Java Azure blob sasToken“;签名不匹配”;(爪哇)
您好,我尝试在java中的azure存储上创建一个SAS到blob。 我编写以下代码:Java Azure blob sasToken“;签名不匹配”;(爪哇),java,azure,blob,sas-token,Java,Azure,Blob,Sas Token,您好,我尝试在java中的azure存储上创建一个SAS到blob。 我编写以下代码: public static String GSAS(String url, String signedstart, String signedexpiry) throws Exception { String accountName = "taelearninguat2"; String accountKey = "xxxx"; // Here I hide the pass
public static String GSAS(String url, String signedstart, String signedexpiry) throws
Exception {
String accountName = "taelearninguat2";
String accountKey = "xxxx"; // Here I hide the passsword
String signedpermissions = "r";
signedstart = "2020-02-18T08:49Z";
signedexpiry = "2020-02-28T08:49Z";
String canonicalizedResource = "/blob/" + accountName + "/resource/8a5dcc036edbba6a016ede49fec30000.jpg";
String signedIP = "";
String signedProtocol = "";
String signedidentifier = "";
String signedversion = "2015-04-05";
String rscc = "";
String responsecontent = "file; attachment";
String rsce = "";
String rscl = "";
String rsct = "binary";
String stringToSign =
signedpermissions + "\n" +
signedstart + "\n" +
signedexpiry + "\n" +
canonicalizedResource + "\n" +
signedidentifier + "\n" +
signedIP + "\n" +
signedProtocol + "\n" +
signedversion + "\n" +
rscc + "\n" +
responsecontent + "\n" +
rsce + "\n" +
rscl + "\n" +
rsct;
String sig = computeHmac256(stringToSign,Base64.getDecoder().decode(accountKey));
StringBuffer param = new StringBuffer();
param.append("?")
.append("sv=").append(URLEncoder.encode(signedversion, "UTF-8")).append("&")
.append("sr=").append(URLEncoder.encode("b", "UTF-8")).append("&")
.append("sig=").append(URLEncoder.encode(sig, "UTF-8")).append("&")
.append("st=").append(URLEncoder.encode(signedstart, "UTF-8")).append("&")
.append("se=").append(URLEncoder.encode(signedexpiry, "UTF-8")).append("&")
.append("sp=").append(URLEncoder.encode(signedpermissions, "UTF-8")).append("&")
.append("rscd=").append(URLEncoder.encode(responsecontent, "UTF-8")).append("&")
.append("rsct=").append(URLEncoder.encode(rsct, "UTF-8"));
String sasURL = url + param.toString();
return sasURL;
}
static String computeHmac256(String stringToSign, byte[] accountKey) throws Exception {
try {
/*
We must get a new instance of the Mac calculator for each signature calculated because the instances are
not threadsafe and there is some suggestion online that they may not even be safe for reuse, so we use a
new one each time to be sure.
*/
Mac hmacSha256 = Mac.getInstance("HmacSHA256");
hmacSha256.init(new SecretKeySpec(accountKey, "HmacSHA256"));
byte[] utf8Bytes = stringToSign.getBytes("UTF-8");
return Base64.getEncoder().encodeToString(hmacSha256.doFinal(utf8Bytes));
} catch (Exception e) {
throw new Error(e);
}
}
假设我有一张url为的图片:
所以stringToSign是:
r
2020-02-18T08:49Z
2020-02-28T08:49Z
/blob/taelearninguat2/resource/8a5dcc036edbba6a016ede49fec30000.jpg
2015-04-05
file; attachment
binary
SAS url:
签名不匹配。使用的签名字符串是r 2020-02-18T08:49Z 2020-02-28T08:49Z/blob/taelearninguat2/resource/8A5DCC036EDBBA6A016EDE49FEC3000.jpg 2015-04-05文件;附件
最新更新:
更改时间参数:
签名开始=2019-11-27
签名解释=2019-12-04
结果是:
签名在指定时间范围内无效:开始[2019年11月27日星期三00:00:00 GMT]-到期[2019年12月4日星期三00:00:00 GMT]-当前[2020年2月20日星期四14:45:57 GMT]
但是
签名开始=2020-02-19
签名解释=2020-02-25
签名仍然不匹配请尝试更改以下代码行:
byte[] shaSig = HMACSHA256(stringToSign, accountKey);
到
基本上,您的帐户密钥是base64编码的字符串,您需要首先对其进行解码
您还可以查看此处的代码,了解Azure SDK是如何进行签名的:注释不用于扩展讨论;这段对话已经结束。
byte[] shaSig = HMACSHA256(stringToSign, accountKey);
byte[] shaSig = HMACSHA256(stringToSign, Base64.getDecoder().decode(accountKey));