microsoft is the oauth provider okay so i want to authenticate with microsoft is what i'm telling my api and then i'm passing it in that that scheme the my app scheme so that way it's now the web authenticator is not going to listen for those results coming back at my app but let's see where is it here it is okay so if we go down uh far enough um there is uh can you have a little in the phones here as well please yeah sure i can in your browser nope that did not work the way i was hoping it would how i cannot get out of it okay um just that zoom there we go there we go so i was trying to do and i got the wrong shortcut this is what happens when you toggle back and forth between mac and when you smack in windows yeah uh in any case so uh one of the nice things as well is the web authenticator has a very good understanding of how to work with apple sign in as well the difference is we're not actually going to use the web authenticator we're going to use the apple sign in authenticator which you know is is coming from essentials as well uh so it it allows us to very easily use that native api uh so we're not we don't have to necessarily launch like the the web ui um for someone to go log in it's gonna use those native apis uh within ios to to give us uh the apple sign in which is uh quite nice uh and it's still gonna use um our api so you know when we go out to our api it's able to handle all of that um but this is just you know some some little nice things that we can kind of do uh to improve our uh to improve like just the the experience uh that that people get here with our app um and they give us you know kind of an example of you know how to check that right so if our scheme is apple you know let's make sure that uh we're actually running on ios and and that we have a version that that supports it um so you you get kind of these uh you know you know you get the ability to kind of go back and forth i do love in the docs by the way i don't if you notice this so for apple uh the docs are using the static api and then for web authenticator they call into the default instance and then use the authenticate i love the consistency for microsoft um yeah so anyway so uh so this is going to come back we're going to have our auth token uh we're going to be able to get claims you know anything that you would expect uh is going to be able to be populated here can i can i pause you for a second for me and for everyone watching can you break these things down a little bit what is a token and what is it claim okay so the token is um you know it it's the password right um so you know i i just in the back of my mind you know i'm i'm i'm hearing you know from the movies what is the password uh uh you know but that's really what it is right it's um it's you being able to say like yeah exactly do you know the right phrase or the right you know thing uh to to get access okay uh a claim is something like your name or your email uh maybe a role that that user is in um you know are they an admin user for instance um so so that's kind of like the difference between like the the token versus the claims yeah okay so you're going to be able to get access to all that though um and this is just all authenticator you know there's nothing i've done this is all from you know the microsoft team um the problem that i actually found out very quickly uh was that to really integrate with this uh takes a lot more work uh out of the box than what it should and you know since i do build a lot of apps you know obviously i do a lot of demo apps like this i do a lot of client apps um you know i wanted something that would be very easy to get off you know the ground and get up and running uh with it the other thing is um you notice i do have a few tabs open uh so just to kind of make this work right it actually took you know i had to go into azure set up a web app i had to go into azure again and set up a client app that i could use for microsoft authentication i had to go into google api and set up a client id for oauth and then i also had to go into apple and apple just you know they god love them they love to be difficult and so you know the first thing is you have to set up a um you know a app id that is going to enable enable the entitlement for uh signing with apple uh and then after you do that you actually have to click the little drop down um which a lot of people don't even realize there is a drop down when you click the little drop down and you select service id and then you have to go and create a service id that's attached to the app id that you just created that also um you know has you know uh uh signing with apple and you have to configure the service id um and you know you have to tell that what the authorized domains are uh and what the authorized uh callbacks are uh and then you also have to um oh the the the real fun one is uh everyone loves localhost for testing apple does not support localhost so yeah you have to have a url uh services called that yeah yeah yeah so what what dan is referring to here is like if you are doing any ios development native or without maui there are things you just need to know first is all of your permissions live in like a info type plist file which are all the declarations from the user but then what uh dan is showing off here these are the extra set of you know elevated permissions for using apple services which go in your entitlements list and i've had fun with this because for your app to work with this you have to have a provisioning profile that matches and has the same entitlements and then you have to go into the apple developer site and download the corresponding profile so you can start deploying your apps to devices so that makes it fun yeah and you have to have an auth key that is uh you know uh also attached for for signing with apple with that uh sid and in app id