August 2023 ~ Restaurant of Mistaken Orders

Tuesday, August 15, 2023

August 15, 2023

Azure Blob Storage is an essential component for many businesses, offering scalable and secure storage for documents, images, and other types of data. But providing secure access to these blobs can be challenging. That's where Shared Access Signatures (SAS) come into play.

What is a Shared Access Signature (SAS)?

A Shared Access Signature (SAS) is a URI that grants restricted access rights to Azure Storage resources. With SAS, you can provide clients with access to data without sharing your account keys.

Breaking Down the SAS Token Generator:

1. Setting Up:

The function starts by parsing the storage account connection string to get a reference to the storage account. With this, it sets up the blob client and gets a reference to the blob container.

CloudStorageAccount storageAccount = CloudStorageAccount.Parse(storageAccountConnectionString);
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference(containerName);

2. Defining the SAS Token's Time Window and Permissions:

The function then defines a time window for the SAS token's validity. By default, it's set to be valid for 4 hours from the current time. It also specifies the permissions for the SAS token, which include both read and write access.

DateTime startTime = DateTime.UtcNow.AddMinutes(-5);
DateTime expiryTime = startTime.AddHours(1);
SharedAccessBlobPolicy sasPolicy = new SharedAccessBlobPolicy()
{
    Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Read,
    SharedAccessStartTime = startTime,
    SharedAccessExpiryTime = expiryTime
};

3. Generating the SAS Token and URL:

Finally, the function generates the SAS token for the specified blob and constructs the SAS URL.

CloudBlockBlob blob = container.GetBlockBlobReference(blobName);
string sasToken = blob.GetSharedAccessSignature(sasPolicy);
string sasUrl = blob.Uri + sasToken;

Why Use SAS Tokens?

Fine-grained Control: You can define what operations (read, write, delete) a user can perform on the blob.

Time-bound Access: The access you grant using SAS is for a limited duration, ensuring that even if someone gets the SAS token, they can't misuse it indefinitely.

Security: No need to share your Azure storage account keys.

Conclusion:

Managing access to your Azure Blob Storage doesn't have to be daunting. With the power of SAS tokens and the right functions in place, you can ensure security and ease of access for your users. Whether you're a seasoned Azure developer or just starting, understanding and utilizing SAS is a game-changer. Dive in and make the most of Azure Blob Storage!

Complete code:

private static string GetSasUrl(string storageAccountConnectionString, string containerName, string blobName)
{
    CloudStorageAccount storageAccount = CloudStorageAccount.Parse(storageAccountConnectionString);
    CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
    CloudBlobContainer container = blobClient.GetContainerReference(containerName);

    // Set the SAS token time window
    DateTime startTime = DateTime.UtcNow.AddMinutes(-5);
    DateTime expiryTime = startTime.AddHours(4);

    // Set the permissions for the SAS token
    SharedAccessBlobPolicy sasPolicy = new SharedAccessBlobPolicy()
    {
        Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Read,
        SharedAccessStartTime = startTime,
        SharedAccessExpiryTime = expiryTime
    };

    // Generate the SAS token for the blob
    CloudBlockBlob blob = container.GetBlockBlobReference(blobName);
    string sasToken = blob.GetSharedAccessSignature(sasPolicy);

    // Construct the SAS URL for the blob
    string sasUrl = blob.Uri + sasToken;

    return sasUrl;
}

Friday, August 4, 2023

August 04, 2023

Managing Assets in the Restaurant of Mistaken Orders: Creating or Updating Main Files from External URLs

In a software kitchen, like the Restaurant of Mistaken Orders, where unexpected dishes (files) are often served, managing the menu (assets) can be a challenging task. In this article, we'll learn how to create or update an asset's main file from an external URL, using a recipe that even the most distracted waiter can follow.

Ingredients

Sitecore Content Hub SDK: A rich library to manage your digital assets.
C#: Our programming language to cook the code.
HttpClient: To fetch the external URL.
MemoryStream: To hold the content of the file.
A Mistaken Order (External URL): The URL pointing to the new main file.

The Recipe

Step 1: Preparing the Mistaken Order

First, we need a method to fetch the content from the mistaken order (external URL). Think of it as a waiter running to grab a dish from a neighboring restaurant.

    public class MemoryStreamHelper
    {
        public static async Task<MemoryStream> GetMemoryStreamFromUrlAsync(Uri uri, CancellationToken cancellationToken)
        {
            using (var httpClient = new HttpClient())
            using (var response = await httpClient.GetAsync(uri, HttpCompletionOption.ResponseHeadersRead, cancellationToken))
            {
                response.EnsureSuccessStatusCode();
                var memoryStream = new MemoryStream();
                await response.Content.CopyToAsync(memoryStream);
                memoryStream.Position = 0;
                return memoryStream;
            }
        }
    }

Step 2: Cooking the New MainFile (Asset Creation)

If the order is new and the asset doesn't exist yet, we'll create a new dish.

public async Task<long> CreateNewAsset(string videoBlobUrl)
{
    var uri = new Uri(videoBlobUrl, UriKind.Absolute);
    var memoryStream = await MemoryStreamHelper.GetMemoryStreamFromUrlAsync(uri, CancellationToken.None);
    
    var request = new UploadRequest(new StreamUploadSource(memoryStream, "video/mp4", "video.mp4"), "AssetUploadConfiguration", "NewAsset")
    {
        // Add any additional parameters as needed
    };

    var response = await mClient.Uploads.UploadAsync(request, CancellationToken.None);
    return (long)await mClient.LinkHelper.IdFromEntityAsync(response.Headers.Location);
}

Step 3: Updating the MainFile (Asset Update)

If the asset already exists, and we want to replace the main file, we'll need to follow a different recipe.

public async Task UpdateAssetMainFile(long assetId, string videoBlobUrl)
{
    var uri = new Uri(videoBlobUrl, UriKind.Absolute);
    var memoryStream = await MemoryStreamHelper.GetMemoryStreamFromUrlAsync(uri, CancellationToken.None);

    var request = new UploadRequest(new StreamUploadSource(memoryStream, "video/mp4", "video.mp4"), "AssetUploadConfiguration", "NewMainFile")
    {
        ActionParameters = new Dictionary<string, object>
        {
            { "AssetId", assetId }, // Specify the asset ID to update
        }
    };

    await mClient.Uploads.UploadAsync(request, CancellationToken.None);
}

Conclusion

In the Restaurant of Mistaken Orders, managing assets and main files can be as delightful as tasting a new dish. Whether it's creating a new asset or updating an existing one, the ingredients and steps outlined in this article provide a nourishing recipe for success.

So the next time a customer (user) comes in with a mistaken order (external URL), you'll know exactly how to cook up the perfect solution. Bon appétit! 🍽️

Restaurant of Mistaken Orders