Storage/STG91 Move audience out of models namespace and add help function for audience (#5026)

* move audience out of models namespace

* Update sdk/storage/azure-storage-queues/inc/azure/storage/queues/queue_options.hpp

Co-authored-by: JinmingHu <jinmhu@microsoft.com>

* Update sdk/storage/azure-storage-files-shares/inc/azure/storage/files/shares/share_options.hpp

Co-authored-by: JinmingHu <jinmhu@microsoft.com>

* Update sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp

Co-authored-by: JinmingHu <jinmhu@microsoft.com>

* add help func

---------

Co-authored-by: JinmingHu <jinmhu@microsoft.com>

Author: microzchang

sdk/storage/assets.json

@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "cpp",
   "TagPrefix": "cpp/storage",
-  "Tag": "cpp/storage_1d2fb95162"
+  "Tag": "cpp/storage_f9007be11f"
 }

sdk/storage/azure-storage-blobs/inc/azure/storage/blobs/blob_options.hpp

@@ -21,34 +21,42 @@
 
 namespace Azure { namespace Storage { namespace Blobs {
 
-  namespace Models {
+  /**
+   * @brief Audiences available for blob service
+   *
+   */
+  class BlobAudience final : public Azure::Core::_internal::ExtendableEnumeration<BlobAudience> {
+  public:
+    /**
+     * @brief Construct a new BlobAudience object
+     *
+     * @param blobAudience The Azure Active Directory audience to use when forming authorization
+     * scopes. For the Language service, this value corresponds to a URL that identifies the Azure
+     * cloud where the resource is located. For more information: See
+     * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory
+     */
+    explicit BlobAudience(std::string blobAudience) : ExtendableEnumeration(std::move(blobAudience))
+    {
+    }
 
     /**
-     * @brief Audiences available for Blobs
+     * @brief The service endpoint for a given storage account. Use this method to acquire a token
+     * for authorizing requests to that specific Azure Storage account and service only.
      *
+     * @param storageAccountName he storage account name used to populate the service endpoint.
+     * @return The service endpoint for a given storage account.
      */
-    class BlobAudience final : public Azure::Core::_internal::ExtendableEnumeration<BlobAudience> {
-    public:
-      /**
-       * @brief Construct a new BlobAudience object
-       *
-       * @param blobAudience The Azure Active Directory audience to use when forming authorization
-       * scopes. For the Language service, this value corresponds to a URL that identifies the Azure
-       * cloud where the resource is located. For more information: See
-       * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory
-       */
-      explicit BlobAudience(std::string blobAudience)
-          : ExtendableEnumeration(std::move(blobAudience))
-      {
-      }
+    static BlobAudience CreateBlobServiceAccountAudience(const std::string& storageAccountName)
+    {
+      return BlobAudience("https://" + storageAccountName + ".blob.core.windows.net/");
+    }
 
-      /**
-       * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure
-       * Storage account.
-       */
-      AZ_STORAGE_BLOBS_DLLEXPORT const static BlobAudience DefaultAudience;
-    };
-  } // namespace Models
+    /**
+     * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure
+     * Storage account.
+     */
+    AZ_STORAGE_BLOBS_DLLEXPORT const static BlobAudience DefaultAudience;
+  };
 
   /**
    * @brief Specifies access conditions for a container.
@@ -198,10 +206,10 @@ namespace Azure { namespace Storage { namespace Blobs {
 
     /**
      * The Audience to use for authentication with Azure Active Directory (AAD).
-     * #Azure::Storage::Blobs::Models::BlobAudience::DefaultAudience will be assumed if Audience is
+     * #Azure::Storage::Blobs::BlobAudience::DefaultAudience will be assumed if Audience is
      * not set.
      */
-    Azure::Nullable<Models::BlobAudience> Audience;
+    Azure::Nullable<BlobAudience> Audience;
   };
 
   /**

sdk/storage/azure-storage-blobs/src/blob_options.cpp

@@ -5,9 +5,7 @@
 
 namespace Azure { namespace Storage { namespace Blobs {
 
-  namespace Models {
-    const BlobAudience BlobAudience::DefaultAudience(_internal::StorageDefaultAudience);
-  } // namespace Models
+  const BlobAudience BlobAudience::DefaultAudience(_internal::StorageDefaultAudience);
 
