failed, status code 401 and description: ExpiredToken: The token is expired #23923
Assignees
Labels
Client
This issue points to a problem in the data-plane of the library.
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Service Bus
Comments
|
is it possible to print the token to troubleshooting? If so how to print this? |
github-actions
bot
added
customer-reported
jhendrixMSFT
added
Service Bus
Client
github-actions
bot
removed
the
needs-triage
|
Hello team, any update? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1.The application is running in on-prem Kubernetes (VMware Tanzu). Tokens are provided through the environmental variables
AZURE_TENANT_ID,AZURE_CLIENT_ID,AZURE_CLIENT_SECRET.AZURE_SDK_GO_LOGGING=allis already turned on.2.The application runs for a while and then throws token expired error, after restart the application, it works well and the issue is unable to reproduce now. As this is production environment, we would like to confirm if this error related to SDK.
3.The SDKs that were being used are:
azidentity v1.7.0azservicebus v1.7.1
func GetAzureClient() *azservicebus.Client {
opts := azcore.ClientOptions{}
tokenCredential, err := azidentity.NewDefaultAzureCredential(&azidentity.DefaultAzureCredentialOptions{ClientOptions: opts})
if err != nil {
panic(err)
}
url := viper.GetViper().GetString("AZURE.SERVICEBUS_HOSTNAME")
client, err := azservicebus.NewClient(url, tokenCredential, nil)
if err != nil {
panic(err)
}
return client
}
We then believe the code that failed was this:
receiver, err := client.NewReceiverForQueue(q.QueueName, nil)
// error handling
messages, err := receiver.ReceiveMessages(ctx, 1, nil)
Answer: 2024-12-11 19:47:18.000 [Dec 11 08:47:18.000304] Authentication: ClientSecretCredential.GetToken() acquired a token for scope 'https://servicebus.azure.net//.default'
2024-12-11 19:47:18.000 [Dec 11 08:47:18.000317] azsb.Auth: (internal-production-ssceventresponse-sscack-v1-cipa-chullora-queue) negotiate claim, token expires on 2024-12-11T09:35:16Z
2024-12-11 19:47:19.942 [Dec 11 08:47:19.942714] azsb.Auth: Failed to send/receive RPC message: rpc: failed, status code 401 and description: ExpiredToken: The token is expired. TrackingId:0871a6a2-9467-4bda-868b-ba67793ae578, SystemTracker:NoSystemTracker, Timestamp:2024-12-11T08:47:19
2024-12-11 19:47:19.970 [Dec 11 08:47:19.970211] azsb.Auth: (internal-production-ssceventresponse-sscack-v1-cipa-chullora-queue/$management) negotiate claim, failed: rpc: failed, status code 401 and description: ExpiredToken: The token is expired. TrackingId:0871a6a2-9467-4bda-868b-ba67793ae578, SystemTracker:NoSystemTracker, Timestamp:2024-12-11T08:47:19
2024-12-11 19:47:19.970 [Dec 11 08:47:19.970234] azsb.Auth: NegotiateClaimRefresh Retry attempt 0 returned non-retryable error: rpc: failed, status code 401 and description: ExpiredToken: The token is expired. TrackingId:0871a6a2-9467-4bda-868b-ba67793ae578, SystemTracker:NoSystemTracker, Timestamp:2024-12-11T08:47:19
2024-12-11 19:47:19.970 [Dec 11 08:47:19.970240] azsb.Auth: [internal-production-ssceventresponse-sscack-v1-cipa-chullora-queue/$management] fatal error, stopping token refresh loop: rpc: failed, status code 401 and description: ExpiredToken: The token is expired. TrackingId:0871a6a2-9467-4bda-868b-ba67793ae578, SystemTracker:NoSystemTracker, Timestamp:2024-12-11T08:47:19
2024-12-11 19:47:20.052 [Dec 11 08:47:20.052522] azsb.Auth: negotiating claim for audience amqps://integ-shared-sbus-bslau-prod-aes.servicebus.windows.net/internal-production-ssceventresponse-sscack-v1-cipa-chullora-queue/$management with token type jwt and expiry of 1733906417
amqps://integ-shared-sbus-bslau-prod-aes.servicebus.windows.net/internal-production-ssceventresponse-sscack-v1-cipa-chullora-queue/$management with token type jwt and expiry of 1733906417
The text was updated successfully, but these errors were encountered: