private static Uri GetSasUriForBlob(BlobClient blobClient, string storedPolicyName = null)
{
// Check whether this BlobClient object has been authorized with Shared Key.
if (blobClient.CanGenerateSasUri)
{
// Create a SAS token that's valid for one hour.
var sasBuilder = new BlobSasBuilder()
{
BlobContainerName = blobClient.GetParentBlobContainerClient().Name,
BlobName = blobClient.Name,
Resource = "b"
};
if (storedPolicyName == null)
{
sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
sasBuilder.SetPermissions(BlobSasPermissions.Read |
BlobSasPermissions.Write);
}
else
{
sasBuilder.Identifier = storedPolicyName;
}
var sasUri = blobClient.GenerateSasUri(sasBuilder);
Console.WriteLine("SAS URI for blob is: {0}\n", sasUri);
return(sasUri);
}
else
{
Console.WriteLine(@"BlobClient must be authorized with Shared Key credentials to create a service SAS.");
return(null);
}
}
// </Snippet_UseAccountSAS>
#region GetUserDelegationSasBlob
// <Snippet_GetUserDelegationSasBlob>
async static Task <Uri> GetUserDelegationSasBlob(BlobClient blobClient)
{
BlobServiceClient blobServiceClient =
blobClient.GetParentBlobContainerClient().GetParentBlobServiceClient();
// Get a user delegation key for the Blob service that's valid for 7 days.
// You can use the key to generate any number of shared access signatures
// over the lifetime of the key.
Azure.Storage.Blobs.Models.UserDelegationKey userDelegationKey =
await blobServiceClient.GetUserDelegationKeyAsync(DateTimeOffset.UtcNow,
DateTimeOffset.UtcNow.AddDays(7));
// Create a SAS token that's also valid for 7 days.
BlobSasBuilder sasBuilder = new BlobSasBuilder()
{
BlobContainerName = blobClient.BlobContainerName,
BlobName = blobClient.Name,
Resource = "b",
StartsOn = DateTimeOffset.UtcNow,
ExpiresOn = DateTimeOffset.UtcNow.AddDays(7)
};
// Specify read and write permissions for the SAS.
sasBuilder.SetPermissions(BlobSasPermissions.Read |
BlobSasPermissions.Write);
// Add the SAS token to the blob URI.
BlobUriBuilder blobUriBuilder = new BlobUriBuilder(blobClient.Uri)
{
// Specify the user delegation key.
Sas = sasBuilder.ToSasQueryParameters(userDelegationKey,
blobServiceClient.AccountName)
};
Console.WriteLine("Blob user delegation SAS URI: {0}", blobUriBuilder);
Console.WriteLine();
return(blobUriBuilder.ToUri());
}
// </Snippet_ListFilePathsWithDirectorySasAsync>
#endregion
//-------------------------------------------------
// Security menu (Can call asynchronous and synchronous methods)
//-------------------------------------------------
public async Task <bool> MenuAsync()
{
Console.Clear();
Console.WriteLine("Choose a SAS scenario:");
Console.WriteLine("1) Create service SAS for a blob container");
Console.WriteLine("2) Create service SAS for a blob");
Console.WriteLine("3) Create service SAS for the storage account");
Console.WriteLine("4) Create a storage account by using a SAS token");
Console.WriteLine("5) Create service SAS for an ADLS directory");
Console.WriteLine("6) Create user delegation SAS for a blob and read blob with SAS");
Console.WriteLine("7) Create user delegation SAS for a container and list blobs with SAS");
Console.WriteLine("8) Create user delegation SAS for a directory and list paths with SAS");
Console.WriteLine("X) Exit to main menu");
Console.Write("\r\nSelect an option: ");
switch (Console.ReadLine())
{
case "1":
var connectionString1 = Constants.connectionString;
BlobServiceClient blobServiceClient1 = new BlobServiceClient(connectionString1);
GetServiceSasUriForContainer(blobServiceClient1.GetBlobContainerClient(Constants.containerName),
Constants.accountKey);
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "2":
var connectionString2 = Constants.connectionString;
BlobClient blobClient2 = new BlobClient(connectionString2, Constants.containerName, Constants.blobName);
GetServiceSasUriForBlob(blobClient2, default);
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "3":
var connectionString3 = Constants.connectionString;
BlobServiceClient blobServiceClient3 = new BlobServiceClient(connectionString3);
GetAccountSASToken(new StorageSharedKeyCredential(Constants.storageAccountName, Constants.accountKey));
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "4":
var connectionString4 = Constants.connectionString;
BlobServiceClient blobServiceClient4 = new BlobServiceClient(connectionString4);
string token = GetAccountSASToken(new StorageSharedKeyCredential(Constants.storageAccountName, Constants.accountKey));
UseAccountSAS(blobServiceClient4.Uri, token);
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "5":
// Construct the directory endpoint from the account name.
string directoryEndpoint = string.Format("https://{0}.dfs.core.windows.net/{1}/{2}",
Constants.storageAccountNameAdls,
Constants.directoryName,
Constants.subDirectoryName);
DataLakeDirectoryClient directoryClient =
new DataLakeDirectoryClient(new Uri(directoryEndpoint),
new StorageSharedKeyCredential(Constants.storageAccountNameAdls,
Constants.accountKeyAdls));
GetServiceSasUriForDirectory(directoryClient, default);
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "6":
Uri blobUri6 = new Uri(string.Format("https://{0}.blob.core.windows.net/{1}/{2}",
Constants.storageAccountName,
Constants.containerName,
Constants.blobName));
BlobClient blobClient6 = new BlobClient(blobUri6, new DefaultAzureCredential());
Uri blobSasUri = GetUserDelegationSasBlob(blobClient6).Result;
ReadBlobWithSasAsync(blobSasUri).Wait();
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "7":
Uri blobUri7 = new Uri(string.Format("https://{0}.blob.core.windows.net/{1}/{2}",
Constants.storageAccountName,
Constants.containerName,
Constants.blobName));
BlobClient blobClient7 = new BlobClient(blobUri7, new DefaultAzureCredential());
Uri containerSasUri7 = GetUserDelegationSasContainer(blobClient7.GetParentBlobContainerClient()).Result;
ListBlobsWithSasAsync(containerSasUri7).Wait();
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "8":
// Construct the directory endpoint from the account name.
Uri dataLakeEndpoint = new Uri(string.Format("https://{0}.dfs.core.windows.net", Constants.storageAccountNameAdls));
DataLakeServiceClient dataLakeServiceClient =
new DataLakeServiceClient(dataLakeEndpoint, new DefaultAzureCredential());
DataLakeFileSystemClient dataLakeFileSystemClient =
dataLakeServiceClient.GetFileSystemClient(Constants.containerName);
DataLakeDirectoryClient directoryClient8 =
dataLakeFileSystemClient.GetDirectoryClient(Constants.directoryName);
Uri directorySasUri = GetUserDelegationSasDirectory(directoryClient8).Result;
ListFilesPathsWithDirectorySasAsync(directorySasUri).Wait();
Console.WriteLine("Press enter to continue");
Console.ReadLine();
return(true);
case "x":
case "X":
return(false);
default:
return(true);
}
}
public static async Task RunAsync([EventGridTrigger] EventGridEvent eventGridEvent, ILogger log)
{
//Extracting content type and url of the blob triggering the function
var jsondata = JsonConvert.SerializeObject(eventGridEvent.Data);
var tmp = new { contentType = "", url = "" };
var data = JsonConvert.DeserializeAnonymousType(jsondata, tmp);
//Checking if the trigger was iniatiated for a PDF File.
