C 知道

消息
创作中心
doujianqin5172 2017-08-17 13:35
浏览 279
已采纳

为什么我的Azure SAS令牌签名不匹配?

This is the error returned when I try to access a blob in storage:

Code: AuthenticationFailed Message: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. AuthenticationErrorDetail: Signature did not match. String to sign used was xxstorageaccount rwdlac b sco 2017-08-17T21:29:24Z 2017-08-17T21:34:24Z https 2017-04-17

Here's my code:

$storageAccount = config('azure.storage.account');

$start = new \DateTime();     
$end = (new \DateTime())->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');

$toSign = $storageAccount . "
";
$toSign .= "rwdlac" . "
";
$toSign .= "b" . "
";
$toSign .= "sco" . "
";
$toSign .= $start . "
";
$toSign .= $end . "
"; 
$toSign .= "
";
$toSign .= "https" . "
";
$toSign .= "2017-04-17" . "
";

$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, $sasKeyValue, TRUE))); 
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;

return $uri . $token;

展开全部

  • 写回答

1条回答 默认 最新

  • dst67283 2017-08-17 23:30
    关注

    You could do 2 things to avoid this error.

    1. Convert start and end time to GMT time via setTimezone() function or consider using the gmdate function instead.

    2. Decode base64 account key through base64_decode() function.

    Please change your code like the following:

    $storageAccount = config('azure.storage.account');

$start = (new \DateTime())->setTimezone(new DateTimeZone('GMT'));     
$end = (new \DateTime())->setTimezone(new DateTimeZone('GMT'))->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');

$toSign = $storageAccount . "
";
$toSign .= "rwdlac" . "
";
$toSign .= "b" . "
";
$toSign .= "sco" . "
";
$toSign .= $start . "
";
$toSign .= $end . "
"; 
$toSign .= "
";
$toSign .= "https" . "
";
$toSign .= "2017-04-17" . "
";

$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, base64_decode($sasKeyValue), TRUE))); 
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;

return $uri . $token;

    展开全部

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
编辑
预览

报告相同问题?

手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

 客服 返回
顶部