All geek questions in one place

Serving an iCalendar file in ASPNET MVC with authentication

I am trying to execute an iCalendar (.ics) file in my MVC application.

So far, everything is working fine. I have an iPhone subscribing to a calendar URL, but now I need to maintain a personalized calendar for each user.

When signing up for an iPhone calendar, I can enter a username and password, but I donโ€™t know how to access them in my MVC application.

Where can I find information on how authentication works and how to implement it?

+2
source share
2 answers

It turns out that basic authentication is required. I had half the work, but my IIS configuration was in the way. Thus, simply returning a 401 response when there is no authorization header, the client (e.g. iPhone) requires the username / password to subscribe to the calendar.

When authorizing a request that has an authorization request header, basic authentication can be processed by extracting the username and password from the basic encoded string.

Here is some useful code for MVC:

public class BasicAuthorizeAttribute : AuthorizeAttribute { public override void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } var auth = filterContext.HttpContext.Request.Headers["Authorization"]; if (!String.IsNullOrEmpty(auth)) { var encodedDataAsBytes = Convert.FromBase64String(auth.Replace("Basic ", "")); var value = Encoding.ASCII.GetString(encodedDataAsBytes); var username = value.Substring(0, value.IndexOf(':')); var password = value.Substring(value.IndexOf(':') + 1); if (MembershipService.ValidateUser(username, password)) { filterContext.HttpContext.User = new GenericPrincipal(new GenericIdentity(username), null); } else { filterContext.Result = new HttpStatusCodeResult(401); } } else { if (AuthorizeCore(filterContext.HttpContext)) { var cachePolicy = filterContext.HttpContext.Response.Cache; cachePolicy.SetProxyMaxAge(new TimeSpan(0)); cachePolicy.AddValidationCallback(CacheValidateHandler, null); } else { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.StatusDescription = "Unauthorized"; filterContext.HttpContext.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Secure Calendar\""); filterContext.HttpContext.Response.Write("401, please authenticate"); filterContext.HttpContext.Response.StatusCode = 401; filterContext.Result = new EmptyResult(); filterContext.HttpContext.Response.End(); } } } private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus) { validationStatus = OnCacheAuthorization(new HttpContextWrapper(context)); } }

Then the action of my controller is as follows:

 [BasicAuthorize] public ActionResult Calendar() { var userName = HttpContext.User.Identity.Name; var appointments = GetAppointments(userName); return new CalendarResult(appointments, "Appointments.ics"); }
+2
source

I found this to be really useful, but I hit several problems during development, and I thought that I would share some of them to help other people save some time.

I was looking to get data from my web application into the calendar for an Android device, and I used discountasp as a hosting service.

The first problem I encountered was that validation did not work when uploading to the server, strangely enough, it accepted my login to the control panel for discountasp, but not for my forms.

The answer to this was to disable basic authentication in IIS Manager. This solved the problem.

Secondly, the application that I used to synchronize the calendar with the Android device was called iCalSync2 - its a great application and works well. But I found that it only worked correctly when the file was delivered as .ics (for some reason I set it as .ical .. it must have been late), and I also had to choose the webcal option

Finally, I found that I had to add webcal: // to the top of my url instead of http: //

Also, be careful, because the above code ignores the input role variable and always doesn't skip anything, so you may need to perform some role-based checks inside your calendar program or modify the code above to process the role variable.

0
source

Source: https://habr.com/ru/post/1441443/

More articles:


All Articles