diff --git a/sdk/storage/assets.json b/sdk/storage/assets.json index 7cd7a757f..5f7f5fd76 100644 --- a/sdk/storage/assets.json +++ b/sdk/storage/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "cpp", "TagPrefix": "cpp/storage", - "Tag": "cpp/storage_1d2fb95162" + "Tag": "cpp/storage_f9007be11f" } diff --git a/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_options.hpp b/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_options.hpp index 0e6af175a..95fd8c31c 100644 --- a/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_options.hpp +++ b/sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_options.hpp @@ -21,34 +21,42 @@ namespace Azure { namespace Storage { namespace Blobs { - namespace Models { + /** + * @brief Audiences available for blob service + * + */ + class BlobAudience final : public Azure::Core::_internal::ExtendableEnumeration { + public: + /** + * @brief Construct a new BlobAudience object + * + * @param blobAudience The Azure Active Directory audience to use when forming authorization + * scopes. For the Language service, this value corresponds to a URL that identifies the Azure + * cloud where the resource is located. For more information: See + * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory + */ + explicit BlobAudience(std::string blobAudience) : ExtendableEnumeration(std::move(blobAudience)) + { + } /** - * @brief Audiences available for Blobs + * @brief The service endpoint for a given storage account. Use this method to acquire a token + * for authorizing requests to that specific Azure Storage account and service only. * + * @param storageAccountName he storage account name used to populate the service endpoint. + * @return The service endpoint for a given storage account. */ - class BlobAudience final : public Azure::Core::_internal::ExtendableEnumeration { - public: - /** - * @brief Construct a new BlobAudience object - * - * @param blobAudience The Azure Active Directory audience to use when forming authorization - * scopes. For the Language service, this value corresponds to a URL that identifies the Azure - * cloud where the resource is located. For more information: See - * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory - */ - explicit BlobAudience(std::string blobAudience) - : ExtendableEnumeration(std::move(blobAudience)) - { - } + static BlobAudience CreateBlobServiceAccountAudience(const std::string& storageAccountName) + { + return BlobAudience("https://" + storageAccountName + ".blob.core.windows.net/"); + } - /** - * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure - * Storage account. - */ - AZ_STORAGE_BLOBS_DLLEXPORT const static BlobAudience DefaultAudience; - }; - } // namespace Models + /** + * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure + * Storage account. + */ + AZ_STORAGE_BLOBS_DLLEXPORT const static BlobAudience DefaultAudience; + }; /** * @brief Specifies access conditions for a container. @@ -198,10 +206,10 @@ namespace Azure { namespace Storage { namespace Blobs { /** * The Audience to use for authentication with Azure Active Directory (AAD). - * #Azure::Storage::Blobs::Models::BlobAudience::DefaultAudience will be assumed if Audience is + * #Azure::Storage::Blobs::BlobAudience::DefaultAudience will be assumed if Audience is * not set. */ - Azure::Nullable Audience; + Azure::Nullable Audience; }; /** diff --git a/sdk/storage/azure-storage-blobs/src/blob_options.cpp b/sdk/storage/azure-storage-blobs/src/blob_options.cpp index f6c27d689..13143f613 100644 --- a/sdk/storage/azure-storage-blobs/src/blob_options.cpp +++ b/sdk/storage/azure-storage-blobs/src/blob_options.cpp @@ -5,9 +5,7 @@ namespace Azure { namespace Storage { namespace Blobs { - namespace Models { - const BlobAudience BlobAudience::DefaultAudience(_internal::StorageDefaultAudience); - } // namespace Models + const BlobAudience BlobAudience::DefaultAudience(_internal::StorageDefaultAudience); BlobQueryInputTextOptions BlobQueryInputTextOptions::CreateCsvTextOptions( const std::string& recordSeparator, diff --git a/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp index 4136f319a..681fc0bd9 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp @@ -51,8 +51,7 @@ namespace Azure { namespace Storage { namespace Test { // With custom audience auto blobUrl = Azure::Core::Url(m_blockBlobClient->GetUrl()); - clientOptions.Audience - = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost()); + clientOptions.Audience = Blobs::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost()); blobClient = Blobs::BlobClient( m_blockBlobClient->GetUrl(), std::make_shared( diff --git a/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp index 076cd2dfd..9e0f3dc2f 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp @@ -1457,13 +1457,13 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto containerUrl = Azure::Core::Url(containerClient.GetUrl()); clientOptions.Audience - = Blobs::Models::BlobAudience(containerUrl.GetScheme() + "://" + containerUrl.GetHost()); + = Blobs::BlobAudience(containerUrl.GetScheme() + "://" + containerUrl.GetHost()); containerClient = Blobs::BlobContainerClient(m_blobContainerClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(containerClient.GetProperties()); // error audience - clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Blobs::BlobAudience("https://disk.compute.azure.com"); containerClient = Blobs::BlobContainerClient(m_blobContainerClient->GetUrl(), credential, clientOptions); EXPECT_THROW(containerClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp index 06b7ad0b1..ac615e5f6 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp @@ -515,13 +515,13 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto serviceUrl = Azure::Core::Url(serviceClient.GetUrl()); clientOptions.Audience - = Blobs::Models::BlobAudience(serviceUrl.GetScheme() + "://" + serviceUrl.GetHost()); + = Blobs::BlobAudience(serviceUrl.GetScheme() + "://" + serviceUrl.GetHost()); serviceClient = Blobs::BlobServiceClient(m_blobServiceClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(serviceClient.GetProperties()); // error audience - clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Blobs::BlobAudience("https://disk.compute.azure.com"); serviceClient = Blobs::BlobServiceClient(m_blobServiceClient->GetUrl(), credential, clientOptions); EXPECT_THROW(serviceClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp index a3f53c5d8..484480b92 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp @@ -2041,26 +2041,35 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(blockBlobClient.GetProperties()); // default audience - clientOptions.Audience = Blobs::Models::BlobAudience::DefaultAudience; + clientOptions.Audience = Blobs::BlobAudience::DefaultAudience; + blockBlobClient + = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(blockBlobClient.GetProperties()); + + // service audience + + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + auto accountName = keyCredential->AccountName; + clientOptions.Audience = Blobs::BlobAudience::CreateBlobServiceAccountAudience(accountName); blockBlobClient = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(blockBlobClient.GetProperties()); // custom audience auto blobUrl = Azure::Core::Url(blockBlobClient.GetUrl()); - clientOptions.Audience - = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost()); + clientOptions.Audience = Blobs::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost()); blockBlobClient = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(blockBlobClient.GetProperties()); clientOptions.Audience - = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/"); + = Blobs::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/"); blockBlobClient = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(blockBlobClient.GetProperties()); // error audience - clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Blobs::BlobAudience("https://disk.compute.azure.com"); blockBlobClient = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_THROW(blockBlobClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp b/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp index 1a9444c48..e56a7b81d 100644 --- a/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp +++ b/sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp @@ -78,33 +78,6 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { */ static std::string SerializeAcls(const std::vector& aclsArray); }; - - /** - * @brief Audiences available for Blobs - * - */ - class DataLakeAudience final - : public Azure::Core::_internal::ExtendableEnumeration { - public: - /** - * @brief Construct a new DataLakeAudience object - * - * @param dataLakeAudience The Azure Active Directory audience to use when forming - * authorization scopes. For the Language service, this value corresponds to a URL that - * identifies the Azure cloud where the resource is located. For more information: See - * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory - */ - explicit DataLakeAudience(std::string dataLakeAudience) - : ExtendableEnumeration(std::move(dataLakeAudience)) - { - } - - /** - * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure - * Storage account. - */ - AZ_STORAGE_FILES_DATALAKE_DLLEXPORT const static DataLakeAudience DefaultAudience; - }; } // namespace Models using DownloadFileToOptions = Blobs::DownloadBlobToOptions; @@ -140,6 +113,46 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { }; } // namespace _detail + /** + * @brief Audiences available for data lake service + * + */ + class DataLakeAudience final + : public Azure::Core::_internal::ExtendableEnumeration { + public: + /** + * @brief Construct a new DataLakeAudience object + * + * @param dataLakeAudience The Azure Active Directory audience to use when forming + * authorization scopes. For the Language service, this value corresponds to a URL that + * identifies the Azure cloud where the resource is located. For more information: See + * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory + */ + explicit DataLakeAudience(std::string dataLakeAudience) + : ExtendableEnumeration(std::move(dataLakeAudience)) + { + } + + /** + * @brief The service endpoint for a given storage account. Use this method to acquire a token + * for authorizing requests to that specific Azure Storage account and service only. + * + * @param storageAccountName he storage account name used to populate the service endpoint. + * @return The service endpoint for a given storage account. + */ + static DataLakeAudience CreateDataLakeServiceAccountAudience( + const std::string& storageAccountName) + { + return DataLakeAudience("https://" + storageAccountName + ".blob.core.windows.net/"); + } + + /** + * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure + * Storage account. + */ + AZ_STORAGE_FILES_DATALAKE_DLLEXPORT const static DataLakeAudience DefaultAudience; + }; + /** * @brief Client options used to initialize all DataLake clients. */ @@ -173,10 +186,10 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { /** * The Audience to use for authentication with Azure Active Directory (AAD). - * #Azure::Storage::Files::DataLake::Models::DataLakeAudience::DefaultAudience will be assumed + * #Azure::Storage::Files::DataLake::DataLakeAudience::DefaultAudience will be assumed * if Audience is not set. */ - Azure::Nullable Audience; + Azure::Nullable Audience; }; /** diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp index 09a794549..aefa3b71d 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp @@ -3,8 +3,8 @@ #include "azure/storage/files/datalake/datalake_options.hpp" -namespace Azure { namespace Storage { namespace Files { namespace DataLake { namespace Models { +namespace Azure { namespace Storage { namespace Files { namespace DataLake { const DataLakeAudience DataLakeAudience::DefaultAudience(_internal::StorageDefaultAudience); -}}}}} // namespace Azure::Storage::Files::DataLake::Models +}}}} // namespace Azure::Storage::Files::DataLake diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_utilities.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_utilities.cpp index 4b3eef46f..d7cf40850 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_utilities.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_utilities.cpp @@ -100,7 +100,7 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { nam blobOptions.EnableTenantDiscovery = options.EnableTenantDiscovery; if (options.Audience.HasValue()) { - blobOptions.Audience = Blobs::Models::BlobAudience(options.Audience.Value().ToString()); + blobOptions.Audience = Blobs::BlobAudience(options.Audience.Value().ToString()); } return blobOptions; } diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp index 1aa6d5ab4..313e50706 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp @@ -923,15 +923,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto fileSystemUrl = Azure::Core::Url(fileSystemClient.GetUrl()); - clientOptions.Audience = Files::DataLake::Models::DataLakeAudience( + clientOptions.Audience = Files::DataLake::DataLakeAudience( fileSystemUrl.GetScheme() + "://" + fileSystemUrl.GetHost()); fileSystemClient = Files::DataLake::DataLakeFileSystemClient( m_fileSystemClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(fileSystemClient.GetProperties()); // error audience - clientOptions.Audience - = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Files::DataLake::DataLakeAudience("https://disk.compute.azure.com"); fileSystemClient = Files::DataLake::DataLakeFileSystemClient( m_fileSystemClient->GetUrl(), credential, clientOptions); EXPECT_THROW(fileSystemClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp index 13b2923c0..1af88bc7f 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp @@ -495,22 +495,30 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(pathClient.GetProperties()); // default audience - clientOptions.Audience = Files::DataLake::Models::DataLakeAudience::DefaultAudience; + clientOptions.Audience = Files::DataLake::DataLakeAudience::DefaultAudience; + pathClient + = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(pathClient.GetProperties()); + + // service audience + auto keyCredential = _internal::ParseConnectionString(AdlsGen2ConnectionString()).KeyCredential; + auto accountName = keyCredential->AccountName; + clientOptions.Audience + = Files::DataLake::DataLakeAudience::CreateDataLakeServiceAccountAudience(accountName); pathClient = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(pathClient.GetProperties()); // custom audience auto pathUrl = Azure::Core::Url(pathClient.GetUrl()); - clientOptions.Audience = Files::DataLake::Models::DataLakeAudience( - pathUrl.GetScheme() + "://" + pathUrl.GetHost()); + clientOptions.Audience + = Files::DataLake::DataLakeAudience(pathUrl.GetScheme() + "://" + pathUrl.GetHost()); pathClient = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(pathClient.GetProperties()); // error audience - clientOptions.Audience - = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Files::DataLake::DataLakeAudience("https://disk.compute.azure.com"); pathClient = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); EXPECT_THROW(pathClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp index 7571dec00..8203828e4 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp @@ -359,15 +359,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto fileSystemUrl = Azure::Core::Url(serviceClient.GetUrl()); - clientOptions.Audience = Files::DataLake::Models::DataLakeAudience( + clientOptions.Audience = Files::DataLake::DataLakeAudience( fileSystemUrl.GetScheme() + "://" + fileSystemUrl.GetHost()); serviceClient = Files::DataLake::DataLakeServiceClient( m_dataLakeServiceClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(serviceClient.GetProperties()); // error audience - clientOptions.Audience - = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Files::DataLake::DataLakeAudience("https://disk.compute.azure.com"); serviceClient = Files::DataLake::DataLakeServiceClient( m_dataLakeServiceClient->GetUrl(), credential, clientOptions); EXPECT_THROW(serviceClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_options.hpp b/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_options.hpp index f8839c895..d2c3f3eb2 100644 --- a/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_options.hpp +++ b/sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_options.hpp @@ -18,35 +18,43 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { - namespace Models { + /** + * @brief Audiences available for share service + * + */ + class ShareAudience final : public Azure::Core::_internal::ExtendableEnumeration { + public: + /** + * @brief Construct a new ShareAudience object + * + * @param shareAudience The Azure Active Directory audience to use when forming authorization + * scopes. For the Language service, this value corresponds to a URL that identifies the Azure + * cloud where the resource is located. For more information: See + * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory + */ + explicit ShareAudience(std::string shareAudience) + : ExtendableEnumeration(std::move(shareAudience)) + { + } /** - * @brief Audiences available for Blobs + * @brief The service endpoint for a given storage account. Use this method to acquire a token + * for authorizing requests to that specific Azure Storage account and service only. * + * @param storageAccountName he storage account name used to populate the service endpoint. + * @return The service endpoint for a given storage account. */ - class ShareAudience final - : public Azure::Core::_internal::ExtendableEnumeration { - public: - /** - * @brief Construct a new ShareAudience object - * - * @param shareAudience The Azure Active Directory audience to use when forming authorization - * scopes. For the Language service, this value corresponds to a URL that identifies the Azure - * cloud where the resource is located. For more information: See - * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory - */ - explicit ShareAudience(std::string shareAudience) - : ExtendableEnumeration(std::move(shareAudience)) - { - } + static ShareAudience CreateShareServiceAccountAudience(const std::string& storageAccountName) + { + return ShareAudience("https://" + storageAccountName + ".file.core.windows.net/"); + } - /** - * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure - * Storage account. - */ - AZ_STORAGE_FILES_SHARES_DLLEXPORT const static ShareAudience DefaultAudience; - }; - } // namespace Models + /** + * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure + * Storage account. + */ + AZ_STORAGE_FILES_SHARES_DLLEXPORT const static ShareAudience DefaultAudience; + }; /** * @brief Client options used to initialize share clients. @@ -80,10 +88,10 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { /** * The Audience to use for authentication with Azure Active Directory (AAD). - * #Azure::Storage::Files::Shares::Models::ShareAudience::DefaultAudience will be assumed if + * #Azure::Storage::Files::Shares::ShareAudience::DefaultAudience will be assumed if * Audience is not set. */ - Azure::Nullable Audience; + Azure::Nullable Audience; }; /** diff --git a/sdk/storage/azure-storage-files-shares/src/share_options.cpp b/sdk/storage/azure-storage-files-shares/src/share_options.cpp index 1dfb5515f..59b1a352a 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_options.