public override void ParseAccessPolicyFields(bool isDoubleSigned) { try { this.ValidateAndSetSASVersionToUse(base.QueryParams["sv"]); base.ParseAccessPolicyFields(false); string str = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams); base.ValidateOptionalField(str, "sk"); if (str != null) { base.KeyName = str.Trim(); Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName }); } string item = base.QueryParams["ss"]; base.ValidateMandatoryField(item, "ss"); this.SignedService = AccountSasHelper.ParseSasService(item); string item1 = base.QueryParams["srt"]; base.ValidateMandatoryField(item1, "srt"); this.SignedResourceType = AccountSasHelper.ParseSasResourceType(item1); string str1 = base.QueryParams["sig"]; base.ValidateMandatoryField(str1, "sig"); base.ValidateSignatureFormat(str1); base.Signature = str1; string item2 = base.QueryParams["sp"]; base.ValidateMandatoryField(item2, "sp"); base.SignedPermission = new SASPermission?(AccountSasHelper.ParsePermissionsForAccountSas(item2)); } catch (FormatException formatException) { throw new AuthenticationFailureException("Signature fields not well formed.", formatException); } }
private CloudBlobContainer GetBlobContainer() { var sasToken = SasService.GetSasForBlobContainer(); var client = new CloudBlobClient(this.uriBlob, new StorageCredentials(sasToken)); return(client.GetContainerReference(CloudConfigurationManager.GetSetting("ContainerName"))); }
public async Task <ActionResult> Share(string partitionKey, string rowKey) { var photoContext = this.GetPhotoContext(); var photo = await photoContext.GetByIdAsync(partitionKey, rowKey); if (photo == null) { return(this.HttpNotFound()); } var sas = string.Empty; if (!string.IsNullOrEmpty(photo.BlobReference)) { var blobBlockReference = this.GetBlobContainer().GetBlockBlobReference(photo.BlobReference); sas = SasService.GetReadonlyUriWithSasForBlob(blobBlockReference.Name, "read"); } if (!string.IsNullOrEmpty(sas)) { return(View("Share", null, sas)); } return(RedirectToAction("Index")); }
private CloudQueue GetCloudQueue() { var sasToken = SasService.GetAddSasForQueues(); var queueClient = new CloudQueueClient(this.uriQueue, new StorageCredentials(sasToken)); var queue = queueClient.GetQueueReference("messagequeue"); return(queue); }
private PhotoDataServiceContext GetPhotoContext() { var sasToken = SasService.GetSasForTable(this.User.Identity.Name, "admin"); var cloudTableClient = new CloudTableClient(this.uriTable, new StorageCredentials(sasToken)); var photoContext = new PhotoDataServiceContext(cloudTableClient); return(photoContext); }
public override void Initialize(SignedAccessHelper helper) { AccountSasHelper accountSasHelper = (AccountSasHelper)helper; this.SignedAccessPermission = accountSasHelper.SignedPermission.Value; this.SignedResourceType = accountSasHelper.SignedResourceType; this.SignedService = accountSasHelper.SignedService; this.SignedIP = accountSasHelper.SignedIP; this.SignedProtocol = accountSasHelper.SignedProtocol; }
private static SasService ValidateAndAddService(SasService currServices, SasService newService, int position) { if ((currServices & newService) == newService) { object[] objArray = new object[] { "Invalid duplicate service. Error at index ", position, " of ", currServices }; throw new FormatException(string.Concat(objArray)); } currServices |= newService; return(currServices); }
public static SasService ParseSasService(string service) { if (string.IsNullOrEmpty(service)) { throw new ArgumentException(service); } SasService sasService = SasService.None; int num = 0; while (true) { if (num >= service.Length) { return(sasService); } char chr = service[num]; if (chr <= 'f') { if (chr == 'b') { sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.Blob, num); } else if (chr == 'f') { sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.File, num); } else { break; } } else if (chr == 'q') { sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.Queue, num); } else if (chr == 't') { sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.Table, num); } else { break; } num++; } throw new FormatException(string.Concat("Unexpected character ", service[num], " in service")); }
public AccountSasHelper(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents) : base(requestContext, uriComponents) { this.SignedService = SasService.None; this.SignedResourceType = SasResourceType.None; }
private static AuthorizationResult AuthorizeSignedService(SasService signedService, RequestContext requestContext) { AuthorizationResult authorizationResult = new AuthorizationResult(true, AuthorizationFailureReason.NotApplicable); if (signedService != SasService.None) { switch (requestContext.ServiceType) { case ServiceType.BlobService: { if ((signedService & SasService.Blob) == SasService.Blob) { break; } authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch; authorizationResult.Authorized = false; return(authorizationResult); } case ServiceType.QueueService: { if ((signedService & SasService.Queue) == SasService.Queue) { break; } authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch; authorizationResult.Authorized = false; return(authorizationResult); } case ServiceType.TableService: { if ((signedService & SasService.Table) == SasService.Table) { break; } authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch; authorizationResult.Authorized = false; return(authorizationResult); } case ServiceType.LocationAccountService: case ServiceType.LocationService: { authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch; authorizationResult.Authorized = false; return(authorizationResult); } case ServiceType.FileService: { if ((signedService & SasService.File) == SasService.File) { break; } authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch; authorizationResult.Authorized = false; return(authorizationResult); } default: { authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch; authorizationResult.Authorized = false; return(authorizationResult); } } } return(authorizationResult); }