Go Windows Azure Client Library

Merge lp:~jtv/gwacl/service-endpoints into lp:gwacl

service-endpoints
Merge into trunk

Proposed by Jeroen T. Vermeulen on 2013-08-06

Status:	Merged
Approved by:	Jeroen T. Vermeulen on 2013-08-06
Approved revision:	224
Merged at revision:	213
Proposed branch:	lp:~jtv/gwacl/service-endpoints
Merge into:	lp:gwacl
Diff against target:	912 lines (+306/-82) 12 files modified endpoints.go (+63/-0) endpoints_test.go (+115/-0) example/management/run.go (+3/-1) management_base.go (+2/-2) management_base_test.go (+28/-28) management_test.go (+1/-1) poller_test.go (+3/-3) storage_base.go (+22/-8) storage_base_test.go (+28/-6) x509dispatcher_test.go (+5/-5) x509session.go (+10/-8) x509session_test.go (+26/-20)
To merge this branch:	bzr merge lp:~jtv/gwacl/service-endpoints
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Julian Edwards (community)		2013-08-06	Approve on 2013-08-06
Review via email: mp+178660@code.launchpad.net

Commit message

Support Chinese Azure endpoints, as well as the international ones.

Description of the change

This removes the hard-coding of a single pair of base URLs for Azure's Storage and Management APIs. I defined a new type, APIEndpoint, specifying the base URL that these other URLs should be derived from. It's a bit clearer than passing just URL strings around, because those can easily become ambiguous as to what components of the ultimate URL they already include. Methods on the new type will give you URLs for the storage API, the management API, and perhaps in the future, APIs for the other services as well.

You'll note that AZURE_URL is now defaultManagement, a private variable used for tests only. There no longer is a single URL that will service all cases, and actually this was never "the" Azure URL to begin with -- it was for the management API only.

Both the management and the storage API now need to know which location they will act on. Unfortunately the way in which these are added is entirely asymmetrical:
* The management API uses a constructor, which adds a mandatory argument. This means incompatibility in the API.
* The storage API uses a struct, so the field is optional. It chooses an arbitrary (but backwards-compatible) default.

I believe the right thing to do after this would be to remove the default value for the storage API, and require a value. (Not done here because the diff was quite large enough already!) Maybe even provide a constructor like we have for the management API, because if you're going to add a mandatory parameter in a place that just about every client is going to use, breaking client code at compile time is still better than breaking it at run time.

Jeroen

Revision history for this message

Julian Edwards (julian-edwards) wrote on 2013-08-06:

Download full text (3.4 KiB)

Looks pretty good! I have some suggestions to make it better of course, but it
can land when you've made the changes.

27 + if strings.Contains(location, "China") {

It's "China East" and "China North" AFAICS, it might be worth being specific
instead of using Contains in case a new one pops up that's not actually in the
same domain. Although sod's law dictates whatever we do it'll be wrong ... but
I think explicit is always better as you end up with fewer surprises.

60 +// StorageAPI returns the base URL for the endpoint's storage API.
61 +func (endpoint APIEndpoint) StorageAPI() string {

Why not a pointer receiver? (same for ManagementAPI)

62 + return prefixHost("blob", string(endpoint))
63 +}

Given there's three types of storage, this should to be named BlobStorageAPI().
I'm not even sure the "API" part is accurate, but I'm not going to bikeshed over it.

Also, the storage URL returned here is still not complete, it would need the account prefixed.
It might be worth encapsulating that functionality in this object so that all the URL
manipulation is done in the same place. I'd have StorageAPI take an account name parameter.

114 +func (*endpointsSuite) TestGetEndpointMakesGoodGuessesForUknownRegions(c *C) {
115 + c.Check(
116 + GetEndpoint("South San Marino Highlands"),
117 + Equals,
118 + GetEndpoint("West US"))
119 + c.Check(
120 + GetEndpoint("Central China West"),
121 + Equals,
122 + GetEndpoint("China East"))
123 +}

I'm not sure I like this test at all. Its expected output is a function of the method being tested
rather than something either constant or independent of it, and that's kinda nasty. It also feels
fragile.

I'd much rather you were explicit in testing expected output to be the required endpoint URLs.

535 + // AzureEndpoint specifies a base service endpoint URL for the Azure APIs.
536 + // If this is not set, it will default to the international endpoint which
537 + // will not work in mainland China.
538 + //
539 + // Try to set this if at all possible. Use GetEndpoint() to obtain the
540 + // endpoint associated with a given service location, e.g. "West US" or
541 + // "North Europe" or "East China".
542 + AzureEndpoint APIEndpoint

I don't like the "try to set this" stuff at all here. Let's just panic if it's not set.
Out of interest, I wonder if Go works like C++ here and lets you supply a value that works with
the type's constructor as well as supplying the type itself.

558 + if endpoint == "" {
559 + // No API endpoint specified. Default to the international one.
560 + // This will not work for mainland China.
561 + endpoint = GetEndpoint("West US")

Remove this and panic() if it's not set.

563 + return prefixHost(context.Account, endpoint.StorageAPI())

And as I mentioned before, let's encapsulate this in APIEndpoint.

732 +// defaultManagement is the international management API for Azure.
733 +// (Mainland China gets a different URL).
734 +const defaultManagement = "https://management.core.windows.net/"

I hate Go for breaking the convention that consts are in CAPS. Grrr.

Anyway this should be defa...

Looks pretty good!  I have some suggestions to make it better of course, but it
can land when you've made the changes.

27	+    if strings.Contains(location, "China") {

It's "China East" and "China North" AFAICS, it might be worth being specific
instead of using Contains in case a new one pops up that's not actually in the
same domain.  Although sod's law dictates whatever we do it'll be wrong ... but
I think explicit is always better as you end up with fewer surprises.

60	+// StorageAPI returns the base URL for the endpoint's storage API.
61	+func (endpoint APIEndpoint) StorageAPI() string {

Why not a pointer receiver? (same for ManagementAPI)

62	+    return prefixHost("blob", string(endpoint))
63	+}

Given there's three types of storage, this should to be named BlobStorageAPI().
I'm not even sure the "API" part is accurate, but I'm not going to bikeshed over it.

Also, the storage URL returned here is still not complete, it would need the account prefixed.
It might be worth encapsulating that functionality in this object so that all the URL
manipulation is done in the same place.  I'd have StorageAPI take an account name parameter.

114	+func (*endpointsSuite) TestGetEndpointMakesGoodGuessesForUknownRegions(c *C) {
115	+    c.Check(
116	+        GetEndpoint("South San Marino Highlands"),
117	+        Equals,
118	+        GetEndpoint("West US"))
119	+    c.Check(
120	+        GetEndpoint("Central China West"),
121	+        Equals,
122	+        GetEndpoint("China East"))
123	+}

I'd much rather you were explicit in testing expected output to be the required endpoint URLs.

535	+    // AzureEndpoint specifies a base service endpoint URL for the Azure APIs.
536	+    // If this is not set, it will default to the international endpoint which
537	+    // will not work in mainland China.
538	+    //
539	+    // Try to set this if at all possible.  Use GetEndpoint() to obtain the
540	+    // endpoint associated with a given service location, e.g. "West US" or
541	+    // "North Europe" or "East China".
542	+    AzureEndpoint APIEndpoint

I don't like the "try to set this" stuff at all here.  Let's just panic if it's not set.
Out of interest, I wonder if Go works like C++ here and lets you supply a value that works with
the type's constructor as well as supplying the type itself.

