public AzureVMBackupBlobSasUris GenerateBlobSasUris(List <string> blobUris, CloudPageBlobObjectFactory cloudPageBlobObjectFactory) { AzureVMBackupBlobSasUris blobSASUris = new AzureVMBackupBlobSasUris(); for (int i = 0; i < blobUris.Count; i++) { string blobUri = blobUris[i]; BlobUri osBlobUri = null; if (BlobUri.TryParseUri(new Uri(blobUri), out osBlobUri)) { CloudPageBlob pageBlob = cloudPageBlobObjectFactory.Create(osBlobUri); SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy(); sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(5); sasConstraints.Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.List; string sasUri = osBlobUri.Uri + pageBlob.GetSharedAccessSignature(sasConstraints); blobSASUris.blobSASUri.Add(sasUri); } else { throw new AzureVMBackupException(AzureVMBackupErrorCodes.WrongBlobUriFormat, "the blob uri is not in correct format."); } } return(blobSASUris); }
private string CreateApplicationMediaLink(string rgName, string fileName) { string storageAccountName = ComputeManagementTestUtilities.GenerateName("saforgallery"); string asName = ComputeManagementTestUtilities.GenerateName("asforgallery"); StorageAccount storageAccountOutput = CreateStorageAccount(rgName, storageAccountName); // resource group is also created in this method. string applicationMediaLink = @"https://saforgallery1969.blob.core.windows.net/sascontainer/test.txt\"; if (HttpMockServer.Mode == HttpRecorderMode.Record) { var accountKeyResult = m_SrpClient.StorageAccounts.ListKeysWithHttpMessagesAsync(rgName, storageAccountName).Result; CloudStorageAccount storageAccount = new CloudStorageAccount(new StorageCredentials(storageAccountName, accountKeyResult.Body.Key1), useHttps: true); var blobClient = storageAccount.CreateCloudBlobClient(); CloudBlobContainer container = blobClient.GetContainerReference("sascontainer"); bool created = container.CreateIfNotExistsAsync().Result; CloudPageBlob pageBlob = container.GetPageBlobReference(fileName); byte[] blobContent = Encoding.UTF8.GetBytes("Application Package Test"); byte[] bytes = new byte[512]; // Page blob must be multiple of 512 System.Buffer.BlockCopy(blobContent, 0, bytes, 0, blobContent.Length); pageBlob.UploadFromByteArrayAsync(bytes, 0, bytes.Length); SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy(); sasConstraints.SharedAccessStartTime = DateTime.UtcNow.AddDays(-1); sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddDays(2); sasConstraints.Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write; //Generate the shared access signature on the blob, setting the constraints directly on the signature. string sasContainerToken = pageBlob.GetSharedAccessSignature(sasConstraints); //Return the URI string for the container, including the SAS token. applicationMediaLink = pageBlob.Uri + sasContainerToken; } return(applicationMediaLink); }
private string GetAzureVmSasUri(string vmImageName) { string mediaLinkUri = null; Uri uri = null; StorageManagementClient storageClient = null; string storageAccountName = null; StorageAccountGetKeysResponse getKeysResponse = null; ErrorRecord er = null; StorageCredentials credentials = null; SharedAccessBlobPolicy accessPolicy = null; CloudPageBlob pageBlob = null; string sas = null; mediaLinkUri = GetImageUri(vmImageName); uri = new Uri(mediaLinkUri); storageClient = new StorageManagementClient(this.Client.Credentials, this.Client.BaseUri); storageAccountName = uri.Authority.Split('.')[0]; getKeysResponse = storageClient.StorageAccounts.GetKeys(storageAccountName); if (getKeysResponse.StatusCode != System.Net.HttpStatusCode.OK) { er = RemoteAppCollectionErrorState.CreateErrorRecordFromString( String.Format(Commands_RemoteApp.GettingStorageAccountKeyErrorFormat, getKeysResponse.StatusCode.ToString()), String.Empty, Client.TemplateImages, ErrorCategory.ConnectionError ); ThrowTerminatingError(er); } credentials = new StorageCredentials(storageAccountName, getKeysResponse.SecondaryKey); accessPolicy = new SharedAccessBlobPolicy(); pageBlob = new CloudPageBlob(uri, credentials); accessPolicy.Permissions = SharedAccessBlobPermissions.Read; // Sometimes the clocks are 2-3 seconds fast and the SAS is not yet valid when the service tries to use it. accessPolicy.SharedAccessStartTime = DateTime.UtcNow.AddMinutes(-5); accessPolicy.SharedAccessExpiryTime = DateTime.UtcNow.AddHours(12); sas = pageBlob.GetSharedAccessSignature(accessPolicy); if (sas == null) { er = RemoteAppCollectionErrorState.CreateErrorRecordFromString( Commands_RemoteApp.FailedToGetSasUriError, String.Empty, Client.TemplateImages, ErrorCategory.ConnectionError ); ThrowTerminatingError(er); } return(mediaLinkUri + sas); }