if (data.contentType == "application/pdf")
{
var pdfUrl = data.url;
string endpoint = System.Environment.GetEnvironmentVariable("FormsRecognizerEndpoint", EnvironmentVariableTarget.Process);
string apiKey = System.Environment.GetEnvironmentVariable("FormsRecognizerKey", EnvironmentVariableTarget.Process);
string contosoStorageConnectionString = System.Environment.GetEnvironmentVariable("ContosoStorageConnectionString", EnvironmentVariableTarget.Process);
string cosmosEndpointUrl = System.Environment.GetEnvironmentVariable("CosmosDBEndpointUrl", EnvironmentVariableTarget.Process);
string cosmosPrimaryKey = System.Environment.GetEnvironmentVariable("CosmosDBPrimaryKey", EnvironmentVariableTarget.Process);
//Create a SAS Link to give Forms Recognizer read access to the document
BlobServiceClient blobServiceClient = new BlobServiceClient(contosoStorageConnectionString);
BlobContainerClient container = new BlobContainerClient(contosoStorageConnectionString, "claims");
string blobName = pdfUrl.Split('/').Last();
BlobClient blob = container.GetBlobClient(blobName);
BlobSasBuilder sasBuilder = new BlobSasBuilder()
{
BlobContainerName = blob.GetParentBlobContainerClient().Name,
BlobName = blob.Name,
Resource = "b"
};
sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
sasBuilder.SetPermissions(BlobSasPermissions.Read);
Uri sasUri = blob.GenerateSasUri(sasBuilder);
var credential = new AzureKeyCredential(apiKey);
//Get the latest trained model
var formTrainingClient = new FormTrainingClient(new Uri(endpoint), credential);
Pageable <CustomFormModelInfo> formsModels = formTrainingClient.GetCustomModels();
var latestModel = (from inc in formsModels orderby inc.TrainingCompletedOn descending select inc).FirstOrDefault();
//TODO:Run the document through the model
//Insert documents into CosmosDB
var cosmosClient = new CosmosClient(cosmosEndpointUrl, cosmosPrimaryKey);
var cosmosDatabase = (await cosmosClient.CreateDatabaseIfNotExistsAsync("Contoso")).Database;
var cosmosContainer = (await cosmosDatabase.CreateContainerIfNotExistsAsync("Claims", "/InsuredID")).Container;
Model.ClaimsDocument processedDocument = new Model.ClaimsDocument();
processedDocument.DocumentDate = new DateTime(int.Parse(blobName.Substring(0, 4)),
int.Parse(blobName.Substring(4, 2)), int.Parse(blobName.Substring(6, 2)));
processedDocument.PatientName = forms[0].Fields["PatientName"].ValueData?.Text;
processedDocument.InsuredID = forms[0].Fields["InsuredID"].ValueData?.Text;
processedDocument.Diagnosis = forms[0].Fields["Diagnosis"].ValueData?.Text;
decimal.TryParse(forms[0].Fields["TotalCharges"].ValueData?.Text, out decimal totalCharges);
processedDocument.TotalCharges = totalCharges;
DateTime.TryParse(forms[0].Fields["PatientBirthDate"].ValueData?.Text, out DateTime patientBirthDate);
processedDocument.PatientBirthDate = patientBirthDate;
decimal.TryParse(forms[0].Fields["AmountPaid"].ValueData?.Text, out decimal amountPaid);
processedDocument.AmountPaid = amountPaid;
decimal.TryParse(forms[0].Fields["AmountDue"].ValueData?.Text, out decimal amountDue);
processedDocument.AmountDue = amountDue;
processedDocument.FileName = blobName;
if (processedDocument.InsuredID == null)
{
processedDocument.Id = Guid.NewGuid().ToString();
}
else
{
processedDocument.Id = processedDocument.InsuredID;
}
try
{
ItemResponse <Model.ClaimsDocument> cosmosResponse = await
cosmosContainer.CreateItemAsync(processedDocument, new PartitionKey(processedDocument.InsuredID));
}
catch (CosmosException ex) when(ex.StatusCode == System.Net.HttpStatusCode.Conflict)
{
//Conflicting EnsurerID is silently ignored for demo purposes.
}
}
log.LogInformation(eventGridEvent.Data.ToString());
}
private static async Task <bool> TryCreateAsync(BlobClient blob, CancellationToken cancellationToken)
{
try
{
var bytes = Encoding.UTF8.GetBytes(string.Empty);
using (var stream = new MemoryStream(bytes))
{
await blob.UploadAsync(stream, cancellationToken).ConfigureAwait(false);
}
return(true);
}
catch (RequestFailedException exception)
{
switch (exception.Status)
{
case 404:
break;
case 409:
case 412:
// The blob already exists, or is leased by someone else
return(false);
default:
throw;
}
}
var container = blob.GetParentBlobContainerClient();
try
{
await container.CreateIfNotExistsAsync(cancellationToken : cancellationToken).ConfigureAwait(false);
}
catch (RequestFailedException exc)
when(exc.Status == 409 && exc.ErrorCode == BlobErrorCode.ContainerBeingDeleted)
{
throw;
}
try
{
var bytes = Encoding.UTF8.GetBytes(string.Empty);
using (var stream = new MemoryStream(bytes))
{
await blob.UploadAsync(stream, cancellationToken).ConfigureAwait(false);
}
return(true);
}
catch (RequestFailedException exception)
{
if (exception.Status == 409 || exception.Status == 412)
{
// The blob already exists, or is leased by someone else
return(false);
}
throw;
}
}
#pragma warning disable CA1806 // Do not ignore method results
public override void Run(CancellationToken cancellationToken)
{
// traverse hierarchy down
BlobServiceClient.GetBlobContainerClient(ContainerName);
BlobContainerClient.GetBlobClient(BlobName);
BlobContainerClient.GetBlobBaseClient(BlobName);
BlobContainerClient.GetBlockBlobClient(BlobName);
BlobContainerClient.GetPageBlobClient(BlobName);
BlobContainerClient.GetAppendBlobClient(BlobName);
// traverse hierarchy up
BlobClient.GetParentBlobContainerClient();
BlobContainerClient.GetParentBlobServiceClient();
// BlobServiceClient ctors
new BlobServiceClient(s_connectionString);
new BlobServiceClient(BlobServiceClient.Uri);
new BlobServiceClient(BlobServiceClient.Uri, s_azureSasCredential);
new BlobServiceClient(BlobServiceClient.Uri, s_tokenCredential);
new BlobServiceClient(BlobServiceClient.Uri, StorageSharedKeyCredential);
// BlobContainerClient ctors
new BlobContainerClient(s_connectionString, ContainerName);
new BlobContainerClient(BlobContainerClient.Uri);
new BlobContainerClient(BlobContainerClient.Uri, s_azureSasCredential);
new BlobContainerClient(BlobContainerClient.Uri, s_tokenCredential);
new BlobContainerClient(BlobContainerClient.Uri, StorageSharedKeyCredential);
// BlobClient ctors
new BlobClient(s_connectionString, ContainerName, BlobName);
new BlobClient(BlobContainerClient.Uri);
new BlobClient(BlobContainerClient.Uri, s_azureSasCredential);
new BlobClient(BlobContainerClient.Uri, s_tokenCredential);
new BlobClient(BlobContainerClient.Uri, StorageSharedKeyCredential);
// BlobBaseClient ctors
new BlobBaseClient(s_connectionString, ContainerName, BlobName);
new BlobBaseClient(BlobContainerClient.Uri);
new BlobBaseClient(BlobContainerClient.Uri, s_azureSasCredential);
new BlobBaseClient(BlobContainerClient.Uri, s_tokenCredential);
new BlobBaseClient(BlobContainerClient.Uri, StorageSharedKeyCredential);
// AppendBlobClient ctors
new AppendBlobClient(s_connectionString, ContainerName, BlobName);
new AppendBlobClient(BlobContainerClient.Uri);
new AppendBlobClient(BlobContainerClient.Uri, s_azureSasCredential);
new AppendBlobClient(BlobContainerClient.Uri, s_tokenCredential);
new AppendBlobClient(BlobContainerClient.Uri, StorageSharedKeyCredential);
// BlockBlobClient ctors
new BlockBlobClient(s_connectionString, ContainerName, BlobName);
new BlockBlobClient(BlobContainerClient.Uri);
new BlockBlobClient(BlobContainerClient.Uri, s_azureSasCredential);
new BlockBlobClient(BlobContainerClient.Uri, s_tokenCredential);
new BlockBlobClient(BlobContainerClient.Uri, StorageSharedKeyCredential);
// PageBlobClient ctors
new PageBlobClient(s_connectionString, ContainerName, BlobName);
new PageBlobClient(BlobContainerClient.Uri);
new PageBlobClient(BlobContainerClient.Uri, s_azureSasCredential);
new PageBlobClient(BlobContainerClient.Uri, s_tokenCredential);
new PageBlobClient(BlobContainerClient.Uri, StorageSharedKeyCredential);
}
//-------------------------------------------------
// Demonstrate optimistic concurrency for write operations to a blob
//-------------------------------------------------
// <Snippet_DemonstrateOptimisticConcurrencyBlob>
private static async Task DemonstrateOptimisticConcurrencyBlob(BlobClient blobClient)
{
Console.WriteLine("Demonstrate optimistic concurrency");
BlobContainerClient containerClient = blobClient.GetParentBlobContainerClient();
try
{
// Create the container if it does not exist.
await containerClient.CreateIfNotExistsAsync();
// Upload text to a new block blob.
string blobContents1 = "First update. Overwrite blob if it exists.";
byte[] byteArray = Encoding.ASCII.GetBytes(blobContents1);
ETag originalETag;
using (MemoryStream stream = new MemoryStream(byteArray))
{
BlobContentInfo blobContentInfo = await blobClient.UploadAsync(stream, overwrite : true);
originalETag = blobContentInfo.ETag;
Console.WriteLine("Blob added. Original ETag = {0}", originalETag);
}
// This code simulates an update by another client.
