堆栈内存溢出
  简体   繁体   English

使用最新的 azure 版本生成 SAS uri 时出错

[英]Getting error while generating SAS uri using latest azure version

 原文  2022-09-27 11:43:08       c#/ azure/ azure-blob-storage

问题描述

this.container = new BlobContainerClient(new Uri(connectionString), new DefaultAzureCredential());
BlobServiceClient blobServiceClient =  this.container.GetParentBlobServiceClient();

Azure.Storage.Blobs.Models.UserDelegationKey userDelegationKey = blobServiceClient.GetUserDelegationKey(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(1));

foreach (DataRow row in dt.Rows)
{                   
    string path = folderName + "/" + row.ItemArray[7] + "/" + row.ItemArray[0] + ".png";
    BlobClient blobClient = this.container.GetBlobClient(path);
    bool isexists = blobClient.Exists();

    if(isexists)
    {
        BlobSasBuilder sasBuilder = new BlobSasBuilder()
        {
            BlobContainerName = blobClient.BlobContainerName,
            BlobName = blobClient.Name,
            Resource = "b",
            StartsOn = DateTimeOffset.UtcNow,
            ExpiresOn = DateTimeOffset.UtcNow.AddDays(1)
        };
        
        // Specify read and write permissions for the SAS.
        sasBuilder.SetPermissions(BlobSasPermissions.Read | BlobSasPermissions.Write);
        
        // Add the SAS token to the blob URI.
        BlobUriBuilder blobUriBuilder = new BlobUriBuilder(blobClient.Uri)
        {
            // Specify the user delegation key.
            Sas = sasBuilder.ToSasQueryParameters(userDelegationKey, blobServiceClient.AccountName)
        };
    }
}

I need to generate SAS uri for each blob but getting Authorization Mismatch error on GetUserDelegationKey Is there any access which is missing or anything else which I need to do.我需要为每个 blob 生成 SAS uri,但在 GetUserDelegationKey 上出现授权不匹配错误是否有任何丢失的访问权限或我需要做的任何其他事情。

1 个解决方案

解决方案1
 0  2022-10-03 11:53:00

I tried reproduce in my environment and got below results:我尝试在我的环境中重现并得到以下结果:

Authorisation mismatch error:

  • Check your SAS permission whether you are trying to do a write operation with a SAS which only permits read.检查您的SAS权限是否尝试使用仅允许读取的 SAS 执行写入操作。
  • Check your RBAC permissions Whether trying to do a write operation while user does not have necessary RBAC permissions on the object.检查您的RBAC权限 是否在用户对 object 没有必要的 RBAC 权限时尝试执行写操作。在此处输入图像描述

Also check the Access control(IAM) which is in storage blob contributor role还要检查storage blob contributor role中的访问控制 (IAM)

在此处输入图像描述

Code:代码:

using Azure.Identity;
using Azure.Storage;
using Azure.Storage.Blobs;
using Azure.Storage.Blobs.Models;
using Azure.Storage.Blobs.Specialized;
using Azure.Storage.Sas;
namespace SAStoken
{
    class Program
    {
        private static void Main()
        {
            var storageAccountUriString = $"https://storage1326.blob.core.windows.net";
            var credential = new DefaultAzureCredential();

            var blobServiceClient = new BlobServiceClient(new Uri(storageAccountUriString), credential);

            var userDelegationKey = blobServiceClient.GetUserDelegationKey(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(1));


            var blobContainerClient = blobServiceClient.GetBlobContainerClient("container1");  //container name
            var blobClient = blobContainerClient.GetBlobClient("folder1"); // my image blob name

            var sasBuilder = new BlobSasBuilder()
            {
                BlobContainerName = blobClient.BlobContainerName,
                BlobName = blobClient.Name,
                Resource = "b", // b for blob, c for container
                StartsOn = DateTimeOffset.UtcNow,
                ExpiresOn = DateTimeOffset.UtcNow.AddHours(4),
            };


            sasBuilder.SetPermissions(BlobSasPermissions.Read | BlobSasPermissions.Write); // read  write permissions

            BlobUriBuilder blobUriBuilder = new BlobUriBuilder(blobClient.Uri)
            {
                // Specify the user delegation key.
                Sas = sasBuilder.ToSasQueryParameters(userDelegationKey, blobServiceClient.AccountName)
            };

            Console.WriteLine("Blob user delegation SAS URI: {0}", blobUriBuilder);
        }
         
    }
}

Console:安慰:在此处输入图像描述

Output: Output:在此处输入图像描述

Reference: Create a user delegation SAS - Azure Storage |参考: 创建用户委托 SAS - Azure 存储 | Microsoft Learn 微软学习

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 更新到最新版本Azure SDK后出错 - Error after updating to the latest version Azure SDK 从 Azure SAS URI 创建 BlobContainerClient - Create BlobContainerClient from Azure SAS URI 使用WMI在HyperV VM上应用最新快照时出现错误32775 - Getting error 32775 while applying latest snapshot on HyperV VM using WMI 创建一个使用 Azure 函数(HTTP 触发器)将图像发布到 Azure Blob 容器并使用 SAS 返回同一图像的 URI 的 Web 服务 - create a web service which uses Azure Functions (HTTP Trigger) to Post images to a Azure Blob Container and return the URI of the same image using SAS 如何使用 SAS 解决 Azure 事件中心中的授权错误 (401)? - How to solve Authorization error (401) in Azure Event Hubs using SAS? 使用ItextSharp生成PDF时出错 - Error While Generating PDF using ItextSharp 从TFS获取最新版本时看不到某些CS文件 - can't see some cs files while Getting Latest Version from TFS 生成元数据时出错 - Error while generating metadata 使用http:// localhost时出现错误“无效的uri” - Getting error “invalid uri” when using http://localhost HTML 至 PDF 使用 ironPDF 在 AZURE WEBAPP 中出现错误:- 部署 Chrome 依赖项时出错 [问题代码 IRONPDF-CHROME-DEPLOYMENT-ERROR] - HTML to PDF using ironPDF getting error in AZURE WEBAPP:- Error while deploying Chrome dependencies [Issue Code IRONPDF-CHROME-DEPLOYMENT-ERROR]
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM