using Azure.Core; using System; using System.Collections.Generic; using System.ComponentModel; namespace Azure.Storage.Sas { public class AccountSasBuilder { private static readonly List<char> s_validPermissionsInOrder = new List<char> { 'r', 'w', 'd', 'x', 'y', 'l', 'a', 'c', 'u', 'p', 't', 'f', 'i' }; [EditorBrowsable(EditorBrowsableState.Never)] public string Version { get; set; } public SasProtocol Protocol { get; set; } public DateTimeOffset StartsOn { get; set; } public DateTimeOffset ExpiresOn { get; set; } public string Permissions { get; set; } public SasIPRange IPRange { get; set; } public AccountSasServices Services { get; set; } public AccountSasResourceTypes ResourceTypes { get; set; } public string EncryptionScope { get; set; } [EditorBrowsable(EditorBrowsableState.Never)] public AccountSasBuilder() { } public AccountSasBuilder(AccountSasPermissions permissions, DateTimeOffset expiresOn, AccountSasServices services, AccountSasResourceTypes resourceTypes) { ExpiresOn = expiresOn; SetPermissions(permissions); Services = services; ResourceTypes = resourceTypes; } public void SetPermissions(AccountSasPermissions permissions) { Permissions = permissions.ToPermissionsString(); } public void SetPermissions(string rawPermissions) { Permissions = SasExtensions.ValidateAndSanitizeRawPermissions(rawPermissions, s_validPermissionsInOrder); } [Azure.Core.CallerShouldAudit("https://aka.ms/azsdk/callershouldaudit/storage-common")] public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential) { string stringToSign; return ToSasQueryParameters(sharedKeyCredential, out stringToSign); } [Azure.Core.CallerShouldAudit("https://aka.ms/azsdk/callershouldaudit/storage-common")] public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential, out string stringToSign) { StorageSharedKeyCredential storageSharedKeyCredential = sharedKeyCredential; if (storageSharedKeyCredential == null) throw Errors.ArgumentNull("sharedKeyCredential"); sharedKeyCredential = storageSharedKeyCredential; if (ExpiresOn == default(DateTimeOffset) || string.IsNullOrEmpty(Permissions) || ResourceTypes == (AccountSasResourceTypes)0 || Services == (AccountSasServices)0) throw Errors.AccountSasMissingData(); stringToSign = ToStringToSign(sharedKeyCredential); string text = sharedKeyCredential.ComputeHMACSHA256(stringToSign); string version = Version; AccountSasServices? services = Services; AccountSasResourceTypes? resourceTypes = ResourceTypes; SasProtocol protocol = Protocol; DateTimeOffset startsOn = StartsOn; DateTimeOffset expiresOn = ExpiresOn; SasIPRange iPRange = IPRange; string permissions = Permissions; string signature = text; string encryptionScope = EncryptionScope; return SasQueryParametersInternals.Create(version, services, resourceTypes, protocol, startsOn, expiresOn, iPRange, null, null, permissions, signature, null, null, null, null, null, null, null, null, null, encryptionScope); } private string ToStringToSign(StorageSharedKeyCredential sharedKeyCredential) { Version = SasQueryParametersInternals.DefaultSasVersionInternal; string text = SasExtensions.FormatTimesForSasSigning(StartsOn); string text2 = SasExtensions.FormatTimesForSasSigning(ExpiresOn); return string.Join("\n", sharedKeyCredential.AccountName, Permissions, Services.ToPermissionsString(), ResourceTypes.ToPermissionsString(), text, text2, IPRange.ToString(), Protocol.ToProtocolString(), Version, EncryptionScope, string.Empty); } [EditorBrowsable(EditorBrowsableState.Never)] public override string ToString() { return base.ToString(); } [EditorBrowsable(EditorBrowsableState.Never)] public override bool Equals(object obj) { return base.Equals(obj); } [EditorBrowsable(EditorBrowsableState.Never)] public override int GetHashCode() { return base.GetHashCode(); } } }