gpt4 book ai didi

iphone - 如何在Object-c中格式化来自iphone的azure表存储请求

转载 作者:行者123 更新时间:2023-12-03 04:40:05 25 4
gpt4 key购买 nike

我需要帮助让我的 header 针对来自 iPhone 应用程序的 Azure 表存储请求正确。我一直在使用这两篇​​文章来尝试正确加密 key ,但仍然遇到问题: iPhone and HMAC-SHA-1 encoding Objective-C sample code for HMAC-SHA1该服务针对我的请求返回错误:服务器无法验证请求并出现以下错误:

Make sure the value of Authorization header is formed correctly including the signature.

我使用以下代码来发出请求:

NSDate *now = [[NSDate alloc] init];
NSString *dateString = [self rfc1123String:now];

NSString *messageToSign = [NSString stringWithFormat:@"%@\n/%@/%@", dateString, AZURE_ACCOUNT_NAME, table];

[Base64 initialize];
//xxx in my code is my primary access shared key
NSString *key = @"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

const char *cKey = [key cStringUsingEncoding:NSUTF8StringEncoding];
const char *cData = [messageToSign cStringUsingEncoding:NSUTF8StringEncoding];

unsigned char cHMAC[CC_SHA256_DIGEST_LENGTH];

CCHmac(kCCHmacAlgSHA256, cKey, strlen(cKey), cData, strlen(cData), cHMAC);

NSData *HMAC = [[NSData alloc] initWithBytes:cHMAC length:sizeof(cHMAC)];


NSString *hash = [Base64 encode:HMAC];

NSLog(@"Encoded hash: %@", hash);

NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
[request addValue:[NSString stringWithFormat:@"SharedKeyLite %@:%@", AZURE_ACCOUNT_NAME, hash] forHTTPHeaderField:@"Authorization"];
[request addValue:dateString forHTTPHeaderField:@"x-ms-date"];
[request addValue:@"application/atom+xml, application/xml" forHTTPHeaderField:@"Accept"];
[request addValue:@"UTF-8" forHTTPHeaderField:@"Accept-Charset"];
NSLog(@"Headers: %@", [request allHTTPHeaderFields]);
NSLog(@"URL: %@", [[request URL] absoluteString]);
return request;

这会导致为请求生成这些 header :

Accept = "application/atom+xml, application/xml";
"Accept-Charset" = "UTF-8";
Authorization = "SharedKeyLite powderdayalarm:xwT1purDtREtxauVr6Bhvdz/2ObLh2J0lMw/prBBQBE=";
"X-Ms-Date" = "Fri, 05 Nov 2010 18:26:00 GMT";

请求的规范在这里:http://msdn.microsoft.com/en-us/library/dd179428.aspx指的是以下内容:

This format supports Shared Key and Shared Key Lite for all versions of the Table service, and Shared Key Lite for the 2009-09-19 version of the Blob and Queue services. This format is identical to that used with previous versions of the storage services. Construct the CanonicalizedResource string in this format as follows:

  1. Beginning with an empty string (""), append a forward slash (/), followed by the name of the account that owns the resource being accessed.

  2. Append the resource's encoded URI path. If the request URI addresses a component of the resource, append the appropriate query string. The query string should include the question mark and the comp parameter (for example, ?comp=metadata). No other parameters should be included on the query string.

Encoding the Signature

To encode the signature, call the HMAC-SHA256 algorithm on the UTF-8-encoded signature string and encode the result as Base64. Use the following format (shown as pseudocode): Copy

Signature=Base64(HMAC-SHA256(UTF8(StringToSign)))

我似乎无法找到这个问题的根源。而且似乎没有太多人从 iphone 发出 azure 请求:)。

谢谢斯科特

最佳答案

Smarx 在 Azure 论坛上向我解释了最佳实践。这是他写的:有两种从客户端访问存储的安全方法:

1.对 blob 使用共享访问签名。在服务器端,您可以生成签名(基本上是签名的 URL),并且该签名的范围有限(可能仅限于特定的 blob、特定的权限和有限的时间)。2.仅从客户端访问Web服务,并让Web服务访问存储。在这两种情况下,中间都有一个服务器,就像在网络应用程序中一样。 (浏览器从不与您的 SQL 数据库对话...它与您的网站对话,然后网站与数据库对话。)

关于iphone - 如何在Object-c中格式化来自iphone的azure表存储请求,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4109027/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com