我正在尝试使用SAS将图像上传到Azure存储。这是我用来生成SAS的代码。
function getWriteSAS() {
var blobService = storage.createBlobService();
var container = 'container-name';
var blobSAS = blobService.generateSharedAccessSignature(container, mCurrentRequest.param.blobName, getSharedAccessPolicy(10));
urlForDownloading = blobService.host.primaryHost + container + '?' + blobSAS
mCurrentResponse.status(200).send({"SASURI" : urlForDownloading})
}
function getSharedAccessPolicy(accessTimeInMinutes) {
var startDate = new Date();
var expiryDate = new Date(startDate);
expiryDate.setMinutes(startDate.getMinutes() + accessTimeInMinutes);
startDate.setMinutes(startDate.getMinutes() - accessTimeInMinutes);
var sharedAccessPolicy = {
AccessPolicy: {
Permissions: storage.BlobUtilities.SharedAccessPermissions.WRITE,
Start: startDate,
Expiry: expiryDate
},
};
return sharedAccessPolicy;
}
当我尝试从浏览器点击URL时,我得到了这个结果。
<Error>
<script/>
<Code>AuthenticationFailed</Code>
<Message>
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:2fab1644-0001-0087-7c99-c77b1a000000 Time:2016-06-16T06:36:14.5020064Z
</Message>
<AuthenticationErrorDetail>
Signature did not match. String to sign used was w 2016-06-16T06:24:52Z 2016-06-16T06:44:52Z /blob/irewardchart/$root 2015-04-05
</AuthenticationErrorDetail>
</Error>
非常感谢任何帮助。
答案 0 :(得分:0)
根据您的描述,您的代码生成的URL错过了blobName的模式。请仔细检查应用程序中的参数mCurrentRequest.param.blobName是否获得正确的值。
顺便说一句,还有另外两点你可以注意:
storage.BlobUtilities.SharedAccessPermissions.READ权限,这可以减少权限问题。 由于Azure-storage-node sdk提供了一个可以使用SAS令牌getUrl()生成blob网址的功能。因此,如果您选中mCurrentRequest.param.blobName具有正确的值但请仍然遇到问题,请尝试使用以下代码:
...
var blobSAS = blobService.generateSharedAccessSignature(<containerName>, <blobName>, getSharedAccessPolicy(10));
var sharedBlobService = azure.createBlobServiceWithSas(blobService.host, blobSAS);
urlForDownloading = blobService.getUrl(container,blobName,blobSAS)
...