internal BlobContainer(BlobServiceClient blobClient, string containerName, StorageSharedKeyCredential key)
{
key_ = key;
CloudContainer = blobClient.GetBlobContainerClient(containerName);
}
public async Task TraverseAsync()
{
// Create a temporary Lorem Ipsum file on disk that we can upload
string originalPath = CreateTempFile(SampleFileContent);
// Make StorageSharedKeyCredential to pass to the serviceClient
string storageAccountName = StorageAccountName;
string storageAccountKey = StorageAccountKey;
Uri serviceUri = StorageAccountBlobUri;
StorageSharedKeyCredential sharedKeyCredential = new StorageSharedKeyCredential(storageAccountName, storageAccountKey);
// Create DataLakeServiceClient using StorageSharedKeyCredentials
DataLakeServiceClient serviceClient = new DataLakeServiceClient(serviceUri, sharedKeyCredential);
// Get a reference to a filesystem named "sample-filesystem-traverseasync" and then create it
DataLakeFileSystemClient filesystem = serviceClient.GetFileSystemClient(Randomize("sample-filesystem-traverse"));
await filesystem.CreateAsync();
try
{
// Create a bunch of directories and files within the directories
DataLakeDirectoryClient first = await filesystem.CreateDirectoryAsync("first");
await first.CreateSubDirectoryAsync("a");
await first.CreateSubDirectoryAsync("b");
DataLakeDirectoryClient second = await filesystem.CreateDirectoryAsync("second");
await second.CreateSubDirectoryAsync("c");
await second.CreateSubDirectoryAsync("d");
await filesystem.CreateDirectoryAsync("third");
DataLakeDirectoryClient fourth = await filesystem.CreateDirectoryAsync("fourth");
DataLakeDirectoryClient deepest = await fourth.CreateSubDirectoryAsync("e");
// Upload a DataLake file named "file"
DataLakeFileClient file = deepest.GetFileClient("file");
await file.CreateAsync();
using (FileStream stream = File.OpenRead(originalPath))
{
await file.AppendAsync(stream, 0);
}
// Keep track of all the names we encounter
List <string> names = new List <string>();
await foreach (PathItem pathItem in filesystem.ListPathsAsync(recursive: true))
{
names.Add(pathItem.Name);
}
// Verify we've seen everything
Assert.AreEqual(10, names.Count);
Assert.Contains("first", names);
Assert.Contains("second", names);
Assert.Contains("third", names);
Assert.Contains("fourth", names);
Assert.Contains("first/a", names);
Assert.Contains("first/b", names);
Assert.Contains("second/c", names);
Assert.Contains("second/d", names);
Assert.Contains("fourth/e", names);
Assert.Contains("fourth/e/file", names);
}
finally
{
// Clean up after the test when we're finished
await filesystem.DeleteAsync();
}
}
public ShareServiceClient GetServiceClient_FileServiceSasFile(string shareName, string filePath, StorageSharedKeyCredential sharedKeyCredentials = default, SasQueryParameters sasCredentials = default)
=> InstrumentClient(
new ShareServiceClient(
new Uri($"{TestConfigDefault.FileServiceEndpoint}?{sasCredentials ?? GetNewFileServiceSasCredentialsFile(shareName, filePath, sharedKeyCredentials ?? GetNewSharedKeyCredentials())}"),
GetOptions()));
public BlobSasQueryParameters GetNewBlobServiceSasCredentialsSnapshot(string containerName, string blobName, string snapshot, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new BlobSasBuilder
{
BlobContainerName = containerName,
BlobName = blobName,
Snapshot = snapshot,
Protocol = SasProtocol.None,
StartsOn = Tenants.Recording.UtcNow.AddHours(-1),
ExpiresOn = Tenants.Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None),
};
builder.SetPermissions(SnapshotSasPermissions.All);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? Tenants.GetNewSharedKeyCredentials()));
}
/// <summary>
/// Initializes a new instance of the <see cref="DataLakeDirectoryClient"/>
/// class.
