如何为删除请求构建签名,删除nodejs REST实现中azure数据存储区中的实体?
我正在实现REST-API以从azure数据存储区中的表中删除密钥/实体,但似乎它在授权令牌中存在问题,并且我认为在使用azure中的'stringTosign'即'Signature'时存在问题。以下是代码,
const key = {
"Namespace": "my-app",
"Path": [
{
"Kind": 'tblxyz',
"Name": "test-datastore-row"
}
]
};
REST实施:
public async DeleteAPI(key: Key): Promise<any> {
const tableService = await this.GetTableServiceAsync(); // gives me table metadata
const url = "https://" + tableService.storageAccount + ".table.core.windows/" + 'tblxyz' + '(PartitionKey=' + '\'' + key.Namespace + '\'' + ',' + 'RowKey=' + '\'' + key.Path[0].Name + '\'' + ')';
const timestamp = (new Date()).toUTCString();
const stringToSign = timestamp + '\n/' + tableService.storageAccount + '/' + 'tblxyz';
const hmac = crypto.createHmac('sha256', new Buffer(tableService.storageAccessKey, 'base64'))
.update(stringToSign, 'utf-8')
.digest('base64');
return new Promise((resolve, reject) => {
request.delete({
'headers': {
'Authorization': 'SharedKeyLite ' + tableService.storageAccount + ':' + hmac,
'x-ms-date': timestamp,
'x-ms-version': '2016-05-31',
'Content-Type': 'application/json',
'If-Match': '*'
},
'url': url,
'json': true
}, function (err, result) {
if (err) {
console.log('inside delete err', JSON.stringify(err));
return reject(err);
}
if (result.statusCode !== 200 && result.statusCode !== 204) {
console.log('inside delete err: 2', JSON.stringify(result));
return reject(result.body);
}
return resolve();
});
});
}
在调用此API时,我收到以下错误,
有人面对这个问题吗?需要帮忙 ...!!!!
错误信息:
Error: the object {
"odata.error": {
"code": "AuthenticationFailed"
"message": {
"lang": "en-US"
"value": "Server failed to authenticate the request. Make sure the value
of Authorization header is formed correctly including the
signature.\nRequestId:df933tt7-0002-0004-41c3-782e5g000000\nTime:2017-12-
19T12:16:37.5434074Z"
}
}
} was thrown, throw an Error :)
at <anonymous>
at process._tickDomainCallback (internal/process/next_tick.js:228:7)
你的stringToSign似乎有问题。根据文档,它应该包括资源的编码URI路径。你能尝试以下方法吗?
const stringToSign = timestamp + '\n/' + tableService.storageAccount + '/' + 'tblxyz' + '(PartitionKey=' + '\'' + key.Namespace + '\'' + ',' + 'RowKey=' + '\'' + key.Path[0].Name + '\'' + ')';
UPDATE
请参阅此示例代码。本质上,资源的路径应该是URL编码的:
const request = require("request");
const crypto = require("crypto");
const url = require('url');
var accountName = "account-name";
var accountKey = "account-key";
var tableName = "table-name";
var pk = "partition-key-value";
var rk = "row-key-value";
const encodedUriPath = tableName + '(PartitionKey=' + '\'' + pk + '\'' + ', ' + 'RowKey=' + '\'' + rk + '\'' + ')';
const endpoint = "https://" + accountName + ".table.core.windows/" + encodedUriPath;
const parsedUrl = url.parse(endpoint);
const timestamp = (new Date()).toUTCString();
console.log(url);
console.log(timestamp);
const stringToSign = timestamp + '\n/' + accountName + parsedUrl.path;
console.log('--------------------------------------');
console.log(stringToSign);
const hmac = crypto.createHmac('sha256', new Buffer(accountKey, 'base64'))
.update(stringToSign, 'utf-8')
.digest('base64');
console.log('--------------------------------------');
console.log(hmac);
request.delete({
'headers': {
'Authorization': 'SharedKeyLite ' + accountName + ':' + hmac,
'x-ms-date': timestamp,
'x-ms-version': '2016-05-31',
'Content-Type': 'application/json',
'If-Match': '*'
},
'url': endpoint,
'json': true
}, function (err, result) {
if (err) {
console.log('inside delete err', JSON.stringify(err));
} else {
console.log(JSON.stringify(result));
}
});