Azure REST APIについて質問があります。
Blob Service REST APIの、Create Containerにつきまして
「AuthenticationFailed」と表示されてしまい、正常に処理を行うことができません。
処理の作成につきましては、こちらを参考にしました。
https://docs.microsoft.com/en-us/rest/api/storageservices/create-container
https://docs.microsoft.com/ja-jp/rest/api/storageservices/authorize-with-shared-key
また、blobのputやdeleteなどは同様の実装で問題なく処理に成功していましたが
containerの作成については、同様の方法で失敗してしまい、原因がわからずに頓挫しておりました。
こちらにつきまして、正しいフォーマットでREST APIを送るためにはどのようにすべきでしょうか。
下記にサンプルコードを添付いたします。
処理内容としましては、
1.必要な情報をhashで定義
2.各パラメータをSHA256で暗号化、base64で暗号化
3.curlでリクエスト
[処理内容概要(ruby)]
```
container_name = "XXXXXXXXXX"
account_name = "XXXXXXXXXX"
KEY="XXXXXXXXXX"
url="https://#{account_name}.blob.core.windows.net/#{container_name}?restype=container"
datas = {
#[固定ヘッダ]
#----------------------------------------------------
"request_type" => "PUT",
"Content-Encoding" => "",
"Content-Language" => "",
"Content-Length" => "0",
"Content-MD5" => "",
"Content-Type" => "application/x-www-form-urlencoded",
"Date" => "#{Time.now.strftime("%a, %d %b %Y %H:%M:%S")} GMT",
"If-Modified-Since" => "",
"If-Match" => "",
"If-None-Match" => "",
"If-Unmodified-Since" => "",
"Range" => "",
#----------------------------------------------------
"version" => "x-ms-version:2011-08-18",
"x-ms-blob-public-access" => "x-ms-blob-public-access:container",
"endpoint" => "/#{account_name}/#{container_name}",
"restype" => "restype:container",
}
signature = Base64.encode64(OpenSSL::HMAC.digest(
"sha256",Base64.decode64(KEY),datas.values.join("\n")))
req=<<STR.gsub("\n"," ")
curl -v -s "#{url}"
-X #{datas["request_type"]}
-H 'Content-Length: #{datas["Content-Length"]}'
-H 'Content-Type: #{datas["Content-Type"]}'
-H '#{datas["version"]}'
-H '#{datas["x-ms-blob-public-access"]}'
-H 'Authorization:SharedKey #{account_name}:#{signature.strip}'
-d ''
STR
ret = ((res=`#{req}`).length <= 0)
```
[実際のリクエストとレスポンス]
```
"curl -v -s \"https://munarstorage.blob.core.windows.net/cont?restype=container\" -X PUT -H 'Content-Length: 0' -H 'Content-Type: application/x-www-form-urlencoded' -H 'x-ms-version:2011-08-18' -H 'x-ms-blob-public-access:container' -H 'Authorization:SharedKey munarstorage:hlovqEjBPsdnGZUToSxi1EatnDS2CdXqFjc5zGeyFDQ=' -d '' "
./create_container.rb:65: warning: Insecure world writable dir /root/d/snippe2/ruby/utils in PATH, mode 040777
* About to connect() to munarstorage.blob.core.windows.net port 443 (#0)
* Trying 52.239.145.36...
* Connected to munarstorage.blob.core.windows.net (52.239.145.36) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=*.blob.core.windows.net
* start date: Dec 03 22:45:16 2019 GMT
* expire date: Dec 03 22:45:16 2021 GMT
* common name: *.blob.core.windows.net
* issuer: CN=Microsoft IT TLS CA 4,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US
> PUT /cont?restype=container HTTP/1.1
> User-Agent: curl/7.29.0
> Host: munarstorage.blob.core.windows.net
> Accept: */*
> Content-Length: 0
> Content-Type: application/x-www-form-urlencoded
> x-ms-version:2011-08-18
> x-ms-blob-public-access:container
> Authorization:SharedKey munarstorage:hlovqEjBPsdnGZUToSxi1EatnDS2CdXqFjc5zGeyFDQ=
>
< HTTP/1.1 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
< Content-Length: 408
< Content-Type: application/xml
< Server: Microsoft-HTTPAPI/2.0
< x-ms-request-id: 44d32759-401e-0054-0e81-eba723000000
< Date: Tue, 25 Feb 2020 02:12:56 GMT
* HTTP error before end of send, stop sending
<
{ [data not shown]
* Closing connection 0
<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:44d32759-401e-0054-0e81-eba723000000
Time:2020-02-25T02:12:56.3698816Z</Message><AuthenticationErrorDetail>Request date header not specified</AuthenticationErrorDetail></Error>
```
大変恐れ入りますが、諸々ご指摘いただければと思います。
Blob Service REST APIの、Create Containerにつきまして
「AuthenticationFailed」と表示されてしまい、正常に処理を行うことができません。
処理の作成につきましては、こちらを参考にしました。
https://docs.microsoft.com/en-us/rest/api/storageservices/create-container
https://docs.microsoft.com/ja-jp/rest/api/storageservices/authorize-with-shared-key
また、blobのputやdeleteなどは同様の実装で問題なく処理に成功していましたが
containerの作成については、同様の方法で失敗してしまい、原因がわからずに頓挫しておりました。
こちらにつきまして、正しいフォーマットでREST APIを送るためにはどのようにすべきでしょうか。
下記にサンプルコードを添付いたします。
処理内容としましては、
1.必要な情報をhashで定義
2.各パラメータをSHA256で暗号化、base64で暗号化
3.curlでリクエスト
[処理内容概要(ruby)]
```
container_name = "XXXXXXXXXX"
account_name = "XXXXXXXXXX"
KEY="XXXXXXXXXX"
url="https://#{account_name}.blob.core.windows.net/#{container_name}?restype=container"
datas = {
#[固定ヘッダ]
#----------------------------------------------------
"request_type" => "PUT",
"Content-Encoding" => "",
"Content-Language" => "",
"Content-Length" => "0",
"Content-MD5" => "",
"Content-Type" => "application/x-www-form-urlencoded",
"Date" => "#{Time.now.strftime("%a, %d %b %Y %H:%M:%S")} GMT",
"If-Modified-Since" => "",
"If-Match" => "",
"If-None-Match" => "",
"If-Unmodified-Since" => "",
"Range" => "",
#----------------------------------------------------
"version" => "x-ms-version:2011-08-18",
"x-ms-blob-public-access" => "x-ms-blob-public-access:container",
"endpoint" => "/#{account_name}/#{container_name}",
"restype" => "restype:container",
}
signature = Base64.encode64(OpenSSL::HMAC.digest(
"sha256",Base64.decode64(KEY),datas.values.join("\n")))
req=<<STR.gsub("\n"," ")
curl -v -s "#{url}"
-X #{datas["request_type"]}
-H 'Content-Length: #{datas["Content-Length"]}'
-H 'Content-Type: #{datas["Content-Type"]}'
-H '#{datas["version"]}'
-H '#{datas["x-ms-blob-public-access"]}'
-H 'Authorization:SharedKey #{account_name}:#{signature.strip}'
-d ''
STR
ret = ((res=`#{req}`).length <= 0)
```
[実際のリクエストとレスポンス]
```
"curl -v -s \"https://munarstorage.blob.core.windows.net/cont?restype=container\" -X PUT -H 'Content-Length: 0' -H 'Content-Type: application/x-www-form-urlencoded' -H 'x-ms-version:2011-08-18' -H 'x-ms-blob-public-access:container' -H 'Authorization:SharedKey munarstorage:hlovqEjBPsdnGZUToSxi1EatnDS2CdXqFjc5zGeyFDQ=' -d '' "
./create_container.rb:65: warning: Insecure world writable dir /root/d/snippe2/ruby/utils in PATH, mode 040777
* About to connect() to munarstorage.blob.core.windows.net port 443 (#0)
* Trying 52.239.145.36...
* Connected to munarstorage.blob.core.windows.net (52.239.145.36) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=*.blob.core.windows.net
* start date: Dec 03 22:45:16 2019 GMT
* expire date: Dec 03 22:45:16 2021 GMT
* common name: *.blob.core.windows.net
* issuer: CN=Microsoft IT TLS CA 4,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US
> PUT /cont?restype=container HTTP/1.1
> User-Agent: curl/7.29.0
> Host: munarstorage.blob.core.windows.net
> Accept: */*
> Content-Length: 0
> Content-Type: application/x-www-form-urlencoded
> x-ms-version:2011-08-18
> x-ms-blob-public-access:container
> Authorization:SharedKey munarstorage:hlovqEjBPsdnGZUToSxi1EatnDS2CdXqFjc5zGeyFDQ=
>
< HTTP/1.1 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
< Content-Length: 408
< Content-Type: application/xml
< Server: Microsoft-HTTPAPI/2.0
< x-ms-request-id: 44d32759-401e-0054-0e81-eba723000000
< Date: Tue, 25 Feb 2020 02:12:56 GMT
* HTTP error before end of send, stop sending
<
{ [data not shown]
* Closing connection 0
<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:44d32759-401e-0054-0e81-eba723000000
Time:2020-02-25T02:12:56.3698816Z</Message><AuthenticationErrorDetail>Request date header not specified</AuthenticationErrorDetail></Error>
```
大変恐れ入りますが、諸々ご指摘いただければと思います。