/// <summary>
/// Gets a storage token for the given entity ID and <see cref="StorageTokenRequest"/>, using the provided <see cref="IContainerNameResolver"/>.
/// </summary>
/// <param name="id">The entity id.</param>
/// <param name="value">The request provided by the client.</param>
/// <param name="containerNameResolver">The instance of an <see cref="IContainerNameResolver"/> used to resolve the storage container name.</param>
/// <returns></returns>
public virtual async Task <StorageToken> GetStorageTokenAsync(string id, StorageTokenRequest value, IContainerNameResolver containerNameResolver)
{
StorageTokenScope scope = GetStorageScopeForRequest(id, value);
StorageToken token = await this.storageProvider.GetAccessTokenAsync(value, scope, containerNameResolver);
return(token);
}
/// <summary>
/// Initializes a new instance of a <see cref="StorageToken"/>.
/// </summary>
/// <param name="resourceUri">The resource URI this token applies to.</param>
/// <param name="entityId">The entity ID that owns the file or resource this token applies to.</param>
/// <param name="permissions">The permissions supported by this token.</param>
/// <param name="scope">The scope this token applies to.</param>
/// <param name="rawToken">The raw token representation for the storage provider this token applies to.</param>
public StorageToken(Uri resourceUri, string entityId, StoragePermissions permissions, StorageTokenScope scope, string rawToken)
{
if (resourceUri == null)
{
throw new ArgumentNullException(nameof(resourceUri));
}
if (string.IsNullOrEmpty(entityId))
{
throw new ArgumentException($"The argument '{nameof(entityId)}' may not be an empty or null string.");
}
if (string.IsNullOrEmpty(rawToken))
{
throw new ArgumentException($"The argument '{nameof(rawToken)}' may not be an empty or null string.");
}
ResourceUri = resourceUri;
EntityId = entityId;
Permissions = permissions;
Scope = scope;
RawToken = rawToken;
}
/// <inheritdoc />
public async override Task <StorageToken> GetAccessTokenAsync(StorageTokenRequest request, StorageTokenScope scope, IContainerNameResolver containerNameResolver)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
if (containerNameResolver == null)
{
throw new ArgumentNullException(nameof(containerNameResolver));
}
string containerName = await containerNameResolver.GetFileContainerNameAsync(request.TargetFile.TableName, request.TargetFile.ParentId, request.TargetFile.Name);
CloudBlobContainer container = GetContainer(containerName);
var constraints = new SharedAccessBlobPolicy();
constraints.SharedAccessExpiryTime = DateTime.UtcNow.AddHours(1);
constraints.Permissions = GetBlobAccessPermissions(request.Permissions);
string sas = null;
Uri resourceUri = null;
if (scope == StorageTokenScope.File)
{
CloudBlockBlob blob = container.GetBlockBlobReference(request.TargetFile.Name);
resourceUri = blob.Uri;
sas = blob.GetSharedAccessSignature(constraints);
}
else if (scope == StorageTokenScope.Record)
{
resourceUri = container.Uri;
sas = container.GetSharedAccessSignature(constraints);
}
var storageToken = new StorageToken(resourceUri, request.TargetFile.ParentId, request.Permissions, scope, sas);
return(storageToken);
}
/// <summary>
/// Retrieves an access token for a given request.
/// </summary>
/// <param name="request">The request the requested access </param>
/// <param name="scope"></param>
/// <param name="containerNameResolver">The instance of an <see cref="IContainerNameResolver"/> used to resolve the storage container name.</param>
/// <returns>A <see cref="Task{StorageToken}"/> that completes when the storage token is generated.</returns>
abstract public Task <StorageToken> GetAccessTokenAsync(StorageTokenRequest request, StorageTokenScope scope, IContainerNameResolver containerNameResolver);
