1

我正在尝试按照本教程在 Azure Blob 存储中使用 SAS 令牌,但我遇到了这个错误:

<Error>
  <Code>AuthenticationFailed</Code>
  <Message>
    Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:2aada4ff-901e-0011-116c-8bc84f000000 Time:2019-10-25T19:41:37.0381744Z
  </Message>
  <AuthenticationErrorDetail>
    Signature did not match. String to sign used was r 2019-10-25T19:26:51Z 2019-10-25T20:31:51Z /blob/platinepersistencesg/$root/documents-legal-entity-01d6d631-bc1e-54e7-894e-f67297a2bae7 2019-02-02 b
  </AuthenticationErrorDetail>
</Error>

这是我的代码:

public async Task<IActionResult> GetSasToken()
{
    const string containerName = "documents-legal-entity-01d6d631-bc1e-54e7-894e-f67297a2bae7";
    const string blobName = "09578f41-e7fb-4765-bf41-869ea649f03a.pdf";
    const SharedAccessBlobPermissions permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Create;

    var blobClient = CloudStorageAccount
        .Parse("DefaultEndpointsProtocol=https;AccountName=<account_name>;AccountKey=<account_key>;EndpointSuffix=core.windows.net")
        .CreateCloudBlobClient();

    var container = blobClient.GetContainerReference(containerName);
    var blob = container.GetBlockBlobReference(blobName);
    var policy = new SharedAccessBlobPolicy
    {
        SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24),
        Permissions = permissions
    };
    var sasToken = blob.GetSharedAccessSignature(policy);
    var sasUri = container.Uri + sasToken;

    return Ok(new { uri = sasUri });
}

我可以按照这个答案让它工作,但为了简单起见,我想使用 Azure 客户端,并避免随身携带存储密钥。

4

1 回答 1

1

您唯一缺少的是 URL 构造中的 blob 名称。只需要改变:

var sasUri = container.Uri + sasToken;

...到...

var sasUri = blob.Uri + sasToken;

于 2019-10-25T20:44:12.333 回答