def make_blob_sas_url(account_name, account_key, container_name, blob_name, permission='w', duration=16): """ Generate a Blob SAS URL to allow a client to upload a file. account_name: Storage account name. account_key: Storage account key. container_name: Storage container. blob_name: Blob name. duration: A timedelta representing duration until SAS expiration. SAS start date will be utcnow() minus one minute. Expiry date is start date plus duration. Returns the SAS URL. """ sas = SharedAccessSignature(account_name, account_key) resource_path = '%s/%s' % (container_name, blob_name) date_format = "%Y-%m-%dT%H:%M:%SZ" start = datetime.datetime.utcnow() - datetime.timedelta(minutes=5) expiry = start + datetime.timedelta(minutes=duration) sap = SharedAccessPolicy(AccessPolicy( start.strftime(date_format), expiry.strftime(date_format), permission)) sas_token = sas.generate_signed_query_string(resource_path, 'b', sap) blob_url = BlobService(account_name, account_key) url = blob_url.make_blob_url(container_name=container_name, blob_name=blob_name, sas_token=sas_token) return url
def url(self, name): """ Returns the URL where the contents of the file referenced by name can be accessed. """ try: m = hashlib.sha1() m.update(self.container) m.update(name) cache_key = m.hexdigest() val = cache.get(cache_key) if val is None: logger.info("trying to generate shared access url for %s" % name) accss_plcy = AccessPolicy() now = datetime.datetime.now() today = now.strftime('%Y-%m-%d') tomorrow_datetime = now + datetime.timedelta(days=1) tomorrow = tomorrow_datetime.strftime('%Y-%m-%d') accss_plcy.start = today accss_plcy.expiry = tomorrow accss_plcy.permission = 'r' signed_identifier = None sap = SharedAccessPolicy(accss_plcy, signed_identifier) logger.info("shared access policy created") signer = SharedAccessSignature(account_name=self.account_name, account_key=self.account_key) logger.info("signed created") qry_str = signer.generate_signed_query_string( "%s/%s" % (self.container, name), 'b', sap) logger.info("signed query string created") val = '%s/%s?%s' % (self._get_container_url(), name, signer._convert_query_string(qry_str)) # cache for 23 hours timeout = 60 * 60 * 23 cache.set(cache_key, val, timeout) return val else: logger.info("url cache hit for %s" % name) return val except Exception as ex: logger.error("shared access error %s" % ex) return None
def make_blob_sas_url(account_name, account_key, container_name, blob_name, permission='w', duration=16): """ Generate a Blob SAS URL to allow a client to upload a file. account_name: Storage account name. account_key: Storage account key. container_name: Storage container. blob_name: Blob name. duration: A timedelta representing duration until SAS expiration. SAS start date will be utcnow() minus one minute. Expiry date is start date plus duration. Returns the SAS URL. """ sas = SharedAccessSignature(account_name, account_key) resource_path = '%s/%s' % (container_name, blob_name) date_format = "%Y-%m-%dT%H:%M:%SZ" start = datetime.datetime.utcnow() - datetime.timedelta(minutes=5) expiry = start + datetime.timedelta(minutes=duration) sap = SharedAccessPolicy( AccessPolicy(start.strftime(date_format), expiry.strftime(date_format), permission)) signed_query = sas.generate_signed_query_string(resource_path, RESOURCE_BLOB, sap) sas.permission_set = [Permission('/' + resource_path, signed_query)] res = WebResource() res.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB res.properties[SHARED_ACCESS_PERMISSION] = permission res.path = '/{0}'.format(resource_path) res.request_url = 'https://{0}.blob.core.windows.net/{1}/{2}'.format( account_name, container_name, blob_name) res = sas.sign_request(res) return res.request_url
def make_blob_sas_url(account_name, account_key, container_name, blob_name, duration=16): """ Generate a Blob SAS URL to allow a client to upload a file. account_name: Storage account name. account_key: Storage account key. container_name: Storage container. blob_name: Blob name. duration: A timedelta representing duration until SAS expiration. SAS start date will be utcnow() minus one minute. Expiry date is start date plus duration. Returns the SAS URL. """ sas = SharedAccessSignature(account_name, account_key) resource_path = '%s/%s' % (container_name, blob_name) date_format = "%Y-%m-%dT%H:%M:%SZ" start = datetime.datetime.utcnow() - datetime.timedelta(minutes=5) expiry = start + datetime.timedelta(minutes=duration) sap = SharedAccessPolicy(AccessPolicy( start.strftime(date_format), expiry.strftime(date_format), 'w')) signed_query = sas.generate_signed_query_string(resource_path, RESOURCE_BLOB, sap) sas.permission_set = [Permission('/' + resource_path, signed_query)] res = WebResource() res.properties[SIGNED_RESOURCE_TYPE] = RESOURCE_BLOB res.properties[SHARED_ACCESS_PERMISSION] = 'w' res.path = '/{0}'.format(resource_path) res.request_url = 'https://{0}.blob.core.windows.net/{1}/{2}'.format(account_name, container_name, blob_name) res = sas.sign_request(res) return res.request_url