我在 Python 中使用以下代码来为特定容器内的 Blob 生成 SAS URL。
`
def get_signed_url(container, blobPath):
return generate_blob_sas(
account_name=azure_account_name,
account_key=azure_account_key,
container_name=container,
blob_name=blobPath,
permission=BlobSasPermissions(read=True),
expiry=datetime.utcnow() + timedelta(days=1),
startsOn=datetime.utcnow() - timedelta(days=1),
version='2021-10-04',
protocol='https'
)
`
我得到以下网址
https://production.blob.core.windows.net/organization-134/2031dfac-0a29-4a73-b344-e5aec4e20282/How_to_send_a_request_in_Postman_1.png?se=2023-12-07T12%3A11%3A46Z&sp=r&spr=https&sv=2023-08-03&sr=b&sig=pPHMDdGqQZUrQ2s3YxLuWhkW%2BaPi1zJvyTSWQX2%2Bx2Y%3D
现在,当我在本地运行 python 并获取此 URL 时,它工作正常,但是,在生产中它不起作用,在浏览器上收到以下错误:
<Error>
<div id="in-page-channel-node-id" data-channel-name="in_page_channel__KbVHh"/>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:9c8117fc-c01e-0048-4642-28fc5a000000 Time:2023-12-06T12:50:21.7240095Z</Message>
<AuthenticationErrorDetail>Signature did not match. String to sign used was r 2023-12-07T12:11:46Z /blob/production/organization-134/2031dfac-0a29-4a73-b344-e5aec4e20282/How_to_send_a_request_in_Postman_1.png https 2023-08-03 b </AuthenticationErrorDetail>
我尝试在网上到处查找,但找不到任何可以帮助的东西。有些可能是由于时间不匹配,因为我的存储帐户和python托管在azure上,我怀疑是否是这种情况
服务器无法验证请求。确保授权标头的值格式正确,包括签名。 RequestId:9c8117fc-c01e-0048-4642-28fc5a000000Time:2023-12-06T12:50:21.7240095Z 签名不匹配。使用的签名字符串为 r 2023-12-07T12:11:46Z/blob/product/organization-134/2031dfac-0a29-4a73-b344-e5aec4e20282/How_to_send_a_request_in_Postman_1.pnghttps 2023-08-03 b
当您在 generate_blob_sas 函数中传递错误的参数时,就会出现上述错误。
在我的环境中,当我尝试在
generate_blob_sas
函数中使用正确的参数(例如帐户名称、帐户密钥、容器名称和 blob 名称)时,它成功执行。
代码:
import datetime
from azure.storage.blob import generate_blob_sas, BlobSasPermissions
account_name = 'venkat789'
account_key = 'sxxxxxx'
container_name = 'block-image'
blob_name = 'bike.png'
start_time = datetime.datetime.now(datetime.timezone.utc)
expiry_time = start_time + datetime.timedelta(seconds=int(900))
def get_blob_sas(account_name,account_key, container_name, blob_name):
sas_blob = generate_blob_sas(account_name=account_name,
container_name=container_name,
blob_name=blob_name,
account_key=account_key,
permission=BlobSasPermissions(read=True),
start=start_time,
expiry=expiry_time
)
return sas_blob
sastoken = get_blob_sas(account_name,account_key, container_name, blob_name)
url = 'https://'+account_name+'.blob.core.windows.net/'+container_name+'/'+blob_name+'?'+sastoken
print(url)
输出:
https://venkat789.blob.core.windows.net/block-image/bike.png?st=2023-12-22T08%3A17%3A19Z&se=2023-12-22T08%3A32%3A19Z&sp=r&sv=2023-11-03&sr=b&sig=efXSiJKBqxxxx
当我复制相同的 blob sas URL 并将其粘贴到浏览器中时,它成功显示了图像。
浏览器: