Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Support for `UserDelegationKey`

See original GitHub issue

Which service(blob, file, queue, table) does this issue concern?

blob

Which version of the Azurite was used?

3.9.0

Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)

npm

What’s the Node.js version?

v12.16.2

What problem was encountered?

Trying to generate a SAS using a TokenCredential instead of a connection string fails because it requires a user delegation key. Azurit does not (yet) support retrieving a user delegation key.

Azure.RequestFailedException : Current API is not implemented yet. Please vote your wanted features to https://github.com/azure/azurite/issues
RequestId:a6cae55a-8b72-48bd-8d2c-357d942bdb9b
Time:2020-12-10T14:15:41.547Z
Status: 500 (Current API is not implemented yet. Please vote your wanted features to https://github.com/azure/azurite/issues)
ErrorCode: APINotImplemented

Headers:
Server: Azurite-Blob/3.9.0
x-ms-error-code: APINotImplemented
x-ms-request-id: a6cae55a-8b72-48bd-8d2c-357d942bdb9b
Date: Thu, 10 Dec 2020 14:15:41 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/xml

Steps to reproduce the issue?

Invoke BlobServiceClient.GetUserDelegationKeyAsync(...)

Have you found a mitigation/solution?

No, but if there is a different way to configure a static/fake user delegation key that would solve my issue as well.

Issue Analytics

State:
Created 3 years ago
Reactions:17
Comments:7 (3 by maintainers)

Top GitHub Comments

3reactions

bluewwcommented, Nov 28, 2022

We already have a PR for User delegation key https://github.com/Azure/Azurite/pull/1753, the PR is being review.

1reaction

kaylumahcommented, Oct 19, 2022

private async Task<Uri> GenerateSasToken(BlobBaseClient blobClient, TimeSpan expiresAfter)
        {
            var dateNow = DateTimeOffset.UtcNow;
            var dateExpiresOn = dateNow.Add(expiresAfter);
            var sasBuilder = new BlobSasBuilder
            {
                BlobContainerName = blobClient.BlobContainerName,
                BlobName = blobClient.Name,
                Resource = "b",
                StartsOn = dateNow,
                ExpiresOn = dateExpiresOn
            };
            sasBuilder.SetPermissions(BlobSasPermissions.Read);
            if (blobClient.CanGenerateSasUri)
            {
                return blobClient.GenerateSasUri(sasBuilder);
            }

            var userDelegationKey = await _blobServiceClient.GetUserDelegationKeyAsync(dateNow, dateExpiresOn);
            var blobUriBuilder = new BlobUriBuilder(blobClient.Uri)
            {
                Sas = sasBuilder.ToSasQueryParameters(userDelegationKey, _blobServiceClient.AccountName)
            };
            return blobUriBuilder.ToUri();
        }

I am using C# to generate a token url.

If you use the https connection string (default endpoint protocol etc) it goes in the If CanGenerateSasUri, but if you use token credential for example Azure CLI Credential, you need to get the user key t generate a sas url