558	+    if endpoint == "" {
559	+        // No API endpoint specified.  Default to the international one.
560	+        // This will not work for mainland China.
561	+        endpoint = GetEndpoint("West US")

Remove this and panic() if it's not set.

563	+    return prefixHost(context.Account, endpoint.StorageAPI())

And as I mentioned before, let's encapsulate this in APIEndpoint.

732	+// defaultManagement is the international management API for Azure.
733	+// (Mainland China gets a different URL).
734	+const defaultManagement = "https://management.core.windows.net/"

I hate Go for breaking the convention that consts are in CAPS.  Grrr.

Anyway this should be defaultManagementURL, no?  Sorry to bikeshed :)

895	-    session, err := newX509Session(subscriptionID, "")
896	+    session, err := newX509Session(subscriptionID, "", "West US")

Just picking one of these diff parts at random - but we should probably have a
makeRandomLocation() helper for tests where the location is irrelevant.

review: Approve

lp:~jtv/gwacl/service-endpoints updated on 2013-08-06

223. By Jeroen T. Vermeulen on 2013-08-06: Review change: rename StorageAPI to BlobStorageAPI.
224. By Jeroen T. Vermeulen on 2013-08-06: Document usage of the blob-storage API URL.

Revision history for this message

Jeroen T. Vermeulen (jtv) wrote on 2013-08-06:

Download full text (6.3 KiB)

> 27 + if strings.Contains(location, "China") {
>
> It's "China East" and "China North" AFAICS, it might be worth being specific
> instead of using Contains in case a new one pops up that's not actually in the
> same domain. Although sod's law dictates whatever we do it'll be wrong ...
> but
> I think explicit is always better as you end up with fewer surprises.

I disagree. When a new region appears with "China" in its name, there's a good chance that it'll be in mainland China. Unless they called it "South China Sea" but it seems unlikely politically -- and "Indo-China" has gone right out of fashion. Conversely, there is a region in China that isn't in mainland China and isn't using the Chinese endpoints, and they took care not to name it after China.

So the name "China" seems to be a good indicator, and "locations with China in the names use the mainland-Chinese endpoints, the rest use the international ones" is a rule that accommodates both the known cases and expected future cases. It's explicit, just not as fragile and verbose as specifying known endpoints. It gives us a chance of supporting a new location without code changes.

> 60 +// StorageAPI returns the base URL for the endpoint's storage API.
> 61 +func (endpoint APIEndpoint) StorageAPI() string {
>
> Why not a pointer receiver? (same for ManagementAPI)

Because it's the language's way of saying that you're not going to get your object modified by calling this. I don't care much about it either way.

> 62 + return prefixHost("blob", string(endpoint))
> 63 +}
>
> Given there's three types of storage, this should to be named
> BlobStorageAPI().

Fixed.

> Also, the storage URL returned here is still not complete, it would need the
> account prefixed.
> It might be worth encapsulating that functionality in this object so that all
> the URL
> manipulation is done in the same place. I'd have StorageAPI take an account
> name parameter.

We do need that, but I felt that was in a different layer of responsibility. We already had a method for it, which I kept in place (although I made it re-use prefixHost so it's very simple).

> 114 +func (*endpointsSuite)
> TestGetEndpointMakesGoodGuessesForUknownRegions(c *C) {
> 115 + c.Check(
> 116 + GetEndpoint("South San Marino Highlands"),
> 117 + Equals,
> 118 + GetEndpoint("West US"))
> 119 + c.Check(
> 120 + GetEndpoint("Central China West"),
> 121 + Equals,
> 122 + GetEndpoint("China East"))
> 123 +}
>
> I'm not sure I like this test at all. Its expected output is a function of the
> method being tested
> rather than something either constant or independent of it, and that's kinda
> nasty. It also feels
> fragile.
>
> I'd much rather you were explicit in testing expected output to be the
> required endpoint URLs.

This test verifies a specific relationship between the function's responses to different inputs. Not the actual responses themselves; those are covered by tests at the appropriate level and they're not relevant here. This is just a higher level of abstraction and I don't think that's a bad thi...

> 27      +    if strings.Contains(location, "China") {
> 
> It's "China East" and "China North" AFAICS, it might be worth being specific
> instead of using Contains in case a new one pops up that's not actually in the
> same domain.  Although sod's law dictates whatever we do it'll be wrong ...
> but
> I think explicit is always better as you end up with fewer surprises.

I disagree.  When a new region appears with "China" in its name, there's a good chance that it'll be in mainland China.  Unless they called it "South China Sea" but it seems unlikely politically -- and "Indo-China" has gone right out of fashion.  Conversely, there is a region in China that isn't in mainland China and isn't using the Chinese endpoints, and they took care not to name it after China.

So the name "China" seems to be a good indicator, and "locations with China in the names use the mainland-Chinese endpoints, the rest use the international ones" is a rule that accommodates both the known cases and expected future cases.  It's explicit, just not as fragile and verbose as specifying known endpoints.  It gives us a chance of supporting a new location without code changes.

> 60      +// StorageAPI returns the base URL for the endpoint's storage API.
> 61      +func (endpoint APIEndpoint) StorageAPI() string {
> 
> Why not a pointer receiver? (same for ManagementAPI)

Because it's the language's way of saying that you're not going to get your object modified by calling this.  I don't care much about it either way.

> 62      +    return prefixHost("blob", string(endpoint))
> 63      +}
> 
> Given there's three types of storage, this should to be named
> BlobStorageAPI().

Fixed.

> Also, the storage URL returned here is still not complete, it would need the
> account prefixed.
> It might be worth encapsulating that functionality in this object so that all
> the URL
> manipulation is done in the same place.  I'd have StorageAPI take an account
> name parameter.

We do need that, but I felt that was in a different layer of responsibility.  We already had a method for it, which I kept in place (although I made it re-use prefixHost so it's very simple).

> 114     +func (*endpointsSuite)
> TestGetEndpointMakesGoodGuessesForUknownRegions(c *C) {
> 115     +    c.Check(
> 116     +        GetEndpoint("South San Marino Highlands"),
> 117     +        Equals,
> 118     +        GetEndpoint("West US"))
> 119     +    c.Check(
> 120     +        GetEndpoint("Central China West"),
> 121     +        Equals,
> 122     +        GetEndpoint("China East"))
> 123     +}
> 
> I'm not sure I like this test at all. Its expected output is a function of the
> method being tested
> rather than something either constant or independent of it, and that's kinda
> nasty. It also feels
> fragile.
> 
> I'd much rather you were explicit in testing expected output to be the
> required endpoint URLs.

This test verifies a specific relationship between the function's responses to different inputs.  Not the actual responses themselves; those are covered by tests at the appropriate level and they're not relevant here.  This is just a higher level of abstraction and I don't think that's a bad thing.

Making the change you ask for would replace an explicit statement of the relationship with one that is implicit and easily lost in the unnecessary detail.  But it also increases fragility.  For example, we might at some point remove the trailing slashes after the URLs' hostnames.  Completely arbitrary change, but simplestreams might force us to make it someday.  That is completely outside the scope of this test: the test shouldn't care.  But the way you're asking me to write it, it'd break this test for no reason.  An engineer with a whole bunch of these failures on their hands would have to fix up the URLs in the tests on auto-pilot.

