使用 Azure.Storage.Blob v12.9.0 上传到 Azure Blob 存储时身份验证失败

Authentication Failure when uploading to Azure Blob Storage using Azure.Storage.Blob v12.9.0

我在尝试将文件上传到 blob 存储时遇到此错误。当我在 localhost 上 运行 和在 Azure Function 中 运行 时都会出现错误。

我的连接字符串如下所示: DefaultEndpointsProtocol=https;AccountName=xxx;AccountKey=xxx;EndpointSuffix=core.windows.net

身份验证信息的格式不正确。检查授权 header 的值。 Time:2021-10-14T15:56:26.7659660Z Status: 400 (Authentication information is not given in the correct format. Check the value of Authorization header.) 错误代码:InvalidAuthenticationInfo

但这在过去曾经有效,但最近它开始为我创建的新存储帐户抛出此错误。我的代码如下所示

    public AzureStorageService(IOptions<AzureStorageSettings> options)
    {
        _connectionString = options.Value.ConnectionString;
        _containerName = options.Value.ImageContainer;
        _sasCredential = new StorageSharedKeyCredential(options.Value.AccountName, options.Value.Key);
        _blobServiceClient = new BlobServiceClient(new BlobServiceClient(_connectionString).Uri, _sasCredential);
        _containerClient = _blobServiceClient.GetBlobContainerClient(_containerName);
    }
    public async Task<string> UploadFileAsync(IFormFile file, string location, bool publicAccess = true)
    {
        try
        {
            
            await _containerClient.CreateIfNotExistsAsync(publicAccess
                ? PublicAccessType.Blob
            : PublicAccessType.None);

            var blobClient = _containerClient.GetBlobClient(location);
            
            await using var fileStream = file.OpenReadStream();

            // throws Exception here
            await blobClient.UploadAsync(fileStream, true);

            return blobClient.Uri.ToString();
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
            throw;
        }
    }
    // To be able to do this, I have to create the container client via the blobService client which was created along with the SharedStorageKeyCredential
    public Uri GetSasContainerUri()
    {
        if (_containerClient.CanGenerateSasUri)
        {
            // Create a SAS token that's valid for one hour.
            var sasBuilder = new BlobSasBuilder()
            {
                BlobContainerName = _containerClient.Name,
                Resource = "c"
            };

            sasBuilder.ExpiresOn = DateTimeOffset.UtcNow.AddHours(1);
            sasBuilder.SetPermissions(BlobContainerSasPermissions.Write);

            var sasUri = _containerClient.GenerateSasUri(sasBuilder);
            Console.WriteLine("SAS URI for blob container is: {0}", sasUri);
            Console.WriteLine();

            return sasUri;
        }
        else
        {
            Console.WriteLine(@"BlobContainerClient must be authorized with Shared Key 
                      credentials to create a service SAS.");
            return null;
        }
    }

请更改以下代码行:

_blobServiceClient = new BlobServiceClient(new BlobServiceClient(_connectionString).Uri, _sasCredential);

_blobServiceClient = new BlobServiceClient(_connectionString);

考虑到您的连接字符串包含所有必要的信息,您实际上不需要做所有您正在做的事情,您将使用 BlobServiceClient(String) 构造函数,它期望并接受连接字符串。

您还可以删除以下代码行:

_sasCredential = new StorageSharedKeyCredential(options.Value.AccountName, options.Value.Key);

并且可能可以从您的配置设置中删除 AccountNameKey,如果它们没有在别处使用的话。