Open jacobmurrey opened 7 months ago
Hi @jacobmurrey ,
Can you share which client(SDK) are you using to connect to Azurite, and the code segment where you got this error?
We'll try to have a reproduce to help for debuging.
Here are the azure versions the client is using.
Here is the code for the test and the line that breaks (red):
public async Task UploadDocuments_ReturnsUrl() { // Act var response = await _documentsClient.UploadDocumentMutation.ExecuteAsync("docType", "fileName", "referenceId", "referenceType");
// Assert
response.Errors.Count.Should().Be(0);
response.Data.UploadDocument.Should().NotBeNull();
response.Data.UploadDocument.String.Should().Contain("devstoreaccount1/documents/docType/referenceType/referenceId/fileName");
// Act
var blobClient = new BlobClient(new Uri(response.Data.UploadDocument.String));
using (MemoryStream memStream = new MemoryStream(100))
{
byte[] data = new UnicodeEncoding().GetBytes("TEST DATA");
memStream.Write(data, 0, data.Length);
memStream.Seek(0, SeekOrigin.Begin);
var uploadResponse = await blobClient.UploadAsync(memStream);
// Assert
uploadResponse.Value.Should().NotBeNull();
uploadResponse.GetRawResponse().Status.Should().Be(201);
}
}
Please let me know if you have any further questions.
Thanks tom
From: EmmaZhu-MSFT @.> Sent: Thursday, January 11, 2024 8:06 PM To: Azure/Azurite @.> Cc: Tom Mason @.>; Mention @.> Subject: Re: [Azure/Azurite] Bug in Azurite Container, cannot handle signature with pluses in them. (Issue #2341)
Hi @jacobmurreyhttps://github.com/jacobmurrey ,
Can you share which client(SDK) are you using to connect to Azurite, and the code segment where you got this error?
We'll try to have a reproduce to help for debuging.
- Reply to this email directly, view it on GitHubhttps://github.com/Azure/Azurite/issues/2341#issuecomment-1888300102, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BEVBE43QN2DTCMHAWD7P5KTYOCLB3AVCNFSM6AAAAABBXGWPGKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOBYGMYDAMJQGI. You are receiving this because you were mentioned.Message ID: @.**@.>>
Which service(blob, file, queue, table) does this issue concern?
Blob Storage
Which version of the Azurite was used?
3.29.0
Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)
Visual Studio Version 17.8.3
What's the Node.js version?
v18.13.0
What problem was encountered?
When using Azurite for integration testing we came across a situation where we get intermittent errors with authorization: Azure.RequestFailedException : Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature. RequestId:d9959d4c-76d5-43b8-b3e7-dba434cdb288 Time:2024-01-11T14:37:51.585Z Status: 403 (Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.)
Steps to reproduce the issue?
In an integration test, trying to upload a document to blob storage.\n Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.\nRequestId:d9959d4c-76d5-43b8-b3e7-dba434cdb288\nTime:2024-01-11T14:37:51.585Z \n ” ErrorStack=“StorageError: Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.\n at Function.getAuthorizationFailure (/opt/azurite/dist/src/blob/errors/StorageErrorFactory.js:137:16)\n at /opt/azurite/dist/src/blob/middlewares/AuthenticationMiddlewareFactory.js:25:56\n at processTicksAndRejections (internal/process/task_queues.js:95:5)”
We generated a log file and found out that a ‘+’ in the signature seems to be the issue: 2024-01-11T14:37:51.585Z d9959d4c-76d5-43b8-b3e7-dba434cdb288 info: BlobSASAuthenticator:validate() Validate signature based account key1. 2024-01-11T14:37:51.585Z d9959d4c-76d5-43b8-b3e7-dba434cdb288 debug: BlobSASAuthenticator:validate() String to sign is: “rwdyi\n2024-01-10T14:37:51Z\n2024-01-11T15:37:51Z\n/blob/devstoreaccount1/documents/docType/referenceType/referenceId/fileName\n\n\n\n2023-11-03\nb\n\n\n\n\n\n\n” 2024-01-11T14:37:51.585Z d9959d4c-76d5-43b8-b3e7-dba434cdb288 debug: BlobSASAuthenticator:validate() Calculated signature is: pdTqjgXw8u/ZRvqndCShlAj4VqooAfO69KH5/moq+Xc= 2024-01-11T14:37:51.585Z d9959d4c-76d5-43b8-b3e7-dba434cdb288 info: BlobSASAuthenticator:validate() Signature based on key1 validation failed. 2024-01-11T14:37:51.586Z d9959d4c-76d5-43b8-b3e7-dba434cdb288 error: ErrorMiddleware: Received a MiddlewareError, fill error information to HTTP response 2024-01-11T14:37:51.586Z d9959d4c-76d5-43b8-b3e7-dba434cdb288 error: ErrorMiddleware: ErrorName=StorageError ErrorMessage=Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature. ErrorHTTPStatusCode=403 ErrorHTTPStatusMessage=Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature. ErrorHTTPHeaders={“x-ms-error-code”:“AuthorizationFailure”,“x-ms-request-id”:“d9959d4c-76d5-43b8-b3e7-dba434cdb288”} ErrorHTTPBody=“<?xml version=“1.0” encoding=“UTF-8” standalone=“yes”?>\n
AuthorizationFailure
\nWE only get the auth failure when the key in bold above has a plus in it. So it fails randomly.
debug.log
Have you found a mitigation/solution?
No