2

我正在尝试通过 REST API 创建文件共享,但出现此错误

AuthenticationFailed 服务器未能验证请求。确保 > > > Authorization 标头的值正确形成,包括签名。RequestId:aba10b5f-001a-0026-49cb-51d887000000 时间:2017-10-30T22:04:13.9907093Z HTTP 请求中找到的 MAC > 签名 > > 'U8UvWw4KO0fXAk21p/fuXhfqpDdgK7OZn29r5JQ1x4E=' 与任何计算的签名都不相同。服务器使用以下字符串进行签名:'PUT

这是我的代码:

static void CreatFileShare()
    {
        string requestMethod = "PUT";
        string urlPath = strShareName + "?restype=share";
        string urlPathResource = "restype:share";

        String canonicalizedResource = String.Format("/{0}/{2}\n{1}", StorageAccountName, urlPathResource, /*strShareName*/ "MFS2");
        try
        {
            HttpWebRequest request = GetWebRequest(requestMethod, urlPath, canonicalizedResource, "CreateShare");
            using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
            {
                Console.WriteLine("Response status code: " + response.StatusCode + ".  Successfully Create the share \"" + strShareName + "\".");
            }
        }
        catch (WebException ex)
        {
            ThrowWebException(ex);
        }
    }

static HttpWebRequest GetWebRequest(string requestMethod, string urlPath, String canonicalizedResource, string MethodType)
    {
        HttpWebRequest request = null;
        try
        {
            const string type = "file";
            const string msVersion = "2017-04-17";
            String dateInRfc1123Format = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture);
            String canonicalizedHeaders = "";

            //canonicalizedHeaders = String.Format("x-ms-date:{0}\nx-ms-version:{1}", dateInRfc1123Format, msVersion);
            canonicalizedHeaders = String.Format("x-ms-date:{0}\nx-ms-version:{1}\n", dateInRfc1123Format, msVersion);
            if (MethodType == "CreateFile")
            {
                canonicalizedHeaders = String.Format("x-ms-content-length:1024\nx-ms-date:{0}\nx-ms-type:file\nx-ms-version:{1}", dateInRfc1123Format, msVersion);
            }

            String stringToSign = "";


            //stringToSign = String.Format("{0}\n\n\n\n\n\n\n\n\n\n\n\n{1}\n{2}", requestMethod, canonicalizedHeaders, canonicalizedResource);
            stringToSign = String.Format("{0}\n\n\n\n\n\n\n\n\n\n\n\n{1}{2}", requestMethod, canonicalizedHeaders, canonicalizedResource);

            String authorizationHeader = CreateAuthorizationHeader(stringToSign);

            Uri uri = new Uri(FileEndPoint + urlPath);
            request = (HttpWebRequest)WebRequest.Create(uri);
            if (requestMethod != "Get")
            {
                request.ContentLength = 0;
            }

            request.Method = requestMethod;
            request.Headers.Add("x-ms-date", dateInRfc1123Format);
            request.Headers.Add("x-ms-version", msVersion);
            request.Headers.Add("Authorization", authorizationHeader);
            request.Headers.Add("Accept-Charset", "UTF-8");
            request.Accept = "application/atom+xml,application/xml";
            if (MethodType == "CreateFile")
            {
                request.Headers.Add("x-ms-content-length", "1024");
                request.Headers.Add("x-ms-type", type);

            }
        }
        catch (Exception ex)
        {
            throw ex;
        }

        return request;
    }

我在方法中使用 HMAC-SHA256CreateAuthorizationHeader算法

我的应用程序还具有检索存储帐户内的文件共享和目录/文件的逻辑,并且工作正常。问题出现在我想创建文件、文件共享或共享快照的那一刻。

任何帮助将不胜感激!!

4

1 回答 1

1

对于创建共享,请求将是:

PUT https://{your-storage-accountname}.file.core.windows.net/{share-name}?restype=share

Request Headers:  
x-ms-version: 2017-04-17 
x-ms-date: <date>  
Authorization: SharedKey {your-storage-accountname}:{shared-key-signature-string}

规范化的标头字符串将是:

x-ms-date:Wed, 01 Nov 2017 05:53:50 GMT\nx-ms-version:2017-04-17\n

规范化资源字符串将是:

/{your-account-name}/{your-share-name}\nrestype:share

而对于Create File,请求将是:

PUT https://{your-storage-accountname}.file.core.windows.net/{share-name}/{file}

Request Headers:  
x-ms-version: 2017-04-17 
x-ms-date: <date>  
x-ms-content-length: 1024 //This header specifies the maximum size for the file, up to 1 TB.
Authorization: SharedKey {your-storage-accountname}:{shared-key-signature-string}

规范化的标头字符串将是:

x-ms-content-length:1024\nx-ms-date:Wed, 01 Nov 2017 06:03:57 GMT\nx-ms-type:file\nx-ms-version:2017-04-17\n

规范化资源字符串将是:

/{your-account-name}/{your-share-name}/{your-file}
//e.g. /brucchstorage/myshare1/helloworld.txt

对于您的代码,您需要修改参数urlPathcanonicalizedResource在您的CreatFileShare方法下支持创建文件。此外,您需要在 MethodType equals 方法下的参数中附加一个换行符 ( \n) 。canonicalizedHeadersGetWebRequestCreateFile

此外,此问题的常见原因是由于生成了 CanonicalizedResource 和 CanonicalizedHeaders。我建议您参考Azure 存储服务的身份验证以更好地理解它们。此外,您可以利用 fiddler 捕获网络跟踪,并将错误响应中要签名的字符串与您的本地值进行比较,以缩小此问题的范围。

正如 Gaurav Mantri 评论的那样,您可以利用适用于 .NET 的 Azure 存储客户端库以简单的方式实现您的目的。更多细节,你可以参考这里

于 2017-11-01T06:21:11.443 回答