public override string SanitizeTextBody(string contentType, string body)
{
if (contentType.Contains("urlencoded"))
{
try
{
// If it's been URL encoded, make sure it doesn't contain
// a client_secret
var builder = new UriBuilder()
{
Query = body
};
var query = new UriQueryParamsCollection(body);
if (query.ContainsKey("client_secret"))
{
query["client_secret"] = SanitizeValue;
}
return(query.ToString());
}
catch
{
}
}
// If anything goes wrong, don't sanitize
return(body);
}
public string SanitizeQueryParameters(string queryParameters)
{
var query = new UriQueryParamsCollection(queryParameters);
if (query.ContainsKey(SignatureQueryName))
{
query[SignatureQueryName] = SanitizeValue;
}
return(query.ToString());
}
/// <summary>
/// Creates and initializes a SASQueryParameters object based on the
/// query parameter map's passed-in values. If deleteSASParametersFromValues is true,
/// all SAS-related query parameters are removed from the passed-in map. If
/// deleteSASParametersFromValues is false, the map passed-in map is unaltered.
/// </summary>
/// <param name="values"></param>
internal SasQueryParameters(UriQueryParamsCollection values)
{
// make copy, otherwise we'll get an exception when we remove
IEnumerable <KeyValuePair <string, string> > kvps = values.ToArray();;
foreach (var kv in kvps)
{
// these are already decoded
var isSASKey = true;
switch (kv.Key.ToUpperInvariant())
{
case Constants.Sas.Parameters.VersionUpper: this.version = kv.Value; break;
case Constants.Sas.Parameters.ServicesUpper: this.services = kv.Value; break;
case Constants.Sas.Parameters.ResourceTypesUpper: this.resourceTypes = kv.Value; break;
case Constants.Sas.Parameters.ProtocolUpper: this.protocol = SasProtocol.Parse(kv.Value); break;
case Constants.Sas.Parameters.StartTimeUpper: this.startTime = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.ExpiryTimeUpper: this.expiryTime = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.IPRangeUpper: this.ipRange = IPRange.Parse(kv.Value); break;
case Constants.Sas.Parameters.IdentifierUpper: this.identifier = kv.Value; break;
case Constants.Sas.Parameters.ResourceUpper: this.resource = kv.Value; break;
case Constants.Sas.Parameters.PermissionsUpper: this.permissions = kv.Value; break;
case Constants.Sas.Parameters.SignatureUpper: this.signature = kv.Value; break;
#if BlobSDK
case Constants.Sas.Parameters.KeyOidUpper: this.keyOid = kv.Value; break;
case Constants.Sas.Parameters.KeyTidUpper: this.keyTid = kv.Value; break;
case Constants.Sas.Parameters.KeyStartUpper: this.keyStart = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.KeyExpiryUpper: this.keyExpiry = DateTimeOffset.ParseExact(kv.Value, TimeFormat, CultureInfo.InvariantCulture); break;
case Constants.Sas.Parameters.KeyServiceUpper: this.keyService = kv.Value; break;
case Constants.Sas.Parameters.KeyVersionUpper: this.keyVersion = kv.Value; break;
#endif
default: isSASKey = false; break; // We didn't recognize the query parameter
}
if (isSASKey)
{
values.Remove(kv.Key);
}
}
}
public override string SanitizeUri(string uri)
{
var builder = new UriBuilder(base.SanitizeUri(uri));
var query = new UriQueryParamsCollection(builder.Query);
if (query.ContainsKey(SignatureQueryName))
{
query[SignatureQueryName] = SanitizeValue;
builder.Query = query.ToString();
}
return(builder.Uri.ToString());
}
/// <summary>
/// Creates a new instance of the <see cref="SasQueryParameters"/> type
/// based on the supplied query parameters <paramref name="values"/>.
/// All SAS-related query parameters will be removed from
/// <paramref name="values"/>.
/// </summary>
/// <param name="values">URI query parameters</param>
/// <param name="includeBlobParameters">
/// Optional flag indicating whether to process blob-specific query
/// parameters. The default value is false.
/// </param>
internal SasQueryParameters(
UriQueryParamsCollection values,
bool includeBlobParameters = false)
{
// make copy, otherwise we'll get an exception when we remove
IEnumerable <KeyValuePair <string, string> > kvps = values.ToArray();
foreach (KeyValuePair <string, string> kv in kvps)
{
// these are already decoded
var isSasKey = true;
switch (kv.Key.ToUpperInvariant())
{
case Constants.Sas.Parameters.VersionUpper:
_version = kv.Value;
break;
case Constants.Sas.Parameters.ServicesUpper:
_services = SasExtensions.ParseAccountServices(kv.Value);
break;
case Constants.Sas.Parameters.ResourceTypesUpper:
_resourceTypes = SasExtensions.ParseResourceTypes(kv.Value);
break;
case Constants.Sas.Parameters.ProtocolUpper:
_protocol = SasExtensions.ParseProtocol(kv.Value);
break;
case Constants.Sas.Parameters.StartTimeUpper:
_startTime = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
break;
case Constants.Sas.Parameters.ExpiryTimeUpper:
_expiryTime = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
break;
case Constants.Sas.Parameters.IPRangeUpper:
_ipRange = SasIPRange.Parse(kv.Value);
break;
case Constants.Sas.Parameters.IdentifierUpper:
_identifier = kv.Value;
break;
case Constants.Sas.Parameters.ResourceUpper:
_resource = kv.Value;
break;
case Constants.Sas.Parameters.PermissionsUpper:
_permissions = kv.Value;
break;
case Constants.Sas.Parameters.SignatureUpper:
_signature = kv.Value;
break;
case Constants.Sas.Parameters.CacheControlUpper:
_cacheControl = kv.Value;
break;
case Constants.Sas.Parameters.ContentDispositionUpper:
_contentDisposition = kv.Value;
break;
case Constants.Sas.Parameters.ContentEncodingUpper:
_contentEncoding = kv.Value;
break;
case Constants.Sas.Parameters.ContentLanguageUpper:
_contentLanguage = kv.Value;
break;
case Constants.Sas.Parameters.ContentTypeUpper:
_contentType = kv.Value;
break;
// Optionally include Blob parameters
case Constants.Sas.Parameters.KeyObjectIdUpper:
if (includeBlobParameters)
{
_keyObjectId = kv.Value;
}
else
{
isSasKey = false;
}
break;
case Constants.Sas.Parameters.KeyTenantIdUpper:
if (includeBlobParameters)
{
_keyTenantId = kv.Value;
}
else
{
isSasKey = false;
}
break;
case Constants.Sas.Parameters.KeyStartUpper:
if (includeBlobParameters)
{
_keyStart = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
}
else
{
isSasKey = false;
}
break;
case Constants.Sas.Parameters.KeyExpiryUpper:
if (includeBlobParameters)
{
_keyExpiry = DateTimeOffset.ParseExact(kv.Value, Constants.SasTimeFormat, CultureInfo.InvariantCulture);
}
else
{
isSasKey = false;
}
break;
case Constants.Sas.Parameters.KeyServiceUpper:
if (includeBlobParameters)
{
_keyService = kv.Value;
}
else
{
isSasKey = false;
}
break;
case Constants.Sas.Parameters.KeyVersionUpper:
if (includeBlobParameters)
{
_keyVersion = kv.Value;
}
else
{
isSasKey = false;
}
break;
// We didn't recognize the query parameter
default:
isSasKey = false;
break;
}
// Remove the query parameter if it's part of the SAS
if (isSasKey)
{
values.Remove(kv.Key);
}
}
}
public override string SanitizeTextBody(string contentType, string body)
{
if (contentType.Contains("json"))
{
try
{
// Check for auth calls to readact any access tokens
var reader = new Utf8JsonReader(Encoding.UTF8.GetBytes(body).AsSpan(), true, new JsonReaderState());
if (JsonDocument.TryParseValue(ref reader, out JsonDocument doc) &&
doc.RootElement.GetProperty("token_type").GetString() == "Bearer")
{
// If we found an auth call, sanitize it
using (var stream = new System.IO.MemoryStream())
{
using (var writer = new Utf8JsonWriter(stream))
{
writer.WriteStartObject();
foreach (JsonProperty property in doc.RootElement.EnumerateObject())
{
switch (doc.RootElement.GetProperty(property.Name).ValueKind)
{
case JsonValueKind.Null:
writer.WriteNull(property.Name);
break;
case JsonValueKind.True:
writer.WriteBoolean(property.Name, true);
break;
case JsonValueKind.False:
writer.WriteBoolean(property.Name, false);
break;
case JsonValueKind.Number:
writer.WriteNumber(property.Name, property.Value.GetDouble());
break;
case JsonValueKind.String:
writer.WriteString(
property.Name,
property.Name == "access_token" ?
