为什么我的Azure SAS令牌签名不匹配? [英] Why isn't my Azure SAS Token Signature matching?
问题描述
这是我尝试访问存储中的Blob时返回的错误:
This is the error returned when I try to access a blob in storage:
代码:AuthenticationFailed消息:服务器无法验证请求.请确保正确构成Authorization标头的值,包括签名.AuthenticationErrorDetail:签名不匹配.用于签名的字符串是xxstorageaccount rwdlac b sco 2017-08-17T21:29:24Z 2017-08-17T21:34:24Z https 2017-04-17
Code: AuthenticationFailed Message: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. AuthenticationErrorDetail: Signature did not match. String to sign used was xxstorageaccount rwdlac b sco 2017-08-17T21:29:24Z 2017-08-17T21:34:24Z https 2017-04-17
这是我的代码:
$storageAccount = config('azure.storage.account');
$start = new \DateTime();
$end = (new \DateTime())->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');
$toSign = $storageAccount . "\n";
$toSign .= "rwdlac" . "\n";
$toSign .= "b" . "\n";
$toSign .= "sco" . "\n";
$toSign .= $start . "\n";
$toSign .= $end . "\n";
$toSign .= "\n";
$toSign .= "https" . "\n";
$toSign .= "2017-04-17" . "\n";
$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, $sasKeyValue, TRUE)));
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;
return $uri . $token;
推荐答案
您可以做两件事来避免此错误.
You could do 2 things to avoid this error.
Convert start and end time to GMT time via
setTimezone()function or consider using the gmdate function instead.
通过 base64_decode()函数解码base64帐户密钥.
Decode base64 account key through base64_decode() function.
请按以下方式更改您的代码:
Please change your code like the following:
$storageAccount = config('azure.storage.account');
$start = (new \DateTime())->setTimezone(new DateTimeZone('GMT'));
$end = (new \DateTime())->setTimezone(new DateTimeZone('GMT'))->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');
$toSign = $storageAccount . "\n";
$toSign .= "rwdlac" . "\n";
$toSign .= "b" . "\n";
$toSign .= "sco" . "\n";
$toSign .= $start . "\n";
$toSign .= $end . "\n";
$toSign .= "\n";
$toSign .= "https" . "\n";
$toSign .= "2017-04-17" . "\n";
$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, base64_decode($sasKeyValue), TRUE)));
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;
return $uri . $token;
这篇关于为什么我的Azure SAS令牌签名不匹配?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
