基本上我正在尝试订阅有关组更改的通知,以便调整第三方系统中的授权,请找到下面的代码。它使用 Java 的 graph sdk。我已添加了我遵循的文档以供参考,请参阅 Microsoft Docs 中的更改通知传递和发布订阅。
不幸的是我得到了
Invalid event hub notification url // From https://learn.microsoft.com/de-de/graph/change-notifications-delivery:
// The main difference during subscription creation will be the notificationUrl. You must set it to
// EventHub:https://<azurekeyvaultname>.vault.azure.net/secrets/<secretname>?tenantId=<domainname>, with the following values:
// azurekeyvaultname - The name you gave to the key vault when you created it. Can be found in the DNS name.
// secretname - The name you gave to the secret when you created it. Can be found on the Azure Key Vault Secrets page.
// domainname - The name of your tenant; for example, consto.onmicrosoft.com or contoso.com. Because this domain will be used to access the Azure Key Vault, it is important that it matches the domain used by the Azure subscription that holds the Azure Key Vault. To get this information, you can go to the overview page of the Azure Key Vault you created and click the subscription. The domain name is displayed under the Directory field.
@GetMapping("/subscribe")
public void subscribeTochangeNotifications() {
// following https://learn.microsoft.com/en-us/graph/api/subscription-post-subscriptions?view=graph-rest-1.0&tabs=http#request-example
Subscription subscription = new Subscription();
subscription.changeType = "created,updated";
subscription.notificationUrl = "EventHub:https://xxxxxxxxx.vault.azure.net/secrets/event-hub-client-secret?tenantId=xxxxxxxxx-xxxx-xxxx-xxxxxxxxx";
subscription.expirationDateTime = OffsetDateTime.parse("2022-07-05T18:23:45.9356913Z");
subscription.resource = "/groups";
subscription.clientState = "SecretClientState";
azureClient.subscriptions().buildRequest().post(subscription);
}
详细错误信息为:
nested exception is com.microsoft.graph.http.GraphServiceException: Error code: InvalidRequest
Error message: Invalid event hub notification url='EventHub:https://xxxxxxxxxxxxxxxxx.vault.azure.net/secrets/event-hub-client-secret?tenantId=yyyyyyy-yyy-yyyy-yyyyyyyyyy'.
POST https://graph.microsoft.com/v1.0/subscriptions
SdkVersion : graph-java/v5.30.0
SdkVersion : graph-java/v5.30.0
[...]
400 : Bad Request
[...]
我们遇到了同样的问题(使用 pulumi 设置)。我们的密钥保管库机密中的连接字符串缺少
";EntityPath=graphevents"
最后。
@Wilberforce,我遇到了同样的问题,并发现我错过了 EventHub 命名空间中的事件中心创建,这导致连接字符串无效。创建 EventHub 命名空间后,您还需要在“事件中心”选项卡中创建 EventHub,在创建的事件中心页面的“共享访问策略”下创建新策略,然后从那里复制连接字符串。确保您的事件中心连接字符串如下所示
Endpoint=sb://<NamespaceName>.servicebus.windows.net/;SharedAccessKeyName=<KeyName>;SharedAccessKey=<KeyValue>;EntityPath=<EventHubName>
我也有同样的问题。我尝试按照此处的所有说明进行操作,并确认我已经涵盖了它们,但仍然遇到相同的问题。还有其他想法吗?
我正在尝试使用带有秘密名称的密钥保管库链接来订阅 Graph API CallRecord 通知并将其发送到我的事件中心。
谢谢