Stefan Sperling is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Stefan Sperling @stsp

@kristapsdz I am investigating why kcaldav does not work with davdroid clients. The initial auth token sent by this client don't contain all tokens required by khttpdigest_input().

From the client-side log:

2018-04-07 10:18:16 2 [HttpClient] WWW-Authenticate: Digest realm="kcaldav", algorithm="MD5-sess", qop="auth,auth-int", nonce="2143224774774772"

This request is missing the required uri, username, and response tokens.

· Web · 0 · 0

@kristapsdz Nevermind, I misread the log. This is the 401 response sent by the server to the client, and looks correct.

It looks like davdroid simply gives up when presented with digest auth :(

@stsp That's strange cause digest is the standard way. I'll look into it---I have an android and will see what nonsense it performs.

@kristapsdz It looks like kcaldav is sending 401 but caldav never tries to authenticate in response to this. Instead it sends another PROPFIND to another URI (.well-known/caldav). This is from the 'Add account' window in davdroid.

@kristapsdz Looks like this is the client-side code which fails: gitlab.com/bitfireAT/davdroid/

The propfind request results in an "UnauthorizedException" which isn't caught by this code.

Not sure if caldav's expectation to be able to find a "principal" without authorization makes sense.