On the other hand, imagine that the *relationship* that this test verifies breaks during development.  The test would fail, because that's what it's for.  But if I wrote it your way, the required change would be indistinguishable from the change required for the inconsequential change from the first example.  What is the engineer's reasonable response?  Fix up the URLs in the tests, on auto-pilot.  At that point the test becomes meaningless -- because the relationship that's being tested was left implicit in the data instead of explicit, and because of the unnecessary fragility.

> I don't like the "try to set this" stuff at all here.  Let's just panic if
> it's not set.

Neither do I.  See the merge proposal.

> Out of interest, I wonder if Go works like C++ here and lets you supply a
> value that works with
> the type's constructor as well as supplying the type itself.

I don't know what you mean.

> 558     +    if endpoint == "" {
> 559     +        // No API endpoint specified.  Default to the international
> one.
> 560     +        // This will not work for mainland China.
> 561     +        endpoint = GetEndpoint("West US")
> 
> Remove this and panic() if it's not set.

Separate branch.  See the merge proposal.  Expect collateral damage.

> 563     +    return prefixHost(context.Account, endpoint.StorageAPI())
> 
> And as I mentioned before, let's encapsulate this in APIEndpoint.

Hmm... I tried doing that just now, but it made things appreciably worse, because of the way it breaks down separation of responsibilities.  Instead, I documented the need to prefix the account name.

> 732     +// defaultManagement is the international management API for Azure.
> 733     +// (Mainland China gets a different URL).
> 734     +const defaultManagement = "https://management.core.windows.net/"
> 
> I hate Go for breaking the convention that consts are in CAPS.  Grrr.
> 
> Anyway this should be defaultManagementURL, no?  Sorry to bikeshed :)

Yes, but it's incredibly long -- and this variable just became a lot less significant so I felt I could cheat a bit.

> 895     -    session, err := newX509Session(subscriptionID, "")
> 896     +    session, err := newX509Session(subscriptionID, "", "West US")
> 
> Just picking one of these diff parts at random - but we should probably have a
> makeRandomLocation() helper for tests where the location is irrelevant.

Yes.  The tragedy is that it makes the code even longer, for something irrelevant.  I can do this in a separate branch if you like; the diff is already quite big and I'd like to get it landed before conflicts emerge.

Revision history for this message

Julian Edwards (julian-edwards) wrote on 2013-08-06:

Download full text (4.0 KiB)

On Tuesday 06 Aug 2013 08:02:26 you wrote:
> I disagree. When a new region appears with "China" in its name, there's a

[snip]

Ok I just thought I'd bring it up. I think we'll end up getting bitten one way or
another but hey ... SEP.

> > 60 +// StorageAPI returns the base URL for the endpoint's storage
> > API.
> > 61 +func (endpoint APIEndpoint) StorageAPI() string {
> >
> > Why not a pointer receiver? (same for ManagementAPI)
>
> Because it's the language's way of saying that you're not going to get your
> object modified by calling this. I don't care much about it either way.

Ok - it's just that we know that non-pointer receivers don't meet the interface etc
etc. Most of the rest of the code uses pointer receivers.

> > Also, the storage URL returned here is still not complete, it would need
> > the account prefixed.
> > It might be worth encapsulating that functionality in this object so that
> > all the URL
> > manipulation is done in the same place. I'd have StorageAPI take an
> > account name parameter.
>
> We do need that, but I felt that was in a different layer of responsibility.
> We already had a method for it, which I kept in place (although I made it
> re-use prefixHost so it's very simple).

I genuinely don't think it's a different layer of responsibility.

My reasoning is that each storage account is a different API endpoint. This code
says it returns an API endpoint, but it doesn't, it's not usable yet.

> This test verifies a specific relationship between the function's responses
> to different inputs. Not the actual responses themselves; those are
> covered by tests at the appropriate level and they're not relevant here.
> This is just a higher level of abstraction and I don't think that's a bad
> thing.
>
> Making the change you ask for would replace an explicit statement of the
> relationship with one that is implicit and easily lost in the unnecessary
> detail. But it also increases fragility. For example, we might at some
> point remove the trailing slashes after the URLs' hostnames. Completely
> arbitrary change, but simplestreams might force us to make it someday.
> That is completely outside the scope of this test: the test shouldn't care.
> But the way you're asking me to write it, it'd break this test for no
> reason. An engineer with a whole bunch of these failures on their hands
> would have to fix up the URLs in the tests on auto-pilot.
>
> On the other hand, imagine that the *relationship* that this test verifies
> breaks during development. The test would fail, because that's what it's
> for. But if I wrote it your way, the required change would be
> indistinguishable from the change required for the inconsequential change
> from the first example. What is the engineer's reasonable response? Fix
> up the URLs in the tests, on auto-pilot. At that point the test becomes
> meaningless -- because the relationship that's being tested was left
> implicit in the data instead of explicit, and because of the unnecessary
> fragility.

Ok we'll have to agree to disagree.

> > I don't like the "try to set this" stuff at all here. Let's just panic if
> > it's not set.
>
> Neither ...

