PM.Readme chain for #235

[skgithubtest[bot]]

Create a ToDo Application using the STUDENT App Catalog group in C#

[skgithubtest[bot]]

ToDo Application README

Overview

The ToDo Application is a robust task management tool designed for organizational use, integrating Azure Active Directory (Azure AD) for secure Single Sign-On (SSO) access. The application provides features to manage daily tasks efficiently while ensuring stringent security measures through modern authentication protocols and conditional access.

Features

User Authentication

• Single Sign-On (SSO): Users can access the application using their work or school accounts in Azure AD, streamlining login processes for various SaaS applications, including Microsoft, Google Apps, and Salesforce.

• SAML-based Identity Provider: The application utilizes Azure AD as a SAML-based identity provider, ensuring secure authentication.

Task Management

• Create, Read, Update, Delete (CRUD): Users can easily manage their to-do items with functionalities to create, view, update, and delete tasks.

Conditional Access

• Automated Access Control: Leverage Azure AD Conditional Access to enforce policies based on user group membership, location, and application sensitivity, ensuring only the right users have access to specific resources.

• Security Policies: Configure and manage common Azure AD Conditional Access policies as best practices for securing corporate resources.

Security Features

• Password Protection: Avoids common vulnerabilities associated with multiple usernames and passwords, reducing the risk of password reuse and weak passwords.

• Blocking Legacy Protocols: The application is configured to block legacy authentication protocols, minimizing exposure to password spray attacks.

Architecture

Technology Stack

• Programming Language: C#
• Frontend Framework: ASP.NET Core for user interface
• Backend Framework: ASP.NET Core Web API for data management and business logic
• Identity Provider: Azure Active Directory (AAD)

Code Organization

• Controllers: Contains API endpoints for task management.
• Models: Defines data structures for user and task entities.
• Services: Business logic and data operations are performed here.
• Data Access Layer: Interaction with the database is managed through Entity Framework Core.

Security Practices

• Static and Dynamic Application Security Testing (SAST/DAST): Integrated into the CI/CD pipeline to identify vulnerabilities in source code and during application runtime.

• Dependency Scanning: Regularly scans third-party libraries and framework components to detect vulnerabilities.

Running the Application

Prerequisites

• .NET SDK (version 5.0 or later)
• Access to Azure AD for authentication configuration
• SQL Server or any other compatible database

Setup Instructions

1. Clone the repository:

   git clone https://github.com/your-repo/todo-app.git
   cd todo-app

2. Restore dependencies:

   dotnet restore

3. Configure the Azure AD settings in the appsettings.json file.

4. Create and migrate the database:

   dotnet ef database update

5. Run the application:

   dotnet run

Accessing the Application

• Open your web browser and navigate to http://localhost:5000 to access the ToDo Application.

Best Practices

• Regularly review and update Azure AD Conditional Access policies.
• Ensure all third-party libraries are scanned and kept updated.
• Monitor application access logs to identify any unauthorized access attempts.

Conclusion

The ToDo Application emphasizes security and productivity by harnessing Azure AD capabilities. It provides a user-friendly interface for managing tasks while ensuring secure access control and compliance with organizational policies.