public void GenerateAccountSas_WrongService_Service() { var constants = new TestConstants(this); var blobEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account); var blobSecondaryEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary"); var storageConnectionString = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint)); string connectionString = storageConnectionString.ToString(true); AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write; DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1); AccountSasServices services = AccountSasServices.Files;// Wrong Service AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All; BlobServiceClient serviceClient = InstrumentClient(new BlobServiceClient(connectionString, GetOptions())); AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes) { IPRange = new SasIPRange(System.Net.IPAddress.None, System.Net.IPAddress.None), StartsOn = Recording.UtcNow.AddHours(-1) }; // Act try { Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder); Assert.Fail("BlobContainerClient.GenerateSasUri should have failed with an ArgumentException."); } catch (InvalidOperationException) { // the correct exception came back } }
public void GenerateAccountSas_RequiredParameters() { // Arrange var constants = new TestConstants(this); var blobEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account); var blobSecondaryEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary"); var storageConnectionString = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint)); string connectionString = storageConnectionString.ToString(true); DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1); AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write; AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All; BlobServiceClient serviceClient = new BlobServiceClient(connectionString, GetOptions()); // Act Uri sasUri = serviceClient.GenerateAccountSasUri( permissions: permissions, expiresOn: expiresOn, resourceTypes: resourceTypes); // Assert AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, AccountSasServices.Blobs, resourceTypes); UriBuilder expectedUri = new UriBuilder(blobEndpoint); expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString(); Assert.AreEqual(expectedUri.Uri.ToString(), sasUri.ToString()); }
public void GenerateAccountSas_Builder() { var constants = new TestConstants(this); var blobEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account); var blobSecondaryEndpoint = new Uri("http://127.0.0.1/" + constants.Sas.Account + "-secondary"); var storageConnectionString = new StorageConnectionString(constants.Sas.SharedKeyCredential, blobStorageUri: (blobEndpoint, blobSecondaryEndpoint)); string connectionString = storageConnectionString.ToString(true); AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write; DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1); AccountSasServices services = AccountSasServices.Blobs; AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All; BlobServiceClient serviceClient = InstrumentClient(new BlobServiceClient(connectionString, GetOptions())); AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes) { IPRange = new SasIPRange(System.Net.IPAddress.None, System.Net.IPAddress.None), StartsOn = Recording.UtcNow.AddHours(-1) }; // Act Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder); // Assert UriBuilder expectedUri = new UriBuilder(blobEndpoint); expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString(); Assert.AreEqual(expectedUri.Uri.ToString(), sasUri.ToString()); }
public void GenerateAccountSas_Builder() { TestConstants constants = TestConstants.Create(this); Uri serviceUri = new Uri($"https://{constants.Sas.Account}.blob.core.windows.net"); AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write; DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1); AccountSasServices services = AccountSasServices.Blobs; AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All; BlobServiceClient serviceClient = InstrumentClient( new BlobServiceClient( serviceUri, constants.Sas.SharedKeyCredential, GetOptions())); AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes) { StartsOn = Recording.UtcNow.AddHours(-1) }; // Act Uri sasUri = serviceClient.GenerateAccountSasUri(sasBuilder); // Assert UriBuilder expectedUri = new UriBuilder(serviceUri); expectedUri.Query += sasBuilder.ToSasQueryParameters(constants.Sas.SharedKeyCredential).ToString(); Assert.AreEqual(expectedUri.Uri, sasUri); }
