Search code examples
azureazure-blob-storageazure-authentication

Using the connection String to Authenticate into Azure

I have given an Connection String. I need to use this to authenticate into Azure Blob Storage. The connection String, as it appears, contains: Key, AccountName, protocol, Suffix.

Connection String Example:

DefaultEndpointsProtocol=https;AccountName=$$$$$*****;AccountKey=kjdjkfhdjskhfsdfhlksdhfkldshfishishfldslflkjfklsVvJDynYEkiEqWCZkdfkhdkjshfdshfs==;EndpointSuffix=core.windows.net

Now when I look up the authorization article there are multiple methods mentioned and there are no article or method described to use this connection string to Authorize.

It would be really helpful if someone can guide on how to use the connection string to connect to the azure storage so that we can list the containers.

Solution

  • You can do this using without any Azure SDK, Simply follow the reference here

    Clone the Source code from GitHub and start using this,

    git clone https://github.com/Azure-Samples/storage-dotnet-rest-api-with-auth.git

    You only need the StorageAccountName and StorageAccount Key

    string StorageAccountName = "myaccount";
string StorageAccountKey = "WoZ0ZnpXzvdAKoCPRrsa7RniqsdsdfedDFddasds+msk4ViI38WUUMS+qZmd7aoxw==";

    All the things were easy, you only need the Authorization logic 

    internal static AuthenticationHeaderValue GetAuthorizationHeader(
           string storageAccountName, string storageAccountKey, DateTime now,
           HttpRequestMessage httpRequestMessage, string ifMatch = "", string md5 = "")
        {
            // This is the raw representation of the message signature.
            HttpMethod method = httpRequestMessage.Method;
            String MessageSignature = String.Format("{0}\n\n\n{1}\n{5}\n\n\n\n{2}\n\n\n\n{3}{4}",
                      method.ToString(),
                      (method == HttpMethod.Get || method == HttpMethod.Head) ? String.Empty
                        : httpRequestMessage.Content.Headers.ContentLength.ToString(),
                      ifMatch,
                      GetCanonicalizedHeaders(httpRequestMessage),
                      GetCanonicalizedResource(httpRequestMessage.RequestUri, storageAccountName),
                      md5);

            // Now turn it into a byte array.
            byte[] SignatureBytes = Encoding.UTF8.GetBytes(MessageSignature);

            // Create the HMACSHA256 version of the storage key.
            HMACSHA256 SHA256 = new HMACSHA256(Convert.FromBase64String(storageAccountKey));

            // Compute the hash of the SignatureBytes and convert it to a base64 string.
            string signature = Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));

            // This is the actual header that will be added to the list of request headers.
            // You can stop the code here and look at the value of 'authHV' before it is returned.
            AuthenticationHeaderValue authHV = new AuthenticationHeaderValue("SharedKey",
                storageAccountName + ":" + Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes)));
            return authHV;
        }

    This is the key part which produces the Hashed Authorization header like 

    Authorization: SharedKey myaccount:38Uh5PAe29Kk8dKZ/km90u2sIyEfKiG5RWCb77VoPpE=

    Finally you can list your container