Package com.azure.storage.blob.sas
Class BlobServiceSasSignatureValues
- java.lang.Object
-
- com.azure.storage.blob.sas.BlobServiceSasSignatureValues
-
public final class BlobServiceSasSignatureValues extends Object
Used to initialize parameters for a Shared Access Signature (SAS) for an Azure Blob Storage service. Once all the values here are set, use the appropriate SAS generation method on the desired container/blob client to obtain a representation of the SAS which can then be applied to a new client using the .sasToken(String) method on the desired client builder.
-
-
Constructor Summary
Constructors Constructor Description BlobServiceSasSignatureValues()
BlobServiceSasSignatureValues(String identifier)
Creates an object with the specified identifier.BlobServiceSasSignatureValues(String version, SasProtocol sasProtocol, OffsetDateTime startTime, OffsetDateTime expiryTime, String permission, SasIpRange sasIpRange, String identifier, String cacheControl, String contentDisposition, String contentEncoding, String contentLanguage, String contentType)
Deprecated.Please useBlobServiceSasSignatureValues(String)
,BlobServiceSasSignatureValues(OffsetDateTime, BlobSasPermission)
, orBlobServiceSasSignatureValues(OffsetDateTime, BlobContainerSasPermission)
followed by calls to the desired setters.BlobServiceSasSignatureValues(OffsetDateTime expiryTime, BlobContainerSasPermission permissions)
Creates an object with the specified expiry time and permissionsBlobServiceSasSignatureValues(OffsetDateTime expiryTime, BlobSasPermission permissions)
Creates an object with the specified expiry time and permissions
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description BlobServiceSasQueryParameters
generateSasQueryParameters(UserDelegationKey delegationKey, String accountName)
Deprecated.Please use the generateUserDelegationSas(BlobServiceSasSignatureValues, UserDelegationKey) method on the desired container/blob client after initializingBlobServiceSasSignatureValues
.BlobServiceSasQueryParameters
generateSasQueryParameters(StorageSharedKeyCredential storageSharedKeyCredentials)
Deprecated.Please use the generateSas(BlobServiceSasSignatureValues) method on the desired container/blob client after initializingBlobServiceSasSignatureValues
.String
getBlobName()
Deprecated.Blob name is now auto-populated by the SAS generation methods provided on the desired blob client.String
getCacheControl()
String
getContainerName()
Deprecated.Container name is now auto-populated by the SAS generation methods provided on the desired container/blob client.String
getContentDisposition()
String
getContentEncoding()
String
getContentLanguage()
String
getContentType()
String
getCorrelationId()
OffsetDateTime
getExpiryTime()
String
getIdentifier()
String
getPermissions()
String
getPreauthorizedAgentObjectId()
SasProtocol
getProtocol()
SasIpRange
getSasIpRange()
String
getSnapshotId()
Deprecated.Snapshot id is now auto-populated by the SAS generation methods provided on the desired (snapshot) blob client.OffsetDateTime
getStartTime()
String
getVersion()
BlobServiceSasSignatureValues
setBlobName(String blobName)
Deprecated.Please use the SAS generation methods provided on the desired blob client that will auto-populate the blob name.BlobServiceSasSignatureValues
setCacheControl(String cacheControl)
Sets the cache-control header for the SAS.BlobServiceSasSignatureValues
setContainerName(String containerName)
Deprecated.Please use the SAS generation methods provided on the desired container/blob client that will auto-populate the container name.BlobServiceSasSignatureValues
setContentDisposition(String contentDisposition)
Sets the content-disposition header for the SAS.BlobServiceSasSignatureValues
setContentEncoding(String contentEncoding)
Sets the content-encoding header for the SAS.BlobServiceSasSignatureValues
setContentLanguage(String contentLanguage)
Sets the content-language header for the SAS.BlobServiceSasSignatureValues
setContentType(String contentType)
Sets the content-type header for the SAS.BlobServiceSasSignatureValues
