コード例 #1
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="DataLakeSasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            EnsureState();

            var startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            var expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = String.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? String.Empty, Path ?? String.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version,
                                           Resource,
                                           null, // snapshot
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);

            var signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign);

            var p = new DataLakeSasQueryParameters(
                version: Version,
                services: default,
コード例 #2
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
            if (ExpiresOn == default)
            {
                throw Errors.SasMissingData(nameof(ExpiresOn));
            }
            if (string.IsNullOrEmpty(Permissions))
            {
                throw Errors.SasMissingData(nameof(Permissions));
            }
            if (string.IsNullOrEmpty(Version))
            {
                Version = SasQueryParameters.DefaultSasVersion;
            }

            var startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            var expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            var stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, QueueName ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version);
            var signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign);
            var p         = SasQueryParametersInternals.Create(
                version: Version,
                services: default,
コード例 #3
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="DataLakeSasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            EnsureState();

            string startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            string stringToSign;

            // TODO https://github.com/Azure/azure-sdk-for-net/issues/23369
            if (SasQueryParametersInternals.DefaultSasVersionInternal == "2020-12-06")
            {
                stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? string.Empty, Path ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version,
                                           Resource,
                                           null, // snapshot
                                           null, // encryption scope
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);
            }
            else
            {
                stringToSign = string.Join("\n",
                                           Permissions,
                                           startTime,
                                           expiryTime,
                                           GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? string.Empty, Path ?? string.Empty),
                                           Identifier,
                                           IPRange.ToString(),
                                           SasExtensions.ToProtocolString(Protocol),
                                           Version,
                                           Resource,
                                           null, // snapshot
                                           CacheControl,
                                           ContentDisposition,
                                           ContentEncoding,
                                           ContentLanguage,
                                           ContentType);
            }

            string signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign);

            DataLakeSasQueryParameters p = new DataLakeSasQueryParameters(
                version: Version,
                services: default,
コード例 #4
0
        /// <summary>
        /// Sets the permissions for the SAS using a raw permissions string.
        /// </summary>
        /// <param name="rawPermissions">
        /// Raw permissions string for the SAS.
        /// </param>
        /// <param name="normalize">
        /// If the permissions should be validated and correctly ordered.
        /// </param>
        public void SetPermissions(
            string rawPermissions,
            bool normalize = default)
        {
            if (normalize)
            {
                rawPermissions = SasExtensions.ValidateAndSanitizeRawPermissions(
                    permissions: rawPermissions,
                    validPermissionsInOrder: s_validPermissionsInOrder);
            }

            SetPermissions(rawPermissions);
        }
コード例 #5
0
        /// <summary>
        /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
        /// shared access signature values to produce the proper SAS query
        /// parameters for authenticating requests.
        /// </summary>
        /// <param name="sharedKeyCredential">
        /// The storage account's <see cref="StorageSharedKeyCredential"/>.
        /// </param>
        /// <returns>
        /// The <see cref="SasQueryParameters"/> used for authenticating
        /// requests.
        /// </returns>
        public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
        {
            // https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS
            sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));

            if (ExpiresOn == default || string.IsNullOrEmpty(Permissions) || ResourceTypes == default || Services == default)
            {
                throw Errors.AccountSasMissingData();
            }

            Version = SasQueryParametersInternals.DefaultSasVersionInternal;

            string startTime  = SasExtensions.FormatTimesForSasSigning(StartsOn);
            string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);

            // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
            string stringToSign = string.Join("\n",
                                              sharedKeyCredential.AccountName,
                                              Permissions,
                                              Services.ToPermissionsString(),
                                              ResourceTypes.ToPermissionsString(),
                                              startTime,
                                              expiryTime,
                                              IPRange.ToString(),
                                              Protocol.ToProtocolString(),
                                              Version,
                                              EncryptionScope,
                                              string.Empty); // That's right, the account SAS requires a terminating extra newline

            string             signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
            SasQueryParameters p         = SasQueryParametersInternals.Create(
                Version,
                Services,
                ResourceTypes,
                Protocol,
                StartsOn,
                ExpiresOn,
                IPRange,
                identifier: null,
                resource: null,
                Permissions,
                signature,
                encryptionScope: EncryptionScope);

            return(p);
        }
コード例 #6
0
        /// <summary>
        /// Creates a new instance of the <see cref="SasQueryParameters"/> type
        /// based on the supplied query parameters <paramref name="values"/>.
        /// All SAS-related query parameters will be removed from
        /// <paramref name="values"/>.
        /// </summary>
        /// <param name="values">URI query parameters</param>
        /// <param name="includeBlobParameters">
        /// Optional flag indicating whether to process blob-specific query
        /// parameters.  The default value is false.
        /// </param>
        internal SasQueryParameters(
            UriQueryParamsCollection values,
            bool includeBlobParameters = false)
        {
            // make copy, otherwise we'll get an exception when we remove
            IEnumerable <KeyValuePair <string, string> > kvps = values.ToArray();

            foreach (KeyValuePair <string, string> kv in kvps)
            {
                // these are already decoded
                var isSasKey = true;
                switch (kv.Key.ToUpperInvariant())
                {
                case Constants.Sas.Parameters.VersionUpper:
                    _version = kv.Value;
                    break;

                case Constants.Sas.Parameters.ServicesUpper:
                    _services = SasExtensions.ParseAccountServices(kv.Value);
                    break;

                case Constants.Sas.Parameters.ResourceTypesUpper:
                    _resourceTypes = SasExtensions.ParseResourceTypes(kv.Value);
                    break;

                case Constants.Sas.Parameters.ProtocolUpper:
                    _protocol = SasExtensions.ParseProtocol(kv.Value);
                    break;

                case Constants.Sas.Parameters.StartTimeUpper:
                    _startTime = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
                    break;

                case Constants.Sas.Parameters.ExpiryTimeUpper:
                    _expiryTime = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
                    break;

                case Constants.Sas.Parameters.IPRangeUpper:
                    _ipRange = SasIPRange.Parse(kv.Value);
                    break;

                case Constants.Sas.Parameters.IdentifierUpper:
                    _identifier = kv.Value;
                    break;

                case Constants.Sas.Parameters.ResourceUpper:
                    _resource = kv.Value;
                    break;

                case Constants.Sas.Parameters.PermissionsUpper:
                    _permissions = kv.Value;
                    break;

                case Constants.Sas.Parameters.SignatureUpper:
                    _signature = kv.Value;
                    break;

                case Constants.Sas.Parameters.CacheControlUpper:
                    _cacheControl = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentDispositionUpper:
                    _contentDisposition = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentEncodingUpper:
                    _contentEncoding = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentLanguageUpper:
                    _contentLanguage = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentTypeUpper:
                    _contentType = kv.Value;
                    break;

                // Optionally include Blob parameters
                case Constants.Sas.Parameters.KeyObjectIdUpper:
                    if (includeBlobParameters)
                    {
                        _keyObjectId = kv.Value;
                    }
                    else
                    {
                        isSasKey = false;
                    }
                    break;

                case Constants.Sas.Parameters.KeyTenantIdUpper:
                    if (includeBlobParameters)
                    {
                        _keyTenantId = kv.Value;
                    }
                    else
                    {
                        isSasKey = false;
                    }
                    break;

                case Constants.Sas.Parameters.KeyStartUpper:
                    if (includeBlobParameters)
                    {
                        _keyStart = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
                    }
                    else
                    {
                        isSasKey = false;
                    }
                    break;

                case Constants.Sas.Parameters.KeyExpiryUpper:
                    if (includeBlobParameters)
                    {
                        _keyExpiry = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
                    }
                    else
                    {
                        isSasKey = false;
                    }
                    break;

                case Constants.Sas.Parameters.KeyServiceUpper:
                    if (includeBlobParameters)
                    {
                        _keyService = kv.Value;
                    }
                    else
                    {
                        isSasKey = false;
                    }
                    break;

                case Constants.Sas.Parameters.KeyVersionUpper:
                    if (includeBlobParameters)
                    {
                        _keyVersion = kv.Value;
                    }
                    else
                    {
                        isSasKey = false;
                    }
                    break;

