Put File Range - REST API Authorization Signature fails

asked 2023-01-04T17:04:37.637+00:00
Stefan Loeve 1 Reputation point

I am attempting to write a PowerShell script for uploading files to an Azure File Share (SMB) and due to ISP issue's I'm required to use the REST API instead of the SMB protocol. I have working code for creating folders, directories, and empty files. However when I attempt to use the Put Range service (https://learn.microsoft.com/en-us/rest/api/storageservices/put-range) I run into issues with the server rejecting my signed authorization.
The auth string I'm signing looks like this:
$stringToSign = "PUTnnn3488nnnnnnnnnx-ms-date:$datenx-ms-range:bytes=0-3487nx-ms-version:$versionnx-ms-write:updaten/$storageAccount/$resource?comp=range"

The response from the server is this:

Invoke-RestMethod : AuthenticationFailedServer failed to authenticate the request. Make sure the value of
Authorization header is formed correctly including the signature.
Time:2023-01-04T00:16:22.9268980ZThe MAC signature found in the HTTP request
'pwRgIfKnp0ss/XP77syYEHm40vmLx6oxrYSh59ER55k=' is not the same as any computed signature. Server used following
string to sign: 'PUT
x-ms-date:Wed, 04 Jan 2023 00:16:16 GMT

And the headers sent with the request are:

x-ms-date: Wed, 04 Jan 2023 00:16:16 GMT
x-ms-range: bytes=0-3487
x-ms-version: 2017-04-17
Content-Length: 3488
Authorization: SharedKey storageaccount:pwRgIfKnp0ss/XP77syYEHm40vmLx6oxrYSh59ER55k=
x-ms-write: update

I've noticed that the Content-Length header (even though provided to sign) doesn't show up in the server's response. I also tried using '0' in the Content-Length signing string location and used the x-ms-content-length header instead, which results in the same error returned from the server.

Is there anyone who might be able to offer insight into where I might be going wrong?

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
764 questions
{count} votes

1 answer

Sort by: Most helpful
  1. answered 2023-01-11T23:49:56.64+00:00
    SaiKishor-MSFT 14,916 Reputation points Microsoft Employee

    @Stefan Loeve Thanks for reaching out to Microsoft Q&A.

    I understand that you are receiving "AuthenticationFailedServer failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature." error when you try to use Put Range API.

    Please go through the steps mentioned here that discusses this error and troubleshooting steps for the same- https://techcommunity.microsoft.com/t5/azure-paas-blog/the-mac-signature-found-in-the-http-request-xxxx-is-not-the-same/ba-p/3293726

    If this does not help, I would suggest that you reach out to Azure Support directly so they can investigate the issue further. Hope this helps!

    No comments