Removed SharedKeyForAccount

Ensure path is never empty when building canonicalilzed resource.
Azure · Aug 5, 2020 · 503c8e7 · 503c8e7
1 parent b7b9c7b
commit 503c8e7
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 21 deletions.
diff --git a/autorest/authorization_storage.go b/autorest/authorization_storage.go
@@ -35,9 +35,6 @@ const (
 	// SharedKey is used to authorize against blobs, files and queues services.
 	SharedKey SharedKeyType = "sharedKey"
 
-	// SharedKey is used to authorize against the account.
-	SharedKeyForAccount SharedKeyType = "sharedKeyAccount"
-
 	// SharedKeyForTable is used to authorize against the table service.
 	SharedKeyForTable SharedKeyType = "sharedKeyTable"
 
@@ -130,14 +127,6 @@ func buildSharedKey(accName string, accKey []byte, req *http.Request, keyType Sh
 		date := time.Now().UTC().Format(http.TimeFormat)
 		req.Header.Set(headerXMSDate, date)
 	}
-
-	if keyType == SharedKeyForAccount {
-		// ensure a content length is set if appropriate
-		if req.Header.Get(headerContentLength) == "" {
-			req.Header.Set("Content-Length", fmt.Sprintf("%d", int(req.ContentLength)))
-		}
-	}
-
 	canString, err := buildCanonicalizedString(req.Method, req.Header, canRes, keyType)
 	if err != nil {
 		return "", err
@@ -156,16 +145,16 @@ func buildCanonicalizedResource(accountName, uri string, keyType SharedKeyType)
 	if accountName != storageEmulatorAccountName {
 		cr.WriteString("/")
 		cr.WriteString(getCanonicalizedAccountName(accountName))
-		if keyType == SharedKeyForAccount {
-			cr.WriteString("/")
-		}
 	}
 
 	if len(u.Path) > 0 {
 		// Any portion of the CanonicalizedResource string that is derived from
 		// the resource's URI should be encoded exactly as it is in the URI.
 		// -- https://msdn.microsoft.com/en-gb/library/azure/dd179428.aspx
 		cr.WriteString(u.EscapedPath())
+	} else {
+		// a slash is required to indicate the root path
+		cr.WriteString("/")
 	}
 
 	params, err := url.ParseQuery(u.RawQuery)
@@ -174,7 +163,7 @@ func buildCanonicalizedResource(accountName, uri string, keyType SharedKeyType)
 	}
 
 	// See https://github.com/Azure/azure-storage-net/blob/master/Lib/Common/Core/Util/AuthenticationUtility.cs#L277
-	if keyType == SharedKey || keyType == SharedKeyForAccount {
+	if keyType == SharedKey {
 		if len(params) > 0 {
 			cr.WriteString("\n")
 
@@ -217,15 +206,15 @@ func buildCanonicalizedString(verb string, headers http.Header, canonicalizedRes
 	}
 	date := headers.Get(headerDate)
 	if v := headers.Get(headerXMSDate); v != "" {
-		if keyType == SharedKey || keyType == SharedKeyForAccount || keyType == SharedKeyLite {
+		if keyType == SharedKey || keyType == SharedKeyLite {
 			date = ""
 		} else {
 			date = v
 		}
 	}
 	var canString string
 	switch keyType {
-	case SharedKey, SharedKeyForAccount:
+	case SharedKey:
 		canString = strings.Join([]string{
 			verb,
 			headers.Get(headerContentEncoding),
@@ -309,7 +298,7 @@ func createAuthorizationHeader(accountName string, accountKey []byte, canonicali
 	signature := base64.StdEncoding.EncodeToString(h.Sum(nil))
 	var key string
 	switch keyType {
-	case SharedKey, SharedKeyForAccount, SharedKeyForTable:
+	case SharedKey, SharedKeyForTable:
 		key = "SharedKey"
 	case SharedKeyLite, SharedKeyLiteForTable:
 		key = "SharedKeyLite"

diff --git a/autorest/authorization_storage_test.go b/autorest/authorization_storage_test.go
@@ -44,8 +44,8 @@ func TestNewSharedKeyAuthorizer(t *testing.T) {
 	}
 }
 
-func TestNewSharedKeyForAccountAuthorizer(t *testing.T) {
-	auth, err := NewSharedKeyAuthorizer("golangrocksonazure", "YmFy", SharedKeyForAccount)
+func TestNewSharedKeyAuthorizerWithRoot(t *testing.T) {
+	auth, err := NewSharedKeyAuthorizer("golangrocksonazure", "YmFy", SharedKey)
 	if err != nil {
 		t.Fatalf("create shared key authorizer: %v", err)
 	}
@@ -63,7 +63,32 @@ func TestNewSharedKeyForAccountAuthorizer(t *testing.T) {
 	if err != nil {
 		t.Fatalf("prepare HTTP request: %v", err)
 	}
-	const expected = "SharedKey golangrocksonazure:YxaPt5rsKrfBl973jnvCq5VBfrB76FRbL+M1ZuvIGSw="
+	const expected = "SharedKey golangrocksonazure:BfdIC0K5OwkRbZjewqRXgjQJ2PBMZDoaBCCL3qhrEIs="
+	if auth := req.Header.Get(headerAuthorization); auth != expected {
+		t.Fatalf("expected: %s, go %s", expected, auth)
+	}
+}
+
+func TestNewSharedKeyAuthorizerWithoutRoot(t *testing.T) {
+	auth, err := NewSharedKeyAuthorizer("golangrocksonazure", "YmFy", SharedKey)
+	if err != nil {
+		t.Fatalf("create shared key authorizer: %v", err)
+	}
+	req, err := http.NewRequest(http.MethodGet, "https://golangrocksonazure.blob.core.windows.net?comp=properties&restype=service", nil)
+	if err != nil {
+		t.Fatalf("create HTTP request: %v", err)
+	}
+	req.Header.Add(headerAcceptCharset, "UTF-8")
+	req.Header.Add(headerContentType, "application/json")
+	req.Header.Add(headerXMSDate, "Tue, 10 Mar 2020 10:04:41 GMT")
+	req.Header.Add(headerContentLength, "0")
+	req.Header.Add(headerXMSVersion, "2018-11-09")
+	req.Header.Add(headerAccept, "application/json;odata=nometadata")
+	req, err = Prepare(req, auth.WithAuthorization())
+	if err != nil {
+		t.Fatalf("prepare HTTP request: %v", err)
+	}
+	const expected = "SharedKey golangrocksonazure:BfdIC0K5OwkRbZjewqRXgjQJ2PBMZDoaBCCL3qhrEIs="
 	if auth := req.Header.Get(headerAuthorization); auth != expected {
 		t.Fatalf("expected: %s, go %s", expected, auth)
 	}