TsgcWSPClient_AMQP1 › Methods › CreateAzureCbsSasToken
Builds an Azure Service Bus SAS token from the given SAS key and pushes it via CBS to authorise the specified entity.
function CreateAzureCbsSasToken(const aName, aNameSpace, aEntityName, aKeyName, aKeyValue: string; const aExpiration: Integer = 3600; aTimeout: Integer = 10000; aRaiseIfError: Boolean = False): Boolean;| Name | Type | Description |
|---|---|---|
aName | const string | Identifier of the $cbs link previously attached with CreateCBSLink. |
aNameSpace | const string | Service Bus namespace host, e.g. contoso.servicebus.windows.net (no sb:// prefix). |
aEntityName | const string | Entity path the token should authorise (queue, topic or Event Hub name); may be blank to authorise the whole namespace. |
aKeyName | const string | Name of the Shared Access Policy used to sign the token (for example RootManageSharedAccessKey). |
aKeyValue | const string | Primary or secondary SAS key value (base64) associated with aKeyName. |
aExpiration | const Integer | Token lifetime in seconds. Also used as the expiration application-property pushed to $cbs. Default 3600. |
aTimeout | Integer | Milliseconds to wait for the $cbs put-token reply. Default 10000. |
aRaiseIfError | Boolean | When True the method raises an exception if $cbs does not answer with status-code 200; when False the failure is reported only via the Boolean return. |
True when $cbs accepted the generated SAS token (status-code 200), False when it was rejected or the call timed out. (Boolean)
Convenience wrapper around PutCBSToken: the method builds the canonical Azure Service Bus SAS signature (URL-encoded audience sb://NameSpace/EntityName, expiration as unix-timestamp, HMAC-SHA256 of audience + "\n" + expiry signed with the SAS key, base64-encoded) and sends it to the $cbs node with token-type servicebus.windows.net:sastoken. Call this once per entity immediately after the Open/Begin/Attach handshake and before creating working sender/receiver links to that entity; re-invoke before the token expires to rotate credentials.
oAMQP1.CreateCBSLink('cbs_1', 'session_1');
oAMQP1.CreateAzureCbsSasToken('cbs_1',
'contoso.servicebus.windows.net',
'orders',
'RootManageSharedAccessKey',
'AbCdEf1234567890/Shared=',
3600, 10000, True);