Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
AuthorizationFailure with curl
See original GitHub issueWhich service(blob, file, queue, table) does this issue concern?
Blob
Which version of the Azurite was used?
3.4.0
Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)
npm
What’s the Node.js version?
13.3.0
What problem was encountered?
When I try to use azurite through the REST API, I keep getting a AuthorizationFailure response
Steps to reproduce the issue?
I try to create a container with the following call:
curl -X PUT http://127.0.0.1:10000/devstoreaccount1/pictures?restype=container -H "x-ms-date: 2020-01-24T03:56:54.834Z" -H "x-ms-version: 2019-02-02" -H "Authorization: SharedKey devstoreaccount1:Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="
And get the following response:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Error>
<Code>AuthorizationFailure</Code>
<Message>Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.
RequestId:ce1cc537-128b-46ad-9224-b2b17443c0e9
Time:2020-01-24T03:56:54.834Z</Message>
</Error>
Have you found a mitigation/solution?
No
Logs
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobStorageContextMiddleware: RequestMethod=PUT RequestURL=http://127.0.0.1/devstoreaccount1/pictures?restype=container RequestHeaders:{"host":"127.0.0.1:10000","user-agent":"curl/7.55.1","accept":"*/*","x-ms-date":"`date`","x-ms-version":"2019-02-02","authorization":"SharedKey devstoreaccount1:Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="} ClientIP=127.0.0.1 Protocol=http HTTPVersion=1.1
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobStorageContextMiddleware: Account=devstoreaccount1 Container=pictures Blob=
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 verbose: DispatchMiddleware: Dispatching request...
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: DispatchMiddleware: Operation=Container_Create
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 verbose: AuthenticationMiddlewareFactory:createAuthenticationMiddleware() Validating authentications.
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: PublicAccessAuthenticator:validate() Start validation against public access.
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: PublicAccessAuthenticator:validate() Getting account properties...
2020-01-24T03:56:54.787Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: PublicAccessAuthenticator:validate() Retrieved account name from context: devstoreaccount1, container: pictures, blob:
2020-01-24T03:56:54.803Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: PublicAccessAuthenticator:validate() Skip public access authentication. Cannot get public access type for container pictures
2020-01-24T03:56:54.803Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobSharedKeyAuthenticator:validate() Start validation against account shared key authentication.
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobSharedKeyAuthenticator:validate() [STRING TO SIGN]:"PUT\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:`date`\nx-ms-version:2019-02-02\n/devstoreaccount1/devstoreaccount1/pictures\nrestype:container"
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobSharedKeyAuthenticator:validate() Calculated authentication header based on key1: SharedKey devstoreaccount1:/S7T6ds2y+Gd7wYbOo7ljAx6dJCs0ub4jjvCFkOju9s=
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobSharedKeyAuthenticator:validate() Validation failed.
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: AccountSASAuthenticator:validate() Start validation against account Shared Access Signature pattern.
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: AccountSASAuthenticator:validate() Getting account properties...
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: AccountSASAuthenticator:validate() Retrieved account name from context: devstoreaccount1, container: pictures, blob:
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: AccountSASAuthenticator:validate() Got account properties successfully.
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: AccountSASAuthenticator:validate() Retrieved signature from URL parameter sig: undefined
2020-01-24T03:56:54.818Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: AccountSASAuthenticator:validate() Failed to get valid account SAS values from request.
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: BlobSASAuthenticator:validate() Start validation against blob service Shared Access Signature pattern.
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: BlobSASAuthenticator:validate() Getting account properties...
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: BlobSASAuthenticator:validate() Retrieved account name from context: devstoreaccount1, container: pictures, blob:
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: BlobSASAuthenticator:validate() Got account properties successfully.
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: BlobSASAuthenticator:validate() Retrieved signature from URL parameter sig: undefined
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 debug: BlobSASAuthenticator:validate() No signature found in request. Skip blob service SAS validation.
