C# Azure Blob容器,可以';不生成令牌
我正在使用azure存储,但无法创建适当的SAS令牌来传递到我的前端javascript。在多个教程和示例之后,我似乎无法获得JS的工作令牌 我在这里的教程中验证我的令牌,以便我自己的javascript不会妨碍我: 我花了数小时尝试不同的解决方案,但我生成的令牌看起来与azure生成的令牌非常相似。我错过了什么 代码C# Azure Blob容器,可以';不生成令牌,c#,azure,azure-blob-storage,C#,Azure,Azure Blob Storage,我正在使用azure存储,但无法创建适当的SAS令牌来传递到我的前端javascript。在多个教程和示例之后,我似乎无法获得JS的工作令牌 我在这里的教程中验证我的令牌,以便我自己的javascript不会妨碍我: 我花了数小时尝试不同的解决方案,但我生成的令牌看起来与azure生成的令牌非常相似。我错过了什么 代码 关于这个问题,您是否尝试使用JS创建SAS令牌 var azure = require('azure-storage'); var fs = require('fs'); var
关于这个问题,您是否尝试使用JS创建SAS令牌
var azure = require('azure-storage');
var fs = require('fs');
var SasConstants = azure.Constants.AccountSasConstants;
var blobService = azure.createBlobService();
var containerName = 'containername';
var blobName = 'blobname';
var startDate = new Date('');
var expiryDate = new Date(startDate);
expiryDate.setDate(startDate.getDate() + 1);
var sharedAccessPolicy = {
AccessPolicy: {
Permissions: azure.BlobUtilities.SharedAccessPermissions.READ + azure.BlobUtilities.SharedAccessPermissions.ADD + azure.BlobUtilities.SharedAccessPermissions.CREATE+ azure.BlobUtilities.SharedAccessPermissions.WRITE,
Start: startDate,
Expiry: expiryDate
},
};
var token = blobService.generateSharedAccessSignature(containerName, null, sharedAccessPolicy);
根据我的测试,代码可以生成SAS令牌。如果要列出容器中的blob,需要将
&comp=list&restype=container
添加到SAS URL中。那么它应该会起作用
Get https://xxxxx.blob.core.windows.net/test?sv=2018-03-28&sr=c&sig=xxxxxxxxx&sp=rwl&comp=list&restype=container
Azure存储服务无法识别您尝试访问的资源是blob还是容器,并假定它是blob。由于它假定资源类型为blob,因此它使用$root blob容器进行SAS计算(您可以从错误消息中看到)。由于SAS是为mark blob容器计算的,因此您得到的此签名与错误不匹配。通过指定restype=container,您告诉存储服务将资源视为容器。comp=根据REST API规范,需要列表
有关详细信息,请参阅另一个。为存储帐户生成令牌。教程中列出的权限由存储帐户策略授予
public static string GenerateAccountSASToken(string connectionString)
{
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(connectionString);
SharedAccessAccountPolicy accountpolicy = new SharedAccessAccountPolicy();
accountpolicy.SharedAccessStartTime = DateTimeOffset.UtcNow.AddHours(-24);
accountpolicy.SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddHours(24);
accountpolicy.Permissions = SharedAccessAccountPermissions.Add | SharedAccessAccountPermissions.Create | SharedAccessAccountPermissions.List | SharedAccessAccountPermissions.ProcessMessages | SharedAccessAccountPermissions.Read | SharedAccessAccountPermissions.Update | SharedAccessAccountPermissions.Write;
accountpolicy.Services = SharedAccessAccountServices.Blob;
accountpolicy.ResourceTypes = SharedAccessAccountResourceTypes.Container | SharedAccessAccountResourceTypes.Object | SharedAccessAccountResourceTypes.Service;
return storageAccount.GetSharedAccessSignature(accountpolicy);
}
生成SAS令牌的代码看起来正常。你能分享你的JS代码吗?您遇到了什么错误?当您尝试使用令牌时会发生什么情况?您是否在过去尝试过稍微设置开始时间(例如,当前时间-5分钟)?这至少可以排除时钟漂移的可能性。我没有。我会在可能的时候试一试。
public static string GenerateAccountSASToken(string connectionString)
{
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(connectionString);
SharedAccessAccountPolicy accountpolicy = new SharedAccessAccountPolicy();
accountpolicy.SharedAccessStartTime = DateTimeOffset.UtcNow.AddHours(-24);
accountpolicy.SharedAccessExpiryTime = DateTimeOffset.UtcNow.AddHours(24);
accountpolicy.Permissions = SharedAccessAccountPermissions.Add | SharedAccessAccountPermissions.Create | SharedAccessAccountPermissions.List | SharedAccessAccountPermissions.ProcessMessages | SharedAccessAccountPermissions.Read | SharedAccessAccountPermissions.Update | SharedAccessAccountPermissions.Write;
accountpolicy.Services = SharedAccessAccountServices.Blob;
accountpolicy.ResourceTypes = SharedAccessAccountResourceTypes.Container | SharedAccessAccountResourceTypes.Object | SharedAccessAccountResourceTypes.Service;
return storageAccount.GetSharedAccessSignature(accountpolicy);
}