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

GWACL Hackers

Jeroen T. Vermeulen

 === added file 'endpoints.go'
 --- endpoints.go	1970-01-01 00:00:00 +0000
 +++ endpoints.go	2013-08-06 08:00:44 +0000
@@ -0,0 +1,63 @@
++// Copyright 2013 Canonical Ltd.  This software is licensed under the
++// GNU Lesser General Public License version 3 (see the file COPYING).
++
++package gwacl
++
++import (
++    "fmt"
++    "net/url"
++    "strings"
++)
++
++// APIEndpoint describes the base URL for accesing Windows Azure's APIs.
++//
++// Azure will have subdomains on this URL's domain, such as blob.<domain> for
++// storage, with further sub-domains for storage accounts; management.<domain>
++// for the management API; and possibly more such as queue.<domain>,
++// table.<domain>.  APIEndpoint defines methods to obtain these URLs.
++type APIEndpoint string
++
++// GetEndpoint returns the API endpoint for the given location.  This is
++// hard-coded, so some guesswork may be involved.
++func GetEndpoint(location string) APIEndpoint {
++    if strings.Contains(location, "China") {
++        // Mainland China is a special case.  It has its own endpoint.
++        return "https://core.chinacloudapi.cn/"
++    }
++
++    // The rest of the world shares a single endpoint.
++    return "https://core.windows.net/"
++}
++
++// prefixHost prefixes the hostname part of a URL with a subdomain.  For
++// example, prefixHost("foo", "http://example.com") becomes
++// "http://foo.example.com".
++//
++// The URL must be well-formed, and contain a hostname.
++func prefixHost(host, originalURL string) string {
++    parsedURL, err := url.Parse(originalURL)
++    if err != nil {
++        panic(fmt.Errorf("failed to parse URL %s - %v", originalURL, err))
++    }
++    if parsedURL.Host == "" {
++        panic(fmt.Errorf("no hostname in URL '%s'", originalURL))
++    }
++    // Escape manually.  Strangely, turning a url.URL into a string does not
++    // do this for you.
++    parsedURL.Host = url.QueryEscape(host) + "." + parsedURL.Host
++    return parsedURL.String()
++}
++
++// ManagementAPI returns the URL for the endpoint's management API.
++func (endpoint APIEndpoint) ManagementAPI() string {
++    return prefixHost("management", string(endpoint))
++}
++
++// BlobStorageAPI returns the base URL for the endpoint's blob storage API.
++//
++// Actual storage API requests are made to subdomains of this URL.  To address
++// a particular storage account, prefix it as a subdomain to the hostname
++// portion of this URL.
++func (endpoint APIEndpoint) BlobStorageAPI() string {
++    return prefixHost("blob", string(endpoint))
++}
 === added file 'endpoints_test.go'
 --- endpoints_test.go	1970-01-01 00:00:00 +0000
 +++ endpoints_test.go	2013-08-06 08:00:44 +0000
@@ -0,0 +1,115 @@
++// Copyright 2013 Canonical Ltd.  This software is licensed under the
++// GNU Lesser General Public License version 3 (see the file COPYING).
++
++package gwacl
++
++import (
++    "fmt"
++    . "launchpad.net/gocheck"
++    "net/url"
++)
++
++type endpointsSuite struct{}
++
++var _ = Suite(&endpointsSuite{})
++
++func (*endpointsSuite) TestGetEndpointReturnsEndpointsForKnownRegions(c *C) {
++    internationalLocations := []string{
++        "West Europe",
++        "East Asia",
++        "East US 2",
++        "Southeast Asia",
++        "East US",
++        "Central US",
++        "West US",
++        "North Europe",
++    }
++    internationalEndpoint := APIEndpoint("https://core.windows.net/")
++
++    for _, location := range internationalLocations {
++        c.Check(GetEndpoint(location), Equals, internationalEndpoint)
++    }
++
++    // The mainland-China locations have a different endpoint.
++    // (Actually the East Asia data centre is said to be in Hong Kong, but it
++    // acts as international).
++    mainlandChinaLocations := []string{
++        "China East",
++        "China North",
++    }
++    mainlandChinaEndpoint := APIEndpoint("https://core.chinacloudapi.cn/")
++    for _, location := range mainlandChinaLocations {
++        c.Check(GetEndpoint(location), Equals, mainlandChinaEndpoint)
++    }
++}
++
++func (*endpointsSuite) TestGetEndpointMakesGoodGuessesForUknownRegions(c *C) {
++    c.Check(
++        GetEndpoint("South San Marino Highlands"),
++        Equals,
++        GetEndpoint("West US"))
++    c.Check(
++        GetEndpoint("Central China West"),
++        Equals,
++        GetEndpoint("China East"))
++}
++
++func (*endpointsSuite) TestPrefixHostPrefixesSubdomain(c *C) {
++    c.Check(
++        prefixHost("foo", "http://example.com"),
++        Equals,
++        "http://foo.example.com")
++}
++
++func (*endpointsSuite) TestPrefixHostPreservesOtherURLComponents(c *C) {
++    c.Check(
++        prefixHost("foo", "http://example.com/"),
++        Equals,
++        "http://foo.example.com/")
++    c.Check(
++        prefixHost("foo", "nntp://example.com"),
++        Equals,
++        "nntp://foo.example.com")
++    c.Check(
++        prefixHost("foo", "http://user@example.com"),
++        Equals,
++        "http://user@foo.example.com")
++    c.Check(
++        prefixHost("foo", "http://example.com:999"),
++        Equals,
++        "http://foo.example.com:999")
++    c.Check(
++        prefixHost("foo", "http://example.com/path"),
++        Equals,
++        "http://foo.example.com/path")
++}
++
++func (*endpointsSuite) TestPrefixHostEscapes(c *C) {
++    host := "5%=1/20?"
++    c.Check(
++        prefixHost(host, "http://example.com"),
++        Equals,
++        fmt.Sprintf("http://%s.example.com", url.QueryEscape(host)))
++}
++
++func (*endpointsSuite) TestManagementAPICombinesWithGetEndpoint(c *C) {
++    c.Check(
++        GetEndpoint("West US").ManagementAPI(),
++        Equals,
++        "https://management.core.windows.net/")
++    c.Check(
++        GetEndpoint("China East").ManagementAPI(),
++        Equals,
++        "https://management.core.chinacloudapi.cn/")
++}
++
++func (*endpointsSuite) TestBlobStorageAPICombinesWithGetEndpoint(c *C) {
++    c.Check(
++        GetEndpoint("West US").BlobStorageAPI(),
++        Equals,
++        "https://blob.core.windows.net/")
++    c.Check(
++        GetEndpoint("China East").BlobStorageAPI(),
++        Equals,
++        "https://blob.core.chinacloudapi.cn/")
++}
 === modified file 'example/management/run.go'
 --- example/management/run.go	2013-07-25 22:23:31 +0000
 +++ example/management/run.go	2013-08-06 08:00:44 +0000
@@ -22,11 +22,13 @@
  var certFile string
  var subscriptionID string
  var pause bool
++var location string
  func getParams() error {
      flag.StringVar(&certFile, "cert", "", "Name of your management certificate file (in PEM format).")
      flag.StringVar(&subscriptionID, "subscriptionid", "", "Your Azure subscription ID.")
      flag.BoolVar(&pause, "pause", false, "Wait for user input after the VM is brought up (useful for further testing)")
++    flag.StringVar(&location, "location", "North Europe", "Azure cloud location, e.g. 'West US' or 'China East'")
      flag.Parse()
@@ -73,7 +75,7 @@
          os.Exit(1)
+     }
--    api, err := gwacl.NewManagementAPI(subscriptionID, certFile)
++    api, err := gwacl.NewManagementAPI(subscriptionID, certFile, location)
