We Keep Coding

AWS Signature v4 key value store KVS in C#

I'm trying to integrate "Signing AWS Requests with Signature Version 4" in C#. Unfortunately, Amazon has not given much detail into implementation in C#. I've tried my luck in implementing. But its throwing this error Message
"The remote server returned an error: (403) Forbidden.
Note: I've got this working on Postman. But not able to make it work in C#.
Error receiving: Message = "The remote server returned an error: (403) Forbidden.
I've used this documentation for signing https://docs.amazonaws.cn/en_us/general/latest/gr/sigv4_signing.html
public WebRequest RequestPost(string canonicalUri, string canonicalQueriString, string jsonString)
{
string hashedRequestPayload = CreateRequestPayload(jsonString);
string authorization = Sign(hashedRequestPayload, "PUT", canonicalUri, canonicalQueriString);
string requestDate = DateTime.ParseExact(DateTime.UtcNow.ToString(), "YYYYMMDD'T'HHMMSS'Z'", CultureInfo.InvariantCulture).ToString();
WebRequest webRequest = WebRequest.Create(canonicalUri + canonicalQueriString);
webRequest.Method = "PUT";
webRequest.ContentType = ContentType;
webRequest.Headers.Add("X-Amz-date", requestDate);
webRequest.Headers.Add("Authorization", authorization);
webRequest.Headers.Add("x-amz-content-sha256", hashedRequestPayload);
webRequest.ContentLength = jsonString.Length;
ASCIIEncoding encoding = new ASCIIEncoding();
byte[] data = encoding.GetBytes(jsonString);
Stream newStream = webRequest.GetRequestStream();
newStream.Write(data, 0, data.Length);
using (WebResponse response = webRequest.GetResponse())
{
StreamReader responseReader = new StreamReader(response.GetResponseStream());
var responseJson = responseReader.ReadToEnd();
}
return webRequest;
}
const string RegionName = "eu-west-1"; //This is the regionName
const string ServiceName = "execute-api";
const string Algorithm = "AWS4-HMAC-SHA256";
const string ContentType = "application/json";
const string Host = "<hostname>";
const string SignedHeaders = "content-type;host;x-amz-content-sha256;x-amz-date";
private static string CreateRequestPayload(string jsonString)
{
//Here should be JSON object of the model we are sending with POST request
//var jsonToSerialize = new { Data = String.Empty };
//We parse empty string to the serializer if we are makeing GET request
//string requestPayload = new JavaScriptSerializer().Serialize(jsonToSerialize);
string hashedRequestPayload = HexEncode(Hash(ToBytes(jsonString)));
return hashedRequestPayload;
}
private static string Sign(string hashedRequestPayload, string requestMethod, string canonicalUri, string canonicalQueryString)
{
var currentDateTime = DateTime.UtcNow;
var accessKey = "";
var secretKey = "";
var dateStamp = currentDateTime.ToString("yyyyMMdd");
//var requestDate = currentDateTime.ToString("YYYYMMDD'T'HHMMSS'Z");
var requestDate = DateTime.ParseExact(currentDateTime.ToString(), "YYYYMMDD'T'HHMMSS'Z'", CultureInfo.InvariantCulture);
var credentialScope = string.Format("{0}/{1}/{2}/aws4_request", dateStamp, RegionName, ServiceName);
var headers = new SortedDictionary<string, string> {
{ "content-type", ContentType },
{ "host", Host },
{ "x-amz-date", requestDate.ToString() }
};
string canonicalHeaders = string.Join("\n", headers.Select(x => x.Key.ToLowerInvariant() + ":" + x.Value.Trim())) + "\n";
// Task 1: Create a Canonical Request For Signature Version 4
string canonicalRequest = requestMethod + "\n" + canonicalUri + "\n" + canonicalQueryString + "\n" + canonicalHeaders + "\n" + SignedHeaders + "\n" + hashedRequestPayload;
string hashedCanonicalRequest = HexEncode(Hash(ToBytes(canonicalRequest)));
// Task 2: Create a String to Sign for Signature Version 4
string stringToSign = Algorithm + "\n" + requestDate + "\n" + credentialScope + "\n" + hashedCanonicalRequest;
// Task 3: Calculate the AWS Signature Version 4
byte[] signingKey = GetSignatureKey(secretKey, dateStamp, RegionName, ServiceName);
string signature = HexEncode(HmacSha256(stringToSign, signingKey));
// Task 4: Prepare a signed request
// Authorization: algorithm Credential=access key ID/credential scope, SignedHeadaers=SignedHeaders, Signature=signature
string authorization = string.Format("{0} Credential={1}/{2}/{3}/{4}/aws4_request, SignedHeaders={5}, Signature={6}",
Algorithm, accessKey, dateStamp, RegionName, ServiceName, SignedHeaders, signature);
return authorization;
}
private static byte[] GetSignatureKey(string key, string dateStamp, string regionName, string serviceName)
{
byte[] kDate = HmacSha256(dateStamp, ToBytes("AWS4" + key));
byte[] kRegion = HmacSha256(regionName, kDate);
byte[] kService = HmacSha256(serviceName, kRegion);
return HmacSha256("aws4_request", kService);
}
private static byte[] ToBytes(string str)
{
return Encoding.UTF8.GetBytes(str.ToCharArray());
}
private static string HexEncode(byte[] bytes)
{
return BitConverter.ToString(bytes).Replace("-", string.Empty).ToLowerInvariant();
}
private static byte[] Hash(byte[] bytes)
{
return SHA256.Create().ComputeHash(bytes);
}
private static byte[] HmacSha256(string data, byte[] key)
{
return new HMACSHA256(key).ComputeHash(ToBytes(data));
}

