implementation #60

arafato · Nov 29, 2017 · 26a2d19 · 26a2d19
1 parent 20e5e16
commit 26a2d19
Show file tree

Hide file tree

Showing 6 changed files with 2,618 additions and 570 deletions.
diff --git a/lib/AzuriteBlob.js b/lib/AzuriteBlob.js
@@ -62,6 +62,7 @@ class AzuriteBlob {
                 require('./routes/blob/AccountRoute')(app);
                 require('./routes/blob/ContainerRoute')(app);
                 require('./routes/blob/BlobRoute')(app);
+                app.use(require('./middleware/blob/Authentication.js'));
                 app.use(require('./middleware/blob/validation'));
                 app.use(require('./middleware/blob/actions'));
                 this.server = app.listen(env.blobStoragePort, () => {

diff --git a/lib/core/blob/StorageManager.js b/lib/core/blob/StorageManager.js
@@ -65,7 +65,7 @@ class StorageManager {
         const entity = StorageEntityGenerator.generateStorageEntity(request);
         const containerProxy = new ContainerProxy(coll.insert(entity));
         this.db.addCollection(entity.name);
-        return BbPromise.resolve({ proxy: containerProxy });
+        return BbPromise.resolve(new AzuriteResponse({ proxy: containerProxy }));
     }
 
     deleteContainer(request) {

diff --git a/lib/middleware/blob/Authentication.js b/lib/middleware/blob/Authentication.js
@@ -0,0 +1,42 @@
+'use strict';
+
+const BbPromise = require('bluebird'),
+    azure = require('azure-storage'),
+    Querystring = require('querystring'),
+    Operations = require('./../../core/Constants').Operations;
+
+const _blobService = azure.createBlobService("UseDevelopmentStorage=true;");
+
+module.exports = (req, res) => {
+    BbPromise.try(() => {
+        const request = req.azuriteRequest;
+        if (request.query.sig) {
+            const sharedAccessPolicy = {
+                AccessPolicy: {
+                    Permissions: request.query.sp,
+                    Start: request.query.st,
+                    Expiry: request.query.se,
+                    IPAddressOrRange: request.query.sip,
+                    Protocols: request.query.spr,
+                    Services: request.query.ss,
+                    ResourceTypes: request.query.sr,
+                    Version: request.query.sv,
+                    Id: request.query.si
+                }
+            };
+            request.auth = {};
+            request.auth.sasValid = checkServiceSignature(request.query, request.containerName, request.blobName, sharedAccessPolicy);
+            request.auth.accessPolicy = sharedAccessPolicy.AccessPolicy;
+        }
+        next();
+    }).catch((e) => {
+        res.status(e.statusCode || 500).send(e.message);
+        if (!e.statusCode) throw e;
+    });
+}
+
+function checkServiceSignature(query, containerName, blobName, sharedAccessPolicy) {
+    const sas = _blobService.generateSharedAccessSignature(containerName, blobName, sharedAccessPolicy),
+        signature = Querystring.parse(sas).sig;
+    return signature === query.sig;
+}
diff --git a/lib/model/blob/AzuriteResponse.js b/lib/model/blob/AzuriteResponse.js
@@ -5,7 +5,7 @@ const uuidV1 = require('uuid/v1'),
     EntityType = require('./../../core/Constants').StorageEntityType;
 
 class AzuriteResponse {
-    constructor({ proxy = undefined, payload = undefined }) {
+    constructor({ proxy = undefined, payload = undefined, query = {} }) {
         this.httpProps = {};
         this.proxy = proxy;
         if (this.proxy) {
@@ -29,6 +29,13 @@ class AzuriteResponse {
         this.httpProps[N.CONTENT_LENGTH] = 0;
         this.httpProps[N.REQUEST_ID] = uuidV1();
         this.payload = payload;
+
+        // Optional SAS Overrides
+        this.addHttpProperty(N.CACHE_CONTROL, query.rscc);
+        this.addHttpProperty(N.CONTENT_DISPOSITION, query.rscd);
+        this.addHttpProperty(N.CONTENT_ENCODING, query.rsce);
+        this.addHttpProperty(N.CONTENT_LANGUAGE, query.rscl);
+        this.addHttpProperty(N.CONTENT_TYPE, query.rsct);
     }
 
     addHttpProperty(key, value) {