public void RedirectionSignatureTest()
{
var request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null)
{
AuthenticationScheme = "SharedKey",
AuthenticationKey = DashConfiguration.AccountKey,
};
var result = HandlerResult.Redirect(request,
"http://dataaccount.blob.core.windows.net/container/test%20encoded");
result.Headers = new ResponseHeaders(new[] {
new KeyValuePair <string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"),
});
Assert.AreEqual(result.SignedLocation, "SharedKey dashstorage1:iU0kJCrvLR7rdIS/HXO0T04gTu09enDo25/3WtrjESI=");
// Secondary key
request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null)
{
AuthenticationScheme = "SharedKeyLite",
AuthenticationKey = DashConfiguration.SecondaryAccountKey,
};
result = HandlerResult.Redirect(request,
"http://dataaccount.blob.core.windows.net/container/test%20encoded");
result.Headers = new ResponseHeaders(new[] {
new KeyValuePair <string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"),
});
Assert.AreEqual(result.SignedLocation, "SharedKeyLite dashstorage1:o3XAz28naFjcSxCbqoZL394S/zLY2+nYk7v8KbdnlSI=");
}
public void SharedKeyRequestTest()
{
var headers = new[] {
Tuple.Create("User-Agent", "WA-Storage/4.3.0 (.NET CLR 4.0.30319.34014; Win32NT 6.2.9200.0)"),
Tuple.Create("x-ms-version", "2014-02-14"),
Tuple.Create("x-ms-client-request-id", "adfb540e-1050-4c9b-a53a-be6cb71688d3"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
Tuple.Create("Host", "dashstorage1.blob.core.windows.net"),
Tuple.Create("Connection", "Keep-Alive"),
Tuple.Create("Content-Length", "0"),
};
var request = new MockHttpRequestWrapper("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:rB2yPGBXn3CtquDlk03An34hgRHIibK/Xv+hjG3r0Us=") }));
Assert.IsTrue(IsRequestAuthorized(request));
Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("8jqRVtXUWiEthgIhR+dFwrB8gh3lFuquvJQ1v4eabObIj7okI1cZIuzY8zZHmEdpcC0f+XlUkbFwAhjTfyrLIg==")));
Assert.AreEqual(request.AuthenticationScheme, "SharedKey");
// Encoded URI
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded",
headers,
"SharedKey dashstorage1:CVlJHA7FdyqJ75pPkufGavOsXEtzcr5RAWd3R5fEolA="));
// For encoded uris, some clients generate the signature on the unencoded path (in violation of the documented spec), but
// storage supports it, so we have to as well.
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded",
headers,
"SharedKey dashstorage1:w6D7S11x58ueIvRKEWZGe1MRVvMkQFO+18wPlfm6f+A="));
// Alternate encoding - some punctuation characters are encoded as well
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded(1)",
headers,
"SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU="));
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded%281%29",
headers,
"SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU="));
// Secondary key
request = new MockHttpRequestWrapper("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:zmKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=") }));
Assert.IsTrue(IsRequestAuthorized(request));
Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("Klari9ZbVdFQ35aULCfqqehCsd136amhusMHWynTpz2Pg+GyQMJw3GH177hvEQbaZ2oeRYk3jw0mIaV3ehNIRg==")));
// Invalid key
Assert.IsFalse(IsRequestAuthorized("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers,
"SharedKey dashstorage1:ymKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA="));
}
public void RedirectionSignatureTest()
{
var request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null)
{
AuthenticationScheme = "SharedKey",
AuthenticationKey = DashConfiguration.AccountKey,
};
var result = HandlerResult.Redirect(request,
"http://dataaccount.blob.core.windows.net/container/test%20encoded");
result.Headers = new ResponseHeaders(new[] {
new KeyValuePair<string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"),
});
Assert.AreEqual(result.SignedLocation, "SharedKey dashstorage1:iU0kJCrvLR7rdIS/HXO0T04gTu09enDo25/3WtrjESI=");
// Secondary key
request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null)
{
AuthenticationScheme = "SharedKeyLite",
AuthenticationKey = DashConfiguration.SecondaryAccountKey,
};
result = HandlerResult.Redirect(request,
"http://dataaccount.blob.core.windows.net/container/test%20encoded");
result.Headers = new ResponseHeaders(new[] {
new KeyValuePair<string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"),
});
Assert.AreEqual(result.SignedLocation, "SharedKeyLite dashstorage1:o3XAz28naFjcSxCbqoZL394S/zLY2+nYk7v8KbdnlSI=");
}
public void SharedKeyRequestTest()
{
var headers = new[] {
Tuple.Create("User-Agent", "WA-Storage/4.3.0 (.NET CLR 4.0.30319.34014; Win32NT 6.2.9200.0)"),
Tuple.Create("x-ms-version", "2014-02-14"),
Tuple.Create("x-ms-client-request-id", "adfb540e-1050-4c9b-a53a-be6cb71688d3"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
Tuple.Create("Host", "dashstorage1.blob.core.windows.net"),
Tuple.Create("Connection", "Keep-Alive"),
Tuple.Create("Content-Length", "0"),
};
var request = new MockHttpRequestWrapper("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:rB2yPGBXn3CtquDlk03An34hgRHIibK/Xv+hjG3r0Us=") }));
Assert.IsTrue(IsRequestAuthorized(request));
Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("8jqRVtXUWiEthgIhR+dFwrB8gh3lFuquvJQ1v4eabObIj7okI1cZIuzY8zZHmEdpcC0f+XlUkbFwAhjTfyrLIg==")));
Assert.AreEqual(request.AuthenticationScheme, "SharedKey");
// Encoded URI
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded",
headers,
"SharedKey dashstorage1:CVlJHA7FdyqJ75pPkufGavOsXEtzcr5RAWd3R5fEolA="));
// For encoded uris, some clients generate the signature on the unencoded path (in violation of the documented spec), but
// storage supports it, so we have to as well.
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded",
headers,
"SharedKey dashstorage1:w6D7S11x58ueIvRKEWZGe1MRVvMkQFO+18wPlfm6f+A="));
// Alternate encoding - some punctuation characters are encoded as well
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded(1)",
headers,
"SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU="));
// Alternate encoding - the full suite of reserved characters
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/dashencode/reserved-characters-blob-[]@!$&()*+,;='",
headers,
"SharedKey dashstorage1:kDCnETyjm08UsynfFVPrsXx6zbpR9iWI+H2eylg+UXg="));
// Standard encoding - the full suite of reserved characters
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/dashencode/reserved-characters-blob-[]@!$&()*+,;='",
headers,
"SharedKey dashstorage1:6NTW7igimlQamDKOmDROti282ByL/8kGU4R8n6RVtmM="));
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded%281%29",
headers,
"SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU="));
// Secondary key
request = new MockHttpRequestWrapper("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:zmKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=") }));
Assert.IsTrue(IsRequestAuthorized(request));
Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("Klari9ZbVdFQ35aULCfqqehCsd136amhusMHWynTpz2Pg+GyQMJw3GH177hvEQbaZ2oeRYk3jw0mIaV3ehNIRg==")));
// Invalid key
Assert.IsFalse(IsRequestAuthorized("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers,
"SharedKey dashstorage1:ymKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA="));
// Non-zero content length
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test/testblob",
new[] {
Tuple.Create("x-ms-version", "2014-02-14"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
Tuple.Create("Content-Length", "1024"),
},
"SharedKey dashstorage1:2LVVY8xiJ1iJzypLMXFTV2dsq6iglj1EAV9BNCi8+B4="));
// 2015-02-21 version with 0 content length
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test/testblob",
new[] {
Tuple.Create("x-ms-version", "2015-02-21"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
Tuple.Create("Content-Length", "0"),
},
"SharedKey dashstorage1:LN/1NeMcCUcRssRcfKyInYVL1EpqS8SL9xoLlJJsKPs="));
// Blank content-length with new version
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test/testblob",
new[] {
Tuple.Create("x-ms-version", "2015-02-21"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
},
"SharedKey dashstorage1:LN/1NeMcCUcRssRcfKyInYVL1EpqS8SL9xoLlJJsKPs="));
// Valid content-length with new version
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test/testblob",
new[] {
Tuple.Create("x-ms-version", "2015-02-21"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
Tuple.Create("Content-Length", "1024"),
},
"SharedKey dashstorage1:d0i2sKACec56W4SrUEg77CL8b/p7chQZVRzRk7finnI="));
}
public void SharedKeyRequestTest()
{
var headers = new[] {
Tuple.Create("User-Agent", "WA-Storage/4.3.0 (.NET CLR 4.0.30319.34014; Win32NT 6.2.9200.0)"),
Tuple.Create("x-ms-version", "2014-02-14"),
Tuple.Create("x-ms-client-request-id", "adfb540e-1050-4c9b-a53a-be6cb71688d3"),
Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"),
Tuple.Create("Host", "dashstorage1.blob.core.windows.net"),
Tuple.Create("Connection", "Keep-Alive"),
Tuple.Create("Content-Length", "0"),
};
var request = new MockHttpRequestWrapper("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:rB2yPGBXn3CtquDlk03An34hgRHIibK/Xv+hjG3r0Us=") }));
Assert.IsTrue(IsRequestAuthorized(request));
Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("8jqRVtXUWiEthgIhR+dFwrB8gh3lFuquvJQ1v4eabObIj7okI1cZIuzY8zZHmEdpcC0f+XlUkbFwAhjTfyrLIg==")));
Assert.AreEqual(request.AuthenticationScheme, "SharedKey");
// Encoded URI
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded",
headers,
"SharedKey dashstorage1:CVlJHA7FdyqJ75pPkufGavOsXEtzcr5RAWd3R5fEolA="));
// For encoded uris, some clients generate the signature on the unencoded path (in violation of the documented spec), but
// storage supports it, so we have to as well.
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded",
headers,
"SharedKey dashstorage1:w6D7S11x58ueIvRKEWZGe1MRVvMkQFO+18wPlfm6f+A="));
// Alternate encoding - some punctuation characters are encoded as well
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded(1)",
headers,
"SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU="));
Assert.IsTrue(IsRequestAuthorized("PUT",
"http://localhost/container/test%20encoded%281%29",
headers,
"SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU="));
// Secondary key
request = new MockHttpRequestWrapper("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:zmKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=") }));
Assert.IsTrue(IsRequestAuthorized(request));
Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("Klari9ZbVdFQ35aULCfqqehCsd136amhusMHWynTpz2Pg+GyQMJw3GH177hvEQbaZ2oeRYk3jw0mIaV3ehNIRg==")));
// Invalid key
Assert.IsFalse(IsRequestAuthorized("GET",
"http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy",
headers,
"SharedKey dashstorage1:ymKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA="));
}
