Unable to connect to azure-blob-storage after upgrading from v8 to v12 java sdk in azure using spring boot

Question

I am upgrading my existing spring boot application which uses azure-blob-storage from V8 SDK to V12 SDK. But I am getting authorization error. I almost tried all the examples suggested in azure sdk, but none of them are working. Below is the code between v8 and v12.

V8 (Working fine):

String endPoint = https://XXXXXXX.blob.core.windows.net/ecommerce/
String sasToken = sp=racwl&st=2021-06-01T05:12:04Z&se=2026-06-01T13:12:04Z&spr=https&sv=2020-02-05&sr=c&sig=XXXXXX%2BXXXXXXXXXXX%2BVVVVVVVVVVVV%3D
StorageCredentialsSharedAccessSignature s = new StorageCredentialsSharedAccessSignature("sas_token");
CloudBlobContainer cbc = new CloudBlobContainer(s.transformUri(new URI(endPoint)));

CloudBlobDirectory bd = cbc.getDirectoryReference("container_name");
InputStream is = new ByteArrayInputStream("my_string".getBytes());
CloudBlockBlob cbb = bd.getBlockBlobReference("blob_name");
cbb.upload(is, "my_string".length());

V12 (Failing with authentication):


String endPoint = https://XXXXXXX.blob.core.windows.net/ecommerce/
String sasToken = sp=racwl&st=2021-06-01T05:12:04Z&se=2026-06-01T13:12:04Z&spr=https&sv=2020-02-05&sr=c&sig=XXXXXX%2BXXXXXXXXXXX%2BVVVVVVVVVVVV%3D
BlobContainerClient bc = new BlobContainerClientBuilder().endpoint(endPoint).sasToken(sasToken).containerName("container_name").buildClient();
InputStream targetStream = new ByteArrayInputStream("my_string".getBytes());
BlockBlobClient cbb = bc.getBlobClient("blob_name").getBlockBlobClient();
cbb.upload(targetStream, payload.length()); ----> This is where it is throwing the exception

Error with V12 approach failing at authentication:

com.azure.storage.blob.models.BlobStorageException: If you are using a StorageSharedKeyCredential, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate method call.
If you are using a SAS token, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate generateSas method call.
Please remember to disable 'Azure-Storage-Log-String-To-Sign' before going to production as this string can potentially contain PII.
Status code 403, (empty body)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    ...

Can you edit your question and include the SAS token and endpoint URI. Please obfuscate the account name and sig portion of your SAS token. — Gaurav Mantri, Aug 06 '21 at 06:24
@GauravMantri Updated the question with sas token and endpoint uri — Venu, Aug 06 '21 at 06:37
Facing the same issue and the [workaround](https://stackoverflow.com/a/68677965/2996452) did not help — Jokkeri, Oct 21 '21 at 08:15

score 0 · Answer 1 · answered Aug 06 '21 at 07:45

I was able to connect successfully now with the below code. However, there is still an issue with the actuator/health page

BlobContainerClient bcc = new BlobContainerClientBuilder().endpoint(reportProperties.getEndpoint() + "/" + containerName + "/" + "?" + reportProperties.getSastoken()).buildClient();
BlobClient blobClient = bcc.getBlobClient(blobName);
InputStream is = new ByteArrayInputStream("my_string".getBytes());
blobClient.upload(is, payload.length());

Jokkeri · Answer 2 · 2021-10-21T12:37:20.737

After a days work this is how I managed to get this to work with SDK V12.14.1:

    String endpoint = String.format(Locale.ROOT,
            "https://%s.blob.core.windows.net", "myStorage");
    
    AzureSasCredential sasCredential = new AzureSasCredential(
            "sp=racwdl&st=2021-10-21T12:23:00Z&se=2021-10-21T20:23:00Z&spr=https&sv=2020-08-04&sr=c&sig=vV...MI%3D");

    BlobServiceClient blobServiceClient = new BlobServiceClientBuilder()
            .endpoint(endpoint).credential(sasCredential).buildClient();

    BlobContainerClient blobContainerClient = blobServiceClient
            .getBlobContainerClient("myContainer");
    for (BlobItem blobItem : blobContainerClient.listBlobs()) {
        BlockBlobClient blobClient = blobContainerClient
                .getBlobClient(blobItem.getName()).getBlockBlobClient();
        System.out.println(blobClient.getBlobName());
    }

Unable to connect to azure-blob-storage after upgrading from v8 to v12 java sdk in azure using spring boot

2 Answers2

Linked