/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="DataLakeSasQueryParameters"/> used for authenticating /// requests. /// </returns> public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); EnsureState(); var startTime = SasExtensions.FormatTimesForSasSigning(StartsOn); var expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn); // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = String.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? String.Empty, Path ?? String.Empty), Identifier, IPRange.ToString(), SasExtensions.ToProtocolString(Protocol), Version, Resource, null, // snapshot CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); var signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign); var p = new DataLakeSasQueryParameters( version: Version, services: default,
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="BlobSasQueryParameters"/> used for authenticating /// requests. /// </returns> public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); EnsureState(); var startTime = SasQueryParameters.FormatTimesForSasSigning(StartsOn); var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiresOn); // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = String.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, BlobContainerName ?? String.Empty, BlobName ?? String.Empty), Identifier, IPRange.ToString(), Protocol.ToProtocolString(), Version, Resource, Snapshot, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign); var p = new BlobSasQueryParameters( version: Version, services: default,
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="SasQueryParameters"/> used for authenticating /// requests. /// </returns> public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); if (ExpiresOn == default) { throw Errors.SasMissingData(nameof(ExpiresOn)); } if (string.IsNullOrEmpty(Permissions)) { throw Errors.SasMissingData(nameof(Permissions)); } if (string.IsNullOrEmpty(Version)) { Version = SasQueryParameters.DefaultSasVersion; } var startTime = SasExtensions.FormatTimesForSasSigning(StartsOn); var expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn); // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = string.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, QueueName ?? string.Empty), Identifier, IPRange.ToString(), SasExtensions.ToProtocolString(Protocol), Version); var signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign); var p = SasQueryParametersInternals.Create( version: Version, services: default,
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="SasQueryParameters"/> used for authenticating requests. /// </returns> public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); string resource; if (string.IsNullOrEmpty(FilePath)) { // Make sure the permission characters are in the correct order Permissions = ShareSasPermissions.Parse(Permissions).ToString(); resource = Constants.Sas.Resource.Share; } else { // Make sure the permission characters are in the correct order Permissions = FileSasPermissions.Parse(Permissions).ToString(); resource = Constants.Sas.Resource.File; } if (string.IsNullOrEmpty(Version)) { Version = SasQueryParameters.DefaultSasVersion; } var startTime = SasQueryParameters.FormatTimesForSasSigning(StartTime); var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime); // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = string.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, ShareName ?? string.Empty, FilePath ?? string.Empty), Identifier, IPRange.ToString(), Protocol.ToString(), Version, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign); var p = new SasQueryParameters( version: Version, services: null, resourceTypes: null, protocol: Protocol, startTime: StartTime, expiryTime: ExpiryTime, ipRange: IPRange, identifier: Identifier, resource: resource, permissions: Permissions, signature: signature); return(p); }
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="DataLakeSasQueryParameters"/> used for authenticating /// requests. /// </returns> public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); EnsureState(); string startTime = SasExtensions.FormatTimesForSasSigning(StartsOn); string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn); // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx string stringToSign; // TODO https://github.com/Azure/azure-sdk-for-net/issues/23369 if (SasQueryParametersInternals.DefaultSasVersionInternal == "2020-12-06") { stringToSign = string.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? string.Empty, Path ?? string.Empty), Identifier, IPRange.ToString(), SasExtensions.ToProtocolString(Protocol), Version, Resource, null, // snapshot null, // encryption scope CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); } else { stringToSign = string.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, FileSystemName ?? string.Empty, Path ?? string.Empty), Identifier, IPRange.ToString(), SasExtensions.ToProtocolString(Protocol), Version, Resource, null, // snapshot CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); } string signature = StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign); DataLakeSasQueryParameters p = new DataLakeSasQueryParameters( version: Version, services: default,
/// <summary> /// Use an account's <see cref="UserDelegationKey"/> to sign this /// shared access signature values to produce the propery SAS query /// parameters for authenticating requests. /// </summary> /// <param name="userDelegationKey"> /// A <see cref="UserDelegationKey"/> returned from /// <see cref="Azure.Storage.Blobs.BlobServiceClient.GetUserDelegationKeyAsync"/>. /// </param> /// <param name="accountName">The name of the storage account.</param> /// <returns> /// The <see cref="BlobSasQueryParameters"/> used for authenticating requests. /// </returns> public BlobSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName) { userDelegationKey = userDelegationKey ?? throw Errors.ArgumentNull(nameof(userDelegationKey)); EnsureState(); var startTime = SasQueryParameters.FormatTimesForSasSigning(StartTime); var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime); var signedStart = SasQueryParameters.FormatTimesForSasSigning(userDelegationKey.SignedStart); var signedExpiry = SasQueryParameters.FormatTimesForSasSigning(userDelegationKey.SignedExpiry); // See http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = String.