88 lines
No EOL
4 KiB
PHP
88 lines
No EOL
4 KiB
PHP
<?php
|
|
// Script to create properly formatted SAS tokens for Microsoft Document Translation
|
|
|
|
// Define Azure Storage account details
|
|
$accountName = 'opticaltranslations';
|
|
$accountKey = '3eLd+LbIlxBSu4LJnIm6rQSBsK2Ah16QJL7jlZDIQo2RkM6zB/bCuzw3KLKW9dqwaDljZdG6V13F+AStHr89KA==';
|
|
$sourceContainer = 'source-documents';
|
|
$targetContainer = 'translated-documents';
|
|
|
|
// Function to generate SAS token directly using Azure-compatible format
|
|
function generateSasToken($accountName, $accountKey, $container, $permissions = 'r', $expiryHours = 24) {
|
|
// Create a simpler SAS token with fewer parameters
|
|
// Use a more recent service version
|
|
$startTime = gmdate('Y-m-d\TH:i:s\Z', time() - 300); // 5 minutes ago
|
|
$expiryTime = gmdate('Y-m-d\TH:i:s\Z', time() + $expiryHours * 3600);
|
|
|
|
// Build the string to sign in the exact format Azure expects
|
|
$stringToSign = implode("\n", [
|
|
$permissions,
|
|
'', // Empty start time (use current)
|
|
$expiryTime, // End time
|
|
"/blob/$accountName/$container", // Canonical resource
|
|
'', // Signed identifier (empty)
|
|
'', // IP range (empty)
|
|
'https', // Protocol
|
|
'2022-11-02', // Storage version - updated to newer version
|
|
]);
|
|
|
|
// Generate the signature
|
|
$signature = base64_encode(hash_hmac('sha256', $stringToSign, base64_decode($accountKey), true));
|
|
|
|
// Build the SAS token
|
|
$sasToken = sprintf(
|
|
'sv=%s&ss=%s&srt=%s&sp=%s&se=%s&spr=%s&sig=%s',
|
|
'2022-11-02', // Storage version
|
|
'b', // Service (blob)
|
|
'c', // Resource type (container)
|
|
$permissions, // Permissions
|
|
urlencode($expiryTime), // Expiry time
|
|
'https', // Protocol
|
|
urlencode($signature) // Signature
|
|
);
|
|
|
|
return $sasToken;
|
|
}
|
|
|
|
// Generate SAS tokens for the containers with longer expiry (7 days)
|
|
$sourceSasToken = generateSasToken($accountName, $accountKey, $sourceContainer, 'racwdl', 168); // 7 days = 168 hours
|
|
$targetSasToken = generateSasToken($accountName, $accountKey, $targetContainer, 'racwdl', 168);
|
|
|
|
// Build full URLs with SAS tokens
|
|
$sourceUrl = "https://$accountName.blob.core.windows.net/$sourceContainer";
|
|
$targetUrl = "https://$accountName.blob.core.windows.net/$targetContainer";
|
|
|
|
// Output the SAS tokens
|
|
echo "CONFIG UPDATE NEEDED:\n\n";
|
|
echo "Update your config.php file with these tokens:\n\n";
|
|
|
|
echo "// Source container SAS token and URL\n";
|
|
echo "define('AZURE_STORAGE_SOURCE_SAS_TOKEN', '$sourceSasToken');\n";
|
|
echo "define('AZURE_STORAGE_SOURCE_URL', '$sourceUrl');\n\n";
|
|
|
|
echo "// Target container SAS token and URL\n";
|
|
echo "define('AZURE_STORAGE_TARGET_SAS_TOKEN', '$targetSasToken');\n";
|
|
echo "define('AZURE_STORAGE_TARGET_URL', '$targetUrl');\n\n";
|
|
|
|
// Also output example Translator API URLs
|
|
$sourceWithSas = "$sourceUrl?$sourceSasToken";
|
|
$targetWithSas = "$targetUrl?$targetSasToken";
|
|
|
|
echo "\nURLs FOR MICROSOFT TRANSLATOR API:\n\n";
|
|
echo "Source container URL with SAS: $sourceWithSas\n\n";
|
|
echo "Target container URL with SAS: $targetWithSas\n\n";
|
|
|
|
echo "Check that these URLs work by visiting them in a browser.\n";
|
|
echo "If they do, Microsoft Translator should be able to access your storage.\n\n";
|
|
|
|
// Output needed Azure portal settings
|
|
echo "AZURE PORTAL SETTINGS NEEDED:\n\n";
|
|
echo "1. In the Azure Portal, go to Storage Account > Containers\n";
|
|
echo "2. For both 'source-documents' and 'translated-documents' containers:\n";
|
|
echo " - Set Access Level to 'Container (anonymous read access for containers and blobs)'\n";
|
|
echo "3. In Storage Account > Configuration:\n";
|
|
echo " - Set 'Allow Blob public access' to 'Enabled'\n";
|
|
echo " - Set 'Allow storage account key access' to 'Enabled'\n";
|
|
echo "4. In Storage Account > Access Control (IAM):\n";
|
|
echo " - Add the role assignment 'Storage Blob Data Contributor' for 'Microsoft.CognitiveServices'\n\n";
|
|
?>
|