0

使用 Azure 管理 API 访问存储帐户,我使用 TokenCloudCredentials 进行身份验证。这适用于资源管理下的存储帐户,但不适用于经典存储帐户。

尝试使用 TokenCloudCredentials 在经典存储帐户客户端上执行任何方法时,我收到以下错误消息:

ForbiddenError:服务器未能对请求进行身份验证。验证证书是否有效并与此订阅相关联。

现在是代码 - Azure 资源管理器的工作方法

var clientId = "{clientID}";
var tenant = "{tenant GUID}";
var pw = "{password}";
var authenticationContext = new AuthenticationContext("https://login.windows.net/" + tenant);
var credential = new ClientCredential(clientId , pw);
Task<AuthenticationResult> tskGetToken = authenticationContext.AcquireTokenAsync(resource: "https://management.core.windows.net/", credential);
        AuthenticationResult token = tskGetToken.Result;
SubscriptionCloudCredentials creds = new TokenCloudCredentials("{subscription id}", token.AccessToken);
StorageManagementClient smc = new StorageManagementClient(creds);
Task<StorageAccountListKeysResponse> tskTargetKeysSource = smc.StorageAccounts.ListKeysAsync("{resource group}", "{storage account name");
            while (tskTargetKeysSource.Status != TaskStatus.RanToCompletion)
            {
                if (tskTargetKeysSource.Exception != null)
                    throw tskTargetKeysSource.Exception;
                Console.WriteLine("Running - Getting target storage account Storage Key");
                Thread.Sleep(2500);
            }

这有效,我收到了存储密钥。

Azure 经典存储的损坏方法:

var clientId = "{clientID}";
var tenant = "{tenant GUID}";
var pw = "{password}";
var authenticationContext = new AuthenticationContext("https://login.windows.net/" + tenant);
var credential = new ClientCredential(clientId , pw);
Task<AuthenticationResult> tskGetToken = authenticationContext.AcquireTokenAsync(resource: "https://management.core.windows.net/", credential);
        AuthenticationResult token = tskGetToken.Result;
SubscriptionCloudCredentials creds = new TokenCloudCredentials("{subscription id}", token.AccessToken);
Microsoft.WindowsAzure.Management.Storage.StorageManagementClient classicSmc = new Microsoft.WindowsAzure.Management.Storage.StorageManagementClient(creds);
Task<StorageAccountGetKeysResponse> tskSourceKeysSource = classicSmc.StorageAccounts.GetKeysAsync("{storage account name}", new CancellationToken());
            while (tskSourceKeysSource.Status != TaskStatus.RanToCompletion)
            {
                if (tskSourceKeysSource.Exception != null)
                    throw tskSourceKeysSource.Exception;  // Exception thrown here
                Console.WriteLine("Running - Getting source storage account Storage Key");
                Thread.Sleep(2500);
            }

我不确定有什么区别。我正在编写的应用程序在 Azure Active Directory 中具有适当的权限,并且它对适当的资源(存储帐户、资源组等)具有权限。这些操作也使用相同的订阅。

4

0 回答 0