public void ValidateSasCredentials()
{
// Build a shared access signature with only Read permissions.
TableSasBuilder sas = new TableSasBuilder(tableName)
{
ExpiresOn = new DateTime(2040, 1, 1, 1, 1, 0, DateTimeKind.Utc)
};
sas.SetPermissions(TableSasPermissions.Read);
// Create a SharedKeyCredential that we can use to sign the SAS token
var credential = new TableSharedKeyCredential(TestEnvironment.AccountName, TestEnvironment.PrimaryStorageAccountKey);
// Build a SAS URI
UriBuilder sasUri = new UriBuilder(TestEnvironment.StorageUri)
{
Query = sas.ToSasQueryParameters(credential).ToString()
};
// Create the TableServiceClient using the SAS URI.
var sasAuthedService = InstrumentClient(new TableServiceClient(sasUri.Uri, Recording.InstrumentClientOptions(new TableClientOptions())));
var sasTableclient = InstrumentClient(sasAuthedService.GetTableClient(tableName));
// Validate that we are able to query the table from the service.
Assert.That(async() => await sasTableclient.QueryAsync().ToEnumerableAsync().ConfigureAwait(false), Throws.Nothing);
// Validate that we are not able to upsert an entity to the table.
Assert.That(async() => await sasTableclient.UpsertAsync(CreateTableEntities("partition", 1).First()), Throws.InstanceOf <RequestFailedException>().And.Property("Status").EqualTo((int)HttpStatusCode.Forbidden));
}
