<PackageReference Include="Azure.Storage.Blobs" Version="12.26.0-beta.1" />

BlobSasBuilder

public class BlobSasBuilder
BlobSasBuilder is used to generate a Shared Access Signature (SAS) for an Azure Storage container or blob. For more information, see Create a service SAS.
using Azure.Core; using Azure.Storage.Blobs; using Azure.Storage.Blobs.Models; using System; using System.ComponentModel; using System.Security.Cryptography; using System.Text; namespace Azure.Storage.Sas { public class BlobSasBuilder { [EditorBrowsable(EditorBrowsableState.Never)] public string Version { get; set; } public SasProtocol Protocol { get; set; } public DateTimeOffset StartsOn { get; set; } public DateTimeOffset ExpiresOn { get; set; } public string Permissions { get; set; } public SasIPRange IPRange { get; set; } public string Identifier { get; set; } public string BlobContainerName { get; set; } public string BlobName { get; set; } public string Snapshot { get; set; } public string BlobVersionId { get; set; } public string Resource { get; set; } public string CacheControl { get; set; } public string ContentDisposition { get; set; } public string ContentEncoding { get; set; } public string ContentLanguage { get; set; } public string ContentType { get; set; } public string PreauthorizedAgentObjectId { get; set; } public string CorrelationId { get; set; } public string EncryptionScope { get; set; } [EditorBrowsable(EditorBrowsableState.Never)] public BlobSasBuilder() { } public BlobSasBuilder(BlobSasPermissions permissions, DateTimeOffset expiresOn) { ExpiresOn = expiresOn; SetPermissions(permissions); } public BlobSasBuilder(BlobContainerSasPermissions permissions, DateTimeOffset expiresOn) { ExpiresOn = expiresOn; SetPermissions(permissions); } public void SetPermissions(BlobSasPermissions permissions) { Permissions = permissions.ToPermissionsString(); } public void SetPermissions(BlobAccountSasPermissions permissions) { Permissions = permissions.ToPermissionsString(); } public void SetPermissions(BlobContainerSasPermissions permissions) { Permissions = permissions.ToPermissionsString(); } public void SetPermissions(SnapshotSasPermissions permissions) { Permissions = permissions.ToPermissionsString(); } public void SetPermissions(BlobVersionSasPermissions permissions) { Permissions = permissions.ToPermissionsString(); } public void SetPermissions(string rawPermissions, bool normalize = false) { if (normalize) rawPermissions = Azure.Storage.Sas.SasExtensions.ValidateAndSanitizeRawPermissions(rawPermissions, Azure.Storage.Constants.Sas.ValidPermissionsInOrder); SetPermissions(rawPermissions); } public void SetPermissions(string rawPermissions) { Permissions = rawPermissions; } [Azure.Core.CallerShouldAudit("https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { string stringToSign; return ToSasQueryParameters(sharedKeyCredential, out stringToSign); } [Azure.Core.CallerShouldAudit("https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential, out string stringToSign) { StorageSharedKeyCredential storageSharedKeyCredential = sharedKeyCredential; if (storageSharedKeyCredential == null) throw Azure.Storage.Errors.ArgumentNull("sharedKeyCredential"); sharedKeyCredential = storageSharedKeyCredential; EnsureState(); stringToSign = ToStringToSign(sharedKeyCredential); string text = Azure.Storage.StorageSharedKeyCredentialInternals.ComputeSasSignature(sharedKeyCredential, stringToSign); string version = Version; SasProtocol protocol = Protocol; DateTimeOffset startsOn = StartsOn; DateTimeOffset expiresOn = ExpiresOn; SasIPRange iPRange = IPRange; string identifier = Identifier; string resource = Resource; string permissions = Permissions; string signature = text; string cacheControl = CacheControl; string contentDisposition = ContentDisposition; string contentEncoding = ContentEncoding; string contentLanguage = ContentLanguage; string contentType = ContentType; string encryptionScope = EncryptionScope; return new BlobSasQueryParameters(version, null, null, protocol, startsOn, expiresOn, iPRange, identifier, resource, permissions, signature, null, null, default(DateTimeOffset), default(DateTimeOffset), null, null, cacheControl, contentDisposition, contentEncoding, contentLanguage, contentType, null, null, null, encryptionScope); } private string ToStringToSign(StorageSharedKeyCredential sharedKeyCredential) { string text = Azure.Storage.Sas.SasExtensions.FormatTimesForSasSigning(StartsOn); string text2 = Azure.Storage.Sas.SasExtensions.FormatTimesForSasSigning(ExpiresOn); return string.Join("\n", Permissions, text, text2, GetCanonicalName(sharedKeyCredential.AccountName, BlobContainerName ?? string.Empty, BlobName ?? string.Empty), Identifier, IPRange.ToString(), Protocol.ToProtocolString(), Version, Resource, Snapshot ?? BlobVersionId, EncryptionScope, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); } [Azure.Core.CallerShouldAudit("https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public BlobSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName) { string stringToSign; return ToSasQueryParameters(userDelegationKey, accountName, out stringToSign); } [Azure.Core.CallerShouldAudit("https://aka.ms/azsdk/callershouldaudit/storage-blobs")] public BlobSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName, out string stringToSign) { UserDelegationKey userDelegationKey2 = userDelegationKey; if (userDelegationKey2 == null) throw Azure.Storage.Errors.ArgumentNull("userDelegationKey"); userDelegationKey = userDelegationKey2; EnsureState(); stringToSign = ToStringToSign(userDelegationKey, accountName); string signature = ComputeHMACSHA256(userDelegationKey.Value, stringToSign); string version = Version; SasProtocol protocol = Protocol; DateTimeOffset startsOn = StartsOn; DateTimeOffset expiresOn = ExpiresOn; SasIPRange iPRange = IPRange; string resource = Resource; string permissions = Permissions; string signedObjectId = userDelegationKey.SignedObjectId; string signedTenantId = userDelegationKey.SignedTenantId; DateTimeOffset signedStartsOn = userDelegationKey.SignedStartsOn; DateTimeOffset signedExpiresOn = userDelegationKey.SignedExpiresOn; string signedService = userDelegationKey.SignedService; string signedVersion = userDelegationKey.SignedVersion; return new BlobSasQueryParameters(version, null, null, protocol, startsOn, expiresOn, iPRange, null, resource, permissions, signature, signedObjectId, signedTenantId, signedStartsOn, signedExpiresOn, signedService, signedVersion, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType, PreauthorizedAgentObjectId, null, CorrelationId, EncryptionScope); } private string ToStringToSign(UserDelegationKey userDelegationKey, string accountName) { string text = Azure.Storage.Sas.SasExtensions.FormatTimesForSasSigning(StartsOn); string text2 = Azure.Storage.Sas.SasExtensions.FormatTimesForSasSigning(ExpiresOn); string text3 = Azure.Storage.Sas.SasExtensions.FormatTimesForSasSigning(userDelegationKey.SignedStartsOn); string text4 = Azure.Storage.Sas.SasExtensions.FormatTimesForSasSigning(userDelegationKey.SignedExpiresOn); return string.Join("\n", Permissions, text, text2, GetCanonicalName(accountName, BlobContainerName ?? string.Empty, BlobName ?? string.Empty), userDelegationKey.SignedObjectId, userDelegationKey.SignedTenantId, text3, text4, userDelegationKey.SignedService, userDelegationKey.SignedVersion, PreauthorizedAgentObjectId, null, CorrelationId, null, null, IPRange.ToString(), Protocol.ToProtocolString(), Version, Resource, Snapshot ?? BlobVersionId, EncryptionScope, CacheControl, ContentDisposition, ContentEncoding, ContentLanguage, ContentType); } private static string GetCanonicalName(string account, string containerName, string blobName) { if (string.IsNullOrEmpty(blobName)) return "/blob/" + account + "/" + containerName; return "/blob/" + account + "/" + containerName + "/" + blobName.Replace("\\", "/"); } private static string ComputeHMACSHA256(string userDelegationKeyValue, string message) { return Convert.ToBase64String(new HMACSHA256(Convert.FromBase64String(userDelegationKeyValue)).ComputeHash(Encoding.UTF8.GetBytes(message))); } private void EnsureState() { if (Identifier == null) { if (ExpiresOn == default(DateTimeOffset)) throw Azure.Storage.Errors.SasMissingData("ExpiresOn"); if (string.IsNullOrEmpty(Permissions)) throw Azure.Storage.Errors.SasMissingData("Permissions"); } if (string.IsNullOrEmpty(BlobName)) Resource = "c"; else if (string.IsNullOrEmpty(Snapshot) && string.IsNullOrEmpty(BlobVersionId)) { Resource = "b"; } else if (string.IsNullOrEmpty(BlobVersionId)) { Resource = "bs"; } else { Resource = "bv"; } Version = Azure.Storage.Sas.SasQueryParametersInternals.DefaultSasVersionInternal; } [EditorBrowsable(EditorBrowsableState.Never)] public override string ToString() { return base.ToString(); } [EditorBrowsable(EditorBrowsableState.Never)] public override bool Equals(object obj) { return base.Equals(obj); } [EditorBrowsable(EditorBrowsableState.Never)] public override int GetHashCode() { return base.GetHashCode(); } internal static BlobSasBuilder DeepCopy(BlobSasBuilder originalBlobSasBuilder) { return new BlobSasBuilder { Version = originalBlobSasBuilder.Version, Protocol = originalBlobSasBuilder.Protocol, StartsOn = originalBlobSasBuilder.StartsOn, ExpiresOn = originalBlobSasBuilder.ExpiresOn, Permissions = originalBlobSasBuilder.Permissions, IPRange = originalBlobSasBuilder.IPRange, Identifier = originalBlobSasBuilder.Identifier, BlobContainerName = originalBlobSasBuilder.BlobContainerName, BlobName = originalBlobSasBuilder.BlobName, Snapshot = originalBlobSasBuilder.Snapshot, BlobVersionId = originalBlobSasBuilder.BlobVersionId, Resource = originalBlobSasBuilder.Resource, CacheControl = originalBlobSasBuilder.CacheControl, ContentDisposition = originalBlobSasBuilder.ContentDisposition, ContentEncoding = originalBlobSasBuilder.ContentEncoding, ContentLanguage = originalBlobSasBuilder.ContentLanguage, ContentType = originalBlobSasBuilder.ContentType, PreauthorizedAgentObjectId = originalBlobSasBuilder.PreauthorizedAgentObjectId, CorrelationId = originalBlobSasBuilder.CorrelationId, EncryptionScope = originalBlobSasBuilder.EncryptionScope }; } } }