setCorrelationId(String correlationId)
Sets the correlation id value for the SAS.BlobServiceSasSignatureValues
setExpiryTime(OffsetDateTime expiryTime)
Sets the time after which the SAS will no longer work.BlobServiceSasSignatureValues
setIdentifier(String identifier)
Sets the name of the access policy on the container this SAS references if any.BlobServiceSasSignatureValues
setPermissions(BlobContainerSasPermission permissions)
Sets the Container permissions allowed by the SAS.BlobServiceSasSignatureValues
setPermissions(BlobSasPermission permissions)
Sets the Blob permissions allowed by the SAS.BlobServiceSasSignatureValues
setPreauthorizedAgentObjectId(String preauthorizedAgentObjectId)
Sets the AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token.BlobServiceSasSignatureValues
setProtocol(SasProtocol protocol)
Sets theSasProtocol
which determines the protocols allowed by the SAS.BlobServiceSasSignatureValues
setSasIpRange(SasIpRange sasIpRange)
Sets theSasIpRange
which determines the IP ranges that are allowed to use the SAS.BlobServiceSasSignatureValues
setSnapshotId(String snapshotId)
Deprecated.Please use the SAS generation methods provided on the desired (snapshot) blob client that will auto-populate the snapshot id.BlobServiceSasSignatureValues
setStartTime(OffsetDateTime startTime)
Sets when the SAS will take effect.BlobServiceSasSignatureValues
setVersion(String version)
Deprecated.The version is set to the latest version of sas.
-
-
-
Constructor Detail
-
BlobServiceSasSignatureValues
@Deprecated public BlobServiceSasSignatureValues()
Deprecated.Creates an object with empty values for all fields.
-
BlobServiceSasSignatureValues
public BlobServiceSasSignatureValues(OffsetDateTime expiryTime, BlobContainerSasPermission permissions)
Creates an object with the specified expiry time and permissions- Parameters:
expiryTime
- The time after which the SAS will no longer work.permissions
-BlobContainerSasPermission
allowed by the SAS.
-
BlobServiceSasSignatureValues
public BlobServiceSasSignatureValues(OffsetDateTime expiryTime, BlobSasPermission permissions)
Creates an object with the specified expiry time and permissions- Parameters:
expiryTime
- When the SAS will no longer workpermissions
-BlobSasPermission
allowed by the SAS
-
BlobServiceSasSignatureValues
public BlobServiceSasSignatureValues(String identifier)
Creates an object with the specified identifier. NOTE: Identifier can not be used for aUserDelegationKey
SAS.- Parameters:
identifier
- Name of the access policy
-
BlobServiceSasSignatureValues
@Deprecated public BlobServiceSasSignatureValues(String version, SasProtocol sasProtocol, OffsetDateTime startTime, OffsetDateTime expiryTime, String permission, SasIpRange sasIpRange, String identifier, String cacheControl, String contentDisposition, String contentEncoding, String contentLanguage, String contentType)
Deprecated.Please useBlobServiceSasSignatureValues(String)
,BlobServiceSasSignatureValues(OffsetDateTime, BlobSasPermission)
, orBlobServiceSasSignatureValues(OffsetDateTime, BlobContainerSasPermission)
followed by calls to the desired setters.Creates an object with the specified values.- Parameters:
version
- The version of the service this SAS will target. If not specified, it will default to the version targeted by the library.sasProtocol
- TheSasProtocol
which determines the protocols allowed by the SAS.startTime
- When the SAS will take effect.expiryTime
- The time after which the SAS will no longer work.permission
- The permissions string allowed by the SAS.sasIpRange
- TheSasIpRange
which determines the IP ranges that are allowed to use the SAS.identifier
- The name of the access policy on the container this SAS references if any.cacheControl
- The cache-control header for the SAS.contentDisposition
- The content-disposition header for the SAS.contentEncoding
- The content-encoding header for the SAS.contentLanguage
- The content-language header for the SAS.contentType
- The content-type header for the SAS.
