Example #1
0
        public override void ExecuteCmdlet()
        {
            ICloudBlob blob = default(ICloudBlob);

            if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission ||
                ParameterSetName == BlobNamePipelineParmeterSetWithPolicy)
            {
                blob = GetICloudBlobByName(Container, Blob);
            }
            else
            {
                blob = ICloudBlob;
            }

            SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
            bool shouldSetExpiryTime            = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier);

            SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
            string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier);

            if (FullUri)
            {
                string fullUri = blob.Uri.ToString() + sasToken;
                WriteObject(fullUri);
            }
            else
            {
                WriteObject(sasToken);
            }
        }
        public override void ExecuteCmdlet()
        {
            CloudBlob blob = null;

            if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission ||
                ParameterSetName == BlobNamePipelineParmeterSetWithPolicy)
            {
                blob = GetCloudBlobByName(Container, Blob);
            }
            else
            {
                blob = this.CloudBlob;
            }

            // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas
            bool generateUserDelegationSas = false;
            if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken)
            {
                if (ShouldProcess(blob.Name, "Generate User Delegation SAS, since input Storage Context is OAuth based."))
                {
                    generateUserDelegationSas = true;
                    if (!string.IsNullOrEmpty(accessPolicyIdentifier))
                    {
                        throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy");
                    }
                }
                else
                {
                    return;
                }
            }

            SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
            bool shouldSetExpiryTime = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier);
            SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
            string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange), generateUserDelegationSas);

            if (FullUri)
            {
                string fullUri = blob.SnapshotQualifiedUri.ToString();
                if (blob.IsSnapshot)
                {
                    // Since snapshot URL already has '?', need remove '?' in the first char of sas
                    fullUri = fullUri + "&" + sasToken.Substring(1);
                }
                else
                {
                    fullUri = fullUri + sasToken;
                }
                WriteObject(fullUri);
            }
            else
            {
                WriteObject(sasToken);
            }

        }
Example #3
0
        public override void ExecuteCmdlet()
        {
            if (String.IsNullOrEmpty(Name))
            {
                return;
            }

            // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas
            bool generateUserDelegationSas = false;

            if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken)
            {
                if (ShouldProcess(Name, "Generate User Delegation SAS, since input Storage Context is OAuth based."))
                {
                    generateUserDelegationSas = true;
                    if (!string.IsNullOrEmpty(accessPolicyIdentifier))
                    {
                        throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy");
                    }
                }
                else
                {
                    return;
                }
            }

            CloudBlobContainer     container    = Channel.GetContainerReference(Name);
            SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
            bool shouldSetExpiryTime            = SasTokenHelper.ValidateContainerAccessPolicy(Channel, container.Name, accessPolicy, accessPolicyIdentifier);

            SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
            string sasToken;

            if (generateUserDelegationSas)
            {
                UserDelegationKey userDelegationKey = Channel.GetUserDelegationKey(accessPolicy.SharedAccessStartTime, accessPolicy.SharedAccessExpiryTime, null, null, OperationContext);
                sasToken = container.GetUserDelegationSharedAccessSignature(userDelegationKey, accessPolicy, null, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange));
            }
            else
            {
                sasToken = container.GetSharedAccessSignature(accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange));
            }

            if (FullUri)
            {
                string fullUri = SasTokenHelper.GetFullUriWithSASToken(container.Uri.AbsoluteUri.ToString(), sasToken);
                WriteObject(fullUri);
            }
            else
            {
                WriteObject(sasToken);
            }
        }
        public override void ExecuteCmdlet()
        {
            if (String.IsNullOrEmpty(Name)) return;
            CloudBlobContainer container = Channel.GetContainerReference(Name);
            SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
            bool shouldSetExpiryTime = SasTokenHelper.ValidateContainerAccessPolicy(Channel, container.Name, accessPolicy, accessPolicyIdentifier);
            SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
            string sasToken = container.GetSharedAccessSignature(accessPolicy, accessPolicyIdentifier);

