1

I'm trying to add a message to my Storage Queue using the REST API provided in this document: https://learn.microsoft.com/en-us/rest/api/storageservices/put-message

Please note that I cannot use the Azure Libraries for this task, there are no Libraries that I know of for Service Now and I'm setting up the test trigger in Python to simulate the REST API calls that would be made from Service Now. In all instances, I receive a 403 error code with no details in the response or the header of the response.

import os, requests, datetime
date = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')

storage_account = "testacc"
queue = "test-queue"

msg = """<QueueMessage>  
<MessageText>Testing 123</MessageText>  
</QueueMessage>
"""

api = f"https://{storage_account}.queue.core.windows.net/{queue}/messages/?visibilitytimeout=30&timeout=30"
header = {
    "Authorization": f"SharedAccessSignature https://{storage_account}.queue.core.windows.net/?sv=2020-08-04&ss=q&srt=sco&sp=rwau&se=2022-03-03T17:52:52Z&st=2022-02-17T09:52:52Z&spr=https&sig=<REDACTED SIG>", 
    "Content-Type": "application/xml",
    "Content-Length": "str(len(msg))"
}

resp = requests.post(url=api, data=msg, headers=header)

print(resp.headers, resp.status_code)

I am not sure how to design the Authentication key for this API, any tips and suggestions would be appreciated. Thank you.

KevinLee
  • 162
  • 1
  • 12

1 Answers1

1

You don't have to include the Authorization header in the request. Simply use your SAS URL to send the request (with other headers) and the request should work fine.

The reason you do not need Authorization header is because the authorization information is already included in your SAS Token (sig portion of your SAS Token).

Your code would be something like:

api = f"https://{storage_account}.queue.core.windows.net/{queue}/messages/?visibilitytimeout=30&timeout=30&sv=2020-08-04&ss=q&srt=sco&sp=rwau&se=2022-03-03T17:52:52Z&st=2022-02-17T09:52:52Z&spr=https&sig=<REDACTED SIG>"
header = {
    "Content-Type": "application/xml",
    "Content-Length": "str(len(msg))"
}

resp = requests.post(url=api, data=msg, headers=header)

print(resp.headers, resp.status_code)
Gaurav Mantri
  • 128,066
  • 12
  • 206
  • 241
  • Thanks that worked! But I'm now getting an "Invalid Uri" in the headers' "x-ms-error-code" I've tried all combinations of URLs to hit with no success. To add some details, I've used the "Queue service SAS URL", the queues' URL with "SAS token" parameters appended to it and nothing was working. – KevinLee Feb 22 '22 at 07:46
  • Please edit your question and include the updated code. – Gaurav Mantri Feb 22 '22 at 07:50
  • 1
    Never mind found the issue, the Url that was producing the error had "queue/messages/?" when it was supposed to be "queue/messages?" – KevinLee Feb 22 '22 at 07:55
  • I have another similar question but this time with Service Bus. I've linked it here: https://stackoverflow.com/questions/71249890/how-to-authenticate-azure-rest-apis-to-service-bus-with-sas – KevinLee Feb 24 '22 at 09:59