   BlobQueryInputTextOptions BlobQueryInputTextOptions::CreateCsvTextOptions(
       const std::string& recordSeparator,

sdk/storage/azure-storage-blobs/test/ut/bearer_token_test.cpp

@@ -51,8 +51,7 @@ namespace Azure { namespace Storage { namespace Test {
 
     // With custom audience
     auto blobUrl = Azure::Core::Url(m_blockBlobClient->GetUrl());
-    clientOptions.Audience
-        = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost());
+    clientOptions.Audience = Blobs::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost());
     blobClient = Blobs::BlobClient(
         m_blockBlobClient->GetUrl(),
         std::make_shared<Azure::Identity::ClientSecretCredential>(

sdk/storage/azure-storage-blobs/test/ut/blob_container_client_test.cpp

@@ -1457,13 +1457,13 @@ namespace Azure { namespace Storage { namespace Test {
     // custom audience
     auto containerUrl = Azure::Core::Url(containerClient.GetUrl());
     clientOptions.Audience
-        = Blobs::Models::BlobAudience(containerUrl.GetScheme() + "://" + containerUrl.GetHost());
+        = Blobs::BlobAudience(containerUrl.GetScheme() + "://" + containerUrl.GetHost());
     containerClient
         = Blobs::BlobContainerClient(m_blobContainerClient->GetUrl(), credential, clientOptions);
     EXPECT_NO_THROW(containerClient.GetProperties());
 
     // error audience
-    clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com");
+    clientOptions.Audience = Blobs::BlobAudience("https://disk.compute.azure.com");
     containerClient
         = Blobs::BlobContainerClient(m_blobContainerClient->GetUrl(), credential, clientOptions);
     EXPECT_THROW(containerClient.GetProperties(), StorageException);

sdk/storage/azure-storage-blobs/test/ut/blob_service_client_test.cpp

@@ -515,13 +515,13 @@ namespace Azure { namespace Storage { namespace Test {
     // custom audience
     auto serviceUrl = Azure::Core::Url(serviceClient.GetUrl());
     clientOptions.Audience
-        = Blobs::Models::BlobAudience(serviceUrl.GetScheme() + "://" + serviceUrl.GetHost());
+        = Blobs::BlobAudience(serviceUrl.GetScheme() + "://" + serviceUrl.GetHost());
     serviceClient
         = Blobs::BlobServiceClient(m_blobServiceClient->GetUrl(), credential, clientOptions);
     EXPECT_NO_THROW(serviceClient.GetProperties());
 
     // error audience
-    clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com");
+    clientOptions.Audience = Blobs::BlobAudience("https://disk.compute.azure.com");
     serviceClient
         = Blobs::BlobServiceClient(m_blobServiceClient->GetUrl(), credential, clientOptions);
     EXPECT_THROW(serviceClient.GetProperties(), StorageException);

sdk/storage/azure-storage-blobs/test/ut/block_blob_client_test.cpp

@@ -2041,26 +2041,35 @@ namespace Azure { namespace Storage { namespace Test {
     EXPECT_NO_THROW(blockBlobClient.GetProperties());
 
     // default audience
-    clientOptions.Audience = Blobs::Models::BlobAudience::DefaultAudience;
+    clientOptions.Audience = Blobs::BlobAudience::DefaultAudience;
+    blockBlobClient
+        = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions);
+    EXPECT_NO_THROW(blockBlobClient.GetProperties());
+
+    // service audience
+
+    auto keyCredential
+        = _internal::ParseConnectionString(StandardStorageConnectionString()).KeyCredential;
+    auto accountName = keyCredential->AccountName;
+    clientOptions.Audience = Blobs::BlobAudience::CreateBlobServiceAccountAudience(accountName);
     blockBlobClient
         = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions);
     EXPECT_NO_THROW(blockBlobClient.GetProperties());
 
     // custom audience
     auto blobUrl = Azure::Core::Url(blockBlobClient.GetUrl());
-    clientOptions.Audience
-        = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost());
+    clientOptions.Audience = Blobs::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost());
     blockBlobClient
         = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions);
     EXPECT_NO_THROW(blockBlobClient.GetProperties());
     clientOptions.Audience
-        = Blobs::Models::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/");
+        = Blobs::BlobAudience(blobUrl.GetScheme() + "://" + blobUrl.GetHost() + "/");
     blockBlobClient
         = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions);
     EXPECT_NO_THROW(blockBlobClient.GetProperties());
 
     // error audience
-    clientOptions.Audience = Blobs::Models::BlobAudience("https://disk.compute.azure.com");
+    clientOptions.Audience = Blobs::BlobAudience("https://disk.compute.azure.com");
     blockBlobClient
         = Blobs::BlockBlobClient(m_blockBlobClient->GetUrl(), credential, clientOptions);
     EXPECT_THROW(blockBlobClient.GetProperties(), StorageException);

sdk/storage/azure-storage-files-datalake/inc/azure/storage/files/datalake/datalake_options.hpp

