OAuth2 Missing or invalid "expires_in" error with Azure Event Hubs connector
Hi everyone.
I'm pretty new to Solace and I've been trying to setup the Azure Event Hubs connector. We are running Standard edition in a docker container.
After following the wizard to configure the connector I'm getting an error back for the OAuth 2.0 Client Credentials Authentication; Last Failure Reason: Missing or invalid "expires_in"
The connector is configured to use OAuth 2.0 Client Credentials. I have tested the auth config using curl from the Solace host and the response came back with the expires_in property and a token. I've also verified with the token I can talk to the Azure Event Hub configured in the connector.
I've tried looking through all the different logs I could find on the cli (debug, system, rest-consumer-group, event) but nothing could shine any light on the problem.
I'm not sure how to debug this any further with Solace or increase logging levels on the connector. Hoping the community is able to point me in the right direction.
Thanks in advance.
Answers
-
Hi @nath291101 ..! Welcome to the Community.
I don't know the answer, but I know people I can ask. In the meantime, is there anything at all on the Azure side (dump of incoming auth requests?) to help troubleshoot?
BTW, what version broker are you running? I'm hoping it's the latest, v10.10..?
0 -
Thanks Aaron.
Unfortunately I can't see any detailed logging information on the Azure side either. I was hoping there was a way in Solace to show the HTTP response body from the auth challenge.
We're running a Solace in a container, v.9.10.0.12. I will look to upgrade it today and see if that fixes the problem.
Thanks again.
0 -
Hi @nath291101
Can you run the following Solace command(s) in the CLI? This should provide a bit more information on the errors Solace is receiving from the REST call.
show log rest rest-delivery-point errorsor for more details:
show log rest rest-delivery-point errors wide0 -
Thanks @solaceleah, I have tried this command in the past and I couldn't see any additional details.
Here's a copy:
Timestamp Message VPN RDP REST Consumer Local Address Remote Address Error Response ------------------------- ------------------------ ------------------------ ------------------------ --------------------------------------------- --------------------------------------------- -------------------------------------------- -------------------------------------------------------- 2021-09-10T23:13:28+00:00 default test-timeseries test-timeseries REST Con N/A 20.167.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:25+00:00 default test-timeseries test-timeseries REST Con N/A 2.168.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:21+00:00 default test-timeseries test-timeseries REST Con N/A 21.167.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:18+00:00 default test-timeseries test-timeseries REST Con N/A 23.40.126.40:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:14+00:00 default test-timeseries test-timeseries REST Con N/A 150.167.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:11+00:00 default test-timeseries test-timeseries REST Con N/A 22.40.126.40:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:07+00:00 default test-timeseries test-timeseries REST Con N/A 148.167.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:04+00:00 default test-timeseries test-timeseries REST Con N/A 1.40.126.40:0 Missing or invalid "expires_in" sumer 2021-09-10T23:13:00+00:00 default test-timeseries test-timeseries REST Con N/A 149.167.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:12:57+00:00 default test-timeseries test-timeseries REST Con N/A 64.167.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:12:53+00:00 default test-timeseries test-timeseries REST Con N/A 0.168.190.20:0 Missing or invalid "expires_in" sumer 2021-09-10T23:12:50+00:00 default test-timeseries test-timeseries REST Con N/A 0.40.126.40:0 Missing or invalid "expires_in"0 -
Hmmm, not much additional help there..!
If this was a non-TLS connection, I'd say to try to run Wireshark and snoop the req/response. Don't think that's possible if TLS.
Does Azure Hubs have a "connector testing" test utility or something that might provide more verbose logs on that side? I'm assuming the error you're seeing on Solace side is all it's getting back from Azure.
0
