Sunday 19 January 2020

Power Apps Quick Tips

Some of my Power Apps notes:

Licencing:
Determine your Power Apps licence using Power Apps Web user interface:
Power Apps > Settings > Plans

Note:  Microsoft changed how Power Apps licencing works circa Nov 2019.  The Power Apps licence with O365 E3/E5 does not have the connectors so is useful only for simple apps, and using flow, the apps can get more advanced.

Testing:
I saw a preview of the Power Apps Test Framework as the Microsoft Ignite Tour in mid Jan 2020.  The framework allows for recording UI tests and inserting asserts.  The tests are stored alongside the project inside Power Apps.  PowerApps Testing is in beta, it will be release by region so presumably it's already available in some US regions on the public beta.  The CI/CD pipeline integration was not shown but I'm sure some smart fella will look at this shortly.  I'd use Selenium for automated web testing at this stage, but that may change especially for mobile app development.

Updated 28 Jan 2020: Test Studio for Power Apps released today.  Here is the announcement.  Here is another recording outlining testing of Power Apps.

In the Power App > File > Settings > Advanced Settings > Scroll down to "Formula-level Error Management" and turn on the feature.
Open the "Advanced tools"
Accessing Test Studio in Power Apps


Power Apps Development Standards:
Error Handling - Should an unexpected event occur, log so the issue can be traced, as of 3 Feb 2020, PowerApps has App Insight integration.
Naming standards - Label visual controls and variables
Approved Colours - Digital branding standards
Reuse - Control reuse with shared branding
Roles - AAD connector allows me to figure out the user group the current user belongs too so they get appropriate menus, screens, and actions.
Menus -  @Laura-GB https://www.youtube.com/watch?v=5G-gVWRItmc  Build a menu component, input allows one to combine with AAD roles to create dynamic menus for users.
Copy and pasting OOB controls - such as a textbox, if you use a formula, the values are persist and passed around.  So if you have a color set by a variable, copy and paste results in the new text box referencing the colour.  Taking this further, if you put in the position X and Y a formula e.g. X=66*1 and Y=100*1, the control will inherit the parent controls property rather than reset the property.

Steps to setup and Use a Custom Connector:

Get the http response from a custom connector and add to a collection
Common Functions:
DateTimeValue() - Convert string into a date
Text() - Format a string
Value()- Format a string into a numeric
Text(DateTimeValue(TextInput1.Text), "dd-mmm-yyyy")
An approach I like to advanced Power App Input Validation.
Lookup() - Finds the first record in a table, closely related to Filter() and Search()
I.e. Fx> Set(Lookup(<DataverseTblName>,<UniqueRowId>=GUID("1234-1234-111...") 
Patch() - Update or add new, best way to save as it handle collections
Patch() function used to update an existing "Appeal" record.  Also note that a json string is saved- This is how to escape quotes.

Error Handling and Logging:
PowerApps has pretty basic error handling IfError(Try, if fail fall back)
Error Handling for Power Apps
The is a built in mechanism to log from Power Apps into App Insights.

Components:
Build a common UI element such as a menu or header.  The component has input and output parameters so you need to pass in the data to be used and return the output.  This allow the component to be re-used.  Obviously it makes sense that you can't use global variable within components, you need to pass the global variables in using input parameters.
Great example from @Laura-GB https://www.youtube.com/watch?v=5G-gVWRItmc

Tuesday 14 January 2020

API Management Advanced Mocking

My earlier post shows an Azure APIM engineer the steps to setup API Management Mocking

This post contains 2 screen shows showing how to add multiple mock responses to a request in APIM:
Amend the Get Operation Inbound Response Policy

Two APIM REST Requests showing dynamic mocking

Simple OpenAPI YAML 3 Example with Mock up examples for APIM.  
To review:
  1. Open an existing APIM Instance
  2. Import the YAML file example (download and rename), thi sis a YAML 3.01 specification.

3. Add "Mock Response policy to all Incoming requests, alternatively you can do it at an operation level.
    4. Test & Verify 

Blazer Intro

Blazor intro - Pretty much a SPA written in C#.  Deployed on server and client side using SignalR.  Server-side option is available today.

Learn about Blazer on 14 Jan 2020 Online Conference

More to come...

Sunday 12 January 2020

API Management Mocking

Problem:  Create an Open API Specification (OAS) endpoint for testing using APIM

Background:
  • Azure has a great service to bring multiple API's under a single publishable layer (think MuleSoft).  I like to use APIM to setup an initial contract that developers can use before setting up the actual API.  This allows both the consumer teams and the back-end development team to work independently to this OpenAPI agreed contract. 
  • Swagger originally owned and ended up creating the OpenAPI specification (OAS) that now of companies now use.
  • Swagger has great tooling for creating OAS API's, documentation, stub hosting and generating code such as .NET core that you can import into your dev environment. 
  • Azure has a developer APIM instance licence that is relatively inexpensive (creating an APIM instance takes up to 20 minutes) but leaving it running for my personal dev is pretty expensive.
Overview:  This post outlines the steps to setup an APIM instance using an OpenAPI file created in swagger.  The APIM service shall be setup to return mock data.

Steps:
1. Create a new instance of APIM - Do this first as it takes up to 20 minutes before the service is ready.
1. Create an APIM instance
2. Open swagger.io in a browser and signup, "Create New", this gives you your starting OAS file for your custom API.

