Issue
I currently have an Azure Active Directory Application that has a Microsoft Graph Webhook Subscription listening for new emails (messages) in a specified mailbox.
The subscription has a scheduled task that renews the subscription's expiration date via an Update request. The subscription is targeted using its MS Graph Provided ID.
Any DELETE or UPDATE request against this specific subscription fails. (See 'Error Response' below.)
Question
I realize that this may be the same issue / bug as the question presented here: https://stackoverflow.com/a/53111286/7902641
Has there been any fix / resolution / or workaround for this?
If there has been a fix or this is a different problem altogether, what can I do to resolve this specific issue?
Thanks!
Error Response
{
"error": {
"code": "ExtensionError",
"message": "Operation: Delete; Exception: [Status Code: NotFound; Reason: The subscription with Id 'Q0IzOUZCMTYtMTk4OC00OEZDLUFFQjQtNzI4NTU1MDREMkVDXzQ5RDk2MzI3LUFDRDEtNEE2QS05QTQ1LUYwQ0ZGQjgwNEQ0Qg==' is not found.]",
"innerError": {
"request-id": "e83fe463-....-....-....-76eb35e2e697",
"date": "2019-03-22T02:35:14"
}
}
}
Extra Info
Somehow the Microsoft Graph ID for the subscription is...transformed? The original subscription ID is ( 528b79f1-....-....-....-360c0e1149e9 ) and the returned target ID is: ( Q0IzOUZ ... NEQ0Qg== ) .
The executing UPDATE request originates from an ASP.NET CORE application, using the Microsoft Graph SDK (C#).
https://github.com/microsoftgraph/msgraph-sdk-dotnet
However I have eliminated the SDK as the origination of the problem -- using a REST API tester (Insomnia), I achieve the same error result. The request URL looks like:
https://graph.microsoft.com/v1.0/subscriptions/528b79f1-....-....-....-360c0e1149e9
I have also attempted to use the BETA version instead of v1.0. Unfortunately I get the same error result.
Configuration
Application:
Registered Azure Active Directory Daemon Application
Authentication Library:
MSAL
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
Calling Application (generating the update / delete request):
ASP.NET CORE (2.1) - Web Api
Using MS Graph SDK (Github link posted above)
== Update ==
The subscription in question has now expired and disappeared from my application's subscriptions list (timestamp, PST: 3/22/2019 8:45:22 AM).
I will no longer be able to test against it (sorry S.O. posterity!).
However, good news: now that the problem child (subscription) in question is gone, I was able to create a new subscription and restart my affected service. I am able to successfully submit get / update / delete requests against any newly created subscriptions.
== Update ==
The subscription in question has now expired and disappeared from my application's subscriptions list (timestamp, PST: 3/22/2019 8:45:22
AM).
I will no longer be able to test against it (sorry S.O. posterity!).
However, good news: now that the problem child (subscription) in question is gone, I was able to create a new subscription and restart
my affected service. I am able to successfully submit get / update /
delete requests against any newly created subscriptions.
As this post is almost a year old and was most likely resolved via a fix by MSFT (no actionable fixes in our implementations), I am marking this post as "answered".
#baywet Thank you for the suggestion to do so.
Related
This question already has an answer here:
Legacy People API has not been used in project
(1 answer)
Closed 1 year ago.
Google API is active but give error ;
Legacy People API has not been used in project before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/legacypeople.googleapis.com/overview?project= then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
You don't need to install any other APIs like Google Drive API, Google Sheets API or other except Google+ API,
The error is coming because of "passport-google-oauth": "^1.0.0"
Just change the version "passport-google-oauth": "^1.0.0" to "passport-google-oauth": "^2.0.0" and remove node_modules and package.lock.json file and run "npm i"
That's it
Before the Google+ API Shutdown on March 7, 2019, the people.get and people.getOpenIdConnect methods were available for requesting a person’s profile.
To avoid breaking existing integrations with these methods supporting sign-in, a new minimal implementation only returns basic fields necessary for that functionality, such as name and email address, if authorized by the user. The Legacy People API is where these methods will remain available for existing callers at the existing HTTP endpoints.
