/// <summary> /// Create a storage context usign cloud storage account /// </summary> /// <param name="account">cloud storage account</param> public AzureStorageContext(CloudStorageAccount account, string accountName = null, IAzureContext DefaultContext = null, DebugLogWriter logWriter = null) { StorageAccount = account; TableStorageAccount = XTable.CloudStorageAccount.Parse(StorageAccount.ToString(true)); if (account.BlobEndpoint != null) { BlobEndPoint = account.BlobEndpoint.ToString(); } if (account.TableEndpoint != null) { TableEndPoint = account.TableEndpoint.ToString(); } if (account.QueueEndpoint != null) { QueueEndPoint = account.QueueEndpoint.ToString(); } if (account.FileEndpoint != null) { FileEndPoint = account.FileEndpoint.ToString(); } StorageAccountName = string.IsNullOrEmpty(accountName) ? (account.Credentials is null ? null : account.Credentials.AccountName) : accountName; Context = this; Name = String.Empty; if (string.IsNullOrEmpty(StorageAccountName)) { if (account.Credentials != null && account.Credentials.IsSAS) { StorageAccountName = "[SasToken]"; } else if (account.Credentials != null && account.Credentials.IsToken) { StorageAccountName = "[AccessToken]"; } else { StorageAccountName = "[Anonymous]"; } } if (account.Credentials != null && account.Credentials.IsToken) { Track2OauthToken = new AzureSessionCredential(DefaultContext, logWriter); } }
/// <summary> /// Download blob with blob Uri /// If blob is on a managed disk account, and server return 401 and requires a bearer token besides Sas Uri to download, /// will try to generate a bearer token and download again with both Sas Uri and bearer token. /// </summary> /// <param name="blobUri"></param> /// <param name="fileName"></param> internal void GetBlobContent(string blobUri, string fileName) { BlobClientOptions blobClientOptions = this.ClientOptions; BlobBaseClient blobclient = new BlobBaseClient(new Uri(blobUri), blobClientOptions); Track2Models.BlobProperties blobproperties; if (blobclient.AccountName.ToLower().StartsWith("md-")) // managed disk account, must be page blob { blobClientOptions.Diagnostics.LoggedHeaderNames.Add("WWW-Authenticate"); blobclient = new PageBlobClient(new Uri(blobUri), blobClientOptions); try { blobproperties = blobclient.GetProperties(null, this.CmdletCancellationToken).Value; } catch (global::Azure.RequestFailedException e) when(e.Status == 401) // need diskRP bearer token { string audience = Util.GetAudienceFrom401ExceptionMessage(e.Message); if (audience != null) { WriteDebugLog(string.Format("Need bearer token with audience {0} to access the blob, so will generate bearer token and resend the request.", audience)); AzureSessionCredential customerToken = new AzureSessionCredential(DefaultContext, customAudience: audience); blobclient = new PageBlobClient(new Uri(blobUri), customerToken, this.ClientOptions); } else { throw e; } } } else // need check blob type for none md account { blobproperties = blobclient.GetProperties(null, this.CmdletCancellationToken).Value; blobclient = Util.GetTrack2BlobClient(new Uri(blobUri), null, blobClientOptions, blobproperties.BlobType); } GetBlobContent(blobclient, fileName); }