Created
August 27, 2014 13:51
-
-
Save clemensv/dd1d629beec9d38b747d to your computer and use it in GitHub Desktop.
SAS in namespace root
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
NamespaceManager nsm = NamespaceManager.CreateFromConnectionString(serviceBusConnectionString); | |
string name = nsm.Address.Host.Substring(0, nsm.Address.Host.IndexOf(".", System.StringComparison.Ordinal)); | |
var sendKey = SharedAccessAuthorizationRule.GenerateRandomKey(); | |
var listenKey = SharedAccessAuthorizationRule.GenerateRandomKey(); | |
var manageKey = SharedAccessAuthorizationRule.GenerateRandomKey(); | |
CreateSharedAccessRuleOnNamespaceRoot(name, "send", sendKey, AccessRights.Send, subscriptionId, publisherCertificate); | |
CreateSharedAccessRuleOnNamespaceRoot(name, "manage", manageKey, AccessRights.Manage|AccessRights.Send|AccessRights.Listen, subscriptionId, publisherCertificate); | |
CreateSharedAccessRuleOnNamespaceRoot(name, "listen", listenKey, AccessRights.Listen, subscriptionId, publisherCertificate); | |
return new Dictionary<string, object>() | |
{ | |
{"ServiceBusNamespaceName", name}, | |
{"ServiceBusNamespaceSendKey", sendKey}, | |
{"ServiceBusNamespaceListenKey", listenKey}, | |
{"ServiceBusNamespaceManageKey", manageKey} | |
}; | |
with | |
public void CreateSharedAccessRuleOnNamespaceRoot(string serviceNamespace, string ruleName, string key, AccessRights right, string subscriptionId, X509Certificate2 certificate) | |
{ | |
// The endpoint for creating a SAS rule on a namespace is: | |
// "https://management.core.windows.net/{subscriptionId}/services/ServiceBus/namespaces/{namespace}/AuthorizationRules/" | |
string baseAddress = @"https://management.core.windows.net/" + subscriptionId + @"/services/ServiceBus/namespaces/" + | |
serviceNamespace + @"/AuthorizationRules/"; | |
// The SAS rule we'll create has keyName as "contosoSendAll, a base64 encoded 256-bit key and the Send right | |
var sendRule = new SharedAccessAuthorizationRule(ruleName, key, new[] { right }); | |
// Operations on the Service Bus namespace root require certificate authentication. | |
var handler = new WebRequestHandler | |
{ | |
ClientCertificateOptions = ClientCertificateOption.Manual | |
}; | |
handler.ClientCertificates.Add(certificate); | |
var httpClient = new HttpClient(handler) | |
{ | |
BaseAddress = new Uri(baseAddress) | |
}; | |
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); | |
httpClient.DefaultRequestHeaders.Add("x-ms-version", "2012-03-01"); | |
// Do a POST on the baseAddress above to create an auth rule | |
var postResult = httpClient.PostAsJsonAsync("", sendRule).Result; | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment