Fatal编程技术网

Azure cosmosdb Azure API管理-宇宙数据库

azure-cosmosdb

Azure cosmosdb Azure API管理-宇宙数据库,azure-cosmosdb,azure-api-management,Azure Cosmosdb,Azure Api Management,我正在尝试构建代理API管理并添加此策略。我总是得到一个未经授权的HTTP/1.1 401 <policies> <inbound> <base /> <set-variable name="cosmoskey" value="{{CosmosKey}}" /> <set-variable name="requestDateString" value="@(DateTime.UtcNow

我正在尝试构建代理API管理并添加此策略。我总是得到一个未经授权的HTTP/1.1 401

<policies>
    <inbound>
        <base />
        <set-variable name="cosmoskey" value="{{CosmosKey}}" />
        <set-variable name="requestDateString" value="@(DateTime.UtcNow.ToString("r"))" />
        <send-request mode="new" response-variable-name="response" timeout="10" ignore-error="false">
            <set-url>https://fellowtest.documents.azure.com/dbs/ToDoList/colls/Items/docs</set-url>
            <set-method>POST</set-method>
            <set-header name="Authorization" exists-action="override">
                <value>@{
          var verb = "GET";
          var resourceType = "docs";
          var resourceLink = "";
          var key = context.Variables.GetValueOrDefault<string>("cosmoskey");
          var keyType = "master";
          var tokenVersion = "1.0";
          var date = context.Variables.GetValueOrDefault<string>("requestDateString");

          var hmacSha256 = new System.Security.Cryptography.HMACSHA256 { Key = Convert.FromBase64String(key) };  

          verb = verb ?? "";  
          resourceType = resourceType ?? "";
          resourceLink = resourceLink ?? "";

          string payLoad = string.Format("{0}\n{1}\n{2}\n{3}\n{4}\n",  
                  verb.ToLowerInvariant(),  
                  resourceType.ToLowerInvariant(),  
                  resourceLink,  
                  date.ToLowerInvariant(),  
                  ""  
          );  

          byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));  
          string signature = Convert.ToBase64String(hashPayLoad);  

          return System.Uri.EscapeDataString(String.Format("type={0}&ver={1}&sig={2}",  
              keyType,  
              tokenVersion,  
              signature));
        }</value>
            </set-header>
            <set-header name="Accept" exists-action="override">
                <value>application/json</value>
            </set-header>
            <set-header name="x-ms-date" exists-action="override">
                <value>@(context.Variables.GetValueOrDefault<string>("requestDateString"))</value>
            </set-header>
            <set-header name="x-ms-version" exists-action="override">
                <value>2016-07-11</value>
            </set-header>
        </send-request>
    </inbound>
跟踪看起来正常,因此我无法找出错误所在。有人做过或者知道我在哪里可以找到howto吗?

要构造有效的哈希令牌签名(详情请参阅),您需要提供动词(“get”在您的情况下-没关系,因为它是get请求)、ResourceType(“docs”-没关系,因为您想列出文档)和ResourceLink(在您的情况下,它的“”),应设置为:

var resourceLink = "dbs/ToDoList/colls/Items";
此外,发送请求策略不会将响应返回给调用方。基本上,将对给定变量的响应保存为参数(在本例中为“响应”)

要将响应返回给调用方,可以使用策略


@((IResponse)context.Variables[“response”]).Body.As(preserveContent:true.ToString())
评论中提到的解决方案似乎是实现您想要做的事情的最佳解决方案()

您是使用SAS令牌还是使用Cosmos主键/辅键?我已修复它-这是策略中的一个错误。请总结您的解决方案,作为结束此案例的答案。总结在链接中,但这里仍然是政策-我无法在评论中发布完整的政策 
var resourceLink = "dbs/ToDoList/colls/Items";

<return-response>
    <set-body>@(((IResponse)context.Variables["response"]).Body.As<JObject>(preserveContent: true).ToString())</set-body>
</return-response>