Skip to content

Feature/create session#48918

Draft
browndav-msft wants to merge 64 commits intoAzure:feature/bifrost-basefrom
browndav-msft:feature/createSession
Draft

Feature/create session#48918
browndav-msft wants to merge 64 commits intoAzure:feature/bifrost-basefrom
browndav-msft:feature/createSession

Conversation

@browndav-msft
Copy link
Copy Markdown
Member

@browndav-msft browndav-msft commented Apr 23, 2026

No description provided.

@browndav-msft
generate base files based on swagger docs
4c94ea6
@browndav-msft
create live tests for createSession
d561535 
- downgrade blobserviceversion to 2026_04_06
- change AZURE_LIVE_TEST_SERVICE_VERSION to V2026_04_06 in ci.system.properties in azure-storage-common
- create both sync and async
@browndav-msft
add recordings
1020227
@browndav-msft
create new files based on swagger update
1d905f0
@browndav-msft
add two params to BlobContainerClient#createSessionWithResponse
9f8e365
@browndav-msft
add sanitizers for SessionToken and SessionKey to BlobTestBase
e63fe17
@browndav-msft
add recording for createSessionReturnsTokenAndKey
3e2fb11
@browndav-msft
create StorageSessionCredential with isExpired
3968a0e
@browndav-msft
create BlobSessionClient so that BlobSessionProvider takes it as a de…
09dcce6 
…p instead of ContainersImpl
@browndav-msft
create BlobSEssionClient with tests
bea226b
@browndav-msft
add recorings for BlobSessionClient
e0b4440
@browndav-msft
fix BlobContainerAsyncClient to match new swagger, add new recording
0a3570e
@browndav-msft
add SessionProvider and SessionProviderTest
6a026f3
@browndav-msft
add accountName to BlobSessionClient
f6ca3e8
@browndav-msft
add accountName to StorageSessionCredential and SesionTestHelper
a1bdf3a
@browndav-msft
wip
7309432
@browndav-msft
change sessionprovider to SEssionTokenCredentialPolicy
9aa9bab
@browndav-msft
wip
8a620a1
@browndav-msft
move session tests from containerapi to blobsessionclienttests
925c44b
@browndav-msft
fix blobsessiontests and add place holder for end-to-end tests in con…
798b821 
…tainerapitests
@browndav-msft
add recordings for blobsessionclient
ced6225
@browndav-msft
linting
a93e06a
@browndav-msft
refactor cache into separate class so it follows BearerTokenAuthentic…
301189a 
…ationPolicy + AccessTokenCache pattern
@browndav-msft
add 503 fallback
9c3b2e3
@browndav-msft
add tests for udsas, but disabled for now
0e5a6b0
@browndav-msft
refactor createContext to use hardcoded endpoint
4cc43cf
@browndav-msft
add SessionMode and tests for SessionMode
b3a5774
@browndav-msft
add sessionOptions to buildPipeline, add null to builders not using s…
4c87689 
…essions
@browndav-msft
move SessionTokenCredentialPolicy ahead of StorageBearerTokenChalleng…
7e5b122 
…eAuthorizationPolicy
@browndav-msft
fix linting issues
18a4f67
browndav-msft and others added 24 commits April 20, 2026 18:12
@browndav-msft
make createSession package private
83e5710
@browndav-msft
fixes based on copilot suggestions
13e26be
@browndav-msft
Update sdk/storage/azure-storage-blob/src/main/java/com/azure/storage…
605a9cb 
…/blob/implementation/util/BlobSessionClient.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@browndav-msft
add containerName to SessionOptions
08edd49
@browndav-msft
move accountName to SessionOptions
9fffc0a
@browndav-msft
refactor: SessionTokenCredentialPolicy accepts bearer policy as const…
f1de7cd 
…ructor dependency

SessionTokenCredentialPolicy now takes StorageBearerTokenChallengeAuthorizationPolicy
as a constructor dependency instead of relying on pipeline ordering to coordinate
with the bearer policy. Key changes:

- SessionTokenCredentialPolicy delegates to bearerPolicy.process() for non-session
  requests (non-GetBlob, NONE mode, AUTO first request) and fallback (503).
- Added getBearerPolicy() accessor for use in per-container pipeline construction.
- BuilderHelper updated to pass bearer policy through to SessionTokenCredentialPolicy
  constructor in both addSessionPolicyIfEnabled and wrapWithSessionPolicy.
- Tests updated to mock bearerPolicy and verify delegation behavior.

