使用Azure应用程序服务和Intel Edison进行GET请求 [英] GET request using Azure app services and Intel Edison

问题描述

我想使用REST API从azure应用程序服务的简单表中读取数据，并将其读取到Intel Edison.在我使用Azure移动服务执行相同操作之前，我的代码是这样. PS:我正在通过Arduino IDE对该设备进行编程.

void send_request()  
{  
  Serial.println("\nconnecting...");  
  if (client.connect(server, 80)) {   

  // POST URI  
 sprintf(buffer, "GET /tables/%s HTTP/1.1", table_name);  
 client.println(buffer);  

 // Host header  
 sprintf(buffer, "Host: %s", server);  
 client.println(buffer);  

 // Azure Mobile Services application key  
 sprintf(buffer, "X-ZUMO-APPLICATION: %s", ams_key);  
 client.println(buffer);  

 // JSON content type  
 client.println("Content-Type: application/json");  

client.print("Content-Length: ");  
client.println(strlen(buffer));  

// End of headers  
client.println();  

// Request body  
client.println(buffer);  

} 
else {  
Serial.println("connection failed");  
}  
}   

其中服务器名称为"genesis-iot-control.azure-mobile.net"；

，但是现在身份验证已更改，并且移动服务已由应用程序服务代替.如何在Intel Edison上使用REST API访问它们?

我遵循了这个线索，但是没有解决方案.

感谢您提供任何帮助.

解决方案

应用密钥"机制已从移动应用中删除. 您需要实施自己的标题检查.

有关更多信息，请参见此文章:
https://github.com/Azure/azure-mobile-apps-net-server/wiki/Implementing-Application-Key

本质上，您从Edison发送一个X-YOUR-CUSTOM-HEADER: SeCreT=，并在您的Node/C#移动应用程序后端代码中的应用程序设置"(在门户中定义)中检查其值.

是的，他们应该保留旧的机制，默认情况下将其禁用，但允许我们使用应用程序设置将其重新打开.

一种替代方法是从Azure AD获得 Bearer令牌，并将其与Authorization: Bearer ToKen=一起使用(但是除非您还负责刷新它，否则该令牌最终还是会过期)，或构建另一个向其发送机密的Web应用程序(或当前版本的API终结点)，然后发送到Azure AD并交给Bearer令牌.

或者，如果您确实要度过一个非常有趣的下午，请在爱迪生(Edison)那里进行OAuth舞蹈！
curl示例在这里: https://ahmetalpbalkan.com/blog/azure-rest-api-with -oauth2/

对于一个2KB的微型存储设备(例如Arduino Uno)，已经将Bearer令牌和刷新令牌存储在内存中了.

我非常有兴趣了解是否有人可以使用Mobile Apps从微控制器进行身份验证，从而获得更好/更有效/更安全的方法.

示例-使用X-SECRET作为您的自定义身份验证标头:

 // Todoitem.js

var azureMobileApps = require('azure-mobile-apps');

// Create a new table definition
var table = azureMobileApps.table();

// Execute only if x-secret header matches our secret
table.read(function (context) {
  // All header names are in lowercase in context.req.headers
  console.info('Got x-secret header with value: ' +
                context.req.headers['x-secret']);
  if (context.req.headers['x-secret'] == process.env.SECRET) {
    console.info('Secret matches value in App Settings.');
    return context.execute();
  }
});

// Removed CREATE, UPDATE, DELETE definitions for brevity.
// YOU NEED TO PROTECT THOSE METHODS AS WELL!

// Finally, export the table to the Azure Mobile Apps SDK - it can be
// read using the azureMobileApps.tables.import(path) method
module.exports = table;
 

从curl看到的

行为(不必说，如果爱迪生可以这样做，则应该使用 HTTPS ):

 $ curl -s  -i http://{mobileapp}.azurewebsites.net/tables/todoitem \
           -H "ZUMO-API-VERSION: 2.0.0"

HTTP/1.1 404 Not Found
...
X-Powered-By: Express

{"error":"The item does not exist"}




$ curl -s  -i http://{mobileapp}.azurewebsites.net/tables/todoitem \
           -H "ZUMO-API-VERSION: 2.0.0" \
           -H "X-SECRET: SeCr3T="

HTTP/1.1 200 OK
...
X-Powered-By: Express

[
  { 
     "id": "40b996d6-ec7f-4188-a310-0f02808e7093",
     "createdAt": "2016-08-31T11:30:11.955Z",
     ...
     "Yo_node":"Sup"
  }
]
 