      checkError(err)
      ExerciseHostedServicesAPI(api)
 === modified file 'management_base.go'
 --- management_base.go	2013-07-25 22:02:41 +0000
 +++ management_base.go	2013-08-06 08:00:44 +0000
@@ -34,8 +34,8 @@
  // NewManagementAPI creates an object used to interact with Windows Azure's API.
  // http://msdn.microsoft.com/en-us/library/windowsazure/ff800682.aspx
--func NewManagementAPI(subscriptionId string, certFile string) (*ManagementAPI, error) {
--    session, err := newX509Session(subscriptionId, certFile)
++func NewManagementAPI(subscriptionId, certFile, location string) (*ManagementAPI, error) {
++    session, err := newX509Session(subscriptionId, certFile, location)
      if err != nil {
          return nil, err
+     }
 === modified file 'management_base_test.go'
 --- management_base_test.go	2013-07-25 22:02:41 +0000
 +++ management_base_test.go	2013-08-06 08:00:44 +0000
@@ -36,7 +36,7 @@
  func makeAPI(c *C) *ManagementAPI {
      subscriptionId := "subscriptionId"
--    api, err := NewManagementAPI(subscriptionId, "")
++    api, err := NewManagementAPI(subscriptionId, "", "West US")
      c.Assert(err, IsNil)
      // Polling is disabled by default.
      api.PollerInterval = 0
@@ -233,23 +233,23 @@
      err := ioutil.WriteFile(certFile, []byte(testCert), 0600)
      c.Assert(err, IsNil)
--    api, err := NewManagementAPI(subscriptionId, certFile)
++    api, err := NewManagementAPI(subscriptionId, certFile, "West US")
      c.Assert(err, IsNil)
--    session, err := newX509Session(subscriptionId, certFile)
++    session, err := newX509Session(subscriptionId, certFile, "West US")
      c.Assert(api.session.subscriptionId, DeepEquals, session.subscriptionId)
      c.Assert(api.session.certFile, DeepEquals, session.certFile)
+ }
  func (suite *managementBaseAPISuite) TestNewManagementAPISetsDefaultPollerInterval(c *C) {
--    api, err := NewManagementAPI("subscriptionId", "")
++    api, err := NewManagementAPI("subscriptionId", "", "West US")
      c.Assert(err, IsNil)
      c.Assert(api.PollerInterval, Equals, DefaultPollerInterval)
+ }
  func (suite *managementBaseAPISuite) TestNewManagementAPISetsDefaultPollerTimeout(c *C) {
--    api, err := NewManagementAPI("subscriptionId", "")
++    api, err := NewManagementAPI("subscriptionId", "", "West US")
      c.Assert(err, IsNil)
      c.Assert(api.PollerTimeout, Equals, DefaultPollerTimeout)
@@ -394,7 +394,7 @@
      descriptors, err := api.ListHostedServices()
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/services/hostedservices"
++    expectedURL := defaultManagement + api.session.subscriptionId + "/services/hostedservices"
      checkOneRequest(c, &recordedRequests, expectedURL, "2012-03-01", nil, "GET")
      c.Assert(descriptors[0].URL, Equals, url)
+ }
@@ -424,7 +424,7 @@
      err := api.UpdateHostedService(serviceName, update)
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/services/hostedservices/" + serviceName
++    expectedURL := defaultManagement + api.session.subscriptionId + "/services/hostedservices/" + serviceName
      checkOneRequest(c, &recordedRequests, expectedURL, "2012-03-01", requestPayload, "PUT")
+ }
@@ -435,7 +435,7 @@
      } else {
          query = "embed-detail=false"
+     }
--    expectedURL := fmt.Sprintf("%s%s/services/hostedservices/%s?%s", AZURE_URL,
++    expectedURL := fmt.Sprintf("%s%s/services/hostedservices/%s?%s", defaultManagement,
          api.session.subscriptionId, serviceName, query)
      checkRequest(c, httpRequest, expectedURL, "2012-03-01", nil, "GET")
+ }
@@ -543,7 +543,7 @@
      createHostedService := NewCreateHostedServiceWithLocation("testName", "testLabel", "East US")
      err := api.AddHostedService(createHostedService)
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/services/hostedservices"
++    expectedURL := defaultManagement + api.session.subscriptionId + "/services/hostedservices"
      expectedPayload, err := marshalXML(createHostedService)
      c.Assert(err, IsNil)
      checkOneRequest(c, recordedRequests, expectedURL, "2012-03-01", expectedPayload, "POST")
@@ -573,7 +573,7 @@
      err := api.CheckHostedServiceNameAvailability(serviceName)
      c.Assert(err, IsNil)
--    expectedURL := (AZURE_URL + api.session.subscriptionId +
++    expectedURL := (defaultManagement + api.session.subscriptionId +
          "/services/hostedservices/operations/isavailable/" + serviceName)
      checkOneRequest(c, &recordedRequests, expectedURL, "2012-03-01", nil, "GET")
+ }
@@ -595,7 +595,7 @@
      c.Assert(err, ErrorMatches, reason)
      c.Check(recordedRequests, HasLen, 1)
--    expectedURL := (AZURE_URL + api.session.subscriptionId +
++    expectedURL := (defaultManagement + api.session.subscriptionId +
          "/services/hostedservices/operations/isavailable/" + serviceName)
      checkOneRequest(c, &recordedRequests, expectedURL, "2012-03-01", nil, "GET")
+ }
@@ -637,7 +637,7 @@
+ }
  func assertDeleteHostedServiceRequest(c *C, api *ManagementAPI, serviceName string, httpRequest *X509Request) {
--    expectedURL := fmt.Sprintf("%s%s/services/hostedservices/%s", AZURE_URL,
++    expectedURL := fmt.Sprintf("%s%s/services/hostedservices/%s", defaultManagement,
          api.session.subscriptionId, serviceName)
      checkRequest(c, httpRequest, expectedURL, "2010-10-28", nil, "DELETE")
+ }
@@ -669,7 +669,7 @@
      err := api.AddDeployment(deployment, serviceName)
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/services/hostedservices/" + serviceName + "/deployments"
++    expectedURL := defaultManagement + api.session.subscriptionId + "/services/hostedservices/" + serviceName + "/deployments"
      expectedPayload, err := marshalXML(deployment)
      c.Assert(err, IsNil)
      checkOneRequest(c, recordedRequests, expectedURL, "2012-03-01", expectedPayload, "POST")
@@ -677,7 +677,7 @@
  func assertDeleteDeploymentRequest(c *C, api *ManagementAPI, hostedServiceName, deploymentName string, httpRequest *X509Request) {
      expectedURL := fmt.Sprintf(
--        "%s%s/services/hostedservices/%s/deployments/%s", AZURE_URL,
++        "%s%s/services/hostedservices/%s/deployments/%s", defaultManagement,
          api.session.subscriptionId, hostedServiceName, deploymentName)
      checkRequest(c, httpRequest, expectedURL, "2012-03-01", nil, "DELETE")
+ }
@@ -776,7 +776,7 @@
  func assertGetDeploymentRequest(c *C, api *ManagementAPI, request *GetDeploymentRequest, httpRequest *X509Request) {
      expectedURL := fmt.Sprintf(
--        "%s%s/services/hostedservices/%s/deployments/%s", AZURE_URL,
++        "%s%s/services/hostedservices/%s/deployments/%s", defaultManagement,
          api.session.subscriptionId, request.ServiceName, request.DeploymentName)
      checkRequest(c, httpRequest, expectedURL, "2012-03-01", nil, "GET")
+ }
@@ -818,7 +818,7 @@
      err := api.AddStorageAccount(cssi)
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/services/storageservices"
++    expectedURL := defaultManagement + api.session.subscriptionId + "/services/storageservices"
      expectedPayload, err := marshalXML(cssi)
      c.Assert(err, IsNil)
      checkOneRequest(c, &recordedRequests, expectedURL, "2012-03-01", expectedPayload, "POST")
@@ -873,7 +873,7 @@
+ }
  func assertDeleteDiskRequest(c *C, api *ManagementAPI, diskName string, httpRequest *X509Request) {
--    expectedURL := fmt.Sprintf("%s%s/services/disks/%s", AZURE_URL,
++    expectedURL := fmt.Sprintf("%s%s/services/disks/%s", defaultManagement,
          api.session.subscriptionId, diskName)
      checkRequest(c, httpRequest, expectedURL, "2012-08-01", nil, "DELETE")
+ }
@@ -930,7 +930,7 @@
      err := api.performRoleOperation(serviceName, deploymentName, roleName, version, operation)
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/services/hostedservices/" + serviceName + "/deployments/" + deploymentName + "/roleinstances/" + roleName + "/Operations"
++    expectedURL := defaultManagement + api.session.subscriptionId + "/services/hostedservices/" + serviceName + "/deployments/" + deploymentName + "/roleinstances/" + roleName + "/Operations"
      expectedPayload, err := marshalXML(operation)
      c.Assert(err, IsNil)
      checkOneRequest(c, recordedRequests, expectedURL, version, expectedPayload, "POST")
@@ -942,7 +942,7 @@
      request := &StartRoleRequest{"serviceName", "deploymentName", "roleName"}
      err := api.StartRole(request)
      c.Assert(err, IsNil)
--    expectedURL := (AZURE_URL + api.session.subscriptionId + "/services/hostedservices/" +
++    expectedURL := (defaultManagement + api.session.subscriptionId + "/services/hostedservices/" +
          request.ServiceName + "/deployments/" + request.DeploymentName + "/roleinstances/" +
          request.RoleName + "/Operations")
      expectedPayload, err := marshalXML(startRoleOperation)
@@ -956,7 +956,7 @@
      request := &RestartRoleRequest{"serviceName", "deploymentName", "roleName"}
      err := api.RestartRole(request)
      c.Assert(err, IsNil)
--    expectedURL := (AZURE_URL + api.session.subscriptionId + "/services/hostedservices/" +
++    expectedURL := (defaultManagement + api.session.subscriptionId + "/services/hostedservices/" +
          request.ServiceName + "/deployments/" + request.DeploymentName + "/roleinstances/" +
          request.RoleName + "/Operations")
      expectedPayload, err := marshalXML(restartRoleOperation)
@@ -967,7 +967,7 @@
  func assertShutdownRoleRequest(c *C, api *ManagementAPI, request *ShutdownRoleRequest, httpRequest *X509Request) {
      expectedURL := fmt.Sprintf(
          "%s%s/services/hostedservices/%s/deployments/%s/roleinstances/%s/Operations",
--        AZURE_URL, api.session.subscriptionId, request.ServiceName,
++        defaultManagement, api.session.subscriptionId, request.ServiceName,
          request.DeploymentName, request.RoleName)
      expectedPayload, err := marshalXML(shutdownRoleOperation)
      c.Assert(err, IsNil)
@@ -985,7 +985,7 @@
+ }
  func assertGetRoleRequest(c *C, api *ManagementAPI, httpRequest *X509Request, serviceName, deploymentName, roleName string) {
--    expectedURL := (AZURE_URL + api.session.subscriptionId +
++    expectedURL := (defaultManagement + api.session.subscriptionId +
          "/services/hostedservices/" +
          serviceName + "/deployments/" + deploymentName + "/roles/" + roleName)
      checkRequest(c, httpRequest, expectedURL, "2012-03-01", nil, "GET")
@@ -1013,7 +1013,7 @@
+ }
  func assertUpdateRoleRequest(c *C, api *ManagementAPI, httpRequest *X509Request, serviceName, deploymentName, roleName, expectedXML string) {
--    expectedURL := (AZURE_URL + api.session.subscriptionId +
++    expectedURL := (defaultManagement + api.session.subscriptionId +
          "/services/hostedservices/" +
          serviceName + "/deployments/" + deploymentName + "/roles/" + roleName)
      checkRequest(
@@ -1100,7 +1100,7 @@
      err := api.CreateAffinityGroup(&request)
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/affinitygroups"
++    expectedURL := defaultManagement + api.session.subscriptionId + "/affinitygroups"
      expectedBody, _ := cag.Serialize()
      checkOneRequest(c, &recordedRequests, expectedURL, "2012-03-01", []byte(expectedBody), "POST")
+ }
@@ -1120,7 +1120,7 @@
      err := api.UpdateAffinityGroup(&request)
      c.Assert(err, IsNil)
--    expectedURL := (AZURE_URL + api.session.subscriptionId +
++    expectedURL := (defaultManagement + api.session.subscriptionId +
          "/affinitygroups/" + request.Name)
      expectedBody, _ := uag.Serialize()
      checkOneRequest(c, &recordedRequests, expectedURL, "2011-02-25", []byte(expectedBody), "PUT")
@@ -1139,7 +1139,7 @@
      err := api.DeleteAffinityGroup(&request)
      c.Assert(err, IsNil)
--    expectedURL := (AZURE_URL + api.session.subscriptionId +
++    expectedURL := (defaultManagement + api.session.subscriptionId +
          "/affinitygroups/" + request.Name)
      checkOneRequest(c, &recordedRequests, expectedURL, "2011-02-25", nil, "DELETE")
+ }
@@ -1206,7 +1206,7 @@
  func assertGetNetworkConfigurationRequest(c *C, api *ManagementAPI, httpRequest *X509Request) {
      expectedURL := fmt.Sprintf(
--        "%s%s/services/networking/media", AZURE_URL,
++        "%s%s/services/networking/media", defaultManagement,
          api.session.subscriptionId)
      checkRequest(c, httpRequest, expectedURL, "2012-03-01", nil, "GET")
+ }
@@ -1245,7 +1245,7 @@
  func assertSetNetworkConfigurationRequest(c *C, api *ManagementAPI, body []byte, httpRequest *X509Request) {
      expectedURL := fmt.Sprintf(
--        "%s%s/services/networking/media", AZURE_URL,
++        "%s%s/services/networking/media", defaultManagement,
          api.session.subscriptionId)
      checkRequest(c, httpRequest, expectedURL, "2012-03-01", body, "PUT")
      // Azure chokes when the content type is text/xml or similar.
 === modified file 'management_test.go'
 --- management_test.go	2013-08-05 12:50:48 +0000
 +++ management_test.go	2013-08-06 08:00:44 +0000
@@ -87,7 +87,7 @@
      c.Assert(record, Not(HasLen), 0)
      expectedURL := fmt.Sprintf(
          "%ssubscriptionId/services/hostedservices/%s?embed-detail=true",
--        AZURE_URL, service.ServiceName)
++        defaultManagement, service.ServiceName)
      c.Check(record[0].URL, Equals, expectedURL)
      c.Check(record[0].Method, Equals, "GET")
+ }
 === modified file 'poller_test.go'
 --- poller_test.go	2013-07-19 16:11:18 +0000
 +++ poller_test.go	2013-08-06 08:00:44 +0000
@@ -19,7 +19,7 @@
  func (suite *pollerSuite) makeAPI(c *C) *ManagementAPI {
      subscriptionId := "subscriptionId"
      subscriptionId = subscriptionId
--    api, err := NewManagementAPI(subscriptionId, "")
++    api, err := NewManagementAPI(subscriptionId, "", "West US")
      c.Assert(err, IsNil)
      return api
+ }
@@ -119,7 +119,7 @@
      _, err := poller.poll()
      c.Assert(err, IsNil)
--    expectedURL := AZURE_URL + api.session.subscriptionId + "/operations/" + operationID
++    expectedURL := defaultManagement + api.session.subscriptionId + "/operations/" + operationID
      checkOneRequest(c, recordedRequests, expectedURL, "2009-10-01", nil, "GET")
+ }
@@ -210,7 +210,7 @@
      c.Assert(err, IsNil)
      c.Assert(response, DeepEquals, secondResponse.response)
      operationPollerInstance := poller.(operationPoller)
--    expectedURL := AZURE_URL + operationPollerInstance.api.session.subscriptionId + "/operations/" + operationID
++    expectedURL := defaultManagement + operationPollerInstance.api.session.subscriptionId + "/operations/" + operationID
      c.Assert(len(recordedRequests), Equals, 2)
      checkRequest(c, recordedRequests[0], expectedURL, "2009-10-01", nil, "GET")
      checkRequest(c, recordedRequests[1], expectedURL, "2009-10-01", nil, "GET")
 === modified file 'storage_base.go'
 --- storage_base.go	2013-08-05 10:53:20 +0000
 +++ storage_base.go	2013-08-06 08:00:44 +0000
@@ -202,9 +202,22 @@
  // request to the storage services API.  It also has an HTTP Client to allow
  // overriding for custom behaviour, during testing for example.
  type StorageContext struct {
++    // Account is a storage account name.
      Account string
--    // Access key: access will be anonymous if the key is the empty string.
--    Key    string
++
++    // Key authenticates the storage account.  Access will be anonymous if this
++    // is left empty.
++    Key string
++
++    // AzureEndpoint specifies a base service endpoint URL for the Azure APIs.
++    // If this is not set, it will default to the international endpoint which
++    // will not work in mainland China.
++    //
++    // Try to set this if at all possible.  Use GetEndpoint() to obtain the
++    // endpoint associated with a given service location, e.g. "West US" or
++    // "North Europe" or "East China".
++    AzureEndpoint APIEndpoint
++
      client *http.Client
+ }
@@ -321,12 +334,13 @@
  // getAccountURL returns the base URL for the context's storage account.
  // (The result ends in a slash.)
  func (context *StorageContext) getAccountURL() string {
--    escapedAccount := url.QueryEscape(context.Account)
--    // Use https.  This does not suffer from the "no renegotiation" bug in
--    // Go's implementation.  It's optional, but it gets around spurious
--    // authentication failures when working through a proxy that messes with
--    // our requests instead of passing them on verbatim.
--    return fmt.Sprintf("https://%s.blob.core.windows.net/", escapedAccount)
++    endpoint := context.AzureEndpoint
++    if endpoint == "" {
++        // No API endpoint specified.  Default to the international one.
++        // This will not work for mainland China.
++        endpoint = GetEndpoint("West US")
++    }
++    return prefixHost(context.Account, endpoint.BlobStorageAPI())
+ }
  // getContainerURL returns the URL for a given storage container.
 === modified file 'storage_base_test.go'
 --- storage_base_test.go	2013-08-05 10:53:20 +0000
 +++ storage_base_test.go	2013-08-06 08:00:44 +0000
@@ -286,13 +286,35 @@
      return MakeRandomString(3) + "?&" + MakeRandomString(3) + "$%"
+ }
--func (suite *TestStorageContext) TestGetAccountURL(c *C) {
++func (suite *TestStorageContext) TestGetAccountURLCombinesAccountAndEndpoint(c *C) {
++    context := StorageContext{
++        Account:       "myaccount",
++        AzureEndpoint: "http://example.com",
++    }
++    c.Check(
++        context.getAccountURL(),
++        Equals,
++        "http://myaccount.blob.example.com")
++}
++
++func (suite *TestStorageContext) TestGetAccountURLEscapesHostname(c *C) {
      account := makeNastyURLUnfriendlyString()
--    context := StorageContext{Account: account}
--    c.Check(
--        context.getAccountURL(),
--        Equals,
--        "https://"+url.QueryEscape(account)+".blob.core.windows.net/")
++    context := StorageContext{
++        Account:       account,
++        AzureEndpoint: "http://example.com",
++    }
++    c.Check(
++        context.getAccountURL(),
++        Equals,
++        "http://"+url.QueryEscape(account)+".blob.example.com")
++}
++
++func (*TestStorageContext) TestGetAccountURLDefaultsToInternationalEndpoint(c *C) {
++    context := StorageContext{Account: "myaccount"}
++    c.Check(
++        context.getAccountURL(),
++        Equals,
++        "https://myaccount.blob.core.windows.net/")
+ }
  func (suite *TestStorageContext) TestGetContainerURL(c *C) {
 === modified file 'x509dispatcher_test.go'
 --- x509dispatcher_test.go	2013-07-30 05:24:42 +0000
 +++ x509dispatcher_test.go	2013-08-06 08:00:44 +0000
@@ -49,7 +49,7 @@
      server := makeRecordingHTTPServer(httpRequests, http.StatusOK, nil, nil)
      defer server.Close()
      // No real certificate needed since we're testing on http, not https.
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      path := "/foo/bar"
      version := "test-version"
@@ -74,7 +74,7 @@
      server := makeRecordingHTTPServer(httpRequests, http.StatusOK, responseBody, nil)
      defer server.Close()
      // No real certificate needed since we're testing on http, not https.
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      path := "/foo/bar"
      version := "test-version"
@@ -98,7 +98,7 @@
      server := makeRecordingHTTPServer(httpRequests, http.StatusOK, nil, nil)
      defer server.Close()
      // No real certificate needed since we're testing on http, not https.
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      path := "/foo/bar"
      version := "test-version"
@@ -122,7 +122,7 @@
      server := makeRecordingHTTPServer(httpRequests, http.StatusOK, responseBody, nil)
      defer server.Close()
      // No real certificate needed since we're testing on http, not https.
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      path := "/foo/bar"
      version := "test-version"
@@ -151,7 +151,7 @@
      serveMux.HandleFunc("/", returnRequest)
      server := httptest.NewServer(serveMux)
      defer server.Close()
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      path := "/foo/bar"
      request := newX509RequestGET(server.URL+path, "testversion")
 === modified file 'x509session.go'
 --- x509session.go	2013-07-22 12:53:27 +0000
 +++ x509session.go	2013-08-06 08:00:44 +0000
@@ -15,13 +15,14 @@
      subscriptionId string
      certFile       string
      client         *http.Client
++    baseURL        *url.URL
+ }
  // newX509Session creates and returns a new x509Session based on credentials
  // and X509 certificate files.
  // For testing purposes, certFile can be passed as the empty string and it
  // will be ignored.
--func newX509Session(subscriptionId string, certFile string) (*x509Session, error) {
++func newX509Session(subscriptionId, certFile, location string) (*x509Session, error) {
      certs := []tls.Certificate{}
      if certFile != "" {
          //
@@ -39,16 +40,21 @@
          },
+     }
++    endpointURL := GetEndpoint(location).ManagementAPI()
++    baseURL, err := url.Parse(endpointURL)
++    if err != nil {
++        panic(fmt.Errorf("cannot parse Azure endpoint URL '%s' - %v", endpointURL, err))
++    }
++
      session := x509Session{
          subscriptionId: subscriptionId,
          certFile:       certFile,
          client:         &client,
++        baseURL:        baseURL,
+     }
      return &session, nil
+ }
--var AZURE_URL = "https://management.core.windows.net/"
--
  // composeURL puts together a URL for an item on the Azure API based on
  // the starting point used by the session, and a given relative path from
  // there.
@@ -56,16 +62,12 @@
      if strings.HasPrefix(path, "/") {
          panic(fmt.Errorf("got absolute API path '%s' instead of relative one", path))
+     }
--    azureURL, err := url.Parse(AZURE_URL)
