def test_generate_signed_query_dict_blob_with_access_policy_and_headers( self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' query = self.sas._generate_signed_query_dict( 'images/pic1.png', ResourceType.RESOURCE_BLOB, SharedAccessPolicy(accss_plcy), content_disposition='file; attachment', content_type='binary', ) self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11T11:03:40Z') self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12T11:53:40Z') self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_BLOB) self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'r') self.assertEqual( query[QueryStringConstants.SIGNED_CONTENT_DISPOSITION], 'file; attachment') self.assertEqual(query[QueryStringConstants.SIGNED_CONTENT_TYPE], 'binary') self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE], 'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_sas_signed_identifier(self): # SAS URL is calculated from storage key, so this test runs live only if TestMode.need_recording_file(self.test_mode): return # Arrange file_name = self._create_file() access_policy = AccessPolicy() access_policy.start = '2011-10-11' access_policy.expiry = '2018-10-12' access_policy.permission = FilePermissions.READ identifiers = {'testid': access_policy} resp = self.fs.set_share_acl(self.share_name, identifiers) token = self.fs.generate_file_shared_access_signature(self.share_name, None, file_name, id='testid') # Act service = FileService( self.settings.STORAGE_ACCOUNT_NAME, sas_token=token, request_session=requests.Session(), ) self._set_test_proxy(service, self.settings) result = service.get_file_to_bytes(self.share_name, None, file_name) # Assert self.assertEqual(self.short_byte_data, result.content)
def test_generate_signed_query_dict_blob_with_access_policy_and_headers( self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' query = self.sas._generate_signed_query_dict( 'images/pic1.png', ResourceType.RESOURCE_BLOB, SharedAccessPolicy(accss_plcy), content_disposition='file; attachment', content_type='binary', ) self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11T11:03:40Z') self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12T11:53:40Z') self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_BLOB) self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'r') self.assertEqual( query[QueryStringConstants.SIGNED_CONTENT_DISPOSITION], 'file; attachment') self.assertEqual(query[QueryStringConstants.SIGNED_CONTENT_TYPE], 'binary') self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE], 'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_sas_signed_identifier(self): # SAS URL is calculated from storage key, so this test runs live only if TestMode.need_recordingfile(self.test_mode): return # Arrange entity = self._insert_random_entity() access_policy = AccessPolicy() access_policy.start = '2011-10-11' access_policy.expiry = '2018-10-12' access_policy.permission = TablePermissions.QUERY identifiers = {'testid': access_policy} entities = self.ts.set_table_acl(self.table_name, identifiers) token = self.ts.generate_table_shared_access_signature( self.table_name, id='testid', ) # Act service = TableService( account_name=self.settings.STORAGE_ACCOUNT_NAME, sas_token=token, ) self._set_service_options(service, self.settings) entities = list( self.ts.query_entities(self.table_name, filter="PartitionKey eq '{}'".format( entity.PartitionKey))) # Assert self.assertEqual(len(entities), 1) self._assert_default_entity(entities[0])
def test_sas_signed_identifier(self): # SAS URL is calculated from storage key, so this test runs live only if TestMode.need_recordingfile(self.test_mode): return # Arrange blob_name = self._create_block_blob() access_policy = AccessPolicy() access_policy.start = '2011-10-11' access_policy.expiry = '2018-10-12' access_policy.permission = BlobPermissions.READ identifiers = {'testid': access_policy} resp = self.bs.set_container_acl(self.container_name, identifiers) token = self.bs.generate_blob_shared_access_signature( self.container_name, blob_name, id='testid' ) # Act service = BlockBlobService( self.settings.STORAGE_ACCOUNT_NAME, sas_token=token, request_session=requests.Session(), ) self._set_service_options(service, self.settings) result = service.get_blob_to_bytes(self.container_name, blob_name) # Assert self.assertEqual(self.byte_data, result.content)
def url(self, name): """ Override this method so that we can add SAS authorization tokens """ sas_token = None if self.url_expiry_secs: now = datetime.utcnow().replace(tzinfo=pytz.utc) expire_at = now + timedelta(seconds=self.url_expiry_secs) policy = AccessPolicy() # generate an ISO8601 time string and use split() to remove the sub-second # components as Azure will reject them. Plus add the timezone at the end. policy.expiry = expire_at.isoformat().split('.')[0] + 'Z' policy.permission = 'r' sas_token = self.connection.generate_shared_access_signature( self.azure_container, blob_name=name, shared_access_policy=SharedAccessPolicy(access_policy=policy), ) return self.connection.make_blob_url( container_name=self.azure_container, blob_name=name, protocol=self.azure_protocol, sas_token=sas_token)
def test_sas_signed_identifier(self): # SAS URL is calculated from storage key, so this test runs live only if TestMode.need_recording_file(self.test_mode): return # Arrange entity = self._insert_random_entity() access_policy = AccessPolicy() access_policy.start = '2011-10-11' access_policy.expiry = '2018-10-12' access_policy.permission = TablePermissions.QUERY identifiers = {'testid': access_policy} entities = self.ts.set_table_acl(self.table_name, identifiers) token = self.ts.generate_table_shared_access_signature( self.table_name, id='testid', ) # Act service = TableService( account_name=self.settings.STORAGE_ACCOUNT_NAME, sas_token=token, ) self._set_service_options(service, self.settings) entities = list(self.ts.query_entities(self.table_name, filter="PartitionKey eq '{}'".format(entity.PartitionKey))) # Assert self.assertEqual(len(entities), 1) self._assert_default_entity(entities[0])
def test_sign_request(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string('images/pic1.png', RESOURCE_BLOB, sap) permission = Permission() permission.path = '/images/pic1.png' permission.query_string = qry_str self.sas.permission_set = [permission] web_rsrc = WebResource() web_rsrc.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB web_rsrc.properties[SHARED_ACCESS_PERMISSION] = 'r' web_rsrc.path = '/images/pic1.png?comp=metadata' web_rsrc.request_url = '/images/pic1.png?comp=metadata' web_rsrc = self.sas.sign_request(web_rsrc) self.assertEqual(web_rsrc.request_url, '/images/pic1.png?comp=metadata&' + self.sas._convert_query_string(qry_str))
def test_sign_request(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string('images/pic1.png', RESOURCE_BLOB, sap) permission = Permission() permission.path = '/images/pic1.png' permission.query_string = qry_str self.sas.permission_set = [permission] web_rsrc = WebResource() web_rsrc.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB web_rsrc.properties[SHARED_ACCESS_PERMISSION] = 'r' web_rsrc.path = '/images/pic1.png?comp=metadata' web_rsrc.request_url = '/images/pic1.png?comp=metadata' web_rsrc = self.sas.sign_request(web_rsrc) self.assertEqual(web_rsrc.request_url, '/images/pic1.png?comp=metadata&' + self.sas._convert_query_string(qry_str))
def url(self, name): if hasattr(self.connection, 'make_blob_url'): if self.auto_sign: access_policy = AccessPolicy() access_policy.start = ( datetime.utcnow() + timedelta(seconds=-120)).strftime('%Y-%m-%dT%H:%M:%SZ') access_policy.expiry = (datetime.utcnow() + timedelta( seconds=self.ap_expiry)).strftime('%Y-%m-%dT%H:%M:%SZ') access_policy.permission = self.azure_access_policy_permission sap = SharedAccessPolicy(access_policy) sas_token = self.connection.generate_shared_access_signature( self.azure_container, blob_name=name, shared_access_policy=sap, ) else: sas_token = None return self.connection.make_blob_url( container_name=self.azure_container, blob_name=name, protocol=self.azure_protocol, sas_token=sas_token, ) else: return "{}{}/{}".format(setting('MEDIA_URL'), self.azure_container, name)
def test_generate_signature_container(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) signature = self.sas._generate_signature('images', sap, X_MS_VERSION, None, None, None, None, None) self.assertEqual(signature, 'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_generate_signature_container(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) signature = self.sas._generate_signature('images', RESOURCE_CONTAINER, sap) self.assertEqual(signature, 'VdlALM4TYEYYNf94Bvt3dn48TsA01wk45ltwP3zeKp4=')
def test_generate_signature_blob(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) signature = self.sas._generate_signature('images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(signature, '7NIEip+VOrQ5ZV80pORPK1MOsJc62wwCNcbMvE+lQ0s=')
