Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

How to authenticate Azure REST APIs to Storage Queue with SAS?

byMR
February 22, 2022

I’m trying to add a message to my Storage Queue using the REST API provided in this document:
https://docs.microsoft.com/en-us/rest/api/storageservices/put-message

Please note that I cannot use the Azure Libraries for this task, there are no Libraries that I know of for Service Now and I’m setting up the test trigger in Python to simulate the REST API calls that would be made from Service Now.
In all instances, I receive a 403 error code with no details in the response or the header of the response.

import os, requests, datetime
date = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')

storage_account = "testacc"
queue = "test-queue"

msg = """<QueueMessage>  
<MessageText>Testing 123</MessageText>  
</QueueMessage>
"""

api = f"https://{storage_account}.queue.core.windows.net/{queue}/messages/?visibilitytimeout=30&timeout=30"
header = {
    "Authorization": f"SharedAccessSignature https://{storage_account}.queue.core.windows.net/?sv=2020-08-04&ss=q&srt=sco&sp=rwau&se=2022-03-03T17:52:52Z&st=2022-02-17T09:52:52Z&spr=https&sig=<REDACTED SIG>", 
    "Content-Type": "application/xml",
    "Content-Length": "str(len(msg))"
}

resp = requests.post(url=api, data=msg, headers=header)

print(resp.headers, resp.status_code)

I am not sure how to design the Authentication key for this API, any tips and suggestions would be appreciated. Thank you.

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

>Solution :

You don’t have to include the Authorization header in the request. Simply use your SAS URL to send the request (with other headers) and the request should work fine.

The reason you do not need Authorization header is because the authorization information is already included in your SAS Token (sig portion of your SAS Token).

Your code would be something like:

api = f"https://{storage_account}.queue.core.windows.net/{queue}/messages/?visibilitytimeout=30&timeout=30&sv=2020-08-04&ss=q&srt=sco&sp=rwau&se=2022-03-03T17:52:52Z&st=2022-02-17T09:52:52Z&spr=https&sig=<REDACTED SIG>"
header = {
    "Content-Type": "application/xml",
    "Content-Length": "str(len(msg))"
}

resp = requests.post(url=api, data=msg, headers=header)

print(resp.headers, resp.status_code)
byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading