azure - ASP.Net Core 2.2 - Azure SAS 令牌?
问题描述
我试图弄清楚如何为用户生成基于时间的令牌,以访问存储在 Azure 存储帐户 Blob 容器中的数据。用户上传各种数据(PDF、图像),但我不希望这些数据的链接公开。推荐的策略是使用 SAS 令牌,我能够使用大约一年前在 MS 网站上找到的以下功能在 .Net 下使其工作:
//Function for getting a temporary Azure SAS
public static string GetAzureSASToken(string userhashid, int minutes)
{
//Get Azure SAS Token so we can allow them to temporarily view the photos
UploadedFileInfo uploadedfileinfo = new UploadedFileInfo();
//Azure User containter must be all lowercase!!
uploadedfileinfo.usercontainer = "user-" + userhashid;
uploadedfileinfo.azureurl = ConfigurationManager.AppSettings["AzureURL"].ToString() + uploadedfileinfo.usercontainer + "/";
// Retrieve storage account from connection string.
string azureconnection = CloudConfigurationManager.GetSetting("StorageConnectionString");
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(azureconnection);
CloudBlobClient client = storageAccount.CreateCloudBlobClient();
CloudBlobContainer blobContainer = client.GetContainerReference(uploadedfileinfo.usercontainer);
//Set the expiry time and permissions for the container.
//In this case no start time is specified, so the shared access signature becomes valid immediately.
SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy();
sasConstraints.SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(minutes);
sasConstraints.Permissions = SharedAccessBlobPermissions.Read;
//Generate the shared access signature on the container, setting the constraints directly on the signature.
string sasContainerToken = blobContainer.GetSharedAccessSignature(sasConstraints);
return sasContainerToken;
}
问题是我现在需要从Asp.Net Core 2.2应用程序访问这些文件,我似乎无法弄清楚如何复制代码来获取令牌(核心库不同)
有关如何在 .Net Core 2.2 中完成此任务的任何建议?
谢谢!
解决方案
只需安装最新的 nuget 包Microsoft.Azure.Storage.Blob -Version 11.1.0。
然后您的 .net 核心代码(与您帖子中的 .net 框架代码相同)可以像 .net 框架代码一样工作。
这是 .net core 2.2 的示例代码。我没有从配置文件中读取设置,所以有点不同:
using Microsoft.Azure.Storage;
using Microsoft.Azure.Storage.Auth;
using Microsoft.Azure.Storage.Blob;
using System;
namespace ConsoleApp5
{
class Program
{
static void Main(string[] args)
{
string sas = GetAzureSASToken();
Console.WriteLine(sas);
Console.ReadLine();
}
public static string GetAzureSASToken()
{
string accountName = "xxx";
string accountKey = "xxx";
CloudStorageAccount storageAccount = new CloudStorageAccount(new StorageCredentials(accountName, accountKey), true);
CloudBlobClient client = storageAccount.CreateCloudBlobClient();
CloudBlobContainer blobContainer = client.GetContainerReference("test1");
//Set the expiry time and permissions for the container.
//In this case no start time is specified, so the shared access signature becomes valid immediately.
SharedAccessBlobPolicy sasConstraints = new SharedAccessBlobPolicy();
sasConstraints.SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddMinutes(5);
sasConstraints.Permissions = SharedAccessBlobPermissions.Read;
//Generate the shared access signature on the container, setting the constraints directly on the signature.
string sasContainerToken = blobContainer.GetSharedAccessSignature(sasConstraints);
return sasContainerToken;
}
}
}
和测试结果:
推荐阅读
- google-apps-script - 无法使用 Apps 脚本从团队云端硬盘中删除文件
- javascript - Setting cookie in iframe when using safari
- python - Fastest way to draw pixels to screen in python
- xslt - 使用 XSLT 移动和重命名 KML 节点
- python - Python绘制条形图求和一列,按两个不同的列分组
- physics - 如何解决 proc 0 上的错误:无法打开文件 tersoff.data (../read_data.cpp:1938)?
- apache-kafka - Kafka Connect - 无法刷新,等待生产者刷新未完成的消息时超时
- python - 从我的服务器下载文件以将服务器跳转到我的笔记本电脑
- reactjs - Microsoft Edge isPersonal SavePersonalAndPaymentData 刹车 React 应用
- c# - 从 HttpRequestMessage 获取 Route 参数