我有一段PHP代码,可向Azure存储帐户中的容器创建Blob存储PUT请求。经过大量的修改,我终于找到了正确的标题,一切都很好。不幸的是,我要在其中使用的应用程序是用Perl编写的。所以我认为移植它是一个相对容易的任务。事实证明,这比我预期的要困难得多。
我已经比较了PHP代码和Perl代码之间的所有内容(很显然,不是所有内容,否则都会造成工作异常),但是继续收到与标头有关的身份验证错误。
PHP脚本使用Curl发出用户代理请求。我在Perl安装中没有可直接替代的访问权限。不知道如果没有本地安装和Net :: Curl的C编译器,我可以做很多事情。 (也许我在那里缺少什么?)因为两个版本(PHP和Perl)之间的所有内容似乎都匹配,即消息,密钥,字符串的编码/解码版本,哈希签名(我对两个实现之间的验证日期进行了硬编码) ,我无所适从。今天是第三天,我觉得我可能正在解决这个小组已经解决的问题。
可以正常工作的PHP代码:
<?php
date_default_timezone_set ( 'GMT' );
$date = date ( "D, d M Y H:i:s T" );
$version = "2009-09-19";
$account_name = 'emiliolizardo';
$account_key = "uXwt+WJ14kkV6zDALOuiDCsJtqrGDMK7W5xtNhuXXUcsfP1HIC1s7IJ+PZS7dgyXPBufad46ncBSQQK5rNs6Qw==";
$container_name = 'containertest';
$blobname = "foobar.txt";
$fdata = file_get_contents('testfile.txt');
$utfStr = "PUT"
. "\n\n\n"
. strlen($fdata)
. "\n\n"
. "text/plain; charset=UTF-8"
. "\n\n\n\n\n\n\n"
. "x-ms-blob-type:BlockBlob"
. "\n"
. "x-ms-date:$date"
. "\n"
. "x-ms-version:$version"
. "\n"
. "/$account_name/$container_name/$blobname";
$utf8_encode_str = utf8_encode ( $utfStr );
echo "utfStr : " . $utfStr . "\n";
echo "utf8_encode_str:" . $utf8_encode_str . "\n";
$signature_str = base64_encode(hash_hmac('sha256', $utf8_encode_str, base64_decode($account_key), true));
echo "signature_str:" . $signature_str . "\n";
$header = array (
"x-ms-blob-type: BlockBlob",
"x-ms-date: " . $date,
"x-ms-version: " . $version,
"Authorization: SharedKey " . $account_name . ":" . $signature_str,
"Content-Type: text/plain; charset=UTF-8",
"Content-Length: " . strlen($fdata),
);
print_r($header);
$url="https://$account_name.blob.core.windows.net/$container_name/$blobname";
echo "url:" . $url . "\n";
# Check our variables
#echo "account_name: " . $account_name . "\n";
#echo "account_key : " . $account_key . "\n";
#echo "signature : " . $signature_str . "\n";
#echo "url : " . $url . "\n";
#var_dump($header);
# Execute curl commands to create container
$ch = curl_init ();
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, 'PUT' );
curl_setopt ($ch, CURLOPT_URL, $url );
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt ($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $fdata);
curl_setopt ($ch, CURLOPT_HEADER, True );
$result = curl_exec ( $ch );
和Perl代码相近,但缺少一些内容:
#!/usr/bin/perl
use strict;
use DateTime;
use DateTime::TimeZone;
use Data::Dumper;
use Encode qw(decode encode);
use MIME::Base64 qw( encode_base64 decode_base64 );
use Digest::SHA qw(hmac_sha256 hmac_sha256_base64);
use HTTP::Request;
use LWP::UserAgent;
my $account_name = "emiliolizardo";
my $account_key = "uXwt+WJ14kkV6zDALOuiDCsJtqrGDMK7W5xtNhuXXUcsfP1HIC1s7IJ+PZS7dgyXPBufad46ncBSQQK5rNs6Qw==";
my $container = 'containertest';
#my $file = 'YhJCUjrcEi0q.mp3';
my $file = 'testfile.txt';
# -----------------------------------------------------------
# --
# -----------------------------------------------------------
sub uploadblob {
my ($fname, $accname, $acckey, $cont) = @_;
my $date = `/bin/date -u +"%a, %d %b %Y %T GMT"`; chomp $date;
# my $date = 'Mon, 01 Jul 2019 13:14:43 GMT'; # -- JUST FOR TESTING
# my $version = "2018-03-28";
my $version = "2009-09-19"; # -- JUST FOR TESTING TO MIMIC PHP CODE
my ($blobname, $ctype);
for ($fname) {
/\.mp3$/i and do { $ctype = 'audio/mpeg'; last; };
/\.wav$/i and do { $ctype = 'audio/wav'; last; };
/\.txt$/i and do { $ctype = 'text/plain'; last; };
die "Failed to match an acceptable extension";
}
my $blobname = $fname;
open FILE, "< $fname" or die "Can't open file $fname for read: $!";
my $fdata = <FILE>;
close FILE;
my $fsize = -s $fname;
my $str = qq{PUT\n\n\n$fsize\n\n$ctype; charset=UTF-8\n\n\n\n\n\n\nx-ms-blob-type:BlockBlob\nx-ms-date:$date\nx-ms-version:$version\n/$accname/$cont/$blobname};
print "utfStr : $str\n";
my $message = encode("UTF-8", $str);
print "utf8_encode_str:$message\n";
my $secret = decode_base64($acckey);
my $signature_str = encode_base64( hmac_sha256($message, $secret) );
chomp $signature_str;
print "signature_str:$signature_str\n";
