Error TimeoutOverflowWarning: xxxxx does not fit into a 32-bit signed integer when using ManagedIdentityCredential for ServiceBusClient

[cloudxpc]

• Package Name: @azure/service-bus
• Package Version: 7.7.3
• Operating system: Azure Function Windows
• nodejs
  • version: ~16
• browser
  • name/version: -
• typescript
  • version: -
• Is the bug related to documentation in
  • README.md
  • source code documentation
  • SDK API docs on https://docs.microsoft.com

Describe the bug
Using ManagedIdentityCredential to create ServiceBusClient, when receiving messages, keep getting:

(node:21960) TimeoutOverflowWarning: 1669616210777 does not fit into a 32-bit signed integer.
Timeout duration was set to 1.

Possible cause:
The expiry time of Managed Identity token is 24h by default. It is used in calculation at source code:
this._tokenTimeout = tokenObject.expiresOnTimestamp - Date.now() - 2 * 60 * 1000;
Then I'm not pretty sure where but it is probably used to 'setTimeout' for refreshing token and issue comes.

To Reproduce
Steps to reproduce the behavior:

1. create node js code

const credential = new ManagedIdentityCredential('xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx');
const sbClient = new ServiceBusClient('xxxxx.servicebus.windows.net', credential);
const receiver = sbClient.createReceiver(TOPIC_NAME, SUBSCRIPTION_NAME);
const messages = await receiver.receiveMessages(5);

2. deploy to azure function so that managed identity credential can work

Expected behavior
Should be working fine without errors/warnings.

Screenshots

Additional context
please consider to handle the case that token expiry time is longer than 24h

[azure-sdk]

Label prediction was below confidence level 0.6 for Model:ServiceLabels: 'Azure.Identity:0.55933166,Service Bus:0.42610386,SQL:0.001241071'

[jeremymeng]

@cloudxpc Thank you for reporting the issue! This is likely a known issue in our identity library. /cc @KarishmaGhiya

[azure-sdk]

Label prediction was below confidence level 0.6 for Model:ServiceLabels: 'Azure.Identity:0.55933166,Service Bus:0.42610386,SQL:0.001241071'

[KarishmaGhiya]

Hello, can you confirm the version of @azure/identity being used. I believe this was a bug in 3.1.0 version and was fixed in 3.1.1 @cloudxpc

[cloudxpc]

Hello, i was using 3.1.0 before. but I changed to @azure/identity 3.1.1 and tested, the issue still comes.

[cmpcdaly]

Also experiencing this issue using @azure/identity 3.1.1

[nwf-msr]

@KarishmaGhiya: Presumably commit 4ced48e6f0 was intended to fix this in 3.1.1, but the timeline seems confused. That commit notes the fix to the changelog as if it were part of 3.1.1, but then it bumps the package version fields to "3.1.2". Perhaps two commits (the actual fix and associated changelog entry and version bump to 3.1.1, and then a later one to advance the version field again to 3.1.2) got squashed together by mistake? In any case, that commit is not part of the @azure/identity_3.1.1 tag, having missed it by a few hours: it was committed at 11:33 PM on Nov 18, while the tag's latest commit was at 8:32 PM.

In any case, please cut an @azure/identity 3.1.2 release ASAP as this bug is causing excess CPU load, and I cannot roll back to earlier versions due to needing a version that includes #23232 due to also experiencing #22620 .

[nwf-msr]

Hm. That seems not sufficient in any case. Instrumenting a running application, I have chased values upstream from the timeout registration at

azure-sdk-for-js/sdk/servicebus/service-bus/src/core/linkEntity.ts

Lines 524 to 541 in 191e4ce

	this._tokenRenewalTimer = setTimeout(async () => {
	try {
	await this._negotiateClaim({
	setTokenRenewal: true,
	abortSignal: undefined,
	timeoutInMs: Constants.defaultOperationTimeoutInMs,
	});
	} catch (err: any) {
	this._logger.logError(
	err,
	"%s %s '%s' with address %s, an error occurred while renewing the token",
	this.logPrefix,
	this._type,
	this.name,
	this.address
	);
	}
	}, this._tokenTimeout);

to the calculation of the timeout value at

azure-sdk-for-js/sdk/servicebus/service-bus/src/core/linkEntity.ts

Line 439 in 191e4ce

this._tokenTimeout = tokenObject.expiresOnTimestamp - Date.now() - 2 * 60 * 1000;

. Confusingly, the value for tokenObject.expiresOnTimestamp is 3340290306000 (and Date.now() was, in the same instance, 1670101953743). That is, expiresOnTimestamp seems to be twice the value of a UNIX timestamp set twelve hours in the future: (3340290306000 / 2 - 1670101953743) / 1000 / 3600 = 11.99979361111111.

[nwf-msr]

Found it after chasing a lot of false leads. #24102 is one possible fix; please feel free to adapt it as appropriate.

[KarishmaGhiya]

Thanks for the PR @nwf-msr. I shipped the release for @azure/identity 3.1.2 https://www.npmjs.com/package/@azure/identity/v/3.1.2 along with your PR commits. I did the bug fix from a different branch - hotfix/identity_3.1.2

We usually do bug-fixes from a different branch of the name type - hotfix/identity_version which is branched off of the previous release tag and pushed commits required for the fix in that branch. After the release we merge that branch back into the main branch. Perhaps that's why just looking at the commits in main branch will be confusing

[KarishmaGhiya]

@nwf-msr @cloudxpc @cmpcdaly Please try version @azure/identity 3.1.2 https://www.npmjs.com/package/@azure/identity/v/3.1.2 for the fix and let me know if you still face any problems.

[nwf-msr]

Thanks! Testing with 3.1.2 and the warnings seem to be gone and the CPU seems to no longer be spinning. :)

[cloudxpc]

Hi, thanks for the fix! tried with @azure/identity 3.1.2 and issue seems gone.

[KarishmaGhiya]

Thanks for the feedback. I will close the issue now :)