How to generate SAS toke for blob storage in dart language
I'm currently trying to generate SAS token for blob file in dart language. I took reference from a python code also. In python generate_sas_token() function requires policy id for azure blob storage. where to get this
This the info I have, Or is there any other way to generate other than generate_sas_token() SDK in python. The reason s I want to create SAS token via dart only. So that I need a flow or method to generate SAS.
Thanks in advance
import 'dart:convert';
import 'package:crypto/crypto.dart';
import 'package:intl/intl.dart';
String encode_signature(String signature){
return signature.replaceAll(':', '%3A');
}
String generateSasToken(String accountName, String accountKey, String containerName, String blobName, int expiryHours) {
var ttl = DateTime.now().add(Duration(hours: expiryHours)).millisecondsSinceEpoch ~/ 1000;
var stringToSign = "r\n${DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().toUtc())}\n${DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().add(Duration(hours: expiryHours)).toUtc())}\n/$accountName/$containerName/$blobName\n\n\n\n\n\n\n";
var hmacSha256 = Hmac(sha256, base64.decode(accountKey));
var signature = base64.encode(hmacSha256.convert(utf8.encode(stringToSign)).bytes);
var queryParams = {
'sp': 'r',
'st': DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().toUtc()),
'se': DateFormat("yyyy-MM-ddTHH:mm:ssZ").format(DateTime.now().add(Duration(hours: expiryHours)).toUtc()),
'sv': '2022-11-02',
'sr': 'b',
'sig': encode_signature(signature),//Uri.encodeComponent(signature).replaceAll('%3A', ':'), // Encode the signature component
};
var queryString = Uri(queryParameters: queryParams).query;
return queryString;
}
void main() {
var accountName = "account_name";
var accountKey = "accountkey";
var containerName = "azure-webjobs-hosts";
var blobName = "0_12d6fa4202ac42bdbc33923c413c68ff_1.json";
var expiryHours = 168;
var sasToken = generateSasToken(accountName, accountKey, containerName, blobName, expiryHours);
print(sasToken);
}
this is the code Im running now Im able to get but the only issue is This is the SAS generated in azure portal -
sp=r&st=2024-03-11T06:25:18Z&se=2024-03-11T14:25:18Z&sv=2022-11-02&sr=b&sig=sMX853JrU%2BkgAGgKTXS1XQRvFoh6%2BQQ3jNWRnG8LWVI%3D
This is generated by above code -
sp=r&st=2024-03-14T11%3A56%3A00&se=2024-03-21T11%3A56%3A00&sv=2022-11-02&sr=b&sig=jPsFzl2RoTJNGbMNg%252FwcT1oi%252FyIIBjFJeps1pJyMCGc%253D
Instead of colon ":" I'm getting "%3A". Even though I used replace all function. What could be the issue?
The token is generating but
this the timezone in azure portal but when I generate SAS in azure portal it give the following timezone
What would be the issue. The time difference is 5 hours 27 mins approx (minutes variable)
Next issue
I'am able to generate valid SAS token for blob. I used the same for container, but getting 403 error I thought token generation is the problem but later tried with azure portal generated sas token for container still getting the same 403 how it is possible? below is the code I used to get container list
import 'dart:convert';
import 'dart:typed_data';
import 'package:crypto/crypto.dart';
import 'package:http/http.dart' as http;
void main() async {
final String folderURL = 'https://myblobaccount.blob.core.windows.net/azure-webjobs-hosts?sp=r&st=2024-03-22T07:21:47Z&se=2024-03-22T15:21:47Z&sv=2022-11-02&sr=c&sig=Eg%2B04lD3EWLo2wGocU9mqNjKwqKmo04zSCH0Dbsjqlg%3D';//$storageBlobEndpoint/$containerName?$sasToken';
// Make a request to list the blobs within the folder
final response = await http.get(Uri.parse(folderURL));
if (response.statusCode == 200) {
final List<dynamic> blobs = json.decode(response.body);
print("Files in the folder:");
for (var blob in blobs) {
print(blob['name']);
}
} else {
print('Failed to fetch data: ${response.statusCode}');
}
}
what could be the issue?
