LetsPlayYahtzee LetsPlayYahtzee - 1 month ago 16
Javascript Question

Azure Table Storage Authenticate REST call through javascript

I am trying to make a REST call to my Azure Table using javascript but I find it hard to authenticate the call.

I am using that piece of javascript (I know the date has to be maximum 15 min old, and I don't plan on using the actual key in the javascript!)

$(document).ready(function(){
$("button").click(function(){
var dateTimeInUtc = 'Fri, 12 Feb 2016 12:14:00 GMT';
var version = '2015-04-05';
var key = 'JEwMjqFD1ng8vIaECmRw8eQysiIvH08nF/jPKPYaNGumgxtKIjltX8bte5sKN6SNyw09s=='; // not an actuall key
var stringToSign = 'GET\n\n\nFri, 12 Feb 2016 12:14:00 GMT\n/myaccount/mytable(PartitionKey=\'first_partition\', RowKey=\'1235\')';
var signature = CryptoJS.enc.Base64.stringify(CryptoJS.HmacSHA256(CryptoJS.enc.Utf8.parse(stringToSign), CryptoJS.enc.Base64.parse(key)));
$.ajax({
url:'https://myaccount.table.core.windows.net/mytable(PartitionKey=\'first_partition\', RowKey=\'1235\')',
type: 'GET',
success: function (data) {
console.log('well done');
},
beforeSend: function (xhr) {
xhr.setRequestHeader('Authorization', "SharedKey " + "myaccount" + ":" + signature);
xhr.setRequestHeader('x-ms-date', dateTimeInUtc);
xhr.setRequestHeader('x-ms-version', version);
},
error: function (rcvData) {
console.log(rcvData);
}
});
});
});


what I get

403 (Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.)


Do you see anything obviously wrong? Do I miss something from the signature?

Answer

The string-to-sign that you construct must be the exact URL transmitted over the wire, including percent encoding characters not allowed in a URL. In this case, the space character in the URL will be percent encoded over the wire, so it must be percent encoded in the string-to-sign.

From the MSDN page:

Any portion of the CanonicalizedResource string that is derived from the resource's URI should be encoded exactly as it is in the URI.