1. 首頁
  2. 問答
  3. 嘗試調用REST API清除隊列消息時,Azure存儲服務會拋出403禁止的錯誤

嘗試調用REST API清除隊列消息時,Azure存儲服務會拋出403禁止的錯誤

2016-09-21 26 views
0

我試圖通過隊列服務REST API清除所有Azure存儲隊列消息。我已驗證該代碼是否正確,但仍會返回403禁止的錯誤。 「StorageSharedKey」和「StorageAccountName」是正確的,因爲我能夠使用azure隊列客戶端的連接字符串中的值連接到azure隊列。我使用的存儲版本是「2015-12-11」。嘗試調用REST API清除隊列消息時,Azure存儲服務會拋出403禁止的錯誤

下面是代碼:

internal void ClearStorageQueueMessages(string queueName) 
    { 
     const string requestMethod = "DELETE"; 
     string urlPath = $"{queueName}/messages"; 
     var dateInRfc1123Format = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture); 
     var canonicalizedHeaders = $"x-ms-date:{dateInRfc1123Format}\nx-ms-version:{StorageVersion}"; 
     var canonicalizedResource = $"/{StorageAccountName}/{urlPath}"; 
     var uri = new Uri($"https://{StorageAccountName}.queue.core.windows.net/{urlPath}"); 
     var response = MakeDeleteRestCall(uri, requestMethod, dateInRfc1123Format, canonicalizedHeaders, canonicalizedResource); 
    } 

    internal RestResponse MakeDeleteRestCall(Uri uri, string requestMethod, string dateInRfc1123Format, string canonicalizedHeaders, 
     string canonicalizedResource) 
    { 
     var restResponse = new RestResponse(); 
     var stringToSign = $"{requestMethod}\n\n\n\n\n\n\n\n\n\n\n\n{canonicalizedHeaders}\n{canonicalizedResource}"; 
     var authorizationHeader = CreateAuthorizationHeader(stringToSign); 

     var request = (HttpWebRequest) WebRequest.Create(uri); 
     request.Method = requestMethod; 
     request.Headers.Add("x-ms-date", dateInRfc1123Format); 
     request.Headers.Add("x-ms-version", StorageVersion); 
     request.Headers.Add("Authorization", authorizationHeader); 
     //request.Accept = "application/atom+xml,application/xml"; 
     request.Accept = "application/json"; 
     //request.ContentType = "application/json"; 

     using (var response = (HttpWebResponse) request.GetResponse()) 
     { 
      restResponse.StatusCode = response.StatusCode; 
      var responseStream = response.GetResponseStream(); 
      if (responseStream == null) 
       return restResponse; 
      using (var reader = new StreamReader(responseStream)) 
      { 
       restResponse.ReturnedContent = reader.ReadToEnd(); 
      } 
     } 
     return restResponse; 
    } 

    internal static string CreateAuthorizationHeader(string canonicalizedString) 
    { 
     string signature; 

     using (var hmacSha256 = new HMACSHA256(Convert.FromBase64String(StorageSharedKey))) 
     { 
      var dataToHmac = Encoding.UTF8.GetBytes(canonicalizedString); 
      signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac)); 
     } 

     var authorizationHeader = string.Format(CultureInfo.InvariantCulture, "{0} {1}:{2}", StorageSharedKey, 
      StorageAccountName, signature); 

     return authorizationHeader; 
    }

來源

2016-09-21 TheDude

+0

我從我的本地PC啓動此,順便說一句。這會有所作爲嗎? – TheDude

+0

實際上,當我嘗試連接到模擬器時,它看起來像我有相同的403禁止問題。 – TheDude

回答

1

這個問題似乎是與頭部授權。請根據文檔檢查格式:

授權= 「[SharedKey | SharedKeyLite]:」

https://msdn.microsoft.com/en-us/library/azure/dd179428.aspx

你的函數添加純文本,而不是授權方案的共享密鑰「SharedKey」或「SharedKeyLite」。

來源

2016-09-21 20:04:31 marcelion

+0

授權方案應該如何構建?根據該文檔,授權應該採用以下格式構建:{0} {1}:{2},存儲共享密鑰代替0,存儲帳戶名稱代替1,簽名代替2.然後將該字符串分配給請求中的「Authroization」標題。我見過的所有例子都是這樣做的。 – TheDude

+0

其實,它看起來像你正在做的事情!我需要使用單詞「SharedKey」而不是實際的共享密鑰值謝謝! – TheDude

相關問題

 相關問題