azurite
Version:
An open source Azure Storage API compatible server
132 lines • 6.52 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateTableSASSignature = void 0;
const utils_1 = require("../../common/utils/utils");
const IIPRange_1 = require("../../common/authentication/IIPRange");
/**
* Creates an instance of SASQueryParameters.
*
* Only accepts required settings needed to create a SAS. For optional settings please
* set corresponding properties directly, such as permissions, startTime and identifier.
*
* WARNING: When identifier is not provided, permissions and expiryTime are required.
* You MUST assign value to identifier or expiryTime & permissions manually if you initial with
* this constructor.
*
* @export
* @param {ITableSASSignatureValues} tableSASSignatureValues
* @param {TableSASResourceType} resource
* @param {string} accountName
* @param {Buffer} sharedKey
* @returns {[string, string]} signature and stringToSign
*/
function generateTableSASSignature(tableSASSignatureValues, accountName, sharedKey) {
if (tableSASSignatureValues.version >= "2018-11-09") {
return generateTableSASSignature20181109(tableSASSignatureValues, accountName, sharedKey);
}
else {
return generateTableSASSignature20150405(tableSASSignatureValues, accountName, sharedKey);
}
}
exports.generateTableSASSignature = generateTableSASSignature;
function generateTableSASSignature20181109(tableSASSignatureValues, accountName, sharedKey) {
if (!tableSASSignatureValues.identifier &&
(!tableSASSignatureValues.permissions &&
!tableSASSignatureValues.expiryTime)) {
throw new RangeError(
// tslint:disable-next-line:max-line-length
"generateTableSASSignature(): Must provide 'permissions' and 'expiryTime' for Table SAS generation when 'identifier' is not provided.");
}
const version = tableSASSignatureValues.version;
const verifiedPermissions = tableSASSignatureValues.permissions;
// Signature is generated on the un-url-encoded values.
// TODO: Check whether validating the snapshot is necessary.
const stringToSign = [
verifiedPermissions ? verifiedPermissions : "",
tableSASSignatureValues.startTime === undefined
? ""
: typeof tableSASSignatureValues.startTime === "string"
? tableSASSignatureValues.startTime
: (0, utils_1.truncatedISO8061Date)(tableSASSignatureValues.startTime, false),
tableSASSignatureValues.expiryTime === undefined
? ""
: typeof tableSASSignatureValues.expiryTime === "string"
? tableSASSignatureValues.expiryTime
: (0, utils_1.truncatedISO8061Date)(tableSASSignatureValues.expiryTime, false),
getCanonicalName(accountName, tableSASSignatureValues.tableName),
tableSASSignatureValues.identifier, // TODO: ? tableSASSignatureValues.identifier : "",
tableSASSignatureValues.ipRange
? typeof tableSASSignatureValues.ipRange === "string"
? tableSASSignatureValues.ipRange
: (0, IIPRange_1.ipRangeToString)(tableSASSignatureValues.ipRange)
: "",
tableSASSignatureValues.protocol ? tableSASSignatureValues.protocol : "",
version,
tableSASSignatureValues.startingPartitionKey
? tableSASSignatureValues.startingPartitionKey
: "",
tableSASSignatureValues.startingRowKey
? tableSASSignatureValues.startingRowKey
: "",
tableSASSignatureValues.endingPartitionKey
? tableSASSignatureValues.endingPartitionKey
: "",
tableSASSignatureValues.endingRowKey
? tableSASSignatureValues.endingRowKey
: ""
].join("\n");
const signature = (0, utils_1.computeHMACSHA256)(stringToSign, sharedKey);
return [signature, stringToSign];
}
function generateTableSASSignature20150405(tableSASSignatureValues, accountName, sharedKey) {
if (!tableSASSignatureValues.identifier &&
(!tableSASSignatureValues.permissions &&
!tableSASSignatureValues.expiryTime)) {
throw new RangeError(
// tslint:disable-next-line:max-line-length
"generateTableSASSignature(): Must provide 'permissions' and 'expiryTime' for Table SAS generation when 'identifier' is not provided.");
}
const version = tableSASSignatureValues.version;
const verifiedPermissions = tableSASSignatureValues.permissions;
// Signature is generated on the un-url-encoded values.
const stringToSign = [
verifiedPermissions ? verifiedPermissions : "",
tableSASSignatureValues.startTime === undefined
? ""
: typeof tableSASSignatureValues.startTime === "string"
? tableSASSignatureValues.startTime
: (0, utils_1.truncatedISO8061Date)(tableSASSignatureValues.startTime, false),
tableSASSignatureValues.expiryTime === undefined
? ""
: typeof tableSASSignatureValues.expiryTime === "string"
? tableSASSignatureValues.expiryTime
: (0, utils_1.truncatedISO8061Date)(tableSASSignatureValues.expiryTime, false),
getCanonicalName(accountName, tableSASSignatureValues.tableName),
tableSASSignatureValues.identifier, // TODO: ? tableSASSignatureValues.identifier : "",
tableSASSignatureValues.ipRange
? typeof tableSASSignatureValues.ipRange === "string"
? tableSASSignatureValues.ipRange
: (0, IIPRange_1.ipRangeToString)(tableSASSignatureValues.ipRange)
: "",
tableSASSignatureValues.protocol ? tableSASSignatureValues.protocol : "",
version,
tableSASSignatureValues.startingPartitionKey
? tableSASSignatureValues.startingPartitionKey
: "",
tableSASSignatureValues.startingRowKey
? tableSASSignatureValues.startingRowKey
: "",
tableSASSignatureValues.endingPartitionKey
? tableSASSignatureValues.endingPartitionKey
: "",
tableSASSignatureValues.endingRowKey
? tableSASSignatureValues.endingRowKey
: ""
].join("\n");
const signature = (0, utils_1.computeHMACSHA256)(stringToSign, sharedKey);
return [signature, stringToSign];
}
function getCanonicalName(accountName, tableName) {
return `/table/${accountName}/${tableName.toLowerCase()}`;
}
//# sourceMappingURL=ITableSASSignatureValues.js.map