public void GenerateSas_BuilderIsDirectoryError()
{
var constants = TestConstants.Create(this);
var blobEndpoint = new Uri("http://127.0.0.1/");
UriBuilder blobUriBuilder = new UriBuilder(blobEndpoint);
string fileSystemName = GetNewFileSystemName();
string fileName = GetNewFileName();
DataLakeSasPermissions permissions = DataLakeSasPermissions.Read;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
blobUriBuilder.Path += constants.Sas.Account + "/" + fileSystemName + "/" + fileName;
DataLakePathClient containerClient = InstrumentClient(new DataLakePathClient(
blobUriBuilder.Uri,
constants.Sas.SharedKeyCredential,
GetOptions()));
DataLakeSasBuilder sasBuilder = new DataLakeSasBuilder(permissions, expiresOn)
{
FileSystemName = fileSystemName,
Path = fileName,
IsDirectory = true,
};
// Act
try
{
containerClient.GenerateSasUri(sasBuilder);
Assert.Fail("DataLakeFileClient.GenerateSasUri should have failed with an ArgumentException.");
}
catch (InvalidOperationException)
{
//the correct exception came back
}
}
public async Task DataLakeSasBuilder_BothObjectId_Error()
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
string directoryName = GetNewDirectoryName();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
// Arrange
DataLakeDirectoryClient directory = await test.FileSystem.CreateDirectoryAsync(directoryName);
DataLakeFileClient file = await directory.CreateFileAsync(GetNewFileName());
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
PreauthorizedAgentObjectId = Recording.Random.NewGuid().ToString(),
AgentObjectId = Recording.Random.NewGuid().ToString()
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
TestHelper.AssertExpectedException <InvalidOperationException>(
() => dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName),
new InvalidOperationException("SAS cannot have the following parameters specified in conjunction: PreauthorizedAgentObjectId, AgentObjectId"));
}
public void GenerateSas_RequiredParameters()
{
// Arrange
var constants = TestConstants.Create(this);
string fileSystemName = GetNewFileSystemName();
string path = GetNewFileName();
DataLakeSasPermissions permissions = DataLakeSasPermissions.Read;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
var blobEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account + "/" + fileSystemName + "/" + path);
DataLakePathClient pathClient = InstrumentClient(new DataLakePathClient(
blobEndpoint,
constants.Sas.SharedKeyCredential,
GetOptions()));
// Act
Uri sasUri = pathClient.GenerateSasUri(permissions, expiresOn);
// Assert
DataLakeSasBuilder sasBuilder2 = new DataLakeSasBuilder(permissions, expiresOn)
{
FileSystemName = fileSystemName,
Path = path
};
DataLakeUriBuilder expectedUri = new DataLakeUriBuilder(blobEndpoint)
{
Sas = sasBuilder2.ToSasQueryParameters(constants.Sas.SharedKeyCredential)
};
Assert.AreEqual(expectedUri.ToUri().ToString(), sasUri.ToString());
}
public void GenerateSas_BuilderWrongFileSystemName()
{
// Arrange
var constants = new TestConstants(this);
var blobEndpoint = new Uri("http://127.0.0.1/");
UriBuilder blobUriBuilder = new UriBuilder(blobEndpoint);
string path = GetNewFileName();
DataLakeSasPermissions permissions = DataLakeSasPermissions.Read;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
blobUriBuilder.Path += constants.Sas.Account + "/" + GetNewFileSystemName() + "/" + path;
DataLakePathClient pathClient = InstrumentClient(new DataLakePathClient(
blobUriBuilder.Uri,
constants.Sas.SharedKeyCredential,
GetOptions()));
DataLakeSasBuilder sasBuilder = new DataLakeSasBuilder(permissions, expiresOn)
{
FileSystemName = GetNewFileSystemName(), // different filesystem name
Path = path,
};
// Act
try
{
pathClient.GenerateSasUri(sasBuilder);
Assert.Fail("DataLakePathClient.GenerateSasUri should have failed with an ArgumentException.");
}
catch (InvalidOperationException)
{
//the correct exception came back
}
}
public async Task DataLakeSasBuilder_DirectoryDepth(string directoryName)
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
DataLakeDirectoryClient directory = test.FileSystem.GetDirectoryClient(directoryName);
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
Path = directoryName,
IsDirectory = true
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
DataLakeSasQueryParameters sas = dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName);
int expectedDepth = directoryName.Split('/').Length;
if (expectedDepth > 0)
{
expectedDepth -= directoryName.ElementAt(0) == '/' ? 1 : 0;
expectedDepth -= directoryName.ElementAt(directoryName.Length - 1) == '/' ? 1 : 0;
}
Assert.AreEqual(expectedDepth, sas.DirectoryDepth);
}
public async Task SetPermissions_Filesystem(DataLakeFileSystemSasPermissions permissions)
{
// Arrange
await using DisposingFileSystem test = await GetNewFileSystem();
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name
};
dataLakeSasBuilder.SetPermissions(permissions);
StorageSharedKeyCredential sharedKeyCredential = new StorageSharedKeyCredential(TestConfigHierarchicalNamespace.AccountName, TestConfigHierarchicalNamespace.AccountKey);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(test.FileSystem.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(sharedKeyCredential)
};
DataLakeFileSystemClient sasFileSystemClient = InstrumentClient(new DataLakeFileSystemClient(dataLakeUriBuilder.ToUri(), GetOptions()));
// Act
await foreach (PathItem pathItem in sasFileSystemClient.GetPathsAsync())
{
// Just make sure the call succeeds.
