使用REST API在Azure中创建表

Question

有人尝试过使用REST API在存储帐户中创建表吗？如果我使用SharedKeyLite授权，我可以做到这一点。但是，使用SharedKey授权时，身份验证将继续失败。

我的猜测是，必须使用授权签名中的“ Content-MD5”值来做某事。该文档对Content-MD5的值含糊不清，我在文档中找不到推荐的生成Content-MD5的方法。

我找不到使用C＃的示例。我发现的唯一示例是使用Powershell，并且为Content-MD5使用了空字符串。但是，这不适用于我的情况。

这是我的代码：

public static void CreateTable(string storageAccount, string storageKey, string tableName)
        {
            var client = new HttpClient();

            string date = DateTime.UtcNow.ToString("R", System.Globalization.CultureInfo.InvariantCulture);
            client.DefaultRequestHeaders.Add("x-ms-date", date);
            string msVersion = "2018-03-28";
            client.DefaultRequestHeaders.Add("x-ms-version", msVersion);
            client.DefaultRequestHeaders.Add("MaxDataServiceVersion", "3.0;NetFx");
            client.DefaultRequestHeaders.Add("DataServiceVersion", "3.0;NetFx");
            client.DefaultRequestHeaders.Add("Accept", "application/json;odata=nometadata");
            string payload = "{ \"TableName\":\""+ tableName +"\" }";
            int contentLength = GetContentLength(payload);
            string authH = "SharedKey " + storageAccount + ":" + CreateTableSignature("POST", payload, "application/json", date, storageAccount + "/Tables", storageKey, new List<string>() { });
            client.DefaultRequestHeaders.Add("Authorization", authH);
            string requestUri = $"https://{storageAccount}.table.core.windows.net/Tables";

            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, requestUri);
            request.Content = new StringContent(payload,
                                                Encoding.UTF8,
                                                "application/json");
            request.Content.Headers.ContentLength = contentLength;
            client.SendAsync(request)
                  .ContinueWith(responseTask =>
                  {
                      Console.WriteLine("Response: {0}", responseTask.Result);
                  });
        }
public static string CreateTableSignature(string verb, string content, string contentType,  string date, string resource, string key, List<string> canonicalizedResourceParms)
        {
            string msgSignature = verb + "\n" +
               CreateMD5(content) + "\n" +
               contentType + "\n" +
               date + "\n";

            msgSignature += "/" + resource;
            foreach (string parm in canonicalizedResourceParms)
                msgSignature += "\n" + parm;
            byte[] SignatureBytes = Encoding.UTF8.GetBytes(msgSignature);

            // Create the HMACSHA256 version of the storage key.
            HMACSHA256 SHA256 = new HMACSHA256(Convert.FromBase64String(key));

            // Compute the hash of the SignatureBytes and convert it to a base64 string.
            return Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));

        }
public static string CreateMD5(string input)
        {
            // Use input string to calculate MD5 hash
            using (System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create())
            {
                byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
                byte[] hashBytes = md5.ComputeHash(inputBytes);
                return Convert.ToBase64String(hashBytes);
            }
        }

Answer 1

有两点要解决。

1. 内容类型

   request.Content = new StringContent(payload,
                                       Encoding.UTF8,
                                       "application/json");
   

   在这种方法中，SDK实际上在我们发送请求时设置了application/json; charset=utf-8。这意味着签名也需要application/json; charset=utf-8。

   或者我建议您删除该具有误导性的内容类型设置并使用

   request.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
   

2. Content-MD5

   签名不是必需的，您可以将其保留为空。否则，如果要将其放入签名中，则需要首先添加相应的请求标头。

   request.Content.Headers.ContentMD5 = Convert.FromBase64String(CreateMD5(payload));
   

   此外，在方法CreateMD5（）中，编码应为UTF8

   System.Text.Encoding.UTF8.GetBytes(input);