public void RedirectionSignatureTest() { var request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null) { AuthenticationScheme = "SharedKey", AuthenticationKey = DashConfiguration.AccountKey, }; var result = HandlerResult.Redirect(request, "http://dataaccount.blob.core.windows.net/container/test%20encoded"); result.Headers = new ResponseHeaders(new[] { new KeyValuePair <string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"), }); Assert.AreEqual(result.SignedLocation, "SharedKey dashstorage1:iU0kJCrvLR7rdIS/HXO0T04gTu09enDo25/3WtrjESI="); // Secondary key request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null) { AuthenticationScheme = "SharedKeyLite", AuthenticationKey = DashConfiguration.SecondaryAccountKey, }; result = HandlerResult.Redirect(request, "http://dataaccount.blob.core.windows.net/container/test%20encoded"); result.Headers = new ResponseHeaders(new[] { new KeyValuePair <string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"), }); Assert.AreEqual(result.SignedLocation, "SharedKeyLite dashstorage1:o3XAz28naFjcSxCbqoZL394S/zLY2+nYk7v8KbdnlSI="); }
public void SharedKeyRequestTest() { var headers = new[] { Tuple.Create("User-Agent", "WA-Storage/4.3.0 (.NET CLR 4.0.30319.34014; Win32NT 6.2.9200.0)"), Tuple.Create("x-ms-version", "2014-02-14"), Tuple.Create("x-ms-client-request-id", "adfb540e-1050-4c9b-a53a-be6cb71688d3"), Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"), Tuple.Create("Host", "dashstorage1.blob.core.windows.net"), Tuple.Create("Connection", "Keep-Alive"), Tuple.Create("Content-Length", "0"), }; var request = new MockHttpRequestWrapper("GET", "http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy", headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:rB2yPGBXn3CtquDlk03An34hgRHIibK/Xv+hjG3r0Us=") })); Assert.IsTrue(IsRequestAuthorized(request)); Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("8jqRVtXUWiEthgIhR+dFwrB8gh3lFuquvJQ1v4eabObIj7okI1cZIuzY8zZHmEdpcC0f+XlUkbFwAhjTfyrLIg=="))); Assert.AreEqual(request.AuthenticationScheme, "SharedKey"); // Encoded URI Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded", headers, "SharedKey dashstorage1:CVlJHA7FdyqJ75pPkufGavOsXEtzcr5RAWd3R5fEolA=")); // For encoded uris, some clients generate the signature on the unencoded path (in violation of the documented spec), but // storage supports it, so we have to as well. Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded", headers, "SharedKey dashstorage1:w6D7S11x58ueIvRKEWZGe1MRVvMkQFO+18wPlfm6f+A=")); // Alternate encoding - some punctuation characters are encoded as well Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded(1)", headers, "SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU=")); Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded%281%29", headers, "SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU=")); // Secondary key request = new MockHttpRequestWrapper("GET", "http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy", headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:zmKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=") })); Assert.IsTrue(IsRequestAuthorized(request)); Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("Klari9ZbVdFQ35aULCfqqehCsd136amhusMHWynTpz2Pg+GyQMJw3GH177hvEQbaZ2oeRYk3jw0mIaV3ehNIRg=="))); // Invalid key Assert.IsFalse(IsRequestAuthorized("GET", "http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy", headers, "SharedKey dashstorage1:ymKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=")); }
public void RedirectionSignatureTest() { var request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null) { AuthenticationScheme = "SharedKey", AuthenticationKey = DashConfiguration.AccountKey, }; var result = HandlerResult.Redirect(request, "http://dataaccount.blob.core.windows.net/container/test%20encoded"); result.Headers = new ResponseHeaders(new[] { new KeyValuePair<string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"), }); Assert.AreEqual(result.SignedLocation, "SharedKey dashstorage1:iU0kJCrvLR7rdIS/HXO0T04gTu09enDo25/3WtrjESI="); // Secondary key request = new MockHttpRequestWrapper("GET", "http://localhost/container/test%20encoded", null) { AuthenticationScheme = "SharedKeyLite", AuthenticationKey = DashConfiguration.SecondaryAccountKey, }; result = HandlerResult.Redirect(request, "http://dataaccount.blob.core.windows.net/container/test%20encoded"); result.Headers = new ResponseHeaders(new[] { new KeyValuePair<string, string>("x-ms-date", "Wed, 01 Apr 2015 01:26:43 GMT"), }); Assert.AreEqual(result.SignedLocation, "SharedKeyLite dashstorage1:o3XAz28naFjcSxCbqoZL394S/zLY2+nYk7v8KbdnlSI="); }