/// <summary> /// Creates an Account SAS Token /// </summary> /// <returns>A SAS token.</returns> private static Uri GetAccountSASToken(BlobServiceClient blobServiceClient) { // Create a new access policy for the account with the following properties: // Permissions: Read, Write, List, Create, Delete // ResourceType: Container // Expires in 24 hours var sasToken = blobServiceClient.GenerateAccountSasUri(AccountSasPermissions.Read | AccountSasPermissions.Create | AccountSasPermissions.Write | AccountSasPermissions.List | AccountSasPermissions.Delete, DateTimeOffset.UtcNow.AddHours(1), AccountSasResourceTypes.All); // Return the SASToken return(sasToken); }
public object RequestUploadInfo() { var sasBuilder = new AccountSasBuilder { Services = AccountSasServices.Blobs, StartsOn = DateTimeOffset.UtcNow.AddMinutes(-5), ExpiresOn = DateTimeOffset.UtcNow.AddMinutes(5), Protocol = SasProtocol.Https, ResourceTypes = AccountSasResourceTypes.Object | AccountSasResourceTypes.Container, }; sasBuilder.SetPermissions(AccountSasPermissions.Read | AccountSasPermissions.Write | AccountSasPermissions.Update | AccountSasPermissions.Tag); var client = new BlobServiceClient(azureOptions.CurrentValue.StorageAccount.ConnectionString); return(new { Sas = client.GenerateAccountSasUri(sasBuilder).ToString(), ContainerName = azureOptions.CurrentValue.StorageAccount.ContainerName }); }
public async Task SetImmutibilityPolicyAsync_SetLegalHold_AccoutnSas(AccountSasPermissions sasPermissions) { // Arrange await using DisposingImmutableStorageWithVersioningContainer vlwContainer = await GetTestVersionLevelWormContainer(TestConfigOAuth); BlobBaseClient blob = await GetNewBlobClient(vlwContainer.Container, GetNewBlobName()); BlobServiceClient sharedKeyServiceClient = InstrumentClient( GetServiceClient_OAuthAccount_SharedKey()); Uri serviceSasUri = sharedKeyServiceClient.GenerateAccountSasUri( sasPermissions, Recording.UtcNow.AddDays(1), AccountSasResourceTypes.All); BlobBaseClient sasBlobClient = InstrumentClient(new BlobServiceClient(serviceSasUri, GetOptions()) .GetBlobContainerClient(vlwContainer.Container.Name) .GetBlobBaseClient(blob.Name)); BlobImmutabilityPolicy immutabilityPolicy = new BlobImmutabilityPolicy { ExpiresOn = Recording.UtcNow.AddMinutes(5), PolicyMode = BlobImmutabilityPolicyMode.Unlocked }; // The service rounds Immutability Policy Expiry to the nearest second. DateTimeOffset expectedImmutabilityPolicyExpiry = RoundToNearestSecond(immutabilityPolicy.ExpiresOn.Value); // Act Response <BlobImmutabilityPolicy> response = await sasBlobClient.SetImmutabilityPolicyAsync( immutabilityPolicy : immutabilityPolicy); // Assert Assert.AreEqual(expectedImmutabilityPolicyExpiry, response.Value.ExpiresOn); Assert.AreEqual(immutabilityPolicy.PolicyMode, response.Value.PolicyMode); // Act Response <BlobLegalHoldResult> legalHoldResponse = await sasBlobClient.SetLegalHoldAsync(hasLegalHold : false); // Assert Assert.IsFalse(legalHoldResponse.Value.HasLegalHold); }
public void GenerateAccountSas_WrongService_Service() { TestConstants constants = TestConstants.Create(this); Uri serviceUri = new Uri($"https://{constants.Sas.Account}.blob.core.windows.net"); AccountSasPermissions permissions = AccountSasPermissions.Read | AccountSasPermissions.Write; DateTimeOffset expiresOn = Recording.UtcNow.AddHours(+1); AccountSasServices services = AccountSasServices.Files; // Wrong Service AccountSasResourceTypes resourceTypes = AccountSasResourceTypes.All; BlobServiceClient serviceClient = InstrumentClient( new BlobServiceClient( serviceUri, constants.Sas.SharedKeyCredential, GetOptions())); AccountSasBuilder sasBuilder = new AccountSasBuilder(permissions, expiresOn, services, resourceTypes) { StartsOn = Recording.UtcNow.AddHours(-1) }; // Act TestHelper.AssertExpectedException( () => serviceClient.GenerateAccountSasUri(sasBuilder), new InvalidOperationException("SAS Uri cannot be generated. builder.Services does specify Blobs. builder.Services must either specify Blobs or specify all Services are accessible in the value.")); }