Written by

Ravishankar

Share

  

Category

see all categories
intranet as a service

How To Create Authorization Header for Authenticating Azure Storage Services Using C#

In this article we are going to see how to create authorization header for authenticating Azure storage services using c#.  

Authorization 

The Authorization header is used to authenticate Azure services via Rest API. Every request to the Azure storage services must be authenticated. This authentication scheme supports for the Azure storage services like blobs, queues, tables, and  files. 

The header looks like the below scheme: 

x-ms-date: date_and_time 

Authorization:azure_storage_account_name:signature  

Shared Key Authentication 

Here we have used the Shared Key Lite Authentication scheme. Shared Key Authorization relies on your account access keys and other parameters to produce an encrypted signature string that is passed on the request in the Authorization header. The actual sample of Shared Key authentication will be: 

Method: GET [Text Wrapping Break]

ContentType: application/json[Text Wrapping Break]

X-ms-date: Fri, 17 Aug 2018 12:18:16 GMT[Text Wrapping Break]

Authorization: SharedKeyLite testaccount008:uay+rilMVayH/Sdsfd8X+a3fL8k/NxCnIePdyZSkqvydM=  

Authorization header is constructed by making a hash-based message authentication code using the SHA-256 hash. 

The following is an example of performing the HMACSHA256 hash for the Authorization header: 

using System; 

using System.Text; 

using System.Net; 

using System.Security.Cryptography; 

namespace AzureTablesAuthentication 

{ 

    class Program 

    { 

        static void Main(string[] args) 

        { 

            try 

            { 

                 string storageAccount = ""; // Enter the storage account name 

                string accessKey = ""; // Enter the access key value 

                string TableName = ""; //Enter the Table name  

                string uri = @"https://" + storageAccount + ".table.core.windows.net/" + resourcePath; 

                HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri); 

                request.Method = "GET"; 

                request.ContentType = "application/json"; 

                request.ContentLength = resourcePath.Length; 

                request.Accept = "application/json;odata=nometadata"; 

                request.Headers.Add("x-ms-date", DateTime.UtcNow.ToString("R", System.Globalization.CultureInfo.InvariantCulture)); 

                request.Headers.Add("x-ms-version", "2015-12-11"); 

                request.Headers.Add("Accept-Charset", "UTF-8"); 

                request.Headers.Add("MaxDataServiceVersion", "3.0;NetFx"); 

                request.Headers.Add("DataServiceVersion", "1.0;NetFx"); 

                string stringToSign = request.Headers["x-ms-date"] + "\n"; 

                stringToSign += "/" + storageAccount + "/" + resourcePath; 

                HMACSHA256 hasher = new HMACSHA256(Convert.FromBase64String(accessKey)); 

                string sAuthTokn = "SharedKeyLite " + storageAccount + ":" + Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(stringToSign))); 

                request.Headers.Add("Authorization", sAuthTokn); 

                Console.WriteLine("Authorization Header :", request.Headers["Authorization"]); 

                Console.ReadLine(); 

            } 

            catch (Exception ex) 

            { 

                throw ex; 

            } 

        }        

    } 

} 

That's it. Now run the application , go to Debug menu and click on Start without Debugging , or press F5. This will open the console and display the following result.

output

I hope you have learn how to create authorization header for authenticating Azure storage services using c#.  Feel free to fill up the comment box below, if you need any assistance.