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_options.cpp @@ -3,8 +3,8 @@ #include "azure/storage/files/shares/share_options.hpp" -namespace Azure { namespace Storage { namespace Files { namespace Shares { namespace Models { +namespace Azure { namespace Storage { namespace Files { namespace Shares { const ShareAudience ShareAudience::DefaultAudience(_internal::StorageDefaultAudience); -}}}}} // namespace Azure::Storage::Files::Shares::Models +}}}} // namespace Azure::Storage::Files::Shares diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp index 9dfeb77e4..3a847103a 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp @@ -720,12 +720,12 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto shareUrl = Azure::Core::Url(shareClient.GetUrl()); clientOptions.Audience - = Files::Shares::Models::ShareAudience(shareUrl.GetScheme() + "://" + shareUrl.GetHost()); + = Files::Shares::ShareAudience(shareUrl.GetScheme() + "://" + shareUrl.GetHost()); shareClient = Files::Shares::ShareClient(m_shareClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(shareClient.GetPermission(created.FilePermissionKey)); // error audience - clientOptions.Audience = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Files::Shares::ShareAudience("https://disk.compute.azure.com"); shareClient = Files::Shares::ShareClient(m_shareClient->GetUrl(), credential, clientOptions); EXPECT_THROW(shareClient.GetPermission(created.FilePermissionKey), StorageException); } diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp index b27054606..cd49f0dbf 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp @@ -1223,14 +1223,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto directoryUrl = Azure::Core::Url(directoryClient.GetUrl()); - clientOptions.Audience = Files::Shares::Models::ShareAudience( - directoryUrl.GetScheme() + "://" + directoryUrl.GetHost()); + clientOptions.Audience + = Files::Shares::ShareAudience(directoryUrl.GetScheme() + "://" + directoryUrl.GetHost()); directoryClient = Files::Shares::ShareDirectoryClient( m_fileShareDirectoryClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(directoryClient.GetProperties()); // error audience - clientOptions.Audience = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Files::Shares::ShareAudience("https://disk.compute.azure.com"); directoryClient = Files::Shares::ShareDirectoryClient( m_fileShareDirectoryClient->GetUrl(), credential, clientOptions); EXPECT_THROW(directoryClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp index 18baf0a15..d910eb85e 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp @@ -1708,14 +1708,23 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(fileClient.GetProperties()); // default audience - clientOptions.Audience = Files::Shares::Models::ShareAudience::DefaultAudience; + clientOptions.Audience = Files::Shares::ShareAudience::DefaultAudience; + fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(fileClient.GetProperties()); + + // service audience + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + auto accountName = keyCredential->AccountName; + clientOptions.Audience + = Files::Shares::ShareAudience::CreateShareServiceAccountAudience(accountName); fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(fileClient.GetProperties()); // custom audience auto fileUrl = Azure::Core::Url(fileClient.GetUrl()); clientOptions.Audience - = Files::Shares::Models::ShareAudience(fileUrl.GetScheme() + "://" + fileUrl.GetHost()); + = Files::Shares::ShareAudience(fileUrl.GetScheme() + "://" + fileUrl.GetHost()); fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(fileClient.GetProperties()); @@ -1728,7 +1737,7 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(fileClient.GetProperties()); // error audience - clientOptions.Audience = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Files::Shares::ShareAudience("https://disk.compute.azure.com"); fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); EXPECT_THROW(fileClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-queues/inc/azure/storage/queues/queue_options.hpp b/sdk/storage/azure-storage-queues/inc/azure/storage/queues/queue_options.hpp index 3dccc69a3..b0ff0dfae 100644 --- a/sdk/storage/azure-storage-queues/inc/azure/storage/queues/queue_options.hpp +++ b/sdk/storage/azure-storage-queues/inc/azure/storage/queues/queue_options.hpp @@ -18,35 +18,44 @@ #include namespace Azure { namespace Storage { namespace Queues { - namespace Models { + + /** + * @brief Audiences available for queue service + * + */ + class QueueAudience final : public Azure::Core::_internal::ExtendableEnumeration { + public: + /** + * @brief Construct a new QueueAudience object + * + * @param queueAudience The Azure Active Directory audience to use when forming authorization + * scopes. For the Language service, this value corresponds to a URL that identifies the Azure + * cloud where the resource is located. For more information: See + * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory + */ + explicit QueueAudience(std::string queueAudience) + : ExtendableEnumeration(std::move(queueAudience)) + { + } /** - * @brief Audiences available for Blobs + * @brief The service endpoint for a given storage account. Use this method to acquire a token + * for authorizing requests to that specific Azure Storage account and service only. * + * @param storageAccountName he storage account name used to populate the service endpoint. + * @return The service endpoint for a given storage account. */ - class QueueAudience final - : public Azure::Core::_internal::ExtendableEnumeration { - public: - /** - * @brief Construct a new