堆栈内存溢出
  简体   繁体   English

如何生成要在我的JavaScript文件中使用的Azure表授权令牌

[英]How do I generate a Azure table authorization token to use in my javascript file

 原文  2018-11-12 22:16:36       javascript/ azure/ azure-storage/ azure-table-storage

问题描述

I want to make calls to my Azure storage table from my Javascript file. 我想从我的Javascript文件调用我的Azure存储表。

Requirements - 1. no time expiration in the key. 要求-1.密钥中没有时间到期。 2. Only read access 2.仅读取访问

I don't want a SAS token because it is time based, so I need to generate a access key or something I can pass into the JS API with this limited read only access. 我不想要SAS令牌,因为它是基于时间的,因此我需要生成访问密钥或可以通过此有限的只读访问权限传递给JS API的内容。

But working within my Azure dashboard, I can't seem to figure it out. 但是在我的Azure仪表板中工作时,我似乎无法弄清楚。 Under my tables, I can see my access keys and connection strings. 在表格下,我可以看到访问键和连接字符串。 I can also generate a access policy for my table with just read permission. 我还可以使用只读权限为我的表生成访问策略。

Not sure how to combine the two... 不确定如何将两者结合...

1 个解决方案

解决方案1
 1 已采纳  2018-11-13 02:20:53

If the solution need to meet the two requirements, I think it is impossible to do that. 如果解决方案需要满足两个要求,我认为是不可能的。

The access policy just provides an additional level of control over service-level SAS on the server side and it is also time based, it will expiry. 访问策略仅提供对服务器端服务级别SAS的附加控制级别,它也是基于时间的,它将到期。

If your case is for Blob and Queue storage, you can use RBAC to meet your requirements, register an AD App, add it as a Reader role in the Access Control (IAM) of the container or queue, and generate the access token with the AD App. 如果您的案例涉及Blob队列存储,则可以使用RBAC来满足您的要求,注册一个AD App,将其添加为容器或队列的Access Control (IAM)中的Reader角色,并使用以下命令生成访问令牌:广告应用程序。 Even so, the access token will also expiry, but the permission of the AD App to the Blob or Queue will not expiry, you just need to generate the token again with your code when necessary. 即使这样,访问令牌也将过期,但是AD App对Blob或队列的许可也不会过期,您只需要在必要时用代码再次生成令牌即可。 If you want to absolute permanent, I think you could just use storage key nowadays. 如果您想绝对永久使用,我认为您现在可以使用存储密钥。

For the Table storage, the RBAC is not supported currently, I found a feedback here , you could vote it. 对于存储,当前不支持RBAC ,我在这里找到了反馈,您可以投票。 May be it will be supported in the future, until then, you could refer to the steps above, the logic should be similar. 也许将来会支持,直到那时,您可以参考上面的步骤,逻辑应该相似。

Edit : 编辑

The above answer is for the requirement of absolute permanent ( no time expiration in the key as you said), if you can accept the very far expiry time , like @Jerry mentioned, just specific the expiry time of a far time, like 3000-11-13, I think it will work fine. 上面的答案是对绝对永久性的要求(如您所说的,密钥中没有时间到期),如果您可以接受很长的到期时间 (如@Jerry所述),则只需指定一段很长的到期时间 ,例如3000- 11-13,我认为它将正常工作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何让我的代码为用户授权和许可生成 JWT 令牌? - How can I make my code to generate JWT token for user authorization and permission? 在这种情况下,如何使用JavaScript生成充满数据的表行? - How do I generate table rows full of data with Javascript in this case? 如何更改我的代码以在 javascript 中生成方格板? - How do I alter my code to generate a checkered board in javascript? 如何在JavaScript代码中生成随机数? - How do I generate a random number within my javascript code? 如何将令牌值存储到本地javascript文件中 - How can i store token value into my local javascript file 如何使用我的 Spotify api 令牌? - How do I use my spotify api token? 我如何通过 ApiSauce 传递不记名授权令牌 - How do i pass a bearer authorization token with ApiSauce 如何将Blade变量传递给vue实例,以便可以在JavaScript文件中使用它? - How do I pass a blade variable to a vue instance so I can use it in my JavaScript file? 如何过滤显示为表格的JavaScript常量? - How do I filter my javascript constant that I displayed as a table? 如何使用javascript读取文本文件并将其显示在我的网站上? - How do i use javascript to read a text file and display it on my website?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM