public void CloudBlobContainerUpdateSASToken()
{
// Create a policy with read/write access and get SAS.
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write,
};
string sasToken = this.testContainer.GetSharedAccessSignature(policy);
//Thread.Sleep(35000);
CloudBlockBlob testBlockBlob = this.testContainer.GetBlockBlobReference("blockblob");
TestAccess(sasToken, SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write, null, this.testContainer, testBlockBlob);
StorageCredentials creds = new StorageCredentials(sasToken);
// Change the policy to only read and update SAS.
SharedAccessBlobPolicy policy2 = new SharedAccessBlobPolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessBlobPermissions.Read
};
string sasToken2 = this.testContainer.GetSharedAccessSignature(policy2);
creds.UpdateSASToken(sasToken2);
// Extra check to make sure that we have actually updated the SAS token.
CloudBlobContainer container = new CloudBlobContainer(this.testContainer.Uri, creds);
CloudBlockBlob blob = container.GetBlockBlobReference("blockblob2");
TestHelper.ExpectedException(
() => UploadText(blob, "blob", Encoding.UTF8),
"Writing to a blob while SAS does not allow for writing",
HttpStatusCode.Forbidden);
CloudPageBlob testPageBlob = this.testContainer.GetPageBlobReference("pageblob");
TestAccess(sasToken2, SharedAccessBlobPermissions.Read, null, this.testContainer, testPageBlob);
}
public async Task TableUpdateSasTestAsync()
{
CloudTableClient tableClient = GenerateCloudTableClient();
CloudTable table = tableClient.GetTableReference("T" + Guid.NewGuid().ToString("N"));
try
{
await table.CreateAsync();
BaseEntity entity = new BaseEntity("PK", "RK");
await table.ExecuteAsync(TableOperation.Insert(entity));
SharedAccessTablePolicy policy = new SharedAccessTablePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessTablePermissions.Delete,
};
string sasToken = table.GetSharedAccessSignature(policy, null, null, null, null, null);
StorageCredentials creds = new StorageCredentials(sasToken);
CloudTable sasTable = new CloudTable(table.Uri, creds);
OperationContext context = new OperationContext();
await TestHelper.ExpectedExceptionAsync(
async () => await sasTable.ExecuteAsync(TableOperation.Insert(new BaseEntity("PK", "RK2")), null, context),
context,
"Try to insert an entity when SAS doesn't allow inserts",
HttpStatusCode.Forbidden);
await sasTable.ExecuteAsync(TableOperation.Delete(entity));
SharedAccessTablePolicy policy2 = new SharedAccessTablePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessTablePermissions.Delete | SharedAccessTablePermissions.Add,
};
string sasToken2 = table.GetSharedAccessSignature(policy2, null, null, null, null, null);
creds.UpdateSASToken(sasToken2);
sasTable = new CloudTable(table.Uri, creds);
await sasTable.ExecuteAsync(TableOperation.Insert(new BaseEntity("PK", "RK2")));
}
finally
{
table.DeleteIfExistsAsync().AsTask().Wait();
}
}
public void CloudFileShareUpdateSASToken()
{
// Create a policy with read/write access and get SAS.
SharedAccessFilePolicy policy = new SharedAccessFilePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessFilePermissions.Read | SharedAccessFilePermissions.Write,
};
string sasToken = this.testShare.GetSharedAccessSignature(policy);
//Thread.Sleep(35000);
CloudFile testFile = this.testShare.GetRootDirectoryReference().GetFileReference("file");
UploadText(testFile, "file", Encoding.UTF8);
TestAccess(sasToken, SharedAccessFilePermissions.Read | SharedAccessFilePermissions.Write, null, this.testShare, testFile);
StorageCredentials creds = new StorageCredentials(sasToken);
// Change the policy to only read and update SAS.
SharedAccessFilePolicy policy2 = new SharedAccessFilePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessFilePermissions.Read
};
string sasToken2 = this.testShare.GetSharedAccessSignature(policy2);
creds.UpdateSASToken(sasToken2);
// Extra check to make sure that we have actually updated the SAS token.
CloudFileShare share = new CloudFileShare(this.testShare.Uri, creds);
CloudFile testFile2 = share.GetRootDirectoryReference().GetFileReference("file2");
TestHelper.ExpectedException(
() => UploadText(testFile2, "file", Encoding.UTF8),
"Writing to a file while SAS does not allow for writing",
HttpStatusCode.NotFound);
CloudFile testFile3 = this.testShare.GetRootDirectoryReference().GetFileReference("file3");
testFile3.Create(0);
TestAccess(sasToken2, SharedAccessFilePermissions.Read, null, this.testShare, testFile);
}
public async Task CloudBlobContainerUpdateSASTokenAsync()
{
// Create a policy with read/write acces and get SAS.
