我想通过邮递员调用与天蓝色文件存储相关的REST API。 以下是我提出请求的方式:
我正在请求列出文件存储帐户中的所有共享,如下所述:
我收到以下错误:在HTTP请求中找到的MAC签名'与任何计算签名不同。服务器使用字符串后签名:'GET
如何解决这个问题?
解决方案使用更新的屏幕截图,它似乎是您的问题不再与x-ms-date相关。 403错误的原因是Header中的Authorization属性格式为
Authorization =[SharedKey | SharedKeyLite] [AccountName]:[签名]
您不应该直接使用Azure门户上的访问密钥作为授权的签名部分,应该通过UTF上的 HMAC-SHA256 算法构造编码请求字符串-8编码。 格式为
签名= Base64(HMAC-SHA256(UTF8(StringToSign)))
在
重要通知:
在上面代码,你不应该错过//资源行中的\ ncomp:list,否则它也会返回403错误。 您可以在构建规范化资源字符串。
I want to call REST API related to file storage of azure through postman. Here is how I am making my request :
I am making request to list all shares in file storage account as described here : docs.microsoft/en-us/rest/api/storageservices/list-shares
I am getting below error:
"The Date header in the request is incorrect." What changes I should make ?
Edit1 :
When I provided date n correct format, I have error like this :
I am getting below error: "The MAC signature found in the HTTP request '' is not the same as any computed signature. Server used following string to sign: 'GET"
How to resolve this?
解决方案With your updated screenshot, it seems like that your problem is no longer related to x-ms-date. The reason for this 403 error is the Authorization attribute in the Header which format as
Authorization="[SharedKey|SharedKeyLite] [AccountName]:[Signature]"
You should't directly use the Access Key on Azure Portal as the Signature part of Authorization,instead it should be constructed encoding request string by using the HMAC-SHA256 algorithm over the UTF-8-encoded. format as
Signature=Base64(HMAC-SHA256(UTF8(StringToSign)))
which mentioned on the official document.
Sample java code as below show you how to construct Signature part of Authorization:
String stringToSign = "GET\n" + "\n" // content encoding + "\n" // content language + "\n" // content length + "\n" // content md5 + "\n" // content type + "\n" // date + "\n" // if modified since + "\n" // if match + "\n" // if none match + "\n" // if unmodified since + "\n" // range + "x-ms-date:" + date + "\nx-ms-version:2015-02-21\n" // headers + "/" + <your account name> + "/"+"\ncomp:list"; // resources String auth = getAuthenticationString(stringToSign); private static String getAuthenticationString(String stringToSign) throws Exception { Mac mac = Mac.getInstance("HmacSHA256"); mac.init(new SecretKeySpec(Base64.decode(key), "HmacSHA256")); String authKey = new String(Base64.encode(mac.doFinal(stringToSign.getBytes("UTF-8")))); String auth = "SharedKey " + account + ":" + authKey; return auth; }The auth parameter in the code is generated your Signature mentioned above,then you could fill it in the Authorization property and re-send request in Postman.
The screenshot as below:
Important notice:
In the above code,you should't miss "\ ncomp: list" in the //resources line,otherwise it will also return 403 error. You could find the rules in the Constructing the Canonicalized Resource String.
更多推荐
如何使用postman为Azure文件存储调用REST API?
发布评论