microsoft azure表身份验证stringtosign错误
我在azure表分页查询的microsoft azure表身份验证stringtosign错误,azure,azure-storage,azure-table-storage,Azure,Azure Storage,Azure Table Storage,我在azure表分页查询的stringtosign身份验证方面遇到问题 这是当前的stringtosignim使用: GET\n\n\nFri, 05 Sep 2014 03:57:11 GMT\n/mystorageaccount/mytablename\nNextPartitionKey:1!20!UmFjZSBNZW1iZXJfNA--\nNextRowKey:1!12!TmFtZV85ODE- 此stringtosign身份验证是否有问题? 其余的标题与Fiddle完全相同 示例 GE
stringtosign
身份验证方面遇到问题
这是当前的stringtosign
im使用:
GET\n\n\nFri, 05 Sep 2014 03:57:11 GMT\n/mystorageaccount/mytablename\nNextPartitionKey:1!20!UmFjZSBNZW1iZXJfNA--\nNextRowKey:1!12!TmFtZV85ODE-
此stringtosign
身份验证是否有问题?
其余的标题与Fiddle完全相同
示例
GET /mytablename?NextPartitionKey=1%2120%21UmFjZSBNZW1iZXJfNA--&NextRowKey=1%2112%21TmFtZV85ODE- HTTP/1.1
Host: mystorageaccount.table.core.windows.net
x-ms-version: 2014-02-14
x-ms-date: Fri, 05 Sep 2014 05:49:19 GMT
Authorization: SharedKey mystorageaccount:GD2w4pqsllzIOixNF/AfFqLkZhYzLpjK67a8OI7j6Go=
Accept: application/atom+xml
Accept-Charset: UTF-8
DataServiceVersion: 3.0;NetFx
MaxDataServiceVersion: 3.0;NetFx
这两本书我都读完了
GET /mytablename?NextPartitionKey=1%2120%21UmFjZSBNZW1iZXJfNA--&NextRowKey=1%2112%21TmFtZV85ODE- HTTP/1.1
Host: mystorageaccount.table.core.windows.net
x-ms-version: 2014-02-14
x-ms-date: Fri, 05 Sep 2014 07:05:12 GMT
Authorization: SharedKey mystorageaccount:HSYfO1Baadqcd4bQO5Q6uN1hrr2aXtLcQbFPkWgIXuw=
Accept: application/atom+xml
Accept-Charset: UTF-8
DataServiceVersion: 3.0;NetFx
MaxDataServiceVersion: 3.0;NetFx
要签名的字符串:
GET\n\n\nFri, 05 Sep 2014 07:05:12 GMT\n/mystorageaccount/mytablename\nnextpartitionkey:1!20!UmFjZSBNZW1iZXJfNA--\nnextrowkey:1!12!TmFtZV85ODE-
答复:
<?xml version=\"1.0\" encoding=\"utf-8\"?><m:error xmlns:m=\"http://schemas.microsoft.com/ado/2007/08/dataservices/metadata\"><m:code>AuthenticationFailed</m:code><m:message xml:lang=\"en-US\">Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:37272f11-0002-0014-5aa7-f7dd1c000000
Time:2014-09-05T07:05:09.5720897Z</m:message></m:error>
AuthenticationFailedServer未能对请求进行身份验证。确保包括签名在内的授权标头的值格式正确。
请求ID:37272f11-0002-0014-5aa7-f7dd1c000000
时间:2014-09-05T07:05:09.5720897Z
我有机会实际编写代码并试用。基本上,在为表资源创建CanonicalizedResource字符串时,除了comp
querystring参数之外,不需要包含查询字符串参数。基本上,这就是您需要从文档()中遵循的内容:
2009-09-19共享密钥精简版和表服务格式
此格式支持所有版本的共享密钥和共享密钥Lite
2009-09-19版本的表服务和共享密钥Lite
Blob和队列服务以及文件服务的2014-02-14。
此格式与以前版本的相同
存储服务。在此字段中构造CanonicalizedResource字符串
格式如下:
static void QueryTable()
{
var requestMethod = "GET";
var storageServiceVersion = "2014-02-14";
var date = DateTime.UtcNow.ToString("R");
var canonicalizedResource = string.Format("/{0}/{1}", StorageAccount, TableName);
var stringToSign = string.Format("{0}\n\n\n{1}\n{2}", requestMethod, date, canonicalizedResource);
var authorizationHeader = GetAuthorizationHeader(stringToSign);
using (var httpClient = new HttpClient())
{
httpClient.BaseAddress = new Uri(TableEndpoint);
httpClient.DefaultRequestHeaders.Clear();
httpClient.DefaultRequestHeaders.Add("x-ms-date", date);
httpClient.DefaultRequestHeaders.Add("x-ms-version", storageServiceVersion);
httpClient.DefaultRequestHeaders.Add("Authorization", authorizationHeader);
var result = httpClient.GetAsync(TableName + "?NextPartitionKey=1!48!VXwzMzg0MDAzOWYzMjQ0ZDgxOWZjZmM5M2EyMzNkM2IxOA--&NextRowKey=1!0!");
result.Wait();
}
}
static string GetAuthorizationHeader(string canonicalizedString)
{
var signature = string.Empty;
using (var hash = new HMACSHA256(Convert.FromBase64String(StorageAccountKey)))
{
var data = Encoding.UTF8.GetBytes(canonicalizedString);
signature = Convert.ToBase64String(hash.ComputeHash(data));
}
return string.Format(CultureInfo.InvariantCulture, "{0} {1}:{2}", "SharedKey", StorageAccount, signature);
}
根据此处的文档:(2009-09-19共享密钥格式部分,第4点),您需要将所有查询参数转换为小写。因此,您的规范化资源字符串应该是:
GET\n\n\nFri, 05 Sep 2014 03:57:11 GMT\n/mystorageaccount/mytablename\nnextpartitionkey:1!20!UmFjZSBNZW1iZXJfNA--\nnextrowkey:1!12!TmFtZV85ODE-
试试看。这应该能解决问题。
您使用的是
SharedKey
还是SharedKeyLite
身份验证方案?我目前正在使用SharedKey为什么stringtosign
中的nextpartitionkey
前面有空格?更新了我的答案。谢谢你!让我试试这个谢谢Gaurav花时间帮助我!我会投赞成票,但我没有足够的声誉。但总而言之,谢谢你的帮助!现在可以用了