Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Uploading blob with container client fails with auth error but succeeds with blob client when using Azure CDN

See original GitHub issue

Package Name: azure-storage-blob
Package Version: 12.9.0
Operating System: Windows 10
Python Version: 3.10.2

Describe the bug I have an Azure Storage account that is configured with an Azure CDN. When using BlobServiceClient with the account URL set to an Azure CDN, uploading a file using the container client fails with an authentication error, while it succeeds when using a blob client.

Both succeed when the account URL is set to the actual Storage Account URL.

To Reproduce Steps to reproduce the behavior:

from azure.storage.blob import BlobServiceClient

edge_url = 'https://edgeaccount.azureedge.net'
storage_url = 'https://account.blob.core.windows.net'
service = BlobServiceClient(account_url=edge_url, credential={'account_name': 'abc', 'account_key': 'xyz'})

blob_client = service.get_blob_client('container', 'blobname')
container_client = service.get_container_client('container')

with open("./testfile", "rb") as stream:
    # This succeeds
    blob_client.upload_blob(stream, overwrite=True)
    # This fails with authentication error
    container_client.upload_blob('blobname', stream, overwrite=True)

Authentication error

authenticationerrordetail:The MAC signature found in the HTTP request '5dC3N7RcRW9V...' is not the same as any computed signature. Server used following string to sign: 'PUT


1

application/octet-stream






x-ms-blob-type:BlockBlob
x-ms-client-request-id:xxxx
x-ms-date:Mon, 21 Feb 2022 07:34:35 GMT
x-ms-version:2020-10-02
Content: <?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed 
correctly including the signature.
RequestId:xxx
Time:2022-02-21T07:34:35.1058206Z</Message><AuthenticationErrorDetail>The MAC signature found in the HTTP request '5dC3N7RcRW9V...' is not the same as any computed 
signature. Server used following string to sign: 'PUT

Expected behavior The container client should upload the blob successfully.

Issue Analytics

State:
Created 2 years ago
Reactions:1
Comments:7 (5 by maintainers)

Top GitHub Comments

1reaction

jalauzon-msftcommented, Feb 24, 2022

Hi again @JeffreyCA, I have tried out your sample with an Azure CDN configured on a Storage Account and was not able to reproduce the auth error. Both the BlobClient and ContainerClient method worked as expected with no errors. I tried a couple different combinations of how the container was initially created, etc.

Is this a consistent or intermittent? Is there anything special (outside of default) configured on your Storage Account or CDN? I was testing with a pretty much default Storage Account and CDN configuration.

Could you share a recent request id from a failed request? I can look at it on the service side to see if that reveals anything. (The more recent, the better, since the service logs roll over fairly quickly, ~2 days)

1reaction

jalauzon-msftcommented, Feb 23, 2022

Hi @JeffreyCA, thanks for reporting this. We will look into it and get back to you.

Top Results From Across the Web

Troubleshoot client application errors in Azure Storage accounts

This article helps you investigate client application errors by using metrics, client side logs, and resource logs in Azure Monitor.

Azure Blob Storage fails to authenticate: "Make sure the value ...

Hi I am trying to upload a binary file (a blob for an excel file, actually) to my storage account but the client...

Authorize access to blob or queue data from a native or web ...

If authentication succeeds, Azure AD returns the access token to the application, and the application can then use the access token to authorize ......

Azure Storage Blob client library for Java - Microsoft Learn

Azure Blob Storage is Microsoft's object storage solution for the cloud. ... Upload data to a blob and fail if one already exists....

Monitor and troubleshoot Azure Storage (classic logs & metrics)

Use features like storage analytics, client-side logging, and other ... and the current number of containers (ContainerCount) and blobs ...