SanitizeValue :
property.Value.GetString());
break;
// Ignore nested objects and arrays...
}
}
writer.WriteEndObject();
}
return(Encoding.UTF8.GetString(stream.ToArray()));
}
}
}
catch
{
}
}
else if (contentType.Contains("urlencoded"))
{
try
{
// If it's been URL encoded, make sure it doesn't contain
// a client_secret
var builder = new UriBuilder()
{
Query = body
};
var query = new UriQueryParamsCollection(body);
if (query.ContainsKey("client_secret"))
{
query["client_secret"] = SanitizeValue;
}
return(query.ToString());
}
catch
{
}
}
// If anything goes wrong, don't sanitize
return(body);
}
/// <summary>
/// Creates a new instance of the <see cref="DataLakeSasQueryParameters"/>
/// type based on the supplied query parameters <paramref name="values"/>.
/// All SAS-related query parameters will be removed from
/// <paramref name="values"/>.
/// </summary>
/// <param name="values">URI query parameters</param>
internal DataLakeSasQueryParameters(UriQueryParamsCollection values)
: base(values, includeBlobParameters: true)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="BlobUriBuilder"/>
/// class with the specified <see cref="Uri"/>.
/// </summary>
/// <param name="uri">
/// The <see cref="Uri"/> to a storage resource.
/// </param>
public BlobUriBuilder(Uri uri)
{
this.Scheme = uri.Scheme;
this.Host = uri.Host;
this.Port = uri.Port;
this.AccountName = "";
this.ContainerName = "";
this.BlobName = "";
this.Snapshot = "";
//this.VersionId = "";
this.Sas = null;
// Find the account, container, & blob names (if any)
if (!String.IsNullOrEmpty(uri.AbsolutePath))
{
// If path starts with a slash, remove it
var path =
(uri.AbsolutePath[0] == '/')
? uri.AbsolutePath.Substring(1)
: uri.AbsolutePath;
var startIndex = 0;
if (IsHostIPEndPointStyle(uri.Host))
{
var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture);
// Slash not found; path has account name & no container name
if (accountEndIndex == -1)
{
this.AccountName = path;
startIndex = path.Length;
}
else
{
this.AccountName = path.Substring(0, accountEndIndex);
startIndex = accountEndIndex + 1;
}
}
// Find the next slash (if it exists)
var containerEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture);
if (containerEndIndex == -1)
{
this.ContainerName = path.Substring(startIndex); // Slash not found; path has container name & no blob name
}
else
{
this.ContainerName = path.Substring(startIndex, containerEndIndex - startIndex); // The container name is the part between the slashes
this.BlobName = path.Substring(containerEndIndex + 1); // The blob name is after the container slash
}
}
// Convert the query parameters to a case-sensitive map & trim whitespace
var paramsMap = new UriQueryParamsCollection(uri.Query);
if (paramsMap.TryGetValue(SnapshotParameterName, out var snapshotTime))
{
this.Snapshot = snapshotTime;
// If we recognized the query parameter, remove it from the map
paramsMap.Remove(SnapshotParameterName);
}
//if(paramsMap.TryGetValue(VersionIdParameterName, out var versionId))
//{
// this.VersionId = versionId;
// // If we recognized the query parameter, remove it from the map
// paramsMap.Remove(VersionIdParameterName);
//}
if (paramsMap.ContainsKey(SasVersionKey))
{
this.Sas = new SasQueryParameters(paramsMap);
}
this.UnparsedParams = paramsMap.ToString();
}
/// <summary>
/// Initializes a new instance of the <see cref="FileUriBuilder"/>
/// class with the specified <see cref="Uri"/>.
