public void CloudFileSASSharedProtocolsQueryParam()
{
CloudFileShare share = GetRandomShareReference();
try
{
share.Create();
CloudFile file;
SharedAccessFilePolicy policy = new SharedAccessFilePolicy()
{
Permissions = SharedAccessFilePermissions.Read,
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
};
CloudFile fileWithKey = share.GetRootDirectoryReference().GetFileReference("filefile");
byte[] data = new byte[] { 0x1, 0x2, 0x3, 0x4 };
byte[] target = new byte[4];
fileWithKey.UploadFromByteArray(data, 0, 4);
foreach (SharedAccessProtocol?protocol in new SharedAccessProtocol?[] { null, SharedAccessProtocol.HttpsOrHttp, SharedAccessProtocol.HttpsOnly })
{
string fileToken = fileWithKey.GetSharedAccessSignature(policy, null, null, protocol, null);
StorageCredentials fileSAS = new StorageCredentials(fileToken);
Uri fileSASUri = new Uri(fileWithKey.Uri + fileSAS.SASToken);
StorageUri fileSASStorageUri = new StorageUri(new Uri(fileWithKey.StorageUri.PrimaryUri + fileSAS.SASToken), new Uri(fileWithKey.StorageUri.SecondaryUri + fileSAS.SASToken));
int securePort = 443;
int httpPort = (fileSASUri.Port == securePort) ? 80 : fileSASUri.Port;
if (!string.IsNullOrEmpty(TestBase.TargetTenantConfig.FileSecurePortOverride))
{
securePort = Int32.Parse(TestBase.TargetTenantConfig.FileSecurePortOverride);
}
var schemesAndPorts = new[] {
new { scheme = Uri.UriSchemeHttp, port = httpPort },
new { scheme = Uri.UriSchemeHttps, port = securePort }
};
foreach (var item in schemesAndPorts)
{
fileSASUri = TransformSchemeAndPort(fileSASUri, item.scheme, item.port);
fileSASStorageUri = new StorageUri(TransformSchemeAndPort(fileSASStorageUri.PrimaryUri, item.scheme, item.port), TransformSchemeAndPort(fileSASStorageUri.SecondaryUri, item.scheme, item.port));
if (protocol.HasValue && protocol == SharedAccessProtocol.HttpsOnly && string.CompareOrdinal(item.scheme, Uri.UriSchemeHttp) == 0)
{
file = new CloudFile(fileSASUri);
TestHelper.ExpectedException(() => file.FetchAttributes(), "Access a file using SAS with a shared protocols that does not match", HttpStatusCode.Unused);
file = new CloudFile(fileSASStorageUri, null);
TestHelper.ExpectedException(() => file.FetchAttributes(), "Access a file using SAS with a shared protocols that does not match", HttpStatusCode.Unused);
}
else
{
file = new CloudFile(fileSASUri);
file.DownloadRangeToByteArray(target, 0, 0, 4, null, null, null);
for (int i = 0; i < 4; i++)
{
Assert.AreEqual(data[i], target[i]);
}
file = new CloudFile(fileSASStorageUri, null);
file.DownloadRangeToByteArray(target, 0, 0, 4, null, null, null);
for (int i = 0; i < 4; i++)
{
Assert.AreEqual(data[i], target[i]);
}
}
}
}
}
finally
{
share.DeleteIfExists();
}
}
public void CloudFileSASIPAddressHelper(Func <IPAddressOrRange> generateInitialIPAddressOrRange, Func <IPAddress, IPAddressOrRange> generateFinalIPAddressOrRange)
{
CloudFileShare share = GetRandomShareReference();
try
{
share.Create();
CloudFile file;
SharedAccessFilePolicy policy = new SharedAccessFilePolicy()
{
Permissions = SharedAccessFilePermissions.Read,
SharedAccessStartTime = DateTimeOffset.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(30),
};
CloudFile fileWithKey = share.GetRootDirectoryReference().GetFileReference("filefile");
byte[] data = new byte[] { 0x1, 0x2, 0x3, 0x4 };
fileWithKey.UploadFromByteArray(data, 0, 4);
// We need an IP address that will never be a valid source
IPAddressOrRange ipAddressOrRange = generateInitialIPAddressOrRange();
string fileToken = fileWithKey.GetSharedAccessSignature(policy, null, null, null, ipAddressOrRange);
StorageCredentials fileSAS = new StorageCredentials(fileToken);
Uri fileSASUri = fileSAS.TransformUri(fileWithKey.Uri);
StorageUri fileSASStorageUri = fileSAS.TransformUri(fileWithKey.StorageUri);
file = new CloudFile(fileSASUri);
byte[] target = new byte[4];
OperationContext opContext = new OperationContext();
IPAddress actualIP = null;
opContext.ResponseReceived += (sender, e) =>
{
Stream stream = HttpResponseParsers.GetResponseStream(e.Response);
stream.Seek(0, SeekOrigin.Begin);
using (StreamReader reader = new StreamReader(stream))
{
string text = reader.ReadToEnd();
XDocument xdocument = XDocument.Parse(text);
actualIP = IPAddress.Parse(xdocument.Descendants("SourceIP").First().Value);
}
};
bool exceptionThrown = false;
try
{
file.DownloadRangeToByteArray(target, 0, 0, 4, null, null, opContext);
}
catch (StorageException)
{
exceptionThrown = true;
//The IP should not be included in the error details for security reasons
Assert.IsNull(actualIP);
}
Assert.IsTrue(exceptionThrown);
ipAddressOrRange = null;
fileToken = fileWithKey.GetSharedAccessSignature(policy, null, null, null, ipAddressOrRange);
fileSAS = new StorageCredentials(fileToken);
fileSASUri = fileSAS.TransformUri(fileWithKey.Uri);
fileSASStorageUri = fileSAS.TransformUri(fileWithKey.StorageUri);
file = new CloudFile(fileSASUri);
file.DownloadRangeToByteArray(target, 0, 0, 4, null, null, null);
for (int i = 0; i < 4; i++)
{
Assert.AreEqual(data[i], target[i]);
}
Assert.IsTrue(file.StorageUri.PrimaryUri.Equals(fileWithKey.Uri));
Assert.IsNull(file.StorageUri.SecondaryUri);
file = new CloudFile(fileSASStorageUri, null);
file.DownloadRangeToByteArray(target, 0, 0, 4, null, null, null);
for (int i = 0; i < 4; i++)
{
Assert.AreEqual(data[i], target[i]);
}
Assert.IsTrue(file.StorageUri.Equals(fileWithKey.StorageUri));
}
finally
{
share.DeleteIfExists();
}
}