}
}
public DataLakeSasQueryParameters GetNewDataLakeSasCredentialsOwner(string fileSystemName, string ownerName, UserDelegationKey userDelegationKey, string accountName)
{
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = fileSystemName,
AgentObjectId = ownerName
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
return(dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, accountName));
}
public DataLakeSasQueryParameters GetNewDataLakeServiceIdentitySasCredentialsFileSystem(string fileSystemName, UserDelegationKey userDelegationKey, string accountName)
{
var builder = new DataLakeSasBuilder
{
FileSystemName = fileSystemName,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None)
};
builder.SetPermissions(DataLakeFileSystemSasPermissions.All);
return(builder.ToSasQueryParameters(userDelegationKey, accountName));
}
public DataLakeSasQueryParameters GetNewDataLakeServiceSasCredentialsFileSystem(string fileSystemName, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new DataLakeSasBuilder
{
FileSystemName = fileSystemName,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None)
};
builder.SetPermissions(DataLakeFileSystemSasPermissions.All);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? GetNewSharedKeyCredentials()));
}
public async Task DataLakeSasBuilder_AgentObjectId()
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
string directoryName = GetNewDirectoryName();
string unknownGuid = Recording.Random.NewGuid().ToString();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
// Arrange
DataLakeDirectoryClient directory = test.FileSystem.GetRootDirectoryClient();
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
// Give UnknownGuid rights
IList <PathAccessControlItem> accessControlList = new List <PathAccessControlItem>()
{
new PathAccessControlItem(
AccessControlType.User,
RolePermissions.Read | RolePermissions.Write | RolePermissions.Execute,
false,
unknownGuid)
};
await directory.SetAccessControlListAsync(accessControlList);
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
AgentObjectId = unknownGuid
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(test.FileSystem.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName)
};
DataLakeDirectoryClient sasDirectoryClient = new DataLakeDirectoryClient(dataLakeUriBuilder.ToUri(), GetOptions());
// Act
DataLakeFileClient file = await sasDirectoryClient.CreateFileAsync(GetNewFileName());
}
public void EnsureStateTests()
{
DataLakeSasBuilder sasBuilder = new DataLakeSasBuilder();
// No Identifier, Permissions and ExpiresOn not present.
TestHelper.AssertExpectedException(
() => sasBuilder.EnsureState(),
new InvalidOperationException("SAS is missing required parameter: Permissions"));
sasBuilder.SetPermissions(_sasPermissions);
// No Identifier, ExpiresOn not present.
TestHelper.AssertExpectedException(
() => sasBuilder.EnsureState(),
new InvalidOperationException("SAS is missing required parameter: ExpiresOn"));
}
// </Snippet_GetServiceSasUriForContainer>
#endregion
#region GetServiceSasUriForDirectory
//-------------------------------------------------
// Get service SAS for directory
//-------------------------------------------------
// <Snippet_GetServiceSasUriForDirectory>
private static Uri GetServiceSasUriForDirectory(DataLakeDirectoryClient directoryClient,
string storedPolicyName = null)
{
if (directoryClient.CanGenerateSasUri)
{
// Create a SAS token that's valid for one hour.
