Chilkat HOME Android™ Classic ASP C C++ C# Mono C# .NET Core C# C# UWP/WinRT DataFlex Delphi ActiveX Delphi DLL Visual FoxPro Java Lianja MFC Objective-C Perl PHP ActiveX PHP Extension PowerBuilder PowerShell PureBasic CkPython Chilkat2-Python Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ Visual Basic 6.0 VB.NET VB.NET UWP/WinRT VBScript Xojo Plugin Node.js Excel Go
(MFC) Create an Azure Service SASShows how to generate an Azure Service SAS.
#include <CkAuthAzureSAS.h> #include <CkDateTime.h> #include <CkFileAccess.h> void ChilkatSample(void) { CkString strOut; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // ---------------------------------------------------------------------------------------------- // Create a Shared Access Signature (SAS) token for an Azure Service (Blob, Queue, Table, or File) // ----------------------------------------------------------------------------------------------- // See https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas // for details. CkAuthAzureSAS authSas; authSas.put_AccessKey("AZURE_ACCESS_KEY"); // Specify the format of the string to sign. // Each comma character in the following string represents a LF ("\n") character. // The names specified in the StringToSign are replaced with the values specified // in the subsequent calls to SetTokenParam and SetNonTokenParam,. // Note: The trailing comma in the StringToSign is intentional and important. This indicates that the // string to sign will end with a "\n". // Also note: The names in the StringToSign are case sensitive. The names // specified in the 1st argument in the calls to SetNonTokenParam and SetTokenParam should // match a name listed in StringToSign. // Version 2018-11-09 and later // // Version 2018-11-09 adds support for the signed resource and signed blob snapshot time fields. // These must be included in the string-to-sign. To construct the string-to-sign for Blob service resources, use the following format: // // StringToSign = signedpermissions + "\n" + // signedstart + "\n" + // signedexpiry + "\n" + // canonicalizedresource + "\n" + // signedidentifier + "\n" + // signedIP + "\n" + // signedProtocol + "\n" + // signedversion + "\n" + // signedResource + "\n" // signedSnapshotTime + "\n" + // rscc + "\n" + // rscd + "\n" + // rsce + "\n" + // rscl + "\n" + // rsct // authSas.put_StringToSign("signedpermissions,signedstart,signedexpiry,canonicalizedresource,signedidentifier,signedIP,signedProtocol,signedversion,signedResource,signedSnapshotTime,rscc,rscd,rsce,rscl,rsct"); authSas.SetTokenParam("signedpermissions","sp","rw"); CkDateTime dt; dt.SetFromCurrentSystemTime(); authSas.SetTokenParam("signedstart","st",dt.getAsIso8601("YYYY-MM-DDThh:mmTZD",false)); // This SAS token will be valid for 30 days. dt.AddDays(30); authSas.SetTokenParam("signedexpiry","se",dt.getAsIso8601("YYYY-MM-DDThh:mmTZD",false)); // The canonicalizedresouce portion of the string is a canonical path to the signed resource. It must include the service name (blob, table, queue or file) for version // 2020-08-04 or later, the storage account name, and the resource name, and must be URL-decoded. Names of blobs must include the blobs container. Table names must be // lower-case. The following examples show how to construct the canonicalizedresource portion of the string, depending on the type of resource. // For example: // URL = https://chilkat.blob.core.windows.net/mycontainer/starfish.jpg // canonicalizedresource = "/blob/chilkat/mycontainer/starfish.jpg" // IMPORTANT: See https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas for all details.. authSas.SetNonTokenParam("canonicalizedresource","/blob/chilkat/mycontainer/starfish.jpg"); authSas.SetTokenParam("signedProtocol","spr","https"); // Specifiy values and query param names for each field. // If a field is not specified, then an empty string will be used for its value. authSas.SetTokenParam("signedversion","sv","2018-11-09"); // Indicate that we are creating a service SAS that is limited to the blob resource. // (Specify b if the shared resource is a blob. This grants access to the content and metadata of the blob. // Specify c if the shared resource is a container. This grants access to the content and metadata of any blob in the container, and to the list of blobs in the container. ) authSas.SetTokenParam("signedResource","sr","b"); // Note that we did not call SetTokenParam for "signedIP", "signedSnapshotTime", "rscc", and others. For any omitted fields // the value will default to the empty string. // Generate the SAS token. const char *sasToken = authSas.generateToken(); if (authSas.get_LastMethodSuccess() != true) { strOut.append(authSas.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } strOut.append("SAS token: "); strOut.append(sasToken); strOut.append("\r\n"); // Save the SAS Service token to a file. // We can then use this pre-generated token for future Azure Storage Account operations. CkFileAccess fac; fac.WriteEntireTextFile("qa_data/tokens/azureStorageServiceSas.txt",sasToken,"utf-8",false); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.