问题
I am trying to list blobs using azure rest API. I am using the below code to list blobs using curl and php looks like the auth signature generated is wrong could anyone help me out in resolving the authorization issue.
$date = gmdate('D, d M Y H:i:s \G\M\T');
$account_name = "xyz";
$containername = "abc";
$account_key = "asdf";
$stringtosign = "GET\n\n\n$date\n/$account_name/$containername()";
$signature = 'SharedKey'.' '.$account_name.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($account_key),true));
$endpoint = 'https://'.$account_name.'.blob.core.windows.net';
$url = $endpoint.'/'.$containername.'?restype=container&comp=list';
$headers = [
"x-ms-date:{$date}",
'x-ms-version:2014-02-14',
'Accept:application/json;odata=nometadata',
"Authorization:{$signature}"
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);
echo '<pre>';print_r($response);
I am getting the following error
AuthenticationFailedServer failed to authenticate the request. Make sure the
value of Authorization header is formed correctly including the signature.
RequestId:sdf4b5-0341-043559-2sdf53-b3sdf000
Time:2017-04-12T06:10:18.8696178ZThe MAC signature found in the HTTP request 'sfdf98i8p7f1QiJwszds' is not the same as any computed signature. Server used following string to sign: 'GET
x-ms-date:Wed, 12 Apr 2017 06:10:17 GMT
x-ms-version:2014-02-14
/abc/xyz
comp:list
restype:container'.
回答1:
I have changed your code to something as below, then got it worked.
<?php
$date = gmdate('D, d M Y H:i:s \G\M\T');
$account_name = "xyz";
$containername = "abc";
$account_key = "asdf";
$canonicalizedHeaders = "x-ms-date:$date\nx-ms-version:2014-02-14";
$canonicalizedResource = "/$account_name/$containername\ncomp:list\nrestype:container";
$arraysign = array();
$arraysign[] = 'GET'; /*HTTP Verb*/
$arraysign[] = ''; /*Content-Encoding*/
$arraysign[] = ''; /*Content-Language*/
$arraysign[] = ''; /*Content-Length (include value when zero)*/
$arraysign[] = ''; /*Content-MD5*/
$arraysign[] = ''; /*Content-Type*/
$arraysign[] = ''; /*Date*/
$arraysign[] = ''; /*If-Modified-Since */
$arraysign[] = ''; /*If-Match*/
$arraysign[] = ''; /*If-None-Match*/
$arraysign[] = ''; /*If-Unmodified-Since*/
$arraysign[] = ''; /*Range*/
$arraysign[] = $canonicalizedHeaders; /*CanonicalizedHeaders*/
$arraysign[] = $canonicalizedResource; /*CanonicalizedResource*/
$stringtosign = implode("\n", $arraysign);
$signature = 'SharedKey'.' '.$account_name.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($account_key), true));
$endpoint = 'https://'.$account_name.'.blob.core.windows.net';
$url = $endpoint.'/'.$containername.'?restype=container&comp=list';
$headers = [
"x-ms-date:{$date}",
'x-ms-version:2014-02-14',
'Accept:application/json;odata=nometadata',
"Authorization:{$signature}"
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);
echo '<pre>';print_r($response);
来源:https://stackoverflow.com/questions/43361709/the-mac-signature-found-in-the-http-request-is-not-the-same-as-any-computed-sign