Example #1
0
        public void GenerateAccountSas_WrongService_Service()
        {
            var    constants                      = new TestConstants(this);
            var    blobEndpoint                   = new Uri("http://127.0.0.1/" + constants.Sas.Account);
            var    blobSecondaryEndpoint          = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary");
            var    storageConnectionString        = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint));
            string connectionString               = storageConnectionString.ToString(true);
            AccountSasPermissions   permissions   = AccountSasPermissions.Read | AccountSasPermissions.Write;
            DateTimeOffset          expiresOn     = Recording.UtcNow.AddHours(+1);
            AccountSasServices      services      = AccountSasServices.Files;// Wrong Service
            AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
            BlobServiceClient       serviceClient = InstrumentClient(new BlobServiceClient(connectionString, GetOptions()));

            AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
            {
                IPRange  = new SasIPRange(System.Net.IPAddress.None, System.Net.IPAddress.None),
                StartsOn = Recording.UtcNow.AddHours(-1)
            };

            // Act
            try
            {
                Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);

                Assert.Fail("BlobContainerClient.GenerateSasUri should have failed with an ArgumentException.");
            }
            catch (InvalidOperationException)
            {
                // the correct exception came back
            }
        }
        public void GenerateAccountSas_RequiredParameters()
        {
            // Arrange
            var                     constants               = new TestConstants(this);
            var                     blobEndpoint            = new Uri("http://127.0.0.1/" + constants.Sas.Account);
            var                     blobSecondaryEndpoint   = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary");
            var                     storageConnectionString = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint));
            string                  connectionString        = storageConnectionString.ToString(true);
            DateTimeOffset          expiresOn               = Recording.UtcNow.AddHours(+1);
            AccountSasPermissions   permissions             = AccountSasPermissions.Read | AccountSasPermissions.Write;
            AccountSasResourceTypes resourceTypes           = AccountSasResourceTypes.All;
            BlobServiceClient       serviceClient           = new BlobServiceClient(connectionString, GetOptions());

            // Act
            Uri sasUri = serviceClient.GenerateAccountSasUri(
                permissions: permissions,
                expiresOn: expiresOn,
                resourceTypes: resourceTypes);

            // Assert
            AccountSasBuilder sasBuilder  = new AccountSasBuilder(permissions, expiresOn, AccountSasServices.Blobs, resourceTypes);
            UriBuilder        expectedUri = new UriBuilder(blobEndpoint);

            expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString();
            Assert.AreEqual(expectedUri.Uri.ToString(), sasUri.ToString());
        }
Example #3
0
        public void GenerateAccountSas_Builder()
        {
            var    constants                      = new TestConstants(this);
            var    blobEndpoint                   = new Uri("http://127.0.0.1/" + constants.Sas.Account);
            var    blobSecondaryEndpoint          = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary");
            var    storageConnectionString        = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint));
            string connectionString               = storageConnectionString.ToString(true);
            AccountSasPermissions   permissions   = AccountSasPermissions.Read | AccountSasPermissions.Write;
            DateTimeOffset          expiresOn     = Recording.UtcNow.AddHours(+1);
            AccountSasServices      services      = AccountSasServices.Blobs;
            AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
            BlobServiceClient       serviceClient = InstrumentClient(new BlobServiceClient(connectionString, GetOptions()));

            AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
            {
                IPRange  = new SasIPRange(System.Net.IPAddress.None, System.Net.IPAddress.None),
                StartsOn = Recording.UtcNow.AddHours(-1)
            };

            // Act
            Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);

            // Assert
            UriBuilder expectedUri = new UriBuilder(blobEndpoint);

            expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString();
            Assert.AreEqual(expectedUri.Uri.ToString(), sasUri.ToString());
        }
        public void GenerateAccountSas_Builder()
        {
            TestConstants           constants     = TestConstants.Create(this);
            Uri                     serviceUri    = new Uri($"https://{constants.Sas.Account}.blob.core.windows.net");
            AccountSasPermissions   permissions   = AccountSasPermissions.Read | AccountSasPermissions.Write;
            DateTimeOffset          expiresOn     = Recording.UtcNow.AddHours(+1);
            AccountSasServices      services      = AccountSasServices.Blobs;
            AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
            BlobServiceClient       serviceClient = InstrumentClient(
                new BlobServiceClient(
                    serviceUri,
                    constants.Sas.SharedKeyCredential,
                    GetOptions()));

            AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
            {
                StartsOn = Recording.UtcNow.AddHours(-1)
            };

            // Act
            Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder);

