Improve Error Message when Key Isn't Properly Base64 Encoded (Azure#32726)

alzimmermsft · web-flow · commit 1c21fb4a8a78 · 2023-01-04T10:56:47.000-05:00
Improve Error Message when Key Isn't Properly Base64 Encoded
diff --git a/sdk/storage/azure-storage-common/src/main/java/com/azure/storage/common/StorageSharedKeyCredential.java b/sdk/storage/azure-storage-common/src/main/java/com/azure/storage/common/StorageSharedKeyCredential.java
@@ -19,7 +19,6 @@
 import java.net.URL;
 import java.text.Collator;
 import java.util.Arrays;
-import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Objects;
@@ -34,8 +33,8 @@ public final class StorageSharedKeyCredential {
     private static final Context LOG_STRING_TO_SIGN_CONTEXT = new Context(Constants.STORAGE_LOG_STRING_TO_SIGN, true);
 
     // Pieces of the connection string that are needed.
-    private static final String ACCOUNT_NAME = "accountname";
     private static final String ACCOUNT_KEY = "accountkey";
+    private static final String ACCOUNT_NAME = "accountname";
 
     private final AzureNamedKeyCredential azureNamedKeyCredential;
 
@@ -73,14 +72,22 @@ private StorageSharedKeyCredential(AzureNamedKeyCredential azureNamedKeyCredenti
      * @throws IllegalArgumentException If {@code connectionString} doesn't have AccountName or AccountKey.
      */
     public static StorageSharedKeyCredential fromConnectionString(String connectionString) {
-        HashMap<String, String> connectionStringPieces = new HashMap<>();
+        String accountName = null;
+        String accountKey = null;
+
         for (String connectionStringPiece : connectionString.split(";")) {
             String[] kvp = connectionStringPiece.split("=", 2);
-            connectionStringPieces.put(kvp[0].toLowerCase(Locale.ROOT), kvp[1]);
-        }
 
-        String accountName = connectionStringPieces.get(ACCOUNT_NAME);
-        String accountKey = connectionStringPieces.get(ACCOUNT_KEY);
+            if (kvp.length < 2) {
+                continue;
+            }
+
+            if (ACCOUNT_NAME.equalsIgnoreCase(kvp[0])) {
+                accountName = kvp[1];
+            } else if (ACCOUNT_KEY.equalsIgnoreCase(kvp[0])) {
+                accountKey = kvp[1];
+            }
+        }
 
         if (CoreUtils.isNullOrEmpty(accountName) || CoreUtils.isNullOrEmpty(accountKey)) {
             throw new IllegalArgumentException("Connection string must contain 'AccountName' and 'AccountKey'.");
diff --git a/sdk/storage/azure-storage-common/src/main/java/com/azure/storage/common/implementation/StorageImplUtils.java b/sdk/storage/azure-storage-common/src/main/java/com/azure/storage/common/implementation/StorageImplUtils.java
@@ -41,8 +41,6 @@ public class StorageImplUtils {
 
     private static final String PARAMETER_NOT_IN_RANGE = "The value of the parameter '%s' should be between %s and %s.";
 
-    private static final String NO_PATH_SEGMENTS = "URL %s does not contain path segments.";
-
     private static final String STRING_TO_SIGN_LOG_INFO_MESSAGE = "The string to sign computed by the SDK is: {}{}";
 
     private static final String STRING_TO_SIGN_LOG_WARNING_MESSAGE = "Please remember to disable '{}' before going "
@@ -62,52 +60,27 @@ public class StorageImplUtils {
         Constants.STORAGE_LOG_STRING_TO_SIGN, Constants.STORAGE_LOG_STRING_TO_SIGN,
         Constants.STORAGE_LOG_STRING_TO_SIGN);
 
-    /**
-     * @deprecated See value in {@link StorageImplUtils}
-     */
-    @Deprecated
-    public static final String INVALID_DATE_STRING = "Invalid Date String: %s.";
-
-    /**
-     * Stores a reference to the date/time pattern with the greatest precision Java.util.Date is capable of expressing.
-     * @deprecated See value in {@link StorageImplUtils}
-     */
-    @Deprecated
-    public static final String MAX_PRECISION_PATTERN = "yyyy-MM-dd'T'HH:mm:ss.SSS";
+    private static final String INVALID_BASE64_KEY =
+        "'base64Key' was not a valid Base64 scheme. Ensure the Storage account key or SAS key is properly formatted.";
 
-    /**
-     * The length of a datestring that matches the MAX_PRECISION_PATTERN.
-     * @deprecated See value in {@link StorageImplUtils}
-     */
-    @Deprecated
-    public static final int MAX_PRECISION_DATESTRING_LENGTH = MAX_PRECISION_PATTERN.replaceAll("'", "")
-            .length();
+    private static final String INVALID_DATE_STRING = "Invalid Date String: %s.";
 
-    /**
-     * Stores a reference to the ISO8601 date/time pattern.
-     * @deprecated See value in {@link StorageImplUtils}
-     */
-    @Deprecated
-    public static final String ISO8601_PATTERN = "yyyy-MM-dd'T'HH:mm:ss'Z'";
+    private static final String MAX_PRECISION_PATTERN = "yyyy-MM-dd'T'HH:mm:ss.SSS";
 