The code below dart generates a Shared Access Signature (SAS) token for accessing Azure Blob Storage resources. SAS tokens provide restricted access to resources in your storage account, with specified permissions and time limits.
generateSasToken method:
it generates a SAS token based on the provided parameters such as resourceUri, key, permissions, sr, and expiryHours.
import 'dart:convert';
import 'package:intl/intl.dart';
import 'package:crypto/crypto.dart';
class SasTokenGenerator {
String generateSasToken({
required String resourceUri,
required String key,
required String permissions,
required String sr, // Added parameter for the resource type
int expiryHours = 24,
}) {
DateTime startTime = DateTime.now(); // Adjusting start time by 5 minutes for clock skew
DateTime expiry = startTime.add(Duration(hours: expiryHours));
String formattedStartTime = DateFormat("yyyy-MM-ddTHH:mm:ss'Z'").format(startTime);
String formattedExpiry = DateFormat("yyyy-MM-ddTHH:mm:ss'Z'").format(expiry);
String stringToSign = 'sp=$permissions\nst=$formattedStartTime\nse=$formattedExpiry\nspr=https\nsv=2022-11-02\nsr=$sr\n$resourceUri'; // Include sr parameter
String signature = _generateSignature(stringToSign, key);
return 'sp=$permissions&st=$formattedStartTime&se=$formattedExpiry&spr=https&sv=2022-11-02&sr=$sr&sig=$signature'; // Include sr parameter
}
String _generateSignature(String input, String key) {
var keyBytes = utf8.encode(key);
var inputBytes = utf8.encode(input);
var hmacSha256 = Hmac(sha256, keyBytes);
var digest = hmacSha256.convert(inputBytes);
return Uri.encodeComponent(base64.encode(digest.bytes));
}
}
void main() {
String resourceUri = "https://account_name.blob.core.windows.net/containerName/example.txt";
String key = "accountkey";
String permissions = "r"; // r for read, w for write, d for delete, etc.
String sr = "b"; // Specify the resource type: b for Blob service, c for Container service, etc.
int expiryHours = 24; // Expiry duration in hours
SasTokenGenerator generator = SasTokenGenerator();
String sasToken = generator.generateSasToken(
resourceUri: resourceUri,
key: key,
permissions: permissions,
sr: sr, // Pass sr parameter
expiryHours: expiryHours,
);
print('Generated SAS Token: $sasToken');
}
Output:
- How to configure backend application on Container Apps
- WebJob is stopping due to website shutting down
- Azure SQL trigger for Functions configuration problem
- Does azure blob storage support http2?
- Azure Pronunciation Assessment Could not deserialize speech context error
- Is there a query to run so I can get a list of users who has NOT logged in, in the past 30 days?
- How do I Parse FormData containing a audio file in AZ function app in 2025
- Not able to delete Public IP address in azure
- Azure Devops Apple App Store Release.Missing value for the attribute 'whatsNew'
- Azure Storage accounts container public access level has dissabled
- Issue with adding delegated Graph API permission to Enterprise app with Terraform
- Getting an error when using the Flexible File Destination Task in Visual Studio 2022 SSIS
- Problem with Azure Email Communication Service Custom Domain
- How to refresh client assertion in ConfidentialClientApplication?
- Using Microsoft Graph Explorer (we have code too) we can GET All Subscriptions, but GET one by ID gives access error
- Invalid operands found for operator -eq
- nginx - php-fpm - azure container app returns truncated pages
- Adding custom headers to Azure Functions response
- Azure Queue Trigger is hit but not executing the logic inside of it
- az cli not showing redisenterprise keys
- Enforce MFA for specific API called from SPFx via AADTokenProvider (Even with SPO MFA)
- Azure Devops Server Pipelines: Any way to have a Stage result as "Succeeded" even if a constituent Job reported "SucceededWithIssues"?
- YAML strings including special characters % and & were not printed correctly for Windows environment
- Azure function returns error: No job functions found. Try making your job classes and methods public
- How to view Oldest Query results in Azure Monitor Metrics for an Azure PostgreSQL Flex Server instance
- Authenticate to Azure with certificate from Linux
- What are the minimum Azure permissions required to publish a Power BI report using "App Owns the Data"?
- How to report an Azure Text-to-Speech bug?
- Refresh an Azure search index
- Best way to clean up resources in StatefulService