Document Details

Authenticate Shared Access Signature
Home / Scan #41 / Authenticate Shared Access Signature
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
powershell_heavy
windows_tools
windows_first
Summary
The documentation provides code examples for multiple languages and platforms, including Bash for Linux/macOS. However, it includes a dedicated PowerShell section (which is Windows-centric), and the Bash example is listed after PowerShell. There is also a lack of explicit mention of Linux command-line tools or patterns outside the Bash example, and the 'Samples' section only references .NET (which is often associated with Windows, though now cross-platform). The instructions for disabling local/SAS key authentication focus on the Azure Portal and ARM templates, which are cross-platform, but no mention is made of CLI tools like Azure CLI or Azure PowerShell for Linux users.
Recommendations
  • List Bash/Linux examples before or alongside PowerShell to avoid implying Windows-first workflows.
  • Add explicit references to Linux/Mac tools (e.g., Azure CLI commands for disabling local/SAS key authentication) where only portal or ARM template instructions are given.
  • Include sample links for Java, Node.js, or Bash/Linux-based workflows in the 'Samples' section, not just .NET.
  • Where PowerShell is used, clarify its availability on Linux and macOS, or provide equivalent Bash commands.
  • Ensure that any references to tools or workflows (such as Azure PowerShell) are accompanied by cross-platform alternatives (e.g., Azure CLI).
GitHub Create Pull Request

Scan History

Date Scan Status Result
2025-07-12 23:44 #41 cancelled Biased Biased
2025-07-12 00:58 #8 cancelled Clean Clean
2025-07-10 05:06 #7 processing Clean Clean

Flagged Code Snippets

function generateSasToken($uri, $sasKeyName, $sasKeyValue) 
{ 
    $targetUri = strtolower(rawurlencode(strtolower($uri))); 
    $expires = time(); 	
    $expiresInMins = 60; 
    $week = 60*60*24*7;
    $expires = $expires + $week; 
    $toSign = $targetUri . "\n" . $expires; 
    $signature = rawurlencode(base64_encode(hash_hmac('sha256', 			
     $toSign, $sasKeyValue, TRUE))); 
    
    $token = "SharedAccessSignature sr=" . $targetUri . "&sig=" . $signature . "&se=" . $expires . 		"&skn=" . $sasKeyName; 
    return $token; 
}

function generateSasToken($uri, $sasKeyName, $sasKeyValue) 
{ 
    $targetUri = strtolower(rawurlencode(strtolower($uri))); 
    $expires = time(); 	
    $expiresInMins = 60; 
    $week = 60*60*24*7;
    $expires = $expires + $week; 
    $toSign = $targetUri . "\n" . $expires; 
    $signature = rawurlencode(base64_encode(hash_hmac('sha256', 			
     $toSign, $sasKeyValue, TRUE))); 
    
    $token = "SharedAccessSignature sr=" . $targetUri . "&sig=" . $signature . "&se=" . $expires . 		"&skn=" . $sasKeyName; 
    return $token; 
}