我偶尔会遇到服务器上生成的 Azure 存储 SAS 令牌的问题。我没有为开始时间设置任何内容,因为建议这样做是为了避免时钟偏差问题,并且我将到期时间设置为 1 小时后DateTime.UtcNow
。时不时地,SAS 令牌不起作用,我猜这可能与时钟偏差问题有关。这是我最近收到的两个错误:
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:cb371f2b-801e-0063-16a1-08d06f000000 Time:2021-02-21T22:35:53.9832140Z</Message>
<AuthenticationErrorDetail>Signed expiry time [Sun, 21 Feb 2021 20:39:40 GMT] must be after signed start time [Sun, 21 Feb 2021 22:35:53 GMT]</AuthenticationErrorDetail>
</Error>
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:8818c581-401e-0058-6477-08717d000000 Time:2021-02-21T17:35:37.1284611Z</Message>
<AuthenticationErrorDetail>Signature not valid in the specified time frame: Start [Sat, 20 Feb 2021 00:15:01 GMT] - Expiry [Sat, 20 Feb 2021 01:30:01 GMT] - Current [Sun, 21 Feb 2021 17:35:37 GMT]</AuthenticationErrorDetail>
</Error>
这就是我生成令牌的方式:
var blobSasBuilder = new BlobSasBuilder
{
BlobContainerName = containerName,
BlobName = fileName,
Resource = "b",
ExpiresOn = DateTime.UtcNow.AddHours(1),
Protocol = SasProtocol.Https
};
我该如何解决这个问题?根据上面的错误,看起来我是在令牌过期后尝试访问这个资源,但实际上我是在生成令牌并发送给客户端后立即尝试访问它。正如我所说,这并不经常发生,但这是一个反复出现的问题。
再想一想,我想知道这是否是 v12 SDK 的错误。