public override void ParseAccessPolicyFields(bool isDoubleSigned)
{
try
{
this.ValidateAndSetSASVersionToUse(base.QueryParams["sv"]);
base.ParseAccessPolicyFields(false);
string str = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams);
base.ValidateOptionalField(str, "sk");
if (str != null)
{
base.KeyName = str.Trim();
Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName });
}
string item = base.QueryParams["ss"];
base.ValidateMandatoryField(item, "ss");
this.SignedService = AccountSasHelper.ParseSasService(item);
string item1 = base.QueryParams["srt"];
base.ValidateMandatoryField(item1, "srt");
this.SignedResourceType = AccountSasHelper.ParseSasResourceType(item1);
string str1 = base.QueryParams["sig"];
base.ValidateMandatoryField(str1, "sig");
base.ValidateSignatureFormat(str1);
base.Signature = str1;
string item2 = base.QueryParams["sp"];
base.ValidateMandatoryField(item2, "sp");
base.SignedPermission = new SASPermission?(AccountSasHelper.ParsePermissionsForAccountSas(item2));
}
catch (FormatException formatException)
{
throw new AuthenticationFailureException("Signature fields not well formed.", formatException);
}
}
private CloudBlobContainer GetBlobContainer()
{
var sasToken = SasService.GetSasForBlobContainer();
var client = new CloudBlobClient(this.uriBlob, new StorageCredentials(sasToken));
return(client.GetContainerReference(CloudConfigurationManager.GetSetting("ContainerName")));
}
public async Task <ActionResult> Share(string partitionKey, string rowKey)
{
var photoContext = this.GetPhotoContext();
var photo = await photoContext.GetByIdAsync(partitionKey, rowKey);
if (photo == null)
{
return(this.HttpNotFound());
}
var sas = string.Empty;
if (!string.IsNullOrEmpty(photo.BlobReference))
{
var blobBlockReference = this.GetBlobContainer().GetBlockBlobReference(photo.BlobReference);
sas = SasService.GetReadonlyUriWithSasForBlob(blobBlockReference.Name, "read");
}
if (!string.IsNullOrEmpty(sas))
{
return(View("Share", null, sas));
}
return(RedirectToAction("Index"));
}
private CloudQueue GetCloudQueue()
{
var sasToken = SasService.GetAddSasForQueues();
var queueClient = new CloudQueueClient(this.uriQueue, new StorageCredentials(sasToken));
var queue = queueClient.GetQueueReference("messagequeue");
return(queue);
}
private PhotoDataServiceContext GetPhotoContext()
{
var sasToken = SasService.GetSasForTable(this.User.Identity.Name, "admin");
var cloudTableClient = new CloudTableClient(this.uriTable, new StorageCredentials(sasToken));
var photoContext = new PhotoDataServiceContext(cloudTableClient);
return(photoContext);
}
public override void Initialize(SignedAccessHelper helper)
{
AccountSasHelper accountSasHelper = (AccountSasHelper)helper;
this.SignedAccessPermission = accountSasHelper.SignedPermission.Value;
this.SignedResourceType = accountSasHelper.SignedResourceType;
this.SignedService = accountSasHelper.SignedService;
this.SignedIP = accountSasHelper.SignedIP;
this.SignedProtocol = accountSasHelper.SignedProtocol;
}
private static SasService ValidateAndAddService(SasService currServices, SasService newService, int position)
{
if ((currServices & newService) == newService)
{
object[] objArray = new object[] { "Invalid duplicate service. Error at index ", position, " of ", currServices };
throw new FormatException(string.Concat(objArray));
}
currServices |= newService;
return(currServices);
}
public static SasService ParseSasService(string service)
{
if (string.IsNullOrEmpty(service))
{
throw new ArgumentException(service);
}
SasService sasService = SasService.None;
int num = 0;
while (true)
{
if (num >= service.Length)
{
return(sasService);
}
char chr = service[num];
if (chr <= 'f')
{
if (chr == 'b')
{
sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.Blob, num);
}
else if (chr == 'f')
{
sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.File, num);
}
else
{
break;
}
}
else if (chr == 'q')
{
sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.Queue, num);
}
else if (chr == 't')
{
sasService = AccountSasHelper.ValidateAndAddService(sasService, SasService.Table, num);
}
else
{
break;
}
num++;
}
throw new FormatException(string.Concat("Unexpected character ", service[num], " in service"));
}
public AccountSasHelper(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents) : base(requestContext, uriComponents)
{
this.SignedService = SasService.None;
this.SignedResourceType = SasResourceType.None;
}
private static AuthorizationResult AuthorizeSignedService(SasService signedService, RequestContext requestContext)
{
AuthorizationResult authorizationResult = new AuthorizationResult(true, AuthorizationFailureReason.NotApplicable);
if (signedService != SasService.None)
{
switch (requestContext.ServiceType)
{
case ServiceType.BlobService:
{
if ((signedService & SasService.Blob) == SasService.Blob)
{
break;
}
authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
case ServiceType.QueueService:
{
if ((signedService & SasService.Queue) == SasService.Queue)
{
break;
}
authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
case ServiceType.TableService:
{
if ((signedService & SasService.Table) == SasService.Table)
{
break;
}
authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
case ServiceType.LocationAccountService:
case ServiceType.LocationService:
{
authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
case ServiceType.FileService:
{
if ((signedService & SasService.File) == SasService.File)
{
break;
}
authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
default:
{
authorizationResult.FailureReason = AuthorizationFailureReason.ServiceMismatch;
authorizationResult.Authorized = false;
return(authorizationResult);
}
}
}
return(authorizationResult);
}
