Share via

Problem with url SAS generation - REST API PHP

Mateusz Rolka 0 Reputation points
2023-10-24T10:07:12.72+00:00

Anybody can help me with this?
Server failed to authenticate the request. Signature did not match. String to sign used was r

function generateBlobSasToken(
    $storageAccountName,
    $containerName,
    $blobName,
    $accountKey
) {
    $start = gmdate('Y-m-d\TH:i:s\Z', time());
    $expiry = gmdate('Y-m-d\TH:i:s\Z', strtotime('+1 day'));
    
    $permissions = 'r';  // Read permission
    $serviceVersion = '2020-08-04';  // Service version
    $resource = "b";  // Resource type

    // Construct the string-to-sign
    $stringToSign = "$permissions\n"
                  . "$start\n"
                  . "$expiry\n"
                  . "/$storageAccountName/$containerName/$blobName\n"
                  . "$serviceVersion\n\n\nhttps\n";

    $signature = base64_encode(hash_hmac('sha256', $stringToSign, base64_decode($accountKey), true));

    $sasToken = "sp=$permissions"
              . "&st=" . str_replace(':', '%3A', $start)
              . "&se=" . str_replace(':', '%3A', $expiry)
              . "&sr=$resource"
              . "&sv=$serviceVersion"
              . "&spr=https"
              . "&sig=$signature";
    
    return $sasToken;
}

function generateBlobUrl(
    $storageAccountName,
    $containerName,
    $blobName,
    $accountKey
) {
    $sasToken = generateBlobSasToken($storageAccountName, $containerName, $blobName, $accountKey);
    $blobUrl = "https://$storageAccountName.blob.core.windows.net/$containerName/$blobName?$sasToken";

    return $blobUrl;
}

creates url like https://{{accountName}}.blob.core.windows.net/container1/fdg.pdf?sp=r&st=2023-10-24T10%3A01%3A17Z&se=2023-10-25T10%3A01%3A17Z&sr=b&sv=2020-08-04&spr=https&sig={{key}}

but when i go to this url i can see above error. Anybody can help me?

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,192 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Siva Villa 285 Reputation points Microsoft Employee Moderator
    2023-11-07T02:41:03.7166667+00:00

    PRZECINEq
    I'm delighted to learn that you successfully generated a SAS token using the PHP REST API, but I understand that it was accomplished only with the 2015-12-11 version.

    I recommend trying the SAS generation script mentioned in the article below, as it is designed to be compatible with the latest version.

    azure-storage-php/azure-storage-blob/src/Blob/BlobSharedAccessSignatureHelper.php at master · Azure/azure-storage-php · GitHub

    Please let us know if you have any further queries. I’m happy to assist you further.

    ---------------------------------------------------------------------------------------------------------------------------------Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

     

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.