QueueAudience object - * - * @param queueAudience The Azure Active Directory audience to use when forming authorization - * scopes. For the Language service, this value corresponds to a URL that identifies the Azure - * cloud where the resource is located. For more information: See - * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory - */ - explicit QueueAudience(std::string queueAudience) - : ExtendableEnumeration(std::move(queueAudience)) - { - } + static QueueAudience CreateQueueServiceAccountAudience(const std::string& storageAccountName) + { + return QueueAudience("https://" + storageAccountName + ".queue.core.windows.net/"); + } - /** - * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure - * Storage account. - */ - AZ_STORAGE_QUEUES_DLLEXPORT const static QueueAudience DefaultAudience; - }; - } // namespace Models + /** + * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure + * Storage account. + */ + AZ_STORAGE_QUEUES_DLLEXPORT const static QueueAudience DefaultAudience; + }; /** * @brief API version for Storage Queue service. @@ -124,10 +133,10 @@ namespace Azure { namespace Storage { namespace Queues { /** * The Audience to use for authentication with Azure Active Directory (AAD). - * #Azure::Storage::Queues::Models::QueueAudience::DefaultAudience will be assumed if + * #Azure::Storage::Queues::QueueAudience::DefaultAudience will be assumed if * Audience is not set. */ - Azure::Nullable Audience; + Azure::Nullable Audience; }; /** diff --git a/sdk/storage/azure-storage-queues/src/queue_options.cpp b/sdk/storage/azure-storage-queues/src/queue_options.cpp index 49d4df26d..91eca6e2a 100644 --- a/sdk/storage/azure-storage-queues/src/queue_options.cpp +++ b/sdk/storage/azure-storage-queues/src/queue_options.cpp @@ -5,10 +5,7 @@ namespace Azure { namespace Storage { namespace Queues { - namespace Models { - - const QueueAudience QueueAudience::DefaultAudience(_internal::StorageDefaultAudience); - } // namespace Models + const QueueAudience QueueAudience::DefaultAudience(_internal::StorageDefaultAudience); const ServiceVersion ServiceVersion::V2018_03_28(std::string("2018-03-28")); const ServiceVersion ServiceVersion::V2019_12_12(std::string("2019-12-12")); diff --git a/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp b/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp index b307dcda3..18b4802df 100644 --- a/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp +++ b/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp @@ -247,14 +247,22 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(queueClient.GetProperties()); // default audience - clientOptions.Audience = Queues::Models::QueueAudience::DefaultAudience; + clientOptions.Audience = Queues::QueueAudience::DefaultAudience; + queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(queueClient.GetProperties()); + + // service audience + auto keyCredential + = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential; + auto accountName = keyCredential->AccountName; + clientOptions.Audience = Queues::QueueAudience::CreateQueueServiceAccountAudience(accountName); queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(queueClient.GetProperties()); // custom audience auto queueUrl = Azure::Core::Url(queueClient.GetUrl()); clientOptions.Audience - = Queues::Models::QueueAudience(queueUrl.GetScheme() + "://" + queueUrl.GetHost()); + = Queues::QueueAudience(queueUrl.GetScheme() + "://" + queueUrl.GetHost()); queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(queueClient.GetProperties()); @@ -264,7 +272,7 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(queueClient.GetProperties()); // error audience - clientOptions.Audience = Queues::Models::QueueAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Queues::QueueAudience("https://disk.compute.azure.com"); queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); EXPECT_THROW(queueClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp b/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp index 88c2faeaf..cda4ce94c 100644 --- a/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp +++ b/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp @@ -331,13 +331,13 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto queueUrl = Azure::Core::Url(queueServiceClient.GetUrl()); clientOptions.Audience - = Queues::Models::QueueAudience(queueUrl.GetScheme() + "://" + queueUrl.GetHost()); + = Queues::QueueAudience(queueUrl.GetScheme() + "://" + queueUrl.GetHost()); queueServiceClient = Queues::QueueServiceClient(m_queueServiceClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(queueServiceClient.GetProperties()); // error audience - clientOptions.Audience = Queues::Models::QueueAudience("https://disk.compute.azure.com"); + clientOptions.Audience = Queues::QueueAudience("https://disk.compute.azure.com"); queueServiceClient = Queues::QueueServiceClient(m_queueServiceClient->GetUrl(), credential, clientOptions); EXPECT_THROW(queueServiceClient.GetProperties(), StorageException);