/// <summary>
/// Creates a new TableSasQueryParameters instance.
/// </summary>
internal TableSasQueryParameters(
string version,
string tableName,
string partitionKeyStart,
string rowKeyStart,
string partitionKeyEnd,
string rowKeyEnd,
SasProtocol protocol,
DateTimeOffset startsOn,
DateTimeOffset expiresOn,
SasIPRange ipRange,
string identifier,
string resource,
string permissions,
string signature)
{
TableName = tableName;
StartPartitionKey = partitionKeyStart;
EndPartitionKey = partitionKeyEnd;
StartRowKey = rowKeyStart;
EndRowKey = rowKeyEnd;
_version = version;
_protocol = protocol;
_startTime = startsOn;
_expiryTime = expiresOn;
_ipRange = ipRange;
_identifier = identifier;
_resource = resource;
_permissions = permissions;
_signature = signature;
}
/// <summary>
/// Creates a new TableSasQueryParameters instance.
/// </summary>
internal TableSasQueryParameters(
string version,
TableAccountSasResourceTypes?resourceTypes,
string tableName,
string partitionKeyStart,
string rowKeyStart,
string partitionKeyEnd,
string rowKeyEnd,
SasProtocol protocol,
DateTimeOffset startsOn,
DateTimeOffset expiresOn,
SasIPRange ipRange,
string identifier,
string resource,
string permissions,
string signature)
: base(
version,
resourceTypes,
protocol,
startsOn,
expiresOn,
ipRange,
identifier,
resource,
permissions,
signature)
{
TableName = tableName;
StartPartitionKey = partitionKeyStart;
EndPartitionKey = partitionKeyEnd;
StartRowKey = rowKeyStart;
EndRowKey = rowKeyEnd;
}
public SignedAccessAccountIdentifier(IAccountIdentifier identifier) : base(identifier)
{
if (!identifier.IsAnonymous.HasValue)
{
base.IsAnonymous = new bool?(true);
}
this.SignedAccessRestrictions = new List <SASAccessRestriction>();
this.SignedProtocol = SasProtocol.All;
}
public override void Initialize(SignedAccessHelper helper)
{
if (helper.SignedPermission.HasValue)
{
this.SignedAccessPermission = helper.SignedPermission.Value;
}
this.SignedAccessRestrictions = helper.AccessRestrictions;
this.SignedIP = helper.SignedIP;
this.SignedProtocol = helper.SignedProtocol;
}
/// <summary>
/// Creates and initializes a SASQueryParameters object based on the
/// query parameter map's passed-in values. If deleteSASParametersFromValues is true,
/// all SAS-related query parameters are removed from the passed-in map. If
/// deleteSASParametersFromValues is false, the map passed-in map is unaltered.
/// </summary>
/// <param name="values"></param>
internal SasQueryParameters(UriQueryParamsCollection values)
{
// make copy, otherwise we'll get an exception when we remove
IEnumerable <KeyValuePair <string, string> > kvps = values.ToArray();;
foreach (var kv in kvps)
{
// these are already decoded
var isSASKey = true;
switch (kv.Key.ToUpperInvariant())
{
case Constants.Sas.Parameters.VersionUpper: this.version = kv.Value; break;
case Constants.Sas.Parameters.ServicesUpper: this.services = kv.Value; break;
case Constants.Sas.Parameters.ResourceTypesUpper: this.resourceTypes = kv.Value; break;
case Constants.Sas.Parameters.ProtocolUpper: this.protocol = SasProtocol.Parse(kv.Value); break;
case Constants.Sas.Parameters.StartTimeUpper: this.startTime = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.ExpiryTimeUpper: this.expiryTime = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.IPRangeUpper: this.ipRange = IPRange.Parse(kv.Value); break;
case Constants.Sas.Parameters.IdentifierUpper: this.identifier = kv.Value; break;
case Constants.Sas.Parameters.ResourceUpper: this.resource = kv.Value; break;
case Constants.Sas.Parameters.PermissionsUpper: this.permissions = kv.Value; break;
case Constants.Sas.Parameters.SignatureUpper: this.signature = kv.Value; break;
#if BlobSDK
case Constants.Sas.Parameters.KeyOidUpper: this.keyOid = kv.Value; break;
case Constants.Sas.Parameters.KeyTidUpper: this.keyTid = kv.Value; break;
case Constants.Sas.Parameters.KeyStartUpper: this.keyStart = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.KeyExpiryUpper: this.keyExpiry = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.KeyServiceUpper: this.keyService = kv.Value; break;
case Constants.Sas.Parameters.KeyVersionUpper: this.keyVersion = kv.Value; break;
#endif
default: isSASKey = false; break; // We didn't recognize the query parameter
}
if (isSASKey)
{
values.Remove(kv.Key);
}
}
}
private static AuthorizationResult AuthorizeProtocol(SasProtocol signedProtocol, RequestContext requestContext)
{
AuthorizationResult authorizationResult = new AuthorizationResult(true, AuthorizationFailureReason.NotApplicable);
if (signedProtocol == SasProtocol.All || requestContext.RequestUrl.Scheme.Equals("https", StringComparison.InvariantCultureIgnoreCase) && signedProtocol == SasProtocol.Https)
{
return(authorizationResult);
}
authorizationResult.FailureReason = AuthorizationFailureReason.ProtocolMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
/// <summary>
/// Gets a string representation of the protocol.
