Package com.azure.storage.file.datalake.sas

Class DataLakeServiceSasSignatureValues

  • public final class DataLakeServiceSasSignatureValues
extends Object
    Used to initialize parameters for a Shared Access Signature (SAS) for an Azure Data Lake Storage service. Once all the values here are set, use the appropriate SAS generation method on the desired file system/path client to obtain a representation of the SAS which can then be applied to a new client using the .sasToken(String) method on the desired client builder.
    See Also:
    Storage SAS overview, Constructing a Service SAS, Constructing a User Delegation SAS

    • Constructor Detail

      • DataLakeServiceSasSignatureValues

        public DataLakeServiceSasSignatureValues​(OffsetDateTime expiryTime,
                                         FileSystemSasPermission permissions)
        Creates an object with the specified expiry time and permissions
        Parameters:
        expiryTime - The time after which the SAS will no longer work.
        permissions - FileSystemSasPermission allowed by the SAS.

      • DataLakeServiceSasSignatureValues

        public DataLakeServiceSasSignatureValues​(OffsetDateTime expiryTime,
                                         PathSasPermission permissions)
        Creates an object with the specified expiry time and permissions
        Parameters:
        expiryTime - When the SAS will no longer work
        permissions - PathSasPermission allowed by the SAS

      • DataLakeServiceSasSignatureValues

        public DataLakeServiceSasSignatureValues​(String identifier)
        Creates an object with the specified identifier. NOTE: Identifier can not be used for a UserDelegationKey SAS.
        Parameters:
        identifier - Name of the access policy

    • Method Detail

      • getVersion

        public String getVersion()
        Returns:
        the version of the service this SAS will target. If not specified, it will default to the version targeted by the library.

      • setVersion

        @Deprecated
public DataLakeServiceSasSignatureValues setVersion​(String version)
        Deprecated.
        The version is set to the latest version of sas. Users should stop calling this API as it is now treated as a no-op.
        Sets the version of the service this SAS will target. If not specified, it will default to the version targeted by the library.
        Parameters:
        version - Version to target
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getProtocol

        public com.azure.storage.common.sas.SasProtocol getProtocol()
        Returns:
        the SasProtocol which determines the protocols allowed by the SAS.

      • setProtocol

        public DataLakeServiceSasSignatureValues setProtocol​(com.azure.storage.common.sas.SasProtocol protocol)
        Sets the SasProtocol which determines the protocols allowed by the SAS.
        Parameters:
        protocol - Protocol for the SAS
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getStartTime

        public OffsetDateTime getStartTime()
        Returns:
        when the SAS will take effect.

      • setStartTime

        public DataLakeServiceSasSignatureValues setStartTime​(OffsetDateTime startTime)
        Sets when the SAS will take effect.
        Parameters:
        startTime - When the SAS takes effect
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getExpiryTime

        public OffsetDateTime getExpiryTime()
        Returns:
        the time after which the SAS will no longer work.

      • setExpiryTime

        public DataLakeServiceSasSignatureValues setExpiryTime​(OffsetDateTime expiryTime)
        Sets the time after which the SAS will no longer work.
        Parameters:
        expiryTime - When the SAS will no longer work
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getPermissions

        public String getPermissions()
        Returns:
        the permissions string allowed by the SAS. Please refer to either FileSystemSasPermission or PathSasPermission depending on the resource being accessed for help determining the permissions allowed.

      • getSasIpRange

        public com.azure.storage.common.sas.SasIpRange getSasIpRange()
        Returns:
        the SasIpRange which determines the IP ranges that are allowed to use the SAS.

      • setSasIpRange

        public DataLakeServiceSasSignatureValues setSasIpRange​(com.azure.storage.common.sas.SasIpRange sasIpRange)
        Sets the SasIpRange which determines the IP ranges that are allowed to use the SAS.
        Parameters:
        sasIpRange - Allowed IP range to set
        Returns:
        the updated DataLakeServiceSasSignatureValues object
        See Also:
        Specifying IP Address or IP range

      • getIdentifier

        public String getIdentifier()
        Returns:
        the name of the access policy on the file system this SAS references if any. Please see here for more information.

