def generate_shared_access_signature(self, table_name,
shared_access_policy=None,
sas_version=X_MS_VERSION):
'''
Generates a shared access signature for the table.
Use the returned signature with the sas_token parameter of TableService.
table_name:
Required. Name of table.
shared_access_policy:
Instance of SharedAccessPolicy class.
sas_version:
x-ms-version for storage service, or None to get a signed query
string compatible with pre 2012-02-12 clients, where the version
is not included in the query string.
'''
_validate_not_none('table_name', table_name)
_validate_not_none('shared_access_policy', shared_access_policy)
_validate_not_none('self.account_name', self.account_name)
_validate_not_none('self.account_key', self.account_key)
sas = SharedAccessSignature(self.account_name, self.account_key)
return sas.generate_signed_query_string(
table_name,
None,
shared_access_policy,
sas_version,
table_name=table_name,
)
def _create_short_lived_file_sas(account_name, account_key, share, directory_name, file_name):
# if dir is empty string change it to None
directory_name = directory_name if directory_name else None
expiry = (datetime.utcnow() + timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%SZ')
sas = SharedAccessSignature(account_name, account_key)
return sas.generate_file(share, directory_name=directory_name, file_name=file_name,
permission=BlobPermissions(read=True), expiry=expiry, protocol='https')
def _create_short_lived_file_sas(account_name, account_key, share, directory_name, file_name):
# if dir is empty string change it to None
directory_name = directory_name if directory_name else None
expiry = (datetime.utcnow() + timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%SZ')
sas = SharedAccessSignature(account_name, account_key)
return sas.generate_file(share, directory_name=directory_name, file_name=file_name,
permission=BlobPermissions(read=True), expiry=expiry, protocol='https')
def generate_shared_access_signature(self,
table_name,
shared_access_policy=None,
sas_version=X_MS_VERSION):
'''
Generates a shared access signature for the table.
Use the returned signature with the sas_token parameter of TableService.
table_name:
Required. Name of table.
shared_access_policy:
Instance of SharedAccessPolicy class.
sas_version:
x-ms-version for storage service, or None to get a signed query
string compatible with pre 2012-02-12 clients, where the version
is not included in the query string.
'''
_validate_not_none('table_name', table_name)
_validate_not_none('shared_access_policy', shared_access_policy)
_validate_not_none('self.account_name', self.account_name)
_validate_not_none('self.account_key', self.account_key)
sas = SharedAccessSignature(self.account_name, self.account_key)
return sas.generate_signed_query_string(
table_name,
None,
shared_access_policy,
sas_version,
table_name=table_name,
)
def _create_short_lived_blob_sas(account_name, account_key, container, blob):
expiry = (datetime.utcnow() +
timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%SZ')
sas = SharedAccessSignature(account_name, account_key)
return sas.generate_blob(container,
blob,
permission=BlobPermissions(read=True),
expiry=expiry,
protocol='https')
def create_short_lived_container_sas(account_name, account_key, container):
from datetime import datetime, timedelta
from azure.storage.sharedaccesssignature import SharedAccessSignature
from azure.storage.blob.models import BlobPermissions
expiry = (datetime.utcnow() + timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%SZ')
sas = SharedAccessSignature(account_name, account_key)
return sas.generate_container(container, permission=BlobPermissions(read=True), expiry=expiry,
protocol='https')
def url(self, name):
ap = AccessPolicy(expiry=(timezone.datetime.utcnow() + timezone.timedelta(seconds=600)).strftime('%Y-%m-%dT%H:%M:%SZ'), \
start=(timezone.datetime.utcnow() + timezone.timedelta(seconds=-600)).strftime('%Y-%m-%dT%H:%M:%SZ'), \
permission='r')
sap = SharedAccessPolicy(ap)
sas = SharedAccessSignature(self.account_name, self.account_key)
url = sas.generate_signed_query_string(path=self.azure_container + '/' + name, resource_type='b', shared_access_policy=sap)
