I have a web application that creates/deletes buckets, uploads/downloads objects from google storage and I am successfully using Google Apis Storage v1 and v1.Data in C#.
I would like to know if there is a way to find out how much space a bucket has used using the Google Apis. I was thinking something like StorageClient.GetBucket would return this information but it doesn't seem to.
All the help documentation seems to point to the gsutil but I can't use that as this is for a web application.
So to clarify I am using Cloud Storage Client Libraries
I want to be able to look at any given moment how much space has been used for a particular bucket, using the Google.Storage.Apis (which isn't the XML API or JSON API)
Any help would be very much appreciated.
You can set up bucket logging per Bucket Logging Doc, which will generate a file once a day with the total size (in bytes) of the buckets you defined.
And you've created a feature request as FR/37237171 at the issue tracker.
Related
I'm trying to create an elearning system that has videos associated with lessons. When a user gets to a lesson a video needs to play. The videos should not play unless I authenticate that the user can play that video and can play it right now. I'm trying to accomplish this using the azure video player.
I can make this work with azure media services without encryption without issue.
However when I go to do the encryption, the samples are VERY week.
What I'm trying to do is encrypt the video so that it can play on all browsers and have everything that the azure video player needs.
Further, at the time that the user requests to play the video I want to use their authentication with our website to determine if the video should play, and then set the token on the media services.
I would have expected that media services would use oAuth 2 and I could point it at our endpoint with a specific claim required for the specific video the user requested and I would return an auth token or not. But it appears to work backwards from this.
So I've done the following:
Gone into the classic portal (because apparently this hasn't been updated to either use the new portal or the new way of doing storage...)
Created the Media Services account.
Gone to content protection as as best as I can figure from the videos enter Type token for both and json web token.
Under issuer for aes and playready I've put in the path to our oAuth provider, but I"m not at all sure what this should be and I can't find any documentation that explains what this should be.
Scope: Under ae, the samples have something similar to urn:Portal but under playready this has to be a full URI, which I can't figure out what's supposed to be there.
I created the verification keys for both types
I have no idea what to put in claims or how this is relevant.
License type = non-persistent
Passing Video Content to Unknown Outputs I have set to Allowed. I don't know what allowed with constriction does or how it should be setup.
Allow test devices is enabled for now.
Then in my encoding stuff I've put in the following after creating the asset from samples:
//Add encryption
var key = CreateEnvelopeTypeContentKey(context, finalAsset);
var tokenTemplateString = AddTokenRestrictedAuthorizationPolicy(context, key, audience, issuer);
CreateAssetDeliveryPolicy(context, finalAsset, key);
var tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
var rawKey = EncryptionUtils.GetKeyIdAsGuid(key.Id);
string testToken = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenTemplate, null, rawKey);
But if I try and enable this stuff to get playready, wildvine AND BaselineHttp it all blows up and I cannot find examples of all 3 (which appear to be required for Chrome, Firefox and IE/Edge to work reliably) enabled and working in the code as you'd expect. (note the methods called above are directly from the samples)
Further I can't figure out how to use the verification keys from the portal in this code because I can't find any samples on this.
And presumably this sets up the asset to have it's own authentication. Although I can't tell. But what I want and need to do is have each asset be separately authentication by the asset and by the user and not have the bearer token be usable anywhere else.
At this point I'm completely lost, because the only code I can find to generate the JWT is the test stuff which obviously shouldn't be used in production.
What I'm looking for is code that doesn't use Azure AD and allows me to do my own, so that when a user wants to watch a video, they come to me, I say, yup, you're good, here's your token just for you and only you and no one else that is created just for you in C# in my web api that returns the token in the json response.
Then I want to set it in the security credentials (and put all of the permutations in!) so that it will just work on the browser in question (ie, edge, firefox, chrome, safari) and the player sends that along with the rest and the video just plays no matter what browser.
But since I can neither encrypt the video with the right keys, nor encrypt it for all permutations based on the samples nor find any example of creating the JTW properly based on the shared keys and whatever I need to store in my database based on the encryption process I'm stuck.
So is there a sample somewhere that takes you through this full process to make this work in any web browser when done and generate the encryption for all of them, and the token for the client on a per issue basis?
If not, can someone help answer these questions?
And if this is MS watching this, I'd suggest that you consider giving us the ability to have just the single url in the client, and pass our oAuth2 bearer token (not yours) and have you use that to single sign on with us, and demand a claim passing the asset id and getting a yea/nea to play the video with a timespan their authorized to play it on the specific client involved. If this is possible now, please provide a full sample or instructions on how this can be accomplished because it's very not clear at this point and everything is geared to AD which isn't useful and there are a ton of missing pieces.
Ultimately, I need to be able to live stream this content on the web and on mobile clients AND be able to download this content encrypted and play it on those same mobile clients offline but still encrypted and locked down. Those last pieces I don't have a clue how to do at this point and I can't find any documentation on either, but I'll ask that separately.
Thanks!
