Put File Range - REST API Authorization Signature fails

Stefan Loeve 1 Reputation point
2023-01-04T17:04:37.637+00:00

I am attempting to write a PowerShell script for uploading files to an Azure File Share (SMB) and due to ISP issue's I'm required to use the REST API instead of the SMB protocol. I have working code for creating folders, directories, and empty files. However when I attempt to use the Put Range service (https://learn.microsoft.com/en-us/rest/api/storageservices/put-range) I run into issues with the server rejecting my signed authorization.
The auth string I'm signing looks like this:
$stringToSign = "PUTnnn3488nnnnnnnnnx-ms-date:$datenx-ms-range:bytes=0-3487nx-ms-version:$versionnx-ms-write:updaten/$storageAccount/$resource?comp=range"

The response from the server is this:

Invoke-RestMethod : AuthenticationFailedServer failed to authenticate the request. Make sure the value of
Authorization header is formed correctly including the signature.
RequestId:f995523a-701a-0047-71d1-1f93bb000000
Time:2023-01-04T00:16:22.9268980ZThe MAC signature found in the HTTP request
'pwRgIfKnp0ss/XP77syYEHm40vmLx6oxrYSh59ER55k=' is not the same as any computed signature. Server used following
string to sign: 'PUT
x-ms-date:Wed, 04 Jan 2023 00:16:16 GMT
x-ms-range:bytes=0-3487
x-ms-version:2017-04-17
x-ms-write:update
/storageaccount/share/folder/filename.csv
comp:range'.

And the headers sent with the request are:

x-ms-date: Wed, 04 Jan 2023 00:16:16 GMT
x-ms-range: bytes=0-3487
x-ms-version: 2017-04-17
Content-Length: 3488
Authorization: SharedKey storageaccount:pwRgIfKnp0ss/XP77syYEHm40vmLx6oxrYSh59ER55k=
x-ms-write: update

I've noticed that the Content-Length header (even though provided to sign) doesn't show up in the server's response. I also tried using '0' in the Content-Length signing string location and used the x-ms-content-length header instead, which results in the same error returned from the server.

Is there anyone who might be able to offer insight into where I might be going wrong?

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,162 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. SaiKishor-MSFT 17,181 Reputation points
    2023-01-11T23:49:56.64+00:00

    @Stefan Loeve Thanks for reaching out to Microsoft Q&A.

    I understand that you are receiving "AuthenticationFailedServer failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature." error when you try to use Put Range API.

    Please go through the steps mentioned here that discusses this error and troubleshooting steps for the same- https://techcommunity.microsoft.com/t5/azure-paas-blog/the-mac-signature-found-in-the-http-request-xxxx-is-not-the-same/ba-p/3293726

    If this does not help, I would suggest that you reach out to Azure Support directly so they can investigate the issue further. Hope this helps!

    0 comments