public void SharedKeyRequestTest() { var headers = new[] { Tuple.Create("User-Agent", "WA-Storage/4.3.0 (.NET CLR 4.0.30319.34014; Win32NT 6.2.9200.0)"), Tuple.Create("x-ms-version", "2014-02-14"), Tuple.Create("x-ms-client-request-id", "adfb540e-1050-4c9b-a53a-be6cb71688d3"), Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"), Tuple.Create("Host", "dashstorage1.blob.core.windows.net"), Tuple.Create("Connection", "Keep-Alive"), Tuple.Create("Content-Length", "0"), }; var request = new MockHttpRequestWrapper("GET", "http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy", headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:rB2yPGBXn3CtquDlk03An34hgRHIibK/Xv+hjG3r0Us=") })); Assert.IsTrue(IsRequestAuthorized(request)); Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("8jqRVtXUWiEthgIhR+dFwrB8gh3lFuquvJQ1v4eabObIj7okI1cZIuzY8zZHmEdpcC0f+XlUkbFwAhjTfyrLIg=="))); Assert.AreEqual(request.AuthenticationScheme, "SharedKey"); // Encoded URI Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded", headers, "SharedKey dashstorage1:CVlJHA7FdyqJ75pPkufGavOsXEtzcr5RAWd3R5fEolA=")); // For encoded uris, some clients generate the signature on the unencoded path (in violation of the documented spec), but // storage supports it, so we have to as well. Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded", headers, "SharedKey dashstorage1:w6D7S11x58ueIvRKEWZGe1MRVvMkQFO+18wPlfm6f+A=")); // Alternate encoding - some punctuation characters are encoded as well Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded(1)", headers, "SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU=")); // Alternate encoding - the full suite of reserved characters Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/dashencode/reserved-characters-blob-[]@!$&()*+,;='", headers, "SharedKey dashstorage1:kDCnETyjm08UsynfFVPrsXx6zbpR9iWI+H2eylg+UXg=")); // Standard encoding - the full suite of reserved characters Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/dashencode/reserved-characters-blob-[]@!$&()*+,;='", headers, "SharedKey dashstorage1:6NTW7igimlQamDKOmDROti282ByL/8kGU4R8n6RVtmM=")); Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test%20encoded%281%29", headers, "SharedKey dashstorage1:RkJ/SQDzKdpAWVI1fJV+kK715YJ0gigRTnrQdQnx+TU=")); // Secondary key request = new MockHttpRequestWrapper("GET", "http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy", headers.Concat(new[] { Tuple.Create("Authorization", "SharedKey dashstorage1:zmKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=") })); Assert.IsTrue(IsRequestAuthorized(request)); Assert.IsTrue(request.AuthenticationKey.SequenceEqual(Convert.FromBase64String("Klari9ZbVdFQ35aULCfqqehCsd136amhusMHWynTpz2Pg+GyQMJw3GH177hvEQbaZ2oeRYk3jw0mIaV3ehNIRg=="))); // Invalid key Assert.IsFalse(IsRequestAuthorized("GET", "http://localhost/container/test?restype=container&comp=list&prefix=te&include=snapshots,uncommittedblobs,metadata,copy", headers, "SharedKey dashstorage1:ymKvQUdxMH2OJWQygKOa950BULRSw6Dpue2zpE6TAAA=")); // Non-zero content length Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test/testblob", new[] { Tuple.Create("x-ms-version", "2014-02-14"), Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"), Tuple.Create("Content-Length", "1024"), }, "SharedKey dashstorage1:2LVVY8xiJ1iJzypLMXFTV2dsq6iglj1EAV9BNCi8+B4=")); // 2015-02-21 version with 0 content length Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test/testblob", new[] { Tuple.Create("x-ms-version", "2015-02-21"), Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"), Tuple.Create("Content-Length", "0"), }, "SharedKey dashstorage1:LN/1NeMcCUcRssRcfKyInYVL1EpqS8SL9xoLlJJsKPs=")); // Blank content-length with new version Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test/testblob", new[] { Tuple.Create("x-ms-version", "2015-02-21"), Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"), }, "SharedKey dashstorage1:LN/1NeMcCUcRssRcfKyInYVL1EpqS8SL9xoLlJJsKPs=")); // Valid content-length with new version Assert.IsTrue(IsRequestAuthorized("PUT", "http://localhost/container/test/testblob", new[] { Tuple.Create("x-ms-version", "2015-02-21"), Tuple.Create("x-ms-date", "Fri, 31 Oct 2014 22:50:34 GMT"), Tuple.Create("Content-Length", "1024"), }, "SharedKey dashstorage1:d0i2sKACec56W4SrUEg77CL8b/p7chQZVRzRk7finnI=")); }