How to generate SAS toke for blob storage in dart language
I'm currently trying to generate SAS token for blob file in dart language. I took reference from a python code also. In python generate_sas_token() function requires policy id for azure blob storage. where to get this
This the info I have, Or is there any other way to generate other than generate_sas_token() SDK in python. The reason s I want to create SAS token via dart only. So that I need a flow or method to generate SAS.
Thanks in advance
import 'dart:convert';
import 'package:crypto/crypto.dart';
import 'package:intl/intl.dart';
String encode_signature(String signature){
return signature.replaceAll(':', '%3A');
}
String generateSasToken(String accountName, String accountKey, String containerName, String blobName, int expiryHours) {
var ttl = DateTime.now().add(Duration(hours: expiryHours)).millisecondsSinceEpoch ~/ 1000;
var stringToSign = "r\n${DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().toUtc())}\n${DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().add(Duration(hours: expiryHours)).toUtc())}\n/$accountName/$containerName/$blobName\n\n\n\n\n\n\n";
var hmacSha256 = Hmac(sha256, base64.decode(accountKey));
var signature = base64.encode(hmacSha256.convert(utf8.encode(stringToSign)).bytes);
var queryParams = {
'sp': 'r',
'st': DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().toUtc()),
'se': DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().add(Duration(hours: expiryHours)).toUtc()),
'sv': '2022-11-02',
'sr': 'b',
'sig': encode_signature(signature),//Uri.encodeComponent(signature).replaceAll('%3A', ':'), // Encode the signature component
};
var queryString = Uri(queryParameters: queryParams).query;
return queryString;
}
void main() {
var accountName = "account_name";
var accountKey = "accountkey";
var containerName = "azure-webjobs-hosts";
var blobName = "0_12d6fa4202ac42bdbc33923c413c68ff_1.json";
var expiryHours = 168;
var sasToken = generateSasToken(accountName, accountKey, containerName, blobName, expiryHours);
print(sasToken);
}
this is the code Im running now Im able to get but the only issue is This is the SAS generated in azure portal -
sp=r&st=2024-03-11T06:25:18Z&se=2024-03-11T14:25:18Z&sv=2022-11-02&sr=b&sig=sMX853JrU%2BkgAGgKTXS1XQRvFoh6%2BQQ3jNWRnG8LWVI%3D
This is generated by above code -
sp=r&st=2024-03-14T11%3A56%3A00&se=2024-03-21T11%3A56%3A00&sv=2022-11-02&sr=b&sig=jPsFzl2RoTJNGbMNg%252FwcT1oi%252FyIIBjFJeps1pJyMCGc%253D
Instead of colon ":" I'm getting "%3A". Even though I used replace all function. What could be the issue?
The token is generating but
this the timezone in azure portal but when I generate SAS in azure portal it give the following timezone
What would be the issue. The time difference is 5 hours 27 mins approx (minutes variable)
Next issue
I'am able to generate valid SAS token for blob. I used the same for container, but getting 403 error I thought token generation is the problem but later tried with azure portal generated sas token for container still getting the same 403 how it is possible? below is the code I used to get container list
import 'dart:convert';
import 'dart:typed_data';
import 'package:crypto/crypto.dart';
import 'package:http/http.dart' as http;
void main() async {
final String folderURL = 'https://myblobaccount.blob.core.windows.net/azure-webjobs-hosts?sp=r&st=2024-03-22T07:21:47Z&se=2024-03-22T15:21:47Z&sv=2022-11-02&sr=c&sig=Eg%2B04lD3EWLo2wGocU9mqNjKwqKmo04zSCH0Dbsjqlg%3D';//$storageBlobEndpoint/$containerName?$sasToken';
// Make a request to list the blobs within the folder
final response = await http.get(Uri.parse(folderURL));
if (response.statusCode == 200) {
final List<dynamic> blobs = json.decode(response.body);
print("Files in the folder:");
for (var blob in blobs) {
print(blob['name']);
}
} else {
print('Failed to fetch data: ${response.statusCode}');
}
}
what could be the issue?
