[QUERY] How to create a SAS Uri with v12

[bragma]

Query/Question
Hi, I am porting my old v11 code to v12 and I find very unconvenient to generate SAS Uris with the new API. Old code was very simple:

			var serviceClient = account.CreateCloudBlobClient();
			var containerClient = serviceClient.GetContainerReference(containerName);
			var blobClient = containerClient.GetBlockBlobReference(blobName);

			var sasUri = blobClient.Uri + blobClient.GetSharedAccessSignature(new SharedAccessBlobPolicy()
			{
				SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24),
				Permissions = SharedAccessBlobPermissions.Read |
							  SharedAccessBlobPermissions.Delete
			});

Given a blob client, I was able to get a SAS Uri without having to get the account key from the connection string, which was very conenient given that if the connection string was "UseDevelopmentStorage=true".
If I am correct the new API requires to call ToSasQueryParameters() and provide a StorageSharedKeyCredential built from account name and account key. This requires me to parse the connection string, but I don't know exactly what to do with "UseDevelopmentStorage=true". The new code is:

			var containerClient = serviceClient.GetBlobContainerClient(containerName);
			var blobClient = containerClient.GetBlobClient(blobName);

			BlobSasBuilder sasBuilder = new BlobSasBuilder(BlobSasPermissions.Read | BlobSasPermissions.Delete, DateTimeOffset.UtcNow.AddHours(24))
			{
				BlobContainerName = containerClient.Name,
				BlobName = blobName,
				Resource = "b",
			};
			string sasBlobToken = sasBuilder.ToSasQueryParameters(new StorageSharedKeyCredential(serviceClient.AccountName, "<ACCOUNT KEY HERE, WHAT IF UseDevelopmentStorage=true?>")).ToString();

			var sasUri= blobClient.Uri + "?" + sasBlobToken;

Is there a way to get the StorageSharedKeyCredential directly from a BlobServiceClient?

Thanks!

[bragma]

I have to beg pardon since the question has already been presented here and also here but both issues are more than 6 months old and have NOT been addressed yet...

[jsquire]

Thank you for your feedback. Tagging and routing to the team best able to assist.

[ghost]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @xgithubtriage.

Issue Details

Description:	Query/Question Hi, I am porting my old v11 code to v12 and I find very unconvenient to generate SAS Uris with the new API. Old code was very simple: var serviceClient = account.CreateCloudBlobClient(); var containerClient = serviceClient.GetContainerReference(containerName); var blobClient = containerClient.GetBlockBlobReference(blobName); var sasUri = blobClient.Uri + blobClient.GetSharedAccessSignature(new SharedAccessBlobPolicy() { SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24), Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Delete }); Given a blob client, I was able to get a SAS Uri without having to get the account key from the connection string, which was very conenient given that if the connection string was "UseDevelopmentStorage=true". If I am correct the new API requires to call ToSasQueryParameters() and provide a StorageSharedKeyCredential built from account name and account key. This requires me to parse the connection string, but I don't know exactly what to do with "UseDevelopmentStorage=true". The new code is: var containerClient = serviceClient.GetBlobContainerClient(containerName); var blobClient = containerClient.GetBlobClient(blobName); BlobSasBuilder sasBuilder = new BlobSasBuilder(BlobSasPermissions.Read | BlobSasPermissions.Delete, DateTimeOffset.UtcNow.AddHours(24)) { BlobContainerName = containerClient.Name, BlobName = blobName, Resource = "b", }; string sasBlobToken = sasBuilder.ToSasQueryParameters(new StorageSharedKeyCredential(serviceClient.AccountName, "<ACCOUNT KEY HERE, WHAT IF UseDevelopmentStorage=true?>")).ToString(); var sasUri= blobClient.Uri + "?" + sasBlobToken; Is there a way to get the StorageSharedKeyCredential directly from a BlobServiceClient? Thanks!
Author:	bragma
Assignees:	-
Labels:	Client, Service Attention, Storage, customer-reported, needs-team-attention, needs-triage, question
Milestone:	-

[seanmcc-msft]

@amnguye can you take a look?

[amnguye]

Currently there's a bug in GetClient where the StorageSharedKeyCredential is not getting passed from the parent client. I submitted a PR to addressed this however you will have to wait until the next release of the SDK to receive the fix.

Here's a short sample based on your snippet in v12 to construct a SAS Uri, that way you don't have to pass the StorageSharedKeyCredential from any of clients to the builder to generate a SAS Uri when this PR comes out.

var containerClient = serviceClient.GetBlobContainerClient(containerName);
var blobClient = containerClient.GetBlobClient(blobName);

// This generates a sasUri based on the blobClient information, so the containerName, blobName and resource will already be populated
Uri sasUri = blobClient.GenerateSas(BlobSasPermissions.Read | BlobSasPermissions.Delete, DateTimeOffset.UtcNow.AddHours(24));

However with the current released version you would have to initialize the client with a connection string to a StorageSharedKeyCredential for now.
e.g.

var blobClient = new BlobClient(connectionString, containerName, blobName);
OR
var  blobClient = new BlobClient( blobEndpoint, sharedKeyCredential, options);

// This generates a sasUri based on the blobClient information, so the containerName, blobName and resource will already be populated
Uri sasUri = blobClient.GenerateSas(BlobSasPermissions.Read | BlobSasPermissions.Delete, DateTimeOffset.UtcNow.AddHours(24));

I believe we don't have any plans to expose the StorageSharedKeyCredential from the client.

Sorry for the inconvenience.

[bragma]

Ok, thanks for the answer. I'll wait for the next release, I have to since I am also blocked by a nasty memory leak with v12.

[amnguye]

This sample I provided above should currently work with the latest released preview version of Azure.Storage.Blobs .

[seanmcc-msft]

Please re-open if you have further questions.