/// </summary>
/// <param name="directoryUri">
/// A <see cref="Uri"/> referencing the directory that includes the
/// name of the account, the name of the file system, and the path of the
/// directory.
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
public DataLakeDirectoryClient(Uri directoryUri, StorageSharedKeyCredential credential)
: this(directoryUri, credential.AsPolicy(), null)
{
}
public DataLakeSasQueryParameters GetNewDataLakeServiceSasCredentialsPath(string fileSystemName, string path, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new DataLakeSasBuilder
{
FileSystemName = fileSystemName,
Path = path,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None)
};
builder.SetPermissions(
DataLakeSasPermissions.Read |
DataLakeSasPermissions.Add |
DataLakeSasPermissions.Create |
DataLakeSasPermissions.Delete |
DataLakeSasPermissions.Write);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? GetNewSharedKeyCredentials()));
}
public BlobSasQueryParameters GetNewBlobServiceSasCredentialsContainer(string containerName, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = GetBlobSasBuilder(containerName);
builder.SetPermissions(BlobContainerSasPermissions.All);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? Tenants.GetNewSharedKeyCredentials()));
}
/// <summary>
/// Initializes a new instance of the <see cref="BlobChangeFeedClient"/>
/// class.
/// </summary>
/// <param name="serviceUri">
/// A <see cref="Uri"/> referencing the blob service.
/// This is likely to be similar to "https://{account_name}.blob.core.windows.net".
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
/// <param name="options">
/// Optional client options that define the transport pipeline
/// policies for authentication, retries, etc., that are applied to
/// every request.
/// </param>
public BlobChangeFeedClient(Uri serviceUri, StorageSharedKeyCredential credential, BlobClientOptions options = default)
{
_blobServiceClient = new BlobServiceClient(serviceUri, credential, options);
}
public QueueServiceClient GetServiceClient_QueueServiceSas(string queueName, StorageSharedKeyCredential sharedKeyCredentials = default, SasQueryParameters sasCredentials = default)
=> InstrumentClient(
new QueueServiceClient(
new Uri($"{TestConfigDefault.QueueServiceEndpoint}?{sasCredentials ?? GetNewQueueServiceSasCredentials(queueName, sharedKeyCredentials ?? GetNewSharedKeyCredentials())}"),
GetOptions()));
private string GetContainerSASWithLighthouse(BlobServiceClient service, string storageAccount,
string storageContainer, string blobName, StorageSharedKeyCredential credential)
{
BlobSasBuilder blobSasBuilder;
BlobContainerClient container = service.GetBlobContainerClient(storageContainer);
BlobContainerAccessPolicy policy = container.GetAccessPolicy();
BlobSignedIdentifier blobSignedIdentifier = policy.SignedIdentifiers.FirstOrDefault(x => x.Id == "expiresapr");
// if stored access policy exists, use it, otherwise, specify permissions
if (blobSignedIdentifier != null)
{
blobSasBuilder = new BlobSasBuilder
{
BlobContainerName = storageContainer,
Identifier = blobSignedIdentifier.Id
};
/* load test how fast we can generate SAS token
* for (int ii = 0; ii < 100000; ++ii )
* {
* var blobSas = new BlobSasBuilder
* {
* BlobContainerName = storageContainer,
* BlobName = "abc" + ii,
* Identifier = blobSignedIdentifier.Id
* };
* var param = blobSas.ToSasQueryParameters(credential).ToString();
* }*/
}
else
{
DateTimeOffset expiresOn = DateTimeOffset.UtcNow.AddHours(2);
blobSasBuilder = new BlobSasBuilder
{
BlobContainerName = storageContainer,
ExpiresOn = expiresOn,
};
blobSasBuilder.SetPermissions(
BlobContainerSasPermissions.Read |
BlobContainerSasPermissions.Create |
BlobContainerSasPermissions.List);
}
var sasQueryParameters = blobSasBuilder.ToSasQueryParameters(credential).ToString();
String uri = String.IsNullOrEmpty(blobName) ?