-
-
Method Detail
-
getVersion
public String getVersion()
- Returns:
- the version of the service this SAS will target. If not specified, it will default to the version targeted by the library.
-
setVersion
@Deprecated public BlobServiceSasSignatureValues setVersion(String version)
Deprecated.The version is set to the latest version of sas. Users should stop calling this API as it is now treated as a no-op.Sets the version of the service this SAS will target. If not specified, it will default to the version targeted by the library.- Parameters:
version
- Version to target- Returns:
- the updated BlobServiceSASSignatureValues object
-
getProtocol
public SasProtocol getProtocol()
- Returns:
- the
SasProtocol
which determines the protocols allowed by the SAS.
-
setProtocol
public BlobServiceSasSignatureValues setProtocol(SasProtocol protocol)
Sets theSasProtocol
which determines the protocols allowed by the SAS.- Parameters:
protocol
- Protocol for the SAS- Returns:
- the updated BlobServiceSASSignatureValues object
-
getStartTime
public OffsetDateTime getStartTime()
- Returns:
- when the SAS will take effect.
-
setStartTime
public BlobServiceSasSignatureValues setStartTime(OffsetDateTime startTime)
Sets when the SAS will take effect.- Parameters:
startTime
- When the SAS takes effect- Returns:
- the updated BlobServiceSASSignatureValues object
-
getExpiryTime
public OffsetDateTime getExpiryTime()
- Returns:
- the time after which the SAS will no longer work.
-
setExpiryTime
public BlobServiceSasSignatureValues setExpiryTime(OffsetDateTime expiryTime)
Sets the time after which the SAS will no longer work.- Parameters:
expiryTime
- When the SAS will no longer work- Returns:
- the updated BlobServiceSASSignatureValues object
-
getPermissions
public String getPermissions()
- Returns:
- the permissions string allowed by the SAS. Please refer to either
BlobContainerSasPermission
orBlobSasPermission
depending on the resource being accessed for help determining the permissions allowed.
-
setPermissions
public BlobServiceSasSignatureValues setPermissions(BlobSasPermission permissions)
Sets the Blob permissions allowed by the SAS.- Parameters:
permissions
-BlobSasPermission
- Returns:
- the updated BlobServiceSASSignatureValues object
- Throws:
NullPointerException
- ifpermissions
is null.
-
setPermissions
public BlobServiceSasSignatureValues setPermissions(BlobContainerSasPermission permissions)
Sets the Container permissions allowed by the SAS.- Parameters:
permissions
-BlobContainerSasPermission
- Returns:
- the updated BlobServiceSASSignatureValues object
- Throws:
NullPointerException
- ifpermissions
is null.
-
getSasIpRange
public SasIpRange getSasIpRange()
- Returns:
- the
SasIpRange
which determines the IP ranges that are allowed to use the SAS.
-
setSasIpRange
public BlobServiceSasSignatureValues setSasIpRange(SasIpRange sasIpRange)
Sets theSasIpRange
which determines the IP ranges that are allowed to use the SAS.- Parameters:
sasIpRange
- Allowed IP range to set- Returns:
- the updated BlobServiceSASSignatureValues object
- See Also:
- Specifying IP Address or IP range
-
getContainerName
@Deprecated public String getContainerName()
Deprecated.Container name is now auto-populated by the SAS generation methods provided on the desired container/blob client.Gets the name of the container the SAS user may access.- Returns:
- The name of the container the SAS user may access.
-
setContainerName
@Deprecated public BlobServiceSasSignatureValues setContainerName(String containerName)
Deprecated.Please use the SAS generation methods provided on the desired container/blob client that will auto-populate the container name.Sets the container the SAS user may access.- Parameters:
containerName
- The name of the container.- Returns:
- The updated BlobServiceSASSignatureValues object.
