Using Azure DocumentDB in Universal App - win-universal-app

I'm trying to access an Azure DocumentDB database from a universal app I'm developing.
I've created a short sample of code that accesses my database based on the following sample:https://github.com/Azure/azure-documentdb-net/blob/master/tutorials/get-started/src/Program.cs
I've put that in a Console Application and it works fine.
Now, just moving this code to my universal app doesn't work as the Microsoft.Azure.Documents.Client.dll cannot be added to the references of the universal app (not targeting the same Framework).
So, I've created a portable class Library that would provide the database access to my solution. I've tried to install Microsoft.Azure.Documents.Client.dll through NuGet, which didn't work. So I've manually added the reference which did seem to work.
But, when trying to compile the code, I get an error on this line:
_client = new DocumentClient(new Uri(_endPointUrl), _authorizationKey);
Error:
CS7069 Reference to type 'SecureString' claims it is defined in 'mscorlib', but it could not be found MyProject.StorageManager
So it looks like it didn't like the .dll either.
Here's where I am, it seems that each project type in which the documentDB code works cannot be used by an universal app.
Am I missing something?

The DocumentDB .NET SDK does not work from a store application, yet. This is something we're working on providing.
For now, there are two approaches you can consider
1) use a Middle tier to access DocumentDB (either Azure Mobile Apps, or your own Web Api)
2) use the JavaScript client SDK to talk to DocumentDB directly from the app (but you need to have a service that generates resource tokens for the client to use as using master key on the client is not supported for security reasons).

Related

Deploying an WebAPI project (including swagger) into Azure Function

I know that the Azure function supports HTTP trigger and we can write a function that can be exposed like an API. I'm looking for an option to host a complete C# WebAPI project (multiple Rest endpoints including swagger definition) into a single Azure function.
Is this feasible? and supported? I see this scenario is completely supported in AWS Lambda. Where we can deploy a whole WebAPI project into a single lambda. Here is the demo of
the same.
I have watched the provided Video and I observed the same functionality is also available in Azure Functions.
As Direct way is not available like publishing the Web API to the Functions but migration of Web API to Functions is possible if the Web API is authenticated with any option like Open API, etc and using the APIM Service we can manage all the operations in it.
And as per the Microsoft Update, Startup.csand program.cs is unified to the program.cs file. So, I have added the required swagger configuration code in the file program.cs and tested it, working successful locally.
Another approach is you can call the Web APIs from Azure Functions securely, here is one of my approaches along with few other ways to do it.
Refer to #VovaBilyachat alternative solution on publishing .NET Core Web API to Azure that provides the glimpse of using Containers instead Functions.

How do you get a token for an azure managed identity via REST interface?

This question refers to the article:
https://learn.microsoft.com/en-us/azure/app-service/app-service-managed-service-identity
I'm trying to figure out how I can simulate using the service principal that is generate for my azure application to work locally.
I followed the article and when I deploy azure function to azure and run it from there, I'm able to successfully use the MSI_ENDPOINT and the MSI_SECRET to successfully get the token. However, when i run the same deployment locally it fails. I use the exact same MSI_SECRET and change the MSI_ENDPOINT to the Domain that I use to the azure function endpoint.
Example: On azure the MSI_ENDPOINT = http://127.0.0.1:41831 and locally it is http://localhost:7071 (http://0.0.0.0:7071
However, when I run it locally I get a 404 error with the request. The request is http://0.0.0.0:7071/MSI/token?resource=https://vault.azure.net&api-version=2017-09-01 with the secret in the header. Exact same params with the working one loaded on azure except for the MSI_ENDPOINT.
Any advice on how to address this so I can run and test locally?
Using the Microsoft.Azure.Services.AppAuthentication library for .NET
for .NET applications and functions, the simplest way to work with a
managed identity is through the
Microsoft.Azure.Services.AppAuthentication package. This library will
also allow you to test your code locally on your development machine,
using your user account from Visual Studio, the Azure CLI, or Active
Directory Integrated Authentication. For more on local development
options with this library, see the
Microsoft.Azure.Services.AppAuthentication reference. This section
shows you how to get started with the library in your code.
Add references to the Microsoft.Azure.Services.AppAuthentication and Microsoft.Azure.KeyVault NuGet packages to your application.
However, this library is only available in .net which i'm not using and does not really explain how you would do it via REST call.
Thanks!
As far as I understand, MSI via REST works for you in the cloud, but not locally.
Unfortunately, it seems this is currently not easily possible when you can't use the AppAuthentication library. See this GitHub suggestion.
So if you don't want to hack some debug code into your production code, you probably need to host a "custom MSI proxy" locally which just performs the classic authentication via client credentials (appId + secret) to return the token.
curl -d "grant_type=client_credentials&client_id=<removed_for_security>&client_secret=<removed_for_security>&resource=https%3A%2F%2Fvault.azure.net" https://login.microsoftonline.com/<removed_for_security>/oauth2/token
Note that I added the KeyVault as the resource parameter. See your built MSI URL - http://0.0.0.0:7071/MSI/token?resource=https://vault.azure.net&api-version=2017-09-01

Failed to install Microsoft.Azure.Mobile.Server.Authentication into Xamarin Forms

I'm trying to add / install Microsoft.Azure.Mobile.Server.Authentication into my PCL project but there is an error says
Could not install package 'Microsoft.Azure.Mobile.Server 2.0.0'. You are trying to install this package into a project that targets '.NETPortable,Version=v4.5,Profile=Profile49', but the package does not contain any assembly references or content files that are compatible with that framework.
I've tried installing the previous version, but the exact same error appeared. I've also tried to changing Framework version to .NET 4.6, but other errors come up.
I want to use GetAppServiceIdentityAsync() method which only supported by that namespace. Is there any other way to add that reference into my PCL project?
As I known, GetAppServiceIdentityAsync is used to retrieve the Identity (ProviderCredentials) for the specific provider in your server-side code. For your mobile client, I assumed that you could leverage MobileServiceClient.InvokeApiAsync<List<AppServiceIdentity>>("/.auth/me"); to retrieve the identities and filter them with the specific provider, them you could get Provider, UserId and UserClaims properties as you expected. For more details, you could refer to Obtaining User Claims.
Azure Mobile Apps has two versions - one that runs on the server and the other runs on the client. You are trying to use the server version and that requires ASP.NET and .NET Framework 4.5+ (4.6 at the moment). It won't work in your client.
If you are using Azure Mobile Apps on the server, then you have already added a referenced to Microsoft.Azure.Mobile.Client and created a mobile client reference to your Azure App Service. You have also already configured your Azure Mobile Apps Server and linked your auth provider using Azure App Service Authentication. If you haven't, check out the book http://aka.ms/zumobook - this will give you the right instruction on this.
If you are still with me, you then need to do a HTTPS connection to your Azure App Service URL + /.auth/me - this returns a JSON blob which contains the provider information that Azure App Service Authentication knows about. One of the things that the service knows about is the auth token used to authenticate. You can then use this auth token to get additional information about the user if it isn't in the JSON blob.
A great way to get that information is to use the client.InvokeApiAsync<>() method as Bruce mentioned. This is covered in the book as well.
Have you tried to set the Android API Level to a higher level? I had this error by installing Moq and I could solve this problem with changing the Android API Level to the highest API level. Please try to use Android 7.1 (Nougat) with API-Level 25, also at the minimum SDK.
You can change it with: Right click on the project -> Options -> Build -> General -> Android Application
Under General you can also try to change the target version for the app to a higher level.

Published custom .NET Backend broke Azure Easy Tables

I was following the Microsoft Azure documentation to integrate my Xamarin Forms app with azure mobile services. I defined a data connection, used easy tables to define some custom tables and everything was working as expected with the mobile client.
Today I wanted to extend my backend functionality and also enable file storage. I followed the instructions found here and as soon as I created a new .NET server backend project with a StorageController and published it to azure, the entire easy table api stopped working. All calls from the mobile client fail with the following error:
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
This happens for all mobileClient.GetTable<SomeEntity>().SomeOperationAsync() calls.
My guess is that publishing the custom backend overwrote the online generated easy tables api... unfortunately I don't have enough experience with the azure cloud to figure out where I made a mistake. Is there any way of getting the auto generated easy tables api to also work with file storage?
As Mimi noted in the comments, Easy Tables is only available for the supplied Node backend, deployed from the portal. If you are using your own code and publishing that, Easy Tables and Easy API will be disabled.

Using Azure Mobile Services client SDK with non azure hosted custom API

I'm new to Azure Mobile Services so this may be a stupid question, but I like the look of working with the client SDK especially the offline sync framework. (I haven't seen any other offline client sync frameworks in c# that would work with Xamarin)
But unfortunately I am not building the API and instead I'm working against an existing web API which cannot be changed or moved to azure hosting.
Is this scenario possible and has anyone got this working? If so, are there any standards that my API would need to conform to (above a standard asp.net web api with correct http verbs)
Right now, the client SDK is hard coded to only make calls to <mobile service url>/table/, etc. The team is looking at options of letting the client SDK consume other endpoints, but that will be awhile yet.
You could possibly do this using an HttpHandler, and changing any outgoing HTTP request to another URL. (IE. look for /table/tablename and redirect it to your custom path) But that would get pretty messy at this point.
Its also possible to wrap the call to the API from the within the mobile services SDK as well. It will be cleaner than the above, with the drawback of adding another middle man. However if their shape is incompatible with that required by offline, it will be easier to tweak it into the expected format.

Resources