I am using below code sample to create shared access signatures for private files stored inside Azure Blob storage. The generated Url is sometimes valid but most of the time is invalid due to authentication error.
public async Task<string> GetFileUrl(string containerName, string fileName)
{
ICloudBlob blob = await GetBlob(containerName, fileName);
string signature = blob.GetSharedAccessSignature(new SharedAccessBlobPolicy()
{
SharedAccessStartTime = DateTime.UtcNow.AddMinutes(-5),
SharedAccessExpiryTime = DateTime.UtcNow.AddDays(7),
Permissions = SharedAccessBlobPermissions.Read
});
return blob.Uri.AbsoluteUri + signature;
}
I receive following response when the formed SAS is not valid,
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.RequestId:</Message>
<AuthenticationErrorDetail>Signature fields not well formed.</AuthenticationErrorDetail>
</Error>
Following are the parameters for a URL that is failing to authenticate
sv=2016-05-31
sig=SbVzxo+dv28FvJP+Z9b1w6uvWUT72Pw1BSe3MIRooM0=
st=2017-03-30T11:52:35Z
se=2017-04-06T11:57:35Z
sr=b
sp=r
+
characters might be causing issues. – Martin CostelloUriBuilder
to build theUri
. Sonew UriBuilder(blob.Uri.AbsoluteUri){Query=signature}.Uri.AbsoluteUri
– spender