      • setIdentifier

        public DataLakeServiceSasSignatureValues setIdentifier​(String identifier)
        Sets the name of the access policy on the file system this SAS references if any. Please see here for more information.
        Parameters:
        identifier - Name of the access policy
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getCacheControl

        public String getCacheControl()
        Returns:
        the cache-control header for the SAS.

      • setCacheControl

        public DataLakeServiceSasSignatureValues setCacheControl​(String cacheControl)
        Sets the cache-control header for the SAS.
        Parameters:
        cacheControl - Cache-Control header value
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getContentDisposition

        public String getContentDisposition()
        Returns:
        the content-disposition header for the SAS.

      • setContentDisposition

        public DataLakeServiceSasSignatureValues setContentDisposition​(String contentDisposition)
        Sets the content-disposition header for the SAS.
        Parameters:
        contentDisposition - Content-Disposition header value
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getContentEncoding

        public String getContentEncoding()
        Returns:
        the content-encoding header for the SAS.

      • setContentEncoding

        public DataLakeServiceSasSignatureValues setContentEncoding​(String contentEncoding)
        Sets the content-encoding header for the SAS.
        Parameters:
        contentEncoding - Content-Encoding header value
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getContentLanguage

        public String getContentLanguage()
        Returns:
        the content-language header for the SAS.

      • setContentLanguage

        public DataLakeServiceSasSignatureValues setContentLanguage​(String contentLanguage)
        Sets the content-language header for the SAS.
        Parameters:
        contentLanguage - Content-Language header value
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getContentType

        public String getContentType()
        Returns:
        the content-type header for the SAS.

      • setContentType

        public DataLakeServiceSasSignatureValues setContentType​(String contentType)
        Sets the content-type header for the SAS.
        Parameters:
        contentType - Content-Type header value
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getPreauthorizedAgentObjectId

        public String getPreauthorizedAgentObjectId()
        Returns:
        The AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token. The service will validate the SAS token and ensure that the owner of the user delegation key has the required permissions before granting access but no additional permission check for the agent object id will be performed.

      • setPreauthorizedAgentObjectId

        public DataLakeServiceSasSignatureValues setPreauthorizedAgentObjectId​(String preauthorizedAgentObjectId)
        Sets the AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token.
        Parameters:
        preauthorizedAgentObjectId - The AAD object ID of a user assumed to be authorized by the owner of the user delegation key to perform the action granted by the SAS token. The service will validate the SAS token and ensure that the owner of the user delegation key has the required permissions before granting access but no additional permission check for the agent object id will be performed.
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getAgentObjectId

        public String getAgentObjectId()
        Returns:
        The AAD object ID of a user assumed to be unauthorized by the owner of the user delegation key to perform the action granted by the SAS token. The service will validate the SAS token and ensure that the owner of the user delegation key has the required permissions before granting access and the service will perform an additional POSIX ACL check to determine if this user is authorized to perform the requested operation.

      • setAgentObjectId

        public DataLakeServiceSasSignatureValues setAgentObjectId​(String agentObjectId)
        Sets the AAD object ID of a user assumed to be unauthorized by the owner of the user delegation key to perform the action granted by the SAS token.
        Parameters:
        agentObjectId - The AAD object ID of a user assumed to be unauthorized by the owner of the user delegation key to perform the action granted by the SAS token. The service will validate the SAS token and ensure that the owner of the user delegation key has the required permissions before granting access and the service will perform an additional POSIX ACL check to determine if this user is authorized to perform the requested operation.
        Returns:
        the updated DataLakeServiceSasSignatureValues object

      • getCorrelationId

        public String getCorrelationId()
        Returns:
        the correlation id value for the SAS.

      • setCorrelationId

        public DataLakeServiceSasSignatureValues setCorrelationId​(String correlationId)
        Sets the correlation id value for the SAS.

        Note: This parameter is only valid for user delegation SAS.

        Parameters:
        correlationId - A correlation ID used to correlate the storage audit logs with the audit logs used by the principal generating and distributing SAS.
        Returns:
        the updated DataLakeServiceSasSignatureValues object