0

I am trying to create container using rest api in azure storage. I have followed everything written in microsoft's documentation provided here and tried to create authorization token from here. Still I am getting:

403 Forbidden Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.

Below is my code snippet.

 class Program
{
    private const string BlobStorageAccount = "myacc";
    private const string BlobStorageAccessKey = "ACCESS_KEY";
    static void Main(string[] args)
    {
        CreateContainer("myfirstcontainer");
    }

    private static bool CreateContainer(string containerName)
    {
        String requestMethod = "PUT";
        String msVersion = "2016-05-31";
        string dt = DateTime.UtcNow.ToString("R", CultureInfo.InvariantCulture);

        String canHeaders = String.Format("x-ms-date:{0}\nx-ms-version:{1}", dt, msVersion);
        String canResource = String.Format("/{0}/{1}\nrestype:container", BlobStorageAccount, containerName);
        String SignStr = String.Format("{0}\n\n\n\n\n\n\n\n\n\n\n\n{1}\n{2}", requestMethod, canHeaders, canResource);
        string auth = CreateAuthString(SignStr);
        string urlPath = string.Format("https://{0}.blob.core.windows.net/{1}?restype=container", BlobStorageAccount, containerName);
        Uri uri = new Uri(urlPath);

        HttpClient client = new HttpClient();
        client.DefaultRequestHeaders.Add("x-ms-date", dt);
        client.DefaultRequestHeaders.Add("x-ms-version", "2016-05-31");
        client.DefaultRequestHeaders.Add("x-ms-client-request-id", Guid.NewGuid().ToString());
        client.DefaultRequestHeaders.Add("Authorization", auth);

        HttpContent empty = null;
        HttpResponseMessage response = client.PutAsync(uri, empty).Result;

        return response.IsSuccessStatusCode;
    }

    private static String CreateAuthString(String SignStr)
    {
        String signature = string.Empty;
        byte[] unicodeKey = Convert.FromBase64String(BlobStorageAccessKey);
        using (HMACSHA256 hmacSha256 = new HMACSHA256(unicodeKey))
        {
            Byte[] dataToHmac = System.Text.Encoding.UTF8.GetBytes(SignStr);
            signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac));
        }

        String authorizationHeader = String.Format(
              CultureInfo.InvariantCulture,
              "{0} {1}:{2}",
              "SharedKey",
              BlobStorageAccount,
              signature);

        return authorizationHeader;
    }
}
Improve this question

1 Answer 1

Reset to default
2

Your request includes 3 request headers but canHeaders only include 2. So you would need to add the 3rd header there.

var clientRequestId = Guid.NewGuid().ToString();
String canHeaders = String.Format("x-ms-client-request-id:{0}\nx-ms-date:{1}\nx-ms-version:{2}", clientRequestId, dt, msVersion);
String canResource = String.Format("/{0}/{1}\nrestype:container", BlobStorageAccount, containerName);
        String SignStr = String.Format("{0}\n\n\n\n\n\n\n\n\n\n\n\n{1}\n{2}", requestMethod, canHeaders, canResource);
    string auth = CreateAuthString(SignStr);
    string urlPath = string.Format("https://{0}.blob.core.windows.net/{1}?restype=container", BlobStorageAccount, containerName);
    Uri uri = new Uri(urlPath);

    HttpClient client = new HttpClient();
    client.DefaultRequestHeaders.Add("x-ms-date", dt);
    client.DefaultRequestHeaders.Add("x-ms-version", "2016-05-31");
    client.DefaultRequestHeaders.Add("x-ms-client-request-id", clientRequestId);
    client.DefaultRequestHeaders.Add("Authorization", auth);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.