.net Azure SAS令牌无法与Azure.Storage.Blobs BlobServiceClient一起使用
我正在使用.net Azure SAS令牌无法与Azure.Storage.Blobs BlobServiceClient一起使用,.net,azure,azure-storage,azure-storage-blobs,azure-sas,.net,Azure,Azure Storage,Azure Storage Blobs,Azure Sas,我正在使用Azure.Storage.Blobs v12.1.0库。我正在使用具有Azure服务主体凭据的用户委派生成Blob级别的SAS令牌,并尝试使用生成的SAS令牌上载Blob。 我完全按照Azure中的示例生成SAS令牌 以下是我用来创建SAS令牌的代码: string blobEndpoint = string.Format("https://{0}.blob.core.windows.net", storageProviderSettings.AccountName);
Azure.Storage.Blobs v12.1.0
库。我正在使用具有Azure服务主体凭据的用户委派生成Blob级别的SAS令牌,并尝试使用生成的SAS令牌上载Blob。
我完全按照Azure中的示例生成SAS令牌
以下是我用来创建SAS令牌的代码:
string blobEndpoint = string.Format("https://{0}.blob.core.windows.net", storageProviderSettings.AccountName);
TokenCredential credential =
new ClientSecretCredential(
storageProviderSettings.TenantId,
storageProviderSettings.ClientId,
storageProviderSettings.ClientSecret,
new TokenCredentialOptions());
BlobServiceClient blobServiceClient = new BlobServiceClient(new Uri(blobEndpoint),
credential);
BlobContainerClient containerClient = blobServiceClient.GetBlobContainerClient(containerName);
BlobClient blobClient = containerClient.GetBlobClient(blobName);
var delegationKey = await blobServiceClient.GetUserDelegationKeyAsync(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(7));
BlobSasBuilder sasBuilder = new BlobSasBuilder()
{
BlobContainerName = containerName,
BlobName = blobName,
Resource = "b",
StartsOn = DateTimeOffset.UtcNow,
ExpiresOn = DateTimeOffset.UtcNow.AddSeconds(expirySeconds)
};
sasBuilder.SetPermissions(BlobSasPermissions.All);
// if (withDownloadAccess) {
// sasBuilder.SetPermissions(BlobSasPermissions.Read);
// }
// if (withDeleteAccess) {
// sasBuilder.SetPermissions(BlobSasPermissions.Delete);
// }
Console.WriteLine(sasBuilder.Permissions);
var sasQueryParams = sasBuilder.ToSasQueryParameters(delegationKey, storageProviderSettings.AccountName).ToString();
UriBuilder sasUri = new UriBuilder()
{
Scheme = "https",
Host = string.Format("{0}.blob.core.windows.net", storageProviderSettings.AccountName),
Path = string.Format("{0}/{1}", containerName, blobName),
Query = sasQueryParams
};
BlobServiceClient service = new BlobServiceClient(sasUri.Uri);
await service.GetPropertiesAsync();
Settings tmpUploadCredentials = CreateTemporaryAzureStorageProviderSettings(sasUri, storageProviderSettings);
Console.WriteLine(tmpUploadCredentials.ConnectionString);
return tmpUploadCredentials;
如果我将SAS标记保留在浏览器中,那么SAS标记已创建,Get Blob工作正常,但如果我尝试上载文件或执行任何正在工作的操作,则使用BlobServiceClient
。
为了检查它是否经过身份验证,我已经写了这一行wait service.GetPropertiesAsync()代码>引发以下错误:
任何帮助都将不胜感激。根据我的测试,service.GetPropertiesAsync()代码>是一个帐户操作。这意味着它将调用RESTAPI来获取帐户blob服务的属性。但是,当您创建BlobServiceClient
时,您将提供blob url。blob不支持该操作。因此,您将得到错误。它将要获取blob的属性,请调用。所以,请按照以下代码更新您的代码
BlobClient blobClient = new BlobClient(sasUri, null);
blobClient.GetPropertiesAsync();
有关详细信息,请参阅非常感谢Jim!!!我犯了一个简单的错误,试图用Sas URI创建blobServiceClient,这毫无意义,它应该是BlobClient。但在我粘贴的链接中,他们正在使用URI创建BlobServiceClient。它误导了很多人,我在azure sdk网上为此提出了一个问题。再次感谢你,伙计!!