0

I create a SAS TOKEN generated using the shared-access-signature npm module. When I try to connect to servicebus using the Azure SDK then I get the following error.

com.microsoft.azure.servicebus.primitives.ServiceBusException: 
Error{condition=com.microsoft:auth-failed, description='InvalidSignature:
The token has an invalid signature.', info=null}

My SAS token looks like this

SharedAccessSignature sr=https%3A%2F%2Fmy-servicebus-dev.servicebus.windows.net%2F&sig=somesig%2idonotdisclose0e1g%3D&se=1541700607.155&skn=RootManageSharedAccessKey

How should the SAS TOKEN be use ? Should it be the whole string or just the part except SharedAccessSignature ?

Please help. I am running out of clues.

Community
  • 1
  • 1
jack
  • 321
  • 1
  • 5
  • 20
  • Please share your code for connecting to Azure Service Bus. If you're using SDK, I am guessing you don't have to generate SAS. This should be done by the SDK itself. – Gaurav Mantri Nov 08 '18 at 18:02
  • Hi,any updates now? – Jay Gong Nov 12 '18 at 07:36
  • Hi,jack,does my answer helps you? – Jay Gong Nov 14 '18 at 01:03
  • Hi Jay, sorry I didn't reply. I am using your code to generate the SAS token but it is giving me weird error when I am trying to use it to connect to servicebus. `com.microsoft.azure.servicebus.primitives.MessagingEntityNotFoundException` I checked the portal and everything that I am using in the code is perfect. – jack Nov 14 '18 at 17:36

1 Answers1

0

How should the SAS TOKEN be use ? Should it be the whole string or just the part except SharedAccessSignature ?

Based on my test,the answer is yes. You need to pass the parameter as a whole string, including SharedAccessSignature sr=.

I generate sas token with the npm lib you provided.

var sas = require('shared-access-signature');

var url = 'https://******.servicebus.windows.net/BasicQueue';
var sharedAccessKeyName = 'RootManageSharedAccessKey';
var sharedAccessKey = '***';
var currentDate = new Date();
var expiry = currentDate.getTime() / 1000 + 3600; // We require expiry time in seconds since epoch.

var sas = require('shared-access-signature');
var signature = sas.generateServiceBusSignature(url, sharedAccessKeyName, sharedAccessKey, expiry);
console.log(signature);

Then use it in the below Java code:

import com.microsoft.azure.servicebus.Message;
import com.microsoft.azure.servicebus.QueueClient;
import com.microsoft.azure.servicebus.ReceiveMode;
import com.microsoft.azure.servicebus.primitives.ConnectionStringBuilder;
import com.microsoft.azure.servicebus.primitives.ServiceBusException;
public class SendMessages {
    private static String entityPath = "BasicQueue";

    private static String namespaceName = "***";

    private static String sharedAccessSingature = "SharedAccessSignature sr=https%3A%2F%2F***.servicebus.windows.net%2FBasicQueue&sig=ewu7ZwgPgDVSHBZiYB7paBp94KuMtby%2BiwK0fDJ5GLM%3D&se=1541735153.139&skn=RootManageSharedAccessKey";


    public static void main(String[] args) throws ServiceBusException, InterruptedException {

        QueueClient sendClient = new QueueClient(new ConnectionStringBuilder(namespaceName, entityPath, sharedAccessSingature), ReceiveMode.PEEKLOCK);

        String test = "test for 111";

        Message message = new Message(test);

        sendClient.sendAsync(message).thenRunAsync(() -> {
            System.out.printf("\n\tMessage acknowledged: Id = %s", message.getMessageId());
        });

        System.out.println("send success");
    }
}
halfer
  • 19,824
  • 17
  • 99
  • 186
Jay Gong
  • 23,163
  • 2
  • 27
  • 32
  • If I am using topics then the namespace url should point to a topic or to the subscription from which I am trying to read the message ? – jack Nov 15 '18 at 15:42