none
Problems Authenticating to Storage Emulator with Signed REST

    Question

  • Hi there,

    I have method that simply makes a REST call to table storage and returns the raw ATOM feed to me.  It works great with the live table storage, but for some reason or another I do not seem to be able to get it to authenticate to the storage emulator.

    I'm using the following code to create the signature...

    HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);

    request.Method = "GET";
    request.ContentLength = 0;
    request.Headers.Add("x-ms-date", DateTime.UtcNow.ToString("R", System.Globalization.CultureInfo.InvariantCulture));

    // Now sign the request
    string signature = "GET\n";

    // Content-MD5
    signature += "\n";

    // Content-Type
    signature += "\n";

    // Date
    signature += request.Headers["x-ms-date"] + "\n";

    // Canonicalized Resource
    // remove the query string
    int q = pStrTableName.IndexOf("?");
    if (q > 0) pStrTableName = TableName.Substring(0, q);

    // Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
    signature += "/" + cCSAAccount.Credentials.AccountName + "/" + pStrTableName;

    // Hash-based Message Authentication Code (HMAC) using SHA256 hash
    System.Security.Cryptography.HMACSHA256 hasher = null;
    String key = "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==";
    hasher = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(key));
     
    // Authorization header
    string authH = "SharedKey " + cCSAAccount.Credentials.AccountName + ":" + System.Convert.ToBase64String(hasher.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signature)));

    // Add the Authorization header to the request
    request.Headers.Add("Authorization", authH);

     

    Just to clarify that this is working great with live table storage, just not the emulator.

    Thanks in advance.

    Tuesday, September 6, 2011 8:10 AM

Answers

  • I think the issue is in the following line of code:

    // Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
    signature += "/" + cCSAAccount.Credentials.AccountName + "/" + pStrTableName;

    Please refer to the "Constructing the Canonicalized Resource String" section (read Note there) from here: http://msdn.microsoft.com/en-us/library/dd179428.aspx. Essentially your storage account name should appear twice in the code above when connecting to development storage.

    Hope this helps.

    Thanks

    Gaurav Mantri

    Cerebrata Software

    http://www.cerebrata.com

     

     

     

     

    • Marked as answer by Trolololoooo Tuesday, September 6, 2011 9:06 AM
    Tuesday, September 6, 2011 8:50 AM

All replies

  • I think the issue is in the following line of code:

    // Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
    signature += "/" + cCSAAccount.Credentials.AccountName + "/" + pStrTableName;

    Please refer to the "Constructing the Canonicalized Resource String" section (read Note there) from here: http://msdn.microsoft.com/en-us/library/dd179428.aspx. Essentially your storage account name should appear twice in the code above when connecting to development storage.

    Hope this helps.

    Thanks

    Gaurav Mantri

    Cerebrata Software

    http://www.cerebrata.com

     

     

     

     

    • Marked as answer by Trolololoooo Tuesday, September 6, 2011 9:06 AM
    Tuesday, September 6, 2011 8:50 AM
  • Excellent thanks! That solved the problem :)
    Tuesday, September 6, 2011 9:06 AM