0

I am trying to list blobs using azure rest API. I am using the below code to list blobs using curl and php looks like the auth signature generated is wrong could anyone help me out in resolving the authorization issue.

$date = gmdate('D, d M Y H:i:s \G\M\T');
$account_name = "xyz";
$containername = "abc";
$account_key = "asdf";

$stringtosign = "GET\n\n\n$date\n/$account_name/$containername()";
$signature = 'SharedKey'.' '.$account_name.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($account_key),true));

$endpoint = 'https://'.$account_name.'.blob.core.windows.net';
$url = $endpoint.'/'.$containername.'?restype=container&comp=list'; 

$headers = [
    "x-ms-date:{$date}",
    'x-ms-version:2014-02-14',
    'Accept:application/json;odata=nometadata',
    "Authorization:{$signature}"
];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response  = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);        
echo '<pre>';print_r($response);

I am getting the following error

AuthenticationFailedServer failed to authenticate the request. Make sure the 

value of Authorization header is formed correctly including the signature.
RequestId:sdf4b5-0341-043559-2sdf53-b3sdf000
Time:2017-04-12T06:10:18.8696178ZThe MAC signature found in the HTTP request 'sfdf98i8p7f1QiJwszds' is not the same as any computed signature. Server used following string to sign: 'GET
x-ms-date:Wed, 12 Apr 2017 06:10:17 GMT
x-ms-version:2014-02-14
/abc/xyz
comp:list
restype:container'.
Dev
  • 612
  • 2
  • 13
  • 33

1 Answers1

4

I have changed your code to something as below, then got it worked.

<?php

$date = gmdate('D, d M Y H:i:s \G\M\T');
$account_name = "xyz";
$containername = "abc";
$account_key = "asdf";

$canonicalizedHeaders  = "x-ms-date:$date\nx-ms-version:2014-02-14";
$canonicalizedResource = "/$account_name/$containername\ncomp:list\nrestype:container";

$arraysign = array();
$arraysign[] = 'GET';                     /*HTTP Verb*/  
$arraysign[] = '';                        /*Content-Encoding*/  
$arraysign[] = '';                        /*Content-Language*/  
$arraysign[] = '';                        /*Content-Length (include value when zero)*/  
$arraysign[] = '';                        /*Content-MD5*/  
$arraysign[] = '';                        /*Content-Type*/  
$arraysign[] = '';                        /*Date*/  
$arraysign[] = '';                        /*If-Modified-Since */  
$arraysign[] = '';                        /*If-Match*/  
$arraysign[] = '';                        /*If-None-Match*/  
$arraysign[] = '';                        /*If-Unmodified-Since*/  
$arraysign[] = '';                        /*Range*/  
$arraysign[] = $canonicalizedHeaders;     /*CanonicalizedHeaders*/
$arraysign[] = $canonicalizedResource;    /*CanonicalizedResource*/

$stringtosign = implode("\n", $arraysign);

$signature = 'SharedKey'.' '.$account_name.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($account_key), true));

$endpoint = 'https://'.$account_name.'.blob.core.windows.net';
$url = $endpoint.'/'.$containername.'?restype=container&comp=list'; 

$headers = [
    "x-ms-date:{$date}",
    'x-ms-version:2014-02-14',
    'Accept:application/json;odata=nometadata',
    "Authorization:{$signature}"
];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response  = curl_exec($ch);
echo curl_error($ch);
curl_close($ch);        
echo '<pre>';print_r($response);
Aaron Chen
  • 9,835
  • 1
  • 16
  • 28