send msg to Azure service bus que via REST

Question

The Azure Queues are exposed to REST API.To make the REST call works. I ran a sample test on POSTMAN. The POST call

https://yournamespace.servicebus.windows.net/yourentity/messages

Also, Passing below 2 headers and values.

Header 1:

Authorization: SharedAccessSignature sr=https%3A%2F%2F.servicebus.windows.net%2Fyourentity&sig=yoursignature from code above&se=1529928563&skn=KeyName

Example:

SharedAccessSignature sr=https%3A%2F%2Fservicebussoatest1.servicebus.windows.net%2Fpublishque&sig=a0wmRklbCGFCYoSCViij9gagtZV9Bg+vU=&se=1529928563&skn=testpolicy

Header 2:

Content-Type: application/json

But even though I have passed the correct Authorization value, I am getting the error below:

401:Invalid Authorization Token signature

Answer 1

401:Invalid Authorization Token signature

According to the 401 error meanings that the token is not vaild.

Firstly please make sure that your policy has access to send the message.

Secondly, if you want to use the azure service bus Send Message Rest APi. The format should be following.

POST https://<yournamespace>.servicebus.windows.net/<yourentity>/messages
Authorization: SharedAccessSignature sr=https%3A%2F%2F<yournamespace>.servicebus.windows.net%2F<yourentity>&sig=<yoursignature from code above>&se=1438205742&skn=KeyName
ContentType: application/atom+xml;type=entry;charset=utf-8

We also could get more information about Service Bus access control with Shared Access Signatures from this article.

I also do a demo with postman. It works correctly on my side.

I use the following code to get the SAS token.

public static string GetSasToken(string resourceUri, string keyName, string key, TimeSpan ttl)
{
      var expiry = GetExpiry(ttl);
      string stringToSign = HttpUtility.UrlEncode(resourceUri) + "\n" + expiry;
      HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
      var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
      var sasToken = String.Format(CultureInfo.InvariantCulture, "SharedAccessSignature sr={0}&sig={1}&se={2}&skn={3}",
      HttpUtility.UrlEncode(resourceUri), HttpUtility.UrlEncode(signature), expiry, keyName);
      return sasToken;
}

private static string GetExpiry(TimeSpan ttl)
{
    TimeSpan expirySinceEpoch = DateTime.UtcNow - new DateTime(1970, 1, 1) + ttl;
    return Convert.ToString((int)expirySinceEpoch.TotalSeconds);
}
string queueUrl = "https://tomtestsb.servicebus.windows.net/" + "queue" + "/messages";
string token = GetSasToken(queueUrl,"Key", "value", TimeSpan.FromDays(1));

We could get the key and value with Azure portal

Test it with Postman.

Headers:

Authorization:SharedAccessSignature sr=https%3a%2f%2fyournamespace.servicebus.windows.net%2fqueuename%2fmessages&sig=SyumAUNnqWFjW2MqjwlomU%2fbblqZljq6LPJp3jpfU%2b4%3d&se=1529478623&skn=KeyName

Content-Type：application/xml

Body

<string xmlns="http://schemas.microsoft.com/2003/10/Serialization/">This is a message.</string> 

Test Result: