使用 Azure.Storage.Blob v12.9.0 上传到 Azure Blob 存储时身份验证失败
Authentication Failure when uploading to Azure Blob Storage using Azure.Storage.Blob v12.9.0
我在尝试将文件上传到 blob 存储时遇到此错误。当我在 localhost 上 运行 和在 Azure Function 中 运行 时都会出现错误。
我的连接字符串如下所示:
DefaultEndpointsProtocol=https;AccountName=xxx;AccountKey=xxx;EndpointSuffix=core.windows.net
身份验证信息的格式不正确。检查授权 header 的值。
Time:2021-10-14T15:56:26.7659660Z
Status: 400 (Authentication information is not given in the correct format. Check the value of Authorization header.)
错误代码:InvalidAuthenticationInfo
但这在过去曾经有效,但最近它开始为我创建的新存储帐户抛出此错误。我的代码如下所示
public AzureStorageService(IOptions<AzureStorageSettings> options)
{
_connectionString = options.Value.ConnectionString;
_containerName = options.Value.ImageContainer;
_sasCredential = new StorageSharedKeyCredential(options.Value.AccountName, options.Value.Key);
_blobServiceClient = new BlobServiceClient(new BlobServiceClient(_connectionString).Uri, _sasCredential);
_containerClient = _blobServiceClient.GetBlobContainerClient(_containerName);
}
public async Task<string> UploadFileAsync(IFormFile file, string location, bool publicAccess = true)
{
try
{
await _containerClient.CreateIfNotExistsAsync(publicAccess
? PublicAccessType.Blob
: PublicAccessType.None);
var blobClient = _containerClient.GetBlobClient(location);
await using var fileStream = file.OpenReadStream();
// throws Exception here
await blobClient.UploadAsync(fileStream, true);
return blobClient.Uri.ToString();
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
}
// To be able to do this, I have to create the container client via the blobService client which was created along with the SharedStorageKeyCredential
public Uri GetSasContainerUri()
{
if (_containerClient.CanGenerateSasUri)
{
// Create a SAS token that's valid for one hour.
var sasBuilder = new BlobSasBuilder()
{
BlobContainerName = _containerClient.Name,
Resource = "c"
};
sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
sasBuilder.SetPermissions(BlobContainerSasPermissions.Write);
var sasUri = _containerClient.GenerateSasUri(sasBuilder);
Console.WriteLine("SAS URI for blob container is: {0}", sasUri);
Console.WriteLine();
return sasUri;
}
else
{
Console.WriteLine(@"BlobContainerClient must be authorized with Shared Key
credentials to create a service SAS.");
return null;
}
}
请更改以下代码行:
_blobServiceClient = new BlobServiceClient(new BlobServiceClient(_connectionString).Uri, _sasCredential);
至
_blobServiceClient = new BlobServiceClient(_connectionString);
考虑到您的连接字符串包含所有必要的信息,您实际上不需要做所有您正在做的事情,您将使用 BlobServiceClient(String)
构造函数,它期望并接受连接字符串。
您还可以删除以下代码行:
_sasCredential = new StorageSharedKeyCredential(options.Value.AccountName, options.Value.Key);
并且可能可以从您的配置设置中删除 AccountName
和 Key
,如果它们没有在别处使用的话。
我在尝试将文件上传到 blob 存储时遇到此错误。当我在 localhost 上 运行 和在 Azure Function 中 运行 时都会出现错误。
我的连接字符串如下所示: DefaultEndpointsProtocol=https;AccountName=xxx;AccountKey=xxx;EndpointSuffix=core.windows.net
身份验证信息的格式不正确。检查授权 header 的值。 Time:2021-10-14T15:56:26.7659660Z Status: 400 (Authentication information is not given in the correct format. Check the value of Authorization header.) 错误代码:InvalidAuthenticationInfo
但这在过去曾经有效,但最近它开始为我创建的新存储帐户抛出此错误。我的代码如下所示
public AzureStorageService(IOptions<AzureStorageSettings> options)
{
_connectionString = options.Value.ConnectionString;
_containerName = options.Value.ImageContainer;
_sasCredential = new StorageSharedKeyCredential(options.Value.AccountName, options.Value.Key);
_blobServiceClient = new BlobServiceClient(new BlobServiceClient(_connectionString).Uri, _sasCredential);
_containerClient = _blobServiceClient.GetBlobContainerClient(_containerName);
}
public async Task<string> UploadFileAsync(IFormFile file, string location, bool publicAccess = true)
{
try
{
await _containerClient.CreateIfNotExistsAsync(publicAccess
? PublicAccessType.Blob
: PublicAccessType.None);
var blobClient = _containerClient.GetBlobClient(location);
await using var fileStream = file.OpenReadStream();
// throws Exception here
await blobClient.UploadAsync(fileStream, true);
return blobClient.Uri.ToString();
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
}
// To be able to do this, I have to create the container client via the blobService client which was created along with the SharedStorageKeyCredential
public Uri GetSasContainerUri()
{
if (_containerClient.CanGenerateSasUri)
{
// Create a SAS token that's valid for one hour.
var sasBuilder = new BlobSasBuilder()
{
BlobContainerName = _containerClient.Name,
Resource = "c"
};
sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
sasBuilder.SetPermissions(BlobContainerSasPermissions.Write);
var sasUri = _containerClient.GenerateSasUri(sasBuilder);
Console.WriteLine("SAS URI for blob container is: {0}", sasUri);
Console.WriteLine();
return sasUri;
}
else
{
Console.WriteLine(@"BlobContainerClient must be authorized with Shared Key
credentials to create a service SAS.");
return null;
}
}
请更改以下代码行:
_blobServiceClient = new BlobServiceClient(new BlobServiceClient(_connectionString).Uri, _sasCredential);
至
_blobServiceClient = new BlobServiceClient(_connectionString);
考虑到您的连接字符串包含所有必要的信息,您实际上不需要做所有您正在做的事情,您将使用 BlobServiceClient(String)
构造函数,它期望并接受连接字符串。
您还可以删除以下代码行:
_sasCredential = new StorageSharedKeyCredential(options.Value.AccountName, options.Value.Key);
并且可能可以从您的配置设置中删除 AccountName
和 Key
,如果它们没有在别处使用的话。