我正在使用SAS令牌从React spa上传和下载文件到Azure存储
在本地主机上运行时,一切正常,但是当部署到Azure上的Kubernetes时,我收到以下身份验证错误
onError RestError: <?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:e6bfca97-c01e-0030-2e29-4e7d7c000000
Time:2020-06-29T15:26:39.7164613Z</Message><AuthenticationErrorDetail>Signature did not match. String to sign used was w
2020-06-29T20:26:39Z
/blob/datalake/container/Natural_Language_Processing.pdf
负责上传的javascript代码是
// upload to Azure
const blobName = file.name;
const accountSas = resp.data.SAS;
const account = resp.data.account;
const containerName = resp.data.container;
const anonymousCredential = new AnonymousCredential();
const blobServiceClient = new BlobServiceClient(
`https://${account}.blob.core.windows.net?${accountSas}`,
anonymousCredential
);
// Create a container
const containerClient = blobServiceClient.getContainerClient(
containerName
);
// Create a blob
const content = file;
const blockBlobClient = containerClient.getBlockBlobClient(blobName);
const uploadBlobResponse = await blockBlobClient.upload(
content,
Buffer.byteLength(content)
);
SAS令牌生成的后端Python代码如下
if content['up_down'] == 'download':
permission = BlobSasPermissions(read=True)
else:
permission = BlobSasPermissions(write=True)
account_name = os.getenv("STORAGE_ACCOUNT_NAME")
container_name = metadata.get_container_name()
blob_name = content['filePath']
expiry = datetime.utcnow() + timedelta(hours=5)
options = {
'account_name': account_name,
'container_name': container_name,
'blob_name': blob_name,
'account_key': os.getenv("STORAGE_ACCESS_KEY"),
'permission': permission,
'expiry': expiry
}
SAS = generate_blob_sas(**options)
其中^{
有没有办法解决这个问题
在花了很长时间绞尽脑汁寻找解决方案后,我找到了问题所在
它与访问blob的Python库无关,而是与Kubernetes pod中的环境变量有关
使用yaml文件将环境变量作为机密传递给Kubernetes(如本link中所述)。 使用此方法,需要对机密进行base64编码。为此,我使用了以下方法
但是,通过这种方式,
echo
命令默认情况下会在输出中追加一个换行符。我应该用的是这个bug特别难以找到,特别是因为当打印时,错误的解决方案会导致正确的结果
不管怎样,我希望我的错误能在将来帮助别人
相关问题 更多 >
编程相关推荐