Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose signed_version in generate_container_sas #38636

Open
janjagusch opened this issue Nov 21, 2024 · 1 comment
Open

Expose signed_version in generate_container_sas #38636

janjagusch opened this issue Nov 21, 2024 · 1 comment
Labels
Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. Storage Storage Service (Queues, Blobs, Files)

Comments

@janjagusch
Copy link

Is your feature request related to a problem? Please describe.

As a user, I want to specify the signed version of my SAS tokens. Currently, this SDK does not expose an obvious way to do this:

generate_container_sas does not expose a signed_version:

azure-sdk-for-python/sdk/storage/azure-storage-blob/azure/storage/blob/_shared_access_signature.py

Lines 429 to 442 in a71376d

def generate_container_sas(
account_name: str,
container_name: str,
account_key: Optional[str] = None,
user_delegation_key: Optional[UserDelegationKey] = None,
permission: Optional[Union["ContainerSasPermissions", str]] = None,
expiry: Optional[Union["datetime", str]] = None,
start: Optional[Union["datetime", str]] = None,
policy_id: Optional[str] = None,
ip: Optional[str] = None,
*,
sts_hook: Optional[Callable[[str], None]] = None,
**kwargs: Any
) -> str:

BlobSharedAccessSignature does not expose a signed_version in its constructor. Instead, it always uses ._shared.constants import X_MS_VERSION:

azure-sdk-for-python/sdk/storage/azure-storage-blob/azure/storage/blob/_shared_access_signature.py

Lines 36 to 52 in a71376d

def __init__(
self, account_name: str,
account_key: Optional[str] = None,
user_delegation_key: Optional[UserDelegationKey] = None
) -> None:
'''
:param str account_name:
The storage account name used to generate the shared access signatures.
:param Optional[str] account_key:
The access key to generate the shares access signatures.
:param Optional[~azure.storage.blob.models.UserDelegationKey] user_delegation_key:
Instead of an account key, the user could pass in a user delegation key.
A user delegation key can be obtained from the service by authenticating with an AAD identity;
this can be accomplished by calling get_user_delegation_key on any Blob service object.
'''
super(BlobSharedAccessSignature, self).__init__(account_name, account_key, x_ms_version=X_MS_VERSION)
self.user_delegation_key = user_delegation_key

This is my current workaround:

sas = BlobSharedAccessSignature(...)
# Note: You currently cannot set the `x_ms_version` in the `BlobSharedAccessSignature` constructor.
sas.x_ms_version = signed_version
sas_token = sas.generate_container(...)

Describe the solution you'd like

My preferred solution would be:

sas_token = generate_container_sas(signed_version=signed_version, ...)
@github-actions github-actions bot added Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. Storage Storage Service (Queues, Blobs, Files) labels Nov 21, 2024
@github-actions GitHub Actions
Copy link

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @jalauzon-msft @vincenttran-msft.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. Storage Storage Service (Queues, Blobs, Files)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@janjagusch