What I am trying to do is connect to the Azure Storage Rest API List Blobs. Ref: http://msdn.microsoft.com/en-us/library/windowsazure/dd135734.aspx
I have tried to follow http://msdn.microsoft.com/en-us/library/windowsazure/dd179428.aspx in order to specify the authorization header however I get a 403 error - forbidden.
Code:
Uri address = new Uri("https://account.blob.core.windows.net/$logs?restype=container&comp=list");
HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(address);
req.Headers["x-ms-date"] = "2013-09-04";
req.Headers["x-ms-version"] = "2012-02-12";
req.Method = "GET";
string StringToSign = "GET\n"
+ "\n" // content encoding
+ "\n" // content language
+ "\n" // content length
+ "\n" // content md5
+ "\n" // content type
+ "\n" // date
+ "\n" // if modified since
+ "\n" // if match
+ "\n" // if none match
+ "\n" // if unmodified since
+ "\n" // range
+ "x-ms-date: 2013-09-04\nx-ms-version:2012-02-12\n" // headers
+ "/account/blob\ncomp:list\nrestype:container"; // resources
string accountName = "account";
string key = Convert.ToBase64String(Encoding.Default.GetBytes(StringToSign));
req.Headers["Authorization"] = string.Format("SharedKey {0}:{1}", accountName, key);
HttpWebResponse resp = req.GetResponse() as HttpWebResponse;
Can anyone see any mistakes? Is there a tool which can generate the key? One thing I am not sure of is I am encoding/hashing the string correctly.
Thanks, Andrew
Update with latest code. This code gives me a Forbidden error.
DateTime dt = DateTime.UtcNow;
string StringToSign = "GET\n"
+ "\n" // content encoding
+ "\n" // content language
+ "\n" // content length
+ "\n" // content md5
+ "\n" // content type
+ "\n" // date
+ "\n" // if modified since
+ "\n" // if match
+ "\n" // if none match
+ "\n" // if unmodified since
+ "\n" // range
+ "x-ms-date: " + dt.ToString("R") + "\nx-ms-version:2012-02-12\n" // headers
+ "/account/$logs\ncomp:list\nrestype:container";
string auth = SignThis(StringToSign, "accountkey", "account");
string method = "GET";
string urlPath = "https://account.blob.core.windows.net/$logs?restype=container&comp=list";
Uri uri = new Uri(urlPath);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri);
request.Method = method;
request.Headers.Add("x-ms-date", dt.ToString("R"));
request.Headers.Add("x-ms-version", "2012-02-12");
request.Headers.Add("Authorization", auth);
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
}
There are some issues with the code above. But before that, first thing you would need is the key for your storage account. You can get it from Windows Azure Portal. Click on the storage account name in the portal and then click on "MANAGE ACCESS KEYS" as shown in the screenshot below:
Now for the issues:
The way you're creating the authorization header is incorrect. For creating the authorization header, you would need account name, account key and
StringToSign
from your code above. Try this code:The function above will provide authorization header which you would need to pass as authorization.
2nd thing I noticed was that in the code for
StringToSign
, you're not passing the container name. So yourStringToSign
should be:You mentioned that you're quite new to Windows Azure. If I may suggest - implementing REST API has been done by a number of folks earlier also. Please take a look at what they have done instead of trying to do the same thing again. You may find these links useful:
http://convective.wordpress.com/2010/08/18/examples-of-the-windows-azure-storage-services-rest-api/
http://azurestoragesamples.codeplex.com/ - Look at the REST API implementation in this project.
UPDATE
Here's the working code (just change the account name, key and the container name)
Hope this helps.