/// <summary>
/// Use an account's <see cref="SharedKeyCredentials"/> to sign this
/// shared access signature values to produce the proper SAS query
/// parameters for authenticating requests.
/// </summary>
/// <param name="sharedKeyCredential">
/// The storage account's <see cref="SharedKeyCredentials"/>.
/// </param>
/// <returns>
/// The <see cref="SasQueryParameters"/> used for authenticating requests.
/// </returns>
public SasQueryParameters ToSasQueryParameters(SharedKeyCredentials sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
string resource;
if (String.IsNullOrEmpty(this.FilePath))
{
// Make sure the permission characters are in the correct order
this.Permissions = ShareSasPermissions.Parse(this.Permissions).ToString();
resource = Constants.Sas.Resource.Share;
}
else
{
// Make sure the permission characters are in the correct order
this.Permissions = FileSasPermissions.Parse(this.Permissions).ToString();
resource = Constants.Sas.Resource.File;
}
if (String.IsNullOrEmpty(this.Version))
{
this.Version = SasQueryParameters.SasVersion;
}
var startTime = SasQueryParameters.FormatTimesForSasSigning(this.StartTime);
var expiryTime = SasQueryParameters.FormatTimesForSasSigning(this.ExpiryTime);
// String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
var stringToSign = String.Join("\n",
this.Permissions,
startTime,
expiryTime,
GetCanonicalName(sharedKeyCredential.AccountName, this.ShareName ?? String.Empty, this.FilePath ?? String.Empty),
this.Identifier,
this.IPRange.ToString(),
this.Protocol.ToString(),
this.Version,
this.CacheControl,
this.ContentDisposition,
this.ContentEncoding,
this.ContentLanguage,
this.ContentType);
var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign);
var p = new SasQueryParameters(
version: this.Version,
services: null,
resourceTypes: null,
protocol: this.Protocol,
startTime: this.StartTime,
expiryTime: this.ExpiryTime,
ipRange: this.IPRange,
identifier: this.Identifier,
resource: resource,
permissions: this.Permissions,
signature: signature);
return(p);
}
/// <summary>
/// Create a permissions string to provide
/// <see cref="FileSasBuilder.Permissions"/>.
/// </summary>
/// <returns>A permissions string.</returns>
internal static string ToPermissionsString(this FileSasPermissions permissions)
{
var sb = new StringBuilder();
if ((permissions & FileSasPermissions.Read) == FileSasPermissions.Read)
{
sb.Append(Constants.Sas.Permissions.Read);
}
if ((permissions & FileSasPermissions.Create) == FileSasPermissions.Create)
{
sb.Append(Constants.Sas.Permissions.Create);
}
if ((permissions & FileSasPermissions.Write) == FileSasPermissions.Write)
{
sb.Append(Constants.Sas.Permissions.Write);
}
if ((permissions & FileSasPermissions.Delete) == FileSasPermissions.Delete)
{
sb.Append(Constants.Sas.Permissions.Delete);
}
return(sb.ToString());
}