            if (FullUri)
            {
                string fullUri = SasTokenHelper.GetFullUriWithSASToken(container.Uri.AbsoluteUri.ToString(), sasToken);
                WriteObject(fullUri);
            }
            else
            {
                WriteObject(sasToken);
            }
        }
Example #5
0
        public override void ExecuteCmdlet()
        {
            CloudBlob blob = null;

            if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission ||
                ParameterSetName == BlobNamePipelineParmeterSetWithPolicy)
            {
                blob = GetCloudBlobByName(Container, Blob);
            }
            else
            {
                blob = this.CloudBlob;
            }

            SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
            bool shouldSetExpiryTime            = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier);

            SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
            string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange));

            if (FullUri)
            {
                string fullUri = blob.SnapshotQualifiedUri.ToString();
                if (blob.IsSnapshot)
                {
                    // Since snapshot URL already has '?', need remove '?' in the first char of sas
                    fullUri = fullUri + "&" + sasToken.Substring(1);
                }
                else
                {
                    fullUri = fullUri + sasToken;
                }
                WriteObject(fullUri);
            }
            else
            {
                WriteObject(sasToken);
            }
        }
        public override void ExecuteCmdlet()
        {
            if (String.IsNullOrEmpty(Name))
            {
                return;
            }

            // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas
            bool generateUserDelegationSas = false;

            if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken)
            {
                if (ShouldProcess(Name, "Generate User Delegation SAS, since input Storage Context is OAuth based."))
                {
                    generateUserDelegationSas = true;
                    if (!string.IsNullOrEmpty(accessPolicyIdentifier))
                    {
                        throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy");
                    }
                }
                else
                {
                    return;
                }
            }

            if (!UseTrack2Sdk()) // Track1
            {
                CloudBlobContainer     container    = Channel.GetContainerReference(Name);
                SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
                bool shouldSetExpiryTime            = SasTokenHelper.ValidateContainerAccessPolicy(Channel, container.Name, accessPolicy, accessPolicyIdentifier);
                SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
                string sasToken;

                if (generateUserDelegationSas)
                {
                    UserDelegationKey userDelegationKey = Channel.GetUserDelegationKey(accessPolicy.SharedAccessStartTime, accessPolicy.SharedAccessExpiryTime, null, null, OperationContext);
                    sasToken = container.GetUserDelegationSharedAccessSignature(userDelegationKey, accessPolicy, null, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange));
                }
                else
                {
                    sasToken = container.GetSharedAccessSignature(accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange));
                }

                if (FullUri)
                {
                    string fullUri = SasTokenHelper.GetFullUriWithSASToken(container.Uri.AbsoluteUri.ToString(), sasToken);
                    WriteObject(fullUri);
                }
                else
                {
                    WriteObject(sasToken);
                }
            }
            else //Track2
            {
                //Get container instance
                CloudBlobContainer  container_Track1 = Channel.GetContainerReference(Name);
                BlobContainerClient container        = AzureStorageContainer.GetTrack2BlobContainerClient(container_Track1, Channel.StorageContext, ClientOptions);

                // Get contaienr saved policy if any
                Track2Models.BlobSignedIdentifier identifier = null;
                if (ParameterSetName == SasPolicyParmeterSet)
                {
                    identifier = SasTokenHelper.GetBlobSignedIdentifier(container, this.Policy, CmdletCancellationToken);
                }

                //Create SAS builder
                BlobSasBuilder sasBuilder = SasTokenHelper.SetBlobSasBuilder_FromContainer(container, identifier, this.Permission, this.StartTime, this.ExpiryTime, this.IPAddressOrRange, this.Protocol);