DataLakeSasBuilder sasBuilder = new DataLakeSasBuilder()
{
// Specify the file system name, the path, and indicate that
// the client object points to a directory.
FileSystemName = directoryClient.FileSystemName,
Resource = "d",
IsDirectory = true,
Path = directoryClient.Path,
};
// If no stored access policy is specified, create the policy
// by specifying expiry and permissions.
if (storedPolicyName == null)
{
sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
sasBuilder.SetPermissions(DataLakeSasPermissions.Read |
DataLakeSasPermissions.Write |
DataLakeSasPermissions.List);
}
else
{
sasBuilder.Identifier = storedPolicyName;
}
// Get the SAS URI for the specified directory.
Uri sasUri = directoryClient.GenerateSasUri(sasBuilder);
Console.WriteLine("SAS URI for ADLS directory is: {0}", sasUri);
Console.WriteLine();
return(sasUri);
}
else
{
Console.WriteLine(@"DataLakeDirectoryClient must be authorized with Shared Key
credentials to create a service SAS.");
return(null);
}
}
public async Task DataLakeSasBuilder_DirectoryDepth_Exists()
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
DataLakeDirectoryClient directory = await test.FileSystem.CreateDirectoryAsync(GetNewDirectoryName());
DataLakeDirectoryClient subdirectory = await directory.CreateSubDirectoryAsync(GetNewDirectoryName());
DataLakeDirectoryClient subdirectory2 = await subdirectory.CreateSubDirectoryAsync(GetNewDirectoryName());
DataLakeDirectoryClient subdirectory3 = await subdirectory2.CreateSubDirectoryAsync(GetNewDirectoryName());
DataLakeFileClient file = await subdirectory3.CreateFileAsync(GetNewFileName());
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
Path = subdirectory3.Path,
IsDirectory = true
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(subdirectory3.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName)
};
DataLakeDirectoryClient sasDirectoryClient = InstrumentClient(new DataLakeDirectoryClient(dataLakeUriBuilder.ToUri(), GetOptions()));
// Act
await sasDirectoryClient.ExistsAsync();
}
public async Task DataLakeSasBuilderRawPermissions_2020_02_10(string permissionsString)
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
string directoryName = GetNewDirectoryName();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
// Arrange
DataLakeDirectoryClient directory = await test.FileSystem.CreateDirectoryAsync(directoryName);
DataLakeFileClient file = await directory.CreateFileAsync(GetNewFileName());
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name
};
dataLakeSasBuilder.SetPermissions(
rawPermissions: permissionsString,
normalize: true);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(test.FileSystem.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName)
};
DataLakeFileSystemClient sasFileSystemClient = InstrumentClient(new DataLakeFileSystemClient(dataLakeUriBuilder.ToUri(), GetOptions()));
// Act
await foreach (PathItem pathItem in sasFileSystemClient.GetPathsAsync())
{
// Just make sure the call succeeds.
}
}
public DataLakeSasQueryParameters GetNewDataLakeServiceSasCredentialsPath(string fileSystemName, string path, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new DataLakeSasBuilder
{
FileSystemName = fileSystemName,
Path = path,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None)
};
builder.SetPermissions(
DataLakeSasPermissions.Read |
DataLakeSasPermissions.Add |
DataLakeSasPermissions.Create |
DataLakeSasPermissions.Delete |
DataLakeSasPermissions.Write);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? Tenants.GetNewHnsSharedKeyCredentials()));
}
public async Task DataLakeSasBuilder_DirectoryDepth_SharedKey()
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
DataLakeDirectoryClient directory = await test.FileSystem.CreateDirectoryAsync(GetNewDirectoryName());
DataLakeDirectoryClient subdirectory = await directory.CreateSubDirectoryAsync(GetNewDirectoryName());
DataLakeDirectoryClient subdirectory2 = await subdirectory.CreateSubDirectoryAsync(GetNewDirectoryName());
DataLakeDirectoryClient subdirectory3 = await subdirectory2.CreateSubDirectoryAsync(GetNewDirectoryName());
DataLakeFileClient file = await subdirectory3.CreateFileAsync(GetNewFileName());
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
Path = subdirectory3.Path,
IsDirectory = true
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
StorageSharedKeyCredential sharedKeyCredential = new StorageSharedKeyCredential(TestConfigHierarchicalNamespace.AccountName, TestConfigHierarchicalNamespace.AccountKey);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(subdirectory3.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(sharedKeyCredential)
};
DataLakeDirectoryClient sasDirectoryClient = InstrumentClient(new DataLakeDirectoryClient(dataLakeUriBuilder.ToUri(), GetOptions()));
// Act
await sasDirectoryClient.ExistsAsync();
}
public async Task DataLakeSasBuilder_AgentObjectId_Error()
{
// Arrange
DataLakeServiceClient oauthService = GetServiceClient_OAuth();
string fileSystemName = GetNewFileSystemName();
string directoryName = GetNewDirectoryName();
await using DisposingFileSystem test = await GetNewFileSystem(service : oauthService, fileSystemName : fileSystemName);
// Arrange
DataLakeDirectoryClient directory = await test.FileSystem.CreateDirectoryAsync(directoryName);
DataLakeFileClient file = await directory.CreateFileAsync(GetNewFileName());
Response <UserDelegationKey> userDelegationKey = await oauthService.GetUserDelegationKeyAsync(
startsOn : null,
expiresOn : Recording.UtcNow.AddHours(1));
DataLakeSasBuilder dataLakeSasBuilder = new DataLakeSasBuilder
{
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(1),
FileSystemName = test.FileSystem.Name,
AgentObjectId = Recording.Random.NewGuid().ToString()
};
dataLakeSasBuilder.SetPermissions(DataLakeSasPermissions.All);
DataLakeUriBuilder dataLakeUriBuilder = new DataLakeUriBuilder(test.FileSystem.Uri)
{
Sas = dataLakeSasBuilder.ToSasQueryParameters(userDelegationKey, test.FileSystem.AccountName)
};
DataLakeFileSystemClient sasFileSystemClient = InstrumentClient(new DataLakeFileSystemClient(dataLakeUriBuilder.ToUri(), GetOptions()));
// Act
await TestHelper.AssertExpectedExceptionAsync <RequestFailedException>(
sasFileSystemClient.ExistsAsync(),
e => Assert.IsNotNull(e.ErrorCode));
}
private async Task <bool> DoesOAuthWorkAsync()
{
TestContext.Error.WriteLine($"Datalake Probing OAuth {Process.GetCurrentProcess().Id}");
try
{
for (int i = 0; i < 10; i++)
{
// Check flat account. For some reason we observe failures if that one doesn't work before we start datalake run.
{
BlobServiceClient serviceClient = new BlobServiceClient(
new Uri(TestConfigurations.DefaultTargetOAuthTenant.BlobServiceEndpoint),
GetOAuthCredential(TestConfigurations.DefaultTargetOAuthTenant));
await serviceClient.GetPropertiesAsync();
var containerName = Guid.NewGuid().ToString();
var containerClient = serviceClient.GetBlobContainerClient(containerName);
await containerClient.CreateIfNotExistsAsync();
try
{
await containerClient.GetPropertiesAsync();
var blobName = Guid.NewGuid().ToString();
var blobClient = containerClient.GetAppendBlobClient(blobName);
await blobClient.CreateIfNotExistsAsync();
await blobClient.GetPropertiesAsync();
var userDelegationKey = await serviceClient.GetUserDelegationKeyAsync(startsOn : null, expiresOn : DateTimeOffset.UtcNow.AddHours(1));
var sasBuilder = new BlobSasBuilder(BlobSasPermissions.All, DateTimeOffset.UtcNow.AddHours(1))
{
BlobContainerName = containerName,
BlobName = blobName,
};
var sas = sasBuilder.ToSasQueryParameters(userDelegationKey.Value, serviceClient.AccountName).ToString();
await new BlobBaseClient(blobClient.Uri, new AzureSasCredential(sas)).GetPropertiesAsync();
}
finally
{
await containerClient.DeleteIfExistsAsync();
}
}
// Check hierarchical account.