The Legacy People API serves a limited new implementation of the legacy Google+ API people.get and people.getOpenIdConnect methods necessary for maintaining sign-in functionality. It is available to existing callers of the original methods that haven't migrated to recommended replacements such as Google Sign-in or Google People API at the time of the Google+ API shutdown.
enter link description here
Thanks
In this case, I'm facing the same issue. This is what I've done to fix it.
Situation:
NodeJS ver 8
"passport-google-oauth": "^1.0.0"
Using Google+ API as Google Sign-in
When I run the apps and click Sign in with Google, what happened then?
Server error
Error log: Legacy People API has not been used in project "xxxx" before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/legacypeople.googleapis.com/overview?project=xxxx then retry.
How I solve it?
Go to Google Console
Click on Google+ API under Social APIs, then click Enable API
Click on Google Drive API under G Suite, then click Enable API
Click on Google Sheets API under G Suite, then click Enable API
Update "passport-google-oauth": "^1.0.0" to "passport-google-oauth": "^2.0.0"
in package.json
remove package-lock.json and node_modules folder (to ensure everything is clear)
run this command : npm install
It works now!
Note: my previous code still using profile._json.image.url to get profile image. Actually, this response was not there anymore. So I delete this code.
Goodbye Google+
Thank you Google People API.
Enabling the Google Contacts API and the Google+ API fixed this issue for me.
Hi I recently stumbeled on the same issue. As explained by Ilan Laloum, Google+ API as been decommissionned completely for new projects.
I found that Google People API works in a similar way. The following example is based on the Bookshelf tutorial in GCP. Source code can be seen here: https://github.com/GoogleCloudPlatform/golang-samples/tree/appengine/go111/cloudsql/getting-started/bookshelf (branch appengine/go111/cloudsql)
import people "google.golang.org/api/people/v1"
...
// retrieves the profile of the user associated with the provided OAuth token
func fetchProfile(ctx context.Context, tok *oauth2.Token) (*people.Person, error) {
peopleService, err := people.NewService(ctx, option.WithTokenSource(bookshelf.OAuthConfig.TokenSource(ctx, tok)))
if err != nil {
return nil, err
}
return peopleService.People.Get("people/me").
PersonFields("names,coverPhotos,emailAddresses").
Do()
}
This method needs a context and a OAuth token, just like Google+ API used to. The peopleService is initialized in a similar fashion.
The peopleService.People.Get("people/me") prepares a query that fetches the profile of the connected user. Then PersonFields("names,coverPhotos,emailAddresses") is a filter on profile fields. This part of the request is mandatory. Eventually Do() will execute the request.
This issue can be fixed using the passport-google-token
npm install passport-google-token
const GoogleStrategy = require('passport-google-token').Strategy;
// Google OAuth Strategy
passport.use('googleToken', new GoogleStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET
}, async (accessToken, refreshToken, profile, done) => {
try {
console.log('creating a new user')
const newUser = new User({
google: {
id: profile.id,
email: profile.emails[0].value
}
});
await newUser.save();
done(null, newUser);
} catch (error) {
done(error, false, error.message);
}
}));
I was also having the same issue but with my Rails app. So I resolved it by upgrading the omniauth gems by running bundle update devise omniauth omniauth-google-oauth2 in terminal.
I also faced the same issue. This issue may occur for using the old library, enable the google people Api for your project, and download the library as per your php version from this link and integrate it.
I have successfully created Office 365 Group, added members and owners and now I am trying to provision a Team for this group. How am I supposed to provision it using MS Graph in .NET Console App?
I tried the following code but I am not getting my Team.
var team = new Team
{
GuestSettings = new TeamGuestSettings
{
AllowCreateUpdateChannels = false,
AllowDeleteChannels = false
}
};
await graphServiceClient.Groups[groupID].Team.Request().CreateAsync(team);
Response from the above code
Message: No HTTP resource was found that matches the request URI 'https://api.teams.skype.com/v1.0/groups('da87fc59-403b-4b0f-973f-f812d41143aa')/team'.
