Reputation: 15266
azure shared access signiture creation
I am using c# to create shared access signatures for new resources (The user should have create privileges to create new resources on my storage account). The MS documentation is out of date and I can't seem to get it to work using the different blog posts I've gone through.
Right now my code looks like so:
public static string GetBlobSharedAccessSignitureUrl(CloudBlobContainer container,string nameOfBlobToCreateSaSfor)
{
var blob = container.GetBlockBlobReference(nameOfBlobToCreateSaSfor);
var policy = new SharedAccessBlobPolicy
{
SharedAccessExpiryTime = DateTime.Now.AddHours(1),
Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Read
};
container.GetSharedAccessSignature(policy);
string sas = blob.GetSharedAccessSignature(policy);
return blob.Uri.AbsoluteUri + sas;
}
and the returned url (for my local machine) looks like this (what seems to be correct)
http://127.0.0.1:10000/devstoreaccount1/photos/photos_4.jpg?sv=2012-02-12&se=2013-01-20T10%3A13%3A17Z&sr=b&sp=rw&sig=xxx
I started the Azure storage simulator and through fiddler tried to POST to this URL (also tried PUT)
I am getting errors (404 or 400 , depends on different code for this function that I have tried)
Do I need to do something else? (In the old examples I saw them create a resource in that location before hand - which I've tried as well but didn't work either...)
Azure SDK version is 2.0 so the MS blog posts (and other tutorials) before October 2012 are broken (also according to MS dev blog http://blogs.msdn.com/b/windowsazurestorage/archive/2012/10/29/windows-azure-storage-client-library-2-0-breaking-changes-amp-migration-guide.aspx)
any help would be appreciated
Upvotes: 1
Views: 723
Answers (2)
Reputation: 837
Create a SAS token that's valid for one hour.
BlobSasBuilder sasBuilder = new BlobSasBuilder()
{
BlobContainerName = containerName,
BlobName = blobName,
Resource = "b",
StartsOn = DateTimeOffset.UtcNow,
ExpiresOn = DateTimeOffset.UtcNow.AddHours(1)
};
Specify read permissions for the SAS.
sasBuilder.SetPermissions(BlobSasPermissions.Read);
Use the key to get the SAS token.
string sasToken = sasBuilder.ToSasQueryParameters(key, accountName).ToString();
Construct the full URI, including the SAS token.
UriBuilder fullUri = new UriBuilder()
{
Scheme = "https",
Host = string.Format("{0}.blob.core.windows.net", accountName),
Path = string.Format("{0}/{1}", containerName, blobName),
Query = sasToken
};
Upvotes: 0
Reputation: 136206
If you're posting through Fiddler or through your code, please make sure you add "x-ms-blob-type" request header and set it's value as "BlockBlob". Take a look at this sample code where it tries to upload a file:
FileInfo fInfo = new FileInfo(fileName);//fileName is the full path of the file.
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(blobSaSUrl);
NameValueCollection requestHeaders = new NameValueCollection();
requestHeaders.Add("x-ms-blob-type", "BlockBlob");
req.Method = "PUT";
req.Headers.Add(requestHeaders);
req.ContentLength = fInfo.Length;
byte[] fileContents = new byte[fInfo.Length];
using (FileStream fs = fInfo.OpenRead())
{
fs.Read(fileContents, 0, fileContents.Length);
using (Stream s = req.GetRequestStream())
{
s.Write(fileContents, 0, fileContents.Length);
}
using (HttpWebResponse resp = (HttpWebResponse)req.GetResponse())
{
}
}
Upvotes: 1
Related Questions
- Azure Blob Storage Authorization
- How to generate a Shared access signature for a folder in Azure blob storage?
- Azure Shared Access Signature - Signature did not match
- Azure Using shared access signatures for blob storage
- Azure Blob Storage Generates Invalid Shared Access Signature
- Upload to Azure Blob Storage with Shared Access Key
- Generate SharedAccessSignature for one time use
- Azure, access denied on Shared Access Signature for Storage 2.0
- Creating a blob using SharedAccessSignature
- Windows Azure - Blob storage initialization - Authorization Error