BlobServiceClient with Blob level SAS Token Not working

Question

BlobServiceClient with Blob level SAS Token Not working

haresh93 opened this issue 5 years ago · comments

haresh93 commented 5 years ago

Which service(blob, file, queue, table) does this issue concern?

Azure.Storage.Blobs

Which version of the SDK was used?

Azure.Storage.Blobs 12.1.0

Which platform are you using? (ex: .NET Core 2.1)

.NET Core 3

What problem was encountered?

I am generating a Blob Level SAS token using user delegation with Azure Service Principal Credentials, and trying to upload a blob using SAS Token generated. I have followed exactly this code sample - https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/storage/Azure.Storage.Blobs/samples/Sample02_Auth.cs#L137 to generate the SAS Token.

The SAS Token is created and the Get Blob is working perfectly fine if i keep it in browser but using the BlobServiceClient if i am trying to upload the file or perform any action it is now working. To check if it is authenticated or not i have written this line await service.GetPropertiesAsync(); which is throwing the following error:

RequestId:e87bd73d-201e-0050-2585-b5bd0f000000
Time:2019-12-18T09:29:07.8417147Z
Status: 405 (The resource doesn't support specified Http Verb.)

ErrorCode: UnsupportedHttpVerb

Headers:
Server: Microsoft-HTTPAPI/2.0
x-ms-request-id: e87bd73d-201e-0050-2585-b5bd0f000000
x-ms-client-request-id: 45789838-336b-4d66-8703-88b748b8e932
x-ms-error-code: UnsupportedHttpVerb
Date: Wed, 18 Dec 2019 09:29:06 GMT
Allow: PUT
Content-Length: 237
Content-Type: application/xml

   at Azure.Storage.Blobs.BlobRestClient.Service.GetPropertiesAsync_CreateResponse(Response response)
   at Azure.Storage.Blobs.BlobRestClient.Service.GetPropertiesAsync(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, Uri resourceUri, Nullable`1 timeout, String requestId, Boolean async, String operationName, CancellationToken cancellationToken)
   at Azure.Storage.Blobs.BlobServiceClient.GetPropertiesInternal(Boolean async, CancellationToken cancellationToken)
   at Azure.Storage.Blobs.BlobServiceClient.GetPropertiesAsync(CancellationToken cancellationToken)
   at StorageProvider.Storage.ObjectStorageProvider.GetTemporaryUploadCredentials(Settings storageProviderSettings, String containerName, String blobName, String requestorId, Int32 expirySeconds, Boolean withDownloadAccess, Boolean withDeleteAccess, CancellationToken cancellationToken) in /home/hanu/home/hanu/Development/dotnet/AzureStorageProvider/Storage/ObjectStorageProvider.cs:line 151
   at StorageProvider.Program.Main(String[] args) in /home/hanu/home/hanu/Development/dotnet/AzureStorageProvider/Program.cs:line 45
   at StorageProvider.Program.<Main>(String[] args)

How can we reproduce the problem in the simplest way?

Here is the Code I used to generate the SAS Token.

string blobEndpoint = string.Format("https://{0}.blob.core.windows.net", storageProviderSettings.AccountName);

            TokenCredential credential =
                new ClientSecretCredential(
                    storageProviderSettings.TenantId,
                    storageProviderSettings.ClientId,
                    storageProviderSettings.ClientSecret,
                    new TokenCredentialOptions());

            BlobServiceClient blobServiceClient = new BlobServiceClient(new Uri(blobEndpoint),
                                                                credential);
            
            BlobContainerClient containerClient = blobServiceClient.GetBlobContainerClient(containerName);
            BlobClient blobClient = containerClient.GetBlobClient(blobName);

            var delegationKey = await blobServiceClient.GetUserDelegationKeyAsync(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(7));
            BlobSasBuilder sasBuilder = new BlobSasBuilder()
            {
                BlobContainerName = containerName,
                BlobName = blobName,
                Resource = "b",
                StartsOn = DateTimeOffset.UtcNow,
                ExpiresOn = DateTimeOffset.UtcNow.AddSeconds(expirySeconds)
            };
            sasBuilder.SetPermissions(BlobSasPermissions.All);
            // if (withDownloadAccess) {
            //     sasBuilder.SetPermissions(BlobSasPermissions.Read);
            // }
            // if (withDeleteAccess) {
            //     sasBuilder.SetPermissions(BlobSasPermissions.Delete);
            // }
            Console.WriteLine(sasBuilder.Permissions);
            var sasQueryParams = sasBuilder.ToSasQueryParameters(delegationKey, storageProviderSettings.AccountName).ToString();
            UriBuilder sasUri = new UriBuilder()
            {
                Scheme = "https",
                Host = string.Format("{0}.blob.core.windows.net", storageProviderSettings.AccountName),
                Path = string.Format("{0}/{1}", containerName, blobName),
                Query = sasQueryParams
            };
            Console.WriteLine(sasUri.Uri.AbsoluteUri);

            BlobServiceClient service = new BlobServiceClient(sasUri.Uri);

            await service.GetPropertiesAsync();

            Settings tmpUploadCredentials = CreateTemporaryAzureStorageProviderSettings(sasUri, storageProviderSettings);

            Console.WriteLine(tmpUploadCredentials.ConnectionString);
            return tmpUploadCredentials;

Amanda Nguyen · Answer 1 · Thu Dec 19 2019 05:48:13 GMT+0800 (China Standard Time)

Hi Haresh,

For all version 12 issues of the sdk, please reference and post all issues to the v12 repo. This is so that the right people can better help you with your issue.
https://github.com/Azure/azure-sdk-for-net/

haresh93 · Answer 2 · Thu Dec 19 2019 14:39:52 GMT+0800 (China Standard Time)

@amnguye Thanks will report the issue there.....Shall i close this issue or can this be open??

Amanda Nguyen · Answer 3 · Fri Dec 20 2019 00:27:10 GMT+0800 (China Standard Time)

Sure, if you want you can close it and reference this issue in your new one. Thanks