[英]Azure Storage SAS signature does not match, how can I generate SAS token?
我在生成 SAS 令牌以下载 Azure 存储文件时遇到了一些问题。 以下生成一个不起作用的 URI。 我收到的错误消息是Signature did not match ,我不确定为什么。
有没有人生成 SAS 令牌,并手动匹配签名?
static void Main(string[] args)
{
var sas = generateSAS
(
key, // Azure portal very secret ^-^
keyName, // Azure portal, example: key1
resourceUri, // example: https://myaccount.blob.core.windows.net/emails/email.pdf
resourcePath // example: /blob/myaccount/emails/email.pdf
);
}
private static string generateSAS(string key, string keyName, string uri, string path)
{
var permissions = "r";
var startTime = DateTime.UtcNow;
var endTime = DateTime.UtcNow.AddSeconds(60 * 2);
var canonicalizedresource = path;
var signedidentifier = keyName;
var signedversion = "2012-02-12";
var stringToSign = permissions + "\n" +
startTime.ToUniversalTime().ToString("u").Replace(" ", "T") + "\n" +
endTime.ToUniversalTime().ToString("u").Replace(" ", "T") + "\n" +
canonicalizedresource + "\n" +
signedidentifier + "\n" +
signedversion;
HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
return string.Format(CultureInfo.InvariantCulture, "{0}?sp={1}&st={2}&se={3}&spr={4}&sv={5}&sr={6}&si={7}&sig={8}",
uri,
permissions,
startTime.ToUniversalTime().ToString("u").Replace(" ", "T"),
endTime.ToUniversalTime().ToString("u").Replace(" ", "T"),
"https",
signedversion,
"b",
keyName,
HttpUtility.UrlEncode(signature));
}
请尝试下面的代码,它会为我生成一个有效的 sas 令牌:
private static string generateSAS(string resourceUri, string account_name, string key)
{
var accountName = account_name;
var accountKey = key;
var start = DateTime.UtcNow.AddHours(-2).ToString("yyyy-MM-ddTHH:mm:ssZ");
var end = DateTime.UtcNow.AddHours(2).ToString("yyyy-MM-ddTHH:mm:ssZ");
var permission = "rwdlac";
var serviceType = "b";
var resourceTypes = "sco";
var protocol = "https";
var serviceVersion = "2019-02-02";
//here is the difference from your code.
var stringToSign = string.Format("{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n",accountName, permission,serviceType,resourceTypes,start,end,"",protocol,serviceVersion);
HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(accountKey));
string signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
var sasToken = string.Format("?sv={0}&ss={1}&srt={2}&sp={3}&se={4}&st={5}&spr={6}&sig={7}", serviceVersion,
serviceType, resourceTypes, permission, end, start, protocol, HttpUtility.UrlEncode(signature));
var urlToListTables = resourceUri + sasToken;
return urlToListTables;
}
问题很可能与以下代码行有关:
HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
请将其更改为:
HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(key));
Azure Blob 存储共享访问签名 (SAS) - 签名不匹配
[英]Azure Blob Storage Shared Access Signature (SAS) - Signature did not match
我如何确定 SAS 令牌是否已针对 Azure Blob 存储容器访问过期?
[英]How can i determine if a SAS Token has already expired for Azure Blob Storage Container Access?
如何生成将Content-Length标头限制为特定值的Azure SAS签名?
[英]How do I generate an Azure SAS signature constraining Content-Length header to certain value?
如何从C#代码生成Azure Table Service SAS令牌?
[英]How to generate the Azure Table Service SAS token from c# code?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.