This document discusses how to use Windows Azure features in Windows 8 applications. It covers using push notifications, Azure Tables with Shared Access Signatures, Blob storage, and Queues. Example scenarios include storing patient meal data in Tables, sharing photos via Blobs, and providing weekly stock reports via Tables based on user subscriptions. The document emphasizes using Shared Access Signatures to securely grant limited access to Azure resources like Tables, Blobs, and Queues.
7. Metro Style application
• Focus on user experience
• Consistent UI through all the applications
• Do one think, but do it best
8. What does Windows Azure offers to us
• Tables
• Blobs
• Queues
• Service Bus
• SQL Azure
• Push Notifications
• Shared Access Signature
• Web roles
• Worker roles
• Cache roles
• Virtual Machines roles
• ... and a lot more
9. Push Notifications
• Using this mechanism we can send toasts, badges, tiles and row
notifications to the client application
• The send request notifications can be send from a cloud service
Metro Style App
Notification Client
Cloud Service
Platform
Windows Push
Notification
Service
11. Scenario 1 – Azure Tables
• Use table storage to store what each patient eat at each meal
• The price for storing data in table storage is very low
Timestamp Partition Key Row Key … … …
2005-10-30 T Client ID Meal type
10:45 UTC
Problem
• How user can have limited access to only one part of the table ?
12. Scenario 1 - Azure Tables + SAS
Problem
• How user can have limited access to only one part of the table?
Solution
• We can use Shared Access Signature
• What we can do with Shared Access Signature
• Limit access of the user to only a specific numbers of tables
• Limit access to a specific partition key and row key intervals
• Limit what kind of actions a user can do on the table
• Give access to a resource for a specific time interval
13. What is Shared Access Signature
• Limit user access to a specific Windows Azure resource
• Types of resources:
• Tables
• Queues
• Blobs and containers
• You don’t need to know or register user LIVE account
• The only thing that you share with the user is a token
• User can access your resource based on a token
14. How to create a SAS for Azure Tables
• Create the access policy
SharedAccessTablePolicy tablePolicy = new SharedAccessTablePolicy()
{
Permissions = SharedAccessTablePermissions.Query
| SharedAccessTablePermissions.Add,
SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromHours(1)
};
• Assign permissions
TablePermissions tablePermissions = new TablePermissions();
tablePermissions.SharedAccessPolicies.Add(
"Client1",
tablePolicy);
myTable.SetPermissions(tablePermissions);
• Generate the access token signature
tableToken = myTable.GetSharedAccessSignature(
new SharedAccessTablePolicy(),
"Client1_1",
10, 0, 19, 100);
15. How to create a SAS for Azure Blobs
• Create the access signature
var sharedAccessSignature = myBlob.GetSharedAccessSignature(
new SharedAccessPolicy()
{
Permissions = SharedAccessPermissions.Write
| SharedAccessPermissions.Read,
SharedAccessExpiryTime = DateTime.UtcNow +
TimeSpan.FromHours(1);
}
• Generate access URL
string sharedAccessSignatureUri = blob.Uri.AbsoluteUri + +
sharedAccessSignature;
• Use the access signature
var storageCredentialsSAS = new StorageCredentialsSharedAccessSignature(
sharedAccessSignature);
var blobClient = new CloudBlobClient(
myAccount.BlobEndpoint,
storageCredentialsSAS);
var myBlob = blobClient .GetBlobReference(“myContainer/firstBlob.txt”);
string currentContentOfBlob = myBlob.DownloadText();
myBlob.UploadText(“New text appended”);
16. How to create a SAS for Azure Queues
• Create the access signature
SharedAccessQueuePolicy sharedAccessPolicy = new SharedAccessQueuePolicy()
{
Permissions = SharedAccessQueuePermissions .ProcessMessages,
SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromHours(1)
};
string policyIdentifier = "QueuePolicy1";
QueuePermissions queuePermissions= new QueuePermissions();
queuePermissions.SharedAccessPolicies.Add(
policyIdentifier,
sharedAccessPolicy);
myQueue.SetPermissions(queuePermissions);
• Generate access token signature
string accessSignature = myQueue.GetSharedAccessSignature(
new SharedAccessQueuePolicy(),
policyIdentifier);
18. Scenario 2 – Blob Storage
• Store all content on Blob Storage
• Cheap
• Scalable
• Can stream any type of content
• Multiply devices of the same client can access the same resources
based on the Shared Access Signature
• We can send the access token by email
20. Scenario 3 – Azure Queues
• Each document for processing a command is send to Azure queue
• The message from the queue can be consumed by the core
application that process the message
• Limited access based on Shared Access Signature
• The user that generate the requests will not be able to read or
pop any kind of messages from the queue
24. Scenario 4
• We are a well know photograph
• We decide that we what to share our pictures with peoples that own a
Windows 8 tablet all around the world
• Based on a subscriptions for each album we hope to make money
• An album can contain 10 to n photos
How can we share this content with our clients?
25. Scenario 4 - Blobs
• A simple solution is using blobs plus Shared Access Signature
• For each client we create an access token that allow clients to access the
album for which they already paid
• Over this structure we create a web-application that allow clients to
download the albums based on a token
• We can use the token that is generated by Shared Access Signature
26. Scenario 5
• Let’s imagine an application that will display stock reports for each week
• This information is generated based on a lot of computation power
• Because of this the company decides to sell this valuable content based on
a weekly subscriptions
• A client can have access only to information for the weeks that he paid
• The client want to access this content from a Metro app created by us but
he also want to import this data in his own systems
Stock
27. Scenario 5 – Azure Tables
• Store all the weakly report information on Azure Tables
• Create a service that give the user the ability to access
report data based on a username and password
• Update and manage the username list and what reports
they can access
28. Scenario 5 – Azure Tables
• Store all the weakly report information on Azure Tables
• Create a service that give the user the ability to access
report data based on a username and password
• Update and manage the username list and what reports
they can access
• Define a Shared Access Policy based on partition key and
row key
Partition Key – Week unique id (201234)
Row Key – Report name