/// <summary> /// Initializes a new instance of the <see cref="SharedAccessFileHeaders"/> class based on an existing instance. /// </summary> /// <param name="sharedAccessFileHeaders">The set of <see cref="SharedAccessFileHeaders"/> to clone.</param> public SharedAccessFileHeaders(SharedAccessFileHeaders sharedAccessFileHeaders) { CommonUtility.AssertNotNull("sharedAccessFileHeaders", sharedAccessFileHeaders); this.ContentType = sharedAccessFileHeaders.ContentType; this.ContentDisposition = sharedAccessFileHeaders.ContentDisposition; this.ContentEncoding = sharedAccessFileHeaders.ContentEncoding; this.ContentLanguage = sharedAccessFileHeaders.ContentLanguage; this.CacheControl = sharedAccessFileHeaders.CacheControl; }
/// <summary> /// Returns a shared access signature for the file. /// </summary> /// <param name="policy">A <see cref="SharedAccessFilePolicy"/> object specifying the access policy for the shared access signature.</param> /// <param name="headers">A <see cref="SharedAccessFileHeaders"/> object specifying optional header values to set for a file accessed with this SAS.</param> /// <param name="groupPolicyIdentifier">A string identifying a stored access policy.</param> /// <returns>A shared access signature, as a URI query string.</returns> public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string groupPolicyIdentifier) { if (!this.ServiceClient.Credentials.IsSharedKey) { string errorMessage = string.Format(CultureInfo.InvariantCulture, SR.CannotCreateSASWithoutAccountKey); throw new InvalidOperationException(errorMessage); } string resourceName = this.GetCanonicalName(); StorageAccountKey accountKey = this.ServiceClient.Credentials.Key; string signature = SharedAccessSignatureHelper.GetHash(policy, headers, groupPolicyIdentifier, resourceName, Constants.HeaderConstants.TargetStorageVersion, accountKey.KeyValue); UriQueryBuilder builder = SharedAccessSignatureHelper.GetSignature(policy, headers, groupPolicyIdentifier, "f", signature, accountKey.KeyName, Constants.HeaderConstants.TargetStorageVersion); return(builder.ToString()); }
public void CloudFileSASHeaders() { for (int i = 1; i < 0x20; i++) { CloudFile testFile = this.testShare.GetRootDirectoryReference().GetFileReference("file" + i); SharedAccessFilePermissions permissions = (SharedAccessFilePermissions)i; SharedAccessFileHeaders headers = new SharedAccessFileHeaders() { CacheControl = "no-transform", ContentDisposition = "attachment", ContentEncoding = "gzip", ContentLanguage = "tr,en", ContentType = "text/html" }; TestFileSAS(testFile, permissions, headers); } }
private static void TestFileSAS(CloudFile testFile, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers) { SharedAccessFilePolicy policy = new SharedAccessFilePolicy() { SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5), SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30), Permissions = permissions, }; string sasToken = testFile.GetSharedAccessSignature(policy, headers, null); TestAccess(sasToken, permissions, headers, null, testFile); }
private static void TestAccess(string sasToken, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers, CloudFileShare share, CloudFile file) { StorageCredentials credentials = string.IsNullOrEmpty(sasToken) ? new StorageCredentials() : new StorageCredentials(sasToken); if (share != null) { share = new CloudFileShare(credentials.TransformUri(share.Uri)); file = share.GetRootDirectoryReference().GetFileReference(file.Name); } else { file = new CloudFile(credentials.TransformUri(file.Uri)); } if (share != null) { if ((permissions & SharedAccessFilePermissions.List) == SharedAccessFilePermissions.List) { share.GetRootDirectoryReference().ListFilesAndDirectories().ToArray(); } else { TestHelper.ExpectedException( () => share.GetRootDirectoryReference().ListFilesAndDirectories().ToArray(), "List files while SAS does not allow for listing", HttpStatusCode.NotFound); } } if ((permissions & SharedAccessFilePermissions.Read) == SharedAccessFilePermissions.Read) { file.FetchAttributes(); // Test headers if (headers != null) { if (headers.CacheControl != null) { Assert.AreEqual(headers.CacheControl, file.Properties.CacheControl); } if (headers.ContentDisposition != null) { Assert.AreEqual(headers.ContentDisposition, file.Properties.ContentDisposition); } if (headers.ContentEncoding != null) { Assert.AreEqual(headers.ContentEncoding, file.Properties.ContentEncoding); } if (headers.ContentLanguage != null) { Assert.AreEqual(headers.ContentLanguage, file.Properties.ContentLanguage); } if (headers.ContentType != null) { Assert.AreEqual(headers.ContentType, file.Properties.ContentType); } } } else { TestHelper.ExpectedException( () => file.FetchAttributes(), "Fetch file attributes while SAS does not allow for reading", HttpStatusCode.NotFound); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { file.SetMetadata(); } else { TestHelper.ExpectedException( () => file.SetMetadata(), "Set file metadata while SAS does not allow for writing", HttpStatusCode.NotFound); } if ((permissions & SharedAccessFilePermissions.Delete) == SharedAccessFilePermissions.Delete) { file.Delete(); } else { TestHelper.ExpectedException( () => file.Delete(), "Delete file while SAS does not allow for deleting", HttpStatusCode.NotFound); } }
private static async Task TestAccess(string sasToken, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers, CloudFileShare share, CloudFile file) { CloudFileShare SASshare = null; CloudFile SASfile; OperationContext context = new OperationContext(); StorageCredentials credentials = string.IsNullOrEmpty(sasToken) ? new StorageCredentials() : new StorageCredentials(sasToken); string fileText = "file"; if (share != null) { SASshare = new CloudFileShare(credentials.TransformUri(share.Uri)); SASfile = SASshare.GetRootDirectoryReference().GetFileReference(file.Name); } else { SASfile = new CloudFile(credentials.TransformUri(file.Uri)); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { await UploadTextAsync(SASfile, fileText, Encoding.UTF8); } else if ((permissions & SharedAccessFilePermissions.Create) == SharedAccessFilePermissions.Create) { await SASfile.CreateAsync(Encoding.UTF8.GetBytes(fileText).Length); context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => await UploadTextAsync(SASfile, fileText, Encoding.UTF8, operationContext: context), context, "UploadText SAS does not allow for writing", HttpStatusCode.Forbidden, ""); await UploadTextAsync(file, fileText, Encoding.UTF8); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => await SASfile.CreateAsync(Encoding.UTF8.GetBytes(fileText).Length, null /* accessCondition */, null /* options */, context), context, "Create file succeeded but SAS does not allow for writing/creating", HttpStatusCode.Forbidden, ""); context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => await UploadTextAsync(SASfile, fileText, Encoding.UTF8, operationContext: context), context, "UploadText SAS does not allow for writing/creating", HttpStatusCode.Forbidden, ""); await UploadTextAsync(file, fileText, Encoding.UTF8); } if (SASshare != null) { if ((permissions & SharedAccessFilePermissions.List) == SharedAccessFilePermissions.List) { var results = await SASshare.GetRootDirectoryReference().ListFilesAndDirectoriesSegmentedAsync(null); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => { var results = await SASshare.GetRootDirectoryReference().ListFilesAndDirectoriesSegmentedAsync(null /* maxResults */, null /* currentToken */, null /* options */, context); }, context, "List files while SAS does not allow for listing", HttpStatusCode.Forbidden, ""); } } if ((permissions & SharedAccessFilePermissions.Read) == SharedAccessFilePermissions.Read) { await SASfile.FetchAttributesAsync(); // Test headers if (headers != null) { if (headers.CacheControl != null) { Assert.AreEqual(headers.CacheControl, SASfile.Properties.CacheControl); } if (headers.ContentDisposition != null) { Assert.AreEqual(headers.ContentDisposition, SASfile.Properties.ContentDisposition); } if (headers.ContentEncoding != null) { Assert.AreEqual(headers.ContentEncoding, SASfile.Properties.ContentEncoding); } if (headers.ContentLanguage != null) { Assert.AreEqual(headers.ContentLanguage, SASfile.Properties.ContentLanguage); } if (headers.ContentType != null) { Assert.AreEqual(headers.ContentType, SASfile.Properties.ContentType); } } } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => await SASfile.FetchAttributesAsync(null /* accessCondition */, null /* options */, context), context, "Fetch file attributes while SAS does not allow for reading", HttpStatusCode.Forbidden, ""); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { await SASfile.SetMetadataAsync(); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => await SASfile.SetMetadataAsync(null /* accessCondition */, null /* options */, context), context, "Set file metadata while SAS does not allow for writing", HttpStatusCode.Forbidden, ""); } if ((permissions & SharedAccessFilePermissions.Delete) == SharedAccessFilePermissions.Delete) { await SASfile.DeleteAsync(); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async() => await SASfile.DeleteAsync(null /* accessCondition */, null /* options */, context), context, "Delete file while SAS does not allow for deleting", HttpStatusCode.Forbidden, ""); } }
public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string groupPolicyIdentifier, SharedAccessProtocol?protocols, IPAddressOrRange ipAddressOrRange) { throw new System.NotImplementedException(); }
public void CloudFileSASHeaders() { for (int i = 1; i < 8; i++) { CloudFile testFile = this.testShare.GetRootDirectoryReference().GetFileReference("file" + i); SharedAccessFilePermissions permissions = (SharedAccessFilePermissions)i; SharedAccessFileHeaders headers = new SharedAccessFileHeaders() { CacheControl = "no-transform", ContentDisposition = "attachment", ContentEncoding = "gzip", ContentLanguage = "tr,en", ContentType = "text/html" }; TestFileSAS(testFile, permissions, headers); } }
/// <summary> /// Returns a shared access signature for the file. /// </summary> /// <param name="policy">A <see cref="SharedAccessFilePolicy"/> object specifying the access policy for the shared access signature.</param> /// <param name="headers">A <see cref="SharedAccessFileHeaders"/> object specifying optional header values to set for a file accessed with this SAS.</param> /// <returns>A shared access signature, as a URI query string.</returns> public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers) { return(this.GetSharedAccessSignature(policy, headers, null /* groupPolicyIdentifier */)); }
private static void TestAccess(string sasToken, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers, CloudFileShare share, CloudFile file) { CloudFileShare SASshare = null; CloudFile SASfile; StorageCredentials credentials = string.IsNullOrEmpty(sasToken) ? new StorageCredentials() : new StorageCredentials(sasToken); string fileText = "file"; if (share != null) { SASshare = new CloudFileShare(credentials.TransformUri(share.Uri)); SASfile = SASshare.GetRootDirectoryReference().GetFileReference(file.Name); } else { SASfile = new CloudFile(credentials.TransformUri(file.Uri)); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { UploadText(SASfile, fileText, Encoding.UTF8); } else if ((permissions & SharedAccessFilePermissions.Create) == SharedAccessFilePermissions.Create) { SASfile.Create(Encoding.UTF8.GetBytes(fileText).Length); TestHelper.ExpectedException( () => UploadText(SASfile, fileText, Encoding.UTF8), "UploadText SAS does not allow for writing", HttpStatusCode.Forbidden); UploadText(file, fileText, Encoding.UTF8); } else { TestHelper.ExpectedException( () => SASfile.Create(Encoding.UTF8.GetBytes(fileText).Length), "Create file succeeded but SAS does not allow for writing/creating", HttpStatusCode.Forbidden); TestHelper.ExpectedException( () => UploadText(SASfile, fileText, Encoding.UTF8), "UploadText SAS does not allow for writing/creating", HttpStatusCode.Forbidden); UploadText(file, fileText, Encoding.UTF8); } if (SASshare != null) { if ((permissions & SharedAccessFilePermissions.List) == SharedAccessFilePermissions.List) { SASshare.GetRootDirectoryReference().ListFilesAndDirectories().ToArray(); } else { TestHelper.ExpectedException( () => SASshare.GetRootDirectoryReference().ListFilesAndDirectories().ToArray(), "List files while SAS does not allow for listing", HttpStatusCode.Forbidden); } } if ((permissions & SharedAccessFilePermissions.Read) == SharedAccessFilePermissions.Read) { SASfile.FetchAttributes(); // Test headers if (headers != null) { if (headers.CacheControl != null) { Assert.AreEqual(headers.CacheControl, SASfile.Properties.CacheControl); } if (headers.ContentDisposition != null) { Assert.AreEqual(headers.ContentDisposition, SASfile.Properties.ContentDisposition); } if (headers.ContentEncoding != null) { Assert.AreEqual(headers.ContentEncoding, SASfile.Properties.ContentEncoding); } if (headers.ContentLanguage != null) { Assert.AreEqual(headers.ContentLanguage, SASfile.Properties.ContentLanguage); } if (headers.ContentType != null) { Assert.AreEqual(headers.ContentType, SASfile.Properties.ContentType); } } } else { TestHelper.ExpectedException( () => SASfile.FetchAttributes(), "Fetch file attributes while SAS does not allow for reading", HttpStatusCode.Forbidden); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { SASfile.SetMetadata(); } else { TestHelper.ExpectedException( () => SASfile.SetMetadata(), "Set file metadata while SAS does not allow for writing", HttpStatusCode.Forbidden); } if ((permissions & SharedAccessFilePermissions.Delete) == SharedAccessFilePermissions.Delete) { SASfile.Delete(); } else { TestHelper.ExpectedException( () => SASfile.Delete(), "Delete file while SAS does not allow for deleting", HttpStatusCode.Forbidden); } }
/// <summary> /// Get the complete query builder for creating the Shared Access Signature query. /// </summary> /// <param name="policy">The shared access policy to hash.</param> /// <param name="headers">The optional header values to set for a file returned with this SAS.</param> /// <param name="accessPolicyIdentifier">An optional identifier for the policy.</param> /// <param name="resourceType">Either "f" for files or "s" for shares.</param> /// <param name="signature">The signature to use.</param> /// <param name="accountKeyName">The name of the key used to create the signature, or <c>null</c> if the key is implicit.</param> /// <param name="sasVersion">A string indicating the desired SAS version to use, in storage service version format.</param> /// <param name="protocols">The HTTP/HTTPS protocols for Account SAS.</param> /// <param name="ipAddressOrRange">The IP range for IPSAS.</param> /// <returns>The finished query builder.</returns> internal static UriQueryBuilder GetSignature( SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string accessPolicyIdentifier, string resourceType, string signature, string accountKeyName, string sasVersion, SharedAccessProtocol? protocols, IPAddressOrRange ipAddressOrRange) { CommonUtility.AssertNotNullOrEmpty("resourceType", resourceType); UriQueryBuilder builder = new UriQueryBuilder(); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedVersion, sasVersion); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedResource, resourceType); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedIdentifier, accessPolicyIdentifier); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedKey, accountKeyName); AddEscapedIfNotNull(builder, Constants.QueryConstants.Signature, signature); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedProtocols, GetProtocolString(protocols)); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedIP, ipAddressOrRange == null ? null : ipAddressOrRange.ToString()); if (policy != null) { AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedStart, GetDateTimeOrNull(policy.SharedAccessStartTime)); AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedExpiry, GetDateTimeOrNull(policy.SharedAccessExpiryTime)); string permissions = SharedAccessFilePolicy.PermissionsToString(policy.Permissions); if (!string.IsNullOrEmpty(permissions)) { AddEscapedIfNotNull(builder, Constants.QueryConstants.SignedPermissions, permissions); } } if (headers != null) { AddEscapedIfNotNull(builder, Constants.QueryConstants.CacheControl, headers.CacheControl); AddEscapedIfNotNull(builder, Constants.QueryConstants.ContentType, headers.ContentType); AddEscapedIfNotNull(builder, Constants.QueryConstants.ContentEncoding, headers.ContentEncoding); AddEscapedIfNotNull(builder, Constants.QueryConstants.ContentLanguage, headers.ContentLanguage); AddEscapedIfNotNull(builder, Constants.QueryConstants.ContentDisposition, headers.ContentDisposition); } return builder; }
/// <summary> /// Get the signature hash embedded inside the Shared Access Signature. /// </summary> /// <param name="policy">The shared access policy to hash.</param> /// <param name="headers">The optional header values to set for a file returned with this SAS.</param> /// <param name="accessPolicyIdentifier">An optional identifier for the policy.</param> /// <param name="resourceName">The canonical resource string, unescaped.</param> /// <param name="sasVersion">A string indicating the desired SAS version to use, in storage service version format.</param> /// <param name="protocols">The HTTP/HTTPS protocols for Account SAS.</param> /// <param name="ipAddressOrRange">The IP range for IPSAS.</param> /// <param name="keyValue">The key value retrieved as an atomic operation used for signing.</param> /// <returns>The signed hash.</returns> internal static string GetHash( SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string accessPolicyIdentifier, string resourceName, string sasVersion, SharedAccessProtocol? protocols, IPAddressOrRange ipAddressOrRange, byte[] keyValue) { CommonUtility.AssertNotNullOrEmpty("resourceName", resourceName); CommonUtility.AssertNotNull("keyValue", keyValue); CommonUtility.AssertNotNullOrEmpty("sasVersion", sasVersion); string permissions = null; DateTimeOffset? startTime = null; DateTimeOffset? expiryTime = null; if (policy != null) { permissions = SharedAccessFilePolicy.PermissionsToString(policy.Permissions); startTime = policy.SharedAccessStartTime; expiryTime = policy.SharedAccessExpiryTime; } //// StringToSign = signedpermissions + "\n" + //// signedstart + "\n" + //// signedexpiry + "\n" + //// canonicalizedresource + "\n" + //// signedidentifier + "\n" + //// signedIP + "\n" + //// signedProtocol + "\n" + //// signedversion + "\n" + //// cachecontrol + "\n" + //// contentdisposition + "\n" + //// contentencoding + "\n" + //// contentlanguage + "\n" + //// contenttype //// //// HMAC-SHA256(UTF8.Encode(StringToSign)) //// string cacheControl = null; string contentDisposition = null; string contentEncoding = null; string contentLanguage = null; string contentType = null; if (headers != null) { cacheControl = headers.CacheControl; contentDisposition = headers.ContentDisposition; contentEncoding = headers.ContentEncoding; contentLanguage = headers.ContentLanguage; contentType = headers.ContentType; } string stringToSign = string.Format( CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n{9}\n{10}\n{11}\n{12}", permissions, GetDateTimeOrEmpty(startTime), GetDateTimeOrEmpty(expiryTime), resourceName, accessPolicyIdentifier, ipAddressOrRange == null ? string.Empty : ipAddressOrRange.ToString(), GetProtocolString(protocols), sasVersion, cacheControl, contentDisposition, contentEncoding, contentLanguage, contentType); Logger.LogVerbose(null /* operationContext */, SR.TraceStringToSign, stringToSign); return CryptoUtility.ComputeHmac256(keyValue, stringToSign); }
private static async Task TestAccess(string sasToken, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers, CloudFileShare share, CloudFile file) { CloudFileShare SASshare = null; CloudFile SASfile; OperationContext context = new OperationContext(); StorageCredentials credentials = string.IsNullOrEmpty(sasToken) ? new StorageCredentials() : new StorageCredentials(sasToken); string fileText = "file"; if (share != null) { SASshare = new CloudFileShare(credentials.TransformUri(share.Uri)); SASfile = SASshare.GetRootDirectoryReference().GetFileReference(file.Name); } else { SASfile = new CloudFile(credentials.TransformUri(file.Uri)); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { await UploadTextAsync(SASfile, fileText, Encoding.UTF8); } else if ((permissions & SharedAccessFilePermissions.Create) == SharedAccessFilePermissions.Create) { await SASfile.CreateAsync(Encoding.UTF8.GetBytes(fileText).Length); context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await UploadTextAsync(SASfile, fileText, Encoding.UTF8, operationContext:context), context, "UploadText SAS does not allow for writing", HttpStatusCode.Forbidden, ""); await UploadTextAsync(file, fileText, Encoding.UTF8); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await SASfile.CreateAsync(Encoding.UTF8.GetBytes(fileText).Length, null /* accessCondition */, null /* options */, context), context, "Create file succeeded but SAS does not allow for writing/creating", HttpStatusCode.Forbidden, ""); context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await UploadTextAsync(SASfile, fileText, Encoding.UTF8, operationContext:context), context, "UploadText SAS does not allow for writing/creating", HttpStatusCode.Forbidden, ""); await UploadTextAsync(file, fileText, Encoding.UTF8); } if (SASshare != null) { if ((permissions & SharedAccessFilePermissions.List) == SharedAccessFilePermissions.List) { var results = await SASshare.GetRootDirectoryReference().ListFilesAndDirectoriesSegmentedAsync(null); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => { var results = await SASshare.GetRootDirectoryReference().ListFilesAndDirectoriesSegmentedAsync(null /* maxResults */, null /* currentToken */, null /* options */, context); }, context, "List files while SAS does not allow for listing", HttpStatusCode.Forbidden, ""); } } if ((permissions & SharedAccessFilePermissions.Read) == SharedAccessFilePermissions.Read) { await SASfile.FetchAttributesAsync(); // Test headers if (headers != null) { if (headers.CacheControl != null) { Assert.AreEqual(headers.CacheControl, SASfile.Properties.CacheControl); } if (headers.ContentDisposition != null) { Assert.AreEqual(headers.ContentDisposition, SASfile.Properties.ContentDisposition); } if (headers.ContentEncoding != null) { Assert.AreEqual(headers.ContentEncoding, SASfile.Properties.ContentEncoding); } if (headers.ContentLanguage != null) { Assert.AreEqual(headers.ContentLanguage, SASfile.Properties.ContentLanguage); } if (headers.ContentType != null) { Assert.AreEqual(headers.ContentType, SASfile.Properties.ContentType); } } } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await SASfile.FetchAttributesAsync(null /* accessCondition */, null /* options */, context), context, "Fetch file attributes while SAS does not allow for reading", HttpStatusCode.Forbidden, ""); } if ((permissions & SharedAccessFilePermissions.Write) == SharedAccessFilePermissions.Write) { await SASfile.SetMetadataAsync(); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await SASfile.SetMetadataAsync(null /* accessCondition */, null /* options */, context), context, "Set file metadata while SAS does not allow for writing", HttpStatusCode.Forbidden, ""); } if ((permissions & SharedAccessFilePermissions.Delete) == SharedAccessFilePermissions.Delete) { await SASfile.DeleteAsync(); } else { context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await SASfile.DeleteAsync(null /* accessCondition */, null /* options */, context), context, "Delete file while SAS does not allow for deleting", HttpStatusCode.Forbidden, ""); } }
private static async Task TestFileSAS(CloudFile testFile, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers) { SharedAccessFilePolicy policy = new SharedAccessFilePolicy() { SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5), SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30), Permissions = permissions, }; string sasToken = testFile.GetSharedAccessSignature(policy, headers, null); await TestAccess(sasToken, permissions, headers, null, testFile); }
public SharedAccessFileHeaders(SharedAccessFileHeaders sharedAccessFileHeaders) { throw new System.NotImplementedException(); }
/// <summary> /// Returns a shared access signature for the file. /// </summary> /// <param name="policy">A <see cref="SharedAccessFilePolicy"/> object specifying the access policy for the shared access signature.</param> /// <param name="headers">A <see cref="SharedAccessFileHeaders"/> object specifying optional header values to set for a file accessed with this SAS.</param> /// <returns>A shared access signature, as a URI query string.</returns> public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers) { return this.GetSharedAccessSignature(policy, headers, null /* groupPolicyIdentifier */); }
/// <summary> /// Returns a shared access signature for the file. /// </summary> /// <param name="policy">A <see cref="SharedAccessFilePolicy"/> object specifying the access policy for the shared access signature.</param> /// <param name="headers">A <see cref="SharedAccessFileHeaders"/> object specifying optional header values to set for a file accessed with this SAS.</param> /// <param name="groupPolicyIdentifier">A string identifying a stored access policy.</param> /// <returns>A shared access signature, as a URI query string.</returns> public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string groupPolicyIdentifier) { return(GetSharedAccessSignature(policy, headers, groupPolicyIdentifier, null, null)); }
/// <summary> /// Returns a shared access signature for the file. /// </summary> /// <param name="policy">A <see cref="SharedAccessFilePolicy"/> object specifying the access policy for the shared access signature.</param> /// <param name="headers">A <see cref="SharedAccessFileHeaders"/> object specifying optional header values to set for a file accessed with this SAS.</param> /// <param name="groupPolicyIdentifier">A string identifying a stored access policy.</param> /// <returns>A shared access signature, as a URI query string.</returns> public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string groupPolicyIdentifier) { return GetSharedAccessSignature(policy, headers, groupPolicyIdentifier, null, null); }
private static void TestFileSAS(CloudFile testFile, SharedAccessFilePermissions permissions, SharedAccessFileHeaders headers) { UploadText(testFile, "file", Encoding.UTF8); SharedAccessFilePolicy policy = new SharedAccessFilePolicy() { SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5), SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30), Permissions = permissions, }; string sasToken = testFile.GetSharedAccessSignature(policy, headers, null); TestAccess(sasToken, permissions, headers, null, testFile); }
/// <summary> /// Returns a shared access signature for the file. /// </summary> /// <param name="policy">A <see cref="SharedAccessFilePolicy"/> object specifying the access policy for the shared access signature.</param> /// <param name="headers">A <see cref="SharedAccessFileHeaders"/> object specifying optional header values to set for a file accessed with this SAS.</param> /// <param name="groupPolicyIdentifier">A string identifying a stored access policy.</param> /// <returns>A shared access signature, as a URI query string.</returns> public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string groupPolicyIdentifier) { if (!this.ServiceClient.Credentials.IsSharedKey) { string errorMessage = string.Format(CultureInfo.InvariantCulture, SR.CannotCreateSASWithoutAccountKey); throw new InvalidOperationException(errorMessage); } string resourceName = this.GetCanonicalName(); StorageAccountKey accountKey = this.ServiceClient.Credentials.Key; string signature = SharedAccessSignatureHelper.GetHash(policy, headers, groupPolicyIdentifier, resourceName, Constants.HeaderConstants.TargetStorageVersion, accountKey.KeyValue); UriQueryBuilder builder = SharedAccessSignatureHelper.GetSignature(policy, headers, groupPolicyIdentifier, "f", signature, accountKey.KeyName, Constants.HeaderConstants.TargetStorageVersion); return builder.ToString(); }
public string GetSharedAccessSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string groupPolicyIdentifier) { throw new System.NotImplementedException(); }