I want to connect to Azure Blob Storage

Certified Associate Developer

Hi ,

I am trying to connect to connect to Azure Blob Storage. I am canonicalizing the auth header but facing an issue somewhere that i cant identify. Can anyone please help on this? Here is the error message : 

  Discussion posts and replies are publicly visible

Parents Reply Children
  • 0
    Certified Associate Developer
    in reply to Stefan Helzle

    Hi Stefan, 

    I have a storage account for eg myaccount , a container mycontainer . 

    I am using the URL https://myaccount.blob.core.windows.net/mycontainer/ where Note.png is a blob i am trying to get.

    In the Headers I have 3 headers

    • Authorization with Value "Shared Key myaccount:<hmacSignature>" where hmac signature is canonicalized signature created by following steps in azure documentation. in this hmac signature i am paaing the blob name , processing date and httpVerb.
    • x-ms-date with Value hard coded date time every time i test or the now() function
    • x-ms-version with Value 2015-04-05

    and when i test this i come up with this error.

  • 0
    Certified Associate Developer
    in reply to Stefan Helzle

    Hi  I tried encrypting Authorization header > signature in C# , that signature works well in integration . But if I try similar code in Appian expression rule, Its giving that error. Can you help please? 

  • 0
    Certified Senior Developer
    in reply to Stefan Helzle

    C# code thats working -
    using System;
    using System.Text;
    using System.Security.Cryptography;

    public class HelloWorld
    {
    string signWithAccountKey(string stringToSign, string accountKey)
    {
    var hmacsha = new System.Security.Cryptography.HMACSHA256();
    hmacsha.Key = Convert.FromBase64String(accountKey);
    var signature = hmacsha.ComputeHash(Encoding.UTF8.GetBytes(stringToSign));
    return Convert.ToBase64String(signature);
    }
    public static void Main(string[] args)
    {
    HelloWorld h = new HelloWorld();
    Console.WriteLine (h.signWithAccountKey("GET\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:Thu, 22 Feb 2024 12:51:11 GMT\nx-ms-version:2015-04-05\n/myblobstorage/myContainer/Note.png","Access Key"));
    }
    }

    Appian alternate created for same but not generating same key as C# code

    a!localVariables(

    local!signatureString:"GET\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:Thu, 22 Feb 2024 12:51:11 GMT\nx-ms-version:2015-04-05\n/myblobstorage/myContainer/Note.png",
    local!base64Key: decodebase64string(cons!AS_SHARED_KEY2),
    local!unicodeSign:code(local!signatureString),
    local!hashKey: hmacsha256hash(local!base64Key,local!unicodeSign),
    local!base64EncodedSign:encodebase64string(local!hashKey),
    {
    touniformstring(local!base64EncodedSign)
    }
    )

  • 0
    Certified Lead Developer
    in reply to vibhabadjate

    The issue is, that keys exist in a few variants. As plain string, base64 encoded string, binary, base64 encoded binary and maybe more. The plugin in Appian can only work with specific key formats. I suggest to check the plugin source code to understand how this works. That is at least what helped me.