CommunityForgeAssets listMicrosoft Graph Rich Notifications Decryptor
microsoft-graph-rich-notifications-decryptor
Service icon

Microsoft Graph Rich Notifications Decryptor

Stable version 1.0.0 (Compatible with OutSystems 11)
Uploaded
 on 25 January 2024
 by 
0.0
 (0 ratings)
microsoft-graph-rich-notifications-decryptor

Microsoft Graph Rich Notifications Decryptor

Documentation
1.0.0

This component includes one action to decrypt the encrypted payload of a Microsoft Graph API rich notification.

Parameters

  • PrivateKey - The corresponding private key for the public key used when subscribing to a resource event with rich notifications. Must be in XML format. See end of documentation on how to create a public / private key pair.


Note aside: The RSACryptoServiceProvider of OutSystems 11 supported .net framework does not support loading a private key from a PEM file. It only supports loading XML format private keys.

  • Data - The encrypted payload received from Graph API
  • DataKey - The encrypted one-time symmetric key received from Graph API
  • SkipDigitalSignature - Default is False. Set to true to skip signature validation of the payload data
  • DigitalSignature - The HMACH-SHA256 base64 encoded signature of the payload data received from Graph API


Output

  • DecryptedPayload - The decrypted payload data which is a JSON string. You have to create appropiate structures to deserialize the content in your application.


Creating a Certificate for use with Graph API Rich Notifications

The challenge is to create a private key in XML and a public key in DER base64 format. You need the public DER base64 key when you subscribe to an event and the XML private key to decrypt the symmetric key. The most easiest way to do is by powershell:

<#

    Script generates a new certificate and exports private and public

    part so that they can be used for decrypting Graph API Rich Notifications

    in OutSystems.

    Two files are created

    private-key.xml     The private key in XML format

                        to be placed in the GraphPrivateKey

                        site property

    public-key.enc     the public key base64 encoded

                        to be placed in the GraphPublicKey

                        site property

#>

$params = @{

    Subject = "CN=Microsoft Graph Rich Notifications"

    CertStoreLocation = "Cert:\CurrentUser\My"

    KeyExportPolicy = "Exportable" 

    KeyUsage = "DataEncipherment"

    KeyAlgorithm = "RSA"

    KeyLength = 2048

    KeyUsageProperty = "All"

} # End Certificate Parameters

$cert = New-SelfSignedCertificate @params # Create Certificate in User Certificate Store (Personal)

$cert.PrivateKey.ToXmlString($true) | Out-File "private-key.xml" # Export the private key in XML Format

[System.Convert]::ToBase64String($cert.Export('Cert')) | Out-File "public-key.enc" # Export the certificate (public) as DER base64 encoded