我已经写了下面的代码来获取带缓存到期令牌的blob url,实际上已经设置了2个小时来使blob url到期,
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference(containerName);
CloudBlockBlob blockBlob = container.GetBlockBlobReference("blobname");
//Create an ad-hoc Shared Access Policy with read permissions which will expire in 2 hours
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
{
Permissions = SharedAccessBlobPermissions.Read,
SharedAccessExpiryTime = DateTime.UtcNow.AddHours(2),
};
SharedAccessBlobHeaders headers = new SharedAccessBlobHeaders()
{
ContentDisposition = string.Format("attachment;filename=\"{0}\"", "blobname"),
};
var sasToken = blockBlob.GetSharedAccessSignature(policy, headers);
blobUrl = blockBlob.Uri.AbsoluteUri + sasToken;
使用上面的代码我得到带有效到期令牌的blob url,现在我想在一个客户端应用程序中检查blob url是否有效。 我通过传递URL并获取响应状态代码来尝试Web请求和http客户端方法。如果响应代码是404,那么我假设URL已过期,如果URL仍然有效,但这种方法需要更多时间。
请以其他方式建议我。
答案 0 :(得分:1)
我尝试运行与你的代码非常相似的代码,我收到403错误,这实际上是在这种情况下的预期。根据您的问题,我不确定403是否比404更有帮助。以下是在控制台应用程序中运行的代码,返回403:
class Program
{
static void Main(string[] args)
{
string blobUrl = CreateSAS();
CheckSAS(blobUrl);
Console.ReadLine();
}
//This method returns a reference to the blob with the SAS, and attempts to read it.
static void CheckSAS(string blobUrl)
{
CloudBlockBlob blob = new CloudBlockBlob(new Uri(blobUrl));
//If the DownloadText() method is run within the two minute period that the SAS is valid, it succeeds.
//If it is run after the SAS has expired, it returns a 403 error.
//Sleep for 3 minutes to trigger the error.
System.Threading.Thread.Sleep(180000);
Console.WriteLine(blob.DownloadText());
}
//This method creates the SAS on the blob.
static string CreateSAS()
{
string containerName = "forum-test";
string blobName = "blobname";
string blobUrl = "";
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference(containerName);
container.CreateIfNotExists();
CloudBlockBlob blockBlob = container.GetBlockBlobReference(blobName + DateTime.Now.Ticks);
blockBlob.UploadText("Blob for forum test");
//Create an ad-hoc Shared Access Policy with read permissions which will expire in 2 hours
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
{
Permissions = SharedAccessBlobPermissions.Read,
SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(2),
};
SharedAccessBlobHeaders headers = new SharedAccessBlobHeaders()
{
ContentDisposition = string.Format("attachment;filename=\"{0}\"", blobName),
};
var sasToken = blockBlob.GetSharedAccessSignature(policy, headers);
blobUrl = blockBlob.Uri.AbsoluteUri + sasToken;
return blobUrl;
}
}
在某些情况下,SAS故障确实会返回404,这可能会导致使用SAS进行故障排除操作时出现问题。 Azure存储团队了解此问题,在将来的版本中,SAS故障可能会返回403。有关解决404错误的帮助,请参阅http://azure.microsoft.com/en-us/documentation/articles/storage-monitoring-diagnosing-troubleshooting/#SAS-authorization-issue。
答案 1 :(得分:0)
几天前我也遇到了同样的问题。我实际上期望存储服务在SAS令牌过期时返回403错误代码,但存储服务返回404错误。
鉴于我们没有任何其他选项,您执行此操作的方式是唯一可行的方法,但仍然不正确,因为如果存储帐户中不存在blob,则可能会出现404错误。 / p>
答案 2 :(得分:0)
也许您可以从生成的SAS中解析“se”参数,这意味着到期时间,例如“SE = 2013-04-30T02%3A23%3A26Z”。但是,由于服务器时间可能与客户端时间不同,因此解决方案可能不稳定。
答案 3 :(得分:0)
您使用的是SharedAccessExpiryTime的UTC时间(请参阅https://docs.microsoft.com/en-us/azure/storage/common/storage-dotnet-shared-access-signature-part-1#parameters-common-to-account-sas-and-service-sas-tokens中的“到期时间”)。
然后将到期时间记录在令牌中的se索赔下,可以在实际使用令牌之前对照客户端的当前UTC时间检查其值。这样一来,您就不必再对Blob存储进行额外的调用,而只需查找令牌是否已过期即可。