This is step 1 of the session auth refactor to align with the .NET SDK's
SessionAuthenticationPolicy pattern.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@browndav-msft
refactor: introduce AuthStrategy enum and consolidate analyzeRequest
270ade3 
Consolidate isGetBlobRequest() and shouldUseSession() into a single
analyzeRequest() method that returns an AuthStrategy enum
(USE_BEARER_TOKEN or USE_SESSION_TOKEN), following the .NET
SessionAuthenticationPolicy pattern.

Also extract response handling into handleSessionResponse() and
handleSessionResponseSync() methods for cleaner process()/processSync()
flow. The process methods now have a clear structure:
1. analyzeRequest() -> decide strategy
2. USE_BEARER_TOKEN -> delegate to bearer policy
3. USE_SESSION_TOKEN -> acquire session, sign, send, handle response

No behavioral changes - all existing tests pass unchanged.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@browndav-msft
refactor: remove redundant restype check from analyzeRequest
f15f2ae 
The restype query parameter check was redundant because requests with
restype=container are container-level operations that have no blob name.
They are already filtered by the blob name presence check. This aligns
more closely with the .NET SessionAuthenticationPolicy which relies on
URL structure rather than query parameter checks.

The comp check is retained as a safety measure to exclude sub-operations
like GetBlobMetadata (comp=metadata) that have a blob name but are not
download operations.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@browndav-msft
change sessionmode from always to singlespecifciedcontainer, add reso…
58a1417 
…lve method
@browndav-msft
wrap bearer token in sessioncredentialpolicy
7e49d4e
@browndav-msft
fix NPE for SessionOptions, sessionoptions always non null
dda8123
@browndav-msft
add tests for sessiontokencredpolicy and storagesessioncred
5acd00f
@browndav-msft
add logic to avoid wrapping Bearertoken, if session is not needed
63698f8
@browndav-msft
add overloaded oauth in blobtestbase to be able to add sessionoptions
52a3fe2
@browndav-msft
add overloaded getOAuthServiceAsyncClient to be able to pass session …
82599ee 
…options
@browndav-msft
add custom buildStringToSign to remove 0 from get requests
ff40db4
@browndav-msft
readd versions
0af3885
@browndav-msft
readd ci.system.properties
04d232c
@browndav-msft
change session options check for null in BuilderHelper which affected…
a7f7f01 
… other tests
@browndav-msft
add recordings for create sessions, change time to testResource time
e99f135
@browndav-msft
add requestInspectionPolicy and overloaded getoauth client in base test
d138b0e
@browndav-msft
fix null sessionsoptions issue
c5eba84
@browndav-msft
add fix in storagesessioncredntial for query params
9a9a370
@browndav-msft
add SessionTokenCredPolicy to checks for anonymousAccess
24e2217
@github-actions github-actions Bot added the Storage Storage Service (Queues, Blobs, Files) label Apr 23, 2026
@browndav-msft browndav-msft reopened this Apr 23, 2026
@browndav-msft browndav-msft changed the base branch from main to feature/bifrost-base April 23, 2026 21:16
@browndav-msft
Copy link
Copy Markdown
Member Author

browndav-msft commented Apr 23, 2026

/azp run java - storage - ci

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines Bot commented Apr 23, 2026

No pipelines are associated with this pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alzimmermsft alzimmermsft Awaiting requested review from alzimmermsft alzimmermsft will be requested when the pull request is marked ready for review alzimmermsft is a code owner

@gunjansingh-msft gunjansingh-msft Awaiting requested review from gunjansingh-msft gunjansingh-msft will be requested when the pull request is marked ready for review gunjansingh-msft is a code owner

@ibrandes ibrandes Awaiting requested review from ibrandes ibrandes will be requested when the pull request is marked ready for review ibrandes is a code owner

@kyleknap kyleknap Awaiting requested review from kyleknap kyleknap will be requested when the pull request is marked ready for review kyleknap is a code owner

@seanmcc-msft seanmcc-msft Awaiting requested review from seanmcc-msft seanmcc-msft will be requested when the pull request is marked ready for review seanmcc-msft is a code owner

Assignees

No one assigned

Labels

Storage Storage Service (Queues, Blobs, Files)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@browndav-msft