Generate/retrieve a SAS token programmatically for specific Blob/File under azure storage account via REST API in POSTMAN and then in IBM APP Connect

huangapple go评论71阅读模式
英文:

Generate/retrieve a SAS token programmatically for specific Blob/File under azure storage account via REST API in POSTMAN and then in IBM APP Connect

问题

我需要通过POSTMAN REST API以编程方式完成一个需求,在其中我需要将一个文件/二进制大对象(blob)上传到Azure存储账户并检索我上传的特定文件的唯一URL,然后我必须将该URL分享给第三方,以便他们可以在浏览器上查看它。

以下是我在POSTMAN中所做的:

请求
PUT https://{存储账户名称}.blob.core.windows.net/{容器名称}/{文件名}{SAS令牌}

头部
x-ms-version: 2020-04-08
x-ms-blob-type: BlockBlob
x-mock-response-name: Upload Blob

正文:从我的本地附加了一个文件

响应
我收到了200状态代码,文件成功上传。然而,在响应头中我没有看到任何URL或唯一的SAS令牌,我可以分享给我的第三方客户。

我还尝试了在SAS令牌中添加se和sp,我得到了以下错误

<错误>
<代码>AuthenticationFailed</代码>
<消息>服务器无法验证请求。确保Authorization头的值被正确地形成,包括签名。RequestId:65282b4e-401e-0050-2337-43ee90000000 Time:2023-02-18T01:20:28.3522177Z</消息>
<AuthenticationErrorDetail>**签名不匹配。使用的待签名字符串是 r 2023-02-18T09:12:15Z /blob/storage-account-name/container-name/file-name.txt 2021-06-08 b **</AuthenticationErrorDetail>
</错误>

注意:我们不想为每个文件手动从Azure门户生成SAS令牌,并构造URL并将其分享给客户,因为有大量流量涌入。一旦在POSTMAN中成功,我将在IBM App Connect Enterprise中实施相同的操作,使用ESQL编码。

非常感谢所有的建议。提前谢谢你。

以编程方式检索我上传的特定文件的唯一URL,并将该URL与第三方共享,以便他们可以在浏览器上查看它。

英文:

I have requirement where it has to be done programmatically using POSTMAN REST API, where I have to upload a file/blob to Azure storage account and retrieve the unique URL of the specific file that I have uploaded, and I have to share that URL to third party so that they can view it on browser.

This is what I have done in the POSTMAN

Request:
PUT https://{storage-account-name}.blob.core.windows.net/{container-name}/{file-name}{SAS-token}

Headers:
x-ms-version: 2020-04-08
x-ms-blob-type: BlockBlob
x-mock-response-name: Upload Blob

Body: Attached a file from my local

Response:
I have received 200 code and file is successfully uploaded. However, in the response headers I don't see any URL or unique SAS token that I can share to my third-party client.

I have also tried adding se and sp to sas token, I got the below error

<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:65282b4e-401e-0050-2337-43ee90000000 Time:2023-02-18T01:20:28.3522177Z</Message>
<AuthenticationErrorDetail>**Signature did not match. String to sign used was r 2023-02-18T09:12:15Z /blob/storage-account-name/container-name/file-name.txt 2021-06-08 b **</AuthenticationErrorDetail>
</Error>

Note: We don't want to generate SAS token manually from Azure portal for each file and construct the URL and share it to the client due to high traffic coming in. Once it is successful using POSTMAN. I have to implement the same in IBM App Connect enterprise, ESQL coding*

All the suggestions are much appreciated. Thank you in advance.

Retrieve the unique URL of the specific file that I have uploaded programmatically and share that URL with third party so that they can view it on browser.

答案1

得分: 0

除了 sesp 参数外,构建正确的 SAS URL 还需要以下参数:

  • 签名版本 (sv)
  • 签名资源 (sr)
  • signature

您的错误消息表示签名与 URL 的其余部分不匹配。签名是基于哈希的消息认证码(HMAC),您需要使用 SHA256 算法计算它,然后使用 Base64 编码进行编码。

您可以在此文档页面上找到根据版本构建字符串签名和签名的方法。

Postman 具有内置的 JavaScript 库,可以帮助您计算 HMAC:

CryptoJS.HmacSHA1("string-to-sign", "key").toString()
英文:

In addition to the se and sp parameters, the following parameters are required to construct the correct SAS URL:

  • signed version (sv)
  • signed resource (sr)
  • signature

Your error message says that the signature does not match the rest of the URL. Signature a hash-based message authentication code (HMAC) that you compute over the string-to-sign and key by using the SHA256 algorithm, and then encode by using Base64 encoding

You can find how to construct the string-to-sign and signature depending on the version on this documentation page.

Postman has a built-in JavaScript library that can help you to calculate HMAC:

CryptoJS.HmacSHA1(&quot;string-to-sign&quot;, &quot;key&quot;).toString()

huangapple
  • 本文由 发表于 2023年2月18日 09:39:05
  • 转载请务必保留本文链接:https://go.coder-hub.com/75490653.html
  • azure
  • azure-active-directory
  • azure-blob-storage
  • azure-container-apps
  • ibm-app-connect
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定