使用@azure/storage-blobNPM包为blob生成SAS令牌,然后将其附加到blobUrl的末尾后,我收到以下错误消息:
<?xml version="1.0" encoding="utf-8"?>
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:1ef69362-901e-0040-7d73-2d98d5000000
Time:2021-04-09T19:07:19.0571601Z</Message>
<AuthenticationErrorDetail>Signature did not match. String to sign used was r
2021-04-09T19:08:30Z
/blob/[process.env.STORAGE_ACCOUNT]/[container]/[blobName]
2020-06-12
b
</AuthenticationErrorDetail>
</Error>
我将这些值与sasOptions中提供的参数进行了比较,它们完全匹配。我的相关Node.js代码如下:
let blobUrl =
`https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net/${container}/${blobName}`;
const sasOptions = {
containerName: containerClient.containerName,
blobName: blobName,
expiresOn: new Date(new Date().valueOf() + 86400),
permissions: BlobSASPermissions.parse('r')
};
const sharedKeyCredential = new StorageSharedKeyCredential(
process.env.STORAGE_ACCOUNT,
process.env.AZURE_STORAGE_CONNECTION_STRING
);
const sasToken = generateBlobSASQueryParameters(sasOptions, sharedKeyCredential).toString();
blobUrl += sasToken;
问题解决了!问题是:
- 我确实需要使用帐户密钥而不是连接字符串,并且
- 在将
sasToken附加到blobUrl时,我需要添加?手掌
最终代码如下:
const blockBlobClient = containerClient.getBlockBlobClient(blobName);
await blockBlobClient.upload(data, data.length, { blobHTTPHeaders: { blobContentType: contentType }});
let blobUrl = `https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net/${container}/${blobName}`;
const sasOptions = {
containerName: containerClient.containerName,
blobName: blobName,
expiresOn: new Date(new Date().valueOf() + 86400),
permissions: BlobSASPermissions.parse('r'),
protocol: SASProtocol.https
};
const sharedKeyCredential = new StorageSharedKeyCredential(process.env.STORAGE_ACCOUNT, process.env.STORAGE_ACCOUNT_KEY);
const sasToken = generateBlobSASQueryParameters(sasOptions, sharedKeyCredential).toString();
blobUrl += `?${sasToken}`;