Skip to content

Commit

Permalink
Check if the blob is public internally
Browse files Browse the repository at this point in the history
  • Loading branch information
@qinezh
qinezh committed Mar 26, 2020
1 parent 696b13e commit 107b11c
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 23 deletions.
1 change: 0 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ Configuration = new ConfigurationBuilder()
.AddBlobJson(new BlobJsonConfigurationOption
{
BlobUri = "{the_blob_uri}",
IsPublic = false,
ReloadOnChange = true,
LogReloadException = e => logger.LogError(e, e.Message),
ActionOnReload = () => logger.LogInformation("Reloaded.")
Expand Down
1 change: 0 additions & 1 deletion samples/SampleWebApp/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ public static IHostBuilder CreateHostBuilder(string[] args)
configuration.AddBlobJson(new BlobJsonConfigurationOption
{
BlobUri = new Uri(blobConfig["BlobUrl"]),
IsPublic = true,
ReloadOnChange = true,
LogReloadException = ex => s_logger.LogError(ex, ex.Message),
ActionOnReload = () => s_logger.LogInformation("Reloaded.")
Expand Down
5 changes: 4 additions & 1 deletion samples/SampleWebApp/SampleWebApp.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,11 @@
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="3.1.2" />
<PackageReference Include="WindowsAzure.Storage" Version="9.3.3" />
<PackageReference Include="AzureBlobConfigurationExtension" Version="0.0.2" />
<PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="3.1.2" />
</ItemGroup>

<ItemGroup>
<ProjectReference Include="..\..\src\AzureBlobConfigurationExtension.csproj" />
</ItemGroup>

</Project>
63 changes: 45 additions & 18 deletions src/BlobAccessor.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
using System.Threading;
using System.Threading.Tasks;
using Microsoft.Azure.Services.AppAuthentication;
using Microsoft.WindowsAzure.Storage;
using Microsoft.WindowsAzure.Storage.Auth;
using Microsoft.WindowsAzure.Storage.Blob;

Expand All @@ -12,29 +13,26 @@ internal class BlobAccessor
{
protected CloudBlockBlob _blob;

public BlobAccessor(Uri blobUri, string account, string sasToken, bool isPublic)
private BlobAccessor(CloudBlockBlob blob)
{
if (isPublic)
_blob = blob;
}

public static BlobAccessor Create(Uri blobUri, string account, string sasToken)
{
if (!string.IsNullOrEmpty(sasToken))
{
_blob = new CloudBlockBlob(blobUri);
var storageCredentials = new StorageCredentials(account, sasToken);
var blob = new CloudBlockBlob(blobUri, storageCredentials);
return new BlobAccessor(blob);
}
else if (string.IsNullOrEmpty(sasToken))
{
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var tokenAndFrequency = TokenRenewerAsync(azureServiceTokenProvider, CancellationToken.None).GetAwaiter().GetResult();
var tokenCredential = new TokenCredential(tokenAndFrequency.Token,
TokenRenewerAsync,
azureServiceTokenProvider,
tokenAndFrequency.Frequency.Value);

var storageCredentials = new StorageCredentials(tokenCredential);
_blob = new CloudBlockBlob(blobUri, storageCredentials);
}
else
if (IsBlobPublic(blobUri).Result)
{
var storageCredentials = new StorageCredentials(account, sasToken);
_blob = new CloudBlockBlob(blobUri, storageCredentials);
return new BlobAccessor(new CloudBlockBlob(blobUri));
}

return CreateBlobAccessorWithAAD(blobUri);
}

public async Task<(string, bool)> RetrieveIfUpdated(MemoryStream ms, string eTag)
Expand All @@ -61,10 +59,39 @@ private static async Task<NewTokenAndFrequency> TokenRenewerAsync(object state,
var next = (authResult.ExpiresOn - DateTimeOffset.UtcNow) - TimeSpan.FromMinutes(5);
if (next.Ticks < 0)
{
next = default(TimeSpan);
next = default;
}

return new NewTokenAndFrequency(authResult.AccessToken, next);
}

private static async Task<bool> IsBlobPublic(Uri blobUri)
{
try
{
// check if the blob can be accessed directly.
await new CloudBlockBlob(blobUri).FetchAttributesAsync();
}
catch (StorageException)
{
return false;
}

return true;
}

private static BlobAccessor CreateBlobAccessorWithAAD(Uri blobUri)
{
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var tokenAndFrequency = TokenRenewerAsync(azureServiceTokenProvider, CancellationToken.None).GetAwaiter().GetResult();
var tokenCredential = new TokenCredential(tokenAndFrequency.Token,
TokenRenewerAsync,
azureServiceTokenProvider,
tokenAndFrequency.Frequency.Value);

var storageCredentials = new StorageCredentials(tokenCredential);
var blob = new CloudBlockBlob(blobUri, storageCredentials);
return new BlobAccessor(blob);
}
}
}
1 change: 0 additions & 1 deletion src/BlobJsonConfigurationOption.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ public class BlobJsonConfigurationOption
{
public Uri BlobUri { get; set; }
public string SASToken { get; set; }
public bool IsPublic { get; set; }
public bool ReloadOnChange { get; set; } = false;
public TimeSpan PollingInterval { get; set; } = TimeSpan.FromSeconds(5);
public Action<Exception> LogReloadException { get; set; }
Expand Down
2 changes: 1 addition & 1 deletion src/BlobJsonConfigurationSource.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ public BlobJsonConfigurationSource(BlobJsonConfigurationOption option)

var account = BlobJsonConfigurationOption.GetAccount(option.BlobUri);

BlobAccessor = new BlobAccessor(option.BlobUri, account, option.SASToken, option.IsPublic);
BlobAccessor = BlobAccessor.Create(option.BlobUri, account, option.SASToken);
}

public override IConfigurationProvider Build(IConfigurationBuilder builder)
Expand Down

0 comments on commit 107b11c

Please sign in to comment.