@kristapsdz I am investigating why kcaldav does not work with davdroid clients. The initial auth token sent by this client don't contain all tokens required by khttpdigest_input().

From the client-side log:

2018-04-07 10:18:16 2 [HttpClient] WWW-Authenticate: Digest realm="kcaldav", algorithm="MD5-sess", qop="auth,auth-int", nonce="2143224774774772"

This request is missing the required uri, username, and response tokens.

Stefan Sperling

@kristapsdz Nevermind, I misread the log. This is the 401 response sent by the server to the client, and looks correct.

It looks like davdroid simply gives up when presented with digest auth :(

@stsp That's strange cause digest is the standard way. I'll look into it---I have an android and will see what nonsense it performs.

@kristapsdz It looks like kcaldav is sending 401 but caldav never tries to authenticate in response to this. Instead it sends another PROPFIND to another URI (.well-known/caldav). This is from the 'Add account' window in davdroid.

@kristapsdz Looks like this is the client-side code which fails: gitlab.com/bitfireAT/davdroid/

The propfind request results in an "UnauthorizedException" which isn't caught by this code.

Not sure if caldav's expectation to be able to find a "principal" without authorization makes sense.

Sign in to participate in the conversation
Mastodon

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!