Sunday, September 12, 2021

Factory Method - Real Time Use

 Making it simple silly...

Ques: When to use factory pattern?

Answer: -


By Name: - When we want to create a factory, which will produce different objects based on some parameters.


By Use : - When specific object is required to be instantiated after certain conditions/algorithm/logic we put that object creation logic in a method (called factory method) to reuse it from multiple places. Object instantiation requires certain parameters to process those conditions/algorithm/logic and return the desired object.


By Example :-


interface IMobile { void CreateMobile(); } public class Samsung : IMobile { public void CreateMobile() { Console.WriteLine("Samsung Mobile Created"); } } public class OnePlus : IMobile { public void CreateMobile() { Console.WriteLine("OnePlus Mobile Created"); } } // 1. This MobileFactory can be reusable. // 2. There is actally a processsing logic only after which it creates a required mobile object. // 3. The intention is to hide the complexity of this processing logic from calling classes. internal class MobileFactory { internal IMobile CreateMobile(String objectKey) { switch (objectKey) { case "samsung": //Some processing logic return new Samsung(); case "onePlus": //Some processing logic return new OnePlus(); default: throw new KeyNotFoundException(); } } } class Program { static void Main(string[] args) { MobileFactory myFact = new MobileFactory(); OnePlus onePlus = myFact.CreateMobile("onePlus") as OnePlus; onePlus.CreateMobile(); Console.ReadKey(); } }

Sunday, January 27, 2019

SAML Token – With Self Signed Certificate


SAML is nicely explain in the various internet sites and YouTube videos, so my job here is to make you understand with simple example of generating SAML Token with Self Signed Certificate. 

So lets start with realizing the need of SAML which will help you to recollect your previous knowledge on SAML or to fill the empty brains with basic understanding...

So let’s imagine the below system:

Scenario 1















There’s a CRM system consisting of multiple application and an employee of the company wants to connect to one of the app. The CRM has a big database which will validate if the user has logged in with right credentials and if positive will grant access to the application. Simple – Isn’t it?
But here is the problem of different entities -

Problem of company’s admin – Oh! Employee left the company. I have to make sure he has no more access to company’s different applications in the CRM (he might have access to the social media applications). My routine job -
  1.       Go to CRM check what applications user has access to. May be Admin also directly no access to CRM database?
  2.      Set the flag to no access for company’s applications
  3.      Set the flag for some applications to read only in case of role change
  4.      Etc.etc.


Problem of Employee – Damn! I have to remember hell lot of usernames and password. Is someone can really fish my account?

Problem of CRM Admin – Ah! The population is increasing day by day and so my database is. I am tired of maintaining it.



Got An IDEA - Single Sign On or Internet SSO.




Here are different SSO configurations:
    • Kerberos-based.
    • Smart-card-based.
    • Integrated Windows Authentication.
    • Security Assertion Markup Language.
    • Mobile devices as access credentials.

And different ways of implementing it. (Believe me its a never ending ocean...so will see later :P) Now lets talk about SAML and SAML Token.

What is SAML?
➤ Security Assertion Markup Language, its a secure XML based communication mechanism, basically used for communicating identities between organization.

Per Wiki - 
➤ SAML ian open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. As its name implies, SAML is an XML-based markup language for security assertions.

HOW SAML helps further?

1. Security - saving one from identity theft, fishing by eliminating the number of times user need to login over the internet with different credentials for different applications.

2. Access - User has to no longer type in the password. They just have to click on the app link and simply get into application. Interesting??

3. Administrator work - No need of resetting the lost password, no help desk work.

Okay, enough of theory, Just tell me how to generate SAML Token - 

For generating a SAML token you need a certificate from certificate authority (CA) or you may generate a self signed certificate. There are different way of generating a self signed certificate, here I have used power shell command to get one for me.The SAML token I have generated is self signed.