/// </summary>
/// <param name="uri">
/// The <see cref="Uri"/> to a storage resource.
/// </param>
public FileUriBuilder(Uri uri)
{
this.Scheme = uri.Scheme;
this.Host = uri.Host;
this.Port = uri.Port;
this.AccountName = "";
this.ShareName = "";
this.DirectoryOrFilePath = "";
this.Snapshot = "";
this.Sas = null;
// Find the share & directory/file path (if any)
if (!String.IsNullOrEmpty(uri.AbsolutePath))
{
// If path starts with a slash, remove it
var path =
(uri.AbsolutePath[0] == '/')
? uri.AbsolutePath.Substring(1)
: uri.AbsolutePath;
var startIndex = 0;
if (IsHostIPEndPointStyle(uri.Host))
{
var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture);
// Slash not found; path has account name & no share name
if (accountEndIndex == -1)
{
this.AccountName = path;
startIndex = path.Length;
}
else
{
this.AccountName = path.Substring(0, accountEndIndex);
startIndex = accountEndIndex + 1;
}
}
// Find the next slash (if it exists)
var shareEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture);
if (shareEndIndex == -1)
{
this.ShareName = path.Substring(startIndex); // Slash not found; path has share name & no directory/file path
}
else
{
this.ShareName = path.Substring(startIndex, shareEndIndex - startIndex); // The share name is the part between the slashes
this.DirectoryOrFilePath = path.Substring(shareEndIndex + 1); // The directory/file path name is after the share slash
}
}
// Convert the query parameters to a case-sensitive map & trim whitespace
var paramsMap = new UriQueryParamsCollection(uri.Query);
if (paramsMap.TryGetValue(Constants.SnapshotParameterName, out var snapshotTime))
{
this.Snapshot = snapshotTime;
// If we recognized the query parameter, remove it from the map
paramsMap.Remove(Constants.SnapshotParameterName);
}
if (paramsMap.ContainsKey(Constants.Sas.Parameters.Version))
{
this.Sas = new SasQueryParameters(paramsMap);
}
this.UnparsedParams = paramsMap.ToString();
}
/// <summary>
/// Parses a URL initializing QueueUriBuilder's fields including any SAS-related query parameters.
/// Any other query parameters remain in the UnparsedParams field.
/// </summary>
/// <param name="uri"><see cref="Uri"/></param>
public QueueUriBuilder(Uri uri)
{
this.Scheme = uri.Scheme;
this.Host = uri.Host;
this.Port = uri.Port;
this.AccountName = "";
this.QueueName = "";
this.Messages = false;
this.MessageId = "";
this.Sas = null;
// Find the account, container, & blob names (if any)
if (!String.IsNullOrEmpty(uri.AbsolutePath))
{
// If path starts with a slash, remove it
var path =
(uri.AbsolutePath[0] == '/')
? uri.AbsolutePath.Substring(1)
: uri.AbsolutePath;
var startIndex = 0;
if (IsHostIPEndPointStyle(uri.Host))
{
var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture);
// Slash not found; path has account name & no queue name
if (accountEndIndex == -1)
{
this.AccountName = path;
startIndex = path.Length;
}
else
{
this.AccountName = path.Substring(0, accountEndIndex);
startIndex = accountEndIndex + 1;
}
}
// Find the next slash (if it exists)
var queueEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture);
// Slash not found; path has queue name & no message id
if (queueEndIndex == -1)
{
this.QueueName = path.Substring(startIndex);
}
else
{
// The queue name is the part between the slashes
this.QueueName = path.Substring(startIndex, queueEndIndex - startIndex);
// skip "messages"
this.Messages = true;
startIndex = startIndex + (queueEndIndex - startIndex) + 1;
startIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture) + 1;
if (startIndex != 0)
{
// set messageId
this.MessageId = path.Substring(startIndex, path.Length - startIndex);
}
}
}
// Convert the query parameters to a case-sensitive map & trim whitespace
var paramsMap = new UriQueryParamsCollection(uri.Query);
if (paramsMap.ContainsKey(SasVersionKey))
{
this.Sas = new SasQueryParameters(paramsMap);
}
this.UnparsedParams = paramsMap.ToString();
}
