Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Receiving 403 AuthenticationFailed error instead of 400 Bad-Request! #14797

Closed
1 of 6 tasks
ralphie97 opened this issue Apr 8, 2021 · 10 comments
Closed
1 of 6 tasks

Receiving 403 AuthenticationFailed error instead of 400 Bad-Request! #14797

ralphie97 opened this issue Apr 8, 2021 · 10 comments
Assignees
@EmmaZhu
Labels
bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. Storage Storage Service (Queues, Blobs, Files)
Milestone
[2022] February

Comments

@ralphie97
Copy link

  • Package Name: @azure/storage-blob, @azure/identity
  • Package Version: 12.3.0, 1.2.0
  • Operating system: Windows 10
  • nodejs
    • version: v14.16.0
  • browser
    • name/version:
  • typescript
    • version: v1.5.3
  • Is the bug related to documentation in

Describe the bug

For uploadPages and appendBlock operations, if the contentLength doesn't match the actual length of the body we get 403 AuthenticationFailed error. This seems like a Bad request payload and thus should have given 400.

Hence we cannot differentiate between Permission-related error and the Bad-Request error, in case of the above-mentioned operations.

To Reproduce
Steps to reproduce the behavior:

Below is the sample code for appendBlock:

const { BlobServiceClient, StorageSharedKeyCredential } = require('@azure/storage-blob')
const fs = require('fs')

const account = '<<account>>'
const accountKey = '<<key>>'
const sharedKeyCredential = new StorageSharedKeyCredential(account, accountKey)

const blobServiceClient = new BlobServiceClient(
  `https://${account}.blob.core.windows.net`,
  sharedKeyCredential
)

const containerName = '<<container>>'

async function main () {
  try {
    const fileContent = fs.readFileSync('<<file-path>>')
    console.log('$$$$$$$$$$ fileconetnt length $$$$$$$$$$$$$  ::  ', fileContent.length)
    const containerClient = blobServiceClient.getContainerClient(containerName)
    const blobName = '<<blob>>'
    const appendBlobClient = containerClient.getAppendBlobClient(blobName)
    const uploadBlobResponse = await appendBlobClient.appendBlock(fileContent, fileContent.length + 1)
    console.log(`Upload block blob ${blobName} successfully`, uploadBlobResponse)
  } catch (err) {
    console.log('Error while appending file content to append blob :  ', err)
  }
}

main()

Expected behavior

Since we are providing an incorrect payload, we should receive a Bad-Request error with 400 statusCode.
@ghost ghost added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Apr 8, 2021
@ramya-rao-a ramya-rao-a added Client This issue points to a problem in the data-plane of the library. Storage Storage Service (Queues, Blobs, Files) labels Apr 8, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Apr 8, 2021
@ghost ghost added the needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team label Apr 8, 2021
@EmmaZhu
Copy link
Contributor

EmmaZhu commented Apr 13, 2021

@ralphie97

Thanks a lot for reporting this to us. This issue may because: the SDK uses content length in header to do signature, while storage service uses the actual content length for request body. We will fix this.

Does this issue blocks your scenario? Do you have a work around?

Thanks
Emma

@ralphie97
Copy link
Author

@EmmaZhu

Currently, this acts as a blocker and we don't have a workaround.
When can we expect the fix?

Thanks
Nikhil

@EmmaZhu
Copy link
Contributor

EmmaZhu commented Apr 15, 2021

@ralphie97 ,

Do you need a released package, or a fix in master branch code also works for you?

Thanks
Emma

@EmmaZhu
Copy link
Contributor

EmmaZhu commented Apr 15, 2021

Hi @ralphie97

My proposed fix is to set the Content-Length as the actual length of the body, which won't cause 403 or 400 error because of the mismatch content length. Does this fix work for your solution?

Thanks
Emma

@EmmaZhu EmmaZhu added this to the [2021] May milestone Apr 16, 2021
@EmmaZhu EmmaZhu added bug This issue requires a change to an existing behavior in the product in order to be resolved. and removed needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Apr 16, 2021
@ralphie97
Copy link
Author

ralphie97 commented Apr 19, 2021
edited
Loading

@EmmaZhu

A released package will suffice.

And regarding the fix, what should be expected if the content-length provided doesn't match the body-length. Does the body gets truncated?

Thanks
Nikhil

@EmmaZhu
Copy link
Contributor

EmmaZhu commented Apr 19, 2021

@ralphie97 ,

If the content-length provided doesn't match the body-length, we would propose to set value of content-length as body-length. This way, the uploading request will succeed.

Thanks
Emma

@ralphie97
Copy link
Author

@EmmaZhu

What if the content-length provided is smaller than the actual body-length?

@EmmaZhu
Copy link
Contributor

EmmaZhu commented Apr 19, 2021

The SDK won't truncate request. Our proposal is to try to set the content-length to the correct value (actual body length), no matter whether content length is larger/smaller than actual body length. What do you think?

Thanks
Emma

@ralphie97
Copy link
Author

ralphie97 commented Apr 19, 2021
edited
Loading

@EmmaZhu

That seems fine.
Can you please let us know by when this fix will be available with the general release?

Thanks
Nikhil

@EmmaZhu EmmaZhu modified the milestones: [2021] May, [2021] June May 11, 2021
openapi-sdkautomation bot pushed a commit to AzureSDKAutomation/azure-sdk-for-js that referenced this issue Jun 21, 2021
CodeGen from PR 14797 in Azure/azure-rest-api-specs
c188c99 
[Hub Generated] Review request for Microsoft.HybridCompute to add version preview/2021-06-10-preview (Azure#14797)

* Adds base for updating Microsoft.HybridCompute from version preview/2021-05-17-preview to version 2021-06-10-preview

* Updates readme

* Updates API version in new specs and examples

* updated the swagger

* added the missing bracket

* removed type object

* removed PatchSettings ref

* used x-ms-client-flatten

* fixed an issue

* added osProfile to the machineUpdateProperties

* removed the extra space

* fixed by npm run prettier
@EmmaZhu EmmaZhu modified the milestones: [2021] June, [2021] August Jul 9, 2021
@EmmaZhu
Copy link
Contributor

EmmaZhu commented Jan 26, 2022

#20074

@EmmaZhu EmmaZhu closed this as completed Apr 30, 2022
@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@EmmaZhu EmmaZhu

Labels
bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. Storage Storage Service (Queues, Blobs, Files)
Projects
None yet
Milestone
[2022] February
Development

No branches or pull requests
3 participants
@EmmaZhu @ramya-rao-a @ralphie97