How to generate functional SAS token to connect and send message to my service bus namespace queue in Azure?

huangapple go评论69阅读模式
英文:

How to generate functional SAS token to connect and send message to my service bus namespace queue in Azure?

问题

以下是代码的中文翻译部分:

import urllib.parse
import hmac
import hashlib
import base64
import time

def get_auth_token(sb_name, queue_name, sas_name, sas_value):
    """
    返回用于调用Service Bus REST API的授权令牌字典。
    """
    uri = urllib.parse.quote_plus("https://{}.servicebus.windows.net/{}".format(sb_name, queue_name))
    sas = sas_value.encode('utf-8')
    expiry = str(int(time.time() + 10000))
    string_to_sign = (uri + '\n' + expiry).encode('utf-8')
    signed_hmac_sha256 = hmac.HMAC(sas, string_to_sign, hashlib.sha256)
    signature = urllib.parse.quote(base64.b64encode(signed_hmac_sha256.digest()))
    return {"sb_name": sb_name,
             "queue_name": queue_name,
             "token": 'SharedAccessSignature sr={}&sig={}&se={}&skn={}' \
                     .format(uri, signature, expiry, sas_name)
            }

sb_name = "my_service_bus"
queue_name = "my_queue"
sas_name = "shared_access_policy_name"
sas_value = "my_primary_key"

auth_token = get_auth_token(sb_name, queue_name, sas_name, sas_value)
print(auth_token["token"])

请注意,这段代码用于生成 Service Bus REST API 的授权令牌。如果使用生成的令牌作为 Rest API POST 请求的 Bearer 令牌时出现问题,可能需要检查以下事项:

  1. 确保sb_namequeue_namesas_name,和sas_value 的值与你的服务总线设置一致。
  2. 确保系统的时间设置正确,因为令牌的有效期是基于时间戳计算的。
  3. 确保生成的令牌在请求中正确使用,例如,确保它是在请求标头中作为 Bearer 令牌传递的。

如果你已经确认了上述事项,但仍然遇到问题,可能需要进一步调试或查看服务总线的身份验证和授权设置以确保一切配置正确。如果问题仍然存在,请提供更多详细信息,以便我可以提供更多帮助。

英文:
import urllib.parse
import hmac
import hashlib
import base64
import time

def get_auth_token(sb_name, queue_name, sas_name, sas_value):
    """
    Returns an authorization token dictionary 
    for making calls to Service Bus REST API.
    """
    uri = urllib.parse.quote_plus("https://{}.servicebus.windows.net/{}" \
                                  .format(sb_name, queue_name))
    sas = sas_value.encode('utf-8')
    expiry = str(int(time.time() + 10000))
    string_to_sign = (uri + '\n' + expiry).encode('utf-8')
    signed_hmac_sha256 = hmac.HMAC(sas, string_to_sign, hashlib.sha256)
    signature = urllib.parse.quote(base64.b64encode(signed_hmac_sha256.digest()))
    return  {"sb_name": sb_name,
             "queue_name": queue_name,
             "token":'SharedAccessSignature sr={}&sig={}&se={}&skn={}' \
                     .format(uri, signature, expiry, sas_name)
            }


sb_name = "my_service_bus"
queue_name = "my_queue"
sas_name = "shared_access_policy_name"
sas_value = "my_primary_key"

auth_token = get_auth_token(sb_name, queue_name, sas_name, sas_value)
print(auth_token["token"])

Code works and returns token. But when the token is used as a Bearer token in Rest api POST request it returns:

<Error>
    <Code>401</Code>
    <Detail>MalformedToken: Failed to parse simple web token. TrackingId:ac03ae94-ba77-46e4-a237-99cd8dc9ba83_G78, SystemTracker:whepservice.servicebus.windows.net:whepq, Timestamp:2023-04-06T15:26:53</Detail>
</Error>

Can You help to successfully authenticate to the service bus queue? Thank you in advance.

答案1

得分: 0

请看以下翻译:

"Instead of using token as bearer token, use the obtained token as Authorization."

我建议您不要将令牌用作承载令牌,而是将获取的令牌用作授权。

"I have run the code provided by you and I got token as shared access signature."

我已运行您提供的代码,并获得了共享访问签名作为令牌。

"I would suggest you try connecting service bus queue through postman and see if you are able to authenticate properly."

我建议您尝试通过 Postman 连接服务总线队列,看看您是否能够正确进行身份验证。

"Below are steps you can follow to test authentication using postman."

以下是您可以遵循的步骤,以使用 Postman 测试身份验证。

  • Ran the code provided by you and got token in below format,

运行您提供的代码并获取以下格式的令牌,

  • Request Type: POST

请求类型:POST

Url:
Format:https://<yournamespace>.servicebus.windows.net/<yourentity>/messages

URL:
格式:https://<yournamespace>.servicebus.windows.net/<yourentity>/messages

Content-Type: application/json

内容类型:application/json

Authorization: SharedAccessSignature sr=https%3A%2F%2F<yournamespace>.servicebus.windows.net%2F<yourentity>&sig=<yoursignature from code above>&se=1438205742&skn=KeyName

授权:共享访问签名 sr=https%3A%2F%2F<yournamespace>.servicebus.windows.net%2F<yourentity>&sig=<yoursignature from code above>&se=1438205742&skn=KeyName

ContentType: application/atom+xml;type=entry;charset=utf-8

内容类型:application/atom+xml;type=entry;charset=utf-8

  • Use the obtained token as Authorization as shown below,

将获取的令牌用作授权,如下所示,

  • Try to send a sample message from the body as shown below,

尝试从正文中发送示例消息,如下所示,

  • Check if you are able to send the message without getting an authorization error. If you are able to authorize properly through postman, then there is some issue with passing the token.

检查您是否能够发送消息而不会收到授权错误。如果您能够通过 Postman 正确进行授权,那么传递令牌可能存在问题。

  • Also, the token you are getting is in the proper format as mentioned above.

此外,您获取的令牌是如上所述的正确格式。

  • Reference link: link

参考链接:链接

英文:

Instead of using token as bearer token, use the obtained token as Authorization.

I have run the code provided by you and I got token as shared access signature.

I would suggest you try connecting service bus queue through postman and see if you are able to authenticate properly.

Below are steps you can follow to test authentication using postman.

  • Ran the code provided by you and got token in below format,
    How to generate functional SAS token to connect and send message to my service bus namespace queue in Azure?

  • Request Type: POST

Url:
Format:https://<yournamespace>.servicebus.windows.net/<yourentity>/messages

Content-Type: application/json

Authorization: SharedAccessSignature sr=https%3A%2F%2F<yournamespace>.servicebus.windows.net%2F<yourentity>&sig=<yoursignature from code above>&se=1438205742&skn=KeyName

ContentType: application/atom+xml;type=entry;charset=utf-8

  • Use the obtained token as Authorization as shown below,
    How to generate functional SAS token to connect and send message to my service bus namespace queue in Azure?

  • Try to send sample message from body as shown below,
    How to generate functional SAS token to connect and send message to my service bus namespace queue in Azure?

  • Check if you are able to send the message without getting authorization error. If you are able to authorize properly through postman, then there is some issue with passing token.

  • Also token you are getting is in proper format as mentioned in above.

  • Reference link

huangapple
  • 本文由 发表于 2023年4月6日 23:40:23
  • 转载请务必保留本文链接:https://go.coder-hub.com/75951354.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定