使用 App Service编辑器(摩纳哥/Visual Studio在线编辑器)进行编码和检查输出- https://{mobileapp} .scm.azurewebsites.net/dev

I wanted to read data from an azure app service's easy tables using REST API to an Intel Edison. Before I did the same using Azure Mobile Services and my code was this. PS: I'm programming the device by the Arduino IDE.

void send_request()  
{  
  Serial.println("\nconnecting...");  
  if (client.connect(server, 80)) {   

  // POST URI  
 sprintf(buffer, "GET /tables/%s HTTP/1.1", table_name);  
 client.println(buffer);  

 // Host header  
 sprintf(buffer, "Host: %s", server);  
 client.println(buffer);  

 // Azure Mobile Services application key  
 sprintf(buffer, "X-ZUMO-APPLICATION: %s", ams_key);  
 client.println(buffer);  

 // JSON content type  
 client.println("Content-Type: application/json");  

client.print("Content-Length: ");  
client.println(strlen(buffer));  

// End of headers  
client.println();  

// Request body  
client.println(buffer);  

} 
else {  
Serial.println("connection failed");  
}  
}   

where server name was "genesis-iot-control.azure-mobile.net";

but now authentication has changed and mobile service has been replaced by app service. How can I access them using REST API on Intel Edison?

I had followed this lead but with no solutions.

Any kind of help is appreciated.

解决方案

The Application Key mechanism has been removed from Mobile Apps. You'll need to implement-your-own-header check.

See this article for more:
https://github.com/Azure/azure-mobile-apps-net-server/wiki/Implementing-Application-Key

In essence, you send a X-YOUR-CUSTOM-HEADER: SeCreT= from your Edison and check its value against an Application Setting (defined in the Portal) in your Node/C# Mobile App backend code.

Yes, they should have kept the old mechanism going, disable it by default but allow us to turn it back on with an application setting.

An alternative to that would be to either get a Bearer token from Azure AD and use that with Authorization: Bearer ToKen= (but that's eventually going to expire anyway unless you also take care of refreshing it), or build another Web App (or API endpoint in your current one) that you send a secret to, goes out to Azure AD and hands you the Bearer token.

OR if you're really in for a very entertaining afternoon, do the OAuth dance from your Edison!
A curl sample here: https://ahmetalpbalkan.com/blog/azure-rest-api-with-oauth2/

For a tiny 2KB memory device (like Arduino Uno), storing both Bearer token and refresh token in memory is already game over.

I'd be very interested to learn if anyone has a better/more efficient/more secure approach to do authentication from microcontrollers with Mobile Apps.

Example - using X-SECRET as your custom authentication header:

// Todoitem.js

var azureMobileApps = require('azure-mobile-apps');

// Create a new table definition
var table = azureMobileApps.table();

// Execute only if x-secret header matches our secret
table.read(function (context) {
  // All header names are in lowercase in context.req.headers
  console.info('Got x-secret header with value: ' +
                context.req.headers['x-secret']);
  if (context.req.headers['x-secret'] == process.env.SECRET) {
    console.info('Secret matches value in App Settings.');
    return context.execute();
  }
});

// Removed CREATE, UPDATE, DELETE definitions for brevity.
// YOU NEED TO PROTECT THOSE METHODS AS WELL!

// Finally, export the table to the Azure Mobile Apps SDK - it can be
// read using the azureMobileApps.tables.import(path) method
module.exports = table;

Behavior as seen from curl (needless to say you should use HTTPS if your Edison can do that):

$ curl -s  -i http://{mobileapp}.azurewebsites.net/tables/todoitem \
           -H "ZUMO-API-VERSION: 2.0.0"

HTTP/1.1 404 Not Found
...
X-Powered-By: Express

{"error":"The item does not exist"}




$ curl -s  -i http://{mobileapp}.azurewebsites.net/tables/todoitem \
           -H "ZUMO-API-VERSION: 2.0.0" \
           -H "X-SECRET: SeCr3T="

HTTP/1.1 200 OK
...
X-Powered-By: Express

[
  { 
     "id": "40b996d6-ec7f-4188-a310-0f02808e7093",
     "createdAt": "2016-08-31T11:30:11.955Z",
     ...
     "Yo_node":"Sup"
  }
]

Using App Service Editor (Monaco / Visual Studio Online Editor) to code and check output - https://{mobileapp}.scm.azurewebsites.net/dev

这篇关于使用Azure应用程序服务和Intel Edison进行GET请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！