I had the same problem , the solution is using RestClient rather than HttpClient or WebRequest .

Would you be willing to use the HttpClient instead of WebRequest? In that case I have created a NuGet package called AwsSignatureVersion4 which has been verified to work with the AWS API Gateway.

AWS API Gateway Signature

I am trying to sign my requests to the amazon gateway. But every time when I try to send a POST request it tells me that my signature has been expired. Any ideas will be appreciated.

You have some problem with getting the time or something like that. I had the problem with the payload. So if you are making GET request your payload is an EMPTY STRING. Otherwise it should be hashed Json object. Here is example of how I do it in my application. The code can be raw, but I am 100000% it work, because I am using it every day.
const string RegionName = "eu-west-1"; //This is the regionName
const string ServiceName = "apigateway";
const string Algorithm = "AWS4-HMAC-SHA256";
const string ContentType = "application/json";
const string Host = "apigateway.eu-west-1.amazonaws.com";
const string SignedHeaders = "content-type;host;x-amz-date";
public static WebRequest RequestGet(string canonicalUri, string canonicalQueriString, string jsonString) {
string hashedRequestPayload = CreateRequestPayload("");
string authorization = Sign(hashedRequestPayload, "GET", canonicalUri, canonicalQueriString);
string requestDate = DateTime.UtcNow.ToString("yyyyMMddTHHmmss") + "Z";
WebRequest webRequest = WebRequest.Create("https://" + Host + canonicalUri);
webRequest.Method = "GET";
webRequest.ContentType = ContentType;
webRequest.Headers.Add("X-Amz-date", requestDate);
webRequest.Headers.Add("Authorization", authorization);
webRequest.Headers.Add("x-amz-content-sha256", hashedRequestPayload);
return webRequest;
}
public static WebRequest RequestPost(string canonicalUri, string canonicalQueriString, string jsonString)
{
string hashedRequestPayload = CreateRequestPayload(jsonString);
string authorization = Sign(hashedRequestPayload, "POST", canonicalUri, canonicalQueriString);
string requestDate = DateTime.UtcNow.ToString("yyyyMMddTHHmmss") + "Z";
WebRequest webRequest = WebRequest.Create("https://" + Host + canonicalUri);
webRequest.Timeout = 20000;
webRequest.Method = "POST";
webRequest.ContentType = ContentType;
webRequest.Headers.Add("X-Amz-date", requestDate);
webRequest.Headers.Add("Authorization", authorization);
webRequest.Headers.Add("x-amz-content-sha256", hashedRequestPayload);
webRequest.ContentLength = jsonString.Length;
ASCIIEncoding encoding = new ASCIIEncoding();
byte[] data = encoding.GetBytes(jsonString);
Stream newStream = webRequest.GetRequestStream();
newStream.Write(data, 0, data.Length);
return webRequest;
}
private static string CreateRequestPayload(string jsonString) {
//Here should be JSON object of the model we are sending with POST request
//var jsonToSerialize = new { Data = String.Empty };
//We parse empty string to the serializer if we are makeing GET request
//string requestPayload = new JavaScriptSerializer().Serialize(jsonToSerialize);
string hashedRequestPayload = HexEncode(Hash(ToBytes(jsonString)));
return hashedRequestPayload;
}
private static string Sign(string hashedRequestPayload, string requestMethod, string canonicalUri, string canonicalQueryString) {
var currentDateTime = DateTime.UtcNow;
var accessKey = //Here place your app ACCESS_KEY