uh so there's there's definitely some setup um and it's poorly documented everywhere i could find and so uh you know long story short is i decided to do something about that and so this is a bit of reading uh and i'm not gonna read it to you now but um if you go to the avanti point github you'll find it it's in the pinned uh repos you find the mobile off lib and uh hold on for a second let me uh let me put that in so you've got uh github.com and then advantagepoint and then you got mobile all right there you go so folks in the chat room we have the url uh to follow along okay yeah so as one does like the rest of us will just you know struggle through and if you're dan you just decide to do something about it and fix it so what is what is this meant to do yeah so this is meant to make it very easy to to get started and uh to stand up your own api and the important thing here is uh that this is your api right so i'm not dictating anything about your endpoints you can go as crazy as you want with whatever custom stuff you need to have but in order to integrate with this this is literally the entire app you know thanks to net six minimal apis this is from web app builder to run the entire app you know it's a bump up defense on this page please didn't hold up there you go okay so so yeah so this is the entire the entire thing is what one two three four five six seven eight eight lines okay okay so using the.net generic builder um ad mobile uh auth what does that do that's an extension method yeah so this is an extension a custom extension method uh this gives you all of the default kind of stuff uh where it goes through and it looks at the configuration file to see what settings are there depending on how you've set it up uh out of the box it handles microsoft google and apple because those are the three most common the good news is you can add as many others as you would like basically anything that you can do uh with um with you know asp.net and you know oauth authentication like if you want github or amazon or twitter facebook whatever you can add those uh if you want to they just don't come out of the box but it is very very easy to set those up there is an overload on that add mobile authentication that gives you access uh to the um to the like oauth builder and uh so that way you can use all the extensions for like you know add facebook or add twitter or whatever um so you know very very easy uh to get going um with apple uh or i'm sorry with with apple google and microsoft like i said those are handled out of the box um and so it's looking um by default uh just at these you know at this kind of scheme here right so it's going to look for something called oauth in your um in your configuration and then it's going to look for a callback scheme a key uh you know and then configuration for apple google or microsoft if apple google or microsoft are not you know if they're not configured it just will ignore them you know but if they are configured it will go ahead and add them for you automatically the other nice thing just for kind of debugging and to to get off you know and and running as quick as possible the jw t key is not actually required it does create a um you know one for for testing basically but in production you know you would want to set that and and basically what the that key does just you know because i know that'll be a question is it is used when encrypting uh the jwt that comes back so um so yeah so i mean it's really really easy uh to get going with um and then what this does it actually uh you know it gives you a formatted response that's kind of like this right here um so we get that callback scheme uh which we set in our configuration uh that would be the same as what we have in our mobile app that you know we saw with the web authenticator and then it's going to give us that auth token our expires in um and all that good stuff so we have what we need to use you know we don't have to go figure it out we have to go look at the code and that was actually one of the annoying things for me is looking at the docs looking at the code you know i had to i actually did have to go to the code uh and see what the the proper uh things were because the sample in uh the maui repo didn't work go figure um so so this takes all the pain away for you yeah so do you have any um um like what what what am i supposed to name this file is that a convention or just like drop it in as a configuration somewhere in your project yeah so let me do this and the same functions god damn i keep doing see here where's the uh oh it might be like the editor you you can actually do control plus plus oh you know that's why i'm kidding you're using hitting command there you go yes i was like isn't that what i'm doing and then i'm realizing no because i'm so used to the the mac one i keep doing the key next to it um i feel like that's too big so anyway so this is just your app settings okay some app settings okay yep so it's nothing crazy it's nothing that you aren't used to um you know you're just setting the you know all these settings are all part of your app settings.json uh if you're in the azure portal um you know you've deployed it out there you're just gonna add them as configuration settings the same as you would for any other app you know so um with windows it would be you know like oauth colon you know apple colon service id uh or whatever the setting is that you're you're doing here i like your jwt key here yes all right okay so you drop this in as uh app settings.json and then you uh the the code that you showed where um the the service needs to be stood up that's not in the maui app that's going to be your like service backend right for your apis the yeah so like this demo api um would be like an example of just uh oh this is the api project that we're showing you yeah yeah okay yeah and