def test_sas_update(self, resource_group, location, storage_account, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
# Arrange
qsc = QueueServiceClient(self.account_url(storage_account, "queue"), storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
queue_client.send_message(u'message1')
token = generate_queue_sas(
queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
QueueSasPermissions(update=True),
datetime.utcnow() + timedelta(hours=1),
)
messages = queue_client.receive_messages()
result = next(messages)
# Act
service = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=token,
)
service.update_message(
result.id,
pop_receipt=result.pop_receipt,
visibility_timeout=0,
content=u'updatedmessage1',
)
# Assert
result = next(messages)
self.assertEqual(u'updatedmessage1', result.content)
def test_sas_process(self, resource_group, location, storage_account, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
# Arrange
qsc = QueueServiceClient(self.account_url(storage_account, "queue"), storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
queue_client.send_message(u'message1')
token = generate_queue_sas(
queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
QueueSasPermissions(process=True),
datetime.utcnow() + timedelta(hours=1),
)
# Act
service = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=token,
)
message = next(service.receive_messages())
# Assert
self.assertIsNotNone(message)
self.assertNotEqual('', message.id)
self.assertEqual(u'message1', message.content)
def test_sas_add(self, storage_account_name, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
# Arrange
qsc = QueueServiceClient(
self.account_url(storage_account_name, "queue"),
storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
token = generate_queue_sas(
queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
QueueSasPermissions(add=True),
datetime.utcnow() + timedelta(hours=1),
)
# Act
service = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=token,
)
result = service.send_message(u'addedmessage')
# Assert
result = next(queue_client.receive_messages())
self.assertEqual(u'addedmessage', result.content)
def test_sas_read(self, storage_account_name, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
# Arrange
qsc = QueueServiceClient(
self.account_url(storage_account_name, "queue"),
storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
queue_client.send_message(u'message1')
token = generate_queue_sas(queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
QueueSasPermissions(read=True),
datetime.utcnow() + timedelta(hours=1),
datetime.utcnow() - timedelta(minutes=5))
# Act
service = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=token,
)
result = service.peek_messages()
# Assert
self.assertIsNotNone(result)
self.assertEqual(1, len(result))
message = result[0]
self.assertIsNotNone(message)
self.assertNotEqual('', message.id)
self.assertEqual(u'message1', message.content)
def test_create_service_with_custom_account_endpoint_path(self, resource_group, location, storage_account, storage_account_key):
custom_account_url = "http://local-machine:11002/custom/account/path/" + self.sas_token
for service_type in SERVICES.items():
conn_string = 'DefaultEndpointsProtocol=http;AccountName={};AccountKey={};QueueEndpoint={};'.format(
storage_account.name, storage_account_key, custom_account_url)
# Act
service = service_type[0].from_connection_string(conn_string, queue_name="foo")
# Assert
self.assertEqual(service.account_name, storage_account.name)
self.assertEqual(service.credential.account_name, storage_account.name)
self.assertEqual(service.credential.account_key, storage_account_key)
self.assertEqual(service.primary_hostname, 'local-machine:11002/custom/account/path')
service = QueueServiceClient(account_url=custom_account_url)
self.assertEqual(service.account_name, None)
self.assertEqual(service.credential, None)
self.assertEqual(service.primary_hostname, 'local-machine:11002/custom/account/path')
self.assertTrue(service.url.startswith('http://local-machine:11002/custom/account/path/?'))
service = QueueClient(account_url=custom_account_url, queue_name="foo")
self.assertEqual(service.account_name, None)
self.assertEqual(service.queue_name, "foo")
self.assertEqual(service.credential, None)
self.assertEqual(service.primary_hostname, 'local-machine:11002/custom/account/path')
self.assertTrue(service.url.startswith('http://local-machine:11002/custom/account/path/foo?'))
service = QueueClient.from_queue_url("http://local-machine:11002/custom/account/path/foo" + self.sas_token)
self.assertEqual(service.account_name, None)
self.assertEqual(service.queue_name, "foo")
self.assertEqual(service.credential, None)
self.assertEqual(service.primary_hostname, 'local-machine:11002/custom/account/path')
self.assertTrue(service.url.startswith('http://local-machine:11002/custom/account/path/foo?'))
