/// <summary>
/// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
/// shared access signature values to produce the proper SAS query
/// parameters for authenticating requests.
/// </summary>
/// <param name="sharedKeyCredential">
/// The storage account's <see cref="StorageSharedKeyCredential"/>.
/// </param>
/// <returns>
/// The <see cref="SasQueryParameters"/> used for authenticating
/// requests.
/// </returns>
public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
// https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
if (this.ExpiryTime == default || String.IsNullOrEmpty(this.Permissions) || String.IsNullOrEmpty(this.ResourceTypes) || String.IsNullOrEmpty(this.Services))
{
throw Errors.AccountSasMissingData();
}
if (String.IsNullOrEmpty(this.Version))
{
this.Version = SasQueryParameters.DefaultSasVersion;
}
// Make sure the permission characters are in the correct order
this.Permissions = AccountSasPermissions.Parse(this.Permissions).ToString();
var startTime = SasQueryParameters.FormatTimesForSasSigning(this.StartTime);
var expiryTime = SasQueryParameters.FormatTimesForSasSigning(this.ExpiryTime);
// String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
var stringToSign = String.Join("\n",
sharedKeyCredential.AccountName,
this.Permissions,
this.Services,
this.ResourceTypes,
startTime,
expiryTime,
this.IPRange.ToString(),
this.Protocol.ToString(),
this.Version,
""); // That's right, the account SAS requires a terminating extra newline
var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
var p = new SasQueryParameters(
this.Version,
this.Services,
this.ResourceTypes,
this.Protocol,
this.StartTime,
this.ExpiryTime,
this.IPRange,
null, // Identifier
null, // Resource
this.Permissions,
signature);
return(p);
}
/// <summary>
/// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this
/// shared access signature values to produce the proper SAS query
/// parameters for authenticating requests.
/// </summary>
/// <param name="sharedKeyCredential">
/// The storage account's <see cref="StorageSharedKeyCredential"/>.
/// </param>
/// <returns>
/// The <see cref="SasQueryParameters"/> used for authenticating
/// requests.
/// </returns>
public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
// https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
if (ExpiresOn == default || string.IsNullOrEmpty(Permissions) || ResourceTypes == default || Services == default)
{
throw Errors.AccountSasMissingData();
}
Version = SasQueryParametersInternals.DefaultSasVersionInternal;
string startTime = SasExtensions.FormatTimesForSasSigning(StartsOn);
string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn);
// String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
string stringToSign = string.Join("\n",
sharedKeyCredential.AccountName,
Permissions,
Services.ToPermissionsString(),
ResourceTypes.ToPermissionsString(),
startTime,
expiryTime,
IPRange.ToString(),
Protocol.ToProtocolString(),
Version,
EncryptionScope,
string.Empty); // That's right, the account SAS requires a terminating extra newline
string signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
SasQueryParameters p = SasQueryParametersInternals.Create(
Version,
Services,
ResourceTypes,
Protocol,
StartsOn,
ExpiresOn,
IPRange,
identifier: null,
resource: null,
Permissions,
signature,
encryptionScope: EncryptionScope);
return(p);
}