                //Create SAS and output it
                string sasToken = SasTokenHelper.GetBlobSharedAccessSignature(Channel.StorageContext, sasBuilder, generateUserDelegationSas, ClientOptions, CmdletCancellationToken);
                if (sasToken[0] != '?')
                {
                    sasToken = "?" + sasToken;
                }

                if (FullUri)
                {
                    string fullUri = SasTokenHelper.GetFullUriWithSASToken(container.Uri.AbsoluteUri.ToString(), sasToken);
                    WriteObject(fullUri);
                }
                else
                {
                    WriteObject(sasToken);
                }
            }
        }
        public override void ExecuteCmdlet()
        {
            CloudBlob blob = null;

            if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission ||
                ParameterSetName == BlobNamePipelineParmeterSetWithPolicy)
            {
                blob = GetCloudBlobByName(Container, Blob);
            }
            else
            {
                blob = this.CloudBlob;
            }

            // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas
            bool generateUserDelegationSas = false;

            if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken)
            {
                if (ShouldProcess(blob.Name, "Generate User Delegation SAS, since input Storage Context is OAuth based."))
                {
                    generateUserDelegationSas = true;
                    if (!string.IsNullOrEmpty(accessPolicyIdentifier))
                    {
                        throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy");
                    }
                }
                else
                {
                    return;
                }
            }

            if (!(blob is InvalidCloudBlob) && !UseTrack2Sdk())
            {
                SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
                bool shouldSetExpiryTime            = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier);
                SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
                string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange), generateUserDelegationSas);

                if (FullUri)
                {
                    string fullUri = blob.SnapshotQualifiedUri.ToString();
                    if (blob.IsSnapshot)
                    {
                        // Since snapshot URL already has '?', need remove '?' in the first char of sas
                        fullUri = fullUri + "&" + sasToken.Substring(1);
                    }
                    else
                    {
                        fullUri = fullUri + sasToken;
                    }
                    WriteObject(fullUri);
                }
                else
                {
                    WriteObject(sasToken);
                }
            }
            else // Use Track2 SDk
            {
                //Get blob instance
                BlobBaseClient blobClient;
                if (this.BlobBaseClient != null)
                {
                    blobClient = this.BlobBaseClient;
                }
                else
                {
                    blobClient = AzureStorageBlob.GetTrack2BlobClient(blob, Channel.StorageContext, this.ClientOptions);
                }

                // Get contaienr saved policy if any
                BlobSignedIdentifier identifier = null;
                if (ParameterSetName == BlobNamePipelineParmeterSetWithPolicy || ParameterSetName == BlobPipelineParameterSetWithPolicy)
                {
                    BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(Channel.GetContainerReference(blobClient.BlobContainerName), Channel.StorageContext, ClientOptions);
                    identifier = SasTokenHelper.GetBlobSignedIdentifier(container, this.Policy, CmdletCancellationToken);
                }

                //Create SAS builder
                BlobSasBuilder sasBuilder = SasTokenHelper.SetBlobSasBuilder_FromBlob(blobClient, identifier, this.Permission, this.StartTime, this.ExpiryTime, this.IPAddressOrRange, this.Protocol);

                //Create SAS and ourput
                string sasToken = SasTokenHelper.GetBlobSharedAccessSignature(Channel.StorageContext, sasBuilder, generateUserDelegationSas, ClientOptions, CmdletCancellationToken);
                if (sasToken[0] != '?')
                {
                    sasToken = "?" + sasToken;
                }

                if (FullUri)
                {
                    string fullUri = blobClient.Uri.ToString();
                    if (blob.IsSnapshot)
                    {
                        // Since snapshot URL already has '?', need remove '?' in the first char of sas
                        fullUri = fullUri + "&" + sasToken.Substring(1);
                    }
                    else
                    {
                        fullUri = fullUri + sasToken;
                    }
                    WriteObject(fullUri);
                }
                else
                {
                    WriteObject(sasToken);
                }
            }
        }
Example #8
0
        public override void ExecuteCmdlet()
        {
            CloudBlob blob = null;

            if (ParameterSetName == BlobNamePipelineParmeterSetWithPermission ||
                ParameterSetName == BlobNamePipelineParmeterSetWithPolicy)
            {
                blob = GetCloudBlobByName(Container, Blob);
            }
            else
            {
                blob = this.CloudBlob;
            }

