public async Task Sign_Validations()
        {
            var signer = UrlSigner.FromBlobSigner(new FakeBlobSigner());

            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, null));
            await Assert.ThrowsAsync <ArgumentNullException>(() => signer.SignAsync(null, null));

            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, Options.FromDuration(TimeSpan.Zero)));
            await Assert.ThrowsAsync <ArgumentNullException>(() => signer.SignAsync(null, Options.FromDuration(TimeSpan.Zero)));

            Assert.Throws <ArgumentNullException>(() => signer.Sign(RequestTemplate.FromBucket("bucket"), null));
            await Assert.ThrowsAsync <ArgumentNullException>(() => signer.SignAsync(RequestTemplate.FromBucket("bucket"), null));

            // Bucket names cannot be null or contain uppercase letters (among other rules).
            // Make sure we verify the presence and format of the bucket name in all overloads.
            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, "objectName", TimeSpan.FromDays(1)));
            await Assert.ThrowsAsync <ArgumentNullException>(() => signer.SignAsync(null, "objectName", TimeSpan.FromDays(1)));

            Assert.Throws <ArgumentException>(() => signer.Sign("BUCKETNAME", "objectName", TimeSpan.FromDays(1)));
            await Assert.ThrowsAsync <ArgumentException>(() => signer.SignAsync("BUCKETNAME", "objectName", TimeSpan.FromDays(1)));

            // Make sure exceptions are not thrown for things which may be null or uppercase.
            signer.Sign("bucketname", null, TimeSpan.FromDays(1), null, null);
            await signer.SignAsync("bucketname", null, TimeSpan.FromDays(1), null, null);
        }
Exemple #2
0
        public void Sign_Validations()
        {
            var signer = UrlSigner.FromBlobSigner(new FakeBlobSigner());

            // Bucket names cannot be null or contain uppercase letters (among other rules).
            // Make sure we verify the presence and format of the bucket name in all overloads.
            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, "objectName", TimeSpan.FromDays(1), new HttpRequestMessage()));
            Assert.Throws <ArgumentException>(() => signer.Sign("BUCKETNAME", "objectName", TimeSpan.FromDays(1), new HttpRequestMessage()));

            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, "objectName", DateTimeOffset.UtcNow, new HttpRequestMessage()));
            Assert.Throws <ArgumentException>(() => signer.Sign("BUCKETNAME", "objectName", DateTimeOffset.UtcNow, new HttpRequestMessage()));

            var emptyHeaders = new Dictionary <string, IEnumerable <string> >();

            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, "objectName", TimeSpan.FromDays(1), HttpMethod.Get, emptyHeaders, emptyHeaders));
            Assert.Throws <ArgumentException>(() => signer.Sign("BUCKETNAME", "objectName", TimeSpan.FromDays(1), HttpMethod.Get, emptyHeaders, emptyHeaders));

            Assert.Throws <ArgumentNullException>(() => signer.Sign(null, "objectName", DateTimeOffset.UtcNow, HttpMethod.Get, emptyHeaders, emptyHeaders));
            Assert.Throws <ArgumentException>(() => signer.Sign("BUCKETNAME", "objectName", DateTimeOffset.UtcNow, HttpMethod.Get, emptyHeaders, emptyHeaders));

#pragma warning disable CS0618 // Type or member is obsolete
            // Make sure exceptions are not thrown for things which may be null or uppercase.
            signer.Sign("bucketname", null, TimeSpan.FromDays(1), null);
            signer.Sign("bucketname", null, null, null, null, null);
            signer.Sign("bucketname", "OBJECTNAME", null, null, null, null);
            // Our UrlSigner is entirely synchronous - it's fine to just wait
            signer.SignAsync("bucketname", null, TimeSpan.FromDays(1), request: null).Wait();
            signer.SignAsync("bucketname", null, null, null, null, null).Wait();
            signer.SignAsync("bucketname", "OBJECTNAME", null, null, null, null).Wait();
#pragma warning restore CS0618 // Type or member is obsolete
        }
Exemple #3
0
        public async Task SignedUrlWithIamServiceBlobSigner()
        {
            _fixture.SkipIf(Platform.Instance().Type == PlatformType.Unknown);

            var bucketName = _fixture.BucketName;
            var objectName = _fixture.HelloStorageObjectName;
            var credential = (await GoogleCredential.GetApplicationDefaultAsync()).UnderlyingCredential as ServiceAccountCredential;
            var httpClient = new HttpClient();

