public AzureVMBackupBlobSasUris GenerateBlobSasUris(List <string> blobUris, CloudPageBlobObjectFactory cloudPageBlobObjectFactory)
{
AzureVMBackupBlobSasUris blobSASUris = new AzureVMBackupBlobSasUris();
for (int i = 0; i < blobUris.Count; i++)
{
string blobUri = blobUris[i];
BlobUri osBlobUri = null;
if (BlobUri.TryParseUri(new Uri(blobUri), out osBlobUri))
{
CloudPageBlob pageBlob = cloudPageBlobObjectFactory.Create(osBlobUri);
SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy();
sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(5);
sasConstraints.Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.List;
string sasUri = osBlobUri.Uri + pageBlob.GetSharedAccessSignature(sasConstraints);
blobSASUris.blobSASUri.Add(sasUri);
}
else
{
throw new AzureVMBackupException(AzureVMBackupErrorCodes.WrongBlobUriFormat, "the blob uri is not in correct format.");
}
}
return(blobSASUris);
}
private string CreateApplicationMediaLink(string rgName, string fileName)
{
string storageAccountName = ComputeManagementTestUtilities.GenerateName("saforgallery");
string asName = ComputeManagementTestUtilities.GenerateName("asforgallery");
StorageAccount storageAccountOutput = CreateStorageAccount(rgName, storageAccountName); // resource group is also created in this method.
string applicationMediaLink = @"https://saforgallery1969.blob.core.windows.net/sascontainer/test.txt\";
if (HttpMockServer.Mode == HttpRecorderMode.Record)
{
var accountKeyResult = m_SrpClient.StorageAccounts.ListKeysWithHttpMessagesAsync(rgName, storageAccountName).Result;
CloudStorageAccount storageAccount = new CloudStorageAccount(new StorageCredentials(storageAccountName, accountKeyResult.Body.Key1), useHttps: true);
var blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference("sascontainer");
bool created = container.CreateIfNotExistsAsync().Result;
CloudPageBlob pageBlob = container.GetPageBlobReference(fileName);
byte[] blobContent = Encoding.UTF8.GetBytes("Application Package Test");
byte[] bytes = new byte[512]; // Page blob must be multiple of 512
System.Buffer.BlockCopy(blobContent, 0, bytes, 0, blobContent.Length);
pageBlob.UploadFromByteArrayAsync(bytes, 0, bytes.Length);
SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy();
sasConstraints.SharedAccessStartTime = DateTime.UtcNow.AddDays(-1);
sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddDays(2);
sasConstraints.Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write;
//Generate the shared access signature on the blob, setting the constraints directly on the signature.
string sasContainerToken = pageBlob.GetSharedAccessSignature(sasConstraints);
//Return the URI string for the container, including the SAS token.
applicationMediaLink = pageBlob.Uri + sasContainerToken;
}
return(applicationMediaLink);
}
private string GetAzureVmSasUri(string vmImageName)
{
string mediaLinkUri = null;
Uri uri = null;
StorageManagementClient storageClient = null;
string storageAccountName = null;
StorageAccountGetKeysResponse getKeysResponse = null;
ErrorRecord er = null;
StorageCredentials credentials = null;
SharedAccessBlobPolicy accessPolicy = null;
CloudPageBlob pageBlob = null;
string sas = null;
mediaLinkUri = GetImageUri(vmImageName);
uri = new Uri(mediaLinkUri);
storageClient = new StorageManagementClient(this.Client.Credentials, this.Client.BaseUri);
storageAccountName = uri.Authority.Split('.')[0];
getKeysResponse = storageClient.StorageAccounts.GetKeys(storageAccountName);
if (getKeysResponse.StatusCode != System.Net.HttpStatusCode.OK)
{
er = RemoteAppCollectionErrorState.CreateErrorRecordFromString(
String.Format(Commands_RemoteApp.GettingStorageAccountKeyErrorFormat, getKeysResponse.StatusCode.ToString()),
String.Empty,
Client.TemplateImages,
ErrorCategory.ConnectionError
);
ThrowTerminatingError(er);
}
credentials = new StorageCredentials(storageAccountName, getKeysResponse.SecondaryKey);
accessPolicy = new SharedAccessBlobPolicy();
pageBlob = new CloudPageBlob(uri, credentials);
accessPolicy.Permissions = SharedAccessBlobPermissions.Read;
// Sometimes the clocks are 2-3 seconds fast and the SAS is not yet valid when the service tries to use it.
accessPolicy.SharedAccessStartTime = DateTime.UtcNow.AddMinutes(-5);
accessPolicy.SharedAccessExpiryTime = DateTime.UtcNow.AddHours(12);
sas = pageBlob.GetSharedAccessSignature(accessPolicy);
if (sas == null)
{
er = RemoteAppCollectionErrorState.CreateErrorRecordFromString(
Commands_RemoteApp.FailedToGetSasUriError,
String.Empty,
Client.TemplateImages,
ErrorCategory.ConnectionError
);
ThrowTerminatingError(er);
}
return(mediaLinkUri + sas);
}
public static string GetSASUri(string blobUrlRoot, string storageAccoutnName, string primaryKey, string container, string filename, TimeSpan persmissionDuration, SharedAccessBlobPermissions permissionType)
{
// Set the destination
string httpsBlobUrlRoot = string.Format("https:{0}", blobUrlRoot.Substring(blobUrlRoot.IndexOf('/')));
string vhdDestUri = httpsBlobUrlRoot + string.Format("{0}/{1}", container, filename);
var destinationBlob = new CloudPageBlob(new Uri(vhdDestUri), new StorageCredentials(storageAccoutnName, primaryKey));
var policy2 = new SharedAccessBlobPolicy()
{
Permissions = permissionType,
SharedAccessExpiryTime = DateTime.UtcNow.Add(persmissionDuration)
};
var destinationBlobToken2 = destinationBlob.GetSharedAccessSignature(policy2);
vhdDestUri += destinationBlobToken2;
return(vhdDestUri);
}
private string CreateSasUriWithPermission(string vhdName, int p)
{
// Set the destination
string vhdBlobName = string.Format("{0}/{1}.vhd", vhdContainerName, Utilities.GetUniqueShortName(Path.GetFileNameWithoutExtension(vhdName)));
string httpsBlobUrlRoot = string.Format("https:{0}", blobUrlRoot.Substring(blobUrlRoot.IndexOf('/')));
string vhdDestUri = httpsBlobUrlRoot + vhdBlobName;
var destinationBlob2 = new CloudPageBlob(new Uri(vhdDestUri), new StorageCredentials(storageAccountKey.StorageAccountName, storageAccountKey.Primary));
var policy2 = new SharedAccessBlobPolicy()
{
Permissions = (SharedAccessBlobPermissions)p,
SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromHours(1)
};
var destinationBlobToken2 = destinationBlob2.GetSharedAccessSignature(policy2);
vhdDestUri += destinationBlobToken2;
return vhdDestUri;
}
public AzureVMBackupBlobSasUris GenerateBlobSasUris(List <string> blobUris, IAzureContext azContext)
{
AzureVMBackupBlobSasUris blobSASUris = new AzureVMBackupBlobSasUris();
for (int i = 0; i < blobUris.Count; i++)
{
string blobUri = blobUris[i];
BlobUri osBlobUri = null;
if (BlobUri.TryParseUri(new Uri(blobUri), out osBlobUri))
{
StorageManagementClient storageClient = AzureSession.Instance.ClientFactory.CreateArmClient <StorageManagementClient>(azContext, AzureEnvironment.Endpoint.ResourceManager);
// Need to convert osBlobUri.StorageAccountName into corresponding resource group name
var listResponse = storageClient.StorageAccounts.List();
var account = listResponse.First(accTemp => accTemp.Name.Equals(osBlobUri.StorageAccountName, StringComparison.InvariantCultureIgnoreCase));
string resourceGroupName = GetResourceGroupFromId(account.Id);
StorageCredentialsFactory storageCredentialsFactory = new StorageCredentialsFactory(resourceGroupName, storageClient, azContext.Subscription);
CloudPageBlobObjectFactory cloudPageBlobObjectFactory = new CloudPageBlobObjectFactory(storageCredentialsFactory, TimeSpan.FromMinutes(1));
CloudPageBlob pageBlob = cloudPageBlobObjectFactory.Create(osBlobUri);
SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy();
sasConstraints.SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(5);
sasConstraints.Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.List;
string sasUri = osBlobUri.Uri + pageBlob.GetSharedAccessSignature(sasConstraints);
blobSASUris.blobSASUri.Add(sasUri);
blobSASUris.pageBlobUri.Add(blobUri);
blobSASUris.storageCredentialsFactory.Add(storageCredentialsFactory);
}
else
{
throw new AzureVMBackupException(AzureVMBackupErrorCodes.WrongBlobUriFormat, "the blob uri is not in correct format.");
}
}
return(blobSASUris);
}
static public string GenerateSasUri(string blobStorageEndpointFormat, string storageAccount, string storageAccountKey,
string blobContainer, string vhdName, int hours = 10, bool read = true, bool write = true, bool delete = true, bool list = true)
{
string destinationSasUri = string.Format(@blobStorageEndpointFormat, storageAccount) + string.Format("/{0}/{1}", blobContainer, vhdName);
var destinationBlob = new CloudPageBlob(new Uri(destinationSasUri), new StorageCredentials(storageAccount, storageAccountKey));
SharedAccessBlobPermissions permission = 0;
permission |= (read) ? SharedAccessBlobPermissions.Read : 0;
permission |= (write) ? SharedAccessBlobPermissions.Write : 0;
permission |= (delete) ? SharedAccessBlobPermissions.Delete : 0;
permission |= (list) ? SharedAccessBlobPermissions.List : 0;
var policy = new SharedAccessBlobPolicy()
{
Permissions = permission,
SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromHours(hours)
};
string destinationBlobToken = destinationBlob.GetSharedAccessSignature(policy);
return(destinationSasUri + destinationBlobToken);
}
/// <summary>
/// Get blob shared access signature
/// </summary>
/// <param name="blob">ICloudBlob object</param>
/// <param name="accessPolicy">SharedAccessBlobPolicy object</param>
/// <param name="policyIdentifier">The existing policy identifier.</param>
/// <returns></returns>
private string GetBlobSharedAccessSignature(ICloudBlob blob, SharedAccessBlobPolicy accessPolicy, string policyIdentifier)
{
CloudBlobContainer container = blob.Container;
string signature = String.Empty;
switch (blob.BlobType)
{
case BlobType.BlockBlob:
CloudBlockBlob blockBlob = blob as CloudBlockBlob;
signature = blockBlob.GetSharedAccessSignature(accessPolicy, policyIdentifier);
break;
case BlobType.PageBlob:
CloudPageBlob pageBlob = blob as CloudPageBlob;
signature = pageBlob.GetSharedAccessSignature(accessPolicy, policyIdentifier);
break;
default:
throw new ArgumentException(Resources.UnknownBlob);
}
return(signature);
}