@@ -78,33 +78,6 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake {
        */
       static std::string SerializeAcls(const std::vector<Acl>& aclsArray);
     };
-
-    /**
-     * @brief Audiences available for Blobs
-     *
-     */
-    class DataLakeAudience final
-        : public Azure::Core::_internal::ExtendableEnumeration<DataLakeAudience> {
-    public:
-      /**
-       * @brief Construct a new DataLakeAudience object
-       *
-       * @param dataLakeAudience The Azure Active Directory audience to use when forming
-       * authorization scopes. For the Language service, this value corresponds to a URL that
-       * identifies the Azure cloud where the resource is located. For more information: See
-       * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory
-       */
-      explicit DataLakeAudience(std::string dataLakeAudience)
-          : ExtendableEnumeration(std::move(dataLakeAudience))
-      {
-      }
-
-      /**
-       * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure
-       * Storage account.
-       */
-      AZ_STORAGE_FILES_DATALAKE_DLLEXPORT const static DataLakeAudience DefaultAudience;
-    };
   } // namespace Models
 
   using DownloadFileToOptions = Blobs::DownloadBlobToOptions;
@@ -140,6 +113,46 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake {
     };
   } // namespace _detail
 
+  /**
+   * @brief Audiences available for data lake service
+   *
+   */
+  class DataLakeAudience final
+      : public Azure::Core::_internal::ExtendableEnumeration<DataLakeAudience> {
+  public:
+    /**
+     * @brief Construct a new DataLakeAudience object
+     *
+     * @param dataLakeAudience The Azure Active Directory audience to use when forming
+     * authorization scopes. For the Language service, this value corresponds to a URL that
+     * identifies the Azure cloud where the resource is located. For more information: See
+     * https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory
+     */
+    explicit DataLakeAudience(std::string dataLakeAudience)
+        : ExtendableEnumeration(std::move(dataLakeAudience))
+    {
+    }
+
+    /**
+     * @brief The service endpoint for a given storage account. Use this method to acquire a token
+     * for authorizing requests to that specific Azure Storage account and service only.
+     *
+     * @param storageAccountName he storage account name used to populate the service endpoint.
+     * @return The service endpoint for a given storage account.
+     */
+    static DataLakeAudience CreateDataLakeServiceAccountAudience(
+        const std::string& storageAccountName)
+    {
+      return DataLakeAudience("https://" + storageAccountName + ".blob.core.windows.net/");
+    }
+
+    /**
+     * @brief Default Audience. Use to acquire a token for authorizing requests to any Azure
+     * Storage account.
+     */
+    AZ_STORAGE_FILES_DATALAKE_DLLEXPORT const static DataLakeAudience DefaultAudience;
+  };
+
   /**
    * @brief Client options used to initialize all DataLake clients.
    */
@@ -173,10 +186,10 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake {
 
     /**
      * The Audience to use for authentication with Azure Active Directory (AAD).
-     * #Azure::Storage::Files::DataLake::Models::DataLakeAudience::DefaultAudience will be assumed
+     * #Azure::Storage::Files::DataLake::DataLakeAudience::DefaultAudience will be assumed
      * if Audience is not set.
      */
-    Azure::Nullable<Models::DataLakeAudience> Audience;
+    Azure::Nullable<DataLakeAudience> Audience;
   };
 
   /**

sdk/storage/azure-storage-files-datalake/src/datalake_options.cpp

@@ -3,8 +3,8 @@
 
 #include "azure/storage/files/datalake/datalake_options.hpp"
 
-namespace Azure { namespace Storage { namespace Files { namespace DataLake { namespace Models {
+namespace Azure { namespace Storage { namespace Files { namespace DataLake {
 
   const DataLakeAudience DataLakeAudience::DefaultAudience(_internal::StorageDefaultAudience);
 
-}}}}} // namespace Azure::Storage::Files::DataLake::Models
+}}}} // namespace Azure::Storage::Files::DataLake

sdk/storage/azure-storage-files-datalake/src/datalake_utilities.cpp

@@ -100,7 +100,7 @@ namespace Azure { namespace Storage { namespace Files { namespace DataLake { nam
     blobOptions.EnableTenantDiscovery = options.EnableTenantDiscovery;
     if (options.Audience.HasValue())
     {
-      blobOptions.Audience = Blobs::Models::BlobAudience(options.Audience.Value().ToString());
+      blobOptions.Audience = Blobs::BlobAudience(options.Audience.Value().ToString());
     }
     return blobOptions;
   }