async def test_logging_request_and_response_body(self,
storage_account_name,
storage_account_key):
bsc = BlobServiceClient(self.account_url(storage_account_name, "blob"),
storage_account_key,
transport=AiohttpTestTransport(),
logging_enable=True)
await self._setup(bsc)
# Arrange
container = bsc.get_container_client(self.container_name)
request_body = 'testloggingbody'
blob_name = self.get_resource_name("testloggingblob")
blob_client = container.get_blob_client(blob_name)
await blob_client.upload_blob(request_body, overwrite=True)
# Act
with LogCaptured(self) as log_captured:
await blob_client.download_blob()
log_as_str = log_captured.getvalue()
self.assertFalse(request_body in log_as_str)
with LogCaptured(self) as log_captured:
await blob_client.upload_blob(request_body,
overwrite=True,
logging_body=True)
log_as_str = log_captured.getvalue()
self.assertTrue(request_body in log_as_str)
self.assertEqual(log_as_str.count(request_body), 1)
async def test_sas_signature_is_scrubbed_off(self, storage_account_name,
storage_account_key):
# Test can only run live
bsc = BlobServiceClient(self.account_url(storage_account_name, "blob"),
storage_account_key)
await self._setup(bsc)
# Arrange
container = bsc.get_container_client(self.container_name)
token = generate_container_sas(
container.account_name,
container.container_name,
account_key=container.credential.account_key,
permission=ContainerSasPermissions(read=True),
expiry=datetime.utcnow() + timedelta(hours=1),
)
# parse out the signed signature
token_components = parse_qs(token)
signed_signature = quote(
token_components[QueryStringConstants.SIGNED_SIGNATURE][0])
sas_service = ContainerClient.from_container_url(container.url,
credential=token)
# Act
with LogCaptured(self) as log_captured:
await sas_service.get_account_information(logging_enable=True)
log_as_str = log_captured.getvalue()
# Assert
# make sure the query parameter 'sig' is logged, but its value is not
self.assertTrue(
QueryStringConstants.SIGNED_SIGNATURE in log_as_str)
self.assertFalse(signed_signature in log_as_str)
def test_delete_share_with_non_existing_share_fail_not_exist(
self, storage_account_name, storage_account_key):
self._setup(storage_account_name, storage_account_key)
client = self._get_share_reference()
# Act
with LogCaptured(self) as log_captured:
with self.assertRaises(HttpResponseError):
client.delete_share()
log_as_str = log_captured.getvalue()
self._delete_shares()
def test_authorization_is_scrubbed_off(self, storage_account_name,
storage_account_key):
# Arrange
bsc = BlobServiceClient(self.account_url(storage_account_name, "blob"),
storage_account_key)
self._setup(bsc)
container = bsc.get_container_client(self.container_name)
# Act
with LogCaptured(self) as log_captured:
container.get_container_properties(logging_enable=True)
log_as_str = log_captured.getvalue()
# Assert
# make sure authorization header is logged, but its value is not
# the keyword SharedKey is present in the authorization header's value
self.assertTrue(_AUTHORIZATION_HEADER_NAME in log_as_str)
self.assertFalse('SharedKey' in log_as_str)
async def test_copy_source_sas_is_scrubbed_off(self, storage_account_name,
storage_account_key):
# Test can only run live
bsc = BlobServiceClient(self.account_url(storage_account_name, "blob"),
storage_account_key)
await self._setup(bsc)
# Arrange
dest_blob_name = self.get_resource_name('destblob')
dest_blob = bsc.get_blob_client(self.container_name, dest_blob_name)
# parse out the signed signature
query_parameters = urlparse(self.source_blob_url).query
token_components = parse_qs(query_parameters)
if QueryStringConstants.SIGNED_SIGNATURE not in token_components:
pytest.fail(
"Blob URL {} doesn't contain {}, parsed query params: {}".
format(self.source_blob_url,
QueryStringConstants.SIGNED_SIGNATURE,
list(token_components.keys())))
signed_signature = quote(
token_components[QueryStringConstants.SIGNED_SIGNATURE][0])
# Act
with LogCaptured(self) as log_captured:
await dest_blob.start_copy_from_url(self.source_blob_url,
requires_sync=True,
logging_enable=True)
log_as_str = log_captured.getvalue()
# Assert
# make sure the query parameter 'sig' is logged, but its value is not
self.assertTrue(
QueryStringConstants.SIGNED_SIGNATURE in log_as_str)
self.assertFalse(signed_signature in log_as_str)
# make sure authorization header is logged, but its value is not
# the keyword SharedKey is present in the authorization header's value
self.assertTrue(_AUTHORIZATION_HEADER_NAME in log_as_str)
self.assertFalse('SharedKey' in log_as_str)