github-actions[bot]
commented
7 months ago Hi @chradek, we deeply appreciate your input into this project. Regrettably, this issue has remained inactive for over 2 years, leading us to the decision to close it. We've implemented this policy to maintain the relevance of our issue queue and facilitate easier navigation for new contributors. If you still believe this topic requires attention, please feel free to create a new issue, referencing this one. Thank you for your understanding and ongoing support.
This issue is meant to track investigating how the SDKs can support clock skew correction.
Clock skew is the delta between a client's clock and a service's clock. As the delta increases, we can start to see issues such as expired credentials due to the calculated expiry time on the client being viewed as already being past by the service. This occurs when not using AAD tokens (which come from a service which includes the expiry time), such as shared access key credentials.
Normally we would recommend using NTP to keep the client's clock synced, but this is out of the developer's control when their users control the client (e.g. browser/electron apps.)
For HTTP-based services, we may be able to use the value from the service's
Dateresponse header to calculate what the clock skew is and correct it automatically.For AMQP-based services (event-hubs, service-bus) there is no standard way to get the service's current clock time. One potential option is to support manual clock skew correction by allowing the user's application to set the differential, but how to find that would be an exercise left to the user.