Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
azure-storage-blob==12.8.0 - invalid shared access signature with azurite emulator
See original GitHub issue- Package Name: azure-storage-blob
- Package Version: 12.8.0
- Operating System: OSX
- Python Version: 3.8
Describe the bug
Share access signatures generated for azurite container (version arafato/azurite:2.6.5) are invalid.
Shared access signatures generated for real Azure storage services are valid.
To Reproduce Steps to reproduce the behavior:
-
Start azurite docker container, create blob container (e.g.
static-data) and put some data into it (e.g.kitty_01.jpg) -
Run py.test on following code
import datetime
import azure.storage.blob
import requests
def test_share_access_signature_with_emulator():
emulated_storage = {
"account_name": "devstoreaccount1",
"account_key": "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==",
"connection_string": "AccountName=devstoreaccount1;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;DefaultEndpointsProtocol=http;BlobEndpoint=http://127.0.0.1:10000/devstoreaccount1;QueueEndpoint=http://127.0.0.1:10001/devstoreaccount1;TableEndpoint=http://127.0.0.1:10002/devstoreaccount1;",
"container": "static-data",
"blob": "kitty_01.jpg"
}
storage = emulated_storage
sas_token = azure.storage.blob.generate_account_sas(
account_name=storage["account_name"],
account_key=storage["account_key"],
resource_types=azure.storage.blob.ResourceTypes(object=True),
permission=azure.storage.blob.AccountSasPermissions(read=True),
start=datetime.datetime.now() - datetime.timedelta(days=10),
expiry=datetime.datetime.now() + datetime.timedelta(days=10)
)
blob_service_client = azure.storage.blob.BlobServiceClient.from_connection_string(
storage["connection_string"], credential=sas_token)
blob_client = blob_service_client.get_blob_client(container=storage["container"], blob=storage["blob"])
assert requests.get(blob_client.url, timeout=5).status_code == 200
Expected behavior
blob_client.url should yield a valid url that can be used to access data.
Instead invalid url is generated, and accessing it yields AuthenticationFailed response.
Screenshots If applicable, add screenshots to help explain your problem.
Additional context Accessing the same data with shared access signature generated from Microsoft Azure Storage Explorer works without problems.
Sample url generated by azure-storage-blob==12.8.0: ‘http://127.0.0.1:10000/devstoreaccount1/static-data/kitty_01.jpg?st=2021-02-28T15%3A59%3A44Z&se=2021-03-20T15%3A59%3A44Z&sp=r&sv=2020-06-12&ss=b&srt=o&sig=GxIh4Eq8isrZOidgOhubhAd0MjiiNeLook%2F8lYwjXMo%3D’
Sample url generated by Microsoft Azure Storage Explorer: ‘http://127.0.0.1:10000/devstoreaccount1/static-data/kitty_01.jpg?sv=2018-03-28&st=2021-03-09T06%3A45%3A00Z&se=2021-03-11T06%3A45%3A09Z&sr=b&sp=r&sig=27dwNA9F8EMTG4m2husfsB4ltFSdvtVFTz9GleEB3Lo%3D’
Issue Analytics
- State:
- Created 3 years ago
- Comments:13 (6 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@xiafu-msft Maybe I’ll chip in with advice I got over at https://github.com/Azure/Azurite/issues/731 Setting
allowed_origins=["*"]instead ofallowed_origins=["0.0.0.0:*"]when defining CORS settings worked for me with Azurite V3 container.This means that for task at hand (generating SAS tokens) I can switch from azurite V2 to V3, where problem for which I opened this issue doesn’t exist. So I suppose from my point of view the issue can be closed.
@XiaoningLiu Any updates?