generateSharedAccessSignature generates invalid signature / ignores sv parameter

[arafato]

Hi all,

in the SDK ^v2.6.0 generateSharedAccessSignature seems to generate an invalid signature. This is because the sv parameter of the generated sas is always set to 2017-04-17, no matter what sharedAccessPolicy.AccessPolicy.Version is set to (in my case it is 2016-05-31).

As an example, see below shared access signatures:

The first one is generated by the Node SDK based on the values of a PUT Block call generated by the .NET SDK

sv=2017-04-17&sr=b&st=2017-11-30T14%3A42%3A06Z&se=2017-11-30T15%3A17%3A06Z&sp=r&rscc=no-transform&rsct=text%2Fhtml&rsce=gzip&rscl=tr%2Cen&rscd=attachment&sig=bveg0Rr%2F03RfuiuI8%2BxogzXFes%2BslSkTiQSQ0NvSwjE%3D

The second one is generated by the .NET SDK:

sv=2016-05-31&sr=b&st=2017-11-30T14%3A42%3A06Z&se=2017-11-30T15%3A17%3A06Z&sp=r&rscc=no-transform&rsct=text%2Fhtml&rsce=gzip&rscl=tr%2Cen&rscd=attachment&sig=oiU8o1yXpqH5m6TxlRIDsv0wM2Edpc3QERnACeH2%2Bmw%3D&api-version=2016-05-31&comp=block&blockid=YmU3MmY0OTVmMWU1NGY2ZWJjZTNlYTYyMzA4YTEwNDgtMDAwMDAw

As you can see the signatures are differing and the sv values are also differing (although the input for the function call was 2016-05-31).
Can you confirm this is a bug? Thanks!

[XiaoningLiu]

Hi,

It's not a bug. From azure-storage-node@0.7.0, we deprecated the generateSharedAccessSignatureWithVersion function in each service. And different languages of Azure Storage Client Library follow this pattern. After that, the latest Node.js client library could only generate the SAS token for the latest SV version.

• azure-storage-node@2.3.0 upgrades to 2017-04-17
• azure-storage-node@2.0.0 upgrades to 2016-05-31

Please use version below 2.3.0 to generate SAS with sv 2016-05-31.

[arafato]

Thanks @XiaoningLiu for the clarification!