/// </summary>
/// <returns>A string representation of the protocol.</returns>
internal static string ToProtocolString(this SasProtocol protocol)
{
switch (protocol)
{
case SasProtocol.Https:
return(HttpsName);
case SasProtocol.HttpsAndHttp:
return(HttpsAndHttpName);
case SasProtocol.None:
default:
return(null);
}
}
/// <summary>
/// Creates a new instance of the <see cref="DataLakeSasQueryParameters"/>
/// type.
///
/// Expects decoded values.
/// </summary>
internal DataLakeSasQueryParameters(
string version,
AccountSasServices?services,
AccountSasResourceTypes?resourceTypes,
SasProtocol protocol,
DateTimeOffset startsOn,
DateTimeOffset expiresOn,
SasIPRange ipRange,
string identifier,
string resource,
string permissions,
string signature,
string keyOid = default,
string keyTid = default,
DateTimeOffset keyStart = default,
DateTimeOffset keyExpiry = default,
string keyService = default,
string keyVersion = default,
string cacheControl = default,
string contentDisposition = default,
string contentEncoding = default,
string contentLanguage = default,
string contentType = default)
: base(
version,
services,
resourceTypes,
protocol,
startsOn,
expiresOn,
ipRange,
identifier,
resource,
permissions,
signature,
keyOid,
keyTid,
keyStart,
keyExpiry,
keyService,
keyVersion,
cacheControl,
contentDisposition,
contentEncoding,
contentLanguage,
contentType)
{
}
public void SasQueryParameters_RoundTrip()
{
var version = "2018-03-28";
AccountSasServices service = AccountSasServices.Blobs;
AccountSasResourceTypes resourceType = AccountSasResourceTypes.Container;
SasProtocol protocol = SasProtocol.Https;
DateTimeOffset startTime = DateTimeOffset.Now;
DateTimeOffset expiryTime = startTime.AddDays(1);
var ipRange = new SasIPRange();
var identifier = "foo";
var resource = "bar";
var permissions = "rw";
var signature = "a+b=";
var cacheControl = "no-store";
var contentDisposition = "inline";
var contentEncoding = "identity";
var contentLanguage = "en-US";
var contentType = "text/html";
var sasQueryParameters = SasQueryParametersInternals.Create(
version,
service,
resourceType,
protocol,
startTime,
expiryTime,
ipRange,
identifier,
resource,
permissions,
signature,
cacheControl: cacheControl,
contentDisposition: contentDisposition,
contentEncoding: contentEncoding,
contentLanguage: contentLanguage,
contentType: contentType
);
Assert.AreEqual(signature, sasQueryParameters.Signature);
var sasString = sasQueryParameters.ToString();
var roundTripSas = SasQueryParametersInternals.Create(new UriQueryParamsCollection(sasString));
Assert.AreEqual(sasQueryParameters.ToString(), roundTripSas.ToString());
}
/// <summary>
/// Takes decoded values
/// </summary>
/// <param name="version"></param>
/// <param name="services"></param>
/// <param name="resourceTypes"></param>
/// <param name="protocol"></param>
/// <param name="startTime"></param>
/// <param name="expiryTime"></param>
/// <param name="ipRange"></param>
/// <param name="identifier"></param>
/// <param name="resource"></param>
/// <param name="permissions"></param>
/// <param name="signature"></param>
internal SasQueryParameters(
string version,
string services,
string resourceTypes,
SasProtocol protocol,
DateTimeOffset startTime,
DateTimeOffset expiryTime,
IPRange ipRange,
string identifier,
string resource,
string permissions,
string signature
#if BlobSDK
, string keyOid = default,
string keyTid = default,
DateTimeOffset keyStart = default,
DateTimeOffset keyExpiry = default,
string keyService = default,
string keyVersion = default
#endif
)
{
// assume URL-decoded
this.version = version ?? SasVersion;
this.services = services ?? String.Empty;
this.resourceTypes = resourceTypes ?? String.Empty;
this.protocol = protocol;
this.startTime = startTime;
this.expiryTime = expiryTime;
this.ipRange = ipRange;
this.identifier = identifier ?? String.Empty;
this.resource = resource ?? String.Empty;
this.permissions = permissions ?? String.Empty;
this.signature = signature ?? String.Empty; // Should never be null
#if BlobSDK
this.keyOid = keyOid;
this.keyTid = keyTid;
this.keyStart = keyStart;
this.keyExpiry = keyExpiry;
this.keyService = keyService;
this.keyVersion = keyVersion;
#endif
}
/// <summary>
/// Creates a new TableAccountSasQueryParameters instance.