var secretKey = //Here is a place for you app SECRET_KEY
var dateStamp = currentDateTime.ToString("yyyyMMdd");
var requestDate = currentDateTime.ToString("yyyyMMddTHHmmss") + "Z";
var credentialScope = string.Format("{0}/{1}/{2}/aws4_request", dateStamp, RegionName, ServiceName);
var headers = new SortedDictionary < string, string > {
{ "content-type", ContentType },
{ "host", Host },
{ "x-amz-date", requestDate }
};
string canonicalHeaders = string.Join("\n", headers.Select(x => x.Key.ToLowerInvariant() + ":" + x.Value.Trim())) + "\n";
// Task 1: Create a Canonical Request For Signature Version 4
string canonicalRequest = requestMethod + "\n" + canonicalUri + "\n" + canonicalQueryString + "\n" + canonicalHeaders + "\n" + SignedHeaders + "\n" + hashedRequestPayload;
string hashedCanonicalRequest = HexEncode(Hash(ToBytes(canonicalRequest)));
// Task 2: Create a String to Sign for Signature Version 4
string stringToSign = Algorithm + "\n" + requestDate + "\n" + credentialScope + "\n" + hashedCanonicalRequest;
// Task 3: Calculate the AWS Signature Version 4
byte[] signingKey = GetSignatureKey(secretKey, dateStamp, RegionName, ServiceName);
string signature = HexEncode(HmacSha256(stringToSign, signingKey));
// Task 4: Prepare a signed request
// Authorization: algorithm Credential=access key ID/credential scope, SignedHeadaers=SignedHeaders, Signature=signature
string authorization = string.Format("{0} Credential={1}/{2}/{3}/{4}/aws4_request, SignedHeaders={5}, Signature={6}",
Algorithm, accessKey, dateStamp, RegionName, ServiceName, SignedHeaders, signature);
return authorization;
}
private static byte[] GetSignatureKey(string key, string dateStamp, string regionName, string serviceName) {
byte[] kDate = HmacSha256(dateStamp, ToBytes("AWS4" + key));
byte[] kRegion = HmacSha256(regionName, kDate);
byte[] kService = HmacSha256(serviceName, kRegion);
return HmacSha256("aws4_request", kService);
}
private static byte[] ToBytes(string str) {
return Encoding.UTF8.GetBytes(str.ToCharArray());
}
private static string HexEncode(byte[] bytes) {
return BitConverter.ToString(bytes).Replace("-", string.Empty).ToLowerInvariant();
}
private static byte[] Hash(byte[] bytes) {
return SHA256.Create().ComputeHash(bytes);
}
private static byte[] HmacSha256(string data, byte[] key) {
return new HMACSHA256(key).ComputeHash(ToBytes(data));
}
So for example if I want to get all the APIs that are deployed in the Gateway I am doing like this:
using(WebResponse response = webRequest.GetResponse()) {
StreamReader responseReader = new StreamReader(response.GetResponseStream());
string responseJson = responseReader.ReadToEnd();
} catch (WebException) {
//Doing something when exception has been thrown
}
Here is the interesting part of creating a API Key. First you need to make your raw payload and then pass it to the methods I gave you above:
string payload = "{ \"name\" : \"" + name + "\", \"description\" : \"" + description.Trim() + "\", \"enabled\" : \"True\", \"stageKeys\" : [ ] }";
WebRequest webRequest = RequestSignerAWS.RequestPost("/apikeys", "", payload);
And make sure you are getting the time of the creating the request, because this will cause you the problem you are having.

You can look or use the code in this project for sending requests to API gateway:
https://github.com/ronenfe/Addons.AwsSdk
It uses this code for the signing:
https://github.com/tsibelman/aws-signer-v4-dot-net .

