Last active
September 25, 2024 17:29
-
-
Save mikeappell/e29ade0f91d3c71e8c966e058fa5805b to your computer and use it in GitHub Desktop.
Generating an Azure SAS token, reading from Service Bus, using Ruby
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ServiceBusWrapper | |
def read_service_bus_event | |
Faraday.delete("#{ service_bus_queue_endpoint }/messages/head", {}, service_bus_headers) | |
end | |
private | |
def service_bus_headers | |
{ | |
'Authorization' => service_bus_sas_token, | |
'Content-Type' => 'application/atom+xml;type=entry;charset=utf-8', | |
} | |
end | |
def service_bus_sas_token | |
encoded_uri = CGI.escape(service_bus_queue_endpoint) | |
expiry = 1.minute.from_now.to_i.to_s # Decide on this expiry yourself. | |
string_to_sign = "#{ encoded_uri }\n#{ expiry }" | |
signed_string = OpenSSL::HMAC.digest('sha256', sas_key_value, string_to_sign) | |
signature = CGI.escape(Base64.strict_encode64(signed_string)) | |
"SharedAccessSignature sig=#{ signature }&se=#{ expiry }&skn=#{ sas_key_name }&sr=#{ encoded_uri }" | |
end | |
def service_bus_queue_endpoint | |
'https://your-service-bus-domain.servicebus.windows.net/your-queue-name' | |
end | |
def sas_key_name | |
'YourSharedAccessPolicyNameHere' | |
end | |
def sas_key_value | |
ENV['sas_key_value'] | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This took a bit of time to get working, since Azure no longer maintains any sort of Ruby SDK.
Steps are:
sas_key_name
.service_bus_queue_endpoint
.sas_key_value
.)expiry
time. This is how long the SAS token will be valid for. Consider whether you're using the token yourself, are sending it to a client, etc.