AzureStorage:服务器无法对请求进行身份验证。确保 Authorization header 的值正确形成,包括签名
AzureStorage: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
我几乎浏览了与此论坛和其他论坛相关的所有 SO 答案,但我仍然无法找出实际问题。此应用程序是控制台应用程序,将部署在 On-Premise 环境中并将文件上传到 Azure blob。
我正在使用 WindowsAzure.Storage 9.3.3,代码如下。
static void CreateBlob(string accountName, string containerName, string blobName, string accessToken)
{
var tokenCredential = new TokenCredential(accessToken);
var storageCredentials = new StorageCredentials(tokenCredential);
var storageAccount = new CloudStorageAccount(storageCredentials, accountName, string.Empty, useHttps: true);
var cloudBlobClient = storageAccount.CreateCloudBlobClient();
var cloudBlobContainer = cloudBlobClient.GetContainerReference(containerName);
CloudBlockBlob blockBlob = cloudBlobContainer.GetBlockBlobReference(blobName);
string blobContents = "Blob created by Azure AD authenticated user.";
byte[] byteArray = Encoding.ASCII.GetBytes(blobContents);
try
{
using (MemoryStream stream = new MemoryStream(byteArray))
{
blockBlob.UploadFromStreamAsync(stream).Wait();
}
Console.WriteLine("upload successful");
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
Console.ReadLine();
}
}
并获得如下令牌。
public static string GetOAuthToken(string activeDirectoryTenantId, string
activeDirectoryApplicationSecret, string activeDirectoryApplicationId)
{
string resourceId = $"https://storage.azure.com";
var authority = String.Format("https://login.windows.net/" + activeDirectoryTenantId);
var credential = new ClientCredential(activeDirectoryApplicationId, activeDirectoryApplicationSecret);
var context = new AuthenticationContext(authority);
var result = context.AcquireTokenAsync(resourceId, credential).Result;
return result.AccessToken;
}
任何人都可以建议我可能遗漏了什么吗?
P/S 我已经确认我的本地系统与正确的 UTC 时间同步。
我试过你问题中的代码,它成功上传了 blob。
注:
- 将
Storage Blob Data Contributor 角色分配给应用程序
导航到存储帐户 -> 访问控制 (IAM) -> 添加角色分配
- 按照此 step.
向您注册的应用程序授予对 Azure 存储的权限
我几乎浏览了与此论坛和其他论坛相关的所有 SO 答案,但我仍然无法找出实际问题。此应用程序是控制台应用程序,将部署在 On-Premise 环境中并将文件上传到 Azure blob。
我正在使用 WindowsAzure.Storage 9.3.3,代码如下。
static void CreateBlob(string accountName, string containerName, string blobName, string accessToken)
{
var tokenCredential = new TokenCredential(accessToken);
var storageCredentials = new StorageCredentials(tokenCredential);
var storageAccount = new CloudStorageAccount(storageCredentials, accountName, string.Empty, useHttps: true);
var cloudBlobClient = storageAccount.CreateCloudBlobClient();
var cloudBlobContainer = cloudBlobClient.GetContainerReference(containerName);
CloudBlockBlob blockBlob = cloudBlobContainer.GetBlockBlobReference(blobName);
string blobContents = "Blob created by Azure AD authenticated user.";
byte[] byteArray = Encoding.ASCII.GetBytes(blobContents);
try
{
using (MemoryStream stream = new MemoryStream(byteArray))
{
blockBlob.UploadFromStreamAsync(stream).Wait();
}
Console.WriteLine("upload successful");
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
Console.ReadLine();
}
}
并获得如下令牌。
public static string GetOAuthToken(string activeDirectoryTenantId, string
activeDirectoryApplicationSecret, string activeDirectoryApplicationId)
{
string resourceId = $"https://storage.azure.com";
var authority = String.Format("https://login.windows.net/" + activeDirectoryTenantId);
var credential = new ClientCredential(activeDirectoryApplicationId, activeDirectoryApplicationSecret);
var context = new AuthenticationContext(authority);
var result = context.AcquireTokenAsync(resourceId, credential).Result;
return result.AccessToken;
}
任何人都可以建议我可能遗漏了什么吗?
P/S 我已经确认我的本地系统与正确的 UTC 时间同步。
我试过你问题中的代码,它成功上传了 blob。
注:
- 将
Storage Blob Data Contributor角色分配给应用程序
导航到存储帐户 -> 访问控制 (IAM) -> 添加角色分配
- 按照此 step. 向您注册的应用程序授予对 Azure 存储的权限