return self.connection.make_blob_url(self.azure_container, name) + "?" + url
def __init__(self, account_name, account_key, socket_timeout=600):
self.__settings = Settings()
self.__account_name = account_name
self.__account_key = account_key
self.__blockblob_service = BlockBlobService(
account_name=self.__account_name,
account_key=self.__account_key,
socket_timeout=socket_timeout)
self.__blob_access_signature = SharedAccessSignature(
self.__account_name, self.__account_key)
def create_short_lived_container_sas(account_name, account_key, container):
from datetime import datetime, timedelta
from azure.storage.sharedaccesssignature import SharedAccessSignature
from azure.storage.blob.models import BlobPermissions
expiry = (datetime.utcnow() +
timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%SZ')
sas = SharedAccessSignature(account_name, account_key)
return sas.generate_container(container,
permission=BlobPermissions(read=True),
expiry=expiry,
protocol='https')
def disk_image_sas(self, container_name, image_name, start, expiry,
permissions):
sas = SharedAccessSignature(self.account_name, self.account_key)
signed_query = sas.generate_blob(
container_name,
image_name,
permission=permissions,
expiry=expiry.strftime(ISO8061_FORMAT),
start=start.strftime(ISO8061_FORMAT))
return 'https://{}.blob.{}/{}/{}?{}'.format(
self.account_name, self.blob_service_host_base, container_name,
image_name, signed_query)
def sas(self, container, start, expiry, permissions):
sas = SharedAccessSignature(
self.account_name, self.account_key
)
signed_query = sas.generate_container(
container_name=container,
permission=permissions,
expiry=expiry.strftime(ISO8061_FORMAT),
start=start.strftime(ISO8061_FORMAT)
)
return 'https://{}.blob.core.windows.net/{}?{}'.format(
self.account_name, container, signed_query
)
def url(self, name):
ap = AccessPolicy(expiry=(timezone.datetime.utcnow() + timezone.timedelta(seconds=600)).strftime('%Y-%m-%dT%H:%M:%SZ'), \
start=(timezone.datetime.utcnow() + timezone.timedelta(seconds=-600)).strftime('%Y-%m-%dT%H:%M:%SZ'), \
permission='r')
sap = SharedAccessPolicy(ap)
sas = SharedAccessSignature(self.account_name, self.account_key)
url = sas.generate_signed_query_string(path=self.azure_container +
'/' + name,
resource_type='b',
shared_access_policy=sap)
return self.connection.make_blob_url(self.azure_container,
name) + "?" + url
def sasUrl(account, key, container, permission):
start = datetime.utcnow()
expiry = start + timedelta(hours=24)
accss_plcy = AccessPolicy()
accss_plcy.start = start.strftime('%Y-%m-%dT%H:%M:%SZ')
accss_plcy.expiry = expiry.strftime('%Y-%m-%dT%H:%M:%SZ')
accss_plcy.permission = permission
sas = SharedAccessSignature(account_name=account, account_key=key)
query = sas.generate_signed_query_string(
container,
ResourceType.RESOURCE_CONTAINER,
SharedAccessPolicy(accss_plcy),
)
return query
def sasUrl(account, key, container, permission):
start = datetime.utcnow()
expiry = start + timedelta(hours = 24)
accss_plcy = AccessPolicy()
accss_plcy.start = start.strftime('%Y-%m-%dT%H:%M:%SZ')
accss_plcy.expiry = expiry.strftime('%Y-%m-%dT%H:%M:%SZ')
accss_plcy.permission = permission
sas = SharedAccessSignature(account_name=account, account_key=key)
query = sas.generate_signed_query_string(
container,
ResourceType.RESOURCE_CONTAINER,
SharedAccessPolicy(accss_plcy),
)
return query
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
class SharedAccessSignatureTest(AzureTestCase):
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
def tearDown(self):
return super(SharedAccessSignatureTest, self).tearDown()
def test_generate_signature_container(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
signature = self.sas._generate_signature('images',
sap,
X_MS_VERSION,
None, None, None, None, None)
self.assertEqual(signature,
'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_generate_signature_blob(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11T11:03:40Z'
accss_plcy.expiry = '2011-10-12T11:53:40Z'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
signature = self.sas._generate_signature('images/pic1.png',
sap,
X_MS_VERSION,
None,
'file; attachment',
None,
None,
'binary')
self.assertEqual(signature,
