在 Salesforce 中创建 Azure 文件存储 SAS 不起作用
Creating Azure File Storage SAS in Salesforce does not work
我正在尝试为 Salesforce Apex 中的 Azure 文件存储创建共享访问签名 (SAS),但没有成功。这是我的代码:
String link = 'https://<accountName>.file.core.windows.net/<folderName>/test.txt';
String key = '...' // key of the account
String spe = 'r'; //read
String st = '2018-06-07T08:49:00Z';
String se = '2018-06-09T08:49:00Z';
String res = '/file/<accountName>/<folderName>/test.txt';
String sv = '2017-11-09';
String sr = 'f'; // file
String spr = 'https';
String sts = spe + '\n' +
st + '\n' +
se + '\n' +
res + '\n' +
spr + '\n'+
sv + '\n';
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), Blob.valueOf(key));
String sas = EncodingUtil.base64Encode(data);
sas = EncodingUtil.urlEncode(sas, 'UTF-8');
link += '?sv=' + sv + '&st=' + st + '&se=' + se + '&sr=' + sr + '&sp=' + spe
+ '&spr=' + spr + '&sig=' + sas;
System.debug(link);
当我在浏览器中复制粘贴 link 时,响应是:
<Error>
<Code>AuthenticationFailed</Code>
<Message>
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:... Time:2018-06-07T21:56:01.7374549Z
</Message>
<AuthenticationErrorDetail>
Signature did not match. String to sign used was r 2018-06-07T08:49:00Z 2018-06-09T08:49:00Z /file/<accountName>/<folderName>/test.txt https 2017-11-09
</AuthenticationErrorDetail>
</Error>
我做错了什么?
如错误消息中所述,这似乎与身份验证问题有关,我建议访问以下两个链接:https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-an-account-sas
和 https://zimmergren.net/azure-storage-rest-api-authenticate-with-c/ 检查您的身份验证的有效性 header:
an example of an account SAS:
https://storagesample.blob.core.windows.net/sample-container?restype=container&comp=metadata&sv=2015-04-05ss=bfqt&srt=sco&sp=rl&se=2015-09-20T08:49Z&sip=168.1.5.60-168.1.5.70&sig=a39%2BYozJhGp6miujGymjRpN8tsrQfLo9Z3i8IRyIpnQ%3d
正如@superfell 在评论中提到的,问题在于以下代码行:
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), Blob.valueOf(key));
请将这行代码改为:
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), EncodingUtil.base64Decode(key));
你不应该得到这个错误。本质上,密钥是一个 base64 编码的字符串,您需要使用适当的解码方法来获取字节数组。
谢谢@Gaurav。您的解决方案有效,但是不完整。它仍然给我错误。这是我为使它起作用所做的工作:
String spe = 'r';
String st = '';
String se = '2018-06-10T07:00:00Z';
String res = '/file/<accountName>/<folderName>/test.txt';
String si = '';
String sip = '';
String spr = '';
String sr = 'f';
String sv = '2017-11-09';
String rscc = '';
String rscd = '';
String rsce = '';
String rscl = '';
String rsct = '';
String sts = spe + '\n' +
st + '\n' +
se + '\n' +
res + '\n' +
si + '\n' +
sip + '\n' +
spr + '\n'+
sv + '\n' +
rscc + '\n' +
rscd + '\n' +
rsce + '\n' +
rscl + '\n' +
rsct;
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), EncodingUtil.base64Decode(key));
String sas = EncodingUtil.base64Encode(data);
sas = EncodingUtil.urlEncode(sas, 'UTF-8');
link += '?sv=' + sv + '&se=' + se + '&sr=' + sr + '&sp=' + spe + '&sig=' + sas;
System.debug(link);
我正在尝试为 Salesforce Apex 中的 Azure 文件存储创建共享访问签名 (SAS),但没有成功。这是我的代码:
String link = 'https://<accountName>.file.core.windows.net/<folderName>/test.txt';
String key = '...' // key of the account
String spe = 'r'; //read
String st = '2018-06-07T08:49:00Z';
String se = '2018-06-09T08:49:00Z';
String res = '/file/<accountName>/<folderName>/test.txt';
String sv = '2017-11-09';
String sr = 'f'; // file
String spr = 'https';
String sts = spe + '\n' +
st + '\n' +
se + '\n' +
res + '\n' +
spr + '\n'+
sv + '\n';
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), Blob.valueOf(key));
String sas = EncodingUtil.base64Encode(data);
sas = EncodingUtil.urlEncode(sas, 'UTF-8');
link += '?sv=' + sv + '&st=' + st + '&se=' + se + '&sr=' + sr + '&sp=' + spe
+ '&spr=' + spr + '&sig=' + sas;
System.debug(link);
当我在浏览器中复制粘贴 link 时,响应是:
<Error>
<Code>AuthenticationFailed</Code>
<Message>
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:... Time:2018-06-07T21:56:01.7374549Z
</Message>
<AuthenticationErrorDetail>
Signature did not match. String to sign used was r 2018-06-07T08:49:00Z 2018-06-09T08:49:00Z /file/<accountName>/<folderName>/test.txt https 2017-11-09
</AuthenticationErrorDetail>
</Error>
我做错了什么?
如错误消息中所述,这似乎与身份验证问题有关,我建议访问以下两个链接:https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-an-account-sas
和 https://zimmergren.net/azure-storage-rest-api-authenticate-with-c/ 检查您的身份验证的有效性 header:
an example of an account SAS:
https://storagesample.blob.core.windows.net/sample-container?restype=container&comp=metadata&sv=2015-04-05ss=bfqt&srt=sco&sp=rl&se=2015-09-20T08:49Z&sip=168.1.5.60-168.1.5.70&sig=a39%2BYozJhGp6miujGymjRpN8tsrQfLo9Z3i8IRyIpnQ%3d
正如@superfell 在评论中提到的,问题在于以下代码行:
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), Blob.valueOf(key));
请将这行代码改为:
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), EncodingUtil.base64Decode(key));
你不应该得到这个错误。本质上,密钥是一个 base64 编码的字符串,您需要使用适当的解码方法来获取字节数组。
谢谢@Gaurav。您的解决方案有效,但是不完整。它仍然给我错误。这是我为使它起作用所做的工作:
String spe = 'r';
String st = '';
String se = '2018-06-10T07:00:00Z';
String res = '/file/<accountName>/<folderName>/test.txt';
String si = '';
String sip = '';
String spr = '';
String sr = 'f';
String sv = '2017-11-09';
String rscc = '';
String rscd = '';
String rsce = '';
String rscl = '';
String rsct = '';
String sts = spe + '\n' +
st + '\n' +
se + '\n' +
res + '\n' +
si + '\n' +
sip + '\n' +
spr + '\n'+
sv + '\n' +
rscc + '\n' +
rscd + '\n' +
rsce + '\n' +
rscl + '\n' +
rsct;
Blob data = crypto.generateMac('HmacSHA256', Blob.valueOf(sts), EncodingUtil.base64Decode(key));
String sas = EncodingUtil.base64Encode(data);
sas = EncodingUtil.urlEncode(sas, 'UTF-8');
link += '?sv=' + sv + '&se=' + se + '&sr=' + sr + '&sp=' + spe + '&sig=' + sas;
System.debug(link);