            // Sample: IamServiceBlobSignerUsage
            // First obtain the email address of the default service account for this instance from the metadata server.
            HttpRequestMessage serviceAccountRequest = new HttpRequestMessage
            {
                // Note: you could use 169.254.169.254 as the address to avoid a DNS lookup.
                RequestUri = new Uri("http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/email"),
                Headers    = { { "Metadata-Flavor", "Google" } }
            };
            HttpResponseMessage serviceAccountResponse = await httpClient.SendAsync(serviceAccountRequest).ConfigureAwait(false);

            serviceAccountResponse.EnsureSuccessStatusCode();
            string serviceAccountId = await serviceAccountResponse.Content.ReadAsStringAsync();

            // Create an IAM service client object using the default application credentials.
            GoogleCredential iamCredential = await GoogleCredential.GetApplicationDefaultAsync();

            iamCredential = iamCredential.CreateScoped(IamService.Scope.CloudPlatform);
            IamService iamService = new IamService(new BaseClientService.Initializer
            {
                HttpClientInitializer = iamCredential
            });

            // Create a request template that will be used to create the signed URL.
            UrlSigner.RequestTemplate requestTemplate = UrlSigner.RequestTemplate
                                                        .FromBucket(bucketName)
                                                        .WithObjectName(objectName)
                                                        .WithHttpMethod(HttpMethod.Get);
            // Create options specifying for how long the signer URL will be valid.
            UrlSigner.Options options = UrlSigner.Options.FromDuration(TimeSpan.FromHours(1));

            // Create a URL signer that will use the IAM service for signing. This signer is thread-safe,
            // and would typically occur as a dependency, e.g. in an ASP.NET Core controller, where the
            // same instance can be reused for each request.
            IamServiceBlobSigner blobSigner = new IamServiceBlobSigner(iamService, serviceAccountId);
            UrlSigner            urlSigner  = UrlSigner.FromBlobSigner(blobSigner);

            // Use the URL signer to sign a request for the test object for the next hour.
            string url = await urlSigner.SignAsync(requestTemplate, options);

            // Prove we can fetch the content of the test object with a simple unauthenticated GET request.
            HttpResponseMessage response = await httpClient.GetAsync(url);

            string content = await response.Content.ReadAsStringAsync();

            // End sample

            Assert.Equal(_fixture.HelloWorldContent, content);
        }
Exemple #4
0
        public async Task BlobSignerAsync()
        {
            var signer     = UrlSigner.FromBlobSigner(new FakeBlobSigner());
            var bucketName = "bucket-name";
            var objectName = "object-name";
            var expiration = new DateTime(1970, 1, 1, 0, 0, 30, DateTimeKind.Utc);
            var url        = await signer.SignAsync(bucketName, objectName, expiration);

            Assert.Equal("https://storage.googleapis.com/bucket-name/object-name?GoogleAccessId=FakeId&Expires=30&Signature=BBB%3D", url);
        }
            public void BlobSignerSync()
            {
                var signer     = UrlSigner.FromBlobSigner(new FakeBlobSigner()).WithSigningVersion(SigningVersion.V2);
                var bucketName = "bucket-name";
                var objectName = "object-name";
                var expiration = new DateTime(1970, 1, 1, 0, 0, 30, DateTimeKind.Utc);
                var url        = signer.Sign(bucketName, objectName, expiration);

                Assert.Equal("https://storage.googleapis.com/bucket-name/object-name?GoogleAccessId=FakeId&Expires=30&Signature=AAA%3D", url);
            }
            public void BlobSignerSync()
            {
                var signer = UrlSigner.FromBlobSigner(new FakeBlobSigner());
                var baseRequestTemplate = RequestTemplate.FromBucket("bucket-name").WithObjectName("object-name");
                var options             = Options
                                          .FromExpiration(new DateTime(1970, 1, 1, 0, 0, 30, DateTimeKind.Utc))
                                          .WithSigningVersion(SigningVersion.V2);

                var url = signer.Sign(baseRequestTemplate, options);

                Assert.Equal("https://storage.googleapis.com/bucket-name/object-name?GoogleAccessId=FakeId&Expires=30&Signature=AAA%3D", url);
            }