moresandeep/azure-examples

Examples of how to access Azure AD Storage with SAS Tokens and OAuth flows

Azure SAS Token POC

This is a POC that demonstrates how to generate and consume Azure AD SAS Tokens. This POC uses Azure Storage SDK for Java.

Setup

Create a Storage account

• You need an Azure AD Subscription, create an account if you don't have one.
• Create a new storage account
  • Go to the Azure portal and log in using your Azure account.
  • On the Hub menu, select New > Storage > Storage account - blob, file, table, queue.
  • Enter a name for your storage account. The name must be between 3 and 24 characters in length and may contain numbers and lowercase letters only. It must also be unique.
  • Set Deployment model to Resource manager.
  • Set Account kind to General purpose.
  • Set Performance to Standard.
  • Set Replication to Locally Redundant storage (LRS).
  • Set Storage service encryption to Disabled.
  • Set Secure transfer required to Disabled.
  • Select your subscription.
  • For resource group, create a new one and give it a unique name.
  • Select the Location to use for your storage account.
  • Check Pin to dashboard and click Create to create your storage account.

Click on it to open it. Under SETTINGS, click Access keys. Select a key and copy the key1 to the clipboard, then save it for later use.

Set environment variable

Linux/MacOS

export AZURE_STORAGE_ACCOUNT="<youraccountname>"
export AZURE_STORAGE_ACCESS_KEY="<youraccountkey>"
export STORAGE_CONTAINER_NAME="<yourcontainername>"
export STORAGE_BLOB_NAME="<yourblobname>"

Windows

setx AZURE_STORAGE_ACCOUNT "<youracountname>"
setx AZURE_STORAGE_ACCESS_KEY "<youraccountkey>"
setx STORAGE_CONTAINER_NAME "<yourcontainername>"
setx STORAGE_BLOB_NAME "<yourblobname>"

SAS Token types

There are two types of SAS Tokens

• Service token
• Account token

SAS Service Token Example

The java class SASServiceTokenPOC contains an example of how to create a SAS Service token and then creates, downloads and deletes a test blob from the provided AZURE_STORAGE_ACCOUNT (storage account) and STORAGE_CONTAINER_NAME (container name).

SAS Account Token Example

The java class SASAccountTokenPOC contains an example of how to create a SAS Account token.

Reference

• storage-blobs-java-v10-quickstart
• Azure Storage SDK v10 for Java