Accessing Azure Blob Storage Using Rest API

2019-04-17 08:22发布

I am trying to create container using rest api in azure storage. I have followed everything written in microsoft's documentation provided here and tried to create authorization token from here. Still I am getting:

403 Forbidden Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.

Below is my code snippet.

 class Program
{
    private const string BlobStorageAccount = "myacc";
    private const string BlobStorageAccessKey = "ACCESS_KEY";
    static void Main(string[] args)
    {
        CreateContainer("myfirstcontainer");
    }

    private static bool CreateContainer(string containerName)
    {
        String requestMethod = "PUT";
        String msVersion = "2016-05-31";
        string dt = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture);

        String canHeaders = String.Format("x-ms-date:{0}\nx-ms-version:{1}", dt, msVersion);
        String canResource = String.Format("/{0}/{1}\nrestype:container", BlobStorageAccount, containerName);
        String SignStr = String.Format("{0}\n\n\n\n\n\n\n\n\n\n\n\n{1}\n{2}", requestMethod, canHeaders, canResource);
        string auth = CreateAuthString(SignStr);
        string urlPath = string.Format("https://{0}.blob.core.windows.net/{1}?restype=container", BlobStorageAccount, containerName);
        Uri uri = new Uri(urlPath);

        HttpClient client = new HttpClient();
        client.DefaultRequestHeaders.Add("x-ms-date", dt);
        client.DefaultRequestHeaders.Add("x-ms-version", "2016-05-31");
        client.DefaultRequestHeaders.Add("x-ms-client-request-id", Guid.NewGuid().ToString());
        client.DefaultRequestHeaders.Add("Authorization", auth);

        HttpContent empty = null;
        HttpResponseMessage response = client.PutAsync(uri, empty).Result;

        return response.IsSuccessStatusCode;
    }

    private static String CreateAuthString(String SignStr)
    {
        String signature = string.Empty;
        byte[] unicodeKey = Convert.FromBase64String(BlobStorageAccessKey);
        using (HMACSHA256 hmacSha256 = new HMACSHA256(unicodeKey))
        {
            Byte[] dataToHmac = System.Text.Encoding.UTF8.GetBytes(SignStr);
            signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac));
        }

        String authorizationHeader = String.Format(
              CultureInfo.InvariantCulture,
              "{0} {1}:{2}",
              "SharedKey",
              BlobStorageAccount,
              signature);

        return authorizationHeader;
    }
}

1条回答
家丑人穷心不美
2楼-- · 2019-04-17 08:51

Your request includes 3 request headers but canHeaders only include 2. So you would need to add the 3rd header there.

var clientRequestId = Guid.NewGuid().ToString();
String canHeaders = String.Format("x-ms-client-request-id:{0}\nx-ms-date:{1}\nx-ms-version:{2}", clientRequestId, dt, msVersion);
String canResource = String.Format("/{0}/{1}\nrestype:container", BlobStorageAccount, containerName);
        String SignStr = String.Format("{0}\n\n\n\n\n\n\n\n\n\n\n\n{1}\n{2}", requestMethod, canHeaders, canResource);
    string auth = CreateAuthString(SignStr);
    string urlPath = string.Format("https://{0}.blob.core.windows.net/{1}?restype=container", BlobStorageAccount, containerName);
    Uri uri = new Uri(urlPath);

    HttpClient client = new HttpClient();
    client.DefaultRequestHeaders.Add("x-ms-date", dt);
    client.DefaultRequestHeaders.Add("x-ms-version", "2016-05-31");
    client.DefaultRequestHeaders.Add("x-ms-client-request-id", clientRequestId);
    client.DefaultRequestHeaders.Add("Authorization", auth);
查看更多
登录 后发表回答