diff --git a/sdk/storage/assets.json b/sdk/storage/assets.json index f6fc7b570..2f72bf458 100644 --- a/sdk/storage/assets.json +++ b/sdk/storage/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "cpp", "TagPrefix": "cpp/storage", - "Tag": "cpp/storage_e44851d82e" + "Tag": "cpp/storage_38dec59ffb" } diff --git a/sdk/storage/azure-storage-blobs/src/blob_client.cpp b/sdk/storage/azure-storage-blobs/src/blob_client.cpp index f3ec27ac5..f172d0d8e 100644 --- a/sdk/storage/azure-storage-blobs/src/blob_client.cpp +++ b/sdk/storage/azure-storage-blobs/src/blob_client.cpp @@ -87,8 +87,9 @@ namespace Azure { namespace Storage { namespace Blobs { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::BlobAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery)); diff --git a/sdk/storage/azure-storage-blobs/src/blob_container_client.cpp b/sdk/storage/azure-storage-blobs/src/blob_container_client.cpp index 38a539c1a..9425f36e9 100644 --- a/sdk/storage/azure-storage-blobs/src/blob_container_client.cpp +++ b/sdk/storage/azure-storage-blobs/src/blob_container_client.cpp @@ -170,8 +170,9 @@ namespace Azure { namespace Storage { namespace Blobs { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::BlobAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); tokenAuthPolicy = std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery); perRetryPolicies.emplace_back(tokenAuthPolicy->Clone()); diff --git a/sdk/storage/azure-storage-blobs/src/blob_options.cpp b/sdk/storage/azure-storage-blobs/src/blob_options.cpp index 8f99b9245..420ae10a1 100644 --- a/sdk/storage/azure-storage-blobs/src/blob_options.cpp +++ b/sdk/storage/azure-storage-blobs/src/blob_options.cpp @@ -6,7 +6,7 @@ namespace Azure { namespace Storage { namespace Blobs { namespace Models { - const BlobAudience BlobAudience::PublicAudience(Azure::Storage::_internal::StorageScope); + const BlobAudience BlobAudience::PublicAudience(_internal::StoragePublicAudience); } // namespace Models BlobQueryInputTextOptions BlobQueryInputTextOptions::CreateCsvTextOptions( diff --git a/sdk/storage/azure-storage-blobs/src/blob_service_client.cpp b/sdk/storage/azure-storage-blobs/src/blob_service_client.cpp index 36b379963..6a93a9167 100644 --- a/sdk/storage/azure-storage-blobs/src/blob_service_client.cpp +++ b/sdk/storage/azure-storage-blobs/src/blob_service_client.cpp @@ -83,8 +83,9 @@ namespace Azure { namespace Storage { namespace Blobs { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::BlobAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); tokenAuthPolicy = std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery); perRetryPolicies.emplace_back(tokenAuthPolicy->Clone()); diff --git a/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp index b71f6f9bf..4136f319a 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp @@ -51,8 +51,8 @@ namespace Azure { namespace Storage { namespace Test { // With custom audience auto blobUrl = Azure::Core::Url(m_blockBlobClient->GetUrl()); - clientOptions.Audience = Blobs::Models::BlobAudience( - blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/.default"); + clientOptions.Audience + = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost()); blobClient = Blobs::BlobClient( m_blockBlobClient->GetUrl(), std::make_shared( diff --git a/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp index 0777c5a4c..076cd2dfd 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp @@ -1456,14 +1456,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto containerUrl = Azure::Core::Url(containerClient.GetUrl()); - clientOptions.Audience = Blobs::Models::BlobAudience( - containerUrl.GetScheme() + "://" + containerUrl.GetHost() + "/.default"); + clientOptions.Audience + = Blobs::Models::BlobAudience(containerUrl.GetScheme() + "://" + containerUrl.GetHost()); containerClient = Blobs::BlobContainerClient(m_blobContainerClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(containerClient.GetProperties()); // error audience - clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com"); containerClient = Blobs::BlobContainerClient(m_blobContainerClient->GetUrl(), credential, clientOptions); EXPECT_THROW(containerClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp index ba8edb3d4..06b7ad0b1 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp @@ -514,14 +514,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto serviceUrl = Azure::Core::Url(serviceClient.GetUrl()); - clientOptions.Audience = Blobs::Models::BlobAudience( - serviceUrl.GetScheme() + "://" + serviceUrl.GetHost() + "/.default"); + clientOptions.Audience + = Blobs::Models::BlobAudience(serviceUrl.GetScheme() + "://" + serviceUrl.GetHost()); serviceClient = Blobs::BlobServiceClient(m_blobServiceClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(serviceClient.GetProperties()); // error audience - clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com"); serviceClient = Blobs::BlobServiceClient(m_blobServiceClient->GetUrl(), credential, clientOptions); EXPECT_THROW(serviceClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp b/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp index 1f9cf3213..e01b080bf 100644 --- a/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp +++ b/sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp @@ -2040,16 +2040,27 @@ namespace Azure { namespace Storage { namespace Test { = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(blockBlobClient.GetProperties()); + // public audience + clientOptions.Audience = Blobs::Models::BlobAudience::PublicAudience; + blockBlobClient + = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(blockBlobClient.GetProperties()); + // custom audience auto blobUrl = Azure::Core::Url(blockBlobClient.GetUrl()); - clientOptions.Audience = Blobs::Models::BlobAudience( - blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/.default"); + clientOptions.Audience + = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost()); + blockBlobClient + = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(blockBlobClient.GetProperties()); + clientOptions.Audience + = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/"); blockBlobClient = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(blockBlobClient.GetProperties()); // error audience - clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com"); blockBlobClient = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions); EXPECT_THROW(blockBlobClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-common/inc/azure/storage/common/internal/constants.hpp b/sdk/storage/azure-storage-common/inc/azure/storage/common/internal/constants.hpp index 95e540a49..46306c857 100644 --- a/sdk/storage/azure-storage-common/inc/azure/storage/common/internal/constants.hpp +++ b/sdk/storage/azure-storage-common/inc/azure/storage/common/internal/constants.hpp @@ -11,6 +11,7 @@ namespace Azure { namespace Storage { namespace _internal { constexpr static const char* HttpQuerySnapshot = "snapshot"; constexpr static const char* HttpQueryVersionId = "versionid"; constexpr static const char* StorageScope = "https://storage.azure.com/.default"; + constexpr static const char* StoragePublicAudience = "https://storage.azure.com"; constexpr static const char* HttpHeaderDate = "date"; constexpr static const char* HttpHeaderXMsVersion = "x-ms-version"; constexpr static const char* HttpHeaderRequestId = "x-ms-request-id"; diff --git a/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp b/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp index 6d4514f14..276b84450 100644 --- a/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp +++ b/sdk/storage/azure-storage-common/inc/azure/storage/common/storage_credential.hpp @@ -90,6 +90,8 @@ namespace Azure { namespace Storage { ConnectionStringParts ParseConnectionString(const std::string& connectionString); + std::string GetDefaultScopeForAudience(const std::string& audience); + } // namespace _internal }} // namespace Azure::Storage diff --git a/sdk/storage/azure-storage-common/src/storage_credential.cpp b/sdk/storage/azure-storage-common/src/storage_credential.cpp index 7a63f12cf..991a198fb 100644 --- a/sdk/storage/azure-storage-common/src/storage_credential.cpp +++ b/sdk/storage/azure-storage-common/src/storage_credential.cpp @@ -114,4 +114,13 @@ namespace Azure { namespace Storage { namespace _internal { return connectionStringParts; } + + std::string GetDefaultScopeForAudience(const std::string& audience) + { + if (!audience.empty() && audience.back() == '/') + { + return audience + ".default"; + } + return audience + "/.default"; + } }}} // namespace Azure::Storage::_internal diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_file_system_client.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_file_system_client.cpp index 1eb808872..e82c1d6ac 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_file_system_client.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_file_system_client.cpp @@ -98,8 +98,9 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::DataLakeAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery)); diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp index 3836910ee..5e9641664 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp @@ -5,6 +5,6 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { namespace Models { - const DataLakeAudience DataLakeAudience::PublicAudience(Azure::Storage::_internal::StorageScope); + const DataLakeAudience DataLakeAudience::PublicAudience(_internal::StoragePublicAudience); }}}}} // namespace Azure::Storage::Files::DataLake::Models diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_path_client.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_path_client.cpp index 0f2b39c36..274757dfe 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_path_client.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_path_client.cpp @@ -96,8 +96,9 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::DataLakeAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery)); diff --git a/sdk/storage/azure-storage-files-datalake/src/datalake_service_client.cpp b/sdk/storage/azure-storage-files-datalake/src/datalake_service_client.cpp index d58ab2ab3..b2c17b1b6 100644 --- a/sdk/storage/azure-storage-files-datalake/src/datalake_service_client.cpp +++ b/sdk/storage/azure-storage-files-datalake/src/datalake_service_client.cpp @@ -92,8 +92,9 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::DataLakeAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery)); diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp index ae1269cb5..1aa6d5ab4 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_file_system_client_test.cpp @@ -924,14 +924,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto fileSystemUrl = Azure::Core::Url(fileSystemClient.GetUrl()); clientOptions.Audience = Files::DataLake::Models::DataLakeAudience( - fileSystemUrl.GetScheme() + "://" + fileSystemUrl.GetHost() + "/.default"); + fileSystemUrl.GetScheme() + "://" + fileSystemUrl.GetHost()); fileSystemClient = Files::DataLake::DataLakeFileSystemClient( m_fileSystemClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(fileSystemClient.GetProperties()); // error audience clientOptions.Audience - = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com/.default"); + = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com"); fileSystemClient = Files::DataLake::DataLakeFileSystemClient( m_fileSystemClient->GetUrl(), credential, clientOptions); EXPECT_THROW(fileSystemClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp index 7089bd872..42cf82e10 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_path_client_test.cpp @@ -494,17 +494,23 @@ namespace Azure { namespace Storage { namespace Test { = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(pathClient.GetProperties()); + // public audience + clientOptions.Audience = Files::DataLake::Models::DataLakeAudience::PublicAudience; + pathClient + = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(pathClient.GetProperties()); + // custom audience auto pathUrl = Azure::Core::Url(pathClient.GetUrl()); clientOptions.Audience = Files::DataLake::Models::DataLakeAudience( - pathUrl.GetScheme() + "://" + pathUrl.GetHost() + "/.default"); + pathUrl.GetScheme() + "://" + pathUrl.GetHost()); pathClient = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(pathClient.GetProperties()); // error audience clientOptions.Audience - = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com/.default"); + = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com"); pathClient = Files::DataLake::DataLakePathClient(m_pathClient->GetUrl(), credential, clientOptions); EXPECT_THROW(pathClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp index 94456465f..7571dec00 100644 --- a/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp +++ b/sdk/storage/azure-storage-files-datalake/test/ut/datalake_service_client_test.cpp @@ -360,14 +360,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto fileSystemUrl = Azure::Core::Url(serviceClient.GetUrl()); clientOptions.Audience = Files::DataLake::Models::DataLakeAudience( - fileSystemUrl.GetScheme() + "://" + fileSystemUrl.GetHost() + "/.default"); + fileSystemUrl.GetScheme() + "://" + fileSystemUrl.GetHost()); serviceClient = Files::DataLake::DataLakeServiceClient( m_dataLakeServiceClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(serviceClient.GetProperties()); // error audience clientOptions.Audience - = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com/.default"); + = Files::DataLake::Models::DataLakeAudience("https://disk.compute.azure.com"); serviceClient = Files::DataLake::DataLakeServiceClient( m_dataLakeServiceClient->GetUrl(), credential, clientOptions); EXPECT_THROW(serviceClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-shares/src/share_client.cpp b/sdk/storage/azure-storage-files-shares/src/share_client.cpp index cf8b74bb4..ee9e27034 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_client.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_client.cpp @@ -79,8 +79,9 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::ShareAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique( credential, tokenContext)); diff --git a/sdk/storage/azure-storage-files-shares/src/share_directory_client.cpp b/sdk/storage/azure-storage-files-shares/src/share_directory_client.cpp index 7b62db02d..b7c1baa2e 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_directory_client.