[BUG] User Delegation SAS with skt
field not present leads to Authentication Failure
#44113
Labels
Client
This issue points to a problem in the data-plane of the library.
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
needs-team-attention
This issue needs attention from Azure service team or SDK team
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Service Attention
This issue is responsible by Azure service team.
Storage
Storage Service (Queues, Blobs, Files)
Library name and version
Azure.Storage.Blobs v12.17.0
Describe the bug
https://learn.microsoft.com/en-us/rest/api/storageservices/create-user-delegation-sas#construct-a-user-delegation-sas
In the doc above, it's mentioned that
skt
is an optional field and if the value omitted, the current time is assumed.I tried generating a user delegation SAS where I didn't specify the
StartsOn
parameter of BlobSasBuilder (I believe it assumes the min vale of DateTime in this case). The SAS generated did not have theskt
field in it. When I used the SAS to access the blob, I got an authentication failure message saying thatskt
field is mandatory. (P.S. thestartsOn
parameter in the GetUserDelegationKey method also had the minValue of DateTimeOffset)As per the docs, this should have worked as
skt
is optional and if the value omitted, the current time is assumed. Please let me know if I am missing something here.If I set the
StartsOn
to an explicit value of say,DateTimeOffset.UtcNow
, then everything works fine.Expected behavior
The User Delegation SAS should work, even if the
skt
field is not present and I should be able to read the blob.Actual behavior
Authentication Failure.
Reproduction Steps
Initialize a blobServiceClient and a blobClient.
Create a
BlobSasBuilder
object like this:Generate a UserDelegationKey:
Generate User Delegation SAS
Paste the SAS Uri in the browser to read the blob.
Environment
No response
The text was updated successfully, but these errors were encountered: