/// <summary>
        /// Get blob shared access signature
        /// </summary>
        /// <param name="blob">CloudBlob object</param>
        /// <param name="accessPolicy">SharedAccessBlobPolicy object</param>
        /// <param name="policyIdentifier">The existing policy identifier.</param>
        /// <returns></returns>
        private string GetBlobSharedAccessSignature(CloudBlob blob, SharedAccessBlobPolicy accessPolicy, string policyIdentifier, SharedAccessProtocol?protocol, IPAddressOrRange iPAddressOrRange, bool generateUserDelegationSas)
        {
            CloudBlobContainer container = blob.Container;

            if (generateUserDelegationSas)
            {
                Azure.Storage.UserDelegationKey userDelegationKey = Channel.GetUserDelegationKey(accessPolicy.SharedAccessStartTime, accessPolicy.SharedAccessExpiryTime, null, null, OperationContext);
                return(blob.GetUserDelegationSharedAccessSignature(userDelegationKey, accessPolicy, null, protocol, iPAddressOrRange));
            }
            else
            {
                return(blob.GetSharedAccessSignature(accessPolicy, null, policyIdentifier, protocol, iPAddressOrRange));
            }
        }
示例#2
0
        private static string GetBlobSasToken(CloudBlob blob)
        {
            if (null == blob.ServiceClient.Credentials ||
                (blob.ServiceClient.Credentials.IsAnonymous && !blob.ServiceClient.Credentials.IsToken))
            {
                return(string.Empty);
            }
            else if (blob.ServiceClient.Credentials.IsSAS)
            {
                return(blob.ServiceClient.Credentials.SASToken);
            }

            // SAS life time is at least 10 minutes.
            TimeSpan sasLifeTime = TimeSpan.FromMinutes(CopySASLifeTimeInMinutes);

            if (blob.ServiceClient.Credentials.IsToken)
            {
                sasLifeTime = TimeSpan.FromMinutes(CopySASLifeTimeInMinutesOauth);
            }

            SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
            {
                SharedAccessExpiryTime = DateTime.Now.Add(sasLifeTime),
                Permissions            = SharedAccessBlobPermissions.Read,
            };

            CloudBlob rootBlob = null;

            if (!blob.IsSnapshot)
            {
                rootBlob = blob;
            }
            else
            {
                rootBlob = Util.GetBlobReference(blob.Uri, blob.ServiceClient.Credentials, blob.BlobType);
            }
            if (!blob.ServiceClient.Credentials.IsToken) // not oauth, generated normal sas
            {
                return(rootBlob.GetSharedAccessSignature(policy));
            }
            else // oauth, generate identity sas
            {
                DateTimeOffset userDelegationKeyStartTime         = DateTime.Now;
                DateTimeOffset userDelegationKeyEndTime           = userDelegationKeyStartTime.AddMinutes(CopySASLifeTimeInMinutes);
                Azure.Storage.UserDelegationKey userDelegationKey = rootBlob.ServiceClient.GetUserDelegationKey(userDelegationKeyStartTime, userDelegationKeyEndTime);

                return(rootBlob.GetUserDelegationSharedAccessSignature(userDelegationKey, policy));
            }
        }