How do I call Amazon's Book API in C#?

I am trying to query Amazon's Web Service (AWS) Books API in C#. I read the related posts on Stackoverflow with no luck. I still get the error: "The remote server returned an error: (403) Forbidden". I encoded all +'s and ='s. What am I doing wrong here please?
public const string ACCESSKEY = "xxxxx"; // Replace with Actual Access Key
public const string SECRETKEY = "zzzzz"; // Replace with Actual Secret Key
public void ProcessRequest(HttpContext context)
{
string ts = DateTime.UtcNow.ToString("s");
string url = "http://webservices.amazon.com/onca/xml?";
string req = "AWSAccessKeyId=" + ACCESSKEY + "&Condition=All&IdType=ASIN&ItemId=B00008OE6I&Operation=ItemLookup&ResponseGroup=OfferFull&Service=AWSECommerceService";
req = req + "&Timestamp=" + URLEncode(ts + "Z").ToUpper();
string s = "GET\nwebservices.amazon.com\n/onca/xml\n" + req;
Util.Write(s);
Util.Write("");
string hash = HashString(s);
req = req + "&Signature=" + hash;
url = url + req;
Util.Write(url);
Util.Write("");
string blob = XGetBlobAtURL(url);
Util.Write(blob);
}
private string URLEncode(string s)
{
return(HttpContext.Current.Server.UrlEncode(s));
}
private string XGetBlobAtURL(string url, string useragent = "")
{
string blob = "";
try
{
WebClient wc = new WebClient();
if (!Util.IsEmpty(useragent)) { wc.Headers["User-Agent"] = useragent; }
blob = wc.DownloadString(url);
wc.Dispose();
}
catch(Exception e)
{
Util.Write(e.ToString());
}
return (blob);
}
private string HashString(string s)
{
System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
byte[] keyByte = encoding.GetBytes(URLEncode(SECRETKEY));
HMACSHA256 hmasha256 = new HMACSHA256(keyByte);
byte[] messageBytes = encoding.GetBytes(s);
byte[] hashmessage = hmasha256.ComputeHash(messageBytes);
string s2 = ByteToString(hashmessage);
return (URLEncode(s2));
}
private string ByteToString(byte[] buff)
{
string sbinary = "";
for (int i = 0; i < buff.Length; i++)
{
sbinary += buff[i].ToString("X2"); // hex format
}
return (sbinary);
}

Solution by OP.
I figured out what I was doing wrong. I had to: Base64 encode the HMASHA256 hash, add missing fields on the query string to Amazon's Book API, and uppercase the URLEncoded %XX without uppercasing the rest of the string. The code posted below now works and matches Amazon's documentation at: http://docs.aws.amazon.com/AWSECommerceService/latest/DG/rest-signature.html
public const string ACCESSKEY = "xxxxx";
public const string SECRETKEY = "zzzzz";
public const string TAG = "ccccc";
private XmlDocument XML;
public void ProcessRequest(HttpContext context)
{
string ts = DateTime.UtcNow.ToString("s");
string url = "http://webservices.amazon.com/onca/xml?";
string req = "AWSAccessKeyId=" + ACCESSKEY + "&AssociateTag=" + TAG;
// Search by ISBN:
req = req + "&Condition=All&IdType=ISBN&ItemId=0596004923&Operation=ItemLookup&ResponseGroup=Small&SearchIndex=Books&Service=AWSECommerceService";
string tsq = "&Timestamp=" + URLEncode(ts + "Z").ToUpper();
string s = "GET\nwebservices.amazon.com\n/onca/xml\n" + req + tsq;
string hash = HashString(s);
req = req + tsq + "&Signature=" + hash;
url = url + req;
ReadXML(url);
WriteXML();
}
private void ReadXML(string url)
{
XML = new XmlDocument();
XML.Load(url);
}
private void WriteXML()
{
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.ContentType = "text/xml";
HttpContext.Current.Response.CacheControl = "no-cache";
HttpContext.Current.Response.Write(XML.OuterXml);
HttpContext.Current.Response.End();
}
private string UCaseUrlEncode(string s)
{
char[] x = HttpUtility.UrlEncode(s).ToCharArray();
for (int i = 0; i < x.Length - 2; i++)
{
if (x[i] == '%')
{
x[i+1] = char.ToUpper(x[i+1]);
x[i+2] = char.ToUpper(x[i+2]);
}
}
return new string(x);
}
private string URLEncode(string s)
{
return(HttpContext.Current.Server.UrlEncode(s));
}
private string URLDecode(string s)
{
return (HttpContext.Current.Server.UrlDecode(s));
}
private string HashString(string s)
{
System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
byte[] keyByte = encoding.GetBytes(SECRETKEY);
byte[] messageBytes = encoding.GetBytes(s);
HMACSHA256 hmasha256 = new HMACSHA256(keyByte);
byte[] hashmessage = hmasha256.ComputeHash(messageBytes);
return (UCaseUrlEncode(Convert.ToBase64String(hashmessage)));
}
private string ByteToString(byte[] buff)
{
string sbinary = "";
for (int i = 0; i < buff.Length; i++)
{
sbinary += buff[i].ToString("X2"); // hex format
}
return (sbinary);
}

Ivona Request Signing Issue - signature does not match (AWS Signature Version 4)

I am trying to implement Ivona request signing based on this documnent
Everything works good and all the results match to the example value, except Signature result. So my result for the signature is cf1141e33a8fbba23913f8f36f29faa524a57db37690a1b819f43bbeaabf3b76 but in the document it is equal to 2cdfef28d5c5f6682280600a6141a8940c608cfefacb47f172329cbadb5864cc
Is it my mistake or a mistake in the Ivona document?
Below is the C# code I am using:
class Program
{
static void Main()
{
try
{
Console.WriteLine(SendIvonaRequest());
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
private static string SendIvonaRequest()
{
var date = new DateTime(2013, 09, 13, 09, 20, 54, DateTimeKind.Utc);
const string algorithm = "AWS4-HMAC-SHA256";
const string regionName = "eu-west-1";
const string serviceName = "tts";
const string method = "POST";
const string canonicalUri = "/CreateSpeech";
const string canonicalQueryString = "";
const string contentType = "application/json";
const string accessKey = "MyAccessKey";
const string secretKey = "MySecretKey";
const string host = serviceName + "." + regionName + ".ivonacloud.com";
const string requestPayload = "{\"Input\":{\"Data\":\"Hello world\"}}";
var hashedRequestPayload = HexEncode(Hash(ToBytes(requestPayload)));
Debug.Assert(hashedRequestPayload.Equals("f43e25253839f2c3feae433c5e477d79f7dfafdc0e4af19a952adb44a60265ba"));
var dateStamp = date.ToString("yyyyMMdd");
var requestDate = date.ToString("yyyyMMddTHHmmss") + "Z";
var credentialScope = string.Format("{0}/{1}/{2}/aws4_request", dateStamp, regionName, serviceName);
var headers = new SortedDictionary<string, string>
{
{"content-type", "application/json"},
{"host", "tts.eu-west-1.ivonacloud.com"},
{"x-amz-content-sha256", hashedRequestPayload},
{"x-amz-date", requestDate}
};
string canonicalHeaders =
string.Join("\n", headers.Select(x => x.Key.ToLowerInvariant() + ":" + x.Value.Trim())) + "\n";
const string signedHeaders = "content-type;host;x-amz-content-sha256;x-amz-date";
// Task 1: Create a Canonical Request For Signature Version 4
var canonicalRequest = method + '\n' + canonicalUri + '\n' + canonicalQueryString +
'\n' + canonicalHeaders + '\n' + signedHeaders + '\n' + hashedRequestPayload;
var hashedCanonicalRequest = HexEncode(Hash(ToBytes(canonicalRequest)));
Debug.Assert(hashedCanonicalRequest.Equals("73ff17c0bf9da707afb02bbceb77d359ab945a460b5ac9fff7a0a61cfaab95e6"));
// Task 2: Create a String to Sign for Signature Version 4
// StringToSign = Algorithm + '\n' + RequestDate + '\n' + CredentialScope + '\n' + HashedCanonicalRequest
var stringToSign = string.Format("{0}\n{1}\n{2}\n{3}", algorithm, requestDate, credentialScope,
hashedCanonicalRequest);
Debug.Assert(stringToSign.Equals("AWS4-HMAC-SHA256" + "\n" +
"20130913T092054Z" + "\n" +
"20130913/eu-west-1/tts/aws4_request" + "\n" +
"73ff17c0bf9da707afb02bbceb77d359ab945a460b5ac9fff7a0a61cfaab95e6"));
// Task 3: Calculate the AWS Signature Version 4
// HMAC(HMAC(HMAC(HMAC("AWS4" + kSecret,"20130913"),"eu-west-1"),"tts"),"aws4_request")
byte[] signingKey = GetSignatureKey(secretKey, dateStamp, regionName, serviceName);
// signature = HexEncode(HMAC(derived-signing-key, string-to-sign))
var signature = HexEncode(HmacSha256(stringToSign, signingKey));
Debug.Assert(signature.Equals("2cdfef28d5c5f6682280600a6141a8940c608cfefacb47f172329cbadb5864cc"));
// Task 4: Prepare a signed request
// Authorization: algorithm Credential=access key ID/credential scope, SignedHeadaers=SignedHeaders, Signature=signature
var authorization =
string.Format("{0} Credential={1}/{2}/{3}/{4}/aws4_request, SignedHeaders={5}, Signature={6}",
algorithm, accessKey, dateStamp, regionName, serviceName, signedHeaders, signature);
// Send the request
var webRequest = WebRequest.Create("https://" + host + canonicalUri);
webRequest.Method = method;
webRequest.Timeout = 2000;
webRequest.ContentType = contentType;
webRequest.Headers.Add("X-Amz-date", requestDate);
webRequest.Headers.Add("Authorization", authorization);
webRequest.Headers.Add("x-amz-content-sha256", hashedRequestPayload);
webRequest.ContentLength = requestPayload.Length;
using (Stream newStream = webRequest.GetRequestStream())
{
newStream.Write(ToBytes(requestPayload), 0, requestPayload.Length);
}
var response = (HttpWebResponse) webRequest.GetResponse();
using (Stream responseStream = response.GetResponseStream())
{
if (responseStream != null)
{
using (var streamReader = new StreamReader(responseStream))
{
return streamReader.ReadToEnd();
}
}
}
return string.Empty;
}
private static byte[] GetSignatureKey(String key, String dateStamp, String regionName, String serviceName)
{
byte[] kDate = HmacSha256(dateStamp, ToBytes("AWS4" + key));
byte[] kRegion = HmacSha256(regionName, kDate);
byte[] kService = HmacSha256(serviceName, kRegion);
return HmacSha256("aws4_request", kService);
}
private static byte[] ToBytes(string str)
{
return Encoding.UTF8.GetBytes(str.ToCharArray());
}
private static string HexEncode(byte[] bytes)
{
return BitConverter.ToString(bytes).Replace("-", string.Empty).ToLowerInvariant();
}
private static byte[] Hash(byte[] bytes)
{
var sha256 = SHA256.Create();
return sha256.ComputeHash(bytes);
}
private static byte[] HmacSha256(String data, byte[] key)
{
return new HMACSHA256(key).ComputeHash(ToBytes(data));
}
}
UPD1:
I have also tried the examples from http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html and noticed that my code generate the same signature as in those examples. So I am assuming that there is an issue in Ivona document...
UPD2:
Everything works fine! I have implemented CreateSpeech method according to the description and uploaded a full example of the usage to GitHub
https://github.com/MalyutinS/DotNetIvonaAPI

Solved! Actually there is an issue in documentation example. So the code works fine.

It's a bit old now, but it may be relevant to others using this code;
The code works fine as long as you only stick to ASCII-characters. For languages other than english, you must first convert the string to a UTF-8 byte array. That array may be longer than the number of characters in the string, consequently the length of the byte array sent through the WebRequest must reflect the length of the array itself, and not the character count.
Really a classic, but relevant to point out anyway..
This error results in the signature not being correct, hence an authentication error. The reason may not be obvious to everyone.
So the existing code;
webRequest.Method = method;
webRequest.Timeout = 2000;
webRequest.ContentType = contentType;
webRequest.Headers.Add("X-Amz-date", requestDate);
webRequest.Headers.Add("Authorization", authorization);
webRequest.Headers.Add("x-amz-content-sha256", hashedRequestPayload);
webRequest.ContentLength = requestPayload.Length;
using (Stream newStream = webRequest.GetRequestStream())
{
newStream.Write(ToBytes(requestPayload), 0, requestPayload.Length);
}
Becomes:
var bytes = ToBytes(requestPayload);
webRequest.Method = method;
webRequest.Timeout = 2000;
webRequest.ContentType = contentType;
webRequest.Headers.Add("X-Amz-date", requestDate);
webRequest.Headers.Add("Authorization", authorization);
webRequest.Headers.Add("x-amz-content-sha256", hashedRequestPayload);
webRequest.ContentLength = bytes.Length;
using (Stream newStream = webRequest.GetRequestStream())
{
newStream.Write(bytes, 0, bytes.Length);
newStream.Flush();
}
Also; for a more proper and reusable way of doing AWS-4 signatures, see Amazons own: http://aws.amazon.com/code

Accessing azure tables entities

Hi all i want to access azure tables entities from windows phone either using rest API or using Odata.
I have written a code but that this giving me NULL response. Every time i want to access a table entity i call GetEntity function. Below is the code that i am using.
Please if anybody know what wrong in this code or any help reply asap.
//////////// GetEntity Function.//////////
private void GetEntity(String tableName, String partitionKey, String rowKey)
{
String requestMethod = "GET";
String urlPath = String.Format("{0}(PartitionKey='{1}',RowKey='{2}')", tableName, partitionKey, rowKey);
String dateInRfc1123Format = DateTime.Now.ToString("R", System.Globalization.CultureInfo.InvariantCulture);
String canonicalizedResource = String.Format("/{0}/{1}", AzureStorageConstants.Account, urlPath);
String stringToSign = String.Format(
"{0}\n\n\n{1}\n{2}",
requestMethod,
dateInRfc1123Format,
canonicalizedResource);
String authorizationHeader = CreateAuthorizationHeader(stringToSign);
HttpWebResponse response;
Uri uri = new Uri(AzureStorageConstants.TableEndPoint + urlPath);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request = (HttpWebRequest)WebRequest.Create(uri);
request.Method = requestMethod;
request.Headers[HttpRequestHeader.ProxyAuthorization] = null;
request.Headers["Address"] = uri.ToString();
request.Headers["Method"] = requestMethod;
request.Headers["x-ms-date"]= DateTime.Now.ToString("R", System.Globalization.CultureInfo.InvariantCulture);
request.Headers["x-ms-version"]= "2011-08-18";
request.Headers["Authorization"] = authorizationHeader;
request.Headers["Accept-Charset"] = "UTF-8";
request.Headers["ContentType"] = "application/atom+xml,application/xml";
request.ContentType = "application/atom+xml,application/xml";
request.Headers["DataServiceVersion"] = "1.0;NetFx";
request.Headers["MaxDataServiceVersion"] = "1.0;NetFx";
using (response = GetResponse(request))
{
Stream dataStream = response.GetResponseStream();
using (StreamReader reader = new StreamReader(dataStream))
{
String responseFromServer = reader.ReadToEnd();
}
}
}
// GetResponse Function.
public HttpWebResponse GetResponse(HttpWebRequest request)
{
var dataReady = new AutoResetEvent(false);
HttpWebResponse response = null;
var callback = new AsyncCallback(delegate(IAsyncResult asynchronousResult)
{
response = (HttpWebResponse)request.EndGetResponse(asynchronousResult);
dataReady.Set();
});
request.BeginGetResponse(callback, request);
return response;
}
////// CreateAuthorization Function.///
private String CreateAuthorizationHeader(String canonicalizedString)
{
String signature = string.Empty;
using (HMACSHA256 hmacSha256 = new HMACSHA256(Convert.FromBase64String(AzureStorageConstants.Key)))
{
Byte[] dataToHmac = System.Text.Encoding.UTF8.GetBytes(canonicalizedString);
signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac));
}
String authorizationHeader = String.Format(
CultureInfo.InvariantCulture,
"{0} {1}:{2}",
AzureStorageConstants.SharedKeyAuthorizationScheme,
AzureStorageConstants.Account,
signature);
return authorizationHeader;
}
////////AzureStorageConstants.
public static class AzureStorageConstants
{
private static String TableAccount = "datablobs";
private static String cloudEndPointFormat = "http://" + TableAccount + ".table.core.windows.net/";
private static String cloudKey = "Primary Access Key";// Here actual key is written.
private static string AzureStorage_SharedKeyAuthorizationScheme = "SharedKey";
public static String Account
{
get { return TableAccount; }
}
public static string SharedKeyAuthorizationScheme
{
get { return AzureStorage_SharedKeyAuthorizationScheme; }
}
public static string Key
{
get { return cloudKey; }
}
public static String TableEndPoint
{
get { return cloudEndPointFormat; }
}
}

