使用连接字符串对 Azure 进行身份验证

Using the connection String to Authenticate into Azure

我已经给出了一个连接字符串。我需要使用它来对 Azure Blob 存储进行身份验证。显示的连接字符串包含: 密钥、帐户名、协议、后缀。

连接字符串示例:

DefaultEndpointsProtocol=https;AccountName=$$$$$*****;AccountKey=kjdjkfhdjskhfsdfhlksdhfkldshfishishfldslflkjfklsVvJDynYEkiEqWCZkdfkhdkjshfdshfs==;EndpointSuffix=core.windows.net

现在,当我查找 authorization article 时,提到了多种方法,但没有描述使用此连接字符串进行授权的文章或方法。

如果有人可以指导如何使用连接字符串连接到 azure 存储以便我们可以列出 containers

,那将非常有帮助

您可以使用 执行此操作而无需任何 Azure SDK,只需按照参考 here

从 GitHub 克隆源代码并开始使用它,

git clone https://github.com/Azure-Samples/storage-dotnet-rest-api-with-auth.git

您只需要 StorageAccountName 和 StorageAccount 密钥

string StorageAccountName = "myaccount";
string StorageAccountKey = "WoZ0ZnpXzvdAKoCPRrsa7RniqsdsdfedDFddasds+msk4ViI38WUUMS+qZmd7aoxw==";

一切都很简单,你只需要授权逻辑

internal static AuthenticationHeaderValue GetAuthorizationHeader(
           string storageAccountName, string storageAccountKey, DateTime now,
           HttpRequestMessage httpRequestMessage, string ifMatch = "", string md5 = "")
        {
            // This is the raw representation of the message signature.
            HttpMethod method = httpRequestMessage.Method;
            String MessageSignature = String.Format("{0}\n\n\n{1}\n{5}\n\n\n\n{2}\n\n\n\n{3}{4}",
                      method.ToString(),
                      (method == HttpMethod.Get || method == HttpMethod.Head) ? String.Empty
                        : httpRequestMessage.Content.Headers.ContentLength.ToString(),
                      ifMatch,
                      GetCanonicalizedHeaders(httpRequestMessage),
                      GetCanonicalizedResource(httpRequestMessage.RequestUri, storageAccountName),
                      md5);

            // Now turn it into a byte array.
            byte[] SignatureBytes = Encoding.UTF8.GetBytes(MessageSignature);

            // Create the HMACSHA256 version of the storage key.
            HMACSHA256 SHA256 = new HMACSHA256(Convert.FromBase64String(storageAccountKey));

            // Compute the hash of the SignatureBytes and convert it to a base64 string.
            string signature = Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));

            // This is the actual header that will be added to the list of request headers.
            // You can stop the code here and look at the value of 'authHV' before it is returned.
            AuthenticationHeaderValue authHV = new AuthenticationHeaderValue("SharedKey",
                storageAccountName + ":" + Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes)));
            return authHV;
        }

这是生成散列授权 header 的关键部分,如

Authorization: SharedKey myaccount:38Uh5PAe29Kk8dKZ/km90u2sIyEfKiG5RWCb77VoPpE=

你终于可以列出你的容器了