2. Login to Swagger and create the Open API file using YAML
3. Using the Swagger Editor, create the desired endpoints.  It took me a few hours to get use to YAML as it is space sensitive but very readable.
3. Swagger editor
4. On the top right of the Swagger editor is the "Export" option.  Click Export > Download API > JSON Unresolved.  And keep the .json file ready to import into your APIM service.
5. Open APIM, and add a new API.  APIs > Add API > Open API as show below.
Import OAS file into APIM
 6. Import the file and the fields get populated per you instructions.
Upload the OpenAPI json file into APIM
7. The list of operations shows up - in my case i only have a single GET operation call \Get Customers
APIM Service is now created but not connected to a back-end

8. Add Mocking to the end point.  Highlight the Operation i.e. \Get List all Customers > Inbound Processing (Add Policy) button.  Select "Mock-responses" > Save


9. Generate the JSON responses:
a) Select the Operation i.e. \GET List all customers
b) Frontend drop down > Form-based editor
c) Click the "Responses" tab
d) Click the "200 OK" link
e) Click in the Sample Box, and "Auto Generate", Save


 The APIM service is now setup and we are ready to test.

1. Test using APIM's Testing tool


Check the 200 Response
Mocked response from APIM test tool

2. Testing using Postman
Open Postman, and craft the request as shown below:
Postman APIM testing

NoteThere are several competitor products like Mulesoft, Amazon API gateway, Postman and Swagger also offer a lot of these features.  There are other products that I have not used such as Kong API Gateway, GCP has Apigee, Gartner has a list of competitors and the magic quadrant done each year.

Summary:  It is pretty straight forward to setup APIM mocking as shown above.  And then easy to test it using Azure APIM tests and Postman.   This post show how to add various mocked APIM responses.   

APIM Notes

 5 Pricing Versions of APIM:

  1. Developer Version (No SLA) - No prod data but has all the premium features.
  2. Consumption Model (99.95% SLA) - priced per request serviced.  Missing Dev portal, not a static IP adr - automatically scales, 
  3. Basic  (99.95% SLA)  - No AAD integration - Scales to 2 units
  4. Standard  (99.95% SLA)  - Scales to 4 units
  5. Premium  (99.99% SLA)  - Allows Custom Domains - unlimited scale.  Also allows a single APIM instance to be scaled to more than 1 Azure Region.  Also direct VNET access is only available in premium.
One can move (scale up or down) between Azure APIM pricing tiers but it take up to 45 minutes.  
All consumption pricing tiers require the owner to setup or perform scaling. 
APIM has Metrics to determine if the number of APIM units should be increased or decreased.  The best metric is the capacity metric made up of  Note: Ignore short spikes look for an average over 15 minutes.  Microsoft suggests that the APIM Capacity metric running over 60% to 70% for a period of 30 minutes would indicate that scaling is appropriate.
When building your scaling strategy understand that adding APIM Units takes time (roughly 30 min) so scaling at 60% may not work for flash traffic in which case you'll need to account for this outside of only using metrics for scaling.
Tip: Regionally deployed APIM instances point to a single back-end URL, so it is best to keep the traffic routed to APIM in the same region as the back-end for simple scenarios, use the other region for failures and obviously you can multi-route back end traffic using Front Door for larger deployments.

Tip: Use Azure Key Vault for secrets.

Developer Portal - part of APIM, this portal/website is highly "customisable" and allows users to discover/consume our API's.  User can check their access (only see API's they have access to) and to try/test the API.

Tips:

  • Users > Groups > Products > API EndPoints
  • Subscriptions assigned to 1) products or/and 2)API endpoints.
  • Transition policies great for turning SOAP into JSON.  There are a lot of OOTB policies, easy to create policies using C#.
  • APIM Extension for VS Code is nice for working with APIM.
More Info:
https://www.youtube.com/watch?v=0yf_xm5cPIo
https://www.youtube.com/watch?v=gA2yxwKo0M0

PB APIM Series:

Thursday 9 January 2020

Microsoft Azure MFA Notes (Az-300)

Study Notes on Multi Factor Authentication:
  • AAD MFA: for 2nd factor done via Text, MS Authenticator, Phone Call 
  • Azure MFA Server - For AD on-prem. MFA.  Most advanced set op options for integrating on-prem. infrastructure with MFA cloud service.  Download and install on a Windows server.  Don't need to AD Connect sync accounts to Azure AD (AAD).


  • Azure MFA Server needs to use the Azure MFA Service to send SMS and Text authentication and MS Authenticator.
  • The Azure MFA Server downloan includes a GDPR.exe utility for generation GDPR reports for a user.
  • MFA billing is per User and is included in AD premium licences
  • Conditional Access - so don't need for every user but when advanced roles can enforce MFA
  • Azure SDK is only a Web Service since 2018
  • ADFS has 2 MFA approaches/options: Azure MFA Server - no need to replicate users to AAD or ADFS 3 (Win 2016) upwards can use cloud based (no Azure MFA Server required).
  • Password Stuffing - Hacker uses compromised password on different sites as people tend to reuse.
  • Know e.g. password, or something you have e.g. RSA token, something you are e.g. fingerprint.  MFA must use 2 or more of these types.  Out-of-band device e.g. you phone using MS Authenticator.
  • As a general rule with the 2nd factor Auth on Azure, if you want to add a pin to the auth, you can't use the cloud service but need to be using Azure MFA Server.
  • OATH tokens for RSA or other outside token MFA (also for offline on phone via MSAuthenticator) but it requires Azure MFA Server to implement.  Azure portal also has basic OATH integration for 3rd party vendors.