Cannot authorize query to Azure Table Service

Question

I am trying to set up an API to get information from Azure Table Storage. I've been following the documentation here and a similar issue on SO here, but I haven't been able to get it to work. I'm getting an HTTP 403 error "Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.". Here is the code. For now I'm just trying to do a basic query to the /Tables resource to get going, though eventually I'm going to be querying specific rowIDs.

const crypto = require("crypto");
const request = require('request-promise-native');
const yourStorageAccountName = 'XXXXXXXX';

let CanonicalizedResource = `${yourStorageAccountName}/Tables`;
let url = `https://${yourStorageAccountName}.table.core.windows.net/Tables`;

let now = new Date();
let nowUTC = now.toUTCString();

let stringToSign = `GET\n\n\n${nowUTC}\n${CanonicalizedResource}`;
let accesskey = `YYYYYYYY`;
let key = new Buffer(accesskey, "base64");
let hmac = crypto.createHmac("sha256", key);
hmac.update(stringToSign);
let sig = hmac.digest("base64");
console.log("SIGNATURE : " + sig);
console.log("nowutc : " + nowUTC);
let headers = {
        "Authorization": "SharedKey " + yourStorageAccountName + ":" + sig,
        "x-ms-date": nowUTC,
        "Date": nowUTC,
        "x-ms-version": "2015-12-11"
};

var response = request({
    url: url,
    method: 'GET',
    headers: headers
});

console.log(response);

Answer 1

According to my test, we can use the following code to create share key

const accesskey=""
    const storageAccount = ""
    const resource = "Tables"

    const data =  new Date(Date.UTC(2020, 1, 2, 3, 4, 5));
    const GMTTime = data.toUTCString()
    console.log(GMTTime)

    //Shared Key authorization
    const StringToSign= "GET"+"\n"
                           +"\n"
                           +"\n"
                           + GMTTime +"\n"
                           +"/"+ storageAccount+"/"+resource

    const Sig = crypto.createHmac('sha256', Buffer.from(accesskey, 'base64')).update(StringToSign, 'utf8').digest('base64');
    console.log(Sig)

    //Shared Key Lite authorization
    const stringToSign = GMTTime +"\n"+"/"+ storageAccount+"/"+resource
    const sig = crypto.createHmac('sha256', Buffer.from(accesskey, 'base64')).update(stringToSign, 'utf8').digest('base64');
    console.log(sig)

Test(Query tables) 1. Shared Key authorization

GET https://myaccount.table.core.windows.net/Tables
Headers
       Authorization : SharedKey <account name>:kHl5K0AzsG7M32***AoxmCFY=
       x-ms-date : <the data you use to create share key>
       Accept : application/json;odata=nometadata
       x-ms-version : 2017-04-17

2. Shared Key Lite authorization

GET https://myaccount.table.core.windows.net/Tables
Headers
       Authorization : SharedKeyLite <account name>:0fADhBTi7tvtm***h69Y433c=
       x-ms-date : <the data you use to create share key>
       Accept : application/json;odata=nometadata
       x-ms-version : 2017-04-17

Besides, if you want to use Azure Table nodejs sdk azure-storage, please refer to the document and the sample

1. install sdk

npm install azure-storage

2. Code

var azure=require('azure-storage')
async function main() {
    const accesskey=""
    const storageAccount = ""
    var tableService=azure.createTableService(storageAccount,accesskey);
    tableService.listTablesSegmented(null,function(error,result){

        if(error){
           console.log(error)

        }else{

            for (var i = 0, table; table = result.entries[i]; i++) {
                console.log(table)
            }

        }

    })
  }

  // An async method returns a Promise object, which is compatible with then().catch() coding style.
  main()
    .then(() => {
      console.log("Successfully executed the sample.");
    })
    .catch((err) => {
      console.log(err.message);
    });