after the last update of Azure Storage I get some 403 when I try to upload or modify files on my blob storage.
My code is really easy and I think it's not a "time-related" issue 'cause both App and Storage are on Europe-West dataserver.
My code is really simple:
var connectionString =[MyCs, always working]
account = CloudStorageAccount.Parse(connectionString);
blobClient = account.CreateCloudBlobClient();
var container = blobClient.GetContainerReference(Name);
if (container.Exists()) return container.Name;
container.CreateIfNotExists();
The error I get is like:
The remote server returned an error: (403) Forbidden. at Microsoft.WindowsAzure.Storage.Core.Executor.Executor.ExecuteSync[T](RESTCommand`1 cmd, IRetryPolicy policy, OperationContext operationContext) at Microsoft.WindowsAzure.Storage.Blob.CloudBlobContainer.Create(BlobContainerPublicAccessType accessType, BlobRequestOptions requestOptions, OperationContext operationContext) at Microsoft.WindowsAzure.Storage.Blob.CloudBlobContainer.CreateIfNotExists(BlobContainerPublicAccessType accessType, BlobRequestOptions requestOptions, OperationContext operationContext) at Microsoft.WindowsAzure.Storage.Blob.CloudBlobContainer.CreateIfNotExists(BlobRequestOptions requestOptions, OperationContext operationContext) at HouseParty.AzureStorage.<CreateFile>d__6.MoveNext() in C:\Users\zibal\Source\Repos\HouseParty\HouseParty\AzureStorage.cs:line 51 --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at HouseParty.Utils.<AddMedia>d__4.MoveNext() in C:\Users\zibal\Source\Repos\HouseParty\HouseParty\Utils.cs:line 77 --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at HouseParty.Controllers.MediaController.<StaticAdd>d__3.MoveNext() in C:\Users\zibal\Source\Repos\HouseParty\HouseParty\Controllers\MediaController.cs:line 89 --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at HouseParty.Controllers.UsersController.<Test>d__20.MoveNext() in C:\Users\zibal\Source\Repos\HouseParty\HouseParty\Controllers\UsersController.cs:line 271
P.S.: already tried to rollback to prev version from NUGET P.P.S.: Code working from LOCALHOST
After 3 hours with the Microsoft Service, we came out with noticing something strange in the request from my Web App.
We turned on the analytics POSTing here:
The REST API we used to capture network trace is
https://management.azure.com/subscriptions/<subscription_ID>/resourceGroups/<Resource_Group_Name>/providers/Microsoft.Web/sites/<site_name>/networkTrace/start?duration=<duration_in_seconds>&api-version=2015-08-01
with headers
Authorization: the token we get from portal
Content-Type: application/json
Then we can check the logs under \LogFiles\networktrace in Kudu portal. There where was this exception:
Processing exception Microsoft.Cis.Services.Nephos.Common.Authentication.AuthenticationFailureException : The MAC signature found in the HTTP request '*****************' is not the same as any computed signature. Server used following string to sign: 'PUT...7.***********==........x-ms-blob-type:BlockBlob.x-ms-client-request-id:********.x-ms-date:Mon, 15 May 2017 08:56:41 GMT.x-ms-request-id:*****.x-ms-version:2016-05-31./housepartystorage/img/test'.
And my request (created by the Azure SDK) was like
Hypertext Transfer Protocol
PUT /img/test HTTP/1.1\r\n
[Expert Info (Chat/Sequence): PUT /img/test HTTP/1.1\r\n]
[PUT /img/test HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: PUT
Request URI: /img/test
Request Version: HTTP/1.1
User-Agent: Azure-Storage/8.1.1 (.NET CLR 4.0.30319.42000; Win32NT 6.2.9200.0)\r\n
x-ms-version: 2016-05-31\r\n
Content-MD5: LAT5h1nXhLLXm9cujfJFfA==\r\n
x-ms-blob-type: BlockBlob\r\n
x-ms-client-request-id: 95933c6d-144e-4295-9bcd-405aba4bedf6\r\n
x-ms-date: Mon, 15 May 2017 08:56:39 GMT\r\n
Authorization: SharedKey MYBLOB:+[SECRET]=\r\n
x-ms-request-id: 5+l1WofovW0=\r\n
Host: [MYBLOB].blob.core.windows.net\r\n
Content-Length: 7\r\n
[Content length: 7]
\r\n
[Full request URI: http://MYBLOB.blob.core.windows.net/img/test]
[HTTP request 3/5]
[Response in frame: 30]
[Next request in frame: 31]
File Data: 7 bytes
Data (7 bytes)
Data: 20202020202020
[Length: 7]
And it turns out my App was adding an extra header like:
x-ms-request-id
This extra header came from MICROSOFT APPLICATION INSIGHT.
After disabled (uninstall from NUGET) of Application Insight, everything worked fine again!