String.Format("https://{0}.blob.core.windows.net/{1}?restype=container&comp=list&{2}",
storageAccount,
storageContainer,
sasQueryParameters.ToString()) :
String.Format("https://{0}.blob.core.windows.net/{1}/{2}?{3}",
storageAccount,
storageContainer,
blobName,
sasQueryParameters.ToString());
return(uri);
}
public AzureDataLakeStorage(BlobServiceClient blobServiceClient, string accountName, StorageSharedKeyCredential sasSigningCredentials = null, string containerName = null) : base(blobServiceClient, accountName, sasSigningCredentials, containerName)
{
_extended = new ExtendedSdk(blobServiceClient, accountName);
}
internal static new string ComputeSasSignature(StorageSharedKeyCredential credential, string message) => StorageSharedKeyCredential.ComputeSasSignature(credential, message);
/// <summary>
/// Configures the data protection system to persist keys to the specified path
/// in Azure Blob Storage.
/// </summary>
/// <param name="builder">The builder instance to modify.</param>
/// <param name="sasUri">The full URI where the key file should be stored.
/// The URI must contain the SAS token as a query string parameter.</param>
/// <param name="sharedKeyCredential">The credentials to connect to the blob.</param>
/// <returns>The value <paramref name="builder"/>.</returns>
/// <remarks>
/// The container referenced by <paramref name="blobUri"/> must already exist.
/// </remarks>
public static IDataProtectionBuilder PersistKeysToAzureBlobStorage(this IDataProtectionBuilder builder, Uri blobUri, StorageSharedKeyCredential sharedKeyCredential)
{
if (builder == null)
{
throw new ArgumentNullException(nameof(builder));
}
if (blobUri == null)
{
throw new ArgumentNullException(nameof(blobUri));
}
if (sharedKeyCredential == null)
{
throw new ArgumentNullException(nameof(sharedKeyCredential));
}
var client = new BlobClient(blobUri, sharedKeyCredential);
return(PersistKeysToAzureBlobStorage(builder, client));
}
internal BlobContainer(BlobServiceClient blobClient, string containerName, bool ensureExists, StorageSharedKeyCredential key) : this(blobClient, containerName, key)
{
var exists = CloudContainer.ExistsAsync().Result;
if (!exists)
{
if (ensureExists)
{
CloudContainer.CreateIfNotExistsAsync().Wait();
}
else
{
throw new Exception($"container does not exist and creation not allowed. name:[{containerName}]");
}
}
}
/// <summary>
/// Initializes a new instance of the <see cref="QueueServiceClient"/>
/// class.
/// </summary>
/// <param name="serviceUri">
/// A <see cref="Uri"/> referencing the queue service.
/// This is likely to be similar to "https://{account_name}.queue.core.windows.net".
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
/// <param name="options">
/// Optional client options that define the transport pipeline
/// policies for authentication, retries, etc., that are applied to
/// every request.
/// </param>
public QueueServiceClient(Uri serviceUri, StorageSharedKeyCredential credential, QueueClientOptions options = default)
: this(serviceUri, credential.AsPolicy(), options)
{
}
public BlobService(BlobServiceClient client, StorageSharedKeyCredential credential)
{
Client = client;
Credential = credential;
}
public DataLakeSasQueryParameters GetNewDataLakeServiceSasCredentialsFileSystem(string fileSystemName, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new DataLakeSasBuilder
{
FileSystemName = fileSystemName,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None)
};
builder.SetPermissions(DataLakeFileSystemSasPermissions.All);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? Tenants.GetNewHnsSharedKeyCredentials()));
}
/// <summary>
/// Initializes a new instance of the <see cref="DataLakeServiceClient"/>
/// class.
/// </summary>
/// <param name="serviceUri">
/// A <see cref="Uri"/> referencing the Data Lake service.