                // We didn't recognize the query parameter
                default:
                    isSasKey = false;
                    break;
                }

                // Remove the query parameter if it's part of the SAS
                if (isSasKey)
                {
                    values.Remove(kv.Key);
                }
            }
        }
コード例 #7
0
 /// <summary>
 /// Sets the permissions for the SAS using a raw permissions string.
 /// </summary>
 /// <param name="rawPermissions">Raw permissions string for the SAS.</param>
 public void SetPermissions(string rawPermissions)
 {
     Permissions = SasExtensions.ValidateAndSanitizeRawPermissions(
         permissions: rawPermissions,
         validPermissionsInOrder: s_validPermissionsInOrder);
 }
コード例 #8
0
        /// <summary>
        /// Creates a new instance of the <see cref="SasQueryParameters"/> type
        /// based on the supplied query parameters <paramref name="values"/>.
        /// All SAS-related query parameters will be removed from
        /// <paramref name="values"/>.
        /// </summary>
        /// <param name="values">URI query parameters</param>
        protected SasQueryParameters(IDictionary <string, string> values)
        {
            // make copy, otherwise we'll get an exception when we remove
            IEnumerable <KeyValuePair <string, string> > kvps = values.ToArray();

            foreach (KeyValuePair <string, string> kv in kvps)
            {
                // these are already decoded
                var isSasKey = true;
                switch (kv.Key.ToUpperInvariant())
                {
                case Constants.Sas.Parameters.VersionUpper:
                    _version = kv.Value;
                    break;

                case Constants.Sas.Parameters.ServicesUpper:
                    _services = SasExtensions.ParseAccountServices(kv.Value);
                    break;

                case Constants.Sas.Parameters.ResourceTypesUpper:
                    _resourceTypes = SasExtensions.ParseResourceTypes(kv.Value);
                    break;

                case Constants.Sas.Parameters.ProtocolUpper:
                    _protocol = SasExtensions.ParseProtocol(kv.Value);
                    break;

                case Constants.Sas.Parameters.StartTimeUpper:
                    _startTime = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
                    break;

                case Constants.Sas.Parameters.ExpiryTimeUpper:
                    _expiryTime = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
                    break;

                case Constants.Sas.Parameters.IPRangeUpper:
                    _ipRange = SasIPRange.Parse(kv.Value);
                    break;

                case Constants.Sas.Parameters.IdentifierUpper:
                    _identifier = kv.Value;
                    break;

                case Constants.Sas.Parameters.ResourceUpper:
                    _resource = kv.Value;
                    break;

                case Constants.Sas.Parameters.PermissionsUpper:
                    _permissions = kv.Value;
                    break;

                case Constants.Sas.Parameters.SignatureUpper:
                    _signature = kv.Value;
                    break;

                case Constants.Sas.Parameters.CacheControlUpper:
                    _cacheControl = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentDispositionUpper:
                    _contentDisposition = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentEncodingUpper:
                    _contentEncoding = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentLanguageUpper:
                    _contentLanguage = kv.Value;
                    break;

                case Constants.Sas.Parameters.ContentTypeUpper:
                    _contentType = kv.Value;
                    break;

                case Constants.Sas.Parameters.PreauthorizedAgentObjectIdUpper:
                    _preauthorizedAgentObjectId = kv.Value;
                    break;

                case Constants.Sas.Parameters.AgentObjectIdUpper:
                    _agentObjectId = kv.Value;
                    break;

                case Constants.Sas.Parameters.CorrelationIdUpper:
                    _correlationId = kv.Value;
                    break;

                case Constants.Sas.Parameters.DirectoryDepthUpper:
                    _directoryDepth = Convert.ToInt32(kv.Value, Constants.Base16);
                    break;

                // We didn't recognize the query parameter
                default:
                    isSasKey = false;
                    break;
                }

                // Remove the query parameter if it's part of the SAS
                if (isSasKey)
                {
                    values.Remove(kv.Key);
                }
            }
        }