Run power-shell as an administrator and type below command with desired parameters - 

New-SelfSignedCertificate -Type Custom -Provider "Microsoft RSA SChannel Cryptographic Provider" -Subject "CN=CSNB0466.ap.mydomain.local" -KeyExportPolicy Exportable -KeySpec KeyExchange  -KeyUsage DigitalSignature -KeyAlgorithm RSA -HashAlgorithm sha256 -KeyLength 4096 -CertStoreLocation "Cert:\LocalMachine\My" -FriendlyName "X509_Latest"


to specify more parameters.


This will generate the self signed certificate in store (Run -> MMC -> Add snap ins -> certificate -> Computer Account -> Local Compuyter -> ok). 



Once you get the certificate, you are all set to generate a SAML token and signed it.

So here is my Dot Net Code -

Note - Thumbprint in the certificate can uniquely identify the certificate or its the combination of serial number and issuer distinguish it.

So lets say you got your serial and issuer and some other parameters to pass it an input - 

                CertificateIssuer = "CSNB0466.ap.mydomain.local",
                CertificateSerial = "13cabac0deffd69146f5fe0c1863f7de",
                ServiceProviderNameQualifier = "http://localhost:8080/Portal/Local/",
                SubjectId = "2299091d61e8d9e43cc1e26abf7fe769f1991f8e",
                SubjectNameQualifer = "https://idp.fpehealth.rzv.de/idp/shibboleth",
                SubjectRole = "Physician",
                TokenRecipientUrl = "http://localhost:8080/Portal/"

Saturday, January 27, 2018

C# delegates - Importance & Usage




The purpose of this article is to drive you through c# delegates in very simple terms and with very simple examples. 
 
Understanding gap - People find it difficult because...

  1.   It’s confusing to read 
  2. Not sure of the real world usage of delegates.

I have gone through lot of sites, searching #simple #real_world #examples of delegate and found useful results but the only problem is I use to forget after sometime. It generally happens when you don’t know the need of delegates in your day to day work. Let’s take one oath here – 

“Whenever I need to communicate between lower class to upper class I will think of DELEGATES

Now the point is; when there is such kind of requirement you need to communicate from lower to upper class. -
Example: Let’s say you have a car and engine class (upper and lower class respectively). For starting the car, engine needs to be started and car wants the live status of the engine start process.
                            




Start engine can be called by creating an engine class object in car class and call its start method (something like engine.start()) but how we will notify about the engine-start-process run-time to the car class … #Delegates help me out here!!

Below example shows how it works. Don’t miss the communication between Car, delegate and engine mentioned on comments... :D

 

                      -----------------------------------------------------------------------------------
Output:




Lets put the above code like;



 Now we understood one most important usage of Delegates i.e.

1. Communication between two classes (specifically from lower to upper class) at run time (e.g. run time notification)

 Let's understand the 2nd most important usage. Below example is to promote an employee whose rank is greater than 4. We can achieve this by passing the employee details and check if its rank>4, Promoted. (Congratulations :D)



output:


 Now think of Employee as a framework class, which means it should not only define the generic (main) properties of the employee but also the methods should be generic and not specific. If we provide the above employee class to any company, this will work fine if company only wants to promote there employee on the basis of Rank. What if later on they change their mind and decided to promote employee on the basis of salary? I think changing in the framework class every time is a bad idea?
Again, DELEGATES can help us out here.

Note: I have tried to simplify the below example. Source - Kudvenkat delegate video series  

Lets make employee class such that, client will decide how to promote employee, framework class will just do the main processing over it and return the result to client.



output:


I hope you realize the 2nd important usage i.e.

2. To help creating framework method which is reusable and more generic.
  
In the above example, the promotion logic is written at the client side and can be change as per their requirement, but the main processing of promotion is only done in the framework class which will then confirm the employee is promoted.

I hope you understand the basic of delegates and help me learn more by providing your valuable suggestions and basic topics you want me write on...

Happy learning and Tip of the day...
"Lamda expression in c# internally creates a method for your delegate." 
which means you can get rid eligibleEmployee method from above example, the same can be written as;