In the previous post I noted that the code was pretty messy, particularly for the client code with a bunch of hardcoded literals. To fix this I’m going to encapsulate the full URL for blob storage into the server code, meaning that the client shouldn’t have to know the url of blob storage – this will make it easy to administer this in the future as things change.
It turns out that in order to make this change all I needed to do is to return the full blob container url (including the SAS) instead of just the SAS.
var ub = new UriBuilder(container.Uri.OriginalString)
Query = container.GetSharedAccessSignature(sasPolicy).TrimStart('?')
sas = ub.Uri.OriginalString;
The client code of course needs to be updated to handle the full Uri being passed back – Note that we didn’t include the name of the blob as part of creating the Uri. This is something the client should do. Since the SAS is for access to the whole container, the client doesn’t have to request a new SAS for each blob, only for each container it wants to write to.