I have an ADLS with images that I want to display on my website. I want to expose them through APIM. I am sending the image name and SAS token in the request which I re-write in the actual backend request with the right folder structure.
The policy -
<policies>
<inbound>
<set-variable name="BlobName" value="@(context.Request.Url.Query.GetValueOrDefault("BlobName"))" />
<set-variable name="sasToken" value="@(System.Net.WebUtility.UrlDecode(context.Request.Url.Query.GetValueOrDefault("sasToken")))" />
<base />
<set-backend-service base-url="@{
string blobName = context.Variables.GetValueOrDefault<string>("BlobName");
string sasToken = context.Variables.GetValueOrDefault<string>("sasToken");
return String.Format("https://myadls.blob.core.windows.net/UserImages/Images/{0}?{1}",blobName,sasToken);
}" />
<authentication-managed-identity resource="https://storage.azure.com/" />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
The SAS token - sv=2020-08-04&st=2022-02-24T04%3A17%3A53Z&se=2022-02-24T06%3A17%3A53Z&sr=c&sp=r&sig=5B6IUrj9VSh7oZSHAOKQK7fsWLun%2B%2BL7v0o1gQJHxvU%3D
Since the SAS token and '&' sign, the sasToken string is getting truncated to 'sv=2020-08-04'
As you can see in the policy I tried to encode the SAS in c# as
System.Net.WebUtility.UrlEncode(dataLakeSasBuilder.ToSasQueryParameters(sharedKeyCredential).ToString());
But, the System.Net.WebUtility.UrlDecode did not decode the value.
Thanks in advance.
I found that encoding it in the code and decoding the string in the policy is solving this
Encoding.UTF8.GetString(Convert.FromBase64String(context.Request.Url.Query.GetValueOrDefault("sasToken")))