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(accountName, ContainerName ?? String.Empty, BlobName ?? String.Empty), userDelegationKey.SignedOid, userDelegationKey.SignedTid, signedStart, signedExpiry, userDelegationKey.SignedService, userDelegationKey.SignedVersion, IPRange.ToString(), Protocol.ToString(), Version, Resource, Snapshot, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); var signature = ComputeHMACSHA256(userDelegationKey.Value, stringToSign); var p = new BlobSasQueryParameters( version: Version, services: null, resourceTypes: null, protocol: Protocol, startTime: StartTime, expiryTime: ExpiryTime, ipRange: IPRange, identifier: null, resource: Resource, permissions: Permissions, keyOid: userDelegationKey.SignedOid, keyTid: userDelegationKey.SignedTid, keyStart: userDelegationKey.SignedStart, keyExpiry: userDelegationKey.SignedExpiry, keyService: userDelegationKey.SignedService, keyVersion: userDelegationKey.SignedVersion, signature: signature); return(p); }
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="SasQueryParameters"/> used for authenticating requests. /// </returns> public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); if (ExpiresOn == default) { throw Errors.SasMissingData(nameof(ExpiresOn)); } if (string.IsNullOrEmpty(Permissions)) { throw Errors.SasMissingData(nameof(Permissions)); } string resource; if (string.IsNullOrEmpty(FilePath)) { resource = Constants.Sas.Resource.Share; } else { resource = Constants.Sas.Resource.File; } if (string.IsNullOrEmpty(Version)) { Version = SasQueryParameters.DefaultSasVersion; } var startTime = SasQueryParameters.FormatTimesForSasSigning(StartsOn); var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiresOn); // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = string.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, ShareName ?? string.Empty, FilePath ?? string.Empty), Identifier, IPRange.ToString(), Protocol.ToProtocolString(), Version, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign); var p = new SasQueryParameters( version: Version, services: default,
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="SasQueryParameters"/> used for authenticating /// requests. /// </returns> public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { // https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); if (ExpiryTime == default || string.IsNullOrEmpty(Permissions) || string.IsNullOrEmpty(ResourceTypes) || string.IsNullOrEmpty(Services)) { throw Errors.AccountSasMissingData(); } if (string.IsNullOrEmpty(Version)) { Version = SasQueryParameters.DefaultSasVersion; } // Make sure the permission characters are in the correct order Permissions = AccountSasPermissions.Parse(Permissions).ToString(); var startTime = SasQueryParameters.FormatTimesForSasSigning(StartTime); var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime); // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = string.Join("\n", sharedKeyCredential.AccountName, Permissions, Services, ResourceTypes, startTime, expiryTime, IPRange.ToString(), Protocol.ToString(), Version, ""); // That's right, the account SAS requires a terminating extra newline var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign); var p = new SasQueryParameters( Version, Services, ResourceTypes, Protocol, StartTime, ExpiryTime, IPRange, null, // Identifier null, // Resource Permissions, signature); return(p); }
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="SasQueryParameters"/> used for authenticating /// requests. /// </returns> public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { // https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); if (ExpiresOn == default || string.IsNullOrEmpty(Permissions) || ResourceTypes == default || Services == default) { throw Errors.AccountSasMissingData(); } Version = SasQueryParametersInternals.DefaultSasVersionInternal; string startTime = SasExtensions.FormatTimesForSasSigning(StartsOn); string expiryTime = SasExtensions.FormatTimesForSasSigning(ExpiresOn); // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx string stringToSign = string.Join("\n", sharedKeyCredential.AccountName, Permissions, Services.ToPermissionsString(), ResourceTypes.ToPermissionsString(), startTime, expiryTime, IPRange.ToString(), Protocol.ToProtocolString(), Version, EncryptionScope, string.Empty); // That's right, the account SAS requires a terminating extra newline string signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign); SasQueryParameters p = SasQueryParametersInternals.Create( Version, Services, ResourceTypes, Protocol, StartsOn, ExpiresOn, IPRange, identifier: null, resource: null, Permissions, signature, encryptionScope: EncryptionScope); return(p); }
/// <summary> /// Use an account's <see cref="StorageSharedKeyCredential"/> to sign this /// shared access signature values to produce the proper SAS query /// parameters for authenticating requests. /// </summary> /// <param name="sharedKeyCredential"> /// The storage account's <see cref="StorageSharedKeyCredential"/>. /// </param> /// <returns> /// The <see cref="SasQueryParameters"/> used for authenticating /// requests. /// </returns> public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential)); Permissions = QueueAccountSasPermissions.Parse(Permissions).ToString(); if (string.IsNullOrEmpty(Version)) { Version = SasQueryParameters.DefaultSasVersion; } var startTime = SasQueryParameters.FormatTimesForSasSigning(StartTime); var expiryTime = SasQueryParameters.FormatTimesForSasSigning(ExpiryTime); // String to sign: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx var stringToSign = string.Join("\n", Permissions, startTime, expiryTime, GetCanonicalName(sharedKeyCredential.AccountName, QueueName ?? string.Empty), Identifier, IPRange.ToString(), Protocol.ToString(), Version); var signature = sharedKeyCredential.ComputeHMACSHA256(stringToSign); var p = new SasQueryParameters( version: Version, services: null, resourceTypes: null, protocol: Protocol, startTime: StartTime, expiryTime: ExpiryTime, ipRange: IPRange, identifier: Identifier, resource: null, permissions: Permissions, signature: signature); return(p); }