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
public DataLakeServiceClient(Uri serviceUri, StorageSharedKeyCredential credential)
: this(serviceUri, credential.AsPolicy(), null)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="BlobClient"/>
/// class.
/// </summary>
/// <param name="blobUri">
/// A <see cref="Uri"/> referencing the blob that includes the
/// name of the account, the name of the container, and the name of
/// the blob.
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
/// <param name="options">
/// Optional client options that define the transport pipeline
/// policies for authentication, retries, etc., that are applied to
/// every request.
/// </param>
public BlobClient(Uri blobUri, StorageSharedKeyCredential credential, BlobClientOptions options = default)
: base(blobUri, credential, options)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="DataLakeServiceClient"/>
/// class.
/// </summary>
/// <param name="serviceUri">
/// A <see cref="Uri"/> referencing the Data Lake service.
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
/// <param name="options">
/// Optional client options that define the transport pipeline
/// policies for authentication, retries, etc., that are applied to
/// every request.
/// </param>
public DataLakeServiceClient(Uri serviceUri, StorageSharedKeyCredential credential, DataLakeClientOptions options)
: this(serviceUri, credential.AsPolicy(), options)
{
}
public BlobSasQueryParameters GetNewBlobServiceSasCredentialsBlob(string containerName, string blobName, StorageSharedKeyCredential sharedKeyCredentials = default)
{
BlobSasBuilder builder = GetBlobSasBuilder(containerName, blobName);
builder.SetPermissions(
BlobSasPermissions.Read |
BlobSasPermissions.Add |
BlobSasPermissions.Create |
BlobSasPermissions.Delete |
BlobSasPermissions.Write);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? Tenants.GetNewSharedKeyCredentials()));
}
public IAzureBlobCredentialConfiguration Credential(StorageSharedKeyCredential credential)
{
_sharedKeyCredential = credential;
return(this);
}
/// <summary>
/// Initializes a new instance of the <see cref="DataLakeDirectoryClient"/>
/// class.
/// </summary>
/// <param name="directoryUri">
/// A <see cref="Uri"/> referencing the directory that includes the
/// name of the account, the name of the file system, and the path of the
/// directory.
/// </param>
/// <param name="credential">
/// The shared key credential used to sign requests.
/// </param>
/// <param name="options">
/// Optional client options that define the transport pipeline
/// policies for authentication, retries, etc., that are applied to
/// every request.
/// </param>
public DataLakeDirectoryClient(Uri directoryUri, StorageSharedKeyCredential credential, DataLakeClientOptions options)
: this(directoryUri, credential.AsPolicy(), options)
{
}
public async Task SasBuilderIdentifier()
{
string accountName = StorageAccountName;
string accountKey = StorageAccountKey;
string containerName = Randomize("sample-container");
string blobName = Randomize("sample-blob");
StorageSharedKeyCredential sharedKeyCredential = new StorageSharedKeyCredential(StorageAccountName, StorageAccountKey);
// setup blob
var container = new BlobContainerClient(ConnectionString, containerName);
try
{
await container.CreateAsync();
await container.GetBlobClient(blobName).UploadAsync(BinaryData.FromString("hello world"));
// Create one or more stored access policies.
List <BlobSignedIdentifier> signedIdentifiers = new List <BlobSignedIdentifier>
{
new BlobSignedIdentifier
{
Id = "mysignedidentifier",
AccessPolicy = new BlobAccessPolicy
{
StartsOn = DateTimeOffset.UtcNow.AddHours(-1),
ExpiresOn = DateTimeOffset.UtcNow.AddDays(1),
Permissions = "rw"
}
}
};
// Set the container's access policy.
