未经授权的Azure IOT Hub Rest API

本文介绍了未经授权的Azure IOT Hub Rest API的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在尝试通过以下链接使用Azure Iot集线器REST API创建设备

I am trying to use Azure Iot hub REST API to create device by following links

创建新的设备身份

控制对以下内容的访问权限物联网中心

我的http数据就像

{ "status":"connected", "authentication":{ "symmetricKey":{ "primaryKey":"key in shared access policies", "secondaryKey":"key in shared access policies"} }, "statusReason":"reason", "deviceId":"test123" }

我的标题就像

["Content-Type": "application/json", "Authorization": "SharedAccessSignature sig=(key in shared access policies public key)=&se=1481687791&skn=iothubowner&sr=(my iot hub name).azure-devices%2fdevices%2ftest123"]

但是我收到错误401

But i get error 401

{"Message":"ErrorCode:IotHubUnauthorizedAccess;Unauthorized","ExceptionMessage":"Tracking ID:(tracking id )-TimeStamp:12/14/2016 03:15:17"}

任何人都知道如何修复它或跟踪exceptionMessage吗?

Anyone know how to fixed it , or to track the exceptionMessage ?

推荐答案

401的问题可能在于您计算SAS的方式. 为IoT中心计算SAS的完整过程(在C#中)为:

The problem of 401 is, probably, in the way you are calculating the SAS. The full process to calculate a SAS for the IoT Hub (in C#) is:

private static readonly DateTime epochTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); public static string SharedAccessSignature(string hostUrl, string policyName, string policyAccessKey, TimeSpan timeToLive) { if (string.IsNullOrWhiteSpace(hostUrl)) { throw new ArgumentNullException(nameof(hostUrl)); } var expires = Convert.ToInt64(DateTime.UtcNow.Add(timeToLive).Subtract(epochTime).TotalSeconds).ToString(CultureInfo.InvariantCulture); var resourceUri = WebUtility.UrlEncode(hostUrl.ToLowerInvariant()); var toSign = string.Concat(resourceUri, "\n", expires); var signed = Sign(toSign, policyAccessKey); var sb = new StringBuilder(); sb.Append("sr=").Append(resourceUri) .Append("&sig=").Append(WebUtility.UrlEncode(signed)) .Append("&se=").Append(expires); if (!string.IsNullOrEmpty(policyName)) { sb.Append("&skn=").Append(WebUtility.UrlEncode(policyName)); } return sb.ToString(); } private static string Sign(string requestString, string key) { using (var hmacshA256 = new HMACSHA256(Convert.FromBase64String(key))) { var hash = hmacshA256.ComputeHash(Encoding.UTF8.GetBytes(requestString)); return Convert.ToBase64String(hash); } }

如果要在IoTHub中创建设备，则必须具有一个具有完全权限的策略，这意味着: 注册表读取和写入，服务连接和设备连接. 如果需要有关C#的完整功能示例，请使用C#了解如何使用IoT中心REST API创建设备，请检查设备是否存在并将消息发送到我编写关于此帖子(该帖子是西班牙文，但我可以想象得到您需要的只是代码).

If you want to create the device in the IoTHub you have to have a policy with full permissions that mean: Registry read and write, Service connect and Device connect. If you need a full functional example, in C#, about how use the IoT Hub REST API to create a device, check if a device exists and send messages to the IoT Hub I have wrote this post about it (the post is in spanish but I can imagine that what you need is just the code).