1

I try to create a file share on an existing Azure storage account via bash script. I only have the account name and key, but don't want to use login credentials. This is what I have so far:

#!/bin/sh

DATE_ISO=$(date +"%Y-%m-%dT%H:%M:%S")
VERSION="2015-02-21"  

curl --header "x-ms-version: ${VERSION}" --header "x-ms-date: ${DATE_ISO}" --header "Authorization: SharedKey mystorageaccount:?????" https://mystorageaccount.file.core.windows.net/myshare?restype=share

The documentation says, "Authorization" is required (syntax: Authorization="[SharedKey|SharedKeyLite] <AccountName>:<Signature>") and "Signature" is a Hash-based Message Authentication Code (HMAC) constructed from the request and computed by using the SHA256 algorithm, and then encoded by using Base64 encoding. So how do I generate this Signature?

Munchkin
  • 4,528
  • 7
  • 45
  • 93
  • I'm not sure I understand your question but you would need to write some code to generate the signature. The process is outlined in the 2nd link you shared. – Gaurav Mantri Jan 25 '17 at 14:32
  • My question is: How does this code looks like? Can someone give an example? – Munchkin Jan 25 '17 at 14:36
  • Please see the answer in this question: http://stackoverflow.com/questions/41829911/azure-rest-api-put-blob. Take a look at `AuthorizationHeader` function there. You will need to write something like that only. HTH. – Gaurav Mantri Jan 25 '17 at 14:40
  • 1
    I found [this](https://stackoverflow.com/questions/20103258/accessing-azure-blob-storage-using-bash-curl) what goes into the right direction. But my question is about `file` and `create` instead of `blob` and `list`. I do not find any documentation on how the syntax has to look like. Any ideas? – Munchkin Jan 26 '17 at 08:31

1 Answers1

4

Try this to create Share with bash script.

#!/bin/sh

STORAGE_KEY="$1"
STORAGE_ACCOUNT="$2"
SHARE_NAME="$3"

DATE_ISO=$(TZ=GMT date "+%a, %d %h %Y %H:%M:%S %Z")
VERSION="2015-12-11"
HEADER_RESOURCE="x-ms-date:$DATE_ISO\nx-ms-version:$VERSION"
URL_RESOURCE="/$STORAGE_ACCOUNT/$SHARE_NAME\nrestype:share"
STRING_TO_SIGN="PUT\n\n\n\n\n\n\n\n\n\n\n\n$HEADER_RESOURCE\n$URL_RESOURCE"

DECODED_KEY="$(echo -n $STORAGE_KEY | base64 -d -w0 | xxd -p -c256)"
SIGN=$(printf "$STRING_TO_SIGN" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$DECODED_KEY" -binary |  base64 -w0)

curl -X PUT \
  -H "x-ms-date:$DATE_ISO" \
  -H "x-ms-version:$VERSION" \
  -H "Authorization: SharedKey $STORAGE_ACCOUNT:$SIGN" \
  -H "Content-Length:0" \
  "https://$STORAGE_ACCOUNT.file.core.windows.net/$SHARE_NAME?restype=share"

Try this to create Directory under the specified share.

#!/bin/sh

STORAGE_KEY="$1"
STORAGE_ACCOUNT="$2"
SHARE_NAME="$3"
DIRECTORY_NAME="$4"

DATE_ISO=$(TZ=GMT date "+%a, %d %h %Y %H:%M:%S %Z")
VERSION="2015-12-11"
HEADER_RESOURCE="x-ms-date:$DATE_ISO\nx-ms-version:$VERSION"
URL_RESOURCE="/$STORAGE_ACCOUNT/$SHARE_NAME/$DIRECTORY_NAME\nrestype:directory"
STRING_TO_SIGN="PUT\n\n\n\n\n\n\n\n\n\n\n\n$HEADER_RESOURCE\n$URL_RESOURCE"

DECODED_KEY="$(echo -n $STORAGE_KEY | base64 -d -w0 | xxd -p -c256)"
SIGN=$(printf "$STRING_TO_SIGN" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$DECODED_KEY" -binary |  base64 -w0)

curl -X PUT \
  -H "x-ms-date:$DATE_ISO" \
  -H "x-ms-version:$VERSION" \
  -H "Authorization: SharedKey $STORAGE_ACCOUNT:$SIGN" \
  -H "Content-Length:0" \
  "https://$STORAGE_ACCOUNT.file.core.windows.net/$SHARE_NAME/$DIRECTORY_NAME?restype=directory"
Taz
  • 1,235
  • 9
  • 16
Aaron Chen
  • 9,835
  • 1
  • 16
  • 28
  • 1
    Awesome! I see it's also no problem to create a directory inside this share: `SHARENAME` must be sth. like `/` and `restype` in line 10 and 21 must be set to `directory` – Munchkin Jan 26 '17 at 09:23