Class: Azure::Blob::Auth::SharedAccessSignature

Inherits:

Core::Auth::Signer

Object
Core::Auth::Signer
Azure::Blob::Auth::SharedAccessSignature

show all

Defined in:: lib/azure/blob/auth/shared_access_signature.rb

Constant Summary collapse

DEFAULTS =

{
    resource: 'b',
    permissions: 'r',
    version: '2014-02-14'
}

KEY_MAPPINGS =

{
    permissions:          :sp,
    start:                :st,
    expiry:               :se,
    resource:             :sr,
    identifier:           :si,
    version:              :sv,
    cache_control:        :rscc,
    content_disposition:  :rscd,
    content_encoding:     :rsce,
    content_language:     :rscl,
    content_type:         :rsct
}

OPTIONAL_QUERY_PARAMS =

[:sp, :si, :rscc, :rscd, :rsce, :rscl, :rsct]

Instance Attribute Summary collapse

#account_name ⇒ Object readonly

Returns the value of attribute account_name.

Instance Method Summary collapse

#canonicalized_resource(path) ⇒ String

Return the cononicalized resource representation of the blob resource.
#initialize(account_name = Azure.storage_account_name, access_key = Azure.storage_access_key) ⇒ SharedAccessSignature constructor

Public: Initialize the Signer.
#sign_request(req) ⇒ Object
#signable_string(path, options) ⇒ String

Construct the plaintext to the spec required for signatures.
#signed_uri(uri, options) ⇒ Object

A customised URI reflecting options for the resource signed with the Shared Access Signature ==== Options.

Constructor Details

#initialize(account_name = Azure.storage_account_name, access_key = Azure.storage_access_key) ⇒ `SharedAccessSignature`

Public: Initialize the Signer.

# File 'lib/azure/blob/auth/shared_access_signature.rb', line 55

def initialize(account_name=Azure.storage_account_name, access_key=Azure.storage_access_key)
  @account_name = account_name
  super(access_key)
end

Instance Attribute Details

#account_name ⇒ `Object` (readonly)

Returns the value of attribute account_name.



49
50
51

# File 'lib/azure/blob/auth/shared_access_signature.rb', line 49

def account_name
  @account_name
end

Instance Method Details

#canonicalized_resource(path) ⇒ `String`

Return the cononicalized resource representation of the blob resource



86
87
88

# File 'lib/azure/blob/auth/shared_access_signature.rb', line 86

def canonicalized_resource(path)
  "/#{account_name}#{path.start_with?('/') ? '' : '/'}#{path}"
end

#sign_request(req) ⇒ `Object`

# File 'lib/azure/blob/auth/shared_access_signature.rb', line 124

def sign_request(req)
  header_options = {}.tap do |opts|
    opts[:version] = req.headers['x-ms-version'] if req.headers.has_key?('x-ms-version')
  end

  req.uri = signed_uri(req.uri, header_options)
end

#signable_string(path, options) ⇒ `String`

Construct the plaintext to the spec required for signatures

# File 'lib/azure/blob/auth/shared_access_signature.rb', line 62

def signable_string(path, options)
  # Order is significant
  # The newlines from empty strings here are required
  options[:start] = Time.parse(options[:start]).utc.iso8601 if options[:start]
  options[:expiry] = Time.parse(options[:expiry]).utc.iso8601 if options[:expiry]
  [
      options[:permissions],
      options[:start],
      options[:expiry],
      canonicalized_resource(path),
      options[:identifier],

      options[:version],

      options[:cache_control],
      options[:content_disposition],
      options[:content_encoding],
      options[:content_language],
      options[:content_type]
  ].join("\n")
end

#signed_uri(uri, options) ⇒ `Object`

A customised URI reflecting options for the resource signed with the Shared Access Signature

Options

:resource - String. Resource type, either ‘b’ (blob) or ‘c’ (container). Default ‘b’
:permissions - String. Combination of ‘r’,‘w’,‘d’,‘l’ (container only) in this order. Default ‘r’
:start - String. UTC Date/Time in ISO8601 format. Optional.
:expiry - String. UTC Date/Time in ISO8601 format. Optional. Default now + 30 minutes.
:identifier - String. Identifier for stored access policy. Optional
:version - String. API version. Default 2014-02-14
:cache_control - String. Response header override. Optional.
:content_disposition - String. Response header override. Optional.
:content_encoding - String. Response header override. Optional.
:content_language - String. Response header override. Optional.
:content_type - String. Response header override. Optional.

# File 'lib/azure/blob/auth/shared_access_signature.rb', line 108

def signed_uri(uri, options)
  parsed_query = CGI::parse(uri.query || '').inject({}){|memo,(k,v)| memo[k.to_sym] = v; memo}

  options[:start] = Time.parse(options[:start]).utc.iso8601 if options[:start]
  options[:expiry] = Time.parse(options[:expiry]).utc.iso8601 if options[:expiry]
  options[:expiry] ||= (Time.now + 60*30).utc.iso8601

  if parsed_query.has_key?(:restype)
    options[:resource] = parsed_query[:restype].first == 'container' ? 'c' : 'b'
  end

  options = DEFAULTS.merge(options)
  sas_params = URI.encode_www_form(query_hash(uri.path, options))
  URI.parse(uri.to_s + (uri.query.nil? ? '?' : '&') + sas_params)
end