用于复制Blob操作问题的Azure SAS令牌 [英] Azure SAS token for copy blob operation issue
本文介绍了用于复制Blob操作问题的Azure SAS令牌的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
根据帖子AuthenticationFailedServer failed to authenticate the request".
I am trying to copy blob form one storage account to another, as per the post here i am able to generate shared access signature (SAS) for x-ms-copy-source. Now my problem is i am unable to pass through the authentication of copy blob operation it says "AuthenticationFailedServer failed to authenticate the request".
我正在使用以下代码生成SAS令牌以及副本Blob的身份验证签名.有人可以帮我解决问题
I am using the below code to generate SAS token as well as authentication signature for copy blob. Can someone help me in fixing the issue
$date = gmdate('D, d M Y H:i:s \G\M\T');
$account_name = "souraccount";
$desaccname = "desaccount";
$destcontainername = "descontainer";
$blobname = "abc.png";
$sourcecontainer = "sourcecontainer";
$source_account_key = "asdfghjkl";
$destination_account_key = "poiuytr";
$expiry = gmdate("Y-m-d\TH:i:s\Z", time() + 30000);
$sig = getSASForBlob($account_name,$sourcecontainer, $blobname, "b", "r", $expiry, $source_account_key );
$url = getBlobUrl($account_name,$account_name,$blobname,"b","r",$expiry,$sig);
$canonicalizedHeaders = "x-ms-copy-source:".$url."\nx-ms-date:$date\nx-ms-version:2015-04-05";
$canonicalizedResource = "/$account_name/$sourcecontainer/$blobname";
$arraysign = array();
$arraysign[] = 'PUT'; /*HTTP Verb*/
$arraysign[] = ''; /*Content-Encoding*/
$arraysign[] = ''; /*Content-Language*/
$arraysign[] = ''; /*Content-Length (include value when zero)*/
$arraysign[] = ''; /*Content-MD5*/
$arraysign[] = ''; /*Content-Type*/
$arraysign[] = ''; /*Date*/
$arraysign[] = ''; /*If-Modified-Since */
$arraysign[] = ''; /*If-Match*/
$arraysign[] = ''; /*If-None-Match*/
$arraysign[] = ''; /*If-Unmodified-Since*/
$arraysign[] = ''; /*Range*/
$arraysign[] = $canonicalizedHeaders; /*CanonicalizedHeaders*/
$arraysign[] = $canonicalizedResource; /*CanonicalizedResource*/
$stringtosign = implode("\n", $arraysign);
$signature = 'SharedKey'.' '.$desaccname.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($destination_account_key ), true));
$endpoint = 'https://'.$desaccname.'.blob.core.windows.net';
echo $url = $endpoint.'/'.$destcontainername.'/'.$blobname;
$headers = [
"x-ms-copy-source:$url",
"x-ms-date:{$date}",
"x-ms-version:2015-04-05",
"Accept:application/json;odata=nometadata",
"Accept-Charset:UTF-8",
"Content-Length:0",
"Authorization:{$signature}"
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);
echo '<pre>';print_r($response);
function getSASForBlob($accountName,$container, $blob, $resourceType, $permissions, $expiry,$source_account_key ){
/* Create the signature */
$_arraysign = array();
$_arraysign[] = $permissions;
$_arraysign[] = '';
$_arraysign[] = $expiry;
$_arraysign[] = '/' . $accountName . '/' . $container . '/' . $blob;
$_arraysign[] = '';
$_arraysign[] = "2015-04-05"; //the API version is now required
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_str2sign = implode("\n", $_arraysign);
return base64_encode(
hash_hmac('sha256', urldecode(utf8_encode($_str2sign)), base64_decode($source_account_key ), true)
);
}
function getBlobUrl($accountName,$container,$blob,$resourceType,$permissions,$expiry,$_signature){
/* Create the signed query part */
$_parts = array();
$_parts[] = 'sv=2015-04-05';
$_parts[] = 'sr=' . $resourceType;
$_parts[] = 'sig=' . urlencode($_signature);
$_parts[] = (!empty($expiry))?'se=' . urlencode($expiry):'';
$_parts[] = (!empty($permissions))?'sp=' . $permissions:'';
/* Create the signed blob URL */
$_url = 'https://'
.$accountName.'.blob.core.windows.net/'
. $container . '/'
. $blob . '?'
. implode('&', $_parts);
return $_url;
}
推荐答案
在下面找到完整的工作代码,以将blob从源存储帐户复制到目标存储帐户. Gaurav Mantri 在评论部分给出的解决方案解决了我的问题
Find below complete working code to copy blob from source storage account to destination storage account. Solution given by Gaurav Mantri in the comments section fixed my issue
$date = gmdate('D, d M Y H:i:s \G\M\T');
$account_name = "saccname"; // Source Storage acoount name
$desaccname = "daccname"; // destination Storage acoount name
$destcontainername = "vhd"; // destination Container name
$blobname = "sblob.vhd"; // source blob name
$sourcecontainer = "vhd"; // source container name
$source_account_key = "sdfsdfdsf";
$destination_account_key = "safdsf";
$expiry = gmdate("Y-m-d\TH:i:s\Z", time() + 30000);
$sig = getSASForBlob($account_name,$sourcecontainer, $blobname, "b", "r", $expiry, $source_account_key);
$xms_copy_source_url = getBlobUrl($account_name,$sourcecontainer,$blobname,"b","r",$expiry,$sig);
$canonicalizedHeaders = "x-ms-copy-source:".$xms_copy_source_url."\nx-ms-date:$date\nx-ms-version:2015-04-05";
$canonicalizedResource = "/$desaccname/$destcontainername/$blobname";
$arraysign = array();
$arraysign[] = 'PUT'; /*HTTP Verb*/
$arraysign[] = ''; /*Content-Encoding*/
$arraysign[] = ''; /*Content-Language*/
$arraysign[] = ''; /*Content-Length (include value when zero)*/
$arraysign[] = ''; /*Content-MD5*/
$arraysign[] = ''; /*Content-Type*/
$arraysign[] = ''; /*Date*/
$arraysign[] = ''; /*If-Modified-Since */
$arraysign[] = ''; /*If-Match*/
$arraysign[] = ''; /*If-None-Match*/
$arraysign[] = ''; /*If-Unmodified-Since*/
$arraysign[] = ''; /*Range*/
$arraysign[] = $canonicalizedHeaders; /*CanonicalizedHeaders*/
$arraysign[] = $canonicalizedResource; /*CanonicalizedResource*/
$stringtosign = implode("\n", $arraysign);
$signature = 'SharedKey'.' '.$desaccname.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($destination_account_key), true));
$endpoint = 'https://'.$desaccname.'.blob.core.windows.net';
$url = $endpoint.'/'.$destcontainername.'/'.$blobname;
$headers = [
"x-ms-copy-source:$xms_copy_source_url",
"x-ms-date:{$date}",
"x-ms-version:2015-04-05",
"Accept:application/json;odata=nometadata",
"Accept-Charset:UTF-8",
'Content-Length:0'
"Authorization:{$signature}"
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);
echo '<pre>';print_r($response);
function getSASForBlob($accountName,$container, $blob, $resourceType, $permissions, $expiry,$source_account_key){
/* Create the signature */
$_arraysign = array();
$_arraysign[] = $permissions;
$_arraysign[] = '';
$_arraysign[] = $expiry;
$_arraysign[] = '/blob/' . $accountName . '/' . $container . '/' . $blob;
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = "2015-04-05"; //the API version is now required
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_arraysign[] = '';
$_str2sign = implode("\n", $_arraysign);
return base64_encode(hash_hmac('sha256', urldecode(utf8_encode($_str2sign)), base64_decode($source_account_key), true));
}
function getBlobUrl($accountName,$container,$blob,$resourceType,$permissions,$expiry,$_signature){
/* Create the signed query part */
$_parts = array();
$_parts[] = (!empty($expiry)) ? 'se=' . urlencode($expiry) : '';
$_parts[] = 'sr=' . $resourceType;
$_parts[] = (!empty($permissions)) ? 'sp=' . $permissions : '';
$_parts[] = 'sig=' . urlencode($_signature);
$_parts[] = 'sv=2015-04-05';
$_parts[] = 'rscd=';
/* Create the signed blob URL */
$_url = 'https://'.$accountName.'.blob.core.windows.net/'. $container . '/'. $blob . '?'. implode('&', $_parts);
return $_url;
}
这篇关于用于复制Blob操作问题的Azure SAS令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
