Azure / azure-event-hubs-c

C client library for Azure Event Hubs https://azure.microsoft.com/services/event-hubs
Other
7 stars 20 forks source link

SAS Token 401 unauthorized error #57

Open sysmoon opened 4 years ago

sysmoon commented 4 years ago

Hello, my development environment is a bit unusual. In our device environment where NTP Sync is not available, if I test it in conjunction with the azure-eventhub-c (https://github.com/Azure/azure-event-hubs-c) code,

the old time value already set in the device (ex: 2019.12. 31.hh.mm.ss) and then when I create a SAS Token value, eventhub always returns 401 unauthorized error.

What I want is, When creating a SAS token on the azure-eventhub-c code, I would like to be guided by which part of the code needs to be modified in order to generate a long end expire time for SAS Token. For example, I want to create a SAS token by ignoring the current device time and setting it statically to 2030.12.31 expire time. If I generate a SAS token by using long time, will eventhub return 200 OK?

dcristoloveanu commented 4 years ago

Hi @sysmoon , The configuration controlling the time to live of the token is here: https://github.com/Azure/azure-event-hubs-c/blob/ddf4512c36805cfa64688c6d85447172f70f96e2/eventhub_client/src/eventhubclient_ll.c#L48

A note regarding your setup: is there any way to implement NTP sync? The reason I am mentioning this is that having such a long lived token is almost equivalent to having the key floated on the wire. If somebody would be to sniff this token, then it can be used until a key rotation happens.

I hope this helps! /Dan