search

Azure / azure-sdk-for-java

This repository is for active development of the Azure SDK for Java. For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/java/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-java.
MIT License
2.35k stars 1.99k forks source link

Azure File Share not supported with TokenCredential - still not working in latest version #42121

Open ihudedi opened 1 month ago

ihudedi commented 1 month ago

@ibrahimrabab @ibrandes @kyleknap @seanmcc-msft I am using latest version (beta) 12.24.0-beta.1 and still can't access with tokenCredentials and the error is com.azure.storage.file.share.models.ShareStorageException: If you are using a StorageSharedKeyCredential, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate method call. If you are using a SAS token, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate generateSas method call. Please remember to disable 'Azure-Storage-Log-String-To-Sign' before going to production as this string can potentially contain PII. Status code 403, "?<?xml version="1.0" encoding="utf-8"?>AuthorizationPermissionMismatchThis request is not authorized to perform this operation using this permission. RequestId:68054700-301a-0073-7523-081394000000 Time:2024-09-16T10:28:15.6744835Z" at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(Unknown Source) ~[?:?] at com.azure.core.implementation.MethodHandleReflectiveInvoker.invokeStatic(MethodHandleReflectiveInvoker.java:26) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.implementation.http.rest.ResponseExceptionConstructorCache.invoke(ResponseExceptionConstructorCache.java:53) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.implementation.http.rest.RestProxyBase.instantiateUnexpectedException(RestProxyBase.java:407) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.implementation.http.rest.SyncRestProxy.ensureExpectedStatus(SyncRestProxy.java:133) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.implementation.http.rest.SyncRestProxy.handleRestReturnType(SyncRestProxy.java:211) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.implementation.http.rest.SyncRestProxy.invoke(SyncRestProxy.java:86) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.implementation.http.rest.RestProxyBase.invoke(RestProxyBase.java:124) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.http.rest.RestProxy.invoke(RestProxy.java:95) ~[azure-core-1.51.0.jar!/:1.51.0] at jdk.proxy2/jdk.proxy2.$Proxy68.listSharesSegmentNoCustomHeadersSync(Unknown Source) ~[?:?] at com.azure.storage.file.share.implementation.ServicesImpl.listSharesSegmentNoCustomHeadersSinglePage(ServicesImpl.java:1078) ~[azure-storage-file-share-12.24.0-beta.1.jar!/:12.24.0-beta.1] at com.azure.storage.file.share.ShareServiceClient.lambda$listShares$0(ShareServiceClient.java:226) ~[azure-storage-file-share-12.24.0-beta.1.jar!/:12.24.0-beta.1] at com.azure.storage.file.share.ShareServiceClient.lambda$listShares$1(ShareServiceClient.java:232) ~[azure-storage-file-share-12.24.0-beta.1.jar!/:12.24.0-beta.1] at com.azure.storage.file.share.ShareServiceClient.lambda$listShares$2(ShareServiceClient.java:245) ~[azure-storage-file-share-12.24.0-beta.1.jar!/:12.24.0-beta.1] at com.azure.core.http.rest.PagedIterable.lambda$new$5(PagedIterable.java:193) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.util.paging.ContinuablePagedByIteratorBase.requestPage(ContinuablePagedByIteratorBase.java:104) ~[azure-core-1.51.0.jar!/:1.51.0] at com.azure.core.util.paging.ContinuablePagedByItemIterable$ContinuablePagedByItemIterator.(ContinuablePagedByItemIterable.java:83) ~[azure-core-1.51.0.jar!/:1.51.0]

I added all permission of fileshare and still same issue. Storage File Data Privileged Contributor Storage File Data Privileged Reader Storage File Data SMB Share Contributor Storage File Data SMB Share Elevated Contributor Storage File Data SMB Share Reader

Could you please let me know what is missing. Thanks, Itay

Originally posted by @ihudedi in https://github.com/Azure/azure-sdk-for-java/issues/41633#issuecomment-2352571305

github-actions[bot] commented 1 month ago

@ibrahimrabab @ibrandes @kyleknap @seanmcc-msft

github-actions[bot] commented 1 month ago

Thank you for your feedback. Tagging and routing to the team member best able to assist.

ibrahimrabab commented 1 month ago

Hi @ihudedi Thanks for reaching out! If you're adding all the necessary permissions needed, then the listShares() API should work just fine. Is it just the listShares() API that is giving the 403 error for you or all service calls?

ihudedi commented 1 month ago

Hi @ibrahimrabab Any service return permission issue Thanks, Itay