如何查找共享访问令牌过期的bloburl?
我已经写了下面的代码来获得带有缓存过期令牌的blob url,实际上已经设置了2小时来过期blob url,
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference(containerName);
CloudBlockBlob blockBlob = container.GetBlockBlobReference("blobname");
//Create an ad-hoc Shared Access Policy with read permissions which will expire in 2 hours
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
{
Permissions = SharedAccessBlobPermissions.Read,
SharedAccessExpiryTime = DateTime.UtcNow.AddHours(2),
};
SharedAccessBlobHeaders headers = new SharedAccessBlobHeaders()
{
ContentDisposition = string.Format("attachment;filename=\"{0}\"", "blobname"),
};
var sasToken = blockBlob.GetSharedAccessSignature(policy, headers);
blobUrl = blockBlob.Uri.AbsoluteUri + sasToken;使用上面的代码,我得到了具有有效到期令牌的blob url,现在我想检查blob url在一个客户端应用程序中是否有效。我尝试了web请求和http客户端方法,通过传递URL并获得响应状态代码。如果响应码是404,那么我假设URL已经过期,否则URL仍然有效,但是这种方法需要更多的时间。
请给我任何其他的建议。
回答 4
Stack Overflow用户
发布于 2015-04-11 06:53:09
我尝试运行与您的代码非常相似的代码,我得到了一个403错误,这实际上是本例中所期望的。根据你的问题,我不确定403比404对你更有帮助。下面是在控制台应用程序中运行的代码,它返回403:
class Program
{
static void Main(string[] args)
{
string blobUrl = CreateSAS();
CheckSAS(blobUrl);
Console.ReadLine();
}
//This method returns a reference to the blob with the SAS, and attempts to read it.
static void CheckSAS(string blobUrl)
{
CloudBlockBlob blob = new CloudBlockBlob(new Uri(blobUrl));
//If the DownloadText() method is run within the two minute period that the SAS is valid, it succeeds.
//If it is run after the SAS has expired, it returns a 403 error.
//Sleep for 3 minutes to trigger the error.
System.Threading.Thread.Sleep(180000);
Console.WriteLine(blob.DownloadText());
}
//This method creates the SAS on the blob.
static string CreateSAS()
{
string containerName = "forum-test";
string blobName = "blobname";
string blobUrl = "";
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference(containerName);
container.CreateIfNotExists();
CloudBlockBlob blockBlob = container.GetBlockBlobReference(blobName + DateTime.Now.Ticks);
blockBlob.UploadText("Blob for forum test");
//Create an ad-hoc Shared Access Policy with read permissions which will expire in 2 hours
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy()
{
Permissions = SharedAccessBlobPermissions.Read,
SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(2),
};
SharedAccessBlobHeaders headers = new SharedAccessBlobHeaders()
{
ContentDisposition = string.Format("attachment;filename=\"{0}\"", blobName),
};
var sasToken = blockBlob.GetSharedAccessSignature(policy, headers);
blobUrl = blockBlob.Uri.AbsoluteUri + sasToken;
return blobUrl;
}
}在某些情况下,SAS故障会返回404,这可能会给使用SAS排除故障的操作带来问题。Azure存储团队意识到了这个问题,在未来的版本中,SAS故障可能会返回403。有关404错误的故障排除帮助,请参阅http://azure.microsoft.com/en-us/documentation/articles/storage-monitoring-diagnosing-troubleshooting/#SAS-authorization-issue。
Stack Overflow用户
发布于 2015-04-07 23:42:36
几天前我也遇到了同样的问题。我实际上期望存储服务在SAS令牌过期时返回403错误代码,但存储服务返回404错误。
鉴于我们没有任何其他选择,您这样做是唯一可行的方法,但它仍然是不正确的,因为如果存储帐户中不存在blob,您可能会得到404错误。
Stack Overflow用户
发布于 2015-04-08 16:10:00
也许你可以从生成的SAS中解析"se“参数,这意味着过期时间,例如"se=2013-04-30T02%3A23%3A26Z”。但是,由于服务器时间可能与客户端时间不同,因此解决方案可能不稳定。
http://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-shared-access-signature-part-1/
https://stackoverflow.com/questions/29495038
复制相似问题
腾讯云开发者