// No ETag was provided, so original blob is overwritten and ETag updated.
string blobContents2 = "Second update overwrites first update.";
byteArray = Encoding.ASCII.GetBytes(blobContents2);
using (MemoryStream stream = new MemoryStream(byteArray))
{
BlobContentInfo blobContentInfo = await blobClient.UploadAsync(stream, overwrite : true);
Console.WriteLine("Blob updated. Updated ETag = {0}", blobContentInfo.ETag);
}
// Now try to update the blob using the original ETag value.
string blobContents3 = "Third update. If-Match condition set to original ETag.";
byteArray = Encoding.ASCII.GetBytes(blobContents3);
// Set the If-Match condition to the original ETag.
BlobUploadOptions blobUploadOptions = new BlobUploadOptions()
{
Conditions = new BlobRequestConditions()
{
IfMatch = originalETag
}
};
using (MemoryStream stream = new MemoryStream(byteArray))
{
// This call should fail with error code 412 (Precondition Failed).
BlobContentInfo blobContentInfo = await blobClient.UploadAsync(stream, blobUploadOptions);
}
}
catch (RequestFailedException e)
{
if (e.Status == (int)HttpStatusCode.PreconditionFailed)
{
Console.WriteLine(
@"Precondition failure as expected. Blob's ETag does not match ETag provided.");
}
else
{
Console.WriteLine(e.Message);
throw;
}
}
}
// </Snippet_DemonstrateOptimisticConcurrencyBlob>
#endregion
#region DemonstratePessimisticConcurrencyBlob
//-------------------------------------------------
// Demonstrate pessimistic concurrency for write operations to a blob
//-------------------------------------------------
// <Snippet_DemonstratePessimisticConcurrencyBlob>
public static async Task DemonstratePessimisticConcurrencyBlob(BlobClient blobClient)
{
Console.WriteLine("Demonstrate pessimistic concurrency");
BlobContainerClient containerClient = blobClient.GetParentBlobContainerClient();
BlobLeaseClient blobLeaseClient = blobClient.GetBlobLeaseClient();
try
{
// Create the container if it does not exist.
await containerClient.CreateIfNotExistsAsync();
// Upload text to a blob.
string blobContents1 = "First update. Overwrite blob if it exists.";
byte[] byteArray = Encoding.ASCII.GetBytes(blobContents1);
using (MemoryStream stream = new MemoryStream(byteArray))
{
BlobContentInfo blobContentInfo = await blobClient.UploadAsync(stream, overwrite : true);
}
// Acquire a lease on the blob.
BlobLease blobLease = await blobLeaseClient.AcquireAsync(TimeSpan.FromSeconds(15));
Console.WriteLine("Blob lease acquired. LeaseId = {0}", blobLease.LeaseId);
// Set the request condition to include the lease ID.
BlobUploadOptions blobUploadOptions = new BlobUploadOptions()
{
Conditions = new BlobRequestConditions()
{
LeaseId = blobLease.LeaseId
}
};
// Write to the blob again, providing the lease ID on the request.
// The lease ID was provided, so this call should succeed.
string blobContents2 = "Second update. Lease ID provided on request.";
byteArray = Encoding.ASCII.GetBytes(blobContents2);
using (MemoryStream stream = new MemoryStream(byteArray))
{
BlobContentInfo blobContentInfo = await blobClient.UploadAsync(stream, blobUploadOptions);
}
// This code simulates an update by another client.
// The lease ID is not provided, so this call fails.
string blobContents3 = "Third update. No lease ID provided.";
byteArray = Encoding.ASCII.GetBytes(blobContents3);
using (MemoryStream stream = new MemoryStream(byteArray))
{
// This call should fail with error code 412 (Precondition Failed).
BlobContentInfo blobContentInfo = await blobClient.UploadAsync(stream);
}
}
catch (RequestFailedException e)
{
if (e.Status == (int)HttpStatusCode.PreconditionFailed)
{
Console.WriteLine(
@"Precondition failure as expected. The lease ID was not provided.");
}
else
{
Console.WriteLine(e.Message);
throw;
}
}
finally
{
await blobLeaseClient.ReleaseAsync();
}
}
