如何使用租户id、客户端id和客户端机密连接和管理azure data lake storage gen2中的目录和文件?

x33g5p2x  于 2021-07-06  发布在  Java
关注(0)|答案(1)|浏览(493)

我想上传azure blob存储gen2中的文件。但问题是无法使用租户id、客户机id和客户机机密进行连接。我指的是文档中给出的java代码 -> https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-directory-file-acl-java#upload-一个文件到一个目录。

static public DataLakeServiceClient GetDataLakeServiceClient
    (String accountName, String clientId, String ClientSecret, String tenantID){

    String endpoint = "https://" + accountName + ".dfs.core.windows.net";

    ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()
    .clientId(clientId)
    .clientSecret(ClientSecret)
    .tenantId(tenantID)
    .build();

    DataLakeServiceClientBuilder builder = new DataLakeServiceClientBuilder();
    return builder.credential(clientSecretCredential).endpoint(endpoint).buildClient();
 }

但在上述代码的最后一行获取端点时出错。
来自 Postman :

URI http://localhost:8081/upload/
Request param : <file to be uploaded>

"error": "Internal Server Error",
"message": "java.lang.NoClassDefFoundError: com/azure/core/implementation/util/ImplUtils"
8aqjt8rx

8aqjt8rx1#

如果您想访问azure data lake gen2 vai azure ad auth,我们需要分配一个特殊的azure r角色( Storage Blob Data Owner , Storage Blob Data Contributor 以及 Storage Blob Data Reader )到sp或用户。详情请参阅此处。
例如
创建服务主体并分配 Storage Blob Data Contributor 到存储帐户级别的sp

az login
az ad sp create-for-rbac -n "MyApp" --role 'Storage Blob Data Contributor' \
    --scopes /subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>

代码(下载文件)

String clientId="<sp appId>";
        String ClientSecret="<sp password>";
        String tenantID="";
        ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()
                .clientId(clientId)
                .clientSecret(ClientSecret)
                .tenantId(tenantID)
                .build();
        String accountName="";
        DataLakeServiceClient serviceClient  = new DataLakeServiceClientBuilder()
                 .credential(clientSecretCredential)
                 .endpoint("https://" + accountName + ".dfs.core.windows.net")
                .buildClient();

        DataLakeFileSystemClient fileSystemClient =serviceClient.getFileSystemClient("test");
        DataLakeFileClient fileClient = fileSystemClient.getFileClient("test.txt");
        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
        fileClient.read(outputStream);
        byte[] data =outputStream.toByteArray();
        System.out.println("The file content : "+new String(data));

相关问题