The code below dart generates a Shared Access Signature (SAS) token for accessing Azure Blob Storage resources. SAS tokens provide restricted access to resources in your storage account, with specified permissions and time limits.
generateSasToken method:
it generates a SAS token based on the provided parameters such as resourceUri, key, permissions, sr, and expiryHours.
import 'dart:convert';
import 'package:intl/intl.dart';
import 'package:crypto/crypto.dart';
class SasTokenGenerator {
String generateSasToken({
required String resourceUri,
required String key,
required String permissions,
required String sr, // Added parameter for the resource type
int expiryHours = 24,
}) {
DateTime startTime = DateTime.now(); // Adjusting start time by 5 minutes for clock skew
DateTime expiry = startTime.add(Duration(hours: expiryHours));
String formattedStartTime = DateFormat("yyyy-MM-ddTHH:mm:ss'Z'").format(startTime);
String formattedExpiry = DateFormat("yyyy-MM-ddTHH:mm:ss'Z'").format(expiry);
String stringToSign = 'sp=$permissions\nst=$formattedStartTime\nse=$formattedExpiry\nspr=https\nsv=2022-11-02\nsr=$sr\n$resourceUri'; // Include sr parameter
String signature = _generateSignature(stringToSign, key);
return 'sp=$permissions&st=$formattedStartTime&se=$formattedExpiry&spr=https&sv=2022-11-02&sr=$sr&sig=$signature'; // Include sr parameter
}
String _generateSignature(String input, String key) {
var keyBytes = utf8.encode(key);
var inputBytes = utf8.encode(input);
var hmacSha256 = Hmac(sha256, keyBytes);
var digest = hmacSha256.convert(inputBytes);
return Uri.encodeComponent(base64.encode(digest.bytes));
}
}
void main() {
String resourceUri = "https://account_name.blob.core.windows.net/containerName/example.txt";
String key = "accountkey";
String permissions = "r"; // r for read, w for write, d for delete, etc.
String sr = "b"; // Specify the resource type: b for Blob service, c for Container service, etc.
int expiryHours = 24; // Expiry duration in hours
SasTokenGenerator generator = SasTokenGenerator();
String sasToken = generator.generateSasToken(
resourceUri: resourceUri,
key: key,
permissions: permissions,
sr: sr, // Pass sr parameter
expiryHours: expiryHours,
);
print('Generated SAS Token: $sasToken');
}
Output:
- Azure Service Plan - Convert Consumption App to Premium App
- No PK or FK when exporting SQL Server database
- Assigning a Token Lifetime Policy to an application in Microsoft EntraID seems to have no effect
- How to create a dataset for Azure custom speech using spx (speechCLI)
- Azure App Service Autoscale Fails to Scale In
- Azure Scale Out on Memory keeps flapping (not scaling in)
- Setting a server minimum for Azure Web App when using automatic scaling, from Bicep
- A keyvault created with access policy using BICEP creates compound identity
- Azure Loadbalancer with public IP forward traffic to Container Apps
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
- What means skipNegotiation in SignalR HubConnection?
- Azure ClientCertificateCredential - Using SNI
- Azure AI Search MultiIndex / Conditional Semantic search
- MSAL Node service & The Partner Center API
- Load Registered Component in Azure ML for Pipeline using Python sdk v2
- Azure Blob:- How to automate Azure Archive Storage to Cool/Hot tier conversion, send download link once it's avaible , and re-archive after 72 hours?
- Azure App Service Custom Backup to Firewall Enabled Storage Account not working as expected
- How to take max value and replace it in drived column in data factory
- Synapse/ ADF - How to Truncate table if dynamic config column is True in pre-copy script
- Azure Cost Management - track costs associated with Databricks job
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How to check Debug.Writeline() output in VS code?
- C# API - Provide download of files from Azure Blobstorage
- localhost:300/api is not working : "This page isn’t working"
- Creating an Azure Linux VM with Ubuntu 20.04 with Terraform
- Failed to deploy path that does not exist
- Using Azure WAF for my server(not in Azure)
- How and where to define an environment variable on Azure
- Azure Data Factory - Unable to preview data
- Azure yaml trigger pipeline every 14 days on a Saturday