'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_blob_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'w'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string('images/pic1.png',
RESOURCE_BLOB,
sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'w')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=')
def test_container_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
qry_str = self.sas.generate_signed_query_string('images',
RESOURCE_CONTAINER,
sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'r')
self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_sign_request(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string('images/pic1.png',
RESOURCE_BLOB,
sap)
permission = Permission()
permission.path = '/images/pic1.png'
permission.query_string = qry_str
self.sas.permission_set = [permission]
web_rsrc = WebResource()
web_rsrc.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB
web_rsrc.properties[SHARED_ACCESS_PERMISSION] = 'r'
web_rsrc.path = '/images/pic1.png?comp=metadata'
web_rsrc.request_url = '/images/pic1.png?comp=metadata'
web_rsrc = self.sas.sign_request(web_rsrc)
self.assertEqual(web_rsrc.request_url,
'/images/pic1.png?comp=metadata&' +
self.sas._convert_query_string(qry_str))
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
class SharedAccessSignatureTest(AzureTestCase):
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
def tearDown(self):
return super(SharedAccessSignatureTest, self).tearDown()
def test_generate_signature_container(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
signature = self.sas._generate_signature('images',
RESOURCE_CONTAINER,
sap)
self.assertEqual(signature,
'VdlALM4TYEYYNf94Bvt3dn48TsA01wk45ltwP3zeKp4=')
def test_generate_signature_blob(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11T11:03:40Z'
accss_plcy.expiry = '2011-10-12T11:53:40Z'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
signature = self.sas._generate_signature('images/pic1.png',
RESOURCE_BLOB,
sap)
self.assertEqual(signature,
'7NIEip+VOrQ5ZV80pORPK1MOsJc62wwCNcbMvE+lQ0s=')
def test_blob_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'w'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string('images/pic1.png',
RESOURCE_BLOB,
sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'w')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'k8uyTrn3pgLXuhwgZhxeAH6mZ/es9k2vqHPJEuIH4CE=')
def test_container_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
qry_str = self.sas.generate_signed_query_string('images',
RESOURCE_CONTAINER,
sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'r')
self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'VdlALM4TYEYYNf94Bvt3dn48TsA01wk45ltwP3zeKp4=')
def test_sign_request(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string('images/pic1.png',
RESOURCE_BLOB,
sap)
permission = Permission()
permission.path = '/images/pic1.png'
permission.query_string = qry_str
self.sas.permission_set = [permission]
web_rsrc = WebResource()
web_rsrc.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB
web_rsrc.properties[SHARED_ACCESS_PERMISSION] = 'r'
web_rsrc.path = '/images/pic1.png?comp=metadata'
web_rsrc.request_url = '/images/pic1.png?comp=metadata'
web_rsrc = self.sas.sign_request(web_rsrc)
self.assertEqual(web_rsrc.request_url,
'/images/pic1.png?comp=metadata&' +
self.sas._convert_query_string(qry_str))
def _create_short_lived_blob_sas(account_name, account_key, container, blob):
expiry = (datetime.utcnow() + timedelta(days=1)).strftime('%Y-%m-%dT%H:%M:%SZ')
sas = SharedAccessSignature(account_name, account_key)
return sas.generate_blob(container, blob, permission=BlobPermissions(read=True), expiry=expiry,
protocol='https')
class BlobStorageService:
def __init__(self, account_name, account_key, socket_timeout=600):
self.__settings = Settings()
self.__account_name = account_name
self.__account_key = account_key
self.__blockblob_service = BlockBlobService(
account_name=self.__account_name,
account_key=self.__account_key,
socket_timeout=socket_timeout)
self.__blob_access_signature = SharedAccessSignature(
self.__account_name, self.__account_key)
def create_container(self, container_name):
