Document Details
Authenticate Shared Access Signature
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
windows_first
⚠️
powershell_heavy
⚠️
windows_tools
Summary:
The documentation provides code samples for multiple languages (NodeJS, Java, PHP, C#, PowerShell, Bash) when generating SAS tokens, which is positive for cross-platform parity. However, the PowerShell example appears before the Bash example, and the Bash example is provided last, which may indicate a subtle 'windows_first' ordering. The PowerShell example is also more detailed and uses Windows-specific .NET libraries, which may not be available or work the same way on Linux. There are no explicit Linux command-line (e.g., curl, openssl) examples outside of Bash, and no mention of Linux-specific tools or patterns. The documentation references Azure portal and ARM templates for configuration, which are cross-platform, but does not mention Azure CLI or other Linux-native tools for disabling SAS authentication. There is also a heavy focus on .NET/.NET samples in the 'Samples' section, with no direct links to Linux/JavaScript/Python samples.
Recommendations:
- Reorder code samples so that Bash (or other cross-platform scripting languages) appear before PowerShell, or present them side-by-side to avoid implying a Windows-first approach.
- Provide explicit Linux command-line examples (e.g., using curl and openssl) for generating SAS tokens and authenticating, in addition to Bash functions.
- Include references to Azure CLI commands for configuration tasks (such as disabling SAS authentication), as Azure CLI is widely used on Linux.
- Add links to sample code repositories for non-.NET languages (e.g., Java, Python, Node.js) in the 'Samples' section to ensure parity.
- Where PowerShell is used, clarify if it is cross-platform (PowerShell Core) or Windows-only, and provide equivalent Bash or shell commands for Linux users.
- Mention Linux tools or patterns where appropriate, such as using jq, curl, or openssl, and ensure that all steps can be performed on both Windows and Linux.
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-09-11 00:00 | #108 | completed | ✅ Clean |
| 2025-08-11 00:00 | #77 | completed | ✅ Clean |
| 2025-08-10 00:00 | #76 | completed | ✅ Clean |
| 2025-08-09 00:00 | #75 | completed | ✅ Clean |
| 2025-08-08 00:00 | #74 | completed | ✅ Clean |
| 2025-08-07 00:00 | #73 | completed | ✅ Clean |
| 2025-08-06 00:00 | #72 | completed | ✅ Clean |
| 2025-08-05 00:00 | #71 | completed | ✅ Clean |
| 2025-08-03 00:00 | #69 | completed | ✅ Clean |
| 2025-08-01 00:00 | #67 | completed | ✅ Clean |
| 2025-07-31 00:00 | #66 | completed | ✅ Clean |
| 2025-07-30 00:00 | #65 | completed | ✅ Clean |
| 2025-07-29 00:01 | #64 | completed | ✅ Clean |
| 2025-07-13 21:37 | #48 | completed | ❌ Biased |
| 2025-07-09 13:09 | #3 | cancelled | ✅ Clean |
| 2025-07-08 04:23 | #2 | cancelled | ❌ Biased |
Flagged Code Snippets
function generateSasToken($uri, $sasKeyName, $sasKeyValue)
{
$targetUri = strtolower(rawurlencode(strtolower($uri)));
$expires = time();
$expiresInMins = 60;
$week = 60*60*24*7;
$expires = $expires + $week;
$toSign = $targetUri . "\n" . $expires;
$signature = rawurlencode(base64_encode(hash_hmac('sha256',
$toSign, $sasKeyValue, TRUE)));
$token = "SharedAccessSignature sr=" . $targetUri . "&sig=" . $signature . "&se=" . $expires . "&skn=" . $sasKeyName;
return $token;
}