{
DataLakeServiceClient serviceClient = new DataLakeServiceClient(
new Uri(TestConfigurations.DefaultTargetHierarchicalNamespaceTenant.BlobServiceEndpoint),
GetOAuthCredential(TestConfigurations.DefaultTargetHierarchicalNamespaceTenant));
await serviceClient.GetPropertiesAsync();
var fileSystemName = Guid.NewGuid().ToString();
var fileSystemClient = serviceClient.GetFileSystemClient(fileSystemName);
await fileSystemClient.CreateIfNotExistsAsync();
try
{
var directoryName = Guid.NewGuid().ToString();
var directoryClient = fileSystemClient.GetDirectoryClient(directoryName);
await directoryClient.CreateIfNotExistsAsync();
await directoryClient.GetPropertiesAsync();
var fileName = Guid.NewGuid().ToString();
var fileClient = directoryClient.GetFileClient(fileName);
await fileClient.CreateIfNotExistsAsync();
await fileClient.GetPropertiesAsync();
// call some APIs that talk to DFS endoint as well.
await fileClient.AppendAsync(new MemoryStream(new byte[] { 1 }), 0);
await fileClient.GetAccessControlAsync();
var userDelegationKey = await serviceClient.GetUserDelegationKeyAsync(startsOn : null, expiresOn : DateTimeOffset.UtcNow.AddHours(1));
var sasBuilder = new DataLakeSasBuilder(DataLakeSasPermissions.All, DateTimeOffset.UtcNow.AddHours(1))
{
FileSystemName = fileSystemName,
Path = fileClient.Path,
};
var sas = sasBuilder.ToSasQueryParameters(userDelegationKey.Value, serviceClient.AccountName).ToString();
await new DataLakeFileClient(fileClient.Uri, new AzureSasCredential(sas)).GetPropertiesAsync();
}
finally
{
await fileSystemClient.DeleteIfExistsAsync();
}
}
}
}
catch (RequestFailedException e) when(e.Status == 403 && e.ErrorCode == "AuthorizationPermissionMismatch")
{
TestContext.Error.WriteLine($"Datalake Probing OAuth - not ready {Process.GetCurrentProcess().Id}");
return(false);
}
TestContext.Error.WriteLine($"Datalake Probing OAuth - ready {Process.GetCurrentProcess().Id}");
return(true);
}
/// <summary>
/// Get SAS string for DatalakeGen2
/// </summary>
public static string GetDatalakeGen2SharedAccessSignature(AzureStorageContext context, DataLakeSasBuilder sasBuilder, bool generateUserDelegationSas, DataLakeClientOptions clientOptions, CancellationToken cancelToken)
{
if (context != null && context.StorageAccount.Credentials.IsSharedKey)
{
return(sasBuilder.ToSasQueryParameters(new StorageSharedKeyCredential(context.StorageAccountName, context.StorageAccount.Credentials.ExportBase64EncodedKey())).ToString());
}
if (generateUserDelegationSas)
{
global::Azure.Storage.Files.DataLake.Models.UserDelegationKey userDelegationKey = null;
DataLakeServiceClient oauthService = new DataLakeServiceClient(context.StorageAccount.BlobEndpoint, context.Track2OauthToken, clientOptions);
Util.ValidateUserDelegationKeyStartEndTime(sasBuilder.StartsOn, sasBuilder.ExpiresOn);
userDelegationKey = oauthService.GetUserDelegationKey(
startsOn: sasBuilder.StartsOn == DateTimeOffset.MinValue || sasBuilder.StartsOn == null ? DateTimeOffset.UtcNow : sasBuilder.StartsOn.ToUniversalTime(),
expiresOn: sasBuilder.ExpiresOn.ToUniversalTime(),
cancellationToken: cancelToken);
return(sasBuilder.ToSasQueryParameters(userDelegationKey, context.StorageAccountName).ToString());
}
else
{
throw new InvalidOperationException("Create SAS only supported with SharedKey or Oauth credentail.");
}
}
// </Snippet_ListBlobsWithSasAsync>
#endregion
#region
// <Snippet_GetUserDelegationSasDirectory>
async static Task <Uri> GetUserDelegationSasDirectory(DataLakeDirectoryClient directoryClient)
{
try
{
// Get service endpoint from the directory URI.
DataLakeUriBuilder dataLakeServiceUri = new DataLakeUriBuilder(directoryClient.Uri)
{
FileSystemName = null,
DirectoryOrFilePath = null
};
// Get service client.
DataLakeServiceClient dataLakeServiceClient =
new DataLakeServiceClient(dataLakeServiceUri.ToUri(),
new DefaultAzureCredential());
// Get a user delegation key that's valid for seven days.