and so like there's actually there's something that uh you know i didn't show which is like there is there are a few different things i can go map mobile auth route you can have like a log out route there's also a claims route so you know which you can pass the uh you know whatever route that you want for it or you can just do like the the defaults and get you know all of those at once um and so like if you wanted to have a um you know if you wanted to have a an endpoint that you just you know say hey give me uh you know give me a json object representing this user right like that that tells me who this user is uh you can do that and it it's going to deconstruct the claims for you it's something you could do on the the client side i know a lot of people don't like to do that so there is that api endpoint that you could do and you can add whatever custom stuff you want in there uh you know for yourself um there are other you know extensibility endpoints that you know i don't really you know we we could do like a very deep dive which i don't think we want to do today i would just really kind of encourage people you know go check out the repo but um you know there is an ability to kind of customize things a little bit like you see it's custom claims handler uh so as it's going through and it's uh you know authentic or just creating that authentication token you do have a hook here that you could actually inject claims into that jwt if you wanted to uh into that user session um so there's a lot of different things that you can kind of do here this one you know is a little bit more kind of built out just because you know i'm trying to show more what you can do like we have swagger here so you can see the endpoints uh easier when you run this um you know here's like the the builder i was talking about so you know if you added the library for facebook twitter linkedin github whatever uh you can just you know go facebook and um you know do the the settings for facebook or twitter or whatever and uh you'll get those lighting up in here as well but this is all your api so you can add all of your own uh routes you know so like if i want to come in here and i want to say app.um i think it was a map get or something like that and we'll say you know demo api right you know we have some sort of delegate we do some stuff right and then uh you know requires i think it's authorization or something like that um this is vs code so i'm probably not i i think that's wrong um but you know it's something like you know requires authentication or something like that is the you know you get it in visual studio but this is really all it takes to now have my own endpoint and um you know it's it's authenticated you know someone can't just hit this willy-nilly so i know who that user is when they hit this um but i didn't have to do any of the the crazy authentication stuff that's already taken care of for me so yeah this is nice and now to go going back to something you said like with apple in particular where you have to you know have that callback scheme and the url do you have to have this api stored up before you can do that with apple do i have to have the api store uh what do you mean like uh does this need to be a url that apple could call back into yeah for if you're using apple authentication so what i kind of you know would do is you know use microsoft or google for local testing um and then you know or my stage or you know if i have like a semi-stable dev um i mean this is one of those things where it kind of depends on how big is your team right so there are apps that i've worked on that you know i am i'm wearing every single hat you know i'm the project manager i'm the mobile dev i'm the back end dev you know blah blah um and and lord help them somehow i'm also the designer oh i feel sorry for them uh but uh you know so for for things like that you know you're gonna be doing you know very quick iteration because you know you might literally be running uh the back end locally and running the mobile app locally at the same time in a lot of other cases you know you might have another developer a whole other team that's responsible for this so you know becomes a little bit different where they're probably uh testing this um you know with with other means you know other than the mobile app you know they might be using um what do you call why am i brain farting now um i'll think of it and then i can see the the app logo and now i just can't think of the name of it um but you know you might use some tool basically for for hitting the api um that's going to bug me that i can't remember that ngrok or something like that not ngrok uh postman okay yeah um i'm a big boy i like nothing wrong with it but also fiddler will do the same things for you i never got into fiddler for for api testing like maybe you should i'll show you some more things on some day but a lot of work has gone into especially the api side of things and you know replica replicating or like faking out hitting an endpoint and you know recording your uh your your responses and just playing it back from fiddler without having the need to stand up server yeah i i always used it more for like you know i couldn't really control either the api and i needed to i needed to kind of man in the middle attack myself um but uh yeah that that's a whole nother conversation for another day uh yeah okay so on on i was gonna ask like on your api side the stuff that you have with the mobile auth is that a nougat package that i can include or it sure is yeah okay it is up on uh it is up on new yet uh i think if you just type mobile off on new yet let's see it should come right up um we'll do that i'll bump this up just because i'll say mobile off oh if you don't put a space in it you'll find it right at the top um so yeah you just you know if you look for avanti point dot mobile off uh it's gonna be right there so this is the latest version uh i am actually about to do uh maybe later today or tomorrow i'll probably do a a patch release that you know just is for um the you know just updates the packages for what was released this week and then um there's one other minor thing that i'm going to what kind of feature that i'm going to add support for with the auth key for apple so let's actually talk about that for just a second you may notice that it might be kind of hard to see but in my demo api i have a folder called app underscore data and uh in there is an auth key from apple okay and so you know that's all needed uh to be able to kind of create all the custom signing that you need in order to authenticate with the apple api and everything um so you know you do need to have that available when you deploy uh in that folder um which gets kind of irritating if you're like me so you know and that's kind of kind of uh how they show you to do it um and so what i ended up doing was i added uh a setting and let's just go find it um if you're putting this up in like azure or something you could put it in like secrets or or is it a file essentially yeah so there's actually there's two ways around this uh which i've added support for uh one is you can just basically specify the private key that p8 um and right now it takes the file kind of as is you know multi-line um which you know to be honest i haven't tested it out there and so what i wanted to actually do uh is let you just base64 encode it because that base64 encoding can be easier to work with as a variable than a multi-line uh string uh so i'm going to add support for that and then the other thing is there is this use azure key vault so you can drop that p8 in azure key vault and then you know have have this pull the key from azure key vault now the the trick on that is i don't do anything at all with azure key vault configuration so if you want to use azure key vault you will need to go read the docs on how to set up your api to integrate with azure key vault and have all the right permissions in order to pull um you know pull the file out and do the authentication that you need to do but that is an option um you know just toggle that instead of looking locally it will look in azure evolve so yeah nicely done nicely done so once this is you know said and done um what what is what does the the app side of it the client app side of it look like let's see if we can run it um now i i made some changes this morning that you know will not work i realized that i lost a lot of changes so i don't know if you saw recently my dell from hal finally uh just decided to die yeah and uh i i may have missed some of the drama that do tell the old show what happened i hate tell do not buy adele that's the that's the the moral of the stories don't buy a doll but um i i haven't in the last 10 years i have had a tech i have either had a technician come and fix it or sent it to dell to repair six times since march or april wow okay um realistically they should be replacing it as a lemon and they refuse which is just so fun and uh what ended up happening was i unplugged my laptop it powered off when i powered it back on it had erased the hard drive whoa and so all of the work that had not been pushed to github which coincidentally was also for this library uh and then i had a bunch of stuff for prism and some some other things all of that uh just went out the window so that's yeah sorry so yeah so i lost all of that which was not great but anyway so here's kind of a little sample you know like hey maybe i have my logo i have you know some sign-in buttons here and if you actually look at the ui you will notice that there is a sign in with apple uh the signing with apple is missing because it recognizes that we're not on an apple device i see that's nice so just you know a little thing that you can kind of do there so we'll go ahead and we'll sign in with microsoft maybe okay i did not please the demo gods this morning plus you have been changing code i've been changing code too yeah uh okay so in theory that button works it worked on sr1 okay uh sr2 broke it um see does that one want to work okay one doesn't want to work i did not make the i did not make the necessary sacrifice to the democrats walk us through what is it supposed to do so this would this would have to go debunk this now uh so this should um launch the web authenticator that we read about and um you know that will take us to our to our api um and then uh from our api we'll get uh you know either microsoft or google or apple whatever the authentication provider is and after it is actually done and authenticated uh it'll come back with that token and it'll display uh you know some information about us uh in the app here so i'll have to get an update out later today that fixes whatever the heck broke um so while you're talking about that our good friend aztec consulting is in the gesture hey uh and the mark of a good developer is a demo that goes hey why because it changes right before going live or you make changes while you're doing the devil yeah you know i mean the the truth is i haven't run this since sr2 came out and i've seen a few things break when did that come out by the way tuesday tuesday yeah yeah so what what dan is referring to is service uh service release is that what they're calling it not on a service pack but essentially the same thing yeah um so uh post dotnet maui hitting ga we have had three releases or two uh well you had the you had the ga release and then uh now we've had two services yeah and uh the the other fun thing and i i uh pinged the maui team on this this morning to say like hey what the heck um there are a whole bunch of issues and some of them are quite significant uh that were assigned to sr2 that were supposed to be