python - Azure BLOB PUT Rest api - 无法使用 Python 进行身份验证
问题描述
我正在尝试使用 Python 和 Azure Blob Rest API 在 Azure 容器中创建 Blob。这是一个有趣的练习,因为这是我第一次与 Azure Rest API 交互。我已经阅读了有关它的 MS 文档,并且还阅读了该站点中的许多问题,根据它们,我的代码似乎是正确的,但是我还不能成功 PUT。我能够执行 GET 请求(列出容器/blob)。
按照代码:
import requests
import datetime
import hmac
import hashlib
import base64
storage_account_name = '<mystorageaccount>'
storage_account_key = '<mystoragekey>'
container_name='test'
api_version = '2015-02-21'
request_time = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
string_params = {
'verb': 'PUT',
'Content-Encoding': '',
'Content-Language': '',
'Content-Length': '11',
'Content-MD5': '',
'Content-Type': 'text/plain; charset=UTF-8',
'Date': '',
'If-Modified-Since': '',
'If-Match': '',
'If-None-Match': '',
'If-Unmodified-Since': '',
'Range': '',
'CanonicalizedHeaders': 'x-ms-blob-type:BlockBlob' + '\nx-ms-date:' + request_time + '\nx-ms-version:' + api_version,
'CanonicalizedResource': '/' + storage_account_name +'/'+container_name+ '/' +'fname'
}
string_to_sign = (string_params['verb'] + '\n'
+ string_params['Content-Encoding'] + '\n'
+ string_params['Content-Language'] + '\n'
+ string_params['Content-Length'] + '\n'
+ string_params['Content-MD5'] + '\n'
+ string_params['Content-Type'] + '\n'
+ string_params['Date'] + '\n'
+ string_params['If-Modified-Since'] + '\n'
+ string_params['If-Match'] + '\n'
+ string_params['If-None-Match'] + '\n'
+ string_params['If-Unmodified-Since'] + '\n'
+ string_params['Range'] + '\n'
+ string_params['CanonicalizedHeaders']
+ string_params['CanonicalizedResource'])
signed_string = base64.b64encode(hmac.new(base64.b64decode(storage_account_key), msg=string_to_sign.encode('utf-8'), digestmod=hashlib.sha256).digest()).decode()
headers = {
'x-ms-version' : api_version,
'x-ms-date' : request_time,
'x-ms-blob-type': 'BlockBlob',
'Content-Length': '11',
'Content-Type': "text/plain; charset=UTF-8",
'Authorization' : ('SharedKey ' + storage_account_name + ':' + signed_string)
}
url = ('https://' + storage_account_name + '.blob.core.windows.net/'+container_name+'/fname')
r = requests.put(url, headers = headers,data='hello world')
print(r.status_code)
print('\n\n'+r.text)
这就是我得到的返回错误消息,不管怎样:
<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:cbf12c65-c01e-00fc-1069-3a41a7000000
Time:2020-06-04T12:11:03.4295368Z</Message><AuthenticationErrorDetail>The MAC signature found in the HTTP request 'c9n6EKq9p6skUs17qGv/bW0yGRGjMzMrP7bgDwjRABg=' is not the same as any computed signature. Server used following string to sign: 'PUT
11
text/plain; charset=UTF-8
x-ms-blob-type:BlockBlob
x-ms-date:Thu, 04 Jun 2020 12:11:02 GMT
x-ms-version:2015-02-21
/<mystorageaccount>/test/fname'.</AuthenticationErrorDetail></Error>
有人可以帮助我了解我在这里缺少什么吗?
解决方案
您需要包含text/plain; charset=UTF-8
forContent-Type
和11
for Content-Length
in string_params
。因此,您修改后的代码(string_params
仅限变量)将类似于:
string_params = {
'verb': 'PUT',
'Content-Encoding': '',
'Content-Language': '',
'Content-Length': '11',
'Content-MD5': '',
'Content-Type': 'text/plain; charset=UTF-8',
'Date': '',
'If-Modified-Since': '',
'If-Match': '',
'If-None-Match': '',
'If-Unmodified-Since': '',
'Range': '',
'CanonicalizedHeaders': 'x-ms-blob-type:BlockBlob' + '\nx-ms-date:' + request_time + '\nx-ms-version:' + api_version,
'CanonicalizedResource': '/' + storage_account_name +'/'+container_name+ '/' +'fname'
}
您的其余代码看起来不错。
更新
您在 . 末尾缺少一个换行符CanonicalizedHeaders
。所以你string_params
会像:
string_params = {
'verb': 'PUT',
'Content-Encoding': '',
'Content-Language': '',
'Content-Length': '11',
'Content-MD5': '',
'Content-Type': 'text/plain; charset=UTF-8',
'Date': '',
'If-Modified-Since': '',
'If-Match': '',
'If-None-Match': '',
'If-Unmodified-Since': '',
'Range': '',
'CanonicalizedHeaders': 'x-ms-blob-type:BlockBlob' + '\nx-ms-date:' + request_time + '\nx-ms-version:' + api_version + '\n',
'CanonicalizedResource': '/' + storage_account_name +'/'+container_name+ '/' +'fname'
}
推荐阅读
- symfony - 更新数据库架构
- python - 以公式方式更新 Keras 层中的参数
- php - Why does fetch(PDO::FETCH_ASSOC) return false
- django - django-rest-auth password reset sending wrong domain in email
- python - 按实际上是列表的值对python中的字典进行排序
- javascript - 如何从 api 文件中获取?
- swift - UICollectionViewCell 不显示从 UIImagePickerController 挑选的图像
- go - Stackdriver logs not showing up in GKE
- c - 如何调度进程
- python - Python 键盘模块在没有 root 的情况下无法工作