我正在尝试为 blob 创建 Azure SAS。但是,我收到身份验证失败错误。无论我尝试什么,我都无法构建格式良好的 stringToSign 或签名。
错误说:
“签名不匹配。使用的签名字符串是 rl 2021-03-11T08:08:46Z 2021-03-12T08:08:46Z /blob/{myAccountName}/quickstartcontainer/sampleFile2813061026464365578.txt 2020-02-10 b”
我的 stringToSign 是:
String stringToSign= "rl\n"+
"2021-03-11T08:08:46Z" +"\n" +
"2021-03-12T08:08:46Z"+ "\n"+
"\n"+
"\n"+
"\n"+
"\n"+
2020-02-10"+
"\n"+"\n"+"\n"+"\n"+"\n";
String signature = getHMAC256(key, stringToSign);
我的 SAS 令牌 uri 是:
String sasToken = "?sp=rl"
+ "&st=" + "2021-03-11T08:08:46Z"
+ "&se=" + "2021-03-12T08:08:46Z"
+ "&sv=" + "2020-02-10"
+ "&sr=b"
+ "&sig=" + URLEncoder.encode(signature, "UTF-8");
加密函数为:
public static String computeHMac256(final String base64Key, final String stringToSign) {
try {
byte[] key = Base64.getDecoder().decode(base64Key);
Mac hmacSHA256 = Mac.getInstance("HmacSHA256");
hmacSHA256.init(new SecretKeySpec(key, "HmacSHA256"));
byte[] utf8Bytes = stringToSign.getBytes(StandardCharsets.UTF_8);
return Base64.getEncoder().encodeToString(hmacSHA256.doFinal(utf8Bytes));
} catch (NoSuchAlgorithmException | InvalidKeyException ex) {
throw new RuntimeException(ex);
}
}
如何为我的 sas uri 生成格式良好的签名?