Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Microsoft Azure Authentication Failed & ColdFusion

Tags:

coldfusion

azure

azure-blob-storage

I'm working on connecting a ColdFusion 2016 application to Microsoft Azure blob storage and just don't seem to be able to get the authentication correct.

Here is the error I'm receiving:

<Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:9aed89ad-0001-00b8-6fd8-ecc48c000000 Time:2016-08-02T16:07:42.9046123Z</Message><AuthenticationErrorDetail>The Date header in the request is incorrect.</AuthenticationErrorDetail></Error>

HTTP/1.1 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. Content-Length: 419 Content-Type: application/xml Server: Microsoft-HTTPAPI/2.0 x-ms-request-id: 9aed89ad-0001-00b8-6fd8-ecc48c000000 Date: Tue, 02 Aug 2016 16:07:42 GMT Connection: close

Here is my code to list blobs in a container:

<!--- The key is copied directly from the Azure portal interface. --->
<cfset theKey = "fxIciOymaQ2OAcc1g2M...BwQRxNPtEzmwHAyx6J6pw==" />

<cfset requestMethod = "GET" />

<cfset utcDate = dateConvert("local2UTC",now()) />
<cfset xmsDate = dateFormat(utcDate,"ddd, d mmm yyyy") & " " & timeFormat(utcDate,"HH:mm:ss") & " GMT" />

<cfset xmsVersion = "2015-12-11" />

<cfset canonicalizedHeaders = "x-ms-date:#xmsDate#\nx-ms-version:#xmsVersion#\n" />
<cfset canonicalizedResource = "/coldfusion/slao\ncomp:list\ninclude:metadata,snapshots,uncommittedblobs\nrestype:container\n" />

<cfset stringToSign = "#requestMethod#\n\n\n\n\n\n\n\n\n\n\n\n#canonicalizedHeaders##canonicalizedResource#" />

<cfset x = replace(stringToSign,"\n","#chr(13)##chr(10)#","all") />
<cfset y = hmac(x,tmp,"HmacSHA256","utf-8") />
<cfset requestSignature = toBase64(binaryDecode(y,"hex")) />

<cfhttp method="#requestMethod#" url="https://coldfusion.blob.core.windows.net/slao?restype=container&comp=list&include=snapshots&include=metadata&include=uncommittedblobs" result="requestResult">
    <cfhttpparam type="header" name="Authorization" value="SharedKey coldfusion:#requestSignature#">
    <cfhttpparam type="header" name="x-ms-date" value="#xmsDate#">
    <cfhttpparam type="header" name="x-ms-version" value="#xmsVersion#">
</cfhttp>

The error suggests a bad date. As a test, I've copied in the date and time stamp shown in the error response and rerun my program - same error. I've spent quite a bit of time trying to research this on my own, but I just haven't made any progress on this. I've tried Fiddler as well but, of course, I'm getting the same error.

Does anyone see what the problem might be? Any ideas would be appreciated...

Sharon

like image 733
SharonG Avatar asked Aug 02 '16 16:08

SharonG

1 Answers

I wanted to share my final, working program in ColdFusion 2016:

<!---
Copied directly from portal.azure for this storage account.
The copied value is in base64 format.
--->
<cfset theKey = "fxIciOymaQ2OAcc1g2M...BwQRxNPtEzmwHAyx6J6pw==" />

<!---
Explicitly decode the base64 key into binary, so that hmac() 
does not use the supplied "encoding", ie utf-8 to decode it
(because that produces the wrong result). 
--->
<cfset binaryKey = binaryDecode(theKey, "base64")>

<cfset requestMethod = "GET" />

<cfset utcDate = dateConvert("local2UTC",now()) />
<cfset xmsDate = dateFormat(utcDate,"ddd, dd mmm yyyy") & " " & timeFormat(utcDate,"HH:mm:ss") & " GMT" />

<cfset xmsVersion = "2015-12-11" />

<cfset canonicalizedHeaders = "x-ms-date:#xmsDate#\nx-ms-version:#xmsVersion#\n" />
<cfset canonicalizedResource = "/coldfusion/slao\ncomp:list\ninclude:metadata,snapshots,uncommittedblobs\nrestype:container" />

<cfset stringToSign = "#requestMethod#\n\n\n\n\n\n\n\n\n\n\n\n#canonicalizedHeaders##canonicalizedResource#" />

<cfset x = replace(stringToSign,"\n","#chr(10)#","all") />
<cfset y = hmac(x,binaryKey,"HmacSHA256","utf-8") />
<cfset requestSignature = toBase64(binaryDecode(y,"hex")) />

<cfhttp method="#requestMethod#" url="https://coldfusion.blob.core.windows.net/slao?restype=container&comp=list&include=snapshots&include=metadata&include=uncommittedblobs" result="requestResult">
    <cfhttpparam type="header" name="Authorization" value="SharedKey coldfusion:#requestSignature#">
    <cfhttpparam type="header" name="x-ms-date" value="#xmsDate#">
    <cfhttpparam type="header" name="x-ms-version" value="#xmsVersion#">
</cfhttp>

<cfdump var="#requestResult#" expand="yes" />

Many thanks! Sharon

like image 121
SharonG Avatar answered Sep 16 '22 13:09

SharonG
Sign in to Comment

Related questions

Azure Service Bus - MessageCommunication Exception Channel Open timeout
Toast notification in windows 8.1 app
Azure WebApi vs Azure Mobile Service vs
Some assemblies not being included when deploying Azure webjobs from Visual Studio 2013
Creating Blob in Azure Blob Storage with the same name simultaneously
php call with cURL in windows azure
Authenticating a PHP Web App with Azure Active Directory and Azure Mobile Services
Does Microsoft's Face API require Azure?
Overwrite Blob But Keep Metadata?
Azure Queue Storage: Send files in messages
Unable to connect with azure blob storage with local hadoop
Enabling gzip compression on Azure Websites
Using web deploy, how do you publish to a particular slot?
Azure AD B2C - Multiple sub domains
Redis Connections May Not be Closing with c#
How to Process XML in Azure Logic App
Azure Stream Analytics is too slow - also time values are irrelavant
SQL Azure CONTAINS not returning all results
How to generate the same signature as the JWT.IO website does?
Can Service Fabric Cluster Maintains the old versions of a service?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!