-
getBlobName
@Deprecated public String getBlobName()
Deprecated.Blob name is now auto-populated by the SAS generation methods provided on the desired blob client.Decodes and gets the name of the blob the SAS user may access.null
or an empty string is returned when a creating a container SAS.- Returns:
- The decoded name of the blob the SAS user may access.
null
or an empty string is returned when a creating a container SAS.
-
setBlobName
@Deprecated public BlobServiceSasSignatureValues setBlobName(String blobName)
Deprecated.Please use the SAS generation methods provided on the desired blob client that will auto-populate the blob name.Sets the blob the SAS user may access. Usenull
or an empty string to create a container SAS.- Parameters:
blobName
- The name of the blob. Usenull
or an empty string to create a container SAS.- Returns:
- The updated BlobServiceSASSignatureValues object.
-
getSnapshotId
@Deprecated public String getSnapshotId()
Deprecated.Snapshot id is now auto-populated by the SAS generation methods provided on the desired (snapshot) blob client.- Returns:
- the specific snapshot the SAS user may access.
-
setSnapshotId
@Deprecated public BlobServiceSasSignatureValues setSnapshotId(String snapshotId)
Deprecated.Please use the SAS generation methods provided on the desired (snapshot) blob client that will auto-populate the snapshot id.Sets the specific snapshot the SAS user may access.resource
will be set toSAS_BLOB_SNAPSHOT_CONSTANT
if the passedsnapshotId
isn'tnull
amdresource
is set toSAS_BLOB_CONSTANT
.- Parameters:
snapshotId
- Identifier of the snapshot- Returns:
- the updated BlobServiceSASSignatureValues object
-
getIdentifier
public String getIdentifier()
- Returns:
- the name of the access policy on the container this SAS references if any. Please see here for more information.
-
setIdentifier
public BlobServiceSasSignatureValues setIdentifier(String identifier)
Sets the name of the access policy on the container this SAS references if any. Please see here for more information.- Parameters:
identifier
- Name of the access policy- Returns:
- the updated BlobServiceSASSignatureValues object
-
getCacheControl
public String getCacheControl()
- Returns:
- the cache-control header for the SAS.
-
setCacheControl
public BlobServiceSasSignatureValues setCacheControl(String cacheControl)
Sets the cache-control header for the SAS.- Parameters:
cacheControl
- Cache-Control header value- Returns:
- the updated BlobServiceSASSignatureValues object
-
getContentDisposition
public String getContentDisposition()
- Returns:
- the content-disposition header for the SAS.
-
setContentDisposition
public BlobServiceSasSignatureValues setContentDisposition(String contentDisposition)
Sets the content-disposition header for the SAS.- Parameters:
contentDisposition
- Content-Disposition header value- Returns:
- the updated BlobServiceSASSignatureValues object
-
getContentEncoding
public String getContentEncoding()
- Returns:
- the content-encoding header for the SAS.
-
setContentEncoding
public BlobServiceSasSignatureValues setContentEncoding(String contentEncoding)
Sets the content-encoding header for the SAS.- Parameters:
contentEncoding
- Content-Encoding header value- Returns:
- the updated BlobServiceSASSignatureValues object
-
getContentLanguage
public String getContentLanguage()
- Returns:
- the content-language header for the SAS.
-
setContentLanguage
public BlobServiceSasSignatureValues setContentLanguage(String contentLanguage)
Sets the content-language header for the SAS.- Parameters:
contentLanguage
- Content-Language header value- Returns:
- the updated BlobServiceSASSignatureValues object
-
getContentType
public String getContentType()
- Returns:
- the content-type header for the SAS.
-
setContentType
public BlobServiceSasSignatureValues setContentType(String contentType)
Sets the content-type header for the SAS.- Parameters:
contentType
- Content-Type header value- Returns:
- the updated BlobServiceSASSignatureValues object
-
getPreauthorizedAgentObjectId
public String getPreauthorizedAgentObjectId()
- Returns:
- The AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token. The service will validate the SAS token and ensure that the owner of the user delegation key has the required permissions before granting access but no additional permission check for the agent object id will be performed.
-
setPreauthorizedAgentObjectId
public BlobServiceSasSignatureValues setPreauthorizedAgentObjectId(String preauthorizedAgentObjectId)
Sets the AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token.- Parameters:
preauthorizedAgentObjectId
- The AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token. The service will validate the SAS token and ensure that the owner of the user delegation key has the required permissions before granting access but no additional permission check for the agent object id will be performed.- Returns:
- the updated BlobServiceSASSignatureValues object
-
getCorrelationId
public String getCorrelationId()
- Returns:
- the correlation id value for the SAS.
-
setCorrelationId
public BlobServiceSasSignatureValues setCorrelationId(String correlationId)
Sets the correlation id value for the SAS.Note: This parameter is only valid for user delegation SAS.
- Parameters:
correlationId
- A correlation ID used to correlate the storage audit logs with the audit logs used by the principal generating and distributing SAS.- Returns:
- the updated BlobServiceSasSignatureValues object
-
generateSasQueryParameters
@Deprecated public BlobServiceSasQueryParameters generateSasQueryParameters(StorageSharedKeyCredential storageSharedKeyCredentials)
Deprecated.Please use the generateSas(BlobServiceSasSignatureValues) method on the desired container/blob client after initializingBlobServiceSasSignatureValues
.Uses an account's shared key credential to sign these signature values to produce the proper SAS query parameters.Notes on SAS generation
- If
identifier
is set,expiryTime
and permissions should not be set. These values are inherited from the stored access policy. - Otherwise,
expiryTime
andpermissions
must be set.
The type of SAS query parameters returned depends on the following:
- If
getBlobName()
is not set, container SAS query parameters are returned. - If
getBlobName()
andgetSnapshotId()
are set, blob snapshot SAS query parameters are returned. - If only
getBlobName()
is set, blob SAS query parameters are returned.
- Parameters:
storageSharedKeyCredentials
- AStorageSharedKeyCredential
object used to sign the SAS values.- Returns:
BlobServiceSasQueryParameters
- Throws:
IllegalStateException
- If the HMAC-SHA256 algorithm isn't supported, if the key isn't a valid Base64 encoded string, or the UTF-8 charset isn't supported.IllegalArgumentException
- ifgetPermissions()
contains an invalid character for the SAS resource.NullPointerException
- ifstorageSharedKeyCredentials
is null.
- If
-
generateSasQueryParameters
@Deprecated public BlobServiceSasQueryParameters generateSasQueryParameters(UserDelegationKey delegationKey, String accountName)
Deprecated.Please use the generateUserDelegationSas(BlobServiceSasSignatureValues, UserDelegationKey) method on the desired container/blob client after initializingBlobServiceSasSignatureValues
.Uses a user delegation key to sign these signature values to produce the proper SAS query parameters.Notes on SAS generation
- If
identifier
is set,expiryTime
and permissions should not be set. These values are inherited from the stored access policy. - Otherwise,
expiryTime
andpermissions
must be set.
The type of SAS query parameters returned depends on the following:
- If
getBlobName()
is not set, container SAS query parameters are returned. - If
getBlobName()
andgetSnapshotId()
are set, blob snapshot SAS query parameters are returned. - If only
getBlobName()
is set, blob SAS query parameters are returned.
- Parameters:
delegationKey
- AUserDelegationKey
object used to sign the SAS values.accountName
- Azure Storage account name to generate SAS for.- Returns:
BlobServiceSasQueryParameters
- Throws:
IllegalStateException
- If the HMAC-SHA256 algorithm isn't supported, if the key isn't a valid Base64 encoded string, or the UTF-8 charset isn't supported.IllegalArgumentException
- ifgetPermissions()
contains an invalid character for the SAS resource.NullPointerException
- ifdelegationKey
oraccount
is null.- See Also:
- Create a user delegation SAS
- If
-
-