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write,
};
string sasToken = this.testContainer.GetSharedAccessSignature(policy);
CloudBlockBlob testBlockBlob = this.testContainer.GetBlockBlobReference("blockblob");
await UploadTextAsync(testBlockBlob, "blob", Encoding.UTF8);
await TestAccessAsync(sasToken, SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write, null, this.testContainer, testBlockBlob);
StorageCredentials creds = new StorageCredentials(sasToken);
// Change the policy to only read and update SAS.
SharedAccessBlobPolicy policy2 = new SharedAccessBlobPolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessBlobPermissions.Read
};
string sasToken2 = this.testContainer.GetSharedAccessSignature(policy2);
creds.UpdateSASToken(sasToken2);
// Extra check to make sure that we have actually uopdated the SAS token.
CloudBlobContainer container = new CloudBlobContainer(this.testContainer.Uri, creds);
CloudBlockBlob blob = container.GetBlockBlobReference("blockblob2");
OperationContext operationContext = new OperationContext();
await TestHelper.ExpectedExceptionAsync(
async () => await UploadTextAsync(blob, "blob", Encoding.UTF8, null, null, operationContext),
operationContext,
"Writing to a blob while SAS does not allow for writing",
HttpStatusCode.NotFound);
CloudPageBlob testPageBlob = this.testContainer.GetPageBlobReference("pageblob");
await testPageBlob.CreateAsync(0);
await TestAccessAsync(sasToken2, SharedAccessBlobPermissions.Read, null, this.testContainer, testPageBlob);
}
public void TableUpdateSasTestSync()
{
CloudTableClient tableClient = GenerateCloudTableClient();
CloudTable table = tableClient.GetTableReference("T" + Guid.NewGuid().ToString("N"));
try
{
table.Create();
BaseEntity entity = new BaseEntity("PK", "RK");
table.Execute(TableOperation.Insert(entity));
SharedAccessTablePolicy policy = new SharedAccessTablePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessTablePermissions.Delete,
};
string sasToken = table.GetSharedAccessSignature(policy);
StorageCredentials creds = new StorageCredentials(sasToken);
CloudTable sasTable = new CloudTable(table.Uri, creds);
TestHelper.ExpectedException(
() => sasTable.Execute(TableOperation.Insert(new BaseEntity("PK", "RK2"))),
"Try to insert an entity when SAS doesn't allow inserts",
HttpStatusCode.NotFound);
sasTable.Execute(TableOperation.Delete(entity));
SharedAccessTablePolicy policy2 = new SharedAccessTablePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessTablePermissions.Delete | SharedAccessTablePermissions.Add,
};
string sasToken2 = table.GetSharedAccessSignature(policy2);
creds.UpdateSASToken(sasToken2);
sasTable = new CloudTable(table.Uri, creds);
sasTable.Execute(TableOperation.Insert(new BaseEntity("PK", "RK2")));
}
finally
{
table.DeleteIfExists();
}
}
public async Task UpdateQueueSASTestAsync()
{
CloudQueueClient client = GenerateCloudQueueClient();
CloudQueue queue = client.GetQueueReference(GenerateNewQueueName());
try
{
await queue.CreateAsync();
string messageContent = Guid.NewGuid().ToString();
CloudQueueMessage message = new CloudQueueMessage(messageContent);
await queue.AddMessageAsync(message);
SharedAccessQueuePolicy policy = new SharedAccessQueuePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages,
};
string id = Guid.NewGuid().ToString();
string sasToken = queue.GetSharedAccessSignature(policy, null);
StorageCredentials sasCreds = new StorageCredentials(sasToken);
CloudQueue sasQueue = new CloudQueue(queue.Uri, sasCreds);
OperationContext context = new OperationContext();
await TestHelper.ExpectedExceptionAsync(
async () => await sasQueue.PeekMessageAsync(null, context),
context,
"Peek when Sas does not allow Read access on the queue",
HttpStatusCode.Forbidden);
await sasQueue.AddMessageAsync(message);
SharedAccessQueuePolicy policy2 = new SharedAccessQueuePolicy()
{
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
Permissions = SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.ProcessMessages | SharedAccessQueuePermissions.Read,
};
string sasToken2 = queue.GetSharedAccessSignature(policy2, null);
sasCreds.UpdateSASToken(sasToken2);
sasQueue = new CloudQueue(queue.Uri, sasCreds);
await sasQueue.PeekMessageAsync();
}
finally
{
queue.DeleteIfExistsAsync().AsTask().Wait();
}
}