Unable to access Azure container through browser - azure

This is the error showing in browser when I hit the url of container:
This XML file does not appear to have any style information associated with it. The document tree is shown below.
ResourceNotFound
The specified resource does not exist. RequestId:3fc3c275-301e-000f-3193-f99692000000 Time:2022-11-16T08:13:12.8837824Z
But I am able to access the blob when I hit the URL of blob.

I tried to reproduce the Same in my environment in got the same error as below:
To resolve this issue, try to give access in container url with SAS token like below:
And generate a SAS token and include it in below Url:
https://<storage-account-name>.blob.core.windows.net/<containername>?restype=container&comp=list&<sas-token>
When I ran the same, I got the result successfully like below:

Right click to your container folder and then select change access level and you are done!

Related

Error code: AADB2C90261 - Azure B2C/Captcha related Error on Sign Up

I am trying to sign up the users using Azure B2C(by doing this I am using MSAL with Angular),
by mail confirmation, captcha v2(google) and MFA.
For the first attempt I used just a normal sign up with the email and afterwards with MFA and had no issues creating the users.
Than I added captcha and in my sign-up, meaning that I needed to use a custom page.
To add captcha feature I used the following process from this link Link - Create Captcha with Azure B2C (regarding one step that is described in the article, the azure function was created in the portal, because locally I had some issues)
In my sign up page where you add the email address and all the claims of the user, after adding all the claims and checked the captcha feature, than press for create, appears the following message:
errorCode: "AADB2C90261" message: "The claims exchange
'PreUserWriteRestful' specified in step '1' returned HTTP error
response that could not be parsed." status: "400"
AADB2C90261 -Taken from Microsoft page - Error Code - The claims exchange '{0}' specified in step '{1}' returned HTTP error response that could not be parsed.
Also the MFA feature doesn't appear. What can be ? that I missed to do ? Or what it represents ?
Tested without MFA and the same issue persists
Did anybody that is using Azure B2C added captcha ?
Thank you.
I tried to reproduce the same in my environment and got below results:
Initially I deployed Azure Function via Portal and left index.js file as default like below:
I configured one API connector named Verify Captcha by adding above function URL in endpoint like below:
Now I added this API connector to my user flow like below:
When I ran the user flow by entering required details in Sign up page and checked the captcha feature, I got the same error as below:
To resolve the error, I tried deploying 2 Http Trigger Functions locally:
HttpTrigger1 - modified index.js file with this GitHub code
and installed required modules like below:
HttpTrigger2 - left index.js file with default code like below:
By updating properties in local.settings.json file, I deployed these functions to Azure:
{
"IsEncrypted": false,
"Values": {
"AzureWebJobsStorage": "",
"FUNCTIONS_WORKER_RUNTIME": "node",
"BASIC_AUTH_USERNAME": "xxxxx",
"BASIC_AUTH_PASSWORD": "xxxxx",
"CAPTCHA_SECRET_KEY": "6LfoQ9oxxxxx21BEE23-kPQkv6QIQt8",
"B2C_EXTENSIONS_APP_ID": "dcxxx0b0-d5xf-42x-b1a4-97xxx689x1"
}
}
Response:
When I checked in Azure Portal, functions are updated successfully like below:
I configured another API connector named Verify Captcha server side by adding above function URL in endpoint like below:
Now I updated API connector with above in my user flow like below:
I ran the user flow by entering required details in Sign up page and checked the captcha feature like below:
When I selected Create account, I got response like below:
It may take some time to complete the captcha like below:
When I tried the same with default index.js like HttpTrigger2, I'm getting same error as you. So, make sure to replace code in your index.js file with this GitHub code.
You can try the same in your environment locally to resolve the issue.

Download a file from sas token

I have created a storage_account with a container named data.
In that container I have a single .zip file.
I'm generating an Account Key SAS Token with Read permission directly on the data container :
The Blob SAS URL looks like this :
https://<STORAGE_ACCOUNT>.blob.core.windows.net/data?sp=r&st=2022-06-06T15:23:31Z&se=2022-06-06T23:23:31Z&spr=https&sv=2020-08-04&sr=c&sig=<SIGNATURE>
How am I supposed to download my zip file from that URI?
I'm always running into some Authorization error whereas I though having the link was enough and unfortunately documentation didn't help me to figure out what's wrong.
I would like to download the file from a HTTP call, not using az copy or powershell.
from your description and the URL you provided, I guess the issue is that you didn't reference the name of the zip file in the URL
so instead of
https://<STORAGE_ACCOUNT>.blob.core.windows.net/data?sp=r&st=2022-06-06T15:23:31Z&se=2022-06-06T23:23:31Z&spr=https&sv=2020-08-04&sr=c&sig=<SIGNATURE>
try
https://<STORAGE_ACCOUNT>.blob.core.windows.net/data/zipName?sp=r&st=2022-06-06T15:23:31Z&se=2022-06-06T23:23:31Z&spr=https&sv=2020-08-04&sr=c&sig=<SIGNATURE>

Azcopy 409 Public access is not permitted on this storage account

I try to copy file from Linux virtual machine on Azure (in a virtual network) to an account storage.
With Azcopy login It's working but I want to make it with SAS token.
I add my virtual network in "Networking".
image
And I generate a SAS key in "Shared acces signature"
image
On my linux virtual machine I have 10.0.3.4 ip adress.
image
I run this command sudo azcopy cp ./myFile https://backupscanqa.blob.core.windows.net/backup/?[mySASKey]
image
In my log I have this:
image
I dont know where is the problem because when I try the same thing with oAuth2 connexion with azcopy login it's working.
Thanks for your help !
Edit:
I try to generate a SAS key in my container with all grants:
When I use it it's the same error:
My sas key tranfom to sp=racwdli
From the logs I could see the SAS token you are using is incorrect. In your image its only sp=r in SAS token , whereas it should be something like this in the image if you are generating the SAS token as you have mentioned.
I tested the same in my environment , added firewall in Storage account like :
Using the generated SAS token as you have mentioned , the operation get successful using the below command :
./azcopy copy "/home/ansuman/azcopy_linux_amd64_10.13.0/NOTICE.txt" "https://testansumansa123.blob.core.windows.net/backup?sv=2020-08-04&ss=bfqt&srt=sco&sp=rwdlacupitfx&se=2022-01-27T15:18:31Z&st=2022-01-27T07:18:31Z&spr=https&sig=XXXXXX"
Which is in format of
./azcopy copy "SourcePath" "storageaccounturl/container<SASToken>"
As you can see if SAS is generated by the method in your image then it will have permissions as sp=rwdlacupitfx which is all permissions in the Storage account.
To resolve the issue , Please check the SAS token you are using .
If you are generating from Storage account like you have shown in image then you can use the SAS token by appending it behind your storage account url/container.
If you are generating the SAS token from inside the container , Please make sure to have selected the necessary permissions from the drop down as shown below and then you can use the Blob SAS URl :
#AnsumanBal-MT put me on the right track.
As he very well noticed in the logs, my SAS key does not appear.
However, I did copy my key.
So I understood that from the '&' in the URL the characters were not taken into account.
After adding '' before each & the command worked correctly!
Thanks you #AnsumanBal-MT!

Upload file to SharePoint through rest API Postman

Using Postman
Url:https://test.sharepoint.com/sites/testIntranet/_api/web/GetFolderByServerRelativeurl('testIntranet/BMT')/Files/add(url='114934-image.png',overwrite=true)
error: Access denied
when using this url without /web : https://test.sharepoint.com/sites/testIntranet/_api/GetFolderByServerRelativeurl('testIntranet/BMT')/Files/add(url='114934-image.png',overwrite=true)
error:Cannot find resource for the request GetFolderByServerRelativeurl
Note: Access token is correct with full permissions.
Can anyone please let me know what is correct and what is wrong!
if the first URL is correct then how to get access permissions ?
if the second URL is correct then how to add resources correctly ?
The url should be like following
_api/Web/GetFolderByServerRelativeUrl('/sites/abc/FolderTest/Test')/Files/add(url='filename.png',overwrite=true)')
You can upload file in body like following pic

Azure Blob SAS URL 403 issue

I have a very weird issue with the azure blob. I have an Image container whose blob I am accessing using SAS URL.
"https://{storageName}.blob.core.windows.net/{container}/target_6ace5a78-83a9-4579-b348-2d0097aa1873/a85b8a1c-41c7-42f4-b8cb-a6389cd4cb2a?sp=rwdl&st=2019-02-14T10:25:00Z&=2020-02-16T10:25:00Z&sv=2018-03-28&sig={signatureKey}&sr=c"
When I am using the above URL in my browser its giving 403 but When I am modifying the above URL as below it's working fine. The only change is its now encode ie & is replaced with &
"https://{storageName}.blob.core.windows.net/{container}/target_6ace5a78-83a9-4579-b348-2d0097aa1873/a85b8a1c-41c7-42f4-b8cb-a6389cd4cb2a?sp=rwdl&st=2019-02-14T10:25:00Z&=2020-02-16T10:25:00Z&sv=2018-03-28&sig={signatureKey}&sr=c"
I am not able to understand the issue, because without encoded url also some of the other container SAS URL are working fine, but in this particular container why I need to have an encoded URL.?
So the reason you're getting a 403 error in the first URL is because you're missing se parameter in your URL. If you change your URL to:
"https://{storageName}.blob.core.windows.net/{container}/target_6ace5a78-83a9-4579-b348-2d0097aa1873/a85b8a1c-41c7-42f4-b8cb-a6389cd4cb2a?sp=rwdl&st=2019-02-14T10:25:00Z&se=2020-02-16T10:25:00Z&sv=2018-03-28&sig={signatureKey}&sr=c"
Your request should work just fine.
Regarding why your 2nd URL is working is because the storage service is completely ignoring the query string as the blob container doesn't have a Private ACL. So if you just copy and paste the following URL:
"https://{storageName}.blob.core.windows.net/{container}/target_6ace5a78-83a9-4579-b348-2d0097aa1873/a85b8a1c-41c7-42f4-b8cb-a6389cd4cb2a"
You should see the the blob is downloading.

Resources