self.__blockblob_service.create_container(container_name)
def delete_container(self, container_name):
self.__blockblob_service.delete_container(container_name)
def upload_file(self,
container_name,
blob_name,
local_file=None,
delete_local_file=False):
local_file = blob_name if local_file == None else local_file
self.create_container(container_name)
return self.__upload_file(container_name, blob_name, local_file,
delete_local_file)
def upload_directory(self,
container_name,
directory,
storage_path="",
delete_local_file=False):
self.create_container(container_name)
files = self.__get_files(directory)
directories = self.__get_directories(directory)
blobs = list(
map(
lambda file: self.__upload_file(
container_name,
os.path.join(storage_path, os.path.basename(file)),
os.path.join(directory, file), delete_local_file), files))
return blobs + list(
map(
lambda dir: self.upload_directory(
container_name, os.path.join(directory, dir), storage_path,
delete_local_file), directories))
def upload_file_from_bytes(self, container_name, filename, file_in_bytes):
self.create_container(container_name)
return self.__blockblob_service.create_blob_from_bytes(
container_name, filename, file_in_bytes)
def upload_file_from_stream(self, container_name, filename, stream_file):
self.create_container(container_name)
return self.__blockblob_service.create_blob_from_stream(
container_name, filename, stream_file)
def list_blobs(self, container_name):
return self.__blockblob_service.list_blobs(container_name)
def create_blob_from_text(self, container_name, blob_name, text):
self.create_container(container_name)
return self.__blockblob_service.create_blob_from_text(
container_name, blob_name, str(text))
def get_blob_to_text(self, container_name, blob_name):
return self.__blockblob_service.get_blob_to_text(
container_name, blob_name)
def download_blob(self, container_name, blob_name, local_file=None):
local_file = blob_name if local_file == None else local_file
self.__create_local_dir(os.path.split(local_file)[0])
self.__blockblob_service.get_blob_to_path(container_name, blob_name,
local_file)
def download_blobs(self, container_name, local_path="", blob_path=""):
blobs = self.__get_blobs_in_path(container_name, blob_path)
base = self.__create_local_dir(local_path)
list(
map(
lambda blob: self.download_blob(container_name, blob.name,
os.path.join(base, blob.name)),
blobs))
def read_blob_bytes(self, container_name, blob_name):
return self.__blockblob_service.get_blob_to_bytes(
container_name, blob_name)
def delete_blob(self, container, blob_name):
self.__blockblob_service.delete_blob(container, blob_name)
def copy_blob(self, container_name, blob_name, blob_url):
self.__blockblob_service.copy_blob(container_name, blob_name, blob_url)
def make_blob_url(self, container_name, blob_name, sas_token=''):
return self.__blockblob_service.make_blob_url(container_name,
blob_name,
sas_token=sas_token)
def generate_container_sas_token(self,
container_name,
blob_name,
days_to_keep=1):
permission = ContainerPermissions(read=True, write=True)
return self.__blockblob_service.generate_blob_shared_access_signature(
container_name,
blob_name,
permission,
protocol='https',
start=datetime.datetime.utcnow(),
expiry=datetime.datetime.utcnow() + timedelta(days=days_to_keep))
def generate_blob_sas_token(self,
container_name,
blob_name,
read=True,
add=True,
create=True,
write=True,
delete=False,
days_to_keep=1):
permission = BlobPermissions(read, add, create, write, delete)
return self.__blob_access_signature.generate_blob(
container_name,
blob_name,
permission=permission,
protocol='https',
expiry=datetime.now() + timedelta(days=days_to_keep))
def __upload_file(self,
container_name,
filename,
local_file,
delete_local_file=False):
blob = self.__blockblob_service.create_blob_from_path(
container_name,
filename,
local_file,
content_settings=ContentSettings(
content_type=self.__get_mime_type(local_file)))
if delete_local_file:
os.remove(local_file)
return blob
def __get_mime_type(self, file_path):
return mime_content_type(file_path)
def __get_blobs_in_path(self, container_name, blob_path):
blobs = self.list_blobs(container_name)
if not blob_path:
return blobs
return list(filter(lambda blob: blob.name.startswith(blob_path),
blobs))
def __create_local_dir(self, local_path):
if local_path:
os.makedirs(local_path, exist_ok=True)
return os.path.join(os.getcwd(), local_path)
def __get_directories(self, local_path):
return [
file for file in os.listdir(local_path)
if os.path.isdir(os.path.join(local_path, file))
]
def __get_files(self, local_path):
return [
file for file in os.listdir(local_path)
if os.path.isfile(os.path.join(local_path, file))
]
class SharedAccessSignatureTest(AzureTestCase):
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
def tearDown(self):
return super(SharedAccessSignatureTest, self).tearDown()
def test_generate_signed_query_dict_container_with_access_policy(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
query = self.sas._generate_signed_query_dict(
'images',
ResourceType.RESOURCE_CONTAINER,
SharedAccessPolicy(accss_plcy),
)
self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11')
self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_CONTAINER)
self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'r')
self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE],
'CxLWN56cjXidpI9em7RDgSN2QIgLggTqrnzudH2XsOY=')
def test_generate_signed_query_dict_container_with_signed_identifier(self):
signed_identifier = 'YWJjZGVmZw=='
query = self.sas._generate_signed_query_dict(
'images',
ResourceType.RESOURCE_CONTAINER,
SharedAccessPolicy(signed_identifier=signed_identifier),
)
self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_CONTAINER)
self.assertEqual(query[QueryStringConstants.SIGNED_IDENTIFIER], signed_identifier)
self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE],
'BbzpLHe+JxNAsW/v6LttP5x9DdGMvXsZpm2chKblr3s=')
def test_generate_signed_query_dict_blob_with_access_policy_and_headers(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11T11:03:40Z'
accss_plcy.expiry = '2011-10-12T11:53:40Z'
accss_plcy.permission = 'r'
query = self.sas._generate_signed_query_dict(
'images/pic1.png',
ResourceType.RESOURCE_BLOB,
SharedAccessPolicy(accss_plcy),
content_disposition='file; attachment',
content_type='binary',
)
self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11T11:03:40Z')
self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12T11:53:40Z')
self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_BLOB)
self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'r')
self.assertEqual(query[QueryStringConstants.SIGNED_CONTENT_DISPOSITION], 'file; attachment')
self.assertEqual(query[QueryStringConstants.SIGNED_CONTENT_TYPE], 'binary')
self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE],
'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_generate_signed_query_dict_blob_with_access_policy(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'w'
query = self.sas._generate_signed_query_dict(
'images/pic1.png',
ResourceType.RESOURCE_BLOB,
SharedAccessPolicy(accss_plcy),
)
self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11')
self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_BLOB)
self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'w')
self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE],
'Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=')
def test_generate_signed_query_dict_blob_with_signed_identifier(self):
signed_identifier = 'YWJjZGVmZw=='
query = self.sas._generate_signed_query_dict(
'images',
ResourceType.RESOURCE_CONTAINER,
SharedAccessPolicy(signed_identifier=signed_identifier),
)
self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_CONTAINER)
self.assertEqual(query[QueryStringConstants.SIGNED_IDENTIFIER], signed_identifier)
self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE],
'BbzpLHe+JxNAsW/v6LttP5x9DdGMvXsZpm2chKblr3s=')
class SharedAccessSignatureTest(AzureTestCase):
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
def tearDown(self):
return super(SharedAccessSignatureTest, self).tearDown()
def test_generate_signature_container(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
signature = self.sas._generate_signature('images', sap, X_MS_VERSION,
None, None, None, None, None)
self.assertEqual(signature,
'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_generate_signature_blob(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11T11:03:40Z'
accss_plcy.expiry = '2011-10-12T11:53:40Z'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
signature = self.sas._generate_signature('images/pic1.png', sap,
X_MS_VERSION, None,
'file; attachment', None,
None, 'binary')
self.assertEqual(signature,
'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_blob_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'w'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string(
'images/pic1.png', RESOURCE_BLOB, sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'w')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=')
def test_container_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
qry_str = self.sas.generate_signed_query_string(
'images', RESOURCE_CONTAINER, sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'r')
self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_sign_request(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string(
'images/pic1.png', RESOURCE_BLOB, sap)
permission = Permission()
permission.path = '/images/pic1.png'
permission.query_string = qry_str
self.sas.permission_set = [permission]
web_rsrc = WebResource()
web_rsrc.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB
web_rsrc.properties[SHARED_ACCESS_PERMISSION] = 'r'
web_rsrc.path = '/images/pic1.png?comp=metadata'
web_rsrc.request_url = '/images/pic1.png?comp=metadata'
web_rsrc = self.sas.sign_request(web_rsrc)
self.assertEqual(
web_rsrc.request_url, '/images/pic1.png?comp=metadata&' +
self.sas._convert_query_string(qry_str))
class SharedAccessSignatureTest(AzureTestCase):
def setUp(self):
self.sas = SharedAccessSignature(account_name=DEV_ACCOUNT_NAME,
account_key=DEV_ACCOUNT_KEY)
def tearDown(self):
return super(SharedAccessSignatureTest, self).tearDown()
def test_generate_signature_container(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
signature = self.sas._generate_signature('images',
sap,
X_MS_VERSION)
self.assertEqual(signature,
'1AWckmWSNrNCjh9krPXoD4exAgZWQQr38gG6z/ymkhQ=')
def test_generate_signature_blob(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11T11:03:40Z'
accss_plcy.expiry = '2011-10-12T11:53:40Z'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
signature = self.sas._generate_signature('images/pic1.png',
sap,
X_MS_VERSION)
self.assertEqual(signature,
'ju4tX0G79vPxMOkBb7UfNVEgrj9+ZnSMutpUemVYHLY=')
def test_blob_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'w'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string('images/pic1.png',
RESOURCE_BLOB,
sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'w')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'8I8E8TImfR2TIAcMDq8rF+IhhYyvowXpxSfF1kxnWLQ=')
def test_container_signed_query_string(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
signed_identifier = 'YWJjZGVmZw=='
sap = SharedAccessPolicy(accss_plcy, signed_identifier)
qry_str = self.sas.generate_signed_query_string('images',
RESOURCE_CONTAINER,
sap)
self.assertEqual(qry_str[SIGNED_START], '2011-10-11')
self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12')
self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER)
self.assertEqual(qry_str[SIGNED_PERMISSION], 'r')
self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==')
self.assertEqual(qry_str[SIGNED_SIGNATURE],
'1AWckmWSNrNCjh9krPXoD4exAgZWQQr38gG6z/ymkhQ=')
def test_sign_request(self):
accss_plcy = AccessPolicy()
accss_plcy.start = '2011-10-11'
accss_plcy.expiry = '2011-10-12'
accss_plcy.permission = 'r'
sap = SharedAccessPolicy(accss_plcy)
qry_str = self.sas.generate_signed_query_string('images/pic1.png',
RESOURCE_BLOB,
sap)
permission = Permission()
permission.path = '/images/pic1.png'
permission.query_string = qry_str
self.sas.permission_set = [permission]
web_rsrc = WebResource()
web_rsrc.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB
web_rsrc.properties[SHARED_ACCESS_PERMISSION] = 'r'
web_rsrc.path = '/images/pic1.png?comp=metadata'
web_rsrc.request_url = '/images/pic1.png?comp=metadata'
web_rsrc = self.sas.sign_request(web_rsrc)
self.assertEqual(web_rsrc.request_url,
'/images/pic1.png?comp=metadata&' +
self.sas._convert_query_string(qry_str))
