다음을 통해 공유


AzureSasCredential Class

  • java.lang.Object
    • com.azure.core.credential.AzureSasCredential

public final class AzureSasCredential

Represents a credential that uses a shared access signature to authenticate to an Azure Service. It is used for authenticating and authorizing access to Azure services using a shared access signature.

A shared access signature is a string-based token that grants limited permissions and access to specific resources within an Azure service for a specified period. It allows you to provide time-limited access to your resources without sharing your account key or other sensitive credentials.

The AzureSasCredential enables you to authenticate and access Azure services that support shared access signatures. By creating an instance of the AzureSasCredential class and providing the SAS token as a parameter, you can use this credential to authenticate requests to Azure services.

To use the Credential, you typically pass it to the appropriate Azure client or service client builder during instantiation. The library internally handles the authentication process and includes the SAS token in the HTTP requests made to the Azure service, allowing you to access the resources specified in the SAS token.

The AzureSasCredential is particularly useful when you need to grant temporary and limited access to specific resources, such as Azure Storage containers, blobs, queues, or files, without exposing your account key.

It's important to note that the availability and usage of the AzureSasCredential may depend on the specific Azure service and its support for shared access signatures. Additionally, the format and content of the SAS token may vary depending on the service and resource you are targeting.

Sample: Azure SAS Authentication

The following code sample demonstrates the creation of a AzureSasCredential, using the sas token to configure it.

AzureSasCredential azureSasCredential =
     new AzureSasCredential("AZURE-SERVICE-SAS-KEY");

Constructor Summary

Constructor Description
AzureSasCredential(String signature)

Creates a credential that authorizes request with the given shared access signature.

AzureSasCredential(String signature, Function<String,String> signatureEncoder)

Creates a credential that authorizes request within the given shared access signature.

Method Summary

Modifier and Type Method and Description
String getSignature()

Retrieves the shared access signature associated to this credential.

AzureSasCredential update(String signature)

Rotates the shared access signature associated to this credential.

Methods inherited from java.lang.Object

Constructor Details

AzureSasCredential

public AzureSasCredential(String signature)

Creates a credential that authorizes request with the given shared access signature.

The signature passed is assumed to be encoded. This constructor is effectively the same as calling AzureSasCredential(String signature, Function<String,String> signatureEncoder).

Parameters:

signature - The shared access signature used to authorize requests.

AzureSasCredential

public AzureSasCredential(String signature, Function signatureEncoder)

Creates a credential that authorizes request within the given shared access signature.

If signatureEncoder is non-null the signature, and all updated signatures, will be encoded using the function. signatureEncoder should be as idempotent as possible to reduce the chance of double encoding errors.

Parameters:

signature - The shared access signature used to authorize requests.
signatureEncoder - An optional function which encodes the signature.

Method Details

getSignature

public String getSignature()

Retrieves the shared access signature associated to this credential.

Returns:

The shared access signature being used to authorize requests.

update

public AzureSasCredential update(String signature)

Rotates the shared access signature associated to this credential.

Parameters:

signature - The new shared access signature to be associated with this credential.

Returns:

The updated AzureSasCredential object.

Applies to