User Profile
DamianLB
Copper Contributor
Joined Aug 07, 2023
User Widgets
Recent Discussions
Re: IotHubUnauthorizedAccess only when using X.509 Cert to GetFileUploadSasUriAsync
For anyone else who has the same issue in the future, this is how I fixed it. This code using X509Certificate2 certificate = new X509Certificate2(certPath, storedConfig.CertPassword); using var security = new SecurityProviderX509Certificate(certificate); using var auth = new DeviceAuthenticationWithX509Certificate(storedConfig.DeviceName, certificate); IoTDeviceClient = DeviceClient.Create(storedConfig.AssignedIoTHub, auth, TransportType.Mqtt); IoTDeviceClient.SetRetryPolicy(new ExponentialBackoff(5, new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 15))); IoTDeviceClient.OpenAsync().Wait(); Changed to: SecureString theSecureString = new NetworkCredential("", storedConfig.CertPassword).SecurePassword; var cert = new X509Certificate2(certPath, theSecureString); var auth = new DeviceAuthenticationWithX509Certificate(storedConfig.DeviceName, cert); IoTDeviceClient = DeviceClient.Create(storedConfig.AssignedIoTHub, auth); IoTDeviceClient.SetRetryPolicy(new ExponentialBackoff(5, new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 15))); IoTDeviceClient.OpenAsync().Wait(); I can now use IoT HTTP upload.851Views0likes0CommentsIotHubUnauthorizedAccess only when using X.509 Cert to GetFileUploadSasUriAsync
I'm creating a POC for our company using the .NET SDK for Azure IoT. I'm coming up against a problem when performing an HTTP upload, but only when using an X509 cert. I'm provisioning the device using DPS, group enrollment. Following enrollment, I can send data, update twins and do everything besides uploading a file. Using the same code, the HTTP Upload functions correctly when using a SymmetricKey (in my POC, provisioning is interchangeable between key and cert). It's only when using the X509 cert, which works perfectly fine for all other operations. GetFileUploadSasUriAsync is the method which generates the error: {"Message":"ErrorCode:IotHubUnauthorizedAccess;Unauthorized","ExceptionMessage":"Tracking ID:2d210xxxxxxxxe3afdc-G:0-TimeStamp:08/04/2023 15:48:25"} at Microsoft.Azure.Devices.Client.Transport.HttpClientHelper.<ExecuteAsync>d__22.MoveNext() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Azure.Devices.Client.Transport.HttpClientHelper.<PostAsync>d__18`2.MoveNext() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Azure.Devices.Client.Transport.HttpTransportHandler.<GetFileUploadSasUriAsync>d__15.MoveNext() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at RemoteIoTDeviceConsoleApp.Class.Data.FileOperations.<UploadFile>d__3.MoveNext() in E:\zzzz\xxxx\xxx\xxx\Class\Data\FileOperations.cs:line 53 How I'm initialising the device client. public static string DeviceName; public static DeviceClient IoTDeviceClient; public static LocalConfigStore ConfigStore = new LocalConfigStore(); public static void InitialiseIoTClient() { Console.Clear(); if (ConfigStore.CheckConfigFileExists()) { var storedConfig = ConfigStore.ReadConfigFile(); DeviceName = storedConfig.DeviceName; if (IoTDeviceClient == null) { if (storedConfig.AuthType == AuthType.X509) { var certPath = AppDomain.CurrentDomain.BaseDirectory + storedConfig.CertName; Console.WriteLine($"Loading the certificate..."); using X509Certificate2 certificate = new X509Certificate2(certPath, storedConfig.CertPassword); using var security = new SecurityProviderX509Certificate(certificate); using var auth = new DeviceAuthenticationWithX509Certificate(storedConfig.DeviceName, certificate); IoTDeviceClient = DeviceClient.Create(storedConfig.AssignedIoTHub, auth, TransportType.Mqtt); IoTDeviceClient.SetRetryPolicy(new ExponentialBackoff(5, new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 15))); IoTDeviceClient.OpenAsync().Wait(); } else { IoTDeviceClient = DeviceClient.Create(storedConfig.AssignedIoTHub, new