英文:
Generate/retrieve a SAS token programmatically for specific Blob/File under azure storage account via REST API in POSTMAN and then in IBM APP Connect
问题
我需要通过POSTMAN REST API以编程方式完成一个需求,在其中我需要将一个文件/二进制大对象(blob)上传到Azure存储账户并检索我上传的特定文件的唯一URL,然后我必须将该URL分享给第三方,以便他们可以在浏览器上查看它。
以下是我在POSTMAN中所做的:
请求:
PUT https://{存储账户名称}.blob.core.windows.net/{容器名称}/{文件名}{SAS令牌}
头部:
x-ms-version: 2020-04-08
x-ms-blob-type: BlockBlob
x-mock-response-name: Upload Blob
正文:从我的本地附加了一个文件
响应:
我收到了200状态代码,文件成功上传。然而,在响应头中我没有看到任何URL或唯一的SAS令牌,我可以分享给我的第三方客户。
我还尝试了在SAS令牌中添加se和sp,我得到了以下错误
<错误>
<代码>AuthenticationFailed</代码>
<消息>服务器无法验证请求。确保Authorization头的值被正确地形成,包括签名。RequestId:65282b4e-401e-0050-2337-43ee90000000 Time:2023-02-18T01:20:28.3522177Z</消息>
<AuthenticationErrorDetail>**签名不匹配。使用的待签名字符串是 r 2023-02-18T09:12:15Z /blob/storage-account-name/container-name/file-name.txt 2021-06-08 b **</AuthenticationErrorDetail>
</错误>
注意:我们不想为每个文件手动从Azure门户生成SAS令牌,并构造URL并将其分享给客户,因为有大量流量涌入。一旦在POSTMAN中成功,我将在IBM App Connect Enterprise中实施相同的操作,使用ESQL编码。
非常感谢所有的建议。提前谢谢你。
以编程方式检索我上传的特定文件的唯一URL,并将该URL与第三方共享,以便他们可以在浏览器上查看它。
英文:
I have requirement where it has to be done programmatically using POSTMAN REST API, where I have to upload a file/blob to Azure storage account and retrieve the unique URL of the specific file that I have uploaded, and I have to share that URL to third party so that they can view it on browser.
This is what I have done in the POSTMAN
Request:
PUT https://{storage-account-name}.blob.core.windows.net/{container-name}/{file-name}{SAS-token}
Headers:
x-ms-version: 2020-04-08
x-ms-blob-type: BlockBlob
x-mock-response-name: Upload Blob
Body: Attached a file from my local
Response:
I have received 200 code and file is successfully uploaded. However, in the response headers I don't see any URL or unique SAS token that I can share to my third-party client.
I have also tried adding se and sp to sas token, I got the below error
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:65282b4e-401e-0050-2337-43ee90000000 Time:2023-02-18T01:20:28.3522177Z</Message>
<AuthenticationErrorDetail>**Signature did not match. String to sign used was r 2023-02-18T09:12:15Z /blob/storage-account-name/container-name/file-name.txt 2021-06-08 b **</AuthenticationErrorDetail>
</Error>
Note: We don't want to generate SAS token manually from Azure portal for each file and construct the URL and share it to the client due to high traffic coming in. Once it is successful using POSTMAN. I have to implement the same in IBM App Connect enterprise, ESQL coding*
All the suggestions are much appreciated. Thank you in advance.
Retrieve the unique URL of the specific file that I have uploaded programmatically and share that URL with third party so that they can view it on browser.
答案1
得分: 0
除了 se
和 sp
参数外,构建正确的 SAS URL 还需要以下参数:
- 签名版本 (
sv
) - 签名资源 (
sr
) signature
您的错误消息表示签名与 URL 的其余部分不匹配。签名是基于哈希的消息认证码(HMAC),您需要使用 SHA256 算法计算它,然后使用 Base64 编码进行编码。
您可以在此文档页面上找到根据版本构建字符串签名和签名的方法。
Postman 具有内置的 JavaScript 库,可以帮助您计算 HMAC:
CryptoJS.HmacSHA1("string-to-sign", "key").toString()
英文:
In addition to the se
and sp
parameters, the following parameters are required to construct the correct SAS URL:
- signed version (
sv
) - signed resource (
sr
) signature
Your error message says that the signature does not match the rest of the URL. Signature a hash-based message authentication code (HMAC) that you compute over the string-to-sign and key by using the SHA256 algorithm, and then encode by using Base64 encoding
You can find how to construct the string-to-sign and signature depending on the version on this documentation page.
Postman has a built-in JavaScript library that can help you to calculate HMAC:
CryptoJS.HmacSHA1("string-to-sign", "key").toString()
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论