尝试调用REST API以清除队列消息时,Azure存储服务会引发403禁止错误

时间:2016-09-21 18:30:13

标签: rest azure azure-storage-queues

我正在尝试通过队列服务REST API清除所有azure存储队列消息。我已经验证代码是正确的,但它仍然返回403禁止错误。 “StorageSharedKey”和“StorageAccountName”是正确的,因为我能够使用azure队列客户端的连接字符串中的这些值连接到azure队列。我使用的存储版本是“2015-12-11”。

以下是代码:

    internal void ClearStorageQueueMessages(string queueName)
    {
        const string requestMethod = "DELETE";
        string urlPath = $"{queueName}/messages";
        var dateInRfc1123Format = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture);
        var canonicalizedHeaders = $"x-ms-date:{dateInRfc1123Format}\nx-ms-version:{StorageVersion}";
        var canonicalizedResource = $"/{StorageAccountName}/{urlPath}";
        var uri = new Uri($"https://{StorageAccountName}.queue.core.windows.net/{urlPath}");
        var response = MakeDeleteRestCall(uri, requestMethod, dateInRfc1123Format, canonicalizedHeaders, canonicalizedResource);
    }

    internal RestResponse MakeDeleteRestCall(Uri uri, string requestMethod, string dateInRfc1123Format, string canonicalizedHeaders,
        string canonicalizedResource)
    {
        var restResponse = new RestResponse();
        var stringToSign = $"{requestMethod}\n\n\n\n\n\n\n\n\n\n\n\n{canonicalizedHeaders}\n{canonicalizedResource}";
        var authorizationHeader = CreateAuthorizationHeader(stringToSign);

        var request = (HttpWebRequest) WebRequest.Create(uri);
        request.Method = requestMethod;
        request.Headers.Add("x-ms-date", dateInRfc1123Format);
        request.Headers.Add("x-ms-version", StorageVersion);
        request.Headers.Add("Authorization", authorizationHeader);
        //request.Accept = "application/atom+xml,application/xml";
        request.Accept = "application/json";
        //request.ContentType = "application/json";

        using (var response = (HttpWebResponse) request.GetResponse())
        {
            restResponse.StatusCode = response.StatusCode;
            var responseStream = response.GetResponseStream();
            if (responseStream == null)
                return restResponse;
            using (var reader = new StreamReader(responseStream))
            {
                restResponse.ReturnedContent = reader.ReadToEnd();
            }
        }
        return restResponse;
    }

    internal static string CreateAuthorizationHeader(string canonicalizedString)
    {
        string signature;

        using (var hmacSha256 = new HMACSHA256(Convert.FromBase64String(StorageSharedKey)))
        {
            var dataToHmac = Encoding.UTF8.GetBytes(canonicalizedString);
            signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac));
        }

        var authorizationHeader = string.Format(CultureInfo.InvariantCulture, "{0} {1}:{2}", StorageSharedKey,
            StorageAccountName, signature);

        return authorizationHeader;
    }

1 个答案:

答案 0 :(得分:1)

问题似乎与标题授权有关。请根据文档检查格式:

  

授权=“[SharedKey | SharedKeyLite]:”

https://msdn.microsoft.com/en-us/library/azure/dd179428.aspx

您的函数以纯文本而不是授权方案“SharedKey”或“SharedKeyLite”添加共享密钥。

相关问题
最新问题