I am trying to generate SAS token using java library azure-storage 8.0.0 and generating SAS token at container level, then I am using that sas token for running azcopy command. Following is the code used to generate the SAS token.
/**
* generates the permission policy for storage account
*
* @param blobExpiry expiry of sas token
* @return
*/
private def getBlobPolicy(blobExpiry: Date, permissionString: String): SharedAccessBlobPolicy = {
val policy = new SharedAccessBlobPolicy()
policy.setSharedAccessStartTime(Date.from(ZonedDateTime.now().toInstant))
policy.setSharedAccessExpiryTime(blobExpiry)
policy.setPermissionsFromString(permissionString)
policy
}
* @param permissionString permission string ex. radcwl where r = read, a= add, d=delete, c = create w=write l = list
* @return SASToken for container
*/
def getContainerSASToken(permissionString: String): String = {
val container = getAzureblobConfig().getContainerRef(new String(Base64.encodeBase64(getAzureblobConfig()
.sparkKeyOptionName().getBytes()))).get
val expiryDate: Date = Date.from(ZonedDateTime.now.toInstant.plusSeconds(86400))
"\"" + s"?${container.generateSharedAccessSignature(getBlobPolicy(expiryDate, permissionString), null)}" + "\""
}
I suppose that's the way to generate the SAS token but some how it's not able to generate the right one.
The Error I am getting:
Signature did not match. String to sign used was racwdl
403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature
Token Generated by the code:
?sig=P5BfjwRj3fxDWoohchvZmr3w3cEnzjewv8KbX8zUmeY%3D&st=2019-12-03T06%3A56%3A51Z&se=2019-12-10T06%3A56%3A51Z&sv=2018-03-28&spr=https&sp=racwdl&sr=c
if I am going to generate the SAS token from Azure Storage Explorer and replace it with my code generated SAS it works fine.
