Trying to understand the versioning “mess” that is .NET 2015

Right now there is a lot of talk about the next iteration of the .NET platform, and the different versions and runtimes that is about to be released. Unfortunately, it has turned into a quite complicated situation when it comes to the versions of things being released.

I get quite a few question about how it all fits together, and I try answering them as best as I can. However, as the question keeps popping up over and over again, I thought I would sum up the situation as I have understood it.

Disclaimer: Everything in this post is “as I have understood it”. I am not working for Microsoft, and I am in no way or form guaranteeing that this is the right description. This is just how I understand the situation. Hopefully it is fairly close to the real world.


ASP.NET 5 demo code from SweNug

As promised during my talk at SweNug Stockholm last week, I have now uploaded my code for anyone to play around with. I just want to highlight that it is based around VERY early bits, and new versions might cause problems. It is built using runtime 1.0.0-beta5-11533. But even if it changes, the code should give you a clue about how it works.

Code is available here: ASP.NET 5 (714.47 kb)

Getting the ASP.NET 5 samples to work on Windows with the “new” dnvm (and beta 5)

[UPDATE] If you clone the dev branch’s samples instead of the master branch, it should be easier. You will still need to update the Startup.cs file for now though. Pull-request made… (That was a long blog post to no use…still gives some insight into how it works though…) [END UPDATE]

[UPDATE 2] Now updated to beta-5 if anyone still wants it considering the update above… [END UPDATE 2]

Yesterday I finally had time to sit down and play with the new ASP.NET 5 runtime, which is something I have wanted to do for quite some time. However, it kind of annoyed me that I couldn’t just install the ASP.NET 5 runtime, clone the samples from GitHub and get started, as it generated a whole heap of errors. After an hour or so of Googling and trying things out, I finally got it working, so I thought I would write down what I did to get it to work.

Note: This codebase is moving ridiculously fast, so this post is going to be old within a very short while. Everything is based on the code as of today, March 20th 2015.


Understanding OWIN (Katana) Authentication Middleware

As some of you might have noticed, I really like OWIN. I like the simplicity, and the extremely powerful things that you can do with it in a simple way. And the fact that I don’t have to create an IHttpModule implementation, and figure out the ASP.NET event to hook into, like I had to to do the same thing before OWIN.

Katana, Microsoft’s implementation of OWIN, also offers a standardized way to handle authentication. And it is really easy to use, and not too hard to extend to work with your own identity providers. However, being me, I want to know how it works “under the hood”, and not just read a “how to build an authentication middlware” blog post…

Remember, knowing how things work “under the hood”, or “under the bonnet” if you speak the Queens English, makes it possible to do more things than just use it. By knowing how a combustion engine works (under the hood/bonnet of your car), makes it possible to add a turbo or two to it, or a compressor, or at maybe tweak the fuel consumption and horse power you get from it. But let’s leave the car analogies and look at Katana authentication middleware.


Uploading files using ASP.NET Web Api

I have once again been tasked with writing a ASP.NET Wep Api action to handle the upload of a file. Or rather a form including a file. And once again, I Googled it looking for good solutions. And once again I got the same code thrown in my face over and over again. It seems to be the only one out there. And it isn’t what I want…

The code I am talking about is the one available at,-part-2. And if you don’t want to go and read that, the general gist is this

if (!Request.Content.IsMimeMultipartContent())
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);

string root = HttpContext.Current.Server.MapPath("~/App_Data");
var provider = new MultipartFormDataStreamProvider(root);

await Request.Content.ReadAsMultipartAsync(provider);

/* Get files using provider.FileData */


Building a “front-end build pipeline” from a C# devs perspective - Part 2

In the previous post, we looked at how we can use Gulp to run tasks for us. And in that post we used it to create tasks for transpiling LESS and TypeScript into CSS and JavaScript. But the example was very small and simple. It only contained 1 LESS file and 1 JavaScript file. But what if we have more than 1? Well, that’s when we need to start bundling the files together, and potentially minify them so that they are faster to download. Luckily, this is a piece of cake to do using Gulp. So in this post, we will have a look at how to do that, as well as how to get some TypeScript/JavaScript tests thrown in there as well.

Dislaimer: The solution will still be VERY small and simple. But at least it will be made big enough to be able to use bundling and minification. Which to be honest just means that we need more than one file of each type…

I assume that you have read the last post, and that if you are following along on your machine, you will need to be done with everything that was done in that post…


Building a “front-end build pipeline” from a C# devs perspective - Part 1

I started building web-based software professionally around year 2000, just before the big IT crash in Sweden. It started out being just hacing together HTML, mostly using tables, and a little JavaScript. But slowly evolved into building ASP applications with VB Script and COM-components in VB. Since then, I have been in and out of the webdevelopment scene a whole bunch of times, and very little has changed. It is still HTML/CSS/JavaScript over HTTP…

Yes, on server-side there have been some changes. First an abstraction into WebForms, and then back to MVC. And to me, ASP.NET MVC is pretty similar to classical ASP in many ways. But the front end has pretty much stayed the same. It is still good ol’ HTML and JavaScript…and CSS of course. However, having been away from it for a little while now, coming back I realize that the scene has changed. A lot… Yes, the languages are unfortunately the same, but the methods have changed a lot.

The thing that has changed the most is that we are using MUCH more JavaScript and CSS. MUCH more. And that creates new requirements. Requirements like bundling and minifying, as well as testing even our front-end code. And in a lot of cases, we are authoring our code in other languages and have them “compiled”, or “transpiled”, into JavaScript and CSS, to make up for their “shortcomings”. Whether it be using CoffeScript or Dart for you JavaScript, or LESS or SASS for your CSS, it needs processing before we can use it… And this new way of building things has created the need for a front-end build pipeline… At least if you want to be really productive.


The code from my SweNug presentation about what OWIN is, and why it matters…

Most of you can ignore this post completely! But if you attended SweNug today (September 10th), you know that I promised to publish my code. So here it is!

Code: (2.30 mb)

I’m sorry for the ridiculous size of the download, but all the solutions have NuGet package restore enabled, which places an exe to restore NuGet packages in the project. This exe is quite sizable, so the download gets a bit large. On the other hand, including all the NuGet packages would make it even larger…

If you have any questions, don’t hesitate to drop me a line!

Manually configuring OWIN WS-Federation middleware and accepting encrypted tokens

In my previous post, I showed how to do a simple configuration of WS-Federation using WIF, or whatever it is called now that it is part of the framework, to enable federated authentication in ASP.NET. Something that was previously done using a tool, but now either has to be done at the start of the application, or manually.

But what about OWIN? As all new security stuff is moving to OWIN, how do we get it to work there? Well, by default, it is ridiculously simple. And that has been the whole goal with this new model.


Configuring an ASP.NET site to use WS-Federation

After having blogged a couple of times about how to build a simple STS, how to use claims based authentication in MVC 4.5 and how to set up federation with Azure Access Control Service, I thought it might be time to post a quick walkthrough of how to set up a simple federation with an existing STS.

Why did I think of that right now? Well, the pretty awesome “Identity and Access Tool” extension to Visual Studio has been removed from later versions of Visual Studio, making setting up federation a manual task. Unless you do it as you set up your application... And having been playing around with federation for a couple of days now in a project that wasn’t set up from scratch, I decided to just add a quick blog post on how to do a simple set up with the least amount of effort.