/// </summary>
internal TableAccountSasQueryParameters(
string version,
TableAccountSasResourceTypes?resourceTypes,
SasProtocol protocol,
DateTimeOffset startsOn,
DateTimeOffset expiresOn,
SasIPRange ipRange,
string identifier,
string resource,
string permissions,
string signature)
{
_version = version;
_resourceTypes = resourceTypes;
_protocol = protocol;
_startTime = startsOn;
_expiryTime = expiresOn;
_ipRange = ipRange;
_identifier = identifier;
_resource = resource;
_permissions = permissions;
_signature = signature;
}
public void SasQueryParameters_RoundTrip()
{
var version = "2018-03-28";
var service = "b";
var resourceType = "c";
SasProtocol protocol = SasProtocol.Https;
DateTimeOffset startTime = DateTimeOffset.Now;
DateTimeOffset expiryTime = startTime.AddDays(1);
var ipRange = new IPRange();
var identifier = "foo";
var resource = "bar";
var permissions = "rw";
var signature = "a+b=";
var sasQueryParameters = new SasQueryParameters(
version,
service,
resourceType,
protocol,
startTime,
expiryTime,
ipRange,
identifier,
resource,
permissions,
signature
);
Assert.AreEqual(signature, sasQueryParameters.Signature);
var sasString = sasQueryParameters.ToString();
var roundTripSas = new SasQueryParameters(new UriQueryParamsCollection(sasString));
Assert.AreEqual(sasQueryParameters.ToString(), roundTripSas.ToString());
}
/// <summary>
/// Creates a new instance of the <see cref="TableAccountSasQueryParameters"/>
/// type based on the supplied query parameters <paramref name="values"/>.
/// All SAS-related query parameters will be removed from
/// <paramref name="values"/>.
/// </summary>
/// <param name="values">URI query parameters</param>
internal TableAccountSasQueryParameters(
IDictionary <string, string> values)
{
// make copy, otherwise we'll get an exception when we remove
IEnumerable <KeyValuePair <string, string> > kvps = values.ToArray();
foreach (KeyValuePair <string, string> kv in kvps)
{
// these are already decoded
var isSasKey = true;
switch (kv.Key.ToUpperInvariant())
{
case TableConstants.Sas.Parameters.VersionUpper:
_version = kv.Value;
break;
case TableConstants.Sas.Parameters.ResourceTypesUpper:
_resourceTypes = SasExtensions.ParseResourceTypes(kv.Value);
break;
case TableConstants.Sas.Parameters.ProtocolUpper:
_protocol = SasExtensions.ParseProtocol(kv.Value);
break;
case TableConstants.Sas.Parameters.StartTimeUpper:
_startTime = DateTimeOffset.ParseExact(kv.Value, TableConstants.Sas.SasTimeFormat, CultureInfo.InvariantCulture);
break;
case TableConstants.Sas.Parameters.ExpiryTimeUpper:
_expiryTime = DateTimeOffset.ParseExact(kv.Value, TableConstants.Sas.SasTimeFormat, CultureInfo.InvariantCulture);
break;
case TableConstants.Sas.Parameters.IPRangeUpper:
_ipRange = SasIPRange.Parse(kv.Value);
break;
case TableConstants.Sas.Parameters.IdentifierUpper:
_identifier = kv.Value;
break;
case TableConstants.Sas.Parameters.ResourceUpper:
_resource = kv.Value;
break;
case TableConstants.Sas.Parameters.PermissionsUpper:
_permissions = kv.Value;
break;
case TableConstants.Sas.Parameters.SignatureUpper:
_signature = kv.Value;
break;
// We didn't recognize the query parameter
default:
isSasKey = false;
break;
}
// Remove the query parameter if it's part of the SAS
if (isSasKey)
{
values.Remove(kv.Key);
}
}
}
public SignedAccessAccountIdentifier(IStorageAccount account, SecretKeyPermissions keyPermission) : base(account, keyPermission)
{
this.SignedAccessRestrictions = new List <SASAccessRestriction>();
this.SignedProtocol = SasProtocol.All;
}
public SignedAccessAccountIdentifier(string accountName, bool accountIsAdmin, AccountPermissions accountPermissions, SASPermission signedAccessPermission, List <SASAccessRestriction> signedAccessRestrictions) : base(accountName, accountIsAdmin, accountPermissions)
{
this.SignedAccessPermission = signedAccessPermission;
this.SignedAccessRestrictions = signedAccessRestrictions;
this.SignedProtocol = SasProtocol.All;
}
