Ubuntu Question posted in
The official Ubuntu documentation can be found here.

Ubuntu – Microsoft Graph Subscriptions API is not properly validating notificationURL

I sent an HTTP request to https://graph.microsoft.com/v1.0/subscriptions to notify me when new transcripts are available.

POST /v1.0/subscriptions HTTP/1.1
Content-Type: application/json
Authorization: Bearer [REMOVED]
User-Agent: PostmanRuntime/7.37.3
Accept: */*
Postman-Token: 8f179fd2-5291-4241-8835-27fa7b825305
Host: graph.microsoft.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 421
 
{
"changeType": "updated",
"notificationUrl": "https://[REMOVED]/apps/web/callbacks/store-meeting-transcripts.php",
"lifecycleNotificationUrl": "https://[REMOVED]/apps/web/callbacks/subscription-lifecycle-notification.php",
"resource": "communications/onlineMeetings/getAllTranscripts",
"expirationDateTime": "2024-08-10T00:00:00Z",
"clientState": "[REMOVED]"
}
 
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
request-id: cd1c22fb-0550-4153-a5cd-a60de4c8ab69
client-request-id: cd1c22fb-0550-4153-a5cd-a60de4c8ab69
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"Canada Central","Slice":"E","Ring":"3","ScaleUnit":"002","RoleInstance":"YT2PEPF000001A4"}}
Date: Fri, 09 Aug 2024 15:10:34 GMT
 
{"error":{"code":"ValidationError","message":"Subscription validation request failed. Notification endpoint must respond with 200 OK to validation request.","innerError":{"date":"2024-08-09T15:10:35","request-id":"cd1c22fb-0550-4153-a5cd-a60de4c8ab69","client-request-id":"cd1c22fb-0550-4153-a5cd-a60de4c8ab69"}}}

The notable error message here is Subscription validation request failed. Notification endpoint must respond with 200 OK to validation request. This does not make any sense, considering my notification endpoint(s) are already capable of handling validation requests.

Here are examples of me manually calling both implementations of my notificationUrl with validation parameters.

When using my apache 2 + php server

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        $input = file_get_contents('php://input');
        $notification = json_decode($input, true);

        if (isset($_GET['validationToken'])) {
            $validationToken = $_GET['validationToken'];
            ini_set('default_charset', NULL);
            header('Content-Type: text/plain');
            header("HTTP/1.1 200 OK");
            ob_clean();
            print $validationToken;
            exit;
        }
    }

POST /apps/web/callbacks/store-meeting-transcripts.php?validationToken=Validation%3a+Testing+client+application+reachability+for+subscription+Request-Id%3a+417df92c-6e7c-47e0-b34f-bbd6bd27ea06 HTTP/1.1
Accept: text/plain
Content-Type: text/plain; charset=utf-8
client-request-id: 417df92c-6e7c-47e0-b34f-bbd6bd27ea06
Postman-Token: 7ad38ba9-79b3-4bde-9ae0-9db402c31960
Host: [REMOVED]
Content-Length: 0
 
HTTP/1.1 200 OK
Date: Fri, 09 Aug 2024 14:18:17 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 117
Content-Type: text/plain
 
Validation: Testing client application reachability for subscription Request-Id: 417df92c-6e7c-47e0-b34f-bbd6bd27ea06

When using my Supabase + Javascript server

Deno.serve(async (req: Request) => {
  const url = new URL(req.url);
  
  if (req.method === 'POST') {
    // Handle validationToken
    const validationToken = url.searchParams.get('validationToken');
    if (validationToken) {
      return new Response(validationToken, {
        status: 200,
        headers: { 'Content-Type': 'text/plain' }
      });
    }
  }
});

POST /functions/v1/hello-world?validationToken=Validation%3a+Testing+client+application+reachability+for+subscription+Request-Id%3a+417df92c-6e7c-47e0-b34f-bbd6bd27ea06 HTTP/1.1
Accept: text/plain
Content-Type: text/plain; charset=utf-8
client-request-id: 417df92c-6e7c-47e0-b34f-bbd6bd27ea06
Postman-Token: 519e8a1c-9f63-42e7-a0c8-46c1c8824ce9
Host: [REMOVED]
Content-Length: 0
 
HTTP/1.1 200 OK
Date: Fri, 09 Aug 2024 15:10:03 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 8b08abb48f9839e3-YYZ
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
x-deno-execution-id: dc6cb0b0-0bff-492f-a03d-74b8381023cd
x-sb-edge-region: ca-central-1
x-served-by: supabase-edge-runtime
Server: cloudflare
alt-svc: h3=":443"; ma=86400
 
Validation: Testing client application reachability for subscription Request-Id: 417df92c-6e7c-47e0-b34f-bbd6bd27ea06

What am I doing wrong, why is the graph subscription service failing to validate my notification URL?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    The error message from Microsoft Graph was misleading, the subscription endpoint validation error was referencing the lifecycleNotificationUrl endpoint, not the notificationUrl endpoint


  2. 0

    In notification URL regardless of the HTTP method (POST, GET). First, check whether it has a searchParam called validationToken. return that token in the body

     if (validationToken) {
        return new Response(validationToken, {
            status: 200,
            headers: { 'Content-Type': 'text/plain' }
        });
    }

    in c#

     if (req.Query.ContainsKey("validationToken"))
            {
                string validationToken = req.Query["validationToken"];
                _logger.LogInformation($"Validation token received: {validationToken}");
                return new ContentResult()
                {
                    Content = validationToken,
                    ContentType = "text/plain",
                    StatusCode = StatusCodes.Status200OK
                };
            }
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search