Hello,
I am implementing a Service Bus 1.0 Queue and have run into the issue of OAuth token expiration and am not sure the best way to handle this. On my end, I am hosting a receive loop in a Windows service and a Windows Server with the Service Bus Queue. On the client's end, they will be sending messages to me via the REST API. They will be sending messages constantly, 24/7. In mocking that side of the system, I have implemented a program to get the OAuth token from the Service Bus STS and cache it to use to send subsequent requests. I have noticed some strange things about the behavior of the token:
- The expire time set in the token I receive is 20 minutes from the receive time.
- If I continuously send messages into the queue as fast as possible, I get 25 minutes before a 401
- If I send messages in bursts with some time in between, I get longer than that (at least 40 minutes with the same token, I did not get it to 401 in that period). I verified that it was the same token being sent with an past expire date.
I guess my question is, what is going behind the scenes? Is the token refreshed sometimes? And what is the best way to handle token expiration in this scenario? I can only see the following options:
- The client checks the expire time of the token on every request. If it gets close to that, get a new token.
- The client keeps sending messages until a 401, then gets a new token and sends that request again.
That first one makes me less comfortable if the expire time is not predictable. In either case, I would like this default time to be more than 20 minutes. Is there a way to change this default? I do not see an option in the command-lets.