如何延长文档DB REST API资源令牌的有效期 [英] How to extend the Expiry of a Document DB REST API Resource Token

问题描述

我正在通过前端应用程序中的REST API监视文档数据库集合中的条目.

I am monitoring the entries in a document database collection by means of REST API from a front end application.

RESP API根据某些过滤条件在集合中查询文档列表.

The RESP API queries for a list of documents in the collection based on certain filter criteria.

用于验证REST API调用的令牌是通过.NET SDK生成的.

The token for authenticating the REST API call is generated by means of the .NET SDK.

以下是用于生成令牌的代码段:

Here's the code snippet used for the token generation :

 string GenerateAuthToken(string verb, string resourceId, string resourceType, string key, string keyType, string tokenVersion)
    {
        var hmacSha256 = new System.Security.Cryptography.HMACSHA256 { Key = Convert.FromBase64String(key) };

        string verbInput = verb ?? "";
        string resourceIdInput = resourceId ?? "";
        string resourceTypeInput = resourceType ?? "";

        string dateString = DateTime.UtcNow.ToString("r").ToLower();

        string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture,
            "{0}\n{1}\n{2}\n{3}\n{4}\n",
                verb.ToLowerInvariant(),
                resourceType.ToLowerInvariant(),
                resourceId,
                dateString,
                ""
        );

        byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));
        string signature = Convert.ToBase64String(hashPayLoad);

        return System.Web.HttpUtility.UrlEncode(String.Format(System.Globalization.CultureInfo.InvariantCulture, "type={0}&ver={1}&sig={2}",
            keyType,
            tokenVersion,
            signature));
    }

根据 API文档:

资源令牌必须由中间服务器生成.这 服务器充当主密钥守护者并生成 不受时间限制的令牌，用于不可信的客户端，例如Web浏览器.

Resource tokens must be generated by an intermediate server. The server serves as the master-key guardian and generates time-constrained tokens for untrusted clients, such as web browsers.

此令牌的默认到期时间是多少?有没有办法延长令牌的有效期?

What is the default expiry time for this token? Is there a way to extend the expiry of the token?

推荐答案

默认情况下，资源令牌的有效期为1小时.有效期最多可以覆盖5个小时.

By default, the validity period of a resource token is 1 hour. The validity period can be overridden to up to 5 hours.

如果您使用的是REST，则在创建/替换/读取权限时，必须在"x-ms-documentdb-expiry-seconds"标题中进行设置.

If you’re using REST, it must be set in the "x-ms-documentdb-expiry-seconds" header when you create/replace/read Permission.

有关如何创建一个的更多信息，请参考 https ://docs.microsoft.com/zh-cn/rest/api/documentdb/permissions

For more information on how to create one, please refer to https://docs.microsoft.com/en-us/rest/api/documentdb/permissions

这篇关于如何延长文档DB REST API资源令牌的有效期的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！