await container.SetAccessPolicyAsync(permissions : signedIdentifiers);
#region Snippet:SampleSnippetsBlobMigration_SasBuilderIdentifier
// Create BlobSasBuilder and specify parameters
BlobSasBuilder sasBuilder = new BlobSasBuilder()
{
BlobContainerName = containerName,
BlobName = blobName,
Identifier = "mysignedidentifier"
};
#endregion
// Create full, self-authenticating URI to the resource
BlobUriBuilder uriBuilder = new BlobUriBuilder(StorageAccountBlobUri)
{
BlobContainerName = containerName,
BlobName = blobName,
Sas = sasBuilder.ToSasQueryParameters(sharedKeyCredential)
};
Uri sasUri = uriBuilder.ToUri();
// successful download indicates pass
await new BlobClient(sasUri).DownloadToAsync(new MemoryStream());
}
finally
{
await container.DeleteIfExistsAsync();
}
}
/// <summary>
/// Registers a <see cref="QueueServiceClient"/> instance with the provided <paramref name="serviceUri"/> and <paramref name="sharedKeyCredential"/>
/// </summary>
public static IAzureClientBuilder <QueueServiceClient, QueueClientOptions> AddQueueServiceClient <TBuilder>(this TBuilder builder, Uri serviceUri, StorageSharedKeyCredential sharedKeyCredential)
where TBuilder : IAzureClientFactoryBuilder
{
return(builder.RegisterClientFactory <QueueServiceClient, QueueClientOptions>(options => new QueueServiceClient(serviceUri, sharedKeyCredential, options)));
}
public BlobSasQueryParameters GetNewBlobServiceSasCredentialsSnapshot(string containerName, string blobName, string snapshot, StorageSharedKeyCredential sharedKeyCredentials = default)
=> new BlobSasBuilder
{
ContainerName = containerName,
BlobName = blobName,
Snapshot = snapshot,
Protocol = SasProtocol.None,
StartTime = this.Recording.UtcNow.AddHours(-1),
ExpiryTime = this.Recording.UtcNow.AddHours(+1),
Permissions = new SnapshotSasPermissions {
Read = true, Write = true, Delete = true
}.ToString(),
IPRange = new IPRange(IPAddress.None, IPAddress.None)
}
.ToSasQueryParameters(sharedKeyCredentials ?? this.GetNewSharedKeyCredentials());
public ShareServiceClient GetServiceClient_AccountSas(StorageSharedKeyCredential sharedKeyCredentials = default, SasQueryParameters sasCredentials = default)
=> InstrumentClient(
new ShareServiceClient(
new Uri($"{TestConfigDefault.FileServiceEndpoint}?{sasCredentials ?? GetNewAccountSasCredentials(sharedKeyCredentials ?? GetNewSharedKeyCredentials())}"),
GetOptions()));
public BlobSasQueryParameters GetNewBlobServiceSasCredentialsBlob(string containerName, string blobName, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new BlobSasBuilder
{
BlobContainerName = containerName,
BlobName = blobName,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None),
Version = ToSasVersion(_serviceVersion)
};
builder.SetPermissions(
BlobSasPermissions.Read |
BlobSasPermissions.Add |
BlobSasPermissions.Create |
BlobSasPermissions.Delete |
BlobSasPermissions.Write);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? GetNewSharedKeyCredentials()));
}
public SasQueryParameters GetNewFileServiceSasCredentialsFile(string shareName, string filePath, StorageSharedKeyCredential sharedKeyCredentials = default)
{
var builder = new ShareSasBuilder
{
ShareName = shareName,
FilePath = filePath,
Protocol = SasProtocol.None,
StartsOn = Recording.UtcNow.AddHours(-1),
ExpiresOn = Recording.UtcNow.AddHours(+1),
IPRange = new SasIPRange(IPAddress.None, IPAddress.None)
};
builder.SetPermissions(ShareFileSasPermissions.All);
return(builder.ToSasQueryParameters(sharedKeyCredentials ?? GetNewSharedKeyCredentials()));
}
/// <summary> /// Create a new SharedKeyPipelinePolicy /// </summary> /// <param name="credentials">SharedKeyCredentials to authenticate requests.</param> public StorageSharedKeyPipelinePolicy(StorageSharedKeyCredential credentials) => this._credentials = credentials;
