身份验证令牌失败 CosmosDB REST API

【问题标题】:Auth token failure CosmosDB REST API身份验证令牌失败 CosmosDB REST API
【发布时间】:2018-01-18 14:36:47
【问题描述】:

我正在尝试通过 REST API 从 CosmosDB (SQL) 获取文档。 使用 Azure 函数,我根据the code in the documentation 确定授权字符串。

我使用以下参数调用此代码:

GenerateAuthToken("GET", "docs", "dbs/vacancies/colls/items/docs", "masterkey", "master", "1.0");

我只想获取数据库vacancies和集合items中的文档。这些实体存在于 CosmosDB 中(区分大小写匹配),并且该集合中有一个文档。

然后我使用 postman 调用 Cosmos REST API。 我对https://mycosmosdbaccount.documents.azure.com/dbs/vacancies/colls/items/docs 执行 HTTP GET 标题:

x-ms-version : 2017-02-22
Accept: application/json
Authorization: type%3dmaster%26ver%3d1.0%26sig%3dDU1O3I0hMJzF76fedro4M2VnfOhE03aIWgccaVWRBIc%3d
x-ms-date: thu, 18 jan 2018 10:53:23 gmt

我回来了:

{
    "code": "Unauthorized",
    "message": "The input authorization token can't serve the request. Please check that the expected payload is built as per the protocol, and check the key being used. Server used the following payload to sign: 'get\ndocs\ndbs/vacancies/colls/items\nthu, 18 jan 2018 14:31:43 gmt\n\n'\r\nActivityId: 637276f1-c4ec-4d5d-8199-022d680b31d2, Microsoft.Azure.Documents.Common/1.19.162.2"
}

我已经尝试了大约一百种不同的 resourceLink (dbs/vacancies/colls/items/docs) 和 http get URL 组合,结果始终相同。

请让我知道我做错了什么愚蠢的事情。

【问题讨论】:

  • 嗨,现在有更新吗?
  • 我的代码和你一样,资源链接不是问题。由于我已经在使用 Azure 函数,所以我只是在其中使用了 dotnet sdk。
  • 资源链接在您的帖子中设置为“dbs/vacancies/colls/items/docs”,当您要获取文档时需要将其设置为“dbs/vacancies/colls/items”。

标签: c# rest azure azure-cosmosdb


【解决方案1】:

根据您的错误代码,应该是Request Header中的Authorization参数问题。

我在本地使用 java 代码测试了 Get documents Rest API,它适用于我。

请参考以下代码:

import com.sun.org.apache.xml.internal.security.utils.Base64;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.TimeZone;

public class ListDataBaseRest {

    private static final String account = "***";
    private static final String key = "***";


    public static void main(String args[]) throws Exception {

        String urlString = "https://" + account + ".documents.azure.com/dbs/db/colls/coll/docs";
        HttpURLConnection connection = (HttpURLConnection) (new URL(urlString)).openConnection();
        getFileRequest(connection, key);
        connection.connect();


        System.out.println("Response message : " + connection.getResponseMessage());
        System.out.println("Response code : " + connection.getResponseCode());

        BufferedReader br = null;
        if (connection.getResponseCode() != 200) {
            br = new BufferedReader(new InputStreamReader((connection.getErrorStream())));
        } else {
            br = new BufferedReader(new InputStreamReader((connection.getInputStream())));
        }
        System.out.println("Response body : " + br.readLine());
    }

    public static void getFileRequest(HttpURLConnection request, String key)
            throws Exception {
        SimpleDateFormat fmt = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss");
        fmt.setTimeZone(TimeZone.getTimeZone("GMT"));
        String date = fmt.format(Calendar.getInstance().getTime()) + " GMT";
        String stringToSign = "GET".toLowerCase() + "\n"
                + "docs".toLowerCase() + "\n"
                + "dbs/db/colls/coll" + "\n"
                + date.toLowerCase() + "\n"
                + "" + "\n";
        System.out.println("stringToSign : " + stringToSign);
        String auth = getAuthenticationString(stringToSign);

        request.setRequestMethod("GET");
        request.setRequestProperty("x-ms-date", date);
        request.setRequestProperty("x-ms-version", "2017-02-22");
        request.setRequestProperty("Authorization", auth);
        request.setRequestProperty("Content-Type", "application/query+json");

    }

    private static String getAuthenticationString(String stringToSign) throws Exception {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(Base64.decode(key), "HmacSHA256"));
        String authKey = new String(Base64.encode(mac.doFinal(stringToSign.getBytes("UTF-8"))));
        System.out.println("authkey:" + authKey);
        String auth = "type=master&ver=1.0&sig=" + authKey;
        auth = URLEncoder.encode(auth);
        System.out.println("authString:" + auth);
        return auth;
    }

}

我注意到您的GenerateAuthToken 方法中的ResourceLink 参数不正确。

应该是dbs/vacancies/colls/items,而不是dbs/vacancies/colls/items/docs

希望对你有所帮助。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2018-07-23
    • 1970-01-01
    • 2018-07-11
    • 2016-08-10
    • 2014-02-25
    • 1970-01-01
    • 1970-01-01
    • 2016-07-16
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode