node.js - Azure:按照文档完成后,使用 Azure REST API 的表 acl GET 不起作用
问题描述
我正在关注GET ACL Table和Authentication for the Azure Storage Services的 Azure REST 文档。
下面是我正在执行的 REST 操作的代码片段。
//Input your Storage Account and access-key associated to it.
const yourStorageAccountName = '';
const accessKeyStorageAccount = '';
const Client = require('node-rest-client').Client;
const crypto = require("crypto");
async function getTableAcl() {
let now = new Date();
let nowUTC = now.toUTCString();
let contentType = "application/json"
// construct input value
let stringToSign = `GET\n\n\n${nowUTC}\n/${yourStorageAccountName}/tablename\ncomp:acl`;
let accesskey = accessKeyStorageAccount;
// create base64 encoded signature
let key = new Buffer(accesskey, "base64");
let hmac = crypto.createHmac("sha256", key);
hmac.update(stringToSign);
let sig = hmac.digest("base64");
console.log("SIGNATURE : " + sig);
console.log("nowutc : " + nowUTC);
let args = {
headers: {
"Authorization": "SharedKey " + yourStorageAccountName + ":" + sig,
"Date": nowUTC,
"x-ms-version": "2015-12-11"
}
};
let restClient = new Client();
restClient.get(`https://${yourStorageAccountName}.table.core.windows.net/tablename?comp=acl`, args, function (data, response) {
console.log(JSON.stringify(data));
//console.log(response);
});
}
getTableAcl()
这里要注意的是,Azure 表 ACL 文档中没有提到 Content-Type,但在 Authorization 标头部分中给出了包含 Content-Type。因此,我在“stringToSign”中将内容类型保持为空,并且没有在 REST 调用中提供 Content-Type 标头。我可能遗漏了一些东西,但我无法确定它可能是什么。
如果我在这种情况下遗漏了什么,你能告诉我吗?
解决方案
Basically the issue is that you're generating canonicalized resource string correctly.
The documentation states the following:
2009-09-19 and later Shared Key Lite and Table service format
This format supports Shared Key and Shared Key Lite for all versions of the Table service, and Shared Key Lite for version 2009-09-19 and later of the Blob and Queue services and version 2014-02-14 and later of the File service. This format is identical to that used with previous versions of the storage services. Construct the CanonicalizedResource string in this format as follows:
- Beginning with an empty string (""), append a forward slash (/), followed by the name of the account that owns the resource being accessed.
- Append the resource's encoded URI path. If the request URI addresses a component of the resource, append the appropriate query string. The query string should include the question mark and the comp parameter (for example, ?comp=metadata). No other parameters should be included on the query string.
Based on this, your stringToSign should be:
let stringToSign = `GET\n\n\n${nowUTC}\n/${yourStorageAccountName}/tablename?comp=acl`;
Give it a try, it should work.
推荐阅读
- android - gradle文件中的依赖问题
- c# - Asp.Net MVC 中 Web API 的默认控制器操作
- java - 如何存储具有数量的arraylist中的重复项
- android - 无法连接到avd
- apache-spark - 在 spark 中读取现有的 XGboost ml 模型
- c# - 难以从 Xamarin(和 Tizen Studio)部署到 Galaxy Watch
- python - Pytest:带有 >、<、<= 和 >= 的 approx()
- c# - 为什么 AddMvc 需要 Action
而不是 MvcOptions? - sql - 由于需要显示零,SQL Summary Sum Table 效率低下 - 有没有更好的方法?MSACCESS/SQLServer
- python - 仅替换完全匹配的字符串 python ndarri