protected override async Task <SecretData> RotateValue(Parameters parameters, RotationContext context, CancellationToken cancellationToken)
{
DateTimeOffset now = _clock.UtcNow;
CloudStorageAccount account = CloudStorageAccount.Parse(await context.GetSecretValue(parameters.ConnectionString));
CloudTableClient tableClient = account.CreateCloudTableClient();
CloudTable table = tableClient.GetTableReference(parameters.Table);
string sas = table.GetSharedAccessSignature(new SharedAccessTablePolicy
{
Permissions = SharedAccessTablePolicy.PermissionsFromString(parameters.Permissions),
SharedAccessExpiryTime = now.AddMonths(1),
});
string result = table.Uri.AbsoluteUri + sas;
return(new SecretData(result, now.AddMonths(1), now.AddDays(15)));
}
internal static void SetupAccessPolicyPermission <T>(T policy, string permission)
{
//set permission as none if passed-in value is empty
if (permission == null)
{
return;
}
if (string.IsNullOrEmpty(permission))
{
if (typeof(T) == typeof(SharedAccessTablePolicy))
{
((SharedAccessTablePolicy)(Object)policy).Permissions = SharedAccessTablePermissions.None;
}
else if (typeof(T) == typeof(SharedAccessFilePolicy))
{
((SharedAccessFilePolicy)(Object)policy).Permissions = SharedAccessFilePermissions.None;
}
else if (typeof(T) == typeof(SharedAccessBlobPolicy))
{
((SharedAccessBlobPolicy)(Object)policy).Permissions = SharedAccessBlobPermissions.None;
}
else if ((typeof(T) == typeof(SharedAccessQueuePolicy)))
{
((SharedAccessQueuePolicy)(Object)policy).Permissions = SharedAccessQueuePermissions.None;
}
else
{
throw new ArgumentException(Resources.InvalidAccessPolicyType);
}
return;
}
permission = permission.ToLower(CultureInfo.InvariantCulture);
try
{
if (typeof(T) == typeof(SharedAccessTablePolicy))
{
//PowerShell will convert q to r in genreate table SAS. Add this to avoid regression
string convertedPermission = permission.Replace('q', 'r');
((SharedAccessTablePolicy)(Object)policy).Permissions = SharedAccessTablePolicy.PermissionsFromString(convertedPermission);
}
else if (typeof(T) == typeof(SharedAccessFilePolicy))
{
((SharedAccessFilePolicy)(Object)policy).Permissions = SharedAccessFilePolicy.PermissionsFromString(permission);
}
else if (typeof(T) == typeof(SharedAccessBlobPolicy))
{
((SharedAccessBlobPolicy)(Object)policy).Permissions = SharedAccessBlobPolicy.PermissionsFromString(permission);
}
else if ((typeof(T) == typeof(SharedAccessQueuePolicy)))
{
((SharedAccessQueuePolicy)(Object)policy).Permissions = SharedAccessQueuePolicy.PermissionsFromString(permission);
}
else
{
throw new ArgumentException(Resources.InvalidAccessPolicyType);
}
}
catch (System.ArgumentOutOfRangeException)
{
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.InvalidAccessPermission, permission));
}
}
