使用字符串签名

时间:2017-04-25 06:46:52

标签: php azure azure-storage-blobs

我正在使用PHP开发azure rest api。在这里,我尝试使用以下代码将快照从一个存储帐户复制到另一个存储帐户。我知道我的sas令牌代码有一些错误。我收到了 AuthenticationFailedServer failed to authenticate the request.

的身份验证错误

任何人都可以帮忙解决问题

为复制快照生成sas标记的代码

$date = gmdate('D, d M Y H:i:s \G\M\T');
$source_acc_name = "sourceaccname";
$destination_acc_name = "destinationaccname";
$dest_containername = "destcontainername";
$blobname = "ijk.png";
$sourcecontainer = "sourcecontainer";
$source_account_key = "sdsfdsfdsf";
$destination_account_key = "dsfdsgfd";

$expiry = gmdate("Y-m-d\TH:i:s\Z", time() + 30000);
$sig = getSASForBlob($source_acc_name,$sourcecontainer, $blobname, "b", "r", $expiry, $source_account_key);
$url1 = getBlobUrl($source_acc_name,$sourcecontainer,$blobname,"b","r",$expiry,$sig);

function getSASForBlob($accountName,$container, $blob, $resourceType, $permissions, $expiry,$source_account_key){
     $snapshotdatetime = "2017-03-24T10:51:06.345679Z";
     $_arraysign = array();
     $_arraysign[] = $permissions;
     $_arraysign[] = '';
     $_arraysign[] = $expiry;
     $_arraysign[] = '/'.$accountName . '/' . $container . '/' . $blob.'?snapshot='.$snapshotdatetime;
     $_arraysign[] = '';
     $_arraysign[] = '';
     $_arraysign[] = '';
     $_arraysign[] = "2015-04-05";
     $_arraysign[] = '';
     $_arraysign[] = '';
     $_arraysign[] = '';
     $_arraysign[] = '';
     $_arraysign[] = '';
     $_str2sign = implode("\n", $_arraysign);

     return base64_encode(hash_hmac('sha256', urldecode(utf8_encode($_str2sign)), base64_decode($source_account_key), true));
}

 function getBlobUrl($accountName,$container,$blob,$resourceType,$permissions,$expiry,$_signature){
    $snapshotdatetime = "2017-03-24T10:51:06.345679Z";
     /* Create the signed query part */
    $_parts = array();
    $_parts[] = 'sv=2015-04-05';
    $_parts[] = 'sr=' . $resourceType;
    $_parts[] = 'sig=' . urlencode($_signature);
    $_parts[] = (!empty($expiry)) ? 'se=' . urlencode($expiry) : '';
    $_parts[] = (!empty($permissions)) ? 'sp=' . $permissions : '';

     /* Create the signed blob URL */
    $_url = 'https://'.$accountName.'.blob.core.windows.net/'. $container . '/'. $blob . '?snapshot='.$snapshotdatetime. implode('&', $_parts);

    return $_url;
 }

我使用以下副本来复制快照

$canonicalizedHeaders = "x-ms-copy-source:".$url1."\nx-ms-date:$date\nx-ms-version:2015-04-05";
$canonicalizedResource = "/$destination_acc_name/$dest_containername/$blobname";

$arraysign = array();
$arraysign[] = 'PUT';                     /*HTTP Verb*/  
$arraysign[] = '';                        /*Content-Encoding*/  
$arraysign[] = '';                        /*Content-Language*/  
$arraysign[] = '';                        /*Content-Length (include value when zero)*/  
$arraysign[] = '';                        /*Content-MD5*/  
$arraysign[] = '';                        /*Content-Type*/  
$arraysign[] = '';                        /*Date*/  
$arraysign[] = '';                        /*If-Modified-Since */  
$arraysign[] = '';                        /*If-Match*/  
$arraysign[] = '';                        /*If-None-Match*/  
$arraysign[] = '';                        /*If-Unmodified-Since*/  
$arraysign[] = '';                        /*Range*/  
$arraysign[] = $canonicalizedHeaders;     /*CanonicalizedHeaders*/
$arraysign[] = $canonicalizedResource;    /*CanonicalizedResource*/

$stringtosign = implode("\n", $arraysign);

$signature = 'SharedKey'.' '.$destination_acc_name.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($destination_account_key), true));

$endpoint = 'https://'.$destination_acc_name.'.blob.core.windows.net';
$url = $endpoint.'/'.$dest_containername.'/'.$blobname;

$headers = [
    "x-ms-copy-source:$url1",
    "x-ms-date:{$date}",
    "x-ms-version:2015-04-05",
    "Accept:application/json;odata=nometadata",
    "Accept-Charset:UTF-8",
    "Content-Length:0",
    "Authorization:{$signature}"
];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
$response  = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);        

print_r($response);

0 个答案:

没有答案