// You can use the key to generate any number of shared access signatures
// over the lifetime of the key.
Azure.Storage.Files.DataLake.Models.UserDelegationKey userDelegationKey =
await dataLakeServiceClient.GetUserDelegationKeyAsync(DateTimeOffset.UtcNow,
DateTimeOffset.UtcNow.AddDays(7));
// Create a SAS token that's valid for seven days.
DataLakeSasBuilder sasBuilder = new DataLakeSasBuilder()
{
// Specify the file system name and path, and indicate that
// the client object points to a directory.
FileSystemName = directoryClient.FileSystemName,
Resource = "d",
IsDirectory = true,
Path = directoryClient.Path,
ExpiresOn = DateTimeOffset.UtcNow.AddDays(7)
};
// Specify racwl permissions for the SAS.
sasBuilder.SetPermissions(
DataLakeSasPermissions.Read |
DataLakeSasPermissions.Add |
DataLakeSasPermissions.Create |
DataLakeSasPermissions.Write |
DataLakeSasPermissions.List
);
// Construct the full URI, including the SAS token.
DataLakeUriBuilder fullUri = new DataLakeUriBuilder(directoryClient.Uri)
{
Sas = sasBuilder.ToSasQueryParameters(userDelegationKey,
dataLakeServiceClient.AccountName)
};
Console.WriteLine("Directory user delegation SAS URI: {0}", fullUri);
Console.WriteLine();
return(fullUri.ToUri());
}
catch (Exception e)
{
Console.WriteLine(e.Message);
throw;
}
}
public override void ExecuteCmdlet()
{
IStorageBlobManagement localChannel = Channel;
// When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas
bool generateUserDelegationSas = false;
if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken)
{
if (ShouldProcess(this.Path, "Generate User Delegation SAS, since input Storage Context is OAuth based."))
{
generateUserDelegationSas = true;
}
else
{
return;
}
}
if (this.ParameterSetName == ItemParameterSet)
{
if (this.InputObject.IsDirectory)
{
this.FileSystem = this.InputObject.Directory.FileSystemName;
this.Path = this.InputObject.Directory.Path;
}
else
{
this.FileSystem = this.InputObject.File.FileSystemName;
this.Path = this.InputObject.File.Path;
}
}
DataLakeSasBuilder sasBuilder = new DataLakeSasBuilder();
sasBuilder.FileSystemName = this.FileSystem;
sasBuilder.Path = this.Path;
sasBuilder.SetPermissions(this.Permission, true);
if (StartTime != null)
{
sasBuilder.StartsOn = StartTime.Value.ToUniversalTime();
}
if (ExpiryTime != null)
{
sasBuilder.ExpiresOn = ExpiryTime.Value.ToUniversalTime();
}
else
{
if (sasBuilder.StartsOn != DateTimeOffset.MinValue)
{
sasBuilder.ExpiresOn = sasBuilder.StartsOn.AddHours(1).ToUniversalTime();
}
else
{
sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
}
}
if (this.IPAddressOrRange != null)
{
sasBuilder.IPRange = Util.SetupIPAddressOrRangeForSASTrack2(this.IPAddressOrRange);
}
if (this.Protocol != null)
{
sasBuilder.Protocol = this.Protocol.Value;
}
DataLakeFileSystemClient fileSystem = GetFileSystemClientByName(localChannel, this.FileSystem);
DataLakePathClient pathClient;
DataLakeFileClient fileClient;
DataLakeDirectoryClient dirClient;
if (GetExistDataLakeGen2Item(fileSystem, this.Path, out fileClient, out dirClient))
{
// Directory
sasBuilder.IsDirectory = true;
pathClient = dirClient;
//WriteDataLakeGen2Item(localChannel, dirClient);
// sasBuilder.ToSasQueryParameters()
}
else
{
//File
sasBuilder.IsDirectory = false;
pathClient = fileClient;
//WriteDataLakeGen2Item(Channel, fileClient);
}
string sasToken = SasTokenHelper.GetDatalakeGen2SharedAccessSignature(Channel.StorageContext, sasBuilder, generateUserDelegationSas, DataLakeClientOptions, CmdletCancellationToken);
if (FullUri)
{
string fullUri = pathClient.Uri.ToString();
fullUri = fullUri + "?" + sasToken;
WriteObject(fullUri);
}
else
{
WriteObject(sasToken);
}
}
