我正在尝试使用 Azure Rest API 获取文件夹内的 blob 列表,但在构建共享密钥的授权签名时遇到问题,我得到了
403 Forbidden
。
这是我的源代码:
// Build the authorization signature
var requestDate = DateTime.UtcNow.ToString("R");
var canonicalizedResource = $"/{accountName}/{containerName} \ncomp:list\nprefix:contacts/{contactId}\nrestype:container";
var stringToSign = $"GET\n\n\n\n\n\n\n\n\n\n\n\n{requestDate}\nx-ms-version:2023-08-03\n{canonicalizedResource}";
string signature;
using (var hmac = new HMACSHA256(Convert.FromBase64String(accessKey)))
{
var dataToHmac = Encoding.UTF8.GetBytes(stringToSign);
signature = Convert.ToBase64String(hmac.ComputeHash(dataToHmac));
}
// Make the HTTP GET request
var url = $"https://{accountName}.blob.core.windows.net/{containerName}?restype=container&comp=list&prefix=contacts/{contactId}";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("x-ms-version", "2023-08-03");
client.DefaultRequestHeaders.Add("x-ms-date", requestDate);
client.DefaultRequestHeaders.Add("Authorization", $"SharedKey {accountName}:{signature}");
var response = await client.GetAsync(url);
// Process the response
if (response.IsSuccessStatusCode)
{
var responseContent = await response.Content.ReadAsStringAsync();
Console.WriteLine("List of blobs in the container:");
Console.WriteLine(responseContent);
}
else
{
Console.WriteLine($"Error getting list of blobs. Status code: {response.StatusCode}");
}
}
我错过了什么吗?
使用 Azure API 列出 Blob Rest 返回“禁止”。
我同意 Gaurav Mantri 的评论。当代码中
stringtosign
中传递了错误的参数时,就会出现上述错误。
以下是修改后的代码,用于列出 Azure Blob 存储中特定文件夹中的 Blob:
代码:
using System.Security.Cryptography;
using System.Text;
using System.Xml.Linq;
class Program
{
static async Task Main(string[] args)
{
var accountName = "venkat123";
var containerName = "test";
var contactId = "ContactId";
var accessKey = "your access key";
var apiversion = "2023-08-03";
var path = "";
DateTime dt = DateTime.UtcNow;
string StringToSign = String.Format("GET\n"
+ "\n" // content encoding
+ "\n" // content language
+ "\n" // content length
+ "\n" // content md5
+ "\n" // content type
+ "\n" // date
+ "\n" // if modified since
+ "\n" // if match
+ "\n" // if none match
+ "\n" // if unmodified since
+ "\n" // range
+ "x-ms-date:" + dt.ToString("R") + "\nx-ms-version:" + apiversion + "\n" // headers
+ "/{0}/{1}\ncomp:list\nprefix:contacts/ContactId\nrestype:container", accountName, containerName);
string signature;
using (var hmac = new HMACSHA256(Convert.FromBase64String(accessKey)))
{
var dataToHmac = Encoding.UTF8.GetBytes(StringToSign);
signature = Convert.ToBase64String(hmac.ComputeHash(dataToHmac));
}
// Make the HTTP GET request
var url = $"https://{accountName}.blob.core.windows.net/{containerName}?restype=container&comp=list&prefix=contacts/{contactId}";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("x-ms-version", "2023-08-03");
client.DefaultRequestHeaders.Add("x-ms-date", dt.ToString("R"));
client.DefaultRequestHeaders.Add("Authorization", $"SharedKey {accountName}:{signature}");
var response = await client.GetAsync(url);
// Process the response
if (response.IsSuccessStatusCode)
{
var responseContent = await response.Content.ReadAsStringAsync();
var xmlDoc = XDocument.Parse(responseContent);
Console.WriteLine("List of blobs in the container:");
Console.WriteLine(xmlDoc.ToString(SaveOptions.None));
}
else
{
Console.WriteLine($"Error getting list of blobs. Status code: {response.StatusCode}");
}
}
}
}
输出:
List of blobs in the container:
<EnumerationResults ServiceEndpoint="https://venkat123.blob.core.windows.net/" ContainerName="test">
<Prefix>ContactId</Prefix>
<Blobs>
...
</Blobs>
<NextMarker />
</EnumerationResults>