Bonus Reading
Resources found that are relevant but don't answer the question or only partially answer the question and break other parts:
Configure asset delivery policies with .NET SDK 🕗
Use AES-128 dynamic encryption and the key delivery service 🕗
Azure Media Player - Protected Content 🕗
Azure Media Player - Playback Technology ("Tech") 🕗
How to make Token authorized AES encrypted HLS stream working in Safari 🕗
Integrate Azure Media Services OWIN MVC based app with Azure Active Directory 🕗 (this one appears to be the closest but I've been unable to decouple it from Azure AD)
We don't have lot of samples to build customized Security Token Service (STS), because each business may have its own requirements and lots of customers are doing integration work (i.e. they already have a token issuer service).
As said, I am happy to help you to complete your workflow. You can email me at yanmf#microsoft.com and I could have a call to troubleshoot your workflow.
Cheers,
Mingfei Yan
Im trying to figure out how to retrieve images from a web service that is connected to azure thats has the images stored as blob.. i just want to be pointed in the right direction, sure if some one have a code example that will be really helpful aswell!
I have not tried any code yet just used google, youtube to find a good example... but no luck.. :/
I can store the images in a folder with the web service if that is easier?
Blobs are accessible using standard URLs. You may need a Shared Access Signature to access the file on a private blob.
I can point you in this direction:
https://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-blobs/
https://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-shared-access-signature-part-1/
Your service should do this (if I understand your need):
Create an output stream
Create in an input stream to a blob object and accessed using a SAS
Connect output stream with input stream
There are plenty of examples around for doing this...
The project I'm working on is a set of tools for users to manage their own accounts. For example, generic users will be able to access and update their Drive or calendars, and for administrators they can additionally get lists of their users and groups and manage those.
My concern is the API limits. At this point in time the project's client ID and secret are hard-coded because I want users to just be able to download and run the tools (which is working great until someone queries all users and uses up half of the daily limit for one of the APIs). I realize I can request more API calls, but I'm not sure that's the best solution.
In order to have each user on their own API limits, will I need to have each person using it set up a new Google Code project with its own set of limits? Or is there a way to allow the same project to have limits based on domain? I'm not sure what best practice is.
Edit: I should mention I'm authenticating via OAuth2.0 using 2-legged authentication, as my understanding was that was the best way to do it for administrators and users... should I be using 3-legged instead?
This is (probably) not an answer, but ...
A good question is precisely what is an "app". In this answer What is the limit on Google Drive API usage?, Nivco from Google says "Currently for the Drive API it reads "Courtesy limit: 10,000,000 queries/day". It's a per app quota"
and on the API Console, your project can consist of many "apps", each with its own client ID.
So, either (a) the term "app", being ill-defined, is being used incorrectly, or (b) you can achieve what you are looking for by creating multiple apps within your project.
Sadly, I suspect it's (a), but might be worth confirming.
I have an image upload application (C# desktop) for end users and I want to switch to the cloud(storage)(the VPS is to expensive and unlimited hosting providers don't allow image hosting scripts).
In order to do that I need to embed the login credentials inside my application (delivered to the end users) and maybe update them according to changes. So it's not a solution to me because of security reasons (cracking and upload things that aren't images).
One solution would be to host a PHP script so that my application uploads to that script (check if it's a image) and than to re-upload that image to the cloud storage. The problem is, I use the double bandwidth.
Is there any cloud hosting model that enables me that (without paying the double bandwidth or additional fees for running the PHP application or other thenology) or how to "hide" the creditals?
I have about 5000 uniqe visitors a day with about 70 users online in each moment (google analytics). I am offering a free service in a free app without adds so i have no earnings and i would really try to keep it like that with minimal hosting costs :(
Try out Google App Engine and Blobstore. It's relatively easy to use (sorry, no PHP support tho!) and is free up to a specified limit, so you can develop without having to spend.
https://developers.google.com/appengine/docs/python/blobstore/overview
How it works:
Your C# app GETs to a short Python script that simply returns a URL
that contains a random key (that Google gives your Python script)
Your C# app POSTs to that URL using an appropriate mime type.
Your C# app will be redirected to a final URL once the upload
completes. That URL will again be a Python script, which will
then record the uploaded URL (and any metadata) to prevent it from becoming orphaned.
Another advantage of using Google App Engine is that they offer image transforms (crop, scale) that will be handled on their end -- allowing you to ask for thumbnails, for example, without having to download the full sized image first.
For step 3, you could record the URL (really just the blobstore entry ID) to your main application. The point is: you don't want to lose that random key because that's the only way of retrieving the image file.
I'm developing a WP7 application that collects users data and stores it in a cloud somewhere. This data can later be accessed by the user elsewhere.
Now, anybody who can recommend a good and efficient way of this data storage?
I was thinking of storing this data in the user's skydrive from which he can later access it.
Any other suggestions please?
There is Amazon S3. A cloud storage that has many features and has a .NET SDK too.
Take a look on pastebin.com which may be interesting for you. You can post debug info via simple http post request (no user interaction required, easy integration). But there are limitations for free account: 10 private records, max 15 requests a day.