Issue
I am trying to verify a webhook with Azure Events. According to their docs a request with the following body:
[
{
"id": "2d1781af-3a4c-4d7c-bd0c-e34b19da4e66",
"topic": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"subject": "",
"data": {
"validationCode": "512d38b6-c7b8-40c8-89fe-f46f9e9622b6",
"validationUrl": "https://rp-eastus2.eventgrid.azure.net:553/eventsubscriptions/estest/validate?id=512d38b6-c7b8-40c8-89fe-f46f9e9622b6&t=2018-04-26T20:30:54.4538837Z&apiVersion=2018-05-01-preview&token=1A1A1A1A"
},
"eventType": "Microsoft.EventGrid.SubscriptionValidationEvent",
"eventTime": "2018-01-25T22:12:19.4556811Z",
"metadataVersion": "1",
"dataVersion": "1"
}
]
Should return:
{
"validationResponse": "512d38b6-c7b8-40c8-89fe-f46f9e9622b6"
}
I have verified with postman that my app does exactly this. Here is a snippet:
const validationEventType = 'Microsoft.EventGrid.SubscriptionValidationEvent';
for (var events in req.body) {
const body = req.body[events];
// Validate the event-hook when the eventhook is created
if (body.data && body.eventType === validationEventType) {
const code = body.data.validationCode;
const resBody = { validationResponse: code };
return res.status(200).json(resBody);
}
Still when I try to verify it with Azure I get the following error message:
Webhook validation handshake failed for https://.ngrok.io/v*./api//media-job.
Http POST request retuned 2XX response with response body
{"validationResponse":"301549B7-E5A7-4D5B-9D35-8A4CAD6D9494".
When a validation request is accepted without validation code in the response body, Http GET is expected on the validation url included in the validation event(within 10 minutes). For troublehooting*
Any ideas what might be causing this issue?
Solution
I found a fix, however, I am not completely sure what the error was. I saw in my request that I had quite a few headers like set-cookie, X-... moving the router to not use cookie-parser, passport cors, helmet removed a lot of the cookies and also made the handshake work as expected.