我尝试通过 Powershell 访问 DocumentDB 并将 C# 代码转换为 powershell,但我不断收到远程服务器返回错误:(401) 未经授权。
任何人都可以看到我的代码中的任何错误吗:
$Verb = 'get'
$resourceId = 'dbs/ToDoList'
$resourceType = 'dbs'
$Key = 'UVxrMX2hcmvc5bL6HTU3xZz9qt5KnCK587IDehOJjLki4xjPcTlAbyxZnyq12XqtynSZuyVJD8EDQhDrEIAYYg=='
$KeyType = 'master'
$tokenVersion = '1.0'
$UTCDate = $(Get-Date).ToUniversalTime().ToString('r',[System.Globalization.CultureInfo]::InvariantCulture)
$keyBytes = [System.Convert]::FromBase64String($Key)
$hmacSha256 = new-object -TypeName System.Security.Cryptography.HMACSHA256 -ArgumentList (,$keyBytes)
[string]$Payload = "{0}`n{1}`n{2}`n{3}`n{4}`n" -f $Verb.ToLowerInvariant(),$resourceType.ToLowerInvariant(),$resourceId.ToLowerInvariant(),$UTCDate.ToLowerInvariant(),''
$hashPayLoad = $hmacSha256.ComputeHash([Text.Encoding]::UTF8.GetBytes($PayLoad.ToLowerInvariant()))
$signature = [System.Convert]::ToBase64String($hashPayLoad)
[string]$authorizationFormat = 'type={0}&ver={1}&sig={2}' -f $keyType,$tokenVersion,$signature
$Token = [System.Web.HttpUtility]::UrlEncode($authorizationFormat)
$Date = $UTCDate
$header=@{
"authorization" = $Token
"x-ms-version" = "2015-12-16"
"x-ms-date" = $date
}
Invoke-RestMethod -Uri https://mycosmostest.documents.azure.com/dbs/ToDoList -Headers $header -Method get -ContentType "application/json"
错误:
Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
At C:\Users\axban\Documents\Scripts\Cosmostest.ps1:25 char:1
+ Invoke-RestMethod -Uri https://mycosmostest.documents.azure.com/dbs/T ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
变量看起来像这样:
$UTCDate
Wed, 06 Sep 2017 06:18:56 GMT
$hmacSha256
Key : {81, 92, 107, 49...}
HashName : SHA256
HashSize : 256
Hash : {209, 150, 153, 51...}
InputBlockSize : 1
OutputBlockSize : 1
CanTransformMultipleBlocks : True
CanReuseTransform : True
$Payload
get
dbs
dbs/todolist
wed, 06 sep 2017 06:18:56 gmt
$authorizationFormat
type=master&ver=1.0&sig=0ZaZM6KN54zH0PiEC8IwMqUeFnTODVSEJta+MvWG+aU=
$Token
type%3dmaster%26ver%3d1.0%26sig%3d0ZaZM6KN54zH0PiEC8IwMqUeFnTODVSEJta%2bMvWG%2baU%3d
今天又进步了一点。我可以通过相应地更改资源 ID 和 URI 来查询 CosmosDB 并获取数据库列表,如下所示:
$resourceId = ''
Invoke-RestMethod -Uri https://mycosmostest.documents.azure.com/dbs -Headers $header -Method get -ContentType "application/json"
我想这意味着访问令牌创建有效。
再仔细研究一下就可以清楚地看出,我可以使用 rod 而不是 id 来检索文档:
$ResourceId = 'UQJvAL+ePAA='
$ResourceType = 'docs'
$uri = 'https://axcosmostest.documents.azure.com/dbs/UQJvAA==/colls/UQJvAL+ePAA=/docs'
生成新日期和令牌后:
Invoke-RestMethod -Uri $uri -Headers $header -Method GET -ContentType "application/json"
并且有效!
但是如何使用更人性化的对象 ID 进行查询?
弄清楚了——大部分。请随意测试结果:https://github.com/Agazoth/AxCosmosDB
查询部分仍然有问题。请随时为解决方案做出贡献。