这是我尝试访问存储中的blob时返回的错误:
代码:AuthenticationFailed 消息:服务器无法验证请求。确保正确形成Authorization标头的值,包括签名。 AuthenticationErrorDetail:签名不匹配。使用的字符串是xxstorageaccount rwdlac b sco 2017-08-17T21:29:24Z 2017-08-17T21:34:24Z https 2017-04-17
这是我的代码:
$storageAccount = config('azure.storage.account');
$start = new \DateTime();
$end = (new \DateTime())->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');
$toSign = $storageAccount . "\n";
$toSign .= "rwdlac" . "\n";
$toSign .= "b" . "\n";
$toSign .= "sco" . "\n";
$toSign .= $start . "\n";
$toSign .= $end . "\n";
$toSign .= "\n";
$toSign .= "https" . "\n";
$toSign .= "2017-04-17" . "\n";
$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, $sasKeyValue, TRUE)));
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;
return $uri . $token;
答案 0 :(得分:1)
你可以做两件事来避免这个错误。
通过setTimezone()功能将开始和结束时间转换为GMT时间,或者考虑改为使用gmdate function。
通过base64_decode()函数解码base64帐户密钥。
请更改您的代码,如下所示:
$storageAccount = config('azure.storage.account');
$start = (new \DateTime())->setTimezone(new DateTimeZone('GMT'));
$end = (new \DateTime())->setTimezone(new DateTimeZone('GMT'))->modify('+5 minutes');
$start = $start->format('Y-m-d\TH:i:s\Z');
$end = $end->format('Y-m-d\TH:i:s\Z');
$toSign = $storageAccount . "\n";
$toSign .= "rwdlac" . "\n";
$toSign .= "b" . "\n";
$toSign .= "sco" . "\n";
$toSign .= $start . "\n";
$toSign .= $end . "\n";
$toSign .= "\n";
$toSign .= "https" . "\n";
$toSign .= "2017-04-17" . "\n";
$signature = rawurlencode(base64_encode(hash_hmac('sha256', $toSign, base64_decode($sasKeyValue), TRUE)));
$token = "?sv=2017-04-17&ss=b&srt=sco&sp=rwdlac&se=" . $end . "&st=" . $start . "&spr=https&sig=" . $signature;
return $uri . $token;