[英]Access Azure Blob storage of a user using oauth2 token obtained
In Azure blob storage what I need is to get the access token when a user signs into his account, and by using this access token to perform list/upload/download the files in user blob storage.(Similar to what we can do in Dropbox/Google drive).在 Azure blob 存储中,我需要的是在用户登录他的帐户时获取访问令牌,并通过使用此访问令牌来执行列表/上传/下载用户 blob 存储中的文件。(类似于我们在 Dropbox 中可以执行的操作/谷歌驱动器)。 Using the given request user authentication I am getting the code,
使用给定的请求用户身份验证我得到了代码,
https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id=client_id&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F&response_mode=query&scope=openid%20offline_access%20https%3A%2F%2Fstorage.azure.com%2Fuser_impersonation&state=12345
And the code is used to get the token using the below request该代码用于使用以下请求获取令牌
POST /{tenant}/oauth2/v2.0/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=client_id&scope=openid%20offline_access%20https%3A%2F%2Fstorage.azure.com%2Fuser_impersonation&code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F&grant_type=authorization_code&client_secret=client_secret
But when I call get request to list using https://account_name.blob.core.windows.net/container_name?restype=container&comp=list
I am getting server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
但是,当我使用
https://account_name.blob.core.windows.net/container_name?restype=container&comp=list
调用 get 请求列出时,我发现server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
. server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
。 How to access the files in the blob storage using the token obtained?如何使用获得的令牌访问 blob 存储中的文件? Can we do this using python?
我们可以使用python来做到这一点吗?
If you want to access Azure blob storage with Azure AD, please refer to the following steps:如果要使用 Azure AD 访问 Azure blob 存储,请参考以下步骤:
Register Azure AD application注册 Azure AD 应用程序
Configure Azure APplication配置 Azure 应用程序
Configure RABC role for the user为用户配置 RABC 角色
az role assignment create \
--role "Storage Blob Data Contributor" \
--assignee <email> \
--scope "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>
https://login.microsoftonline.com/<tenant>/oauth2/v2.0/authorize? client_id=<> &response_type=code &redirect_uri=http://localhost:3000/ &response_mode=query &scope=https://storage.azure.com/user_impersonation &state=12345
b.Post https://login.microsoftonline.com/<>/oauth2/v2.0/token client_id=<> &scope=https://storage.azure.com/user_impersonation &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr... &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F &grant_type=authorization_code &client_secret=<>
Get https://myaccount.blob.core.windows.net/mycontainer/myblob
Headers :
Authorization: Bearer <>
x-ms-version: 2019-02-02
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.