/// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="DataLakeSasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            EnsureState();

            var startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            var expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = String.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? String.Empty, Path ?? String.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version,
                                           Resource,
                                           null, // snapshot
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);

            var signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign);

            var p = new DataLakeSasQueryParameters(
                version: Version,
                services: default,
Esempio n. 2
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="BlobSasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            EnsureState();

            var startTime  = SasQueryParameters.FormatTimesForSasSigning(StartsOn);
            var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiresOn);

            // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = String.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, BlobContainerName ?? String.Empty, BlobName ?? String.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           Protocol.ToProtocolString(),
                                           Version,
                                           Resource,
                                           Snapshot,
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);

            var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);

            var p = new BlobSasQueryParameters(
                version: Version,
                services: default,
Esempio n. 3
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
            if (ExpiresOn == default)
            {
                throw Errors.SasMissingData(nameof(ExpiresOn));
            }
            if (string.IsNullOrEmpty(Permissions))
            {
                throw Errors.SasMissingData(nameof(Permissions));
            }
            if (string.IsNullOrEmpty(Version))
            {
                Version = SasQueryParameters.DefaultSasVersion;
            }

            var startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            var expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, QueueName ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version);
            var signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign);
            var p         = SasQueryParametersInternals.Create(
                version: Version,
                services: default,
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            string resource;

            if (string.IsNullOrEmpty(FilePath))
            {
                // Make sure the permission characters are in the correct order
                Permissions = ShareSasPermissions.Parse(Permissions).ToString();
                resource    = Constants.Sas.Resource.Share;
            }
            else
            {
                // Make sure the permission characters are in the correct order
                Permissions = FileSasPermissions.Parse(Permissions).ToString();
                resource    = Constants.Sas.Resource.File;
            }

            if (string.IsNullOrEmpty(Version))
            {
                Version = SasQueryParameters.DefaultSasVersion;
            }

            var startTime  = SasQueryParameters.FormatTimesForSasSigning(StartTime);
            var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, ShareName ?? string.Empty, FilePath ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           Protocol.ToString(),
                                           Version,
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);

            var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);

            var p = new SasQueryParameters(
                version: Version,
                services: null,
                resourceTypes: null,
                protocol: Protocol,
                startTime: StartTime,
                expiryTime: ExpiryTime,
                ipRange: IPRange,
                identifier: Identifier,
                resource: resource,
                permissions: Permissions,
                signature: signature);

            return(p);
        }
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="DataLakeSasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            EnsureState();

            string startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            string stringToSign;

            // TODO https://github.com/Azure/azure-sdk-for-net/issues/23369
            if (SasQueryParametersInternals.DefaultSasVersionInternal == "2020-12-06")
            {
                stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? string.Empty, Path ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version,
                                           Resource,
                                           null, // snapshot
                                           null, // encryption scope
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);
            }
            else
            {
                stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? string.Empty, Path ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version,
                                           Resource,
                                           null, // snapshot
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);
            }

            string signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign);

            DataLakeSasQueryParameters p = new DataLakeSasQueryParameters(
                version: Version,
                services: default,
        /// <summary>
        /// Use an account's <see cref="UserDelegationKey"/> to sign this
        /// shared access signature values to produce the propery SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="userDelegationKey">
        /// A <see cref="UserDelegationKey"/> returned from
        /// <see cref="Azure.Storage.Blobs.BlobServiceClient.GetUserDelegationKeyAsync"/>.
        /// </param>
        /// <param name="accountName">The name of the storage account.</param>
        /// <returns>
        /// The <see cref="BlobSasQueryParameters"/> used for authenticating requests.
        /// </returns>
        public BlobSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName)
        {
            userDelegationKey = userDelegationKey ?? throw Errors.ArgumentNull(nameof(userDelegationKey));

            EnsureState();

            var startTime    = SasQueryParameters.FormatTimesForSasSigning(StartTime);
            var expiryTime   = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime);
            var signedStart  = SasQueryParameters.FormatTimesForSasSigning(userDelegationKey.SignedStart);
            var signedExpiry = SasQueryParameters.FormatTimesForSasSigning(userDelegationKey.SignedExpiry);

            // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = String.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(accountName, ContainerName ?? String.Empty, BlobName ?? String.Empty),
                                           userDelegationKey.SignedOid,
                                           userDelegationKey.SignedTid,
                                           signedStart,
                                           signedExpiry,
                                           userDelegationKey.SignedService,
                                           userDelegationKey.SignedVersion,
                                           IPRange.ToString(),
                                           Protocol.ToString(),
                                           Version,
                                           Resource,
                                           Snapshot,
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);

            var signature = ComputeHMACSHA256(userDelegationKey.Value, stringToSign);

            var p = new BlobSasQueryParameters(
                version: Version,
                services: null,
                resourceTypes: null,
                protocol: Protocol,
                startTime: StartTime,
                expiryTime: ExpiryTime,
                ipRange: IPRange,
                identifier: null,
                resource: Resource,
                permissions: Permissions,
                keyOid: userDelegationKey.SignedOid,
                keyTid: userDelegationKey.SignedTid,
                keyStart: userDelegationKey.SignedStart,
                keyExpiry: userDelegationKey.SignedExpiry,
                keyService: userDelegationKey.SignedService,
                keyVersion: userDelegationKey.SignedVersion,
                signature: signature);

            return(p);
        }
Esempio n. 7
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
            if (ExpiresOn == default)
            {
                throw Errors.SasMissingData(nameof(ExpiresOn));
            }
            if (string.IsNullOrEmpty(Permissions))
            {
                throw Errors.SasMissingData(nameof(Permissions));
            }

            string resource;

            if (string.IsNullOrEmpty(FilePath))
            {
                resource = Constants.Sas.Resource.Share;
            }
            else
            {
                resource = Constants.Sas.Resource.File;
            }

            if (string.IsNullOrEmpty(Version))
            {
                Version = SasQueryParameters.DefaultSasVersion;
            }

            var startTime  = SasQueryParameters.FormatTimesForSasSigning(StartsOn);
            var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiresOn);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, ShareName ?? string.Empty, FilePath ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           Protocol.ToProtocolString(),
                                           Version,
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);

            var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);

            var p = new SasQueryParameters(
                version: Version,
                services: default,
Esempio n. 8
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            // https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            if (ExpiryTime == default || string.IsNullOrEmpty(Permissions) || string.IsNullOrEmpty(ResourceTypes) || string.IsNullOrEmpty(Services))
            {
                throw Errors.AccountSasMissingData();
            }
            if (string.IsNullOrEmpty(Version))
            {
                Version = SasQueryParameters.DefaultSasVersion;
            }
            // Make sure the permission characters are in the correct order
            Permissions = AccountSasPermissions.Parse(Permissions).ToString();
            var startTime  = SasQueryParameters.FormatTimesForSasSigning(StartTime);
            var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = string.Join("\n",
                                           sharedKeyCredential.AccountName,
                                           Permissions,
                                           Services,
                                           ResourceTypes,
                                           startTime,
                                           expiryTime,
                                           IPRange.ToString(),
                                           Protocol.ToString(),
                                           Version,
                                           ""); // That's right, the account SAS requires a terminating extra newline

            var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
            var p         = new SasQueryParameters(
                Version,
                Services,
                ResourceTypes,
                Protocol,
                StartTime,
                ExpiryTime,
                IPRange,
                null, // Identifier
                null, // Resource
                Permissions,
                signature);

            return(p);
        }
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            // https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            if (ExpiresOn == default || string.IsNullOrEmpty(Permissions) || ResourceTypes == default || Services == default)
            {
                throw Errors.AccountSasMissingData();
            }

            Version = SasQueryParametersInternals.DefaultSasVersionInternal;

            string startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            string stringToSign = string.Join("\n",
                                              sharedKeyCredential.AccountName,
                                              Permissions,
                                              Services.ToPermissionsString(),
                                              ResourceTypes.ToPermissionsString(),
                                              startTime,
                                              expiryTime,
                                              IPRange.ToString(),
                                              Protocol.ToProtocolString(),
                                              Version,
                                              EncryptionScope,
                                              string.Empty); // That's right, the account SAS requires a terminating extra newline

            string             signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
            SasQueryParameters p         = SasQueryParametersInternals.Create(
                Version,
                Services,
                ResourceTypes,
                Protocol,
                StartsOn,
                ExpiresOn,
                IPRange,
                identifier: null,
                resource: null,
                Permissions,
                signature,
                encryptionScope: EncryptionScope);

            return(p);
        }
Esempio n. 10
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            Permissions = QueueAccountSasPermissions.Parse(Permissions).ToString();
            if (string.IsNullOrEmpty(Version))
            {
                Version = SasQueryParameters.DefaultSasVersion;
            }

            var startTime  = SasQueryParameters.FormatTimesForSasSigning(StartTime);
            var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, QueueName ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           Protocol.ToString(),
                                           Version);
            var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
            var p         = new SasQueryParameters(
                version: Version,
                services: null,
                resourceTypes: null,
                protocol: Protocol,
                startTime: StartTime,
                expiryTime: ExpiryTime,
                ipRange: IPRange,
                identifier: Identifier,
                resource: null,
                permissions: Permissions,
                signature: signature);

            return(p);
        }