Building Business Applications with Angular and ASP.NET Core

In this course you'll learn how to tackle advanced business scenarios and use cases, thus improving your application's security, reliability, data integrity, and performance.
Course info
Rating
(56)
Level
Intermediate
Updated
Apr 24, 2018
Duration
4h 26m
Table of contents
Course Overview
Getting Started
Dealing with Variable Resource Representations
Working with Resource Collections
Working with Partial Updates
Validating Data Across Client-server Borders
Reporting Validation Errors Across Client-server Borders
Authentication: Integrating with an Identity Provider
Authorization: Securing the API
Working with Authorization Policies
Description
Course info
Rating
(56)
Level
Intermediate
Updated
Apr 24, 2018
Duration
4h 26m
Description

Building an application with Angular and ASP.NET Core is one thing. Building one that implements advanced business case scenarios and use cases, keeping data integrity, security, reliability, and performance in mind is something else. In this course, Building Business Applications with Angular and ASP.NET Core, you will learn foundational knowledge of/gain the ability to improve the security, reliability, data integrity and performance of your application. First, you will learn how using media types can help improve your application's reliability and performance. Next, you will discover where and when to validate to improve the data integrity of your application. Finally, you will explore how to secure the Angular front-end and ASP.NET Core back-end by integrating with an Identity Provider, using OAuth2 and OpenID Connect. When you’re finished with this course, you will have the skills and knowledge needed to build business applications with Angular and ASP.NET Core.

About the author
About the author

Kevin Dockx is a freelance solution architect (mobile/web), author & consultant, living in Antwerp (Belgium).

More from the author
Building an Async API with ASP.NET Core
Intermediate
2h 42m
14 Aug 2018
More courses by Kevin Dockx
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello! My name is Kevin. Welcome to Building Business Applications with Angular and ASP. NET Core. In this course, you'll learn how to tackle advanced use cases and business scenarios by building an Angular front end that connects to an ASP. NET Core back end. You'll get there by learning about major topics like how you can improve the performance and reliability of your application with media types, where and when to validate your data to improve data integrity, and how to use OAuth2 and OpenID Connect to secure your application by integrating with an identity provider. By the end of this course, you will have the skills and knowledge needed to build business application without Angular and ASP. NET Core. Before you begin, make sure you are already familiar with Angular and know a thing or two about building APIs with ASP. NET Core. I hope you'll join me, and I look forward to helping you on your learning journey here at Pluralsight.

Getting Started
Hi there, and welcome to the Building Business Applications with Angular and ASP. NET Core course at Pluralsight. My name is Kevin, and I'll guide you through this course. In this module, we'll first check out what is meant with business applications, diving a bit deeper into the Why of this course. We'll check out the course prerequisites, tooling, and set up our environment. Afterwards, we'll look into the demo project and structure we're starting from and what we'll end up with. If you happen to have any questions, the best place to post them is on the Discussion step on the course page. I check this regularly, and like that, the questions and answers can help other people out as well. For very short questions that require a quick answer, you can contact me on Twitter. I also tweet out info on my upcoming courses, user group events, and regular technical links. Let's start by looking into what is meant when talking about building business applications.

Dealing with Variable Resource Representations
Is a tour always a tour, and is a show always a show? That's the almost philosophical question we're going to answer in this module, Dealing with Variable Resource Presentations. I'm Kevin, and I'll guide you through it. We're going to look into the contract between our Angular client and the API, and we'll soon find out that it isn't tight enough for serious business apps. Using vendor-specific media types will help with that. They allow us to differ in shade between representations of a resource, like a tour or a show with different fields. It'll also help us when we want to create resources. We'll look into a good strategy for using this and see how they can even help with versioning. Let's check it out.

Working with Resource Collections
When getting and manipulating resources, especially when working on resource collections, it's often not that obvious how to handle more complex use cases without losing data integrity or facing a performance hit. I'm Kevin, and I'll guide you through this module. There're three use cases we're going to cover in this module, and all three of them tend to arise once you start building more complex applications. They have to do with resource collections--getting a list of resources together with a parent resource, creating child resources together with a parent resource, and adding a set of resources in one go. Let's dive in.

Working with Partial Updates
Working with partial updates helps in keeping the amount of data sent over the wire low, and it avoids using PUT for use cases it wasn't intended for. I'm Kevin, and I'll guide you through this module. Often, PUT is used to update resources. But PUT comes with a few disadvantages. We'll learn about that in this module. And we'll learn how to replace it with PATCH. PATCH allows submitting change sets or partial updates of resources. We'll also look into some advanced scenarios. Let's dive in.

Validating Data Across Client-server Borders
We should, to the extent of what's possible, be able to rely on our data being correct. That's where validation comes into play. Welcome to this module. I'm Kevin, and I'll guide you through it. In this module, we'll learn what validation entails. By that, I don't mean that we'll learn how to use each and every validator. If you followed the beginner courses in the prerequisites or likewise courses, you're bound to already have experience with validation. We'll cover the principles surrounding validation. That means we'll learn where we should validate and how we can structure our code so it allows different rules on different layers. And even between different use cases like creating and updating a tour. Let's dive in.

Reporting Validation Errors Across Client-server Borders
Some validation errors happen at the API level. They need to be reported back to the client. I'm Kevin, and I'll guide you through this module. In this module, we'll talk about reporting validation errors from the server back to the client. We'll learn why that's a good idea. We'll learn what model or set of objects to report them on. And we'll learn how to achieve this including how to visualize the errors on the client. Let's dive in.

Authentication: Integrating with an Identity Provider
Our Angular front end and API back end need to be secured. In business case scenarios, that often means integrating with an identity provider. Let's dive in. In this module, we'll focus on the Angular application. Securing the API is coming up in the next module. We'll look into why we should use an identity provider and what protocol it should support. That's OpenID Connect. We'll cover that in a bit more detail by looking into client types and points and flows. And we'll learn what flow to use. We'll then learn how to log in, log out, and protect routes in our Angular application. Let's start by looking at this identity provider concept.

Authorization: Securing the API
For applications that live on a client PC, like Angular front-end apps, securing the API they talk to is essential. In this module, we'll learn how. We'll learn how we can use OpenID Connect for authentication and authorization first. And then we'll look into how the implicit flow looks when we add access tokens to secure the API to the mix. We'll learn how to ensure our API isn't accessible without a valid access token. And we'll learn how to pass it through from our client. Lastly, we'll look into how we can handle token expiration and renewing tokens. Let's dive in.

Working with Authorization Policies
For most business applications, building an authorization layer goes beyond just requiring it to open with the correct scope. We need to be able to check off complex rules like allowing access if a user is in a specific role or only allowing access to a specific resource, for example, when updating a tour if the resource belongs to the current user. Authorization policies help with that. I'm Kevin, and I'll guide you through this module. In this module, we'll build an authorization layer with the help of authorization policies. We'll learn what authorization policies are and which use cases they can help with. We'll also learn how we can extend authorization policies with custom requirements and handlers to cover more complex use cases. Let's dive in.