azfile: STG91 upgrade (#22193)

Azure · Jan 5, 2024 · 7f7c19b · 7f7c19b
1 parent 5798b0d
commit 7f7c19b
Show file tree

Hide file tree

Showing 28 changed files with 2,780 additions and 1,888 deletions.
diff --git a/sdk/storage/azfile/CHANGELOG.md b/sdk/storage/azfile/CHANGELOG.md
@@ -5,10 +5,15 @@
 
 ### Features Added
 
+* Updated service version to `2023-11-03`.
+* Added support for Audience when OAuth is used.
+
 ### Breaking Changes
 
 ### Bugs Fixed
 
+* Fixed a bug where `UploadRangeFromURL` using OAuth was returning error.
+
 ### Other Changes
 
 

diff --git a/sdk/storage/azfile/README.md b/sdk/storage/azfile/README.md
@@ -1,6 +1,6 @@
 # Azure File Storage SDK for Go
 
-> Service Version: 2022-11-02
+> Service Version: 2023-11-03
 
 Azure File Shares offers fully managed file shares in the cloud that are accessible via the industry standard 
 [Server Message Block (SMB) protocol](https://docs.microsoft.com/windows/desktop/FileIO/microsoft-smb-protocol-and-cifs-protocol-overview). 

diff --git a/sdk/storage/azfile/assets.json b/sdk/storage/azfile/assets.json
@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "go",
   "TagPrefix": "go/storage/azfile",
-  "Tag": "go/storage/azfile_f1d39931a0"
+  "Tag": "go/storage/azfile_f80b868396"
 }
diff --git a/sdk/storage/azfile/directory/client.go b/sdk/storage/azfile/directory/client.go
@@ -36,7 +36,8 @@ type Client base.Client[generated.DirectoryClient]
 //
 // Note that ClientOptions.FileRequestIntent is currently required for token authentication.
 func NewClient(directoryURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
-	authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
+	audience := base.GetAudience((*base.ClientOptions)(options))
+	authPolicy := runtime.NewBearerTokenPolicy(cred, []string{audience}, nil)
 	conOptions := shared.GetClientOptions(options)
 	plOpts := runtime.PipelineOptions{
 		PerRetry: []policy.Policy{authPolicy},

diff --git a/sdk/storage/azfile/directory/client_test.go b/sdk/storage/azfile/directory/client_test.go
@@ -39,27 +39,27 @@ func Test(t *testing.T) {
 	}
 }
 
-func (s *DirectoryRecordedTestsSuite) SetupSuite() {
-	s.proxy = testcommon.SetupSuite(&s.Suite)
+func (d *DirectoryRecordedTestsSuite) SetupSuite() {
+	d.proxy = testcommon.SetupSuite(&d.Suite)
 }
 
-func (s *DirectoryRecordedTestsSuite) TearDownSuite() {
-	testcommon.TearDownSuite(&s.Suite, s.proxy)
+func (d *DirectoryRecordedTestsSuite) TearDownSuite() {
+	testcommon.TearDownSuite(&d.Suite, d.proxy)
 }
 
-func (s *DirectoryRecordedTestsSuite) BeforeTest(suite string, test string) {
-	testcommon.BeforeTest(s.T(), suite, test)
+func (d *DirectoryRecordedTestsSuite) BeforeTest(suite string, test string) {
+	testcommon.BeforeTest(d.T(), suite, test)
 }
 
-func (s *DirectoryRecordedTestsSuite) AfterTest(suite string, test string) {
-	testcommon.AfterTest(s.T(), suite, test)
+func (d *DirectoryRecordedTestsSuite) AfterTest(suite string, test string) {
+	testcommon.AfterTest(d.T(), suite, test)
 }
 
-func (s *DirectoryUnrecordedTestsSuite) BeforeTest(suite string, test string) {
+func (d *DirectoryUnrecordedTestsSuite) BeforeTest(suite string, test string) {
 
 }
 
-func (s *DirectoryUnrecordedTestsSuite) AfterTest(suite string, test string) {
+func (d *DirectoryUnrecordedTestsSuite) AfterTest(suite string, test string) {
 