def test_generate_signature_container(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) signature = self.sas._generate_signature('images', sap, X_MS_VERSION) self.assertEqual(signature, '1AWckmWSNrNCjh9krPXoD4exAgZWQQr38gG6z/ymkhQ=')
def test_generate_signature_blob(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) signature = self.sas._generate_signature('images/pic1.png', sap, X_MS_VERSION) self.assertEqual(signature, 'ju4tX0G79vPxMOkBb7UfNVEgrj9+ZnSMutpUemVYHLY=')
def test_generate_signature_container(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) signature = self.sas._generate_signature('images', RESOURCE_CONTAINER, sap) self.assertEqual(signature, 'VdlALM4TYEYYNf94Bvt3dn48TsA01wk45ltwP3zeKp4=')
def test_generate_signature_blob(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) signature = self.sas._generate_signature('images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(signature, '7NIEip+VOrQ5ZV80pORPK1MOsJc62wwCNcbMvE+lQ0s=')
def test_generate_signature_blob(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) signature = self.sas._generate_signature('images/pic1.png', sap, X_MS_VERSION, None, 'file; attachment', None, None, 'binary') self.assertEqual(signature, 'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_generate_signature_container(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) signature = self.sas._generate_signature('images', sap, X_MS_VERSION, None, None, None, None, None) self.assertEqual(signature, 'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_blob_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'w' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string( 'images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB) self.assertEqual(qry_str[SIGNED_PERMISSION], 'w') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'k8uyTrn3pgLXuhwgZhxeAH6mZ/es9k2vqHPJEuIH4CE=')
def test_blob_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'w' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string( 'images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB) self.assertEqual(qry_str[SIGNED_PERMISSION], 'w') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=')
def test_generate_signed_query_dict_blob_with_access_policy(self): accss_plcy = AccessPolicy() accss_plcy.start = "2011-10-11" accss_plcy.expiry = "2011-10-12" accss_plcy.permission = "w" query = self.sas._generate_signed_query_dict( "images/pic1.png", ResourceType.RESOURCE_BLOB, SharedAccessPolicy(accss_plcy) ) self.assertEqual(query[QueryStringConstants.SIGNED_START], "2011-10-11") self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], "2011-10-12") self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_BLOB) self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], "w") self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE], "Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=")
def test_blob_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'w' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string('images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB) self.assertEqual(qry_str[SIGNED_PERMISSION], 'w') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'k8uyTrn3pgLXuhwgZhxeAH6mZ/es9k2vqHPJEuIH4CE=')
def test_blob_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'w' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string('images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB) self.assertEqual(qry_str[SIGNED_PERMISSION], 'w') self.assertEqual(qry_str[SIGNED_SIGNATURE], '8I8E8TImfR2TIAcMDq8rF+IhhYyvowXpxSfF1kxnWLQ=')
def test_blob_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'w' sap = SharedAccessPolicy(accss_plcy) qry_str = self.sas.generate_signed_query_string('images/pic1.png', RESOURCE_BLOB, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_BLOB) self.assertEqual(qry_str[SIGNED_PERMISSION], 'w') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=')
def test_generate_signed_query_dict_container_with_access_policy(self): accss_plcy = AccessPolicy() accss_plcy.start = "2011-10-11" accss_plcy.expiry = "2011-10-12" accss_plcy.permission = "r" query = self.sas._generate_signed_query_dict( "images", ResourceType.RESOURCE_CONTAINER, SharedAccessPolicy(accss_plcy) ) self.assertEqual(query[QueryStringConstants.SIGNED_START], "2011-10-11") self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], "2011-10-12") self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_CONTAINER) self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], "r") self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE], "CxLWN56cjXidpI9em7RDgSN2QIgLggTqrnzudH2XsOY=")