            // When the input context is Oauth bases, can't generate normal SAS, but UserDelegationSas
            bool generateUserDelegationSas = false;

            if (Channel != null && Channel.StorageContext != null && Channel.StorageContext.StorageAccount.Credentials.IsToken)
            {
                if (ShouldProcess(blob.Name, "Generate User Delegation SAS, since input Storage Context is OAuth based."))
                {
                    generateUserDelegationSas = true;
                    if (!string.IsNullOrEmpty(accessPolicyIdentifier))
                    {
                        throw new ArgumentException("When input Storage Context is OAuth based, Saved Policy is not supported.", "Policy");
                    }
                }
                else
                {
                    return;
                }
            }

            if (!(blob is InvalidCloudBlob) && !UseTrack2SDK())
            {
                SharedAccessBlobPolicy accessPolicy = new SharedAccessBlobPolicy();
                bool shouldSetExpiryTime            = SasTokenHelper.ValidateContainerAccessPolicy(Channel, blob.Container.Name, accessPolicy, accessPolicyIdentifier);
                SetupAccessPolicy(accessPolicy, shouldSetExpiryTime);
                string sasToken = GetBlobSharedAccessSignature(blob, accessPolicy, accessPolicyIdentifier, Protocol, Util.SetupIPAddressOrRangeForSAS(IPAddressOrRange), generateUserDelegationSas);

                if (FullUri)
                {
                    string fullUri = blob.SnapshotQualifiedUri.ToString();
                    if (blob.IsSnapshot)
                    {
                        // Since snapshot URL already has '?', need remove '?' in the first char of sas
                        fullUri = fullUri + "&" + sasToken.Substring(1);
                    }
                    else
                    {
                        fullUri = fullUri + sasToken;
                    }
                    WriteObject(fullUri);
                }
                else
                {
                    WriteObject(sasToken);
                }
            }
            else // Use Track2 SDk
            {
                BlobBaseClient blobClient;
                if (this.BlobBaseClient != null)
                {
                    blobClient = this.BlobBaseClient;
                }
                else
                {
                    blobClient = AzureStorageBlob.GetTrack2BlobClient(blob, Channel.StorageContext, this.ClientOptions);
                }

                BlobSasBuilder sasBuilder;
                if (ParameterSetName == BlobNamePipelineParmeterSetWithPolicy || ParameterSetName == BlobPipelineParameterSetWithPolicy)
                {
                    BlobContainerClient container = AzureStorageContainer.GetTrack2BlobContainerClient(Channel.GetContainerReference(blobClient.BlobContainerName), Channel.StorageContext, ClientOptions);
                    IEnumerable <BlobSignedIdentifier> signedIdentifiers = container.GetAccessPolicy(cancellationToken: CmdletCancellationToken).Value.SignedIdentifiers;
                    BlobSignedIdentifier signedIdentifier = null;
                    foreach (BlobSignedIdentifier identifier in signedIdentifiers)
                    {
                        if (identifier.Id == this.Policy)
                        {
                            signedIdentifier = identifier;
                            break;
                        }
                    }
                    if (signedIdentifier is null)
                    {
                        throw new ArgumentException(string.Format(Resources.InvalidAccessPolicy, this.Policy));
                    }
                    sasBuilder = new BlobSasBuilder
                    {
                        BlobContainerName = blobClient.BlobContainerName,
                        BlobName          = blobClient.Name,
                        Identifier        = this.Policy
                    };