# while(length($digest) %4) { $digest .= '='; } # -- Is this necessary for the hmac_sha256 digest?
my $header = [
'x-ms-blob-type' => "BlockBlob",
'x-ms-date' => $date,
'x-ms-version' => $version,
'Authorization' => "SharedKey $accname:$signature_str",
'Content-Type' => "$ctype; charset=UTF-8",
'Content-Length' => $fsize
];
my $url = "https://$accname.blob.core.windows.net/$cont/$blobname";
print "url:$url\n";
sendPut($header,$url,$fdata);
}
# -----------------------------------------------------------
# --
# -----------------------------------------------------------
sub sendPut {
my ($header,$url,$data) = @_;
print "\n\nIn sendPut()\n\n\n==============================================\n\n\n";
my $r = HTTP::Request->new('POST', $url, $header, $data);
my $ua = LWP::UserAgent->new();
my $res = $ua->request($r);
print "res: ", Dumper $res, "\n";
}
uploadblob($file, $account_name, $account_key, $container);
该错误消息提示我可能是什么 ,但是我不确定如何纠正它:content-length标头是错误的,已修复。这似乎是LWP存在的问题(或者在2006年,这是我发现的参考)。
在通过LWP发送数据之前,使用Data :: Dumper查看HTTP :: Request对象,对我来说看起来还不错。就像PHP请求对象一样。在某个时候,我将用PHP或Node.js或最新版本重写老式的Perl代码,但目前,我真的很想在Perl中使它工作。
提前感谢您的任何建议。如果我违反任何SO礼节,我们深表歉意。
谢谢-安迪
以下是UserAgent->请求的完整回复:
Content-Length header value was wrong, fixed at /usr/share/perl5/vendor_perl/LWP/Protocol/http.pm line 189.
res: $VAR1 = bless( {
'_protocol' => 'HTTP/1.1',
'_content' => '<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:62589eac-301e-00bd-3e1e-30c15e000000
Time:2019-07-01T15:04:08.0485043Z</Message><AuthenticationErrorDetail>The MAC signature found in the HTTP request \'PUUgk2meSoiB9o+inlYomIq96Bf13IdAQoIZ4BSu4sE=\' is not the same as any computed signature. Server used following string to sign: \'POST
26
text/plain; charset=UTF-8
x-ms-blob-type:BlockBlob
x-ms-date:Mon, 01 Jul 2019 15:04:07 GMT
x-ms-version:2009-09-19
/emiliolizardo/containertest/testfile.txt\'.</AuthenticationErrorDetail></Error>',
'_rc' => '403',
'_headers' => bless( {
'client-response-num' => 1,
'date' => 'Mon, 01 Jul 2019 15:04:07 GMT',
'client-ssl-cert-issuer' => '/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Microsoft IT/CN=Microsoft IT TLS CA 4',
'client-ssl-cipher' => 'ECDHE-RSA-AES256-GCM-SHA384',
'client-peer' => '52.239.177.68:443',
'content-length' => '723',
'client-date' => 'Mon, 01 Jul 2019 15:04:08 GMT',
'client-ssl-warning' => 'Peer certificate not verified',
'content-type' => 'application/xml',
'x-ms-request-id' => '62589eac-301e-00bd-3e1e-30c15e000000',
'client-ssl-cert-subject' => '/CN=*.blob.core.windows.net',
'server' => 'Microsoft-HTTPAPI/2.0',
'client-ssl-socket-class' => 'IO::Socket::SSL'
}, 'HTTP::Headers' ),
'_msg' => 'Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.',
'_request' => bless( {
'_content' => 'Test file for blob upload
',
'_uri' => bless( do{\(my $o = 'https://emiliolizardo.blob.core.windows.net/containertest/testfile.txt')}, 'URI::https' ),
'_headers' => bless( {
'user-agent' => 'libwww-perl/5.833',
'x-ms-date' => 'Mon, 01 Jul 2019 15:04:07 GMT',
'content-type' => 'text/plain; charset=UTF-8',
'x-ms-version' => '2009-09-19',
'x-ms-blob-type' => 'BlockBlob',
'content-length' => 28,
'authorization' => 'SharedKey emiliolizardo:PUUgk2meSoiB9o+inlYomIq96Bf13IdAQoIZ4BSu4sE='
}, 'HTTP::Headers' ),
'_method' => 'POST',
'_uri_canonical' => $VAR1->{'_request'}{'_uri'}
}, 'HTTP::Request' )
}, 'HTTP::Response' );
$VAR2 = '
';
答案 0 :(得分:2)
已在评论中解决。 @Grinnz和@Guarav Mantri-你们说对了。
我的测试文件中还有第二行(我看不到的点)。因此,从文件中读取一行,但是使用-s计算整个文件大小将导致不匹配。现在content-length正在正确计算。
当在签名哈希中使用PUT时,我在HTTP :: Request-new()调用中盲目键入“ POST”。糟糕!
谢谢大家。由于两个答案都包含部分答案,因此不确定如何投票给两个答案。