Dasith Wijesiriwardena

💥 Breaking distributed systems, observing them fall apart with OpenTelemetry, then teaching AI agents to fix them. 🧑‍💻 Principal Software Engineer @ Microsoft. 📍 Melbourne. Opinions my own, bugs probably also mine.

I’ve spent 20+ years building software, from low-level systems to cloud-native distributed architectures. These days I’m deep in the world of AI agents, exploring how we secure them, authenticate them, and collaborate with them to build better software. This blog covers that journey along with distributed systems, .NET, and all things engineering.

Protecting Assets Without Using Authorization Headers (i.e. Bearer Tokens)

6 minute read

tl;dr; If you want to access an api endpoint but don’t have a way to append the authorization info to your request, you need to create a magic url that is short lived and has limited use. Go directly here for code samples. Consider this scenario. You have developed a SPA (Single Page Application) that uses some form of OAuth to retrieve an access/bearer token. You now append that to your http request header when you call your backend REST API. The backend inspects the token and processes the request....

Setting Up AzureAD Multi-tenant Authentication With ASP NET Core And Angular

6 minute read

Using Azure AD to implement a multi-tenant application is fairly straight forward. It requires turning on a few knobs and switches from the portal and you’re most of the way there. In this post we will look at how to setup an multi-tenant app registration and implement the logic in the front end to direct the user to a common sign-in endpoint. We will also look at how to control access to a pre determined set of tenants. App Registration This is the easy part. Create an app registration from the Azure ...

A Reply To Waleed Aly’s Article On Sri Lankan Easter Sunday Terrorist Attack

8 minute read

I doubt Waleed Aly will ever get to read this but at least it’s now in the ether. I wanted to apologize for bringing politics into my blog but then it dawned on me that one shouldn’t merely apologize for pointing out the fallacy of an argument made by someone else regardless of it being political or not. My only hope is that it drives a conversation. I’ve been getting a lot of comments/shares supporting this but I hope everyone still has the same motivation going forward to speak about ground realities ...

Requesting Additional Claims From AzureAD

1 minute read

I am currently working on a project that uses EasyAuth to protect a web app hosted on Azure App Services. Think of it as a layer that operates above your web app that handles authentication and then inserts some special headers with the logged in users information. Your backend web application can read these special headers and extract claims about the user. The Problem Out of the box it includes things like name, oid and upn of the logged in user. One thing very noticeably was missing was the email cl...

Mediator Pattern Implemented In .NET/C#

9 minute read

The mediator pattern or the “domain whisperer” as I like to call it has been around for a long time and the main selling point of it is the reduction of coupling and enforcing clear separation of the domain logic from UI/Top layers. Let’s look at the Wikipedia definition. Usually a program is made up of a large number of classes. Logic and computation are distributed among these classes. However, as more classes are added to a program, especially during maintenance and/or refactoring, the problem of...

OAuth Client Credentials Flow With AzureAD

6 minute read

Navigating through the various authentication and authorization flows in AzureAD can sometimes be confusing. The Microsoft documentation on app types is a good place to start. Today we will be looking at the client credentials grant flow. The Microsoft documentation around the flow with regards to AzureAD can be found here. They have named the document Service to service calls using client credentials which is what the client credentials grant is used for. It is a prerequisite of this post that you ...

Integration Testing ASP.NET Core WebApi

4 minute read

If you’re a decent .NET developer and lucky enough to work in a good team then most of your work would be unit testable. But there is always a case to write some integration tests to make sure things work end to end. I was in such a situation recently. I had to write integration tests for a ASP.NET core 2.2 project which had external dependencies I had to mock during the test. The Microsoft documentation was very good but it doesn’t (at the time of writting this post) cover all scenarios when mocking is...

NimbleConfig - A Simple Config Injector For .Net

4 minute read

I recently started an open sourced project called NimbleConfig (hosted in GitHub). It is a simple, unambitious, convention-based configuration injector for .NET using IConfiguration (Microsoft.Extensions.Configuration) with full support for AspNetCore.

Speaking @LevelsConf 2018

1 minute read

I recently got a chance to speak at Levels Conference and it was my first time speaking in front of such a large audience. There were around 400 very keen junior developers there.

What Does Durable Azure Functions Solve?

4 minute read

Azure Functions are the way serverless compute is implemented in Azure. Amazon Web Services equivalent is called AWS Lambda. I won’t go into detail about what serverless is and what advantages it provides in this post. You can find my learnings from a project where I implemented my web api using Azure Functions here.