                    if (this.StartTime != null)
                    {
                        if (signedIdentifier.AccessPolicy.StartsOn != DateTimeOffset.MinValue)
                        {
                            throw new InvalidOperationException(Resources.SignedStartTimeMustBeOmitted);
                        }
                        else
                        {
                            sasBuilder.StartsOn = this.StartTime.Value.ToUniversalTime();
                        }
                    }

                    if (this.ExpiryTime != null)
                    {
                        if (signedIdentifier.AccessPolicy.ExpiresOn != DateTimeOffset.MinValue)
                        {
                            throw new ArgumentException(Resources.SignedExpiryTimeMustBeOmitted);
                        }
                        else
                        {
                            sasBuilder.ExpiresOn = this.ExpiryTime.Value.ToUniversalTime();
                        }
                    }
                    else if (signedIdentifier.AccessPolicy.ExpiresOn == DateTimeOffset.MinValue)
                    {
                        if (sasBuilder.StartsOn != DateTimeOffset.MinValue)
                        {
                            sasBuilder.ExpiresOn = sasBuilder.StartsOn.ToUniversalTime().AddHours(1);
                        }
                        else
                        {
                            sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
                        }
                    }

                    if (this.Permission != null)
                    {
                        if (signedIdentifier.AccessPolicy.Permissions != null)
                        {
                            throw new ArgumentException(Resources.SignedPermissionsMustBeOmitted);
                        }
                        else
                        {
                            sasBuilder.SetPermissions(this.Permission);
                        }
                    }
                }
                else
                {
                    sasBuilder = new BlobSasBuilder
                    {
                        BlobContainerName = blobClient.BlobContainerName,
                        BlobName          = blobClient.Name,
                    };
                    sasBuilder.SetPermissions(this.Permission);
                    if (this.StartTime != null)
                    {
                        sasBuilder.StartsOn = this.StartTime.Value.ToUniversalTime();
                    }
                    if (this.ExpiryTime != null)
                    {
                        sasBuilder.ExpiresOn = this.ExpiryTime.Value.ToUniversalTime();
                    }
                    else
                    {
                        if (sasBuilder.StartsOn != DateTimeOffset.MinValue)
                        {
                            sasBuilder.ExpiresOn = sasBuilder.StartsOn.AddHours(1).ToUniversalTime();
                        }
                        else
                        {
                            sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
                        }
                    }
                }
                if (this.IPAddressOrRange != null)
                {
                    sasBuilder.IPRange = Util.SetupIPAddressOrRangeForSASTrack2(this.IPAddressOrRange);
                }
                if (this.Protocol != null)
                {
                    if (this.Protocol.Value == SharedAccessProtocol.HttpsOrHttp)
                    {
                        sasBuilder.Protocol = SasProtocol.HttpsAndHttp;
                    }
                    else //HttpsOnly
                    {
                        sasBuilder.Protocol = SasProtocol.Https;
                    }
                }
                if (Util.GetVersionIdFromBlobUri(blobClient.Uri) != null)
                {
                    sasBuilder.BlobVersionId = Util.GetVersionIdFromBlobUri(blobClient.Uri);
                }
                if (Util.GetSnapshotTimeFromBlobUri(blobClient.Uri) != null)
                {
                    sasBuilder.Snapshot = Util.GetSnapshotTimeFromBlobUri(blobClient.Uri).Value.ToString("o");
                }

                string sasToken = GetBlobSharedAccessSignature(blobClient, sasBuilder, generateUserDelegationSas);
                if (sasToken[0] != '?')
                {
                    sasToken = "?" + sasToken;
                }

                if (FullUri)
                {
                    string fullUri = blobClient.Uri.ToString();
                    if (blob.IsSnapshot)
                    {
                        // Since snapshot URL already has '?', need remove '?' in the first char of sas
                        fullUri = fullUri + "&" + sasToken.Substring(1);
                    }
                    else
                    {
                        fullUri = fullUri + sasToken;
                    }
                    WriteObject(fullUri);
                }
                else
                {
                    WriteObject(sasToken);
                }
            }
        }