ASP.NET Core 应用本质上就是长时间运行的服务,该服务接受一个 HTTP 请求,然后按照预先设计好的路由规则,返回对应的响应(response)。一个 ASP.NET Core 应用程序包含两个主要的组件。

  • Server (接受和响应请求)
  • Middleware (处理请求的中间件)

在这篇文章中,将会通过阅读 ASP.NET Core 源码的方式,来探索 ASP.NET Core 如何将服务注册到 Host 中的。

1. Overview

规范了 .NET 平台下所有长时间运行的服务实现方法,具体的流程是这样的:

通过建造者模式创建一个 对象,在执行 方法的时候,会从依赖注册容器中获取所有的


1 概览

随着微服务时代的到来,我们越来越少的编写一个大型单体应用程序,而是将应用的各个功能拆分成不同的服务,每个服务之间通过网络来相互调用。那么这样就会带来一个问题:

网络是不可靠的

构建一个容错性高的服务成为开发人员的目标,一个弹性的服务可以很好的帮助我们应对各个故障问题。

Polly 就是这样一个 .Net 库, 它提供了若干种策略(Policy)来让我们的服务在应对各种情况下该如何处理。在 Java 世界里也有相同的库:Hystrix.

Polly 对业务代码的侵入量非常小,简单来讲主要分为两步

  • 创建策略 (Policy) : 这一步根据需要的场景来创建相应的策略, 比如重试,熔断器等等;还有可以将多个策略组装在一起,形成一个复合的策略。
  • 执行操作:将业务逻辑封装成一个委托(Action),然后调用策 …

1 Content Security Policy

上周在工作中遇到了这样一个问题,在一个网页前端中,使用 代码访问一个本地的服务,然后抛出了这样一个错误。

Refuse to connect to 'https://localhost:9780/dauthsvc/sign' because it violates the following Content Security Policy directive: "connect-src 'self' api.localhost ....

原本以为是服务端的错误,在 之后才知道,这原来是 W3C 一个标准协议。那么究竟是怎么一回事呢?

我们都知道我们的网站会被会被一些不法分子攻击,比如跨站脚本(Cros是Site Script, XSS),比如说攻击者将一个 …


Implement Git series

supports a lot of basic git operations. All of them are wrapped into the Operations namespace to make it manageable.

1 InitOperation

This operation supports the command parameter, which has two steps.

  1. Clear the folder
  2. Create the to branch

2 BranchOperation

This operation is designed to manipulate the branch. For examples

  • Show all branches
  • Create one branch

There is no secret in just read and write folder. Each file of them represents the branch.


Implement Git series

As a CLI program, must have to accept multi-commands according to the various input. For example

> ugit init
> ugit add a.txt

C# doesn’t support command parameters parse very well. CommandLine does the job very well.

Now, we add command which accepts a required parameter. what’s more, you can customize the parameter such short verb and long verb forms.

How to use these option?

By default, this package supports up to 16 options. But in ugit, it probably exceeds that. What we need to do is just adding and extension method.

So the basic workflow is obvious.


Implement Git series

In the previous post, we have known that Git chooses local file system as database to implement distribution. The key is the the folder in the repo. On top of that we build all the command to manipulate the repo for version control.

The architecture of .

With we hidden all basic IO operation and provide the local file database operator, like and so on.

We leverage System.IO.Abstractions to make testable and injectable. Besides the file database operator, the also exposes some primitive IO operation.

1 Init

It…


Implement Git by yourself (1: Introduction)

I’d like to say that Git is the most popular version control system (VCS). As a developer, you probably use git porcelain commands in your daily work and treat it as black box. But

If you can’t make one, you don’t know how it works.

You can access to git source code though, it’s a little bit of challenge to go through this repo now. What’s worse, git is written in C language which is sophisticated for us. Git is also Linus Torvalds’s masterpiece. It contains a lot of tricky code.

So, we are…


The On-Behalf-Of flow is used in the case where an application invokes a service/web API, which in turn needs to call another service/web API. The idea is to propagate user identity and permissions through the request chain.

Protocol Diagram

At this point, the application has an access token for API A( token A) with the user’s claim and consent to access the middle-tier web API (API A). Now the API A needs to make an authenticated request to the downstream web API (API B).

Now, I’d like to create web application that will retrieve the user’s profile from Microsoft Graph.

1 App Registration


1 Authentication and Authorization

Authentication is the process of proving you are who you say you are. The common used protocol is OpenID Connect. While Authorization is the act of granting an authenticated party permission to do something, which is implemented by OAuth 2.0 protocol.

Before exploring these two protocol flows, let’s have a quick look of parties involved in.

  • The Authorization Server is the identity provider (aka: Azure AD) which is responsible for ensuring the user’s identity, granting and revoking access to the resources, and issuing tokens.
  • The Resource Owner is typically the end user.
  • The OAuth Client is your app, identified by…


1 Overview

Calculator is a common tool for us to get the arithmetic expression’s result. In *NIX OS, once you type bc command, then you get into calculating environment. Feel free to input any legal arithmetic expressions.

bc 1.06
Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.For details type `warranty'.

Let’s dive into what’s going on when you type string(aka arithmetic expression) then it feeds back the result. If you’re familiar with Python, it provides a interactive console which you can type any Python’s statements, including the above arithmetic expression.

Python 2.7.15…

Feng Gao

A software developer in Microsoft at Suzhou

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store