|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Create an Azure Service SASShows how to generate an Azure Service SAS.
load ./chilkat.dll # This requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # ---------------------------------------------------------------------------------------------- # Create a Shared Access Signature (SAS) token for an Azure Service (Blob, Queue, Table, or File) # ----------------------------------------------------------------------------------------------- # See https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas # for details. set authSas [new_CkAuthAzureSAS] CkAuthAzureSAS_put_AccessKey $authSas "AZURE_ACCESS_KEY" # Specify the format of the string to sign. # Each comma character in the following string represents a LF ("\n") character. # The names specified in the StringToSign are replaced with the values specified # in the subsequent calls to SetTokenParam and SetNonTokenParam,. # Note: The trailing comma in the StringToSign is intentional and important. This indicates that the # string to sign will end with a "\n". # Also note: The names in the StringToSign are case sensitive. The names # specified in the 1st argument in the calls to SetNonTokenParam and SetTokenParam should # match a name listed in StringToSign. # Version 2018-11-09 and later # # Version 2018-11-09 adds support for the signed resource and signed blob snapshot time fields. # These must be included in the string-to-sign. To construct the string-to-sign for Blob service resources, use the following format: # # StringToSign = signedpermissions + "\n" + # signedstart + "\n" + # signedexpiry + "\n" + # canonicalizedresource + "\n" + # signedidentifier + "\n" + # signedIP + "\n" + # signedProtocol + "\n" + # signedversion + "\n" + # signedResource + "\n" # signedSnapshotTime + "\n" + # rscc + "\n" + # rscd + "\n" + # rsce + "\n" + # rscl + "\n" + # rsct # CkAuthAzureSAS_put_StringToSign $authSas "signedpermissions,signedstart,signedexpiry,canonicalizedresource,signedidentifier,signedIP,signedProtocol,signedversion,signedResource,signedSnapshotTime,rscc,rscd,rsce,rscl,rsct" CkAuthAzureSAS_SetTokenParam $authSas "signedpermissions" "sp" "rw" set dt [new_CkDateTime] CkDateTime_SetFromCurrentSystemTime $dt CkAuthAzureSAS_SetTokenParam $authSas "signedstart" "st" [CkDateTime_getAsIso8601 $dt "YYYY-MM-DDThh:mmTZD" 0] # This SAS token will be valid for 30 days. CkDateTime_AddDays $dt 30 CkAuthAzureSAS_SetTokenParam $authSas "signedexpiry" "se" [CkDateTime_getAsIso8601 $dt "YYYY-MM-DDThh:mmTZD" 0] # The canonicalizedresouce portion of the string is a canonical path to the signed resource. It must include the service name (blob, table, queue or file) for version # 2021-08-06 or later, the storage account name, and the resource name, and must be URL-decoded. Names of blobs must include the blobs container. Table names must be # lower-case. The following examples show how to construct the canonicalizedresource portion of the string, depending on the type of resource. # For example: # URL = https://chilkat.blob.core.windows.net/mycontainer/starfish.jpg # canonicalizedresource = "/blob/chilkat/mycontainer/starfish.jpg" # IMPORTANT: See https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas for all details.. CkAuthAzureSAS_SetNonTokenParam $authSas "canonicalizedresource" "/blob/chilkat/mycontainer/starfish.jpg" CkAuthAzureSAS_SetTokenParam $authSas "signedProtocol" "spr" "https" # Specifiy values and query param names for each field. # If a field is not specified, then an empty string will be used for its value. CkAuthAzureSAS_SetTokenParam $authSas "signedversion" "sv" "2018-11-09" # Indicate that we are creating a service SAS that is limited to the blob resource. # (Specify b if the shared resource is a blob. This grants access to the content and metadata of the blob. # Specify c if the shared resource is a container. This grants access to the content and metadata of any blob in the container, and to the list of blobs in the container. ) CkAuthAzureSAS_SetTokenParam $authSas "signedResource" "sr" "b" # Note that we did not call SetTokenParam for "signedIP", "signedSnapshotTime", "rscc", and others. For any omitted fields # the value will default to the empty string. # Generate the SAS token. set sasToken [CkAuthAzureSAS_generateToken $authSas] if {[CkAuthAzureSAS_get_LastMethodSuccess $authSas] != 1} then { puts [CkAuthAzureSAS_lastErrorText $authSas] delete_CkAuthAzureSAS $authSas delete_CkDateTime $dt exit } puts "SAS token: $sasToken" # Save the SAS Service token to a file. # We can then use this pre-generated token for future Azure Storage Account operations. set fac [new_CkFileAccess] CkFileAccess_WriteEntireTextFile $fac "qa_data/tokens/azureStorageServiceSas.txt" $sasToken "utf-8" 0 delete_CkAuthAzureSAS $authSas delete_CkDateTime $dt delete_CkFileAccess $fac |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.