通过java访问Sas url时出错，Server无法验证请求

Question

• 列表项

我说错了

服务器未能验证请求。确保值 授权标头正确形成，包括签名

我想访问我的 blob 并将特定文件下载到本地，我只停留在第一步。

我尝试使用帐户名和密钥将 Blob 容器获取到 SAS url，它可以访问和通过桌面应用程序。我可以访问和下载文件，但虽然代码我不能。

CloudBlobContainer container = new CloudBlobContainer(new URI(uri));

ArrayList<ListBlobItem> items= (ArrayList<ListBlobItem>) container.listBlobs();

Answer 1

请参考以下代码：

package blob;

import com.microsoft.azure.storage.CloudStorageAccount;
import com.microsoft.azure.storage.blob.*;

import java.net.URI;
import java.util.*;

public class ListBlobBySasToken {
    public static void main(String[] args) throws Exception {
        String storageConnectionString = "DefaultEndpointsProtocol=https;AccountName=***;AccountKey=***;EndpointSuffix=core.windows.net";

        CloudStorageAccount storageAccount = CloudStorageAccount.parse(storageConnectionString);
        CloudBlobClient blobClient = storageAccount.createCloudBlobClient();
        CloudBlobContainer container = blobClient.getContainerReference("jay");

        String sasToken = generateSAS(container,true);
        System.out.println(sasToken);
        String sasUrl = container.getUri()+ sasToken;

        //Then use sasUrl to init container1
        CloudBlobContainer container1 = new CloudBlobContainer(new URI(sasUrl));
        CloudBlob blob = container1.getBlockBlobReference("test.json");
        System.out.println(blob.getStorageUri());
    }

    private static String generateSAS(CloudBlobContainer container, boolean readonly) throws Exception {
        // Create a container if it does not exist.
        container.createIfNotExists();
        // Create a new shared access policy.
        SharedAccessBlobPolicy sasPolicy = new SharedAccessBlobPolicy();
        // Create a UTC Gregorian calendar value.
        GregorianCalendar calendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
        // Specify the current time as the start time for the shared access
        // signature.
        //
        calendar.setTime(new Date());
        sasPolicy.setSharedAccessStartTime(calendar.getTime());
        // Use the start time delta one hour as the end time for the shared
        // access signature.
        calendar.add(Calendar.HOUR, 10);
        sasPolicy.setSharedAccessExpiryTime(calendar.getTime());
        if (readonly) {
            // Set READ permissions
            sasPolicy.setPermissions(EnumSet.of(SharedAccessBlobPermissions.READ, SharedAccessBlobPermissions.LIST));
        } else {
            // Set READ and WRITE permissions.
            //
            sasPolicy.setPermissions(EnumSet.of(SharedAccessBlobPermissions.READ, SharedAccessBlobPermissions.WRITE, SharedAccessBlobPermissions.LIST));
        }
        // Create the container permissions.
        BlobContainerPermissions containerPermissions = new BlobContainerPermissions();
        // Turn public access to the container off.
        containerPermissions.setPublicAccess(BlobContainerPublicAccessType.OFF);
        container.uploadPermissions(containerPermissions);
        // Create a shared access signature for the container.
        String sas = container.generateSharedAccessSignature(sasPolicy, null);
        // HACK: when the just generated SAS is used straight away, we get an
        // authorization error intermittently. Sleeping for 1.5 seconds fixes that
        // on my box.
//        Thread.sleep(1500);
        // Return to caller with the shared access signature.
        return sas;
    }
}

更多详情，请参考article。