            // Assert
            UriBuilder expectedUri = new UriBuilder(serviceUri);

            expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString();
            Assert.AreEqual(expectedUri.Uri, sasUri);
        }
Example #5
0
        /// <summary>
        /// Creates an Account SAS Token
        /// </summary>
        /// <returns>A SAS token.</returns>
        private static Uri GetAccountSASToken(BlobServiceClient blobServiceClient)
        {
            // Create a new access policy for the account with the following properties:
            // Permissions: Read, Write, List, Create, Delete
            // ResourceType: Container
            // Expires in 24 hours
            var sasToken = blobServiceClient.GenerateAccountSasUri(AccountSasPermissions.Read | AccountSasPermissions.Create | AccountSasPermissions.Write | AccountSasPermissions.List | AccountSasPermissions.Delete, DateTimeOffset.UtcNow.AddHours(1), AccountSasResourceTypes.All);

            // Return the SASToken
            return(sasToken);
        }
        public object RequestUploadInfo()
        {
            var sasBuilder = new AccountSasBuilder
            {
                Services      = AccountSasServices.Blobs,
                StartsOn      = DateTimeOffset.UtcNow.AddMinutes(-5),
                ExpiresOn     = DateTimeOffset.UtcNow.AddMinutes(5),
                Protocol      = SasProtocol.Https,
                ResourceTypes = AccountSasResourceTypes.Object | AccountSasResourceTypes.Container,
            };

            sasBuilder.SetPermissions(AccountSasPermissions.Read | AccountSasPermissions.Write | AccountSasPermissions.Update | AccountSasPermissions.Tag);

            var client = new BlobServiceClient(azureOptions.CurrentValue.StorageAccount.ConnectionString);

            return(new { Sas = client.GenerateAccountSasUri(sasBuilder).ToString(), ContainerName = azureOptions.CurrentValue.StorageAccount.ContainerName });
        }
Example #7
0
        public async Task SetImmutibilityPolicyAsync_SetLegalHold_AccoutnSas(AccountSasPermissions sasPermissions)
        {
            // Arrange
            await using DisposingImmutableStorageWithVersioningContainer vlwContainer = await GetTestVersionLevelWormContainer(TestConfigOAuth);

            BlobBaseClient blob = await GetNewBlobClient(vlwContainer.Container, GetNewBlobName());

            BlobServiceClient sharedKeyServiceClient = InstrumentClient(
                GetServiceClient_OAuthAccount_SharedKey());
            Uri serviceSasUri = sharedKeyServiceClient.GenerateAccountSasUri(
                sasPermissions,
                Recording.UtcNow.AddDays(1),
                AccountSasResourceTypes.All);
            BlobBaseClient sasBlobClient = InstrumentClient(new BlobServiceClient(serviceSasUri, GetOptions())
                                                            .GetBlobContainerClient(vlwContainer.Container.Name)
                                                            .GetBlobBaseClient(blob.Name));

            BlobImmutabilityPolicy immutabilityPolicy = new BlobImmutabilityPolicy
            {
                ExpiresOn  = Recording.UtcNow.AddMinutes(5),
                PolicyMode = BlobImmutabilityPolicyMode.Unlocked
            };

            // The service rounds Immutability Policy Expiry to the nearest second.
            DateTimeOffset expectedImmutabilityPolicyExpiry = RoundToNearestSecond(immutabilityPolicy.ExpiresOn.Value);

            // Act
            Response <BlobImmutabilityPolicy> response = await sasBlobClient.SetImmutabilityPolicyAsync(
                immutabilityPolicy : immutabilityPolicy);

            // Assert
            Assert.AreEqual(expectedImmutabilityPolicyExpiry, response.Value.ExpiresOn);
            Assert.AreEqual(immutabilityPolicy.PolicyMode, response.Value.PolicyMode);

            // Act
            Response <BlobLegalHoldResult> legalHoldResponse = await sasBlobClient.SetLegalHoldAsync(hasLegalHold : false);

            // Assert
            Assert.IsFalse(legalHoldResponse.Value.HasLegalHold);
        }
        public void GenerateAccountSas_WrongService_Service()
        {
            TestConstants           constants     = TestConstants.Create(this);
            Uri                     serviceUri    = new Uri($"https://{constants.Sas.Account}.blob.core.windows.net");
            AccountSasPermissions   permissions   = AccountSasPermissions.Read | AccountSasPermissions.Write;
            DateTimeOffset          expiresOn     = Recording.UtcNow.AddHours(+1);
            AccountSasServices      services      = AccountSasServices.Files; // Wrong Service
            AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All;
            BlobServiceClient       serviceClient = InstrumentClient(
                new BlobServiceClient(
                    serviceUri,
                    constants.Sas.SharedKeyCredential,
                    GetOptions()));

            AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes)
            {
                StartsOn = Recording.UtcNow.AddHours(-1)
            };

            // Act
            TestHelper.AssertExpectedException(
                () => serviceClient.GenerateAccountSasUri(sasBuilder),
                new InvalidOperationException("SAS Uri cannot be generated. builder.Services does specify Blobs. builder.Services must either specify Blobs or specify all Services are accessible in the value."));
        }