HTTP请求'...'中找到的MAC签名与任何计算出的签名都不相同 [英] The MAC signature found in the HTTP request '...' is not the same as any computed signature
问题描述
我正在邮递员中发送以下请求,以通过此URL https://steamo.blob.core.windows.net/testcontainer/dog.jpg
I'm sending the following request in Postman to retrieve a simple .jpg from Azure Blob storage at this URL https://steamo.blob.core.windows.net/testcontainer/dog.jpg
GET /testcontainer/dog.jpg HTTP/1.1
Host: steamo.blob.core.windows.net
Authorization: SharedKey steamo:<my access key>
x-ms-date: Tue, 26 May 2015 17:35:00 GMT
x-ms-version: 2014-02-14
Cache-Control: no-cache
Postman-Token: b1134f8a-1a03-152c-2810-9cb351efb9ce
如果您不熟悉邮递员它只是一个REST客户端-可能会忽略Postman-Token标头。
If you're unfamiliar with Postman it is just a REST client - the Postman-Token header can probably be ignored.
我的访问密钥是从我的Azure管理门户复制的。
My access key is copied from my Azure Management Portal.
我收到此错误:
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:2482503d-0001-0033-60da-9708ed000000 Time:2015-05-26T17:35:41.4577821Z
具有以下AutheticationErrorDetail:
With this AutheticationErrorDetail:
The MAC signature found in the HTTP request '<my access key>' is not the same as any computed signature. Server used following string to sign: 'GET x-ms-date:Tue, 26 May 2015 17:35:00 GMT x-ms-version:2014-02-14 /steamo/testcontainer/dog.jpg'.
我该如何解决?让我知道是否需要我提供更多信息。
How do I fix this? Let me know if you need any more info from me.
推荐答案
Azure存储的身份验证不仅仅是提供访问权限的问题密钥(不是很安全)。您需要创建一个表示给定请求的签名字符串,使用HMAC-SHA256算法对字符串进行签名(使用存储密钥进行签名),然后将结果编码为base64。请参见 https://msdn.microsoft.com/en-us/library/azure/dd179428.aspx 完整详细信息,包括如何构造签名字符串。
Authentication for Azure Storage is not simply a matter of providing the access key (that is not very secure). You need to create a signature string that represents the given request, sign the string with the HMAC-SHA256 algorithm (using your storage key to sign), and encode the result in base 64. See https://msdn.microsoft.com/en-us/library/azure/dd179428.aspx for full details, including how to construct the signature string.
这篇关于HTTP请求'...'中找到的MAC签名与任何计算出的签名都不相同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
