REST APIs are often written for enterprise-level companies as a way of allowing a client-side application to access core business logic. For many companies, simply extending their existing API by adding an endpoint for Alexa integration is the best way to manage that flow. For this example, you will use an existing Web API project on ASP.NET 4.7 and demonstrate how to link existing users to the Alexa skill the first time they access it,...

Read more

Deploying applications is hard. Often you need console access to the server from which you pull the latest code and then manually instantiate into your container. In this tutorial you’ll see an easier way using Tomcat: you’ll create an authenticated web app and deploy it through the browser using the latest versions of Tomcat, Spring Boot, and Java. Since version 9, Oracle has decreased the Java release cadence to six months so major version numbers...

Read more

“There is no Frigate like a Book To take us Lands away…” – Emily Dickinson These days, people read more on social media than they do in books. Maybe the remedy is to make reading more social. To that end, we’ll create an API for books. This will be an ASP.NET Core 2.2 Web API using GraphQL, which will allow developers to create applications that consume the API securely. ASP.NET Core 2.2 provides the ability...

Read more

Using unit and integration tests to verify your code quality is an excellent way to show you care about your code. I recently did a bunch of work in the popular JHipster open source project to upgrade it to use the latest release of Spring Security. Spring Security 5.1+ adds OAuth 2.0 and OIDC as first-class citizens that you can configure with its elegant DSL (a.k.a. cool method chaining, a.k.a. the builder pattern). I’ve been...

Read more

Working in the security industry and having an insecure site looks super bad. So imagine how I felt after discovering that the security report for my brand new personal site sucked: To fix this, I decided to improve my security score. I’m sharing my findings and solutions here so you can improve your site security too. This is good not only for improving your site security, but also to improve your SEO performance on Google....

Read more

ASP.NET Core is entirely open source, free, has built-in DI and logging, works smoothly with a fantastic ORM and has tons of built-in features within Web API framework, and on top of that you get Microsoft support for free, maturity and flexibility of C# and ASP.NET, it’s evident that ASP.NET Core is easily one of the best picks for building REST APIs. Lots of folks keep a daily journal that is essentially a detailed log...

Read more

Apple’s App Store is the holy grail for mobile developers. With React Native you can develop native apps for Android and iOS using a single code-base but getting things ready for publishing can be tricky, especially if you are starting with an originally Android-only application. Here you’ll be starting with the code from a previous monster Okta blog post designing and publishing a calculator-like app on the Android Play store, which includes authentication via Okta....

Read more

There’s a lot going on in the Java ecosystem lately. Now that major Java versions are released every six months, it can be difficult to keep up. Personally, I develop the majority of my Java applications using Spring Boot. Because of this, I was stuck on Java 8 until Spring Boot 2.1 was released last October. Spring Boot 2.1 added Java 11 support, along with performance improvements, a new metrics implementation, new actuator endpoints, and...

Read more

If you’re like me, you love music. Music is always streaming somewhere in my house at all times. I especially like going to see live music, but it can be hard to know where and when live music is happening. LiveMusicFinder is a web application that allows users to enter when and where some live music is going down. This beta version is very rough, but I will show you how I built it with...

Read more

In this tutorial, you’re going to use Kubernetes to deploy a Spring Boot microservice architecture to Google Cloud, specifically the Google Kubernetes Engine (GKE). You’re also going to use Istio to create a service mesh layer and to create a public gateway. The whole thing is going to be secured using Okta OAuth JWT authentication. That was a mess of jargon. We’re not going to explain microservices in-depth here. In short, microservices are a design...

Read more