Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

brooven's avatar

PHP/Laravel - Azure REST Api - “The MAC signature found in the HTTP request is not the same as any computed signature”

I am trying to set the azure blob storage properties via PHP but I can't get the Authorize header right.

The error I receive:

The MAC signature found in the HTTP request 'random hashed string produced' is not the same as any computed signature. Server used following string to sign: 'GET x-ms-date:Mon, 08 Feb 2021 10:53:22 GMT x-ms-version:2017-11-09 /name/media comp:properties restype:service'.

Any idea what's wrong with the code?

$date = gmdate('D, d M Y H:i:s \G\M\T');
    $account_name = "randomname";
    $containername = "media";
    $access_key = "access_key1 from portal";

    $canonicalizedHeaders  = "x-ms-date:$date\nx-ms-version:2017-11-09";
    $canonicalizedResource = "/$account_name/$containername\ncomp:list\nrestype=service&comp=properties";

    $arraysign = array();
    $arraysign[] = 'GET';                     /*HTTP Verb*/
    $arraysign[] = '';                        /*Content-Encoding*/
    $arraysign[] = '';                        /*Content-Language*/
    $arraysign[] = '';                        /*Content-Length (include value when zero)*/
    $arraysign[] = '';                        /*Content-MD5*/
    $arraysign[] = '';                        /*Content-Type*/
    $arraysign[] = '';                        /*Date*/
    $arraysign[] = '';                        /*If-Modified-Since */
    $arraysign[] = '';                        /*If-Match*/
    $arraysign[] = '';                        /*If-None-Match*/
    $arraysign[] = '';                        /*If-Unmodified-Since*/
    $arraysign[] = '';                        /*Range*/
    $arraysign[] = $canonicalizedHeaders;     /*CanonicalizedHeaders*/
    $arraysign[] = $canonicalizedResource;    /*CanonicalizedResource*/

    $stringtosign = implode("\n", $arraysign);

    $signature = 'SharedKey' . ' ' . $account_name . ':' . base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($access_key), true));

    $endpoint = 'https://' . $account_name . '.blob.core.windows.net';
    $url = $endpoint . '/' . $containername . '?restype=service&comp=properties';

    $headers = [
        "x-ms-date:{$date}",
        'x-ms-version:2017-11-09',
        'Accept:*/*',
        "Authorization:{$signature}"
    ];

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response  = curl_exec($ch);
    echo curl_error($ch);
    curl_close($ch);
    echo '<pre>';
    print_r($response);```
0 likes
0 replies

Please or to participate in this conversation.