DeviceAuthenticationWithRegistrySymmetricKey(storedConfig.DeviceName, storedConfig.DevicePrimaryKey), TransportType.Mqtt); IoTDeviceClient.SetRetryPolicy(new ExponentialBackoff(5, new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 30), new TimeSpan(0, 1, 15))); IoTDeviceClient.OpenAsync().Wait(); } } } else { Console.WriteLine("No config file exists, register a player - InitialiseIoTClient"); } } How I'm uploading a file. public class FileOperations { readonly DeviceClient _deviceClient; public static LocalConfigStore ConfigStore = new LocalConfigStore(); /// <summary> /// Load the client and start listening for file upload notifications /// </summary> internal FileOperations() { _deviceClient = Program.IoTDeviceClient; ReceiveFileUploadNotificationAsync(); } /// <summary> /// This method is used to upload a file to the IoT Hub /// </summary> public async void UploadFile() { // Generate a large file to upload var commonOps = new Utils.Common(); var testFilePath = commonOps.GenerateLargeFile(); // Create stream using var fileStreamSource = new FileStream(testFilePath, FileMode.Open); var fileName = Path.GetFileName(testFilePath); var fileUploadTime = Stopwatch.StartNew(); // Get the SAS URI for the file upload var fileUploadSasUriRequest = new FileUploadSasUriRequest { BlobName = fileName }; FileUploadSasUriResponse sasUri = await _deviceClient.GetFileUploadSasUriAsync(fileUploadSasUriRequest, CancellationToken.None); Uri uploadUri = sasUri.GetBlobUri(); Console.WriteLine($"Uploading file {fileName} to {uploadUri}."); // Upload the file to blob storage var blockBlobClient = new BlockBlobClient(uploadUri); await blockBlobClient.UploadAsync(fileStreamSource, new BlobUploadOptions()); // Notify IoT Hub that the file upload is complete var successfulFileUploadCompletionNotification = new FileUploadCompletionNotification { // Mandatory. Must be the same value as the correlation id returned in the sas uri response CorrelationId = sasUri.CorrelationId, // Mandatory. Will be present when service client receives this file upload notification IsSuccess = true, // Optional, user defined status code. Will be present when service client receives this file upload notification StatusCode = 200, // Optional, user-defined status description. Will be present when service client receives this file upload notification StatusDescription = "Success" }; // Notify IoT Hub that the file upload is complete await _deviceClient.CompleteFileUploadAsync(successfulFileUploadCompletionNotification); fileUploadTime.Stop(); Console.WriteLine($"File upload completed successfully."); Console.WriteLine($"Time to upload file: {fileUploadTime.Elapsed}."); Console.WriteLine($"Deleting Test File."); fileStreamSource.Dispose(); File.Delete(testFilePath); Console.WriteLine("press enter to continue."); } /// <summary> /// This method is used to receive file upload notifications /// </summary> private async void ReceiveFileUploadNotificationAsync() { var connectionString = ConfigurationManager.AppSettings["ConnectionStringIotHubOwner"]; // Create service client to receive file upload notifications ServiceClient serviceClient = ServiceClient.CreateFromConnectionString(connectionString); // Get file upload notification receiver var notificationReceiver = serviceClient.GetFileNotificationReceiver(); Console.WriteLine("\nReceiving file upload notification from service"); while (true) { // Wait for file upload notification var fileUploadNotification = await notificationReceiver.ReceiveAsync(); if (fileUploadNotification == null) continue; Console.ForegroundColor = ConsoleColor.Yellow; Console.WriteLine("Received file upload notification: {0}", string.Join(", ", fileUploadNotification.BlobName)); Console.ResetColor(); await notificationReceiver.CompleteAsync(fileUploadNotification); } } }1KViews0likes1Comment
Recent Blog Articles
No content to show