AddWebhookSubscription UnauthorizedAccessException with user credentials on Modern Team Site

[ypcode]

Category

[x] Bug [ ] Enhancement

Environment

[x] Office 365 / SharePoint Online [ ] SharePoint 2016 [ ] SharePoint 2013

If SharePoint on-premises, what's exact CU version:

Expected or Desired Behavior

Add a Webhook subscription on a list in a Modern Team Site using the List extension method

Observed Behavior

I get an UnauthorizedAccessException when using the AddWebhookSubscription on a fresh new generic list against a Modern Team Site (created through the UI in the SharePoint Home). If it helps, it was provisioned in French.

The issue originally pop out when using it with the PowerShell related cmdlet

I investigated and try to run simply the involved unit test in the Core Library solution. Here are my observations:

• It succeeds when I run the test against my Developer Site collection with my user credentials
• It succeeds when I run the test against my Modern Team Site with App (Client Id / Secret) credentials
• It fails when I run the test against the same Modern Team Site with my user credentials

Here is the exception raised:

Test Name: AddWebhookTest Test FullName: Microsoft.SharePoint.Client.Tests.ListExtensionsTests.AddWebhookTest Test Source: C:\Workspace\repo\ypcode\PnP-Sites-Core\Core\OfficeDevPnP.Core.Tests\Extensions\ListExtensionsTests.cs : line 330 Test Outcome: Failed Test Duration: 0:00:07.4589653

Result StackTrace:
at Microsoft.SharePoint.Client.ListExtensions.AddWebhookSubscription(List list, String notificationUrl, Int32 validityInMonths, String clientState, String accessToken) in C:\Workspace\repo\ypcode\PnP-Sites-Core\Core\OfficeDevPnP.Core\Extensions\ListExtensions.cs:line 209 at Microsoft.SharePoint.Client.Tests.ListExtensionsTests.AddWebhookTest() in C:\Workspace\repo\ypcode\PnP-Sites-Core\Core\OfficeDevPnP.Core.Tests\Extensions\ListExtensionsTests.cs:line 343 Result Message: Test method Microsoft.SharePoint.Client.Tests.ListExtensionsTests.AddWebhookTest threw exception: System.Exception: {"odata.error":{"code":"-2147024891, System.UnauthorizedAccessException","message":{"lang":"fr-FR","value":"Acc\u00e8s refus\u00e9. Vous n\u2019\u00eates pas autoris\u00e9 \u00e0 effectuer cette action ou \u00e0 acc\u00e9der \u00e0 cette ressource."}}}

Also I have been able to add a Webhook subscription on the Modern Team site using in browser PnP JS Core

Steps to Reproduce

Run the AddWebhookTest unit test against a Modern Site with User credentials

I am actually not convinced it is a bug in the PnP Core library, but since I encounter the issue with the List Extension method, I post the issue here. Feel free to redirect me in that case.

Regards, Yannick

[luismanez]

I´ve been hit today by the same issue. In my tenant, is working fine in a couple of Modern sites, but fails in a specific Modern site (these 3 sites are based on Communication modern site template, and I can´t see any difference between them). I´ve been debugging the code, and for some reason, the cookie returned by this CSOM call (RESTUtilities.cs):

(context.Credentials as SharePointOnlineCredentials).GetAuthenticationCookie(new Uri(context.Web.Url))

is not a valid cookie, although as far as I see, it seems the typical SPO cookie... As was about cookies, I repeated my tests after cleaning cookies in all my browsers, but didn´t help.

Seems more a weird issue with CSOM...

[jasonds]

We're having the same issue. In our case, if we install the SharePointPnPPowerShellOnline module, version 3.0.1808.1, we are able to create and update webhook subscriptions through PowerShell. If we install the same version in CSOM, this fails. Did you guys figure out what was happening?