0

我的主要目标是为文件创建一个 SAS url(没有天蓝色库)。我尝试使用 blob 创建 azure storage SAS,一切正常。当我尝试在 File 中执行相同操作时,出现错误。这是我的代码:

string azAccName = "AccountName";
string resource = "/upgfile/prt.png";
string endPoint = "https://" + azAccName + ".file.core.windows.net";
string uri = endPoint + resource;
string _now = DateTime.UtcNow.ToString("s") + "Z";    
string _noww = DateTime.UtcNow.AddHours(3).AddMinutes(5).ToString("s") + "Z";
string StorageKey = "xxx";

string signedpermissions = "r";
string signedstart = _now;//"2017-02-14"; //yyyy-mm--dd
string signedexpiry = _noww;// "2017-02-14";
string canonicalizedresource = "/file/" + azAccName + resource; //"/blob/myaccount/music/intro.mp3"
string signedidentifier = ""; //YWJjZGVmZw==
string signedIP = "";
string signedProtocol = "https";
string signedversion = "2015-02-21";
string rscc = "";  //Cache-Control
string rscd = "file; attachment";  //Content-Disposition               
string rsce = "";  //Content-Encoding
string rscl = "";  //Content-Language
string rsct = "binary";  //Content-Type      binary


string StringToSign = signedpermissions + "\n" +
               signedstart + "\n" +
               signedexpiry + "\n" +
               canonicalizedresource + "\n" +
               signedidentifier + "\n" +
               signedversion + "\n" +
               rscc + "\n" +
               rscd + "\n" +
               rsce + "\n" +
               rscl + "\n" +
               rsct;

HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(StorageKey));
string signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(StringToSign)));

string link = String.Format("{0}?sv={1}&st={2}&se={3}&sr={4}&sp={5}&rscd={8}&rsct={9}&spr={6}&sig={7}",
                                        uri,
                                        signedversion,
                                        signedstart,
                                        signedexpiry,
                                        "c",   //b for blob
                                        signedpermissions,
                                        "https",
                                        signature.Replace("/", "%2"),
                                        rscd,///////////////
                                        rsct);

我收到这个错误。

<Error>
<Code>AuthenticationFailed</Code>
<Message>
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:92eda75a-001a-0072-501d-1bb6fd000000 Time:2017-08-22T08:03:58.6115733Z
</Message>
<AuthenticationErrorDetail>Signature fields not well formed.</AuthenticationErrorDetail>
</Error>

我有几乎相同的 blob 代码(小的差异)并且它工作正常。有什么建议么?

4

1 回答 1

1

我认为问题在于您的stringToSign. 您必须包括指定的所有参数here

StringToSign = signedpermissions + "\n" +  
               signedstart + "\n" +  
               signedexpiry + "\n" +  
               canonicalizedresource + "\n" +  
               signedidentifier + "\n" +  
               signedIP + "\n" +  
               signedProtocol + "\n" +  
               signedversion + "\n" +  
               rscc + "\n" +  
               rscd + "\n" +  
               rsce + "\n" +  
               rscl + "\n" +  
               rsct

如果您不使用参数(例如signedIP在您的情况下),则必须指定一个空行。

基于此,您StringToSign应该是:

string StringToSign = signedpermissions + "\n" +
               signedstart + "\n" +
               signedexpiry + "\n" +
               canonicalizedresource + "\n" +
               signedidentifier + "\n" +
               "\n" + //For signed IP
               "\n" + //For signed Protocol
               signedversion + "\n" +
               rscc + "\n" +
               rscd + "\n" +
               rsce + "\n" +
               rscl + "\n" +
               rsct;

此外sr(签名的资源类型)link应该是f(用于文件)而不是c您正在使用的。

于 2017-08-22T09:09:47.643 回答