3

I am attempting to generate a url to a blob with a Shared Access Signature using BlobService.getBlobURL() in the Azure library on Node.js on my local machine. But when I try to retrieve the blob via the generated URL, I'm getting an Authentication Error saying that the "Signature did not match". Downloading the same blob from the Azure Management Portal works fine.

Below is the code I'm using to generate the URL: 

process.env['AZURE_STORAGE_ACCOUNT'] = "[MY_ACCOUNT_NAME]";
process.env['AZURE_STORAGE_ACCESS_KEY'] = "[MY_ACCESS_KEY]";

var azure = require('azure');
var blobs = azure.createBlobService();

blobs.getBlobUrl('[CONTAINER_NAME]', "[BLOB_NAME]",  { AccessPolicy: {
    Start: Date.now(),
    Expiry: azure.date.minutesFromNow(60),
    Permissions: azure.Constants.BlobConstants.SharedAccessPermissions.READ
}});

The URL generated by this function is:

https://[MY_ACCOUNT_NAME].blob.core.windows.net:443/[CONTAINER_NAME]/
    [ENCODED_BLOB_NAME]
    ?st=2013-10-28T18%3A34%3A23Z
    &se=2013-10-28T19%3A34%3A23Z
    &sp=r
    &sr=b
    &sv=2012-02-12
    &sig=rLB%2FEOAWzijkkWcseju8TJLAxzeE5e3Pvq1i68i5Erc%3D

When I try to paste this URL into a browser, I get the following error message: 

<Error>
    <Code>AuthenticationFailed</Code>
    <Message>
        Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:9fe3d3ed-97f4-43d1-8c65-c95ce6b15a08 Time:2013-10-28T18:34:43.3015398Z
    </Message>
    <AuthenticationErrorDetail>
    Signature did not match. String to sign used was r 2013-10-28T18:34:23Z 2013-10-28T19:34:23Z /[MY_ACCOUNT_NAME]/[CONTAINER_NAME]/[BLOB_NAME] 2012-02-12
    </AuthenticationErrorDetail>
</Error>

Then I tried logging on to the Azure Management Portal, selecting the same blob, and downloading it. This worked. URL provided from the Management Portal was:

http://[MY_ACCOUNT_NAME].blob.core.windows.net/[CONTAINER_NAME]/
    [ENCODED_BLOB_NAME]
    ?sv=2012-02-12
    &st=2013-10-28T18%3A35%3A16Z
    &se=2013-10-28T18%3A42%3A16Z
    &sr=b
    &sp=r
    &sig=kcjV%2BkrNAaWOj%2F7NFwmHefXJEiEyu61U7mUTsw3pw7w%3D
remeika
  • 1,075
  • 11
  • 16
  • 1
    Is it possible to share the name of your blob? – Gaurav Mantri Oct 28 '13 at 19:14
  • 1
    Gaurav, In updating my post to provide a public blob name, I discovered that the issue is that spaces in Blob names do not appear to work with the `BlobService.getBlobURL()` in Node.js. Thanks for a push in the right direction! – remeika Oct 28 '13 at 19:42
  • 1
    Glad you figured it out. It's better to post the discovered answer as an *answer* rather than as an edit to the question, so that others can either vote on the answer or at least realize there's a posted answer (via answer count). – David Makogon Oct 28 '13 at 19:51

1 Answers1

2

It appears that as of the Azure Node.js Library version 0.7.16, there is a bug causing this behavior. When a Blob name includes spaces, BlobService.getBlobURL() fails to generate a correct signature. To resolve, upload a new blob without any spaces in its name, and call BlobService.getBlobURL() again with the name of the new blob. The URL produced this time will be valid. You can check in on this issue on Github.

remeika
  • 1,075
  • 11
  • 16