included in sr2 and were never done and apparently uh from what i understand they're going into like code freeze for sr3 like this week so i'm like are you serious right now what's going on with all these bugs and engineering is expensive do you need to continue to address the puppy he likes to park he's like you're not caring for me it's like 40 minutes in you know what the problem is is i have a coyote that's living in the neighbor's yard and okay that's not something you hear every day but okay yeah and and it's a problem because uh technically under state law you know they're considered a nuisance and you can shoot them but in the city there are laws that say that you cannot discharge a firearm period and and so they won't let the neighbor shoot the damn thing and uh animal control won't dogs and animal control won't come out and capture it and so everybody's like well what do i do right so like i've got neighbors that are mad that the dog is barking you know and goes crazy and i'm like we'll do something about the coyote you know and they can't do anything about the coyote so it's uh so aztec has a solution like use bows and arrows you might not be able to discharge oh you know a weapon or that that has anything to do with bullets but hey arrows might work i'm not very good with the bow and arrow i've tried that in the past not not to go for the coyote but i've tried a bow and arrow in the past and uh i didn't have the best of luck with it so i'm just being honest i know my limitations yeah okay so uh walk us through a little bit of code like in your maui app like what exactly is the code that happens when you hit that button sign in with microsoft what is it doing yeah so um let's take a look here real quick uh so actually we probably want uh to [Music] add singleton uh apple okay so there are a few things that it should be doing actually before you uh move into this can i ask you a generic general question because not knowing how anal you are about you know good design architecture i i heard uh you know some feedback on you know the whole dependency injection thing in maui is nice now you can just you know register all the things right here but i think it was um um uh i'm drawing a blank who who maintains shiny um yeah so yeah so alan was saying like maybe just a singleton everywhere is not the best pattern to you know initiate developers into do you have any thoughts on this like why is everything a singleton um because they don't understand dependency injection to begin with oh boy okay we're not gonna go anymore i mean i love james bond magno he's a great guy um but you know i did get a very good laugh at a video he released recently where he he tried to say i've been doing this and recommending this for years and interfaces and i'm like no you haven't [Laughter] but uh uh if you actually if you look at uh prism uh you'll actually notice that there is a lot of scoping in prism and they do have some scoping actually in maui um good grief that dog is gonna drive me nuts uh so they do have some scoping you just don't see it the scoping is around the window in maui itself in prison we do it around the page um so every single page has its own scope which means that you'll get services that last within the lifetime of that page and it gets really kind of crazy with prism because uh what people are used to is when you see you know the mvvm pattern um you know in most xamarin forms or maui applications it's around the page and then the page has a view model and you know that that kind of goes to like with fresh mvvm uh you know they they have this page model philosophy right and they kind of confuse the terminology a little bit but with prism we say any anything that is a view anything is a visual element can have a view model so you know you have you know page navigation and that page can have a view model but you also have region navigation where any view literally can have its own view model we have the dialogue service where uh well actually the dialog service is going to come not into the release that i put out yesterday but will be in the next release and you know with that now you have dialogues that have a view model so um you know it gets a little bit more confused but with with prism like i said you know we have that scope that's around the page so now you have a service that could be created and shared across um your regions and the page um you know and so each one is going to kind of have a single a singleton scope within that one page but you'll have you know different instances across multiple pages yeah a little bit more granular all right so you're bringing in the web authenticator uh apple sign on authenticator all right and then we bring our bringing in secure storage um i will be honest uh this is nice because it works on all the platforms and alan does not like windows but i really love the implementation that that shiny has around secure storage because literally you know all i have to do is i just say you know uh public class um you know my settings uh settings and then i give it you know some uh like i could say you know reactive object for instance because i do like reactive ui as well or i could do bindable bass from prism really anything that implements i notify property change it does whatever classes that that you want to use is fine um as long as it implements i notify property changed and then you know it's basically i have like you know jwt and i'm gonna keep it simple but you know let's let's just say i'm using fodi right and so i could say like you know property changed and so you know that could be my class where i have well i wouldn't work with uh if i'm using reactive object i guess i should probably do that right uh so so this could basically be my class where i say you know i have my settings i inherit from reactive object i have this reactive