Azure-sdk-for-net: .net core batch job and pool delete operations fail to authenticate
Having some issues with the the pool and job delete operations when running .net core 1.1, version 6.1.0 of the SDK.
ClientRequestId:
RequestId xxxx
HttpStatusCode:Forbidden
StatusMessage:Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
Error Code = AuthenticationFailed, Lang=en-US, Message = Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:xxxx
Time:2017-05-05T07:51:18.6188868Z
Additional Values:
Error Details key=AuthenticationErrorDetail value=The MAC signature found in the HTTP request 'xxxx' is not the same as any computed signature. Server used following string to sign: 'DELETE
Getting this error on:
- BatchClient.PoolOperations.DeletePoolAsync
- batchClient.JobOperations.DeleteJobAsync
- BatchClient.PoolOperations.DeletePool
- BatchClient.JobOperations.DeleteJob
All the other operations are working, but these two won't authenticate.
Read that this might be a issue with a proxy cache, any way to disable that when running the sdk?
https://social.msdn.microsoft.com/Forums/SqlServer/en-US/67183d62-60ab-4ef0-a1ca-b765d85ea2f6/authenticationfailed?forum=azurebatch
Any quick solutions?
LeifRoss
All 10 comments
@LeifRoss please provide Nuget package ID and version of the Batch library that you use.
hovsepm
on 8 May 2017
@hovsepm
Azure.Batch - 6.1.0 - https://www.nuget.org/packages/Azure.Batch/6.1.0
LeifRoss
on 9 May 2017
Hi @LeifRoss - Can you let me know what region you're on and share your RequestId (which was redacted above) with me?
Note: The RequestId isn't a secret, it's an opaque GUID that service developers can use to find your request on our server.
matthchr
on 10 May 2017
Hi @LeifRoss, I have also been able to reproduce this, I'm currently investigating the cause and will get back to you.
matthchr
on 11 May 2017
Hi @matthchr
This is the request id: ae21288d-1f8e-42c3-ade2-83b576739cbd
Thanks!
LeifRoss
on 11 May 2017
I've tracked down the cause of this. It is due to a bug in our SDK, caused by a subtle behavior change in NetCore. Apparently HttpClient now includes the content-length header implicitly on all POST requests (even if there is no body), but not on DELETE requests. This is a change from netframework where POST and DELETE both had an implicit content-length even if there was no body.
Because we use the content-length header as part of the shared key header signing process, this change ended up screwing up the signing logic.
I'll include a fix for this and ship it in the next few days. The only workaround that I can see for now would be recompiling the code yourself with the fix. If that's something that you want to do, I can share the patch with you. Otherwise the fix will be in 7.0.1 whose ETA is sometime next week probably.
matthchr
on 12 May 2017
Excellent, thank you!
LeifRoss
on 12 May 2017
This has been fixed in Azure.Batch 7.0.1. Thanks for the report @LeifRoss
matthchr
on 15 May 2017
I am encountering this exact same issue with version 8.1.2 of the Azure.Batch running on .net core 2.1.
I was able to create a pool and start a job no problem, but can't delete it. Is it possible this bug is back? Anything I can do to get around it?
yellowsix
on 23 Aug 2018
It is back, and is being tracked by #4602 - A fix is in PR here #4689 and will be released as 9.0 shortly.
matthchr
on 23 Aug 2018
Related issues
Assassinbeast
·
3Comments
subbartt
·
3Comments
philoushka
·
3Comments
deenairn
·
3Comments
yhuangf
·
3Comments
Most helpful comment
This has been fixed in Azure.Batch 7.0.1. Thanks for the report @LeifRoss