def test_container_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) qry_str = self.sas.generate_signed_query_string( 'images', RESOURCE_CONTAINER, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER) self.assertEqual(qry_str[SIGNED_PERMISSION], 'r') self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'VdlALM4TYEYYNf94Bvt3dn48TsA01wk45ltwP3zeKp4=')
def test_container_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) qry_str = self.sas.generate_signed_query_string( 'images', RESOURCE_CONTAINER, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER) self.assertEqual(qry_str[SIGNED_PERMISSION], 'r') self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_generate_signature_blob(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11T11:03:40Z' accss_plcy.expiry = '2011-10-12T11:53:40Z' accss_plcy.permission = 'r' sap = SharedAccessPolicy(accss_plcy) signature = self.sas._generate_signature('images/pic1.png', sap, X_MS_VERSION, None, 'file; attachment', None, None, 'binary') self.assertEqual(signature, 'uHckUC6T+BwUsc+DgrreyIS1k6au7uUd7LSSs/z+/+w=')
def test_container_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) qry_str = self.sas.generate_signed_query_string('images', RESOURCE_CONTAINER, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER) self.assertEqual(qry_str[SIGNED_PERMISSION], 'r') self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'Md+SHy9BQNucdHnmDOEwlAkIWU5YxwlTq6gA9yJKE6w=')
def test_container_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) qry_str = self.sas.generate_signed_query_string('images', RESOURCE_CONTAINER, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER) self.assertEqual(qry_str[SIGNED_PERMISSION], 'r') self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==') self.assertEqual(qry_str[SIGNED_SIGNATURE], '1AWckmWSNrNCjh9krPXoD4exAgZWQQr38gG6z/ymkhQ=')
def test_container_signed_query_string(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' signed_identifier = 'YWJjZGVmZw==' sap = SharedAccessPolicy(accss_plcy, signed_identifier) qry_str = self.sas.generate_signed_query_string('images', RESOURCE_CONTAINER, sap) self.assertEqual(qry_str[SIGNED_START], '2011-10-11') self.assertEqual(qry_str[SIGNED_EXPIRY], '2011-10-12') self.assertEqual(qry_str[SIGNED_RESOURCE], RESOURCE_CONTAINER) self.assertEqual(qry_str[SIGNED_PERMISSION], 'r') self.assertEqual(qry_str[SIGNED_IDENTIFIER], 'YWJjZGVmZw==') self.assertEqual(qry_str[SIGNED_SIGNATURE], 'VdlALM4TYEYYNf94Bvt3dn48TsA01wk45ltwP3zeKp4=')
def test_generate_signed_query_dict_blob_with_access_policy(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'w' query = self.sas._generate_signed_query_dict( 'images/pic1.png', ResourceType.RESOURCE_BLOB, SharedAccessPolicy(accss_plcy), ) self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11') self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12') self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_BLOB) self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'w') self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE], 'Fqt8tNcyUOp30qYRtSFNcImrRMcxlk6IF17O4l96KT8=')
def test_generate_signed_query_dict_container_with_access_policy(self): accss_plcy = AccessPolicy() accss_plcy.start = '2011-10-11' accss_plcy.expiry = '2011-10-12' accss_plcy.permission = 'r' query = self.sas._generate_signed_query_dict( 'images', ResourceType.RESOURCE_CONTAINER, SharedAccessPolicy(accss_plcy), ) self.assertEqual(query[QueryStringConstants.SIGNED_START], '2011-10-11') self.assertEqual(query[QueryStringConstants.SIGNED_EXPIRY], '2011-10-12') self.assertEqual(query[QueryStringConstants.SIGNED_RESOURCE], ResourceType.RESOURCE_CONTAINER) self.assertEqual(query[QueryStringConstants.SIGNED_PERMISSION], 'r') self.assertEqual(query[QueryStringConstants.SIGNED_SIGNATURE], 'CxLWN56cjXidpI9em7RDgSN2QIgLggTqrnzudH2XsOY=')
def sasUrl(account, key, container, permission): start = datetime.utcnow() expiry = start + timedelta(hours=24) accss_plcy = AccessPolicy() accss_plcy.start = start.strftime('%Y-%m-%dT%H:%M:%SZ') accss_plcy.expiry = expiry.strftime('%Y-%m-%dT%H:%M:%SZ') accss_plcy.permission = permission sas = SharedAccessSignature(account_name=account, account_key=key) query = sas.generate_signed_query_string( container, ResourceType.RESOURCE_CONTAINER, SharedAccessPolicy(accss_plcy), ) return query
def sasUrl(account, key, container, permission): start = datetime.utcnow() expiry = start + timedelta(hours = 24) accss_plcy = AccessPolicy() accss_plcy.start = start.strftime('%Y-%m-%dT%H:%M:%SZ') accss_plcy.expiry = expiry.strftime('%Y-%m-%dT%H:%M:%SZ') accss_plcy.permission = permission sas = SharedAccessSignature(account_name=account, account_key=key) query = sas.generate_signed_query_string( container, ResourceType.RESOURCE_CONTAINER, SharedAccessPolicy(accss_plcy), ) return query
def url(self, name): """ Returns the URL where the contents of the file referenced by name can be accessed. """ try: m = hashlib.sha1() m.update(self.container) m.update(name) cache_key = m.hexdigest() val = cache.get(cache_key) if val is None: logger.info("trying to generate shared access url for %s" % name) accss_plcy = AccessPolicy() now = datetime.datetime.now() today = now.strftime('%Y-%m-%d') tomorrow_datetime = now + datetime.timedelta(days=1) tomorrow = tomorrow_datetime.strftime('%Y-%m-%d') accss_plcy.start = today accss_plcy.expiry = tomorrow accss_plcy.permission = 'r' signed_identifier = None sap = SharedAccessPolicy(accss_plcy, signed_identifier) logger.info("shared access policy created") signer = SharedAccessSignature(account_name=self.account_name, account_key=self.account_key) logger.info("signed created") qry_str = signer.generate_signed_query_string( "%s/%s" % (self.container, name), 'b', sap) logger.info("signed query string created") val = '%s/%s?%s' % (self._get_container_url(), name, signer._convert_query_string(qry_str)) # cache for 23 hours timeout = 60 * 60 * 23 cache.set(cache_key, val, timeout) return val else: logger.info("url cache hit for %s" % name) return val except Exception as ex: logger.error("shared access error %s" % ex) return None
def test_sas_signed_identifier(self): # SAS URL is calculated from storage key, so this test runs live only if TestMode.need_recording_file(self.test_mode): return # Arrange access_policy = AccessPolicy() access_policy.start = '2011-10-11' access_policy.expiry = '2018-10-12' access_policy.permission = QueuePermissions.READ identifiers = {'testid': access_policy} queue_name = self._create_queue() resp = self.qs.set_queue_acl(queue_name, identifiers) self.qs.put_message(queue_name, u'message1') token = self.qs.generate_queue_shared_access_signature( queue_name, id='testid' ) # Act service = QueueService( account_name=self.settings.STORAGE_ACCOUNT_NAME, sas_token=token, ) self._set_service_options(service, self.settings) result = service.peek_messages(queue_name) # Assert self.assertIsNotNone(result) self.assertEqual(1, len(result)) message = result[0] self.assertIsNotNone(message) self.assertNotEqual('', message.id) self.assertEqual(u'message1', message.content)
def test_sas_signed_identifier(self): # SAS URL is calculated from storage key, so this test runs live only if TestMode.need_recording_file(self.test_mode): return # Arrange access_policy = AccessPolicy() access_policy.start = '2011-10-11' access_policy.expiry = '2018-10-12' access_policy.permission = QueuePermissions.READ identifiers = {'testid': access_policy} queue_name = self._create_queue() resp = self.qs.set_queue_acl(queue_name, identifiers) self.qs.put_message(queue_name, u'message1') token = self.qs.generate_queue_shared_access_signature( queue_name, id='testid' ) # Act service = QueueService( account_name=self.settings.STORAGE_ACCOUNT_NAME, sas_token=token, ) self._set_test_proxy(service, self.settings) result = service.peek_messages(queue_name) # Assert self.assertIsNotNone(result) self.assertEqual(1, len(result)) message = result[0] self.assertIsNotNone(message) self.assertNotEqual('', message.id) self.assertEqual(u'message1', message.content)
def url(self, name): if hasattr(self.connection, 'make_blob_url'): if self.auto_sign: access_policy = AccessPolicy() access_policy.start = (datetime.utcnow() + timedelta(seconds=-120)).strftime('%Y-%m-%dT%H:%M:%SZ') access_policy.expiry = (datetime.utcnow() + timedelta(seconds=self.ap_expiry)).strftime('%Y-%m-%dT%H:%M:%SZ') access_policy.permission = self.azure_access_policy_permission sap = SharedAccessPolicy(access_policy) sas_token = self.connection.generate_shared_access_signature( self.azure_container, blob_name=name, shared_access_policy=sap, ) else: sas_token = None return self.connection.make_blob_url( container_name=self.azure_container, blob_name=name, protocol=self.azure_protocol, sas_token=sas_token ) else: return "{}{}/{}".format(setting('MEDIA_URL'), self.azure_container, name)