I am trying to read the image using a authorization header but there seems to be a mistake in the authorized header string that is being generated. I am getting the following error.
<?xml version="1.0" encoding="utf-8"?>
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:a5e98b3e-c01e-002e-19ad-be5c0e000000
Time:2019-02-07T06:22:40.0625641Z</Message>
<AuthenticationErrorDetail>The MAC signature found in the HTTP request 'm+68ihJL2+Wl0Cm1vuXOHnzq4ma56utn/62hSCv6rjo=' is not the same as any computed signature. Server used following string to sign: 'GET
image/jpeg
x-ms-blob-type:Block blob
x-ms-date:Thu, 07 Feb 2019 06:21:44 GMT
x-ms-version:2018-03-28
/<accountName>/<container>/<image.jpg>'.</AuthenticationErrorDetail>
</Error>
This is the code I used for header generation.
namespace ShaKey
{
class Program
{
static void Main(string[] args)
{
string stringToSign = "GET\n\n\n\n\nimage/jpeg\n\n\n\n\n\n\nx-
ms-date:" + DateTime.UtcNow.ToString("R",
CultureInfo.InvariantCulture) + "\nx-ms-
version:2018-03-28\n/<accountName>/<container>/<image.jpg>";
Console.WriteLine(SharedKey.CreateAuthorizationHeader(stringToSign));
string date = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture);
Console.WriteLine(date);
}
}
public class SharedKey
{
public static String CreateAuthorizationHeader(String canonicalizedString)
{
String signature = String.Empty;
string storageAccountKey = "accountKey"
using (HMACSHA256 hmacSha256 = new HMACSHA256(Convert.FromBase64String(storageAccountKey)))
{
Byte[] dataToHmac = System.Text.Encoding.UTF8.GetBytes(canonicalizedString);
signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac));
}
String authorizationHeader = String.Format(
CultureInfo.InvariantCulture,
"{0} {1}:{2}",
AzureStorageConstants.SharedKeyAuthorizationScheme,
AzureStorageConstants.Account,
signature
);
return authorizationHeader;
}
}
public class AzureStorageConstants
{
public static string SharedKeyAuthorizationScheme = "SharedKey";
public static string Account ="accountname";
}
}
There was an error in the header that is being generated. Where is the error in the error in the code?
Authentication failed because you added x-ms-blob-type header(shown in the error) but didn't put it in stringToSign.
In fact, Get Blob doesn't require x-ms-blob-type neither Content-Type in request header, they are used in Put Blob. So the solution is to remove the two headers x-ms-blob-type and Content-Type, and delete image/jpeg in stringToSign.