public static string GetSASUri(string blobUrlRoot, string storageAccoutnName, string primaryKey, string container, string filename, TimeSpan persmissionDuration, SharedAccessBlobPermissions permissionType) { // Set the destination string httpsBlobUrlRoot = string.Format("https:{0}", blobUrlRoot.Substring(blobUrlRoot.IndexOf('/'))); string vhdDestUri = httpsBlobUrlRoot + string.Format("{0}/{1}", container, filename); var destinationBlob = new CloudPageBlob(new Uri(vhdDestUri), new StorageCredentials(storageAccoutnName, primaryKey)); var policy2 = new SharedAccessBlobPolicy() { Permissions = permissionType, SharedAccessExpiryTime = DateTime.UtcNow.Add(persmissionDuration) }; var destinationBlobToken2 = destinationBlob.GetSharedAccessSignature(policy2); vhdDestUri += destinationBlobToken2; return(vhdDestUri); }
private string CreateSasUriWithPermission(string vhdName, int p) { // Set the destination string vhdBlobName = string.Format("{0}/{1}.vhd", vhdContainerName, Utilities.GetUniqueShortName(Path.GetFileNameWithoutExtension(vhdName))); string httpsBlobUrlRoot = string.Format("https:{0}", blobUrlRoot.Substring(blobUrlRoot.IndexOf('/'))); string vhdDestUri = httpsBlobUrlRoot + vhdBlobName; var destinationBlob2 = new CloudPageBlob(new Uri(vhdDestUri), new StorageCredentials(storageAccountKey.StorageAccountName, storageAccountKey.Primary)); var policy2 = new SharedAccessBlobPolicy() { Permissions = (SharedAccessBlobPermissions)p, SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromHours(1) }; var destinationBlobToken2 = destinationBlob2.GetSharedAccessSignature(policy2); vhdDestUri += destinationBlobToken2; return vhdDestUri; }
public AzureVMBackupBlobSasUris GenerateBlobSasUris(List <string> blobUris, IAzureContext azContext) { AzureVMBackupBlobSasUris blobSASUris = new AzureVMBackupBlobSasUris(); for (int i = 0; i < blobUris.Count; i++) { string blobUri = blobUris[i]; BlobUri osBlobUri = null; if (BlobUri.TryParseUri(new Uri(blobUri), out osBlobUri)) { StorageManagementClient storageClient = AzureSession.Instance.ClientFactory.CreateArmClient <StorageManagementClient>(azContext, AzureEnvironment.Endpoint.ResourceManager); // Need to convert osBlobUri.StorageAccountName into corresponding resource group name var listResponse = storageClient.StorageAccounts.List(); var account = listResponse.First(accTemp => accTemp.Name.Equals(osBlobUri.StorageAccountName, StringComparison.InvariantCultureIgnoreCase)); string resourceGroupName = GetResourceGroupFromId(account.Id); StorageCredentialsFactory storageCredentialsFactory = new StorageCredentialsFactory(resourceGroupName, storageClient, azContext.Subscription); CloudPageBlobObjectFactory cloudPageBlobObjectFactory = new CloudPageBlobObjectFactory(storageCredentialsFactory, TimeSpan.FromMinutes(1)); CloudPageBlob pageBlob = cloudPageBlobObjectFactory.Create(osBlobUri); SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy(); sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(5); sasConstraints.Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.List; string sasUri = osBlobUri.Uri + pageBlob.GetSharedAccessSignature(sasConstraints); blobSASUris.blobSASUri.Add(sasUri); blobSASUris.pageBlobUri.Add(blobUri); blobSASUris.storageCredentialsFactory.Add(storageCredentialsFactory); } else { throw new AzureVMBackupException(AzureVMBackupErrorCodes.WrongBlobUriFormat, "the blob uri is not in correct format."); } } return(blobSASUris); }
static public string GenerateSasUri(string blobStorageEndpointFormat, string storageAccount, string storageAccountKey, string blobContainer, string vhdName, int hours = 10, bool read = true, bool write = true, bool delete = true, bool list = true) { string destinationSasUri = string.Format(@blobStorageEndpointFormat, storageAccount) + string.Format("/{0}/{1}", blobContainer, vhdName); var destinationBlob = new CloudPageBlob(new Uri(destinationSasUri), new StorageCredentials(storageAccount, storageAccountKey)); SharedAccessBlobPermissions permission = 0; permission |= (read) ? SharedAccessBlobPermissions.Read : 0; permission |= (write) ? SharedAccessBlobPermissions.Write : 0; permission |= (delete) ? SharedAccessBlobPermissions.Delete : 0; permission |= (list) ? SharedAccessBlobPermissions.List : 0; var policy = new SharedAccessBlobPolicy() { Permissions = permission, SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromHours(hours) }; string destinationBlobToken = destinationBlob.GetSharedAccessSignature(policy); return(destinationSasUri + destinationBlobToken); }
/// <summary> /// Get blob shared access signature /// </summary> /// <param name="blob">ICloudBlob object</param> /// <param name="accessPolicy">SharedAccessBlobPolicy object</param> /// <param name="policyIdentifier">The existing policy identifier.</param> /// <returns></returns> private string GetBlobSharedAccessSignature(ICloudBlob blob, SharedAccessBlobPolicy accessPolicy, string policyIdentifier) { CloudBlobContainer container = blob.Container; string signature = String.Empty; switch (blob.BlobType) { case BlobType.BlockBlob: CloudBlockBlob blockBlob = blob as CloudBlockBlob; signature = blockBlob.GetSharedAccessSignature(accessPolicy, policyIdentifier); break; case BlobType.PageBlob: CloudPageBlob pageBlob = blob as CloudPageBlob; signature = pageBlob.GetSharedAccessSignature(accessPolicy, policyIdentifier); break; default: throw new ArgumentException(Resources.UnknownBlob); } return(signature); }