AzureStorage:服务器未能对请求进行身份验证。 确保 Authorization header 的值正确形成,包括签名
[英]AzureStorage: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
问题描述
I almost went through all the SO answers related to this and other forums but I am still not able to figure out the actual issue.
我几乎浏览了与此论坛和其他论坛相关的所有 SO 答案,但我仍然无法弄清楚实际问题。 This app is console app which will be deployed on On-Premise environment and will upload files to Azure blob.此应用程序是控制台应用程序,将部署在本地环境中,并将文件上传到 Azure blob。
I am using WindowsAzure.Storage 9.3.3 with code below.我正在使用带有以下代码的 WindowsAzure.Storage 9.3.3。
static void CreateBlob(string accountName, string containerName, string blobName, string accessToken)
{
var tokenCredential = new TokenCredential(accessToken);
var storageCredentials = new StorageCredentials(tokenCredential);
var storageAccount = new CloudStorageAccount(storageCredentials, accountName, string.Empty, useHttps: true);
var cloudBlobClient = storageAccount.CreateCloudBlobClient();
var cloudBlobContainer = cloudBlobClient.GetContainerReference(containerName);
CloudBlockBlob blockBlob = cloudBlobContainer.GetBlockBlobReference(blobName);
string blobContents = "Blob created by Azure AD authenticated user.";
byte[] byteArray = Encoding.ASCII.GetBytes(blobContents);
try
{
using (MemoryStream stream = new MemoryStream(byteArray))
{
blockBlob.UploadFromStreamAsync(stream).Wait();
}
Console.WriteLine("upload successful");
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
Console.ReadLine();
}
}
And to get the token like below.并获得如下所示的令牌。
public static string GetOAuthToken(string activeDirectoryTenantId, string
activeDirectoryApplicationSecret, string activeDirectoryApplicationId)
{
string resourceId = $"https://storage.azure.com";
var authority = String.Format("https://login.windows.net/" + activeDirectoryTenantId);
var credential = new ClientCredential(activeDirectoryApplicationId, activeDirectoryApplicationSecret);
var context = new AuthenticationContext(authority);
var result = context.AcquireTokenAsync(resourceId, credential).Result;
return result.AccessToken;
}
Could any one please suggest what I might be missing?有人可以建议我可能缺少什么吗?
P/SI have already confirmed my local system is in sync with correct UTC time. P/SI 已经确认我的本地系统与正确的 UTC 时间同步。
1 个解决方案
解决方案1
1 已采纳 2020-12-11 06:58:09
I tried with the code in your issue, it uploaded blob successfully.我尝试使用您问题中的代码,它成功上传了 blob。
Note:笔记:
- Assign
Storage Blob Data Contributorrole to the application将Storage Blob Data Contributor角色分配给应用程序
Navigate to Storage account -> Access Control (IAM) -> Add role assignment导航到存储帐户 -> 访问控制 (IAM) -> 添加角色分配
- Grant your registered app permissions to Azure Storage following this step .按照此步骤授予您注册的应用程序对 Azure 存储的权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.