def test_set_access_policy(self, resource_group, location, storage_account, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
if not self.is_live:
return
# [START create_queue_client_from_connection_string]
from azure.storage.queue import QueueClient
queue_client = QueueClient.from_connection_string(self.connection_string(storage_account, storage_account_key), "queuetest")
# [END create_queue_client_from_connection_string]
# Create the queue
try:
queue_client.create_queue()
except ResourceExistsError:
pass
queue_client.send_message(u"hello world")
try:
# [START set_access_policy]
# Create an access policy
from azure.storage.queue import AccessPolicy, QueueSasPermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
queue_client.set_queue_access_policy(identifiers)
# [END set_access_policy]
# Use the access policy to generate a SAS token
# [START queue_client_sas_token]
from azure.storage.queue import generate_queue_sas
sas_token = generate_queue_sas(
queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
policy_id='my-access-policy-id'
)
# [END queue_client_sas_token]
# Authenticate with the sas token
# [START create_queue_client]
q = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=sas_token
)
# [END create_queue_client]
# Use the newly authenticated client to receive messages
my_message = q.receive_messages()
assert my_message is not None
finally:
# Delete the queue
queue_client.delete_queue()
def set_access_policy(self):
# [START create_queue_client_from_connection_string]
from azure.storage.queue import QueueClient
queue = QueueClient.from_connection_string(self.connection_string, "myqueue1")
# [END create_queue_client_from_connection_string]
# Create the queue
queue.create_queue()
# Send a message
queue.send_message(u"hello world")
try:
# [START set_access_policy]
# Create an access policy
from azure.storage.queue import AccessPolicy, QueueSasPermissions
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'my-access-policy-id': access_policy}
# Set the access policy
queue.set_queue_access_policy(identifiers)
# [END set_access_policy]
# Use the access policy to generate a SAS token
# [START queue_client_sas_token]
from azure.storage.queue import generate_queue_sas
sas_token = generate_queue_sas(
queue.account_name,
queue.queue_name,
queue.credential.account_key,
policy_id='my-access-policy-id'
)
# [END queue_client_sas_token]
# Authenticate with the sas token
# [START create_queue_client]
token_auth_queue = QueueClient.from_queue_url(
queue_url=queue.url,
credential=sas_token
)
# [END create_queue_client]
# Use the newly authenticated client to receive messages
my_message = token_auth_queue.receive_messages()
finally:
# Delete the queue
queue.delete_queue()
def test_sas_signed_identifier(self, resource_group, location,
storage_account, storage_account_key):
# SAS URL is calculated from storage key, so this test runs live only
if not self.is_live:
return
# Arrange
access_policy = AccessPolicy()
access_policy.start = datetime.utcnow() - timedelta(hours=1)
access_policy.expiry = datetime.utcnow() + timedelta(hours=1)
access_policy.permission = QueueSasPermissions(read=True)
identifiers = {'testid': access_policy}
qsc = QueueServiceClient(self._account_url(storage_account.name),
storage_account_key)
queue_client = self._get_queue_reference(qsc)
queue_client.create_queue()
resp = queue_client.set_queue_access_policy(identifiers)
queue_client.send_message(u'message1')
token = generate_queue_sas(queue_client.account_name,
queue_client.queue_name,
queue_client.credential.account_key,
policy_id='testid')
# Act
service = QueueClient.from_queue_url(
queue_url=queue_client.url,
credential=token,
)
result = service.peek_messages()
# Assert
self.assertIsNotNone(result)
self.assertEqual(1, len(result))
message = result[0]
self.assertIsNotNone(message)
self.assertNotEqual('', message.id)
self.assertEqual(u'message1', message.content)
# on the App Service for the credential to authenticate with Key Vault.
key_vault_url = os.environ["KEY_VAULT_URL"]
keyvault_client = SecretClient(vault_url=key_vault_url, credential=credential)
# Obtain the secret: for this step to work you must add the app's service principal to
# the key vault's access policies for secret management.
api_secret_name = os.environ["THIRD_PARTY_API_SECRET_NAME"]
vault_secret = keyvault_client.get_secret(api_secret_name)
# The "secret" from Key Vault is an object with multiple properties. The key we
# want for the third-party API is in the value property.
access_key = vault_secret.value
# Set up the Storage queue client to which we write messages
queue_url = os.environ["STORAGE_QUEUE_URL"]
queue_client = QueueClient.from_queue_url(queue_url=queue_url,
credential=credential)
@app.route('/', methods=['GET'])
def home():
return f'Home page of the main app. Make a request to <a href="./api/v1/getcode">/api/v1/getcode</a>.'
def random_char(num):
return ''.join(random.choice(string.ascii_letters) for x in range(num))
@app.route('/api/v1/getcode', methods=['GET'])
def get_code():
headers = {
'Content-Type': 'application/json',