-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathNew-CosmosDBHeader.ps1
82 lines (70 loc) · 3.46 KB
/
New-CosmosDBHeader.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
function New-CosmosDBHeader {
<#
.SYNOPSIS
Creates a Header for the CosmosDB API
.DESCRIPTION
Creates the basic header for all API calls with encrypted authorization string and correct date.
If additional header entries are required, they can be added to the hashtable later.
.PARAMETER Verb
GET, POST, PUT, DELETE according to call
.PARAMETER resourceName
The human readable id of the resource - what the documentation says you should use but never uses
.PARAMETER resourceId
The rid of the resource - what the documentation saus you should NOT use, but is using ia all examples
.PARAMETER resourceType
dbs, colls, docs etc as specified by the call
.PARAMETER OfferThroughput
Request Units for collection creation.
.PARAMETER CosmosDBVariables
This is the Script variable generated by Connect-CosmosDB - no need to supply this variable, unless you get really creative
.EXAMPLE
New-CosmosDBHeader -ResourceType dbs -Verb put
.NOTES
https://docs.microsoft.com/en-us/rest/api/documentdb/access-control-on-documentdb-resources
#>
[CmdletBinding(DefaultParameterSetName='Default')]
param (
[Parameter(Mandatory=$True,
HelpMessage='GET, POST, etc.')]
[string]$Verb,
[Parameter(ParameterSetName='Name',
Mandatory=$True,
HelpMessage="Contains the relative path of the resource, as derived using the URI format. E.g. 'dbs/MyDatabase/colls/MyCollection/docs/MyDocument'")]
[string]$resourceName,
[Parameter(ParameterSetName='Rid',
Mandatory=$false,
HelpMessage="Contains the relative path of the resource, as derived using the URI format. E.g. 'dbs/MyDatabase/colls/MyCollection/docs/MyDocument'")]
[string]$resourceId,
[Parameter(Mandatory=$true,
HelpMessage="Identifies the type of resource that the request is for, Eg. 'dbs', 'colls', 'docs'")]
[string]$resourceType,
[Parameter(Mandatory=$false,
HelpMessage="Request Units for collection creation")]
[int]$OfferThroughput,
[Parameter(Mandatory=$false,
HelpMessage="Use Connect-CosmosDB to create this Variable collection")]
[hashtable]$CosmosDBVariables=$Script:CosmosDBVariables
)
begin {
Test-CosmosDBVariable $CosmosDBVariables
}
process {
$UTCDate = [DateTime]::UtcNow.ToString("r")
$keyBytes = [System.Convert]::FromBase64String($CosmosDBVariables['Key'])
$hmacSha256 = new-object -TypeName System.Security.Cryptography.HMACSHA256 -ArgumentList (,$keyBytes)
[string]$Payload = "{0}`n{1}`n{2}`n{3}`n{4}`n" -f $Verb.ToLowerInvariant(),$resourceType.ToLowerInvariant(),$resourceId.ToLowerInvariant(),$UTCDate.ToLowerInvariant(),''
$hashPayLoad = $hmacSha256.ComputeHash([Text.Encoding]::UTF8.GetBytes($PayLoad.ToLowerInvariant()))
$signature = [System.Convert]::ToBase64String($hashPayLoad)
[string]$authorizationFormat = 'type={0}&ver={1}&sig={2}' -f $CosmosDBVariables['keyType'],$CosmosDBVariables['tokenVersion'],$signature
$header=@{
"authorization" = [uri]::EscapeDataString($authorizationFormat)
"x-ms-version" = "2015-12-16"
"x-ms-date" = $UTCDate
"Content-Type" = "application/json"
}
if ($OfferThroughput) { $header.add("x-ms-offer-throughput", $OfferThroughput) }
}
end {
$header
}
}