CosmosDbEx.Auth (cosmos_db_ex v0.1.0) View Source
Provides all necessary functionality to peform Cosmos Db Rest API calls with authorization.
The general authorization methods were created using the Azure documentation located here: Access control in the Azure Cosmos DB SQL API
Link to this section Summary
Functions
Generates a hashed token signature for a master token that will be used for authorization of each request to the Cosmos Db api.
Link to this section Functions
generate_auth_signature(http_verb, path, date, key, key_type \\ "master", token_version \\ "1.0")
View SourceGenerates a hashed token signature for a master token that will be used for authorization of each request to the Cosmos Db api.
Params
http_verb: A HTTP verb, such as GET, POST, PUT.
resource_type: Identifies the type of resource that the request is for. Example: dbs, colls, docs.
resource_id: The identity of the resource that the request is directed at. An example for a request for a collection would be: "dbs/MyDatabase/colls/MyCollection
date: The UTC date and time the message is being sent. The date must conform to the format defined in RFC 7231 Date/Time Formats. Note that this must also be the date passed in the
x-ms-date
header. Example: "Tue, 01 Nov 1994 08:12:31 GMT".key: This is the Encoded key for your Cosmos Db database. It is usually either the primary or secondary key that can be found in the
Keys
setting in your databases blade. Note: This key should never be saved and controlled in any repo. The key should be retrieved from something like Azure Key Vault, or an environment variable.key_type: The type of key being used for authorization. This will normally be "master".
token_version: The version of the token, or the format rather, being sent to Cosmos Db. The current supported version is 1.0.
Remarks
I'm not really certain how much compute it takes to decode a Base64 encoded string, but there are actually Elixir libraries out there that drop down to 'C' just to make it faster. If it turns out that constantly decoding the key hampers performance then we can see about possibly storing the decoded key in ETS to reduce compute a little bit.