Table Storage access key support
Emulation of a service isn't complete if the authorization layer isn't emulated as well. This is why Topaz will introduce authorization mechanism for various services, starting with Table Storage.
Table Storage is secured using one of the configured authorization mechanism:
- access key
- SAS token
- Microsoft Entra ID tokens
They offer different capabilities and are applicable for different scenarios. If you want to quickly get started with that service, you can access keys will be a way to go. Each instance of Azure Storage service is created with a set of two separate access keys, which can be regenerated anytime. If you want to use them to connect, you need to simply incorporate them as part of the connection string used in the SDK of your choice.
How does Topaz emulate the access keys authorization then? There's no shortcuts or hacks - when you call Topaz API, access key verification happens exactly the same as it would happen when using the real Table Storage API. This means, that if you application fails to use a key generated by Topaz when emulated Storage Account is created, all requests will fail with HTTP 401 Unauthorized status code. This satisfies a scenario where the application uses an access key which could have been malformed or not loaded properly.
In the next releases, Topaz will introduce support for other authorization flows including SAS tokens and Microsoft Entra ID.