鉴于我的环境限制,SAS似乎是一个简单的令牌,我想"手动"生成它。
我试图遵循微软的文档如何生成SAS,但我总是会收到一个错误:
curl.exe -X PUT -T .arckep2.jpg -H "Content-Type: image/jpeg" -H "x-ms-date: $now" -H "x-ms-blo
b-type: BlockBlob" "http://127.0.0.1:10000/devstoreaccount1/profile-images/arckep3.jpg?sv=2018-03-28&sr=c&sig=2%2FKJVDhs2O5%2F5nAGpGzxRhnN4PE4AqPHOe3fFe7qC7o%3D&st=2019
-05-23T00%3A00%3A00Z&se=2019-05-25T00%3A00%3A00Z&sp=rwdl"
返回:
<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:d1313189-cde5-463d-8476-1aab15a9f03d
Time:2019-05-24T09:20:16.1975584Z</Message><AuthenticationErrorDetail>Signature did not match. String to sign used was rwdl
2019-05-23T00:00:00Z
2019-05-25T00:00:00Z
/blob/devstoreaccount1/profile-images
2018-03-28
</AuthenticationErrorDetail></Error>
这是怎么回事?
我试图在Codepen中复制Azure-sdk-for-js:https://codepen.io/nagyv/pen/mdvpgx
const secret = "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==" // Secret for every Azure storage emulator
function getParts() {
return [
"rwdl",
"2019-05-23T00:00:00Z",
"2019-05-25T00:00:00Z",
"/blob/devstoreaccount1/profile-images",
"",
"",
"",
"2018-03-28",
"",
"",
"",
"",
""
].join("n")
}
const parts = getParts()
function sign(message) {
const crypted = CryptoJS.HmacSHA256(message, secret);
return CryptoJS.enc.Base64.stringify(crypted)
}
const content = document.getElementById('content')
content.innerHTML = encodeURIComponent(sign(parts))
上下文
我想使用基于JavaScript的在线无服务器后端(GamesParks(为我的基于浏览器的应用程序生成SAS。不幸的是,鉴于后端,我无法使用Azure节点SDK生成SAS。由于SAS似乎是一个简单的令牌,我想"手动"生成它。
经过一番处理后,我意识到问题是在Azure的解决方案的情况下将秘密解码为基础64。
这显示了如何获得相同的消化:https://stackoverflow.com/a/56295850/245493
此更改为
function sign(message) {
const crypted = CryptoJS.HmacSHA256(message, CryptoJS.enc.Base64.parse(secret))
return CryptoJS.enc.Base64.stringify(crypted)
}
解决我的问题。