file-azure

b692acd9 · Erik Leckner · 7f2dad68 · b692acd9 · b692acd9
Commit b692acd9 authored Aug 15, 2020 by Erik Leckner
--- a/provider/file-azure/src/main/java/org/opengroup/osdu/file/provider/azure/service/AzureBlobSasTokenServiceImpl.java
+++ b/provider/file-azure/src/main/java/org/opengroup/osdu/file/provider/azure/service/AzureBlobSasTokenServiceImpl.java
@@ -25,17 +25,19 @@ import org.springframework.stereotype.Component;

 import java.time.OffsetDateTime;
 import java.time.ZoneOffset;
+import java.time.temporal.UnsupportedTemporalTypeException;
+import java.util.concurrent.TimeUnit;

 /*
 For a given blob object, generator a SAS Token that'll let bearers access the blob for 24 hours.
 */
 @Log
 @Component
-public class AzureBlobSasTokenServiceImpl {
+public class AzureTokenServiceImpl {

    private DefaultAzureCredential defaultCredential = new DefaultAzureCredentialBuilder().build();

-    public String signContainer(String containerUrl) {
+    public String signContainer(String containerUrl, long duration, TimeUnit timeUnit) {
        BlobUrlParts parts = BlobUrlParts.parse(containerUrl);
        String endpoint = calcBlobAccountUrl(parts);

@@ -50,11 +52,11 @@ public class AzureBlobSasTokenServiceImpl {
                .containerName(parts.getBlobContainerName())
                .buildClient();

-        OffsetDateTime expiresInHalfADay = calcTokenExpirationDate();
-        UserDelegationKey key = rbacKeySource.getUserDelegationKey(null, expiresInHalfADay);
+        OffsetDateTime expires = calcTokenExpirationDate(duration, timeUnit);
+        UserDelegationKey key = rbacKeySource.getUserDelegationKey(null, expires);

        BlobSasPermission readOnlyPerms = BlobSasPermission.parse("r");
-        BlobServiceSasSignatureValues tokenProps = new BlobServiceSasSignatureValues(expiresInHalfADay, readOnlyPerms);
+        BlobServiceSasSignatureValues tokenProps = new BlobServiceSasSignatureValues(expires, readOnlyPerms);

        String sasToken = blobContainerClient.generateUserDelegationSas(tokenProps, key);

@@ -62,7 +64,7 @@ public class AzureBlobSasTokenServiceImpl {
        return sasUri;
    }

-    public String sign(String blobUrl) {
+    public String sign(String blobUrl, long duration, TimeUnit timeUnit) {
        BlobUrlParts parts = BlobUrlParts.parse(blobUrl);
        String endpoint = calcBlobAccountUrl(parts);
        BlobServiceClient rbacKeySource = new BlobServiceClientBuilder()
@@ -73,10 +75,10 @@ public class AzureBlobSasTokenServiceImpl {
                .credential(defaultCredential)
                .endpoint(blobUrl)
                .buildClient();
-        OffsetDateTime expiresInHalfADay = calcTokenExpirationDate();
-        UserDelegationKey key = rbacKeySource.getUserDelegationKey(null, expiresInHalfADay);
+        OffsetDateTime expires = calcTokenExpirationDate(duration, timeUnit);
+        UserDelegationKey key = rbacKeySource.getUserDelegationKey(null, expires);
        BlobSasPermission readOnlyPerms = BlobSasPermission.parse("r");
-        BlobServiceSasSignatureValues tokenProps = new BlobServiceSasSignatureValues(expiresInHalfADay, readOnlyPerms);
+        BlobServiceSasSignatureValues tokenProps = new BlobServiceSasSignatureValues(expires, readOnlyPerms);
        String sasToken = tokenSource.generateUserDelegationSas(tokenProps, key);
        String sasUri = String.format("%s?%s", blobUrl, sasToken);
        System.out.println(String.format("sasUri=%s", sasUri));
@@ -87,7 +89,22 @@ public class AzureBlobSasTokenServiceImpl {
        return String.format("https://%s.blob.core.windows.net", parts.getAccountName());
    }

-    private OffsetDateTime calcTokenExpirationDate() {
-        return OffsetDateTime.now(ZoneOffset.UTC).plusHours(12);
+    private OffsetDateTime calcTokenExpirationDate(long duration, TimeUnit timeUnit) {
+      if (timeUnit == null) {
+        throw new UnsupportedTemporalTypeException("Unsupported temporal type");
+      }
+      if (timeUnit == TimeUnit.DAYS) {
+        return OffsetDateTime.now(ZoneOffset.UTC).plusDays(duration);
+      } else if (timeUnit == TimeUnit.SECONDS){
+        return OffsetDateTime.now(ZoneOffset.UTC).plusSeconds(duration);
+      } else if (timeUnit == TimeUnit.NANOSECONDS){
+        return OffsetDateTime.now(ZoneOffset.UTC).plusNanos(duration);
+      } else if (timeUnit == TimeUnit.MINUTES){
+        return OffsetDateTime.now(ZoneOffset.UTC).plusMinutes(duration);
+      } else if (timeUnit == TimeUnit.HOURS){
+        return OffsetDateTime.now(ZoneOffset.UTC).plusHours(duration);
+      } else {
+          throw new UnsupportedTemporalTypeException("Unsupported temporal type");
+      }
    }
 }
--- a/provider/file-azure/src/main/java/org/opengroup/osdu/file/provider/azure/storage/StorageImpl.java
+++ b/provider/file-azure/src/main/java/org/opengroup/osdu/file/provider/azure/storage/StorageImpl.java
@@ -39,7 +39,7 @@ import com.azure.storage.blob.specialized.BlockBlobClient;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.opengroup.osdu.file.provider.azure.common.base.MoreObjects;
-import org.opengroup.osdu.file.provider.azure.service.AzureBlobSasTokenServiceImpl;
+import org.opengroup.osdu.file.provider.azure.service.AzureTokenServiceImpl;
 import org.springframework.stereotype.Service;

 import javax.inject.Inject;
@@ -60,7 +60,7 @@ public class StorageImpl implements Storage {
  private static String storageAccount;

  @Inject
-  AzureBlobSasTokenServiceImpl token;
+  AzureTokenServiceImpl token;

  public StorageImpl() {
    this.storageAccount = getStorageAccount();
@@ -97,7 +97,7 @@ public class StorageImpl implements Storage {

  @SneakyThrows
  @Override
-  public URL signUrl(BlobInfo blobInfo, long duration, TimeUnit unit) {
+  public URL signUrl(BlobInfo blobInfo, long duration, TimeUnit timeUnit) {
    URL url = null;
    try {
      log.debug("Signing the blob in container {} for path {}", blobInfo.getContainer(), blobInfo.getName());
@@ -105,7 +105,7 @@ public class StorageImpl implements Storage {
      String blobURL = generateBlobPath(storageAccount, blobInfo.getContainer(), blobInfo.getName());
      System.out.println(String.format("Signing the blob %s", blobURL));
      log.debug("Signing the blob {}", blobURL);
-      String signedUrl = token.sign(blobURL);
+      String signedUrl = token.sign(blobURL, duration, timeUnit);
      System.out.println(String.format("signedUrl: %s", signedUrl));
      return new URL(signedUrl);
    }