All geek questions in one place

Azure REST API - server failed authentication

I am creating an application for the Windows Phone 8.1 Store with the ability to upload some drops to Azure Storage. I cannot use the WindowsAzure.Storage lib (very strange), so I'm trying to use REST. I can’t understand what happened.

try
{
    string time = DateTime.Now.ToString("R", System.Globalization.CultureInfo.InvariantCulture);
    string tosign = "GET\n" +
                        "\n" +  //Content-Encoding
                        "\n" +  //Content-Language
                        "0\n" +  //Content-Length
                        "\n" +  //Content-MD5
                        "\n" +  //Content-Type
                        "\n" +  //Date
                        "\n" +  //If-modified-since
                        "\n" +  //If-match
                        "\n" +  //If-none-match
                        "\n" +  //If-unmodified-since
                        "\n" +  //Range
                        "x-ms-date:" + time + "\nx-ms-version:2015-02-21\n" +   //CanonicalizedHeaders
                        "/storage_name/\ncomp:list";    //CanonicalizedResource

    string hashKey = "DHpNuYG5MXhamfbKmFPClUlNi38QiM2uqIqz07pgvpv2gmXJRwxaMlcV05pFCYsrelGYKPed9QphyJ/YnUrh5w=="; //Primary access key

    MacAlgorithmProvider macAlgorithmProvider = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha256);
    var messageBuffer = CryptographicBuffer.ConvertStringToBinary(tosign, BinaryStringEncoding.Utf8);
    IBuffer keyBuffer = CryptographicBuffer.ConvertStringToBinary(hashKey, BinaryStringEncoding.Utf8);
    CryptographicKey hmacKey = macAlgorithmProvider.CreateKey(keyBuffer);
    IBuffer signedMessage = CryptographicEngine.Sign(hmacKey, messageBuffer);
    string hashedString = CryptographicBuffer.EncodeToBase64String(signedMessage);

    var client = new HttpClient();
    Uri uri = new Uri("https://storage_name.blob.core.windows.net/?comp=list");
    client.DefaultRequestHeaders.Add("x-ms-date", time);
    client.DefaultRequestHeaders.Add("x-ms-version", "2015-02-21");
    client.DefaultRequestHeaders.Add("Authorization", "SharedKey storage_name:" + hashedString);
    var response = await client.GetAsync(uri);
}
catch(Exception ex)
{
    Debug.WriteLine(ex.ToString());
}

Error: The server was unable to authenticate the request. Verify that the authorization header value is configured correctly, including the signature.

How can I make it work?

+4
source share
2 answers

Your cryptographic code does not work. :-)

Code Samples

, " HMAC-SHA256 UTF-8 Base64". hashKey " " Azure, toSign " " docs.

Windows Phone 8.1

Windows Phone 8.1 Windows.Security.Cryptography :

public string GetEncodedSignature(string toSign, string hashKey)
{
    // UTF-8-encoded signature string
    var utf8 = BinaryStringEncoding.Utf8;
    var msgBuffer = CryptographicBuffer.ConvertStringToBinary(toSign, utf8);

    // primary access key
    // note the use of DecodeFromBase64String
    var keyBuffer = CryptographicBuffer.DecodeFromBase64String(hashKey);

    // make the HMAC-SHA256 algorithm
    var alg = MacAlgorithmNames.HmacSha256;
    var objMacProv = MacAlgorithmProvider.OpenAlgorithm(alg);
    CryptographicHash hash = objMacProv.CreateHash(keyBuffer);

    // call the HMAC-SHA256 algorithm
    hash.Append(msgBuffer);
    IBuffer hashMsg = hash.GetValueAndReset();

    // retrieve the result!
    var result = CryptographicBuffer.EncodeToBase64String(hashMsg);

    return result;
}

.NET

.NET, System.Security.Cryptography.

public static string GetEncodedSignature(string toSign, string hashKey)
{
    byte[] bytes;
    byte[] unicodeKey = Convert.FromBase64String(hashKey);
    var utf8encodedString = Encoding.UTF8.GetBytes(toSign);
    using (var hmac = new HMACSHA256(unicodeKey))
    {
        bytes = hmac.ComputeHash(utf8encodedString);
    }

    var signature = Convert.ToBase64String(bytes);
    return signature;
}

. Fiddle, HTTP-.

.

MSDN Azure Storage Services

+3

, , - , , , , Content-Length "\n" ( "0\" ). 2015-02-21 , .

try
{
    string time = DateTime.Now.ToString("R", System.Globalization.CultureInfo.InvariantCulture);
    string tosign = "GET\n" +
                        "\n" +  //Content-Encoding
                        "\n" +  //Content-Language
                        "\n" +  //Content-Length
                        "\n" +  //Content-MD5
                        "\n" +  //Content-Type
                        "\n" +  //Date
                        "\n" +  //If-modified-since
                        "\n" +  //If-match
                        "\n" +  //If-none-match
                        "\n" +  //If-unmodified-since
                        "\n" +  //Range
                        "x-ms-date:" + time + "\nx-ms-version:2015-02-21\n" +   //CanonicalizedHeaders
                        "/storage_name/\ncomp:list";    //CanonicalizedResource

    string hashKey = "DHpNuYG5MXhamfbKmFPClUlNi38QiM2uqIqz07pgvpv2gmXJRwxaMlcV05pFCYsrelGYKPed9QphyJ/YnUrh5w=="; //Primary access key


   string hashedString = GetEncodedSignature(tosign, hashKey); //Shaun answer method

    var client = new HttpClient();
    Uri uri = new Uri("https://storage_name.blob.core.windows.net/?comp=list");
    client.DefaultRequestHeaders.Add("x-ms-date", time);
    client.DefaultRequestHeaders.Add("x-ms-version", "2015-02-21");
    client.DefaultRequestHeaders.Add("Authorization", "SharedKey storage_name:" + hashedString);
    var response = await client.GetAsync(uri);
}
catch(Exception ex)
{
    Debug.WriteLine(ex.ToString());
}
+1

Source: https://habr.com/ru/post/1605832/

More articles:


All Articles