Azure:按照文档完成后,使用Azure REST API的表acl GET无法正常工作 [英] Azure: Table acl GET using Azure REST API do not work when done as per documentation
问题描述
我正在使用 GET的Azure REST文档ACL表,下面是我正在执行的REST操作的代码段.
Below is the code snippet for REST operation I am performing.
//Input your Storage Account and access-key associated to it.
const yourStorageAccountName = '';
const accessKeyStorageAccount = '';
const Client = require('node-rest-client').Client;
const crypto = require("crypto");
async function getTableAcl() {
let now = new Date();
let nowUTC = now.toUTCString();
let contentType = "application/json"
// construct input value
let stringToSign = `GET\n\n\n${nowUTC}\n/${yourStorageAccountName}/tablename\ncomp:acl`;
let accesskey = accessKeyStorageAccount;
// create base64 encoded signature
let key = new Buffer(accesskey, "base64");
let hmac = crypto.createHmac("sha256", key);
hmac.update(stringToSign);
let sig = hmac.digest("base64");
console.log("SIGNATURE : " + sig);
console.log("nowutc : " + nowUTC);
let args = {
headers: {
"Authorization": "SharedKey " + yourStorageAccountName + ":" + sig,
"Date": nowUTC,
"x-ms-version": "2015-12-11"
}
};
let restClient = new Client();
restClient.get(`https://${yourStorageAccountName}.table.core.windows.net/tablename?comp=acl`, args, function (data, response) {
console.log(JSON.stringify(data));
//console.log(response);
});
}
getTableAcl()
这里的问题是 Azure Table ACL文档,但是在Authorization标头部分中给出了Content-Type.因此,我在"stringToSign"中将content-type保持为空,并且在REST调用中未提供Content-Type标头.我可能会丢失一些东西,但无法确定可能是什么.
The catch here is that there is no mention of Content-Type in Azure Table ACL documentation but in Authorization header part it is given to include Content-Type. Hence I am keeping the content-type as empty in "stringToSign" and am not providing the Content-Type header in the REST call. I might be missing something but I am not able to determine what it could be.
在这种情况下,您是否可以误导我,可以让我知道吗?
Can you let me know if I am mising anything in this case?
推荐答案
基本上,问题在于您正在正确生成规范化的资源字符串.
Basically the issue is that you're generating canonicalized resource string correctly.
文档指出以下内容:
2009-09-19和更高版本的Shared Key Lite和Table服务格式
此格式支持所有版本的共享密钥和共享密钥精简版 表服务,以及2009-09-19版的Shared Key Lite和 Blob和队列服务的更高版本以及2014-02-14和更高版本 文件服务.此格式与用于 存储服务的早期版本.构造 CanonicalizedResource字符串,其格式如下:
This format supports Shared Key and Shared Key Lite for all versions of the Table service, and Shared Key Lite for version 2009-09-19 and later of the Blob and Queue services and version 2014-02-14 and later of the File service. This format is identical to that used with previous versions of the storage services. Construct the CanonicalizedResource string in this format as follows:
- 从空字符串(")开始,附加正斜杠(/),后跟拥有资源的帐户名称 已访问.
- 附加资源的编码URI路径.如果请求URI解决了资源的一部分,请附加适当的查询 细绳.查询字符串应包含问号和comp 参数(例如,?comp = metadata).不应有其他参数 包含在查询字符串中.
- Beginning with an empty string (""), append a forward slash (/), followed by the name of the account that owns the resource being accessed.
- Append the resource's encoded URI path. If the request URI addresses a component of the resource, append the appropriate query string. The query string should include the question mark and the comp parameter (for example, ?comp=metadata). No other parameters should be included on the query string.
基于此,您的stringToSign应该是:
let stringToSign = `GET\n\n\n${nowUTC}\n/${yourStorageAccountName}/tablename?comp=acl`;
尝试一下,它应该可以工作.
Give it a try, it should work.
这篇关于Azure:按照文档完成后,使用Azure REST API的表acl GET无法正常工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
