PutMessage's Authentication Schemes

Question

Hi,

I learn programming to use Queue storage with REST API now.
I have already learned Create Queue.
But I can't understand to Authentication Schemes when create Message.

I'll show the cord configration next.

HttpWebRequest request = null;
// create HTTP request
request = (HttpWebRequest)WebRequest.Create(uri);
request.Method = "POST";
request.ContentLength = contentString.Length;
request.ContentType = "application/xml";

// add x-ms-date header
string dateString = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture);
request.Headers.Add("x-ms-date", dateString);

// add Authorization header
string authorizationString =
     "POST" + "\n" +
     "\n" +
     "application/xml" + "\n" +
     "\n" +
     "x-ms-date:" + dateString + "\n" +
     "/" + accountName + uri.AbsolutePath;
     AddtAuthorizationHeader(ref request, authorizationString);

Now, server response is 403(AuthenticationFailed).
I think bugg is in add Authorization header.
I can't understand the number of "\n" in the header.

Thank you,
TechTech

Answer 1

Hello, you can use the Authentication.cs in StorageClient as your reference. Your code seems to be OK. But please check the following: Do you have any headers begin with x-ms-? If so, you should include all of them in the CanonicalizedHeaders part. Do you have the comp query string parameter? If so, you should include it in the CanonicalizedResource part. Have you computed the signature using SHA256? For the queue storage, the Authentication header should be:

Authorization="SharedKey <AccountName>:<Signature>"

Where Signature is the SHA256 of the above authorizationString.

---

Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.

Answer 2

For Queue Service, the string to sign is documented as:

StringToSign = VERB + "\n" +
               Content-MD5 + "\n" +
               Content-Type + "\n" +
               Date + "\n" +
               CanonicalizedHeaders + 
               CanonicalizedResource;

You need to replace the word Date by the value of dateString in your code - so your code should not have the word "x-ms-date:" in the string to sign. Furthermore, you have an extra '\n' after "application/xml." I'm not sure the CanonicalizedHeadera and CanonicalizedResource are correct either. I suggest you follow Yi-Lun Luo's advice and look at the example in the StorageClient sample. I've found Fiddler to be a useful tool when using the REST interface.

Answer 3

Hello, Neil and Yi-Lun

I have aleady known the things.
I can't understand CanonicalizedHeaders.
I understand that CanonicalizedHeaders include metadata etc.

Thank you for your advices,
TechTech

Answer 4

The CanonicalizedHeaders are documented here. The best way to understand how to create them is to look at the implementation in the StorageClient sample that ships with the SDK. In that sample, the Table functionality is implemented on top of ADO.Net Data Services while the Queue and Blob functionality is implemented directly on top of the REST interface you are trying to use.

The MessageCanonicalizer.CanonicalizeHttpRequest() method in Authentication.cs shows, in gory detail, how to generate CanonicalizedHeaders.