blob 和 sas

Blob是什麼？

請看上篇文章簡單總結下關於blob的圖片上傳 在使用Blob圖片上傳的時候碰到許多問題，好比如何使用用戶名密碼下載文件啊什麼的 今天就記錄一下我碰到的最大的問題

如何匿名去訪問你上傳的Blob文件

共享訪問簽名：瞭解 SAS 模型 這篇文章值得一看，多數官方的文檔在有時候仍是頗有用的。嘗試了半天，只發現一個方法能夠用，使用blobName來生成SAS，再經過SAS生成的Uri+SASToken來訪問blob文件。

 

 1   private static string GetBlobSasUri(CloudBlobContainer container, string blobName, string policyName = null)
 2         {
 3             string sasBlobToken;
 4 
 5             CloudBlockBlob blob = container.GetBlockBlobReference(blobName);
 6 
 7             if (policyName == null)
 8             {
 9                 SharedAccessBlobPolicy adHocSAS = new SharedAccessBlobPolicy()
10                 {
11                     SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(1),
12                     Permissions = SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Create
13                 };
14 
15                 sasBlobToken = blob.GetSharedAccessSignature(adHocSAS);
16 
17                 Console.WriteLine("SAS for blob (ad hoc): {0}", sasBlobToken);
18                 Console.WriteLine();
19             }
20             else
21             {
22                 sasBlobToken = blob.GetSharedAccessSignature(null, policyName);
23 
24                 Console.WriteLine("SAS for blob (stored access policy): {0}", sasBlobToken);
25                 Console.WriteLine();
26             }
27 
28             return blob.Uri + sasBlobToken;
29         }

其實官方文檔寫的很詳細了，不過有個參數我不是很懂，policyName ，文檔裏也沒有過多的介紹，不過從代碼來看，應該是已知URI，生成token後拼接吧。嗯。。。有空測試一下就知道了。。

官方還有一個比較吸引個人方法

 1 private static string GetContainerSasUri(CloudBlobContainer container, string storedPolicyName = null)
 2         {
 3             string sasContainerToken;
 4 
 5             if (storedPolicyName == null)
 6             {
 7                 SharedAccessBlobPolicy adHocPolicy = new SharedAccessBlobPolicy()
 8                 {
 9                     SharedAccessExpiryTime = DateTime.UtcNow.AddHours(24),
10                     Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.List
11                 };
12 
13                 sasContainerToken = container.GetSharedAccessSignature(adHocPolicy, null);
14 
15                 Console.WriteLine("SAS for blob container (ad hoc): {0}", sasContainerToken);
16                 Console.WriteLine();
17             }
18             else
19             {
20                 sasContainerToken = container.GetSharedAccessSignature(null, storedPolicyName);
21 
22                 Console.WriteLine("SAS for blob container (stored access policy): {0}", sasContainerToken);
23                 Console.WriteLine();
24             }
25 
26             return container.Uri + sasContainerToken;
27         }

能夠直接定位到容器，在容器上直接建立SAS來訪問，然而我試了不一樣的參數，返回了各類各樣的錯誤信息，好比。。

1 <Error>
2 <Code>AuthenticationFailed</Code>
3 <Message>
4 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:2ce78f2c-0001-0023-1773-00b9e0000000 Time:2017-07-19T09:45:48.3088986Z
5 </Message>
6 <AuthenticationErrorDetail>
7 Signature did not match. String to sign used was wl 2017-07-20T09:45:12Z /blob/hollywoodsharestorage/$root 2016-05-31
8 </AuthenticationErrorDetail>
9 </Error>

1 <Error>
2 <Code>AuthenticationFailed</Code>
3 <Message>
4 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:4e04d8fe-0001-0020-6471-00bae7000000 Time:2017-07-19T09:29:23.1074413Z
5 </Message>
6 <AuthenticationErrorDetail>
7 Access without signed identifier cannot have time window more than 1 hour: Start [Wed, 19 Jul 2017 09:29:23 GMT] - Expiry [Wed, 19 Jul 2017 18:24:53 GMT]
8 </AuthenticationErrorDetail>
9 </Error>

差很少都是在告訴我，生成的簽名不對。。。

是我打開的方式不對，仍是有別的使用的方法，這個還須要更深一步研究，但願看到的各位大神，有知曉的，分享一下，感激涕零~