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Received a MiddlewareError, fill error information to HTTP response
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: ErrorName=StorageError ErrorMessage=Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature. ErrorHTTPStatusCode=403 ErrorHTTPStatusMessage=Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature. ErrorHTTPHeaders={"x-ms-error-code":"AuthorizationFailure","x-ms-request-id":"ce1cc537-128b-46ad-9224-b2b17443c0e9"} ErrorHTTPBody="<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n<Error>\n <Code>AuthorizationFailure</Code>\n <Message>Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.\nRequestId:ce1cc537-128b-46ad-9224-b2b17443c0e9\nTime:2020-01-24T03:56:54.834Z</Message>\n</Error>" ErrorStack="StorageError: Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.\n at Function.getAuthorizationFailure (C:\\Users\\Carlo\\AppData\\Roaming\\npm\\node_modules\\azurite\\dist\\src\\blob\\errors\\StorageErrorFactory.js:113:16)\n at C:\\Users\\Carlo\\AppData\\Roaming\\npm\\node_modules\\azurite\\dist\\src\\blob\\middlewares\\AuthenticationMiddlewareFactory.js:22:56\n at processTicksAndRejections (internal/process/task_queues.js:97:5)"
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Set HTTP code: 403
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Set HTTP status message: Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Set HTTP Header: x-ms-error-code=AuthorizationFailure
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Set HTTP Header: x-ms-request-id=ce1cc537-128b-46ad-9224-b2b17443c0e9
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Set content type: application/xml
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 error: ErrorMiddleware: Set HTTP body: "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n<Error>\n <Code>AuthorizationFailure</Code>\n <Message>Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature.\nRequestId:ce1cc537-128b-46ad-9224-b2b17443c0e9\nTime:2020-01-24T03:56:54.834Z</Message>\n</Error>"
2020-01-24T03:56:54.834Z ce1cc537-128b-46ad-9224-b2b17443c0e9 info: EndMiddleware: End response. TotalTimeInMS=47 StatusCode=403 StatusMessage=Server failed to authenticate the request. Make sure the value of the Authorization header is formed correctly including the signature. Headers={"server":"Azurite-Blob/3.4.0","x-ms-error-code":"AuthorizationFailure","x-ms-request-id":"ce1cc537-128b-46ad-9224-b2b17443c0e9","content-type":"application/xml"}
Issue Analytics
- State:
- Created 4 years ago
- Comments:17 (4 by maintainers)
Top Results From Across the Web
Why does quoting password-variable in curl lead to ...
Why does quoting password-variable in curl lead to authorization failure? (Bash) ... I have a very specific problem with bash and curl.
Read more >Azure Blob REST api failed to connect from Linux webapps
We have been using CURL to connect to Azure blob (REST api) on Linux webapps and it started to fail with AuthorizationFailure message, ......
Read more >CURL Options Authorization Failure - Claris Community
CURL Options Authorization Failure. Greetings all,. I am trying to retrieve a list fo ingredients from an on-line recipe database using the insert...
Read more >Avoiding "AuthorizationFailed" error when hand-crafting ...
Avoiding “AuthorizationFailed” error when hand-crafting Shared Access Signature for Azure Storage ... I've been quite active on Stack Overflow ...
Read more >rest api using php, curl single quote in where clause causes ...
rest api using php, curl single quote in where clause causes authorization failure. I've been messing around with this for days now, ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
SharedKey authentication is one of critical features Azurite provides (instead of ignoring authentication) and aligns with Azure Storage. Refer to https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key about how does SharedKey works.
In the same time, you can use this SAS (generated from devstoreaccount1) if you need debug in Curl or Postman.
Append above SAS parameters into your URL without providing Authentication header.
Tried this and stil get 403 response with v3 Azurite however if you go to Storage Explorer, right click your queue and click Get Shared Access Signature it will create you a URL that you can use