0

我正在尝试生成一个 blob 版本的 SAS 以允许对一个特定版本的 blob 进行读取访问。我让 SAS 生成为根 blob 工作,并尝试通过添加 BlobVersionId 为 blob 版本控制功能修改它,但是服务器返回 403。

针对特定 blob 版本修改了 SAS Builder:(不工作

public string GetBlobSasTokenAsync(string containerName, string blobName, string blobVersionId, string fileName)
    {
        var sasBuilder = new BlobSasBuilder()
        {
            BlobContainerName = containerName,
            BlobName = blobName,
            BlobVersionId = blobVersionId,
            StartsOn = DateTime.UtcNow.Subtract(_clockSlew),
            ExpiresOn = DateTime.UtcNow.AddMinutes(AccessDuration) + _clockSlew,
            ContentDisposition = "inline; filename=" + fileName,
            ContentType = GetContentType(fileName)
        };

        sasBuilder.SetPermissions("r");

        var storageSharedKeyCredential = new StorageSharedKeyCredential(_accountName, _accountKey);

        var sasQueryParameters = sasBuilder.ToSasQueryParameters(storageSharedKeyCredential);

        return sasQueryParameters.ToString();
    }

SAS URI: https ://xyz.blob.core.windows.net/container/blobname?sv=2019-12-12&st=2020-07-07T20%3A44%3A38Z&se=2020-07-07T22%3A14%3A38Z&sr=bv&sp =r&rscd=内联%3B+文件名%3Dfilename.txt&rsct=文本%2Fplain&sig=xyz

错误:

<?xml version="1.0" encoding="utf-8"?>
<Error>
    <Code>AuthenticationFailed</Code>
    <Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:63b83bb8-201e-00a8-55a1-544fe3000000
Time:2020-07-07T21:01:08.2149986Z</Message>
    <AuthenticationErrorDetail>The specified signed resource is not allowed for the this resource level</AuthenticationErrorDetail>
</Error>

使用: Azure.Storage.Blobs 12.5.0-preview.5

4

1 回答 1

0

我尝试SAS按照你的方式生成和访问blob,但是发现不行,你可以使用官方推荐的方式: https://myaccount.blob.core.windows.net/mycontainer/myblob?versionid=<DateTime>,并SAS在后面连接。

需要注意的是,这种方式生成时不需要添加BlobVersionId属性SAS

最后,你的 URL 必须是这样的:<code>https://myaccount.blob.core.windows.net/mycontainer/myblob?versionid=<DateTime>&<SAS>。

于 2020-07-08T08:08:11.310 回答