时间戳

首页 > 解决方案 > 如何构造授权标头以使用 python 将文件上传到 Azure blob 存储?

python - 如何构造授权标头以使用 python 将文件上传到 Azure blob 存储?

问题描述

我需要使用 REST 将文件上传到 Azure blob 存储,但我还必须使用 python。不过,我似乎无法计算出 Authorization 标头。

下面的代码将显示我目前正在尝试的内容

import requests
import datetime
import hmac
import hashlib
import base64

url = 'https://mypoc.blob.core.windows.net/mycontainer/testpdf'
blob_name = 'testpdf'
blob_type = 'BlockBlob'
storage_account_name = 'mypoc'
storage_account_key = 'thisisakey'
container_name='mycontainer'
api_version = '2018-03-28'
request_time = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')

string_params = {
    'verb': 'PUT',
    'Content-Encoding': '',
    'Content-Language': '',
    'Content-Length': '0',
    'Content-MD5': '',
    'Content-Type': '',
    'Date': '',
    'If-Modified-Since': '',
    'If-Match': '',
    'If-None-Match': '',
    'If-Unmodified-Since': '',
    'Range': '',
    'CanonicalizedHeaders': 'x-ms-blob-type:' + blob_type + '\nx-ms-date:' + request_time + '\nx-ms-version:' + api_version,
    'CanonicalizedResource': '/' + storage_account_name +'/'+container_name + '/' + blob_name
    #'\ncomp:list\nrestype:container'
}

string_to_sign = (string_params['verb'] + '\n' 
                  + string_params['Content-Encoding'] + '\n'
                  + string_params['Content-Language'] + '\n'
                  + string_params['Content-Length'] + '\n'
                  + string_params['Content-MD5'] + '\n' 
                  + string_params['Content-Type'] + '\n' 
                  + string_params['Date'] + '\n' 
                  + string_params['If-Modified-Since'] + '\n'
                  + string_params['If-Match'] + '\n'
                  + string_params['If-None-Match'] + '\n'
                  + string_params['If-Unmodified-Since'] + '\n'
                  + string_params['Range'] + '\n'
                  + string_params['CanonicalizedHeaders']
                  + string_params['CanonicalizedResource'])

signed_string = base64.b64encode(hmac.new(base64.b64decode(storage_account_key), msg=string_to_sign.encode('utf-8'), digestmod=hashlib.sha256).digest()).decode()

Authorization = 'SharedKey ' + storage_account_name + ':' + signed_string

print(Authorization)

这会生成一个密钥,但是当我尝试点击 API 时,它说授权标头的形成不正确

标签: pythonazurerestblobstorage

解决方案

请使用以下代码:

import requests
import datetime
import hmac
import hashlib
import base64

blob_name = 'mytestfile.txt'
blob_type = 'BlockBlob'
storage_account_name = 'yy3'
storage_account_key = 'xxx'
container_name='aa1'
api_version = '2018-03-28'

#the text upload to the file
data='this is a test text! have a nice day...'
content_len=str(len(data))
request_time = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')

string_params = {
    'verb': 'PUT',
    'Content-Encoding': '',
    'Content-Language': '',
    'Content-Length': content_len,
    'Content-MD5': '',
    'Content-Type': '',
    'Date': '',
    'If-Modified-Since': '',
    'If-Match': '',
    'If-None-Match': '',
    'If-Unmodified-Since': '',
    'Range': '',
    'CanonicalizedHeaders': 'x-ms-blob-type:' + blob_type +'\nx-ms-date:' + request_time + '\nx-ms-version:' + api_version+'\n',
    'CanonicalizedResource': '/' + storage_account_name +'/'+container_name + '/' + blob_name
}

string_to_sign = (string_params['verb'] + '\n' 
                  + string_params['Content-Encoding'] + '\n'
                  + string_params['Content-Language'] + '\n'
                  + string_params['Content-Length'] + '\n'
                  + string_params['Content-MD5'] + '\n' 
                  + string_params['Content-Type'] + '\n' 
                  + string_params['Date'] + '\n' 
                  + string_params['If-Modified-Since'] + '\n'
                  + string_params['If-Match'] + '\n'
                  + string_params['If-None-Match'] + '\n'
                  + string_params['If-Unmodified-Since'] + '\n'
                  + string_params['Range'] + '\n'
                  + string_params['CanonicalizedHeaders']
                  + string_params['CanonicalizedResource'])

signed_string = base64.b64encode(hmac.new(base64.b64decode(storage_account_key), msg=string_to_sign.encode('utf-8'), digestmod=hashlib.sha256).digest()).decode()

headers = {
    'x-ms-date' : request_time,
    'x-ms-version' : api_version,
    'Content-Length': content_len,
    'x-ms-blob-type': blob_type,
    'Authorization' : ('SharedKey ' + storage_account_name + ':' + signed_string)
}

url = 'https://' + storage_account_name + '.blob.core.windows.net/' + container_name + '/' + blob_name
print(url)
print("....start....")
r = requests.put(url,headers=headers,data=data)
print('....end....')
print(r.status_code)

运行代码后,在 azure 门户中检查新上传的文件:

在此处输入图像描述

推荐阅读