 }
 
@@ -2264,3 +2264,106 @@ func (d *DirectoryRecordedTestsSuite) TestListFileDirEncodedPrefix() {
 		_require.Equal(*resp.Prefix, dirName)
 	}
 }
+
+func (d *DirectoryRecordedTestsSuite) TestDirectoryClientDefaultAudience() {
+	_require := require.New(d.T())
+	testName := d.T().Name()
+
+	accountName, _ := testcommon.GetGenericAccountInfo(testcommon.TestAccountDefault)
+	_require.Greater(len(accountName), 0)
+
+	cred, err := testcommon.GetGenericTokenCredential()
+	_require.NoError(err)
+
+	svcClient, err := testcommon.GetServiceClient(d.T(), testcommon.TestAccountDefault, nil)
+	_require.NoError(err)
+
+	shareName := testcommon.GenerateShareName(testName)
+	shareClient := testcommon.CreateNewShare(context.Background(), _require, shareName, svcClient)
+	defer testcommon.DeleteShare(context.Background(), _require, shareClient)
+
+	dirName := testcommon.GenerateDirectoryName(testName)
+	dirURL := "https://" + accountName + ".file.core.windows.net/" + shareName + "/" + dirName
+
+	options := &directory.ClientOptions{
+		FileRequestIntent: to.Ptr(directory.ShareTokenIntentBackup),
+		Audience:          "https://storage.azure.com/",
+	}
+	testcommon.SetClientOptions(d.T(), &options.ClientOptions)
+	dirClientAudience, err := directory.NewClient(dirURL, cred, options)
+	_require.NoError(err)
+
+	_, err = dirClientAudience.Create(context.Background(), nil)
+	_require.NoError(err)
+
+	_, err = dirClientAudience.GetProperties(context.Background(), nil)
+	_require.NoError(err)
+}
+
+func (d *DirectoryRecordedTestsSuite) TestDirectoryClientCustomAudience() {
+	_require := require.New(d.T())
+	testName := d.T().Name()
+
+	accountName, _ := testcommon.GetGenericAccountInfo(testcommon.TestAccountDefault)
+	_require.Greater(len(accountName), 0)
+
+	cred, err := testcommon.GetGenericTokenCredential()
+	_require.NoError(err)
+
+	svcClient, err := testcommon.GetServiceClient(d.T(), testcommon.TestAccountDefault, nil)
+	_require.NoError(err)
+
+	shareName := testcommon.GenerateShareName(testName)
+	shareClient := testcommon.CreateNewShare(context.Background(), _require, shareName, svcClient)
+	defer testcommon.DeleteShare(context.Background(), _require, shareClient)
+
+	dirName := testcommon.GenerateDirectoryName(testName)
+	dirURL := "https://" + accountName + ".file.core.windows.net/" + shareName + "/" + dirName
+
+	options := &directory.ClientOptions{
+		FileRequestIntent: to.Ptr(directory.ShareTokenIntentBackup),
+		Audience:          "https://" + accountName + ".file.core.windows.net",
+	}
+	testcommon.SetClientOptions(d.T(), &options.ClientOptions)
+	dirClientAudience, err := directory.NewClient(dirURL, cred, options)
+	_require.NoError(err)
+
+	_, err = dirClientAudience.Create(context.Background(), nil)
+	_require.NoError(err)
+
+	_, err = dirClientAudience.GetProperties(context.Background(), nil)
+	_require.NoError(err)
+}
+
+func (d *DirectoryRecordedTestsSuite) TestDirectoryAudienceNegative() {
+	_require := require.New(d.T())
+	testName := d.T().Name()
+
+	accountName, _ := testcommon.GetGenericAccountInfo(testcommon.TestAccountDefault)
+	_require.Greater(len(accountName), 0)
+
+	cred, err := testcommon.GetGenericTokenCredential()
+	_require.NoError(err)
+
+	svcClient, err := testcommon.GetServiceClient(d.T(), testcommon.TestAccountDefault, nil)
+	_require.NoError(err)
+
+	shareName := testcommon.GenerateShareName(testName)
+	shareClient := testcommon.CreateNewShare(context.Background(), _require, shareName, svcClient)
+	defer testcommon.DeleteShare(context.Background(), _require, shareClient)
+
+	dirName := testcommon.GenerateDirectoryName(testName)
+	dirURL := "https://" + accountName + ".file.core.windows.net/" + shareName + "/" + dirName
+
+	options := &directory.ClientOptions{
+		FileRequestIntent: to.Ptr(directory.ShareTokenIntentBackup),
+		Audience:          "https://badaudience.file.core.windows.net",
+	}
+	testcommon.SetClientOptions(d.T(), &options.ClientOptions)
+	dirClientAudience, err := directory.NewClient(dirURL, cred, options)
+	_require.NoError(err)
+
+	_, err = dirClientAudience.Create(context.Background(), nil)
+	_require.Error(err)
+	testcommon.ValidateFileErrorCode(_require, err, fileerror.AuthenticationFailed)
+}
diff --git a/sdk/storage/azfile/file/client.go b/sdk/storage/azfile/file/client.go
@@ -41,7 +41,8 @@ type Client base.Client[generated.FileClient]
 //
 // Note that ClientOptions.FileRequestIntent is currently required for token authentication.
 func NewClient(fileURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
-	authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
+	audience := base.GetAudience((*base.ClientOptions)(options))
+	authPolicy := runtime.NewBearerTokenPolicy(cred, []string{audience}, nil)
 	conOptions := shared.GetClientOptions(options)
 	plOpts := runtime.PipelineOptions{
 		PerRetry: []policy.Policy{authPolicy},