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_directory_client.cpp @@ -81,8 +81,9 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::ShareAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique( credential, tokenContext)); diff --git a/sdk/storage/azure-storage-files-shares/src/share_file_client.cpp b/sdk/storage/azure-storage-files-shares/src/share_file_client.cpp index e7d338729..babbf32fd 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_file_client.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_file_client.cpp @@ -86,8 +86,9 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::ShareAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique( credential, tokenContext)); diff --git a/sdk/storage/azure-storage-files-shares/src/share_options.cpp b/sdk/storage/azure-storage-files-shares/src/share_options.cpp index 098332f44..392c3f321 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_options.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_options.cpp @@ -5,6 +5,6 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { namespace Models { - const ShareAudience ShareAudience::PublicAudience(Azure::Storage::_internal::StorageScope); + const ShareAudience ShareAudience::PublicAudience(_internal::StoragePublicAudience); }}}}} // namespace Azure::Storage::Files::Shares::Models diff --git a/sdk/storage/azure-storage-files-shares/src/share_service_client.cpp b/sdk/storage/azure-storage-files-shares/src/share_service_client.cpp index 101604dc1..8b4f65ea5 100644 --- a/sdk/storage/azure-storage-files-shares/src/share_service_client.cpp +++ b/sdk/storage/azure-storage-files-shares/src/share_service_client.cpp @@ -76,8 +76,9 @@ namespace Azure { namespace Storage { namespace Files { namespace Shares { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::ShareAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique( credential, tokenContext)); diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp index fe5a6d802..9dfeb77e4 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_client_test.cpp @@ -719,14 +719,13 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto shareUrl = Azure::Core::Url(shareClient.GetUrl()); - clientOptions.Audience = Files::Shares::Models::ShareAudience( - shareUrl.GetScheme() + "://" + shareUrl.GetHost() + "/.default"); + clientOptions.Audience + = Files::Shares::Models::ShareAudience(shareUrl.GetScheme() + "://" + shareUrl.GetHost()); shareClient = Files::Shares::ShareClient(m_shareClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(shareClient.GetPermission(created.FilePermissionKey)); // error audience - clientOptions.Audience - = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com"); shareClient = Files::Shares::ShareClient(m_shareClient->GetUrl(), credential, clientOptions); EXPECT_THROW(shareClient.GetPermission(created.FilePermissionKey), StorageException); } diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp index 887f8a7a9..b27054606 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_directory_client_test.cpp @@ -1224,14 +1224,13 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto directoryUrl = Azure::Core::Url(directoryClient.GetUrl()); clientOptions.Audience = Files::Shares::Models::ShareAudience( - directoryUrl.GetScheme() + "://" + directoryUrl.GetHost() + "/.default"); + directoryUrl.GetScheme() + "://" + directoryUrl.GetHost()); directoryClient = Files::Shares::ShareDirectoryClient( m_fileShareDirectoryClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(directoryClient.GetProperties()); // error audience - clientOptions.Audience - = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com"); directoryClient = Files::Shares::ShareDirectoryClient( m_fileShareDirectoryClient->GetUrl(), credential, clientOptions); EXPECT_THROW(directoryClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp b/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp index 6cafc8df7..967738c5a 100644 --- a/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp +++ b/sdk/storage/azure-storage-files-shares/test/ut/share_file_client_test.cpp @@ -1707,10 +1707,15 @@ namespace Azure { namespace Storage { namespace Test { = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(fileClient.GetProperties()); + // public audience + clientOptions.Audience = Files::Shares::Models::ShareAudience::PublicAudience; + fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(fileClient.GetProperties()); + // custom audience auto fileUrl = Azure::Core::Url(fileClient.GetUrl()); - clientOptions.Audience = Files::Shares::Models::ShareAudience( - fileUrl.GetScheme() + "://" + fileUrl.GetHost() + "/.default"); + clientOptions.Audience + = Files::Shares::Models::ShareAudience(fileUrl.GetScheme() + "://" + fileUrl.GetHost()); fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(fileClient.GetProperties()); @@ -1723,8 +1728,7 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(fileClient.GetProperties()); // error audience - clientOptions.Audience - = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Files::Shares::Models::ShareAudience("https://disk.compute.azure.com"); fileClient = Files::Shares::ShareFileClient(m_fileClient->GetUrl(), credential, clientOptions); EXPECT_THROW(fileClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-queues/src/queue_client.cpp b/sdk/storage/azure-storage-queues/src/queue_client.cpp index 3b351c97a..1518e6d4a 100644 --- a/sdk/storage/azure-storage-queues/src/queue_client.cpp +++ b/sdk/storage/azure-storage-queues/src/queue_client.cpp @@ -75,8 +75,9 @@ namespace Azure { namespace Storage { namespace Queues { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::QueueAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery)); diff --git a/sdk/storage/azure-storage-queues/src/queue_options.cpp b/sdk/storage/azure-storage-queues/src/queue_options.cpp index 8f7421c4c..7f1e6333c 100644 --- a/sdk/storage/azure-storage-queues/src/queue_options.cpp +++ b/sdk/storage/azure-storage-queues/src/queue_options.cpp @@ -7,7 +7,7 @@ namespace Azure { namespace Storage { namespace Queues { namespace Models { - const QueueAudience QueueAudience::PublicAudience(Azure::Storage::_internal::StorageScope); + const QueueAudience QueueAudience::PublicAudience(_internal::StoragePublicAudience); } // namespace Models const ServiceVersion ServiceVersion::V2018_03_28(std::string("2018-03-28")); diff --git a/sdk/storage/azure-storage-queues/src/queue_service_client.cpp b/sdk/storage/azure-storage-queues/src/queue_service_client.cpp index ffe9d5888..1b68326b5 100644 --- a/sdk/storage/azure-storage-queues/src/queue_service_client.cpp +++ b/sdk/storage/azure-storage-queues/src/queue_service_client.cpp @@ -73,8 +73,9 @@ namespace Azure { namespace Storage { namespace Queues { { Azure::Core::Credentials::TokenRequestContext tokenContext; tokenContext.Scopes.emplace_back( - options.Audience.HasValue() ? options.Audience.Value().ToString() - : Models::QueueAudience::PublicAudience.ToString()); + options.Audience.HasValue() + ? _internal::GetDefaultScopeForAudience(options.Audience.Value().ToString()) + : _internal::StorageScope); perRetryPolicies.emplace_back( std::make_unique<_internal::StorageBearerTokenAuthenticationPolicy>( credential, tokenContext, options.EnableTenantDiscovery)); diff --git a/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp b/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp index e069ce4a7..c92f0a473 100644 --- a/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp +++ b/sdk/storage/azure-storage-queues/test/ut/queue_client_test.cpp @@ -246,10 +246,15 @@ namespace Azure { namespace Storage { namespace Test { auto queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(queueClient.GetProperties()); + // public audience + clientOptions.Audience = Queues::Models::QueueAudience::PublicAudience; + queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); + EXPECT_NO_THROW(queueClient.GetProperties()); + // custom audience auto queueUrl = Azure::Core::Url(queueClient.GetUrl()); - clientOptions.Audience = Queues::Models::QueueAudience( - queueUrl.GetScheme() + "://" + queueUrl.GetHost() + "/.default"); + clientOptions.Audience + = Queues::Models::QueueAudience(queueUrl.GetScheme() + "://" + queueUrl.GetHost()); queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(queueClient.GetProperties()); @@ -259,8 +264,7 @@ namespace Azure { namespace Storage { namespace Test { EXPECT_NO_THROW(queueClient.GetProperties()); // error audience - clientOptions.Audience - = Queues::Models::QueueAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Queues::Models::QueueAudience("https://disk.compute.azure.com"); queueClient = Queues::QueueClient(m_queueClient->GetUrl(), credential, clientOptions); EXPECT_THROW(queueClient.GetProperties(), StorageException); diff --git a/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp b/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp index 32a514503..88c2faeaf 100644 --- a/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp +++ b/sdk/storage/azure-storage-queues/test/ut/queue_service_client_test.cpp @@ -330,15 +330,14 @@ namespace Azure { namespace Storage { namespace Test { // custom audience auto queueUrl = Azure::Core::Url(queueServiceClient.GetUrl()); - clientOptions.Audience = Queues::Models::QueueAudience( - queueUrl.GetScheme() + "://" + queueUrl.GetHost() + "/.default"); + clientOptions.Audience + = Queues::Models::QueueAudience(queueUrl.GetScheme() + "://" + queueUrl.GetHost()); queueServiceClient = Queues::QueueServiceClient(m_queueServiceClient->GetUrl(), credential, clientOptions); EXPECT_NO_THROW(queueServiceClient.GetProperties()); // error audience - clientOptions.Audience - = Queues::Models::QueueAudience("https://disk.compute.azure.com/.default"); + clientOptions.Audience = Queues::Models::QueueAudience("https://disk.compute.azure.com"); queueServiceClient = Queues::QueueServiceClient(m_queueServiceClient->GetUrl(), credential, clientOptions); EXPECT_THROW(queueServiceClient.GetProperties(), StorageException);