Azure table 服务:在 REST API 中从 Perl 授权
Azure table service: authorize in REST API from Perl
我正在尝试通过我的 Perl 脚本通过 REST API 在 Azure 表中授权。根据 MSDN documents 并基于我对类似任务的了解(我为 Blob 服务创建了一个类似的脚本并且运行良好)我开发了一个简单的脚本:
use strict;
use warnings;
use Digest::SHA qw(hmac_sha256_base64);
use HTTP::Date;
use HTTP::Request;
use LWP::UserAgent;
use MIME::Base64;
my $account = 'myaccount';
my $key = 'Nf2b/ZSY+a...7ZT0Q==';
my $decoded_key = decode_base64( $key );
my $uri = "https://$account.table.core.windows.net/?restype=service&comp=properties";
my $method = 'GET';
my $req = HTTP::Request->new($method, $uri);
my $date = time2str();
my $canonicalized_resource = "/$account/\nrestype:service\ncomp:properties";
my $string_to_sign =
"$method\n" .
"\n" . # content-md5
"\n" . # content-type
"$date\n".
$canonicalized_resource;
my $sig = hmac_sha256_base64($string_to_sign, $decoded_key );
$sig .= '=' x (4 - (length($sig) % 4));
$req->authorization("SharedKey $account:$sig");
$req->header('x-ms-version', '2019-02-02');
$req->header('x-ms-date', $date);
$req->date($date);
my $ua = LWP::UserAgent->new();
my $resp = $ua->request($req);
unless($resp->is_success){
die "Request failed: " . $resp->status_line . ". Signed string: " . $string_to_sign;
}
任务非常简单:通过获取 Table service properties 检查我的代码。不幸的是它不起作用!我得到:
Request failed: 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
SharedKey 不正确。但是,我不熟悉 Perl。你可以参考example with C#.
请检查您的 CanonicalizedResource 字符串:
Beginning with an empty string (""), append a forward slash (/), followed by the name of the account that owns the resource being
accessed.
Append the resource's encoded URI path, without any query parameters.
Retrieve all query parameters on the resource URI, including the comp parameter if it exists.
Convert all parameter names to lowercase.
Sort the query parameters lexicographically by parameter name, in ascending order.
URL-decode each query parameter name and value.
Include a new-line character (\n) before each name-value pair.
Append each query parameter name and value to the string in the following format, making sure to include the colon (:) between the
name and the value: parameter-name:parameter-value
If a query parameter has more than one value, sort all values lexicographically, then include them in a comma-separated list:
parameter-name:parameter-value-1,parameter-value-2,parameter-value-n
我正在尝试通过我的 Perl 脚本通过 REST API 在 Azure 表中授权。根据 MSDN documents 并基于我对类似任务的了解(我为 Blob 服务创建了一个类似的脚本并且运行良好)我开发了一个简单的脚本:
use strict;
use warnings;
use Digest::SHA qw(hmac_sha256_base64);
use HTTP::Date;
use HTTP::Request;
use LWP::UserAgent;
use MIME::Base64;
my $account = 'myaccount';
my $key = 'Nf2b/ZSY+a...7ZT0Q==';
my $decoded_key = decode_base64( $key );
my $uri = "https://$account.table.core.windows.net/?restype=service&comp=properties";
my $method = 'GET';
my $req = HTTP::Request->new($method, $uri);
my $date = time2str();
my $canonicalized_resource = "/$account/\nrestype:service\ncomp:properties";
my $string_to_sign =
"$method\n" .
"\n" . # content-md5
"\n" . # content-type
"$date\n".
$canonicalized_resource;
my $sig = hmac_sha256_base64($string_to_sign, $decoded_key );
$sig .= '=' x (4 - (length($sig) % 4));
$req->authorization("SharedKey $account:$sig");
$req->header('x-ms-version', '2019-02-02');
$req->header('x-ms-date', $date);
$req->date($date);
my $ua = LWP::UserAgent->new();
my $resp = $ua->request($req);
unless($resp->is_success){
die "Request failed: " . $resp->status_line . ". Signed string: " . $string_to_sign;
}
任务非常简单:通过获取 Table service properties 检查我的代码。不幸的是它不起作用!我得到:
Request failed: 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
SharedKey 不正确。但是,我不熟悉 Perl。你可以参考example with C#.
请检查您的 CanonicalizedResource 字符串:
Beginning with an empty string (""), append a forward slash (/), followed by the name of the account that owns the resource being accessed.
Append the resource's encoded URI path, without any query parameters.
Retrieve all query parameters on the resource URI, including the comp parameter if it exists.
Convert all parameter names to lowercase.
Sort the query parameters lexicographically by parameter name, in ascending order.
URL-decode each query parameter name and value.
Include a new-line character (\n) before each name-value pair.
Append each query parameter name and value to the string in the following format, making sure to include the colon (:) between the name and the value:
parameter-name:parameter-valueIf a query parameter has more than one value, sort all values lexicographically, then include them in a comma-separated list:
parameter-name:parameter-value-1,parameter-value-2,parameter-value-n