zezha-msft
commented
5 years ago Hi @polarapfel, thanks for the suggestion!
I understand and appreciate your perspective. However, there's no such low cost API that always works with any credential type. In addition to Storage Key, the user could pass in SAS tokens or TokenCredential that are only authorize them to perform certain operations on certain objects. So my suggestion would be to perform the cheapest and quickest API for your particular credential type (I suggest get_blob_account_information which is much quicker since it doesn't have a long body like list container).
Which service(blob, file, queue) does this issue concern?
Any.
Which version of the SDK was used? Please provide the output of
pip freeze.azure-common==1.1.18 azure-storage-blob==1.5.0 azure-storage-common==1.4.0 azure-storage-queue==1.4.0
What problem was encountered?
Creating a service object is not validated.
As there is no API request yet at this stage, the first actual request might fail. The exception error message raised is not helpful. For example, when providing an invalid key and then attempting to create a container in a try...except block, the exception text just states
Incorrect padding.After creating the BlockBlobService object, it would be great to have a
BlockBlobService.validate()method with the following properties/behavior:The purpose of this method would allow for quickly failing in a program and abort the flow (e.g. in an Azure Function App, rather than try to run (expensive) operations (some of them non-storage related, like expensive request input validation, e.g. md5sum etc.).
Have you found a mitigation/solution?
The next best thing is to run the cheapest possible (and non-impactful) storage operation and see if that succeeds. For example, listing all containers. Unfortunately, this will differ from storage account to storage account based on how many containers there are.
Note: for table service, please post the issue here instead: https://github.com/Azure/azure-cosmosdb-python.