Inner error
Error Screenshot
Edit: I am using latest NUGET package for MS Graph extensions.
Edit 2: Tried to do following instead.
await graphServiceClient.Groups[groupID].Team.Request().PutAsync(team);
Got this:
Code: UnauthorizedAccess
Message: Failed to execute Aad backend request GetTenantSubscribedSkusRequest. Request Url: https://graph.windows.net/dc7b2a82-XXXX-XXXX-XXXX-46122279d033/subscribedSkus?api-version=1.6, Request Method: GET, Response Status Code: Unauthorized, Response Headers: ocp-aad-diagnostics-server-name: HmmXXX+7Su9HNJVjwqsmVjPsrXXXXXXXX/iNwuI3H74=
request-id: 9257706c-XXXX-XXXX-XXXX-bbf33b98da7d
client-request-id: f263695b-XXXX-XXXX-XXXX-9fdf185fXXXX
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 19 Jun 2019 13:20:18 GMT
Any suggestions?
Microsoft document says
If the group was created less than 15 minutes ago, it's possible for
the Create team call to fail with a 404 error code due to replication
delays. The recommended pattern is to retry the Create team call three
times, with a 10 second delay between calls.
I faced this issue and after the retry logic as suggested above it works fine all the time
Make sure you are using a Delegated authentication context (a user must be signed in) with the permission Group.ReadWrite.All
Make sure you have consented to the application permissions (from the API permissions screen of the application registration, you'll find a Grant Consent button all the way down)
Use the PutAsync method (today, as you mentioned, you must create the Office 365 group first and then enable Teams)
Can you confirm that the group actually gets created? "No HTTP resource was found that matches the request URI" often means that the graphServiceClient.Groups[groupID] doesn't work. Which is likely around permissions.
I noticed I have the same problem with application permissions. The one thing I have found that will unblock the code to work again is to create a team through the Graph Explorer and then I am good for a couple days.
Then the error comes back again and I create another team through the explorer and I can start creating like before. This tells me it is not a code problem but an issue on the Teams graph connection somewhere.
It was a service bug. Works now.
Link to service bug on GitHub
I am trying to upload to Dropbox using DropNet in my Windows for application.
My code is : -
_client = new DropNetClient(app_key, app_secret, token, secret);
_client.UseSandbox = false;
_client.UploadFile(dropbox_folder, "puzzle_01.png", File.ReadAllBytes(#"Resources\\config.dat"));
It was working fine until last week. However, when I tried to use the same app today, the app works fine but no file is uploaded to the Dropbox folder. I tried to check the values of the metadata using the code:-
var metadata = _client.GetMetaData();
foreach (var item in metadata.Contents)
{
MessageBox.Show(item.ToString())
}
I got the error message as:-
$exception {"Received Response [BadRequest] : Expected to see [OK].
The HTTP response was [{\"error\": \"v1_retired\"}]."}
DropNet.Exceptions.DropboxRestException
Can anyone let me know what this error means? All help will be appreciated.
The returned data (error: v1_retired) is an error message from DropBox indicating that their v1 API has been deprecated and can no longer be used. More information about the deprecation can be found on the official DropBox blog:
API v1 Shutdown Details - DropBox Developer Blog
It appears that DropNet has not been updated for the DropBox v2 API since an issue was opened on their GitHub page over a year ago, but yet there have been no updates.
The API was deprecated on September 28, 2017, which is why it was working a week ago but not any longer.
Your only solution right now is to find an updated library that works with the DropBox API v2.
I'm trying to connect to the Google Datastore on my account with service account credentials file (which I've created according to the documentation), but I'm encountering with authentication error while trying to insert an entity:
Grpc.Core.RpcException: Status(StatusCode=Unauthenticated,
Detail="Exception occured in metadata credentials plugin.")