--    if err != nil {
--        panic(err)
--    }
      escapedID := url.QueryEscape(session.subscriptionId)
      pathURL, err := url.Parse(escapedID + "/" + path)
      if err != nil {
          panic(err)
+     }
--    return azureURL.ResolveReference(pathURL).String()
++    return session.baseURL.ResolveReference(pathURL).String()
+ }
  // _X509Dispatcher is the function used to dispatch requests.  We call the
 === modified file 'x509session_test.go'
 --- x509session_test.go	2013-07-19 16:11:18 +0000
 +++ x509session_test.go	2013-08-06 08:00:44 +0000
@@ -17,6 +17,10 @@
      "time"
+ )
++// defaultManagement is the international management API for Azure.
++// (Mainland China gets a different URL).
++const defaultManagement = "https://management.core.windows.net/"
++
  // x509DispatcherFixture records the current x509 dispatcher before a test,
  // and restores it after.  This gives your test the freedom to replace the
  // dispatcher with test doubles, using any of the rig*Dispatcher functions.
@@ -104,20 +108,22 @@
      return certFile, keyFile
+ }
--func (suite *x509SessionSuite) TestNewX509SessionCreation(c *C) {
--    _, err := newX509Session("subscriptionid", "")
++func (suite *x509SessionSuite) TestNewX509Session(c *C) {
++    session, err := newX509Session("subscriptionid", "", "China East")
      c.Assert(err, IsNil)
++    c.Assert(session.baseURL, NotNil)
++    c.Check(session.baseURL.String(), Equals, GetEndpoint("China East").ManagementAPI())
+ }
  func (suite *x509SessionSuite) TestComposeURLComposesURLWithRelativePath(c *C) {
      const subscriptionID = "subscriptionid"
      const path = "foo/bar"
--    session, err := newX509Session(subscriptionID, "")
++    session, err := newX509Session(subscriptionID, "", "West US")
      c.Assert(err, IsNil)
      url := session.composeURL(path)
--    c.Check(url, Matches, AZURE_URL+subscriptionID+"/"+path)
++    c.Check(url, Matches, defaultManagement+subscriptionID+"/"+path)
+ }
  func (suite *x509SessionSuite) TestComposeURLRejectsAbsolutePath(c *C) {
@@ -126,7 +132,7 @@
          c.Assert(err, NotNil)
          c.Check(err, ErrorMatches, ".*absolute.*path.*")
      }()
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      // This panics because we're passing an absolute path.
@@ -136,7 +142,7 @@
  func (suite *x509SessionSuite) TestGetServerErrorProducesServerError(c *C) {
      msg := "huhwhat"
      status := http.StatusNotFound
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      err = session.getServerError(status, []byte{}, msg)
@@ -152,7 +158,7 @@
          http.StatusOK,
          http.StatusNoContent,
+     }
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      for _, status := range goodCodes {
@@ -170,7 +176,7 @@
          http.StatusInternalServerError,
          http.StatusNotImplemented,
+     }
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      c.Assert(err, IsNil)
      for _, status := range badCodes {
@@ -181,7 +187,7 @@
  func (suite *x509SessionSuite) TestGetIssuesRequest(c *C) {
      subscriptionID := "subscriptionID"
      uri := "resource"
--    session, err := newX509Session(subscriptionID, "")
++    session, err := newX509Session(subscriptionID, "", "West US")
      c.Assert(err, IsNil)
      // Record incoming requests, and have them return a given reply.
      fixedResponse := x509Response{
@@ -198,14 +204,14 @@
      c.Assert(len(recordedRequests), Equals, 1)
      request := recordedRequests[0]
--    c.Check(request.URL, Equals, AZURE_URL+subscriptionID+"/"+uri)
++    c.Check(request.URL, Equals, defaultManagement+subscriptionID+"/"+uri)
      c.Check(request.Method, Equals, "GET")
      c.Check(request.APIVersion, Equals, version)
      c.Check(*receivedResponse, DeepEquals, fixedResponse)
+ }
  func (suite *x509SessionSuite) TestGetReportsClientSideError(c *C) {
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      msg := "could not dispatch request"
      rigFailingDispatcher(fmt.Errorf(msg))
@@ -217,7 +223,7 @@
+ }
  func (suite *x509SessionSuite) TestGetReportsServerSideError(c *C) {
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      fixedResponse := x509Response{
          StatusCode: http.StatusForbidden,
          Body:       []byte("Body"),
@@ -238,7 +244,7 @@
      version := "test-version"
      requestBody := []byte("Request body")
      requestContentType := "bogusContentType"
--    session, err := newX509Session(subscriptionID, "")
++    session, err := newX509Session(subscriptionID, "", "West US")
      c.Assert(err, IsNil)
      // Record incoming requests, and have them return a given reply.
      fixedResponse := x509Response{
@@ -254,7 +260,7 @@
      c.Assert(len(recordedRequests), Equals, 1)
      request := recordedRequests[0]
--    c.Check(request.URL, Equals, AZURE_URL+subscriptionID+"/"+uri)
++    c.Check(request.URL, Equals, defaultManagement+subscriptionID+"/"+uri)
      c.Check(request.Method, Equals, "POST")
      c.Check(request.APIVersion, Equals, version)
      c.Check(request.ContentType, Equals, requestContentType)
@@ -263,7 +269,7 @@
+ }
  func (suite *x509SessionSuite) TestPostReportsClientSideError(c *C) {
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      msg := "could not dispatch request"
      rigFailingDispatcher(fmt.Errorf(msg))
@@ -275,7 +281,7 @@
+ }
  func (suite *x509SessionSuite) TestPostReportsServerSideError(c *C) {
--    session, err := newX509Session("subscriptionid", "")
++    session, err := newX509Session("subscriptionid", "", "West US")
      fixedResponse := x509Response{
          StatusCode: http.StatusForbidden,
          Body:       []byte("Body"),
@@ -294,7 +300,7 @@
      subscriptionID := "subscriptionID"
      uri := "resource"
      version := "test-version"
--    session, err := newX509Session(subscriptionID, "")
++    session, err := newX509Session(subscriptionID, "", "West US")
      c.Assert(err, IsNil)
      // Record incoming requests, and have them return a given reply.
      fixedResponse := x509Response{StatusCode: http.StatusOK}
@@ -308,7 +314,7 @@
      c.Check(*response, DeepEquals, fixedResponse)
      c.Assert(len(recordedRequests), Equals, 1)
      request := recordedRequests[0]
--    c.Check(request.URL, Equals, AZURE_URL+subscriptionID+"/"+uri)
++    c.Check(request.URL, Equals, defaultManagement+subscriptionID+"/"+uri)
      c.Check(request.Method, Equals, "DELETE")
      c.Check(request.APIVersion, Equals, version)
+ }
@@ -318,7 +324,7 @@
      uri := "resource"
      version := "test-version"
      requestBody := []byte("Request body")
--    session, err := newX509Session(subscriptionID, "")
++    session, err := newX509Session(subscriptionID, "", "West US")
      c.Assert(err, IsNil)
      // Record incoming requests, and have them return a given reply.
      fixedResponse := x509Response{
@@ -333,7 +339,7 @@
      c.Assert(len(recordedRequests), Equals, 1)
      request := recordedRequests[0]
--    c.Check(request.URL, Equals, AZURE_URL+subscriptionID+"/"+uri)
++    c.Check(request.URL, Equals, defaultManagement+subscriptionID+"/"+uri)
      c.Check(request.Method, Equals, "PUT")
      c.Check(request.APIVersion, Equals, version)
      c.Check(request.Payload, DeepEquals, requestBody)