我有一些代码可以在azure blob中为pdf提供共享访问签名。
class Program
{
static void Main(string[] args)
{
CloudStorageAccount storageAccount = CloudStorageAccount.Parse("BlobEndpoint=<url>;AccountKey=<accountKey>");
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference("products");
BlobContainerPermissions containerPermissions = new BlobContainerPermissions();
containerPermissions.PublicAccess = BlobContainerPublicAccessType.Off;
container.SetPermissions(containerPermissions);
containerPermissions.SharedAccessPolicies.Add("mypolicy", new SharedAccessPolicy()
{
SharedAccessStartTime = DateTime.UtcNow.AddSeconds(1),
SharedAccessExpiryTime = DateTime.UtcNow.AddHours(1),
Permissions = SharedAccessPermissions.Read | SharedAccessPermissions.Write
});
string sas = container.GetSharedAccessSignature(new SharedAccessPolicy(), "mypolicy");
CloudBlobClient sasBlobClient = new CloudBlobClient(storageAccount.BlobEndpoint, new StorageCredentialsSharedAccessSignature(sas));
CloudBlob blob = sasBlobClient.GetBlobReference("products/virtual/computer/brochure.pdf");
Console.WriteLine(blob.Uri.AbsoluteUri + sas);
}
}
当我运行代码并将URL粘贴到浏览器中时,我得到以下内容:
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:05c9cfc0-d7fd-4352-9b21-9e273efdc09f Time:2014-02-05T13:36:05.6126781Z</Message>
<AuthenticationErrorDetail>Signature did not match. String to sign used was /portalvhdsv53d88583slg1/products mypolicy</AuthenticationErrorDetail>
</Error>
我想要的只是生成一个URL,这个URL可以让我在一段时间内访问blob存储中的项目。我做错了什么?
答案 0 :(得分:0)
根据您的代码,权限政策将在创建后1秒后生效。
SharedAccessStartTime = DateTime.UtcNow.AddSeconds(1),
SharedAccessExpiryTime = DateTime.UtcNow.AddHours(1),
所以你必须在创建之后至少等待1秒才能访问。
试试这个问题:
SharedAccessStartTime = DateTime.UtcNow(),
SharedAccessExpiryTime = DateTime.UtcNow.AddHours(1),
在这种情况下,该政策立即生效