class Azure::Blob::Auth::SharedAccessSignature

Constants

DEFAULTS
KEY_MAPPINGS
OPTIONAL_QUERY_PARAMS

Attributes

account_name[R]

Public Class Methods

new(account_name=Azure.storage_account_name, access_key=Azure.storage_access_key) click to toggle source

Public: Initialize the Signer.

@param #account_name [String] The account name. Defaults to the one in the global configuration. @param access_key [String] The access_key encoded in Base64. Defaults to the one in the global configuration.

Calls superclass method
# File lib/azure/blob/auth/shared_access_signature.rb, line 55
def initialize(account_name=Azure.storage_account_name, access_key=Azure.storage_access_key)
  @account_name = account_name
  super(access_key)
end

Public Instance Methods

canonicalized_resource(path) click to toggle source

Return the cononicalized resource representation of the blob resource @return [String]

# File lib/azure/blob/auth/shared_access_signature.rb, line 86
def canonicalized_resource(path)
  "/#{account_name}#{path.start_with?('/') ? '' : '/'}#{path}"
end
sign_request(req) click to toggle source
# File lib/azure/blob/auth/shared_access_signature.rb, line 124
def sign_request(req)
  header_options = {}.tap do |opts|
    opts[:version] = req.headers['x-ms-version'] if req.headers.has_key?('x-ms-version')
  end

  req.uri = signed_uri(req.uri, header_options)
end
signable_string(path, options) click to toggle source

Construct the plaintext to the spec required for signatures @return [String]

# File lib/azure/blob/auth/shared_access_signature.rb, line 62
def signable_string(path, options)
  # Order is significant
  # The newlines from empty strings here are required
  options[:start] = Time.parse(options[:start]).utc.iso8601 if options[:start]
  options[:expiry] = Time.parse(options[:expiry]).utc.iso8601 if options[:expiry]
  [
      options[:permissions],
      options[:start],
      options[:expiry],
      canonicalized_resource(path),
      options[:identifier],

      options[:version],

      options[:cache_control],
      options[:content_disposition],
      options[:content_encoding],
      options[:content_language],
      options[:content_type]
  ].join("\n")
end
signed_uri(uri, options) click to toggle source

A customised URI reflecting options for the resource signed with the Shared Access Signature @param uri [URI] uri to resource including query options @param options [Hash]

Options

  • :resource - String. Resource type, either 'b' (blob) or 'c' (container). Default 'b'

  • :permissions - String. Combination of 'r','w','d','l' (container only) in this order. Default 'r'

  • :start - String. UTC Date/Time in ISO8601 format. Optional.

  • :expiry - String. UTC Date/Time in ISO8601 format. Optional. Default now + 30 minutes.

  • :identifier - String. Identifier for stored access policy. Optional

  • :version - String. API version. Default 2014-02-14

  • :cache_control - String. Response header override. Optional.

  • :content_disposition - String. Response header override. Optional.

  • :content_encoding - String. Response header override. Optional.

  • :content_language - String. Response header override. Optional.

  • :content_type - String. Response header override. Optional.

# File lib/azure/blob/auth/shared_access_signature.rb, line 108
def signed_uri(uri, options)
  parsed_query = CGI::parse(uri.query || '').inject({}){|memo,(k,v)| memo[k.to_sym] = v; memo}

  options[:start] = Time.parse(options[:start]).utc.iso8601 if options[:start]
  options[:expiry] = Time.parse(options[:expiry]).utc.iso8601 if options[:expiry]
  options[:expiry] ||= (Time.now + 60*30).utc.iso8601

  if parsed_query.has_key?(:restype)
    options[:resource] = parsed_query[:restype].first == 'container' ? 'c' : 'b'
  end

  options = DEFAULTS.merge(options)
  sas_params = URI.encode_www_form(query_hash(uri.path, options))
  URI.parse(uri.to_s + (uri.query.nil? ? '?' : '&') + sas_params)
end

Private Instance Methods

query_hash(path, options) click to toggle source
# File lib/azure/blob/auth/shared_access_signature.rb, line 138
def query_hash(path, options)
  Hash[options.map { |k, v|
         [KEY_MAPPINGS[k], v]
       }].reject { |k, v|
    OPTIONAL_QUERY_PARAMS.include?(k) && v.to_s == ''
  }.merge(
      sig: signature(path, options)
  )
end
signature(path, options) click to toggle source
# File lib/azure/blob/auth/shared_access_signature.rb, line 134
def signature(path, options)
  sign(signable_string(path, options))
end