/// <summary>
/// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
/// shared access signature values to produce the proper SAS query
/// parameters for authenticating requests.
/// </summary>
/// <param name="sharedKeyCredential">
/// The storage account's <see cref="StorageSharedKeyCredential"/>.
/// </param>
/// <returns>
/// The <see cref="SasQueryParameters"/> used for authenticating
/// requests.
/// </returns>
public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
Permissions = QueueAccountSasPermissions.Parse(Permissions).ToString();
if (string.IsNullOrEmpty(Version))
{
Version = SasQueryParameters.DefaultSasVersion;
}
var startTime = SasQueryParameters.FormatTimesForSasSigning(StartTime);
var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime);
// String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
var stringToSign = string.Join("\n",
Permissions,
startTime,
expiryTime,
GetCanonicalName(sharedKeyCredential.AccountName, QueueName ?? string.Empty),
Identifier,
IPRange.ToString(),
Protocol.ToString(),
Version);
var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
var p = new SasQueryParameters(
version: Version,
services: null,
resourceTypes: null,
protocol: Protocol,
startTime: StartTime,
expiryTime: ExpiryTime,
ipRange: IPRange,
identifier: Identifier,
resource: null,
permissions: Permissions,
signature: signature);
return(p);
}
/// <summary>
/// Sets the permissions for a queue account level SAS.
/// </summary>
/// <param name="permissions">
/// <see cref="QueueAccountSasPermissions"/> containing the allowed permissions.
/// </param>
public void SetPermissions(QueueAccountSasPermissions permissions)
{
Permissions = permissions.ToPermissionsString();
}
/// <summary>
/// Initializes a new instance of the <see cref="QueueSasBuilder"/>
/// class.
/// </summary>
/// <param name="permissions">
/// The permissions associated with the shared access signature.
/// The user is restricted to operations allowed by the permissions.
/// This field must be omitted if it has been specified in an
/// associated stored access policy.
/// </param>
/// <param name="expiresOn">
/// The time at which the shared access signature becomes invalid.
/// This field must be omitted if it has been specified in an
/// associated stored access policy.
/// </param>
public QueueSasBuilder(QueueAccountSasPermissions permissions, DateTimeOffset expiresOn)
{
ExpiresOn = expiresOn;
SetPermissions(permissions);
}