My code is:
var db = DatastoreDb.Create("myprojectid");
Entity entity = new Entity{
Key = db.CreateKeyFactory("mykindname").CreateIncompleteKey()
};
var keys = await db.InsertAsync(new[] { entity });
The GOOGLE_APPLICATION_CREDENTIALS variable refers to the credentials file and when calling GoogleCredential.GetApplicationDefaultAsync() to see if the credentials object is valid it indeed looks good...
I saw some earlier examples which used the GetApplicationDefaultAsync function togehether with some DatastoreService object - but I couldn't find the DatastoreService object (probably it was there in old versions...) in the latest .Net API: Google.Cloud.Datastore.V1
Notice that I don't want to use the other authenticaiton methods:
1) Using the gcloud cli.
2) Running from Google environment (app engine for example).
Any idea how to solve this?
After the great help of Jon Skeet the issue was solved.
The authentication issues can occur if you don't reference all the required Datastore dlls. Make sure that all the dlls are referenced on the project that are running the calls to the Datastore.
I've added the Google Datastore lib via the NuGet to my test project and everything worked!
Notice that in such cases it is recommended to enable gRPC logging. `(For exmaple: GrpcEnvironment.SetLogger(new ConsoleLogger()), there you'll probably see if there were issues loading several dlls...
Authentication can be broken if your system clock is significantly incorrect. Check your system time, and fix it if necessary, then try authenticating against Datastore again.
I have the following code:
(Meeting beeing the exchange appointment)
For Each Recipient As String In emailAdresses
For i As Integer = 0 To Meeting.RequiredAttendees.Count - 1
If (Meeting.RequiredAttendees(i).Address).ToUpper() = Recipient.ToUpper() Then
Meeting.RequiredAttendees.RemoveAt(i)
Exit For
End If
Next
Next
Meeting.Update(ConflictResolutionMode.AutoResolve, SendInvitationsOrCancellationsMode.SendOnlyToChanged)
Now as you can see i'm using SendInvitationsOrCancellationsMode.SendOnlyToChanged.
But even though that i'm using that mode it is still sending the appointment to all of the attendees.
I've looked at msdn and the code is exactly the same. And msdn tells me the following should happen:
Save the meeting and send a meeting cancellation message to the attendee or attendees that you removed
So basically msdn sais it is works but it does not. Is there a work around for this issue or is anyone else experiencing the same problem?
our exchange server is a 2007 SP1 version.
The answer can be in C# or VB.NET, I'll translate it to the language we need.
PS. Adding members and using this mode causes the invite to send to the newly added member only. But as I said before deleting does not have this same behaviour.
Doing:
Meeting.Update(ConflictResolutionMode.NeverOverwrite, SendInvitationsOrCancellationsMode.SendOnlyToChanged)
Instead of:
Meeting.Update(ConflictResolutionMode.AutoResolve, SendInvitationsOrCancellationsMode.SendOnlyToChanged)
Solved my problem, I do not know why and what it was having trouble with though.
Using ConflictResolutionMode.AutoResolve instead of ConflictResolutionMode.NeverOverwrite did not work for me. After some research, I found out that this is the normal behaviour.
The SendInvitationsOrCancellationsMode enum's values SendOnlyToChanged and SendToChangedAndSaveCopy behave similarly when it comes to sending email (the only difference is that the latter saves a copy of the sent email and the former doesn't):
Send meeting invitations/cancellations only to attendees that have
been added or modified
There is no reference to attendees that have been removed. I thought that the work 'modified' here means that, but apparently that is not the case.
This Microsoft Support Article (Article ID: 2873493) says that this is the expected behaviour:
EWS issue: SentToChangeAndSaveCopy parameter in Appointment.Update
method does not work
Symptoms
Consider the following scenario:
You build an Exchange Web Services (EWS) application to update a meeting request in a Microsoft Exchange Server 2010 environment.
One or more invitees in the meeting request are externals or distribution lists.
You use the Appointment.Update method together with the SentToChangeAndSaveCopy parameter to remove one invitee from the
meeting request and to update the meeting request.
In this scenario, a meeting update is sent to all invitees.
Cause
This behavior is expected.