doujianqin5172 2017-08-17 21:35
浏览 278
已采纳

为什么我的Azure SAS令牌签名不匹配?

This is the error returned when I try to access a blob in storage:

Code: AuthenticationFailed Message: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. AuthenticationErrorDetail: Signature did not match. String to sign used was xxstorageaccount rwdlac b sco 2017-08-17T21:29:24Z 2017-08-17T21:34:24Z https 2017-04-17

Here's my code:

$storageAccount = config('azure.storage.account');

$start = new \DateTime();     
$end = (new \DateTime())->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');

$toSign = $storageAccount . "
";
$toSign .= "rwdlac" . "
";
$toSign .= "b" . "
";
$toSign .= "sco" . "
";
$toSign .= $start . "
";
$toSign .= $end . "
"; 
$toSign .= "
";
$toSign .= "https" . "
";
$toSign .= "2017-04-17" . "
";

$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, $sasKeyValue, TRUE))); 
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;

return $uri . $token;
  • 写回答

1条回答 默认 最新

  • dst67283 2017-08-18 07:30
    关注

    You could do 2 things to avoid this error.

    1. Convert start and end time to GMT time via setTimezone() function or consider using the gmdate function instead.

    2. Decode base64 account key through base64_decode() function.

    Please change your code like the following:

    $storageAccount = config('azure.storage.account');
    
    $start = (new \DateTime())->setTimezone(new DateTimeZone('GMT'));     
    $end = (new \DateTime())->setTimezone(new DateTimeZone('GMT'))->modify('+5 minutes');
    $start = $start->format('Y-m-d\TH:i:s\Z');
    $end = $end->format('Y-m-d\TH:i:s\Z');
    
    $toSign = $storageAccount . "
    ";
    $toSign .= "rwdlac" . "
    ";
    $toSign .= "b" . "
    ";
    $toSign .= "sco" . "
    ";
    $toSign .= $start . "
    ";
    $toSign .= $end . "
    "; 
    $toSign .= "
    ";
    $toSign .= "https" . "
    ";
    $toSign .= "2017-04-17" . "
    ";
    
    $signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, base64_decode($sasKeyValue), TRUE))); 
    $token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;
    
    return $uri . $token;
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 准备学习小程序搭建,谁能手把手的教我啊?
  • ¥15 关于#嵌入式硬件#的问题:树莓派第一天重装配置python和opencv后第二天打开就成这样,瞎捣鼓搞出来文件夹还是没把原来的界面调回来
  • ¥20 Arduino 循迹小车程序电路出错故障求解
  • ¥20 Arduino 循迹小车程序电路出错故障求解
  • ¥100 AT89C52单片机C语言调试之后再回答
  • ¥15 AT89C52单片机C语言串口助手发送数据包返回值
  • ¥15 C++数组中找第二小的数字程序纠错
  • ¥15 wannier复现图像时berry曲率极值点与高对称点严重偏移
  • ¥15 利用决策森林为什么会出现这样·的问题(关键词-情感分析)
  • ¥15 DispatcherServlet.noHandlerFound No mapping found for HTTP request with URI[/untitled30_war_e