public void GenerateAccountSas_Builder()
{
// Arrange
var constants = new TestConstants(this);
var blobEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account);
var blobSecondaryEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary");
var storageConnectionString = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint));
string connectionString = storageConnectionString.ToString(true);
AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
DateTimeOffset startsOn = Recording.UtcNow.AddHours(-1);
AccountSasServices services = AccountSasServices.Blobs;
AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
DataLakeServiceClient serviceClient = InstrumentClient(new DataLakeServiceClient(
blobEndpoint,
constants.Sas.SharedKeyCredential, GetOptions()));
AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
{
StartsOn = startsOn
};
// Act
Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);
// Assert
AccountSasBuilder sasBuilder2 = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
{
StartsOn = startsOn
};
UriBuilder expectedUri = new UriBuilder(blobEndpoint);
expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString();
Assert.AreEqual(expectedUri.Uri.ToString(), sasUri.ToString());
}
public void GenerateAccountSas_Builder()
{
TestConstants constants = TestConstants.Create(this);
Uri serviceUri = new Uri($"https://{constants.Sas.Account}.queue.core.windows.net");
AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
AccountSasServices services = AccountSasServices.Queues;
AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
QueueServiceClient serviceClient = InstrumentClient(
new QueueServiceClient(
serviceUri,
constants.Sas.SharedKeyCredential,
GetOptions()));
AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes);
// Add more properties on the builder
sasBuilder.SetPermissions(permissions);
// Act
Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);
// Assert
AccountSasBuilder sasBuilder2 = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes);
UriBuilder expectedUri = new UriBuilder(serviceUri);
expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString();
Assert.AreEqual(expectedUri.Uri, sasUri);
}
public void GenerateAccountSas_WrongService_Service()
{
var constants = new TestConstants(this);
var blobEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account);
var blobSecondaryEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary");
var storageConnectionString = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint));
string connectionString = storageConnectionString.ToString(true);
AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
AccountSasServices services = AccountSasServices.Files;// Wrong Service
AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
BlobServiceClient serviceClient = InstrumentClient(new BlobServiceClient(connectionString, GetOptions()));
AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
{
IPRange = new SasIPRange(System.Net.IPAddress.None, System.Net.IPAddress.None),
StartsOn = Recording.UtcNow.AddHours(-1)
};
// Act
try
{
Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);
Assert.Fail("BlobContainerClient.GenerateSasUri should have failed with an ArgumentException.");
}
catch (InvalidOperationException)
{
// the correct exception came back
}
}
public void GenerateAccountSas_Builder()
{
// Arrange
TestConstants constants = new TestConstants(this);
Uri serviceUri = new Uri($"https://{constants.Sas.Account}.dfs.core.windows.net");
AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
DateTimeOffset startsOn = Recording.UtcNow.AddHours(-1);
AccountSasServices services = AccountSasServices.Blobs;
AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
DataLakeServiceClient serviceClient = InstrumentClient(new DataLakeServiceClient(
serviceUri,
constants.Sas.SharedKeyCredential,
GetOptions()));
AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
{
StartsOn = startsOn
};
// Act
Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);
// Assert
AccountSasBuilder sasBuilder2 = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
{
StartsOn = startsOn
};
UriBuilder expectedUri = new UriBuilder(serviceUri);
expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString();
Assert.AreEqual(expectedUri.Uri, sasUri);
}
public void AccountSasPermission_Round_Trip()
{
AccountSasServices services = SasExtensions.ParseAccountServices("bfqt");
Assert.IsTrue(services.HasFlag(AccountSasServices.Blobs));
Assert.IsTrue(services.HasFlag(AccountSasServices.Files));
Assert.IsTrue(services.HasFlag(AccountSasServices.Queues));
Assert.IsTrue(services.HasFlag(AccountSasServices.Tables));
Assert.AreEqual(services.ToPermissionsString(), "bfqt");
}
public void SasQueryParameters_RoundTrip()
{
var version = "2018-03-28";
AccountSasServices service = AccountSasServices.Blobs;
AccountSasResourceTypes resourceType = AccountSasResourceTypes.Container;
SasProtocol protocol = SasProtocol.Https;
DateTimeOffset startTime = DateTimeOffset.Now;
DateTimeOffset expiryTime = startTime.AddDays(1);
var ipRange = new SasIPRange();
var identifier = "foo";
var resource = "bar";
var permissions = "rw";
var signature = "a+b=";
var cacheControl = "no-store";
var contentDisposition = "inline";
var contentEncoding = "identity";
var contentLanguage = "en-US";
var contentType = "text/html";
var sasQueryParameters = SasQueryParametersInternals.Create(
version,
service,
resourceType,
protocol,
startTime,
expiryTime,
ipRange,
identifier,
resource,
permissions,
signature,
cacheControl: cacheControl,
contentDisposition: contentDisposition,
contentEncoding: contentEncoding,
contentLanguage: contentLanguage,
contentType: contentType
);
Assert.AreEqual(signature, sasQueryParameters.Signature);
var sasString = sasQueryParameters.ToString();
var roundTripSas = SasQueryParametersInternals.Create(new UriQueryParamsCollection(sasString));
Assert.AreEqual(sasQueryParameters.ToString(), roundTripSas.ToString());
}
internal SharedAccessSignatureCredentials GetAccountSasCredentials(
AccountSasServices services = AccountSasServices.All,
AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All,
AccountSasPermissions permissions = AccountSasPermissions.All)
{
var sasBuilder = new AccountSasBuilder
{
ExpiresOn = Recording.UtcNow.AddHours(1),
Services = services,
ResourceTypes = resourceTypes,
Protocol = SasProtocol.Https,
};
sasBuilder.SetPermissions(permissions);
var cred = new StorageSharedKeyCredential(TestConfigDefault.AccountName, TestConfigDefault.AccountKey);
return(new SharedAccessSignatureCredentials(sasBuilder.ToSasQueryParameters(cred).ToString()));
}
/// <inheritdoc />
public string CreateSharedAccessToken(
CreateSharedAccessSignatureConfiguration configuration
, AccountSasPermissions permissions
, AccountSasResourceTypes resourceTypes
, AccountSasServices services = AccountSasServices.Blobs
)
{
var sas = new AccountSasBuilder
{
ResourceTypes = resourceTypes,
Services = services,
StartsOn = DateTimeOffset.UtcNow.AddMinutes(-configuration.ValidFromInMinutes),
ExpiresOn = DateTimeOffset.UtcNow.AddMinutes(configuration.ValidForInMinutes + configuration.ClockScrewInMinutes)
};
sas.SetPermissions(permissions);
return("?" + sas.ToSasQueryParameters(this.Options.CreateStorageSharedKeyCredential()));
}
public void GenerateAccountSas_WrongService_Service()
{
TestConstants constants = TestConstants.Create(this);
Uri serviceUri = new Uri($"https://{constants.Sas.Account}.queue.core.windows.net");
AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write;
DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1);
AccountSasServices services = AccountSasServices.Blobs; // Wrong Service
AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
QueueServiceClient serviceClient = InstrumentClient(
new QueueServiceClient(
serviceUri,
constants.Sas.SharedKeyCredential,
GetOptions()));
AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes);
// Act
TestHelper.AssertExpectedException(
() => serviceClient.GenerateAccountSasUri(sasBuilder),
new InvalidOperationException("SAS Uri cannot be generated. builder.Services does specify Queues. builder.Services must either specify Queues or specify all Services are accessible in the value."));
}
/// <summary>
/// Get Track2 accunt sas SasServices
/// </summary>
public static AccountSasServices GetAccountSasServices(SharedAccessAccountServices Service)
{
AccountSasServices outputService = 0;
if ((Service & SharedAccessAccountServices.Blob) == SharedAccessAccountServices.Blob)
{
outputService = outputService | AccountSasServices.Blobs;
}
if ((Service & SharedAccessAccountServices.File) == SharedAccessAccountServices.File)
{
outputService = outputService | AccountSasServices.Files;
}
if ((Service & SharedAccessAccountServices.Queue) == SharedAccessAccountServices.Queue)
{
outputService = outputService | AccountSasServices.Queues;
}
if ((Service & SharedAccessAccountServices.Table) == SharedAccessAccountServices.Table)
{
outputService = outputService | AccountSasServices.Tables;
}
return(outputService);
}
