[英]Authentication Failed in REST api call to PUT Blob in Azure Storage [REST][Azure Blob]
[英]Signature authentication failed when call API to Azure File Storage
從 Azure 文件存儲調用文件時,我試圖在 API 標頭中創建一個有效的簽名。 返回有錯誤:
/*I have rewritten all accounts and keys to fake*/
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:aea05260-xxxx-xxxx-xxxx-xxxx58000000
Time:2022-06-30T03:26:24.1626176Z</Message>
<AuthenticationErrorDetail>The MAC signature found in the HTTP request 'ZmEyNjY0YmUwNWNjYmI2MmE1NTI2MDBjOGUyNTE2OTY0NmUzMjQ3NTU3Y2EwN2JhMmY3NmI5NmRiNDkxMzU2NA==
' is not the same as any computed signature. Server used following string to sign: 'GET
0
x-ms-date:Thu, 30 Jun 2022 03:24:00 GMT
x-ms-version:2014-02-14
/testgetfilestorage/integration/testfolder/abc123.xml'.</AuthenticationErrorDetail>
</Error>
我有 Azure 文件存儲帳戶和密鑰,它可以在 Microsoft Azure 存儲資源管理器上正常讀取/下載文件,但我不確定創建簽名時出了什么問題,以下是我在 Postman 上測試 REST API 的方法:
/*I have rewritten all accounts and keys to fake*/
On Postman:
URL:
GET https://testgetfilestorage.file.core.windows.net/integration/testfolder/abc123.xml
Header:
x-ms-version:2014-02-14
x-ms-date:Thu, 30 Jun 2022 03:24:00 GMT
Authorization:SharedKey testgetfilestorage:ZmEyNjY0YmUwNWNjYmI2MmE1NTI2MDBjOGUyNTE2OTY0NmUzMjQ3NTU3Y2EwN2JhMmY3NmI5NmRiNDkxMzU2NA==
根據 Microsoft Doc authorize-with-shared-key ,我按照步驟創建簽名,即
/*I have rewritten all accounts and keys to fake*/
Signature=Base64(HMAC-SHA256(UTF8(StringToSign), Base64.decode(<your_azure_storage_account_shared_key>)))
/*My parameters as follow*/
StringToSign = 'GET\n\n\n0\n\n\n\n\n\n\n\n\nx-ms-date:Thu, 30 Jun 2022 03:24:00 GMT\nx-ms-version:2014-02-14\n/testgetfilestorage/integration/testfolder/abc123.xml'
your_azure_storage_account_shared_key = 'TRE/abcabcabcabc90+YCabcabcabcabcabcabcabcabcabcabcabcabcabcR2NC7i5WREgBAjNivlhwGhwmZQ=='
The steps I create the signature:
1. Signature=Base64(HMAC-SHA256(UTF8(GET\n\n\n0\n\n\n\n\n\n\n\n\nx-ms-date:Thu, 30 Jun 2022 03:24:00 GMT\nx-ms-version:2014-02-14\n/testgetfilestorage/integration/testfolder/abc123.xml), Base64.decode(TRE/abcabcabcabc90+YCabcabcabcabcabcabcabcabcabcabcabcabcabcR2NC7i5WREgBAjNivlhwGhwmZQ==)))
2. Signature=Base64(HMAC-SHA256(GET\n\n\n0\n\n\n\n\n\n\n\n\nx-ms-date:Thu, 30 Jun 2022 03:24:00 GMT\nx-ms-version:2014-02-14\n/testgetfilestorage/integration/testfolder/abc123.xml, M?i·mÆ›q¦Ü÷O˜ ¦Üi·mÆ›q¦Üi·mÆ›q¦Üi·mÆ›q¦ÜGcBî.VDH3b¾Xp&e))
3. Signature=Base64(fa2664be05ccbb62a552600c8e25169646e3247557ca07ba2f76b96db4913564)
4. Signature=ZmEyNjY0YmUwNWNjYmI2MmE1NTI2MDBjOGUyNTE2OTY0NmUzMjQ3NTU3Y2EwN2JhMmY3NmI5NmRiNDkxMzU2NA==
請告知我在創建簽名時做錯了什么。
服務器未能驗證請求。 確保 Authorization 標頭的值正確形成,包括簽名。
出現此錯誤的原因有很多,下面是其中的一些,
! $ & ' ( ) * , : ; = @
) 是 blob 路徑名的一部分,請務必在路徑上重新檢查一次URL encoding
。Account key
區分大小寫,請務必重新檢查大小寫。 感謝@Gaurav Mantri
和@Adam Sorrin - MSFT
,您可以在此處遵循以下參考。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.