Skip to content

Adding checks during SAS creation #20379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 14, 2023
Merged

Adding checks during SAS creation #20379

merged 5 commits into from
Mar 14, 2023

Conversation

souravgupta-msft
Copy link
Member

  • The purpose of this PR is explained in this or a referenced issue.
  • The PR does not update generated files.
  • Tests are included and/or updated for code changes.
  • Updates to CHANGELOG.md are included.
  • MIT license headers are included in each file.

@ghost ghost added the Storage Storage Service (Queues, Blobs, Files) label Mar 9, 2023
@souravgupta-msft souravgupta-msft added this to the azblob v1.0.1 milestone Mar 9, 2023
jhendrixMSFT
jhendrixMSFT reviewed Mar 9, 2023
View reviewed changes
jhendrixMSFT
jhendrixMSFT reviewed Mar 9, 2023
View reviewed changes
@souravgupta-msft souravgupta-msft merged commit cc6a2e5 into main Mar 14, 2023
@souravgupta-msft souravgupta-msft deleted the sourav/blobSAS branch March 14, 2023 05:57
@stotz89
Copy link
Contributor

stotz89 commented Jul 20, 2023
edited
Loading

Hi @souravgupta-msft,
This PR has introduced a check within the SignWithSharedKey method:

       if v.ExpiryTime.IsZero() || v.Permissions == "" {
		return QueryParameters{}, errors.New("service SAS is missing at least one of these: ExpiryTime or Permissions")
	}

When the SAS should be associated with stored access policy the documentation says expiry and permissions must be omitted if those information are specified in the associated stored access policy.

Currently this change leads to an error during signing which has worked previously. My code looks like

sasQueryParams, err := sas.BlobSignatureValues{
		Protocol:      sas.ProtocolHTTPS,
		StartTime:     *new(time.Time),
		ExpiryTime:    *new(time.Time),
		Identifier:    policyName,
		ContainerName: containerName,
	}.SignWithSharedKey(credential)

Anything that I have missed that I need to do?
Thanks a lot!

@stotz89 stotz89 mentioned this pull request Jul 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jhendrixMSFT jhendrixMSFT jhendrixMSFT approved these changes

@gapra-msft gapra-msft gapra-msft approved these changes

@vibhansa-msft vibhansa-msft vibhansa-msft approved these changes

@siminsavani-msft siminsavani-msft Awaiting requested review from siminsavani-msft

@tasherif-msft tasherif-msft Awaiting requested review from tasherif-msft

Assignees
No one assigned
Labels
AzBlob Storage Storage Service (Queues, Blobs, Files)
Projects
None yet
Milestone
azblob v1.0.1
Development

Successfully merging this pull request may close these issues.
5 participants
@souravgupta-msft @stotz89 @jhendrixMSFT @gapra-msft @vibhansa-msft