$StorageContext = New-AzStorageContext -StorageAccountName "https://someblobstorage.blob.core.windows.net/nonpublicfolder" -StorageAccountKey "omghi2u"
New-AzStorageBlobSASToken -Context $StorageContext
-Container "nonpublicfolder"
-Blob 'stuff.zip'
-StartTime $(Get-Date)
-ExpiryTime $(Get-Date).AddHours(+3)
-Permission rl
-FullUri
-Verbose
I use the following powershell command to generate a SAS blob token and link. There are two issues. Firstly it returns a non sensical URL with lots of duplications
https://https//someblobstorage.blob.core.windows.net/nonpublicfolder.blob.core.windows.net/nonpublicfolder/stuff.zip?sv=2019-02-02&sr=b&sig=lolsig&st=2019-09-18T06%3A28%3A44Z&se=2019-09-18T09%3A28%3A44Z&sp=rl
As you can see it has duplicated the https, and also strangely added blob.core.windows.net multiple times.
If I fix the link by hand to be the following:
https://someblobstorage.blob.core.windows.net/nonpublicfolder/stuff.zip?sv=2019-02-02&sr=b&sig=lolsig&st=2019-09-18T06%3A28%3A44Z&se=2019-09-18T09%3A28%3A44Z&sp=rl
AuthenticationFailedServer failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:some guid Time:2019-09-18T06:30:10.1797787Z Signature did not match. String to sign used was rl 2019-09-18T06:29:50Z 2019-09-18T09:29:50Z /blob/someblobstorage/somepublicfolder/stuff.zip 2019-02-02 b
Why am I getting an authentication failure?
edit: If I use azure storage explorer to generate it I get a link that has ordered the variables differently, it also works.
https://someblobstorage.blob.core.windows.net/nonpublicfolder/stuff.zip?st=2019-09-18T06%3A33%3A04Z&se=2019-09-19T08%3A33%3A00Z&sp=r&sv=2018-03-28&sr=b&sig=somesig
How can I generate a working link like the one above using powershell? I have no idea what I am doing wrong.