-    /**
-     * Stores a reference to the ISO8601 date/time pattern.
-     * @deprecated See value in {@link StorageImplUtils}
-     */
-    @Deprecated
-    public static final String ISO8601_PATTERN_NO_SECONDS = "yyyy-MM-dd'T'HH:mm'Z'";
+    private static final int MAX_PRECISION_DATESTRING_LENGTH = MAX_PRECISION_PATTERN.replaceAll("'", "").length();
 
     // Use constant DateTimeFormatters as 'ofPattern' requires the passed pattern to be parsed each time, significantly
     // increasing the overhead of using DateTimeFormatter.
-    private static final DateTimeFormatter MAX_PRECISION_FORMATTER = DateTimeFormatter.ofPattern(MAX_PRECISION_PATTERN)
-        .withLocale(Locale.ROOT);
+    private static final DateTimeFormatter MAX_PRECISION_FORMATTER =
+        DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSS")
+            .withLocale(Locale.ROOT);
 
-    private static final DateTimeFormatter ISO8601_FORMATTER = DateTimeFormatter.ofPattern(ISO8601_PATTERN)
+    private static final DateTimeFormatter ISO8601_FORMATTER = DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss'Z'")
         .withLocale(Locale.ROOT);
 
-    private static final DateTimeFormatter NO_SECONDS_FORMATTER = DateTimeFormatter
-        .ofPattern(ISO8601_PATTERN_NO_SECONDS)
-        .withLocale(Locale.ROOT);
+    private static final DateTimeFormatter NO_SECONDS_FORMATTER =
+        DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm'Z'")
+            .withLocale(Locale.ROOT);
 
     /**
      * Parses the query string into a key-value pair map that maintains key, query parameter key, order. The value is
@@ -213,8 +186,14 @@ public static void assertInBounds(final String param, final long value, final lo
      * string, or the UTF-8 charset isn't supported.
      */
     public static String computeHMac256(final String base64Key, final String stringToSign) {
+        byte[] key;
+        try {
+            key = Base64.getDecoder().decode(base64Key);
+        } catch (IllegalArgumentException ex) {
+            throw new RuntimeException(INVALID_BASE64_KEY, ex);
+        }
+
         try {
-            byte[] key = Base64.getDecoder().decode(base64Key);
             Mac hmacSHA256 = Mac.getInstance("HmacSHA256");
             hmacSHA256.init(new SecretKeySpec(key, "HmacSHA256"));
             byte[] utf8Bytes = stringToSign.getBytes(StandardCharsets.UTF_8);
@@ -250,30 +229,6 @@ public static URL appendToUrlPath(String baseURL, String name) {
         }
     }
 
-
-    /**
-     * Strips the last path segment from the passed URL.
-     *
-     * @param baseUrl URL having its last path segment stripped
-     * @return a URL with the path segment stripped.
-     * @throws IllegalArgumentException If stripping the last path segment causes the URL to become malformed or it
-     * doesn't contain any path segments.
-     */
-    public static URL stripLastPathSegment(URL baseUrl) {
-        UrlBuilder builder = UrlBuilder.parse(baseUrl);
-
-        if (builder.getPath() == null || !builder.getPath().contains("/")) {
-            throw new IllegalArgumentException(String.format(Locale.ROOT, NO_PATH_SEGMENTS, baseUrl));
-        }
-
-        builder.setPath(builder.getPath().substring(0, builder.getPath().lastIndexOf("/")));
-        try {
-            return builder.toUrl();
-        } catch (MalformedURLException ex) {
-            throw new IllegalArgumentException(ex);
-        }
-    }
-
     /**
      * Strips the account name from host part of the URL object.
      *
diff --git a/sdk/storage/azure-storage-common/src/test/java/com/azure/storage/common/StorageSharedKeyCredentialTest.groovy b/sdk/storage/azure-storage-common/src/test/java/com/azure/storage/common/StorageSharedKeyCredentialTest.groovy
@@ -47,4 +47,39 @@ class StorageSharedKeyCredentialTest extends Specification {
         signature1 != signature2
         signature2 == expectedSignature
     }
+
+    def "Can parse valid connection string"() {
+        when:
+        def storageSharedKeyCredential = StorageSharedKeyCredential.fromConnectionString(connectionString)
+
+        then:
+        storageSharedKeyCredential.getAccountName() == "teststorage"
+
+        where:
+        connectionString || _
+        "DefaultEndpointsProtocol=https;AccountName=teststorage;AccountKey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;accountName=teststorage;AccountKey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;AccountName=teststorage;accountKey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;Accountname=teststorage;accountKey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;AccountName=teststorage;accountkey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;accountname=teststorage;accountkey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+    }
+
+    def "Cannot parse invalid connection string"() {
+        when:
+        StorageSharedKeyCredential.fromConnectionString(connectionString)
+
+        then:
+        thrown(IllegalArgumentException)
+
+        where:
+        connectionString                                                                                                     || _
+        "DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net"                                                     || _
+        "DefaultEndpointsProtocol=https;AccountKey=atestaccountkey;EndpointSuffix=core.windows.net"                          || _
+        "DefaultEndpointsProtocol=https;AccountName=teststorage;EndpointSuffix=core.windows.net"                             || _
+        "DefaultEndpointsProtocol=https;AccountName =teststorage;AccountKey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;AccountName=teststorage;AccountKey =atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;Account Name=teststorage;AccountKey=atestaccountkey;EndpointSuffix=core.windows.net" || _
+        "DefaultEndpointsProtocol=https;AccountName=teststorage;Account Key=atestaccountkey;EndpointSuffix=core.windows.net" || _
+    }
 }