property that's jwt and then the photi weaver will actually go in and give me my backing field and and do all of the stuff uh to implement the i notify property changed around that and then all i have to do is register my settings and uh you know there's like one other thing i think it's like um storage object or something like that and then like you just say like secure so there's some attribute right yeah and so it's like now that's my entire thing and my secure storage is done now all i have to do is just resolve my settings and you know get or set the jwt and i know it's being handled securely i love allen's implementation it's just nice and just overall like the the abstraction around secure storage is nice uh yeah like even in essentials or you know microsoft or xamarin assembly so yeah it's uh yeah it's it's you know the encryption um that you don't need to you know go into especially like you know speaking of apple like that goes into your um what's the key uh keychain keychain you don't want to mess with that that you then just let it be just let the implementation do its thing yeah yeah i mean i'll give you like a little bit of a teaser so you know i mean not that we're going to talk about it today but you know i've also been doing some build stuff with maui and for some of that it required working with the keychain and i nuked by accident the keychain on my mac like four times [Music] i can i literally like you know how you get the autofill when you go to websites in your browser yeah that doesn't work on my mac anymore uh yes you're missing you're messing with some very you know core apple services that are shared across ios mac and so on so you gotta be careful what you're doing yeah so it it's some fun stuff there um i just realized it was on the wrong camera uh anyway so so yeah so we just have you know this this real basic setup i do have uh a custom uh you know extension here you see like this ad refit client um so this is actually kind of a fun one so i have this profile service that uses refit and um and i love refit for working with apis so all i have to do is just say you know i have authorization is bearer um you know the endpoint is you know profile and i want to get basically a dictionary of the claims right so this is going to say you know here here's the key here's the value right and that's all it is and uh it wraps in this api response which is very nice so if i have some sort of error like i'm not authenticated uh there's a server error or whatever i can still check that http status before uh getting the dictionary so i don't have to deal with you know throwing an exception because it wasn't able to serialize um so that's rather useful um good stuff and then here is kind of the extension down here uh so you can see you know it's just on my service collection i'm just gonna add a single pin and so we have the refit settings where we say here's the authorization header value getter it's a mouthful and then all it does is it uses the the service provider to get isecure storage which we registered up above and then it's going to get the access token from secure storage um so when we log in we'll set it and then this is able to get it and then it passes obviously the settings into uh the rest service and you know we give it the base url so real real simple way to kind of interact with uh with our api and it didn't take much you know um production i would you or a real app i should say i would use uh mobile build tools to inject them base url but you know be something like that um sweet yeah yeah very simple on the client side yeah super super simple um you know i think our main page here what do we do so you know when we log in uh you know we just we do the authentication set the access token and then um you know we await the response from that uh that service to get the profile claims and then it uh it does the whole update and sets the the claims for us on uh on the ui yeah i'm going to highlight uh the url one more time here so that's that's the github um repo and then dan's got the uh nougat package out so you know if you're doing authentication take a look yeah good stuff good stuff and you know this was just about authentication i know you want to you know you're doing more stuff with devops which you know will will get you back another time to talk about devops but this is good yeah very good very good stuff sir i hope it helps some people out you know you know dan segal does make good libraries i watch for that all right appreciate you yeah i think uh i think the other camera of yours is uh it freezes less and this one froze again but you know we're fine we can hear you just fine but uh you know uh thank you thanks for you know taking the time out uh to come and show us all this stuff and and again first up you know the taking the time to do this in the first place to help out other fellow developers so we appreciate you yeah yeah and uh everyone in the chat room we appreciate you as well uh there you go um and uh everyone else watching this later we love you all so keep being productive and uh oh then the man and there you go and the man yeah so yeah dan does a lot of stuff from prison to you know all of the mobile dev tools and mobile art and now devops he's got his hands into a lot of different things i do i do yeah that's why when people say so what do you do i just write code man i do a lot of it i do stuff and unless i yeah unless i'm riding on a dell i i i save my stuff as well i lost all my off keys it's so bad all right folks that's it from us and yeah bye

Info

Channel: Progress Telerik

Views: 6,735

Rating: undefined out of 5

Keywords: Telerik, .net maui, dotnet, dotnet maui, authentication dotnet, maui app, maui application, .net maui apps

Id: kjRCDzd27oQ

Channel Id: undefined

Length: 59min 22sec (3562 seconds)

Published: Mon Jul 18 2022