for solution refer to below linked i have posted the solution there http://social.msdn.microsoft.com/Forums/en-US/windowsazureconnectivity/thread/84415c36-9475-4af0-9f52-c534f5681432

I checked you code and found the GetEntity() function does have some problem with regard to creating signature to access the Windows Azure Table Storage, so I hack together the following code which does work. You can just replace your GetEntity() and add two other function included in the code below to work signature process properly.
private string GetEntity(String tableName, String partitionKey, String rowKey)
{
string result = "";
String requestMethod = "GET";
String urlPath = String.Format("{0}(PartitionKey='{1}',RowKey='{2}')",tableName, partitionKey, rowKey);
DateTime now = DateTime.UtcNow;
HttpWebResponse response;
string uri = AzureStorageConstants.TableEndPoint + urlPath;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Method = requestMethod;
request.ContentLength = 0;
request.Headers.Add("x-ms-date", now.ToString("R", System.Globalization.CultureInfo.InvariantCulture));
request.Headers.Add("x-ms-version", "2009-09-19");
request.ContentType = "application/atom+xml";
request.Headers.Add("DataServiceVersion", "1.0;NetFx");
request.Headers.Add("MaxDataServiceVersion", "1.0;NetFx");
request.Headers.Add("If-Match", "*");
request.Headers.Add("Accept-Charset", "UTF-8");
request.Headers.Add("Authorization", AuthorizationHeader(requestMethod, now, request));
request.Accept = "application/atom+xml";
using (response = request.GetResponse() as HttpWebResponse)
{
Stream dataStream = response.GetResponseStream();
using (StreamReader reader = new StreamReader(dataStream))
{
result = reader.ReadToEnd();
}
}
return result;
}
public string AuthorizationHeader(string method, DateTime now, HttpWebRequest request)
{
string MessageSignature;
MessageSignature = String.Format("{0}\n\n{1}\n{2}\n{3}",
method,
"application/atom+xml",
now.ToString("R", System.Globalization.CultureInfo.InvariantCulture),
GetCanonicalizedResource(request.RequestUri, AzureStorageConstants.Account)
);
byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(MessageSignature);
System.Security.Cryptography.HMACSHA256 SHA256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(AzureStorageConstants.Key));
String AuthorizationHeader = "SharedKey " + AzureStorageConstants.Account + ":" + Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));
return AuthorizationHeader;
}
public string GetCanonicalizedResource(Uri address, string accountName)
{
StringBuilder str = new StringBuilder();
StringBuilder builder = new StringBuilder("/");
builder.Append(accountName);
builder.Append(address.AbsolutePath);
str.Append(builder.ToString());
NameValueCollection values2 = new NameValueCollection();
NameValueCollection values = HttpUtility.ParseQueryString(address.Query);
foreach (string str2 in values.Keys)
{
ArrayList list = new ArrayList(values.GetValues(str2));
list.Sort();
StringBuilder builder2 = new StringBuilder();
foreach (object obj2 in list)
{
if (builder2.Length > 0)
{
builder2.Append(",");
}
builder2.Append(obj2.ToString());
}
values2.Add((str2 == null) ? str2 : str2.ToLowerInvariant(), builder2.ToString());
}
ArrayList list2 = new ArrayList(values2.AllKeys);
list2.Sort();
foreach (string str3 in list2)
{
StringBuilder builder3 = new StringBuilder(string.Empty);
builder3.Append(str3);
builder3.Append(":");
builder3.Append(values2[str3]);
str.Append("\n");
str.Append(builder3.ToString());
}
return str.ToString();
}
To fix your Signature related problem, I took the code from Storage_REST_CS sample which has superb implementation of accessing Windows Azure (Blob, Table & Queue) Storage over REST interface.