Request: Support authentication using Bearer tokens

[martin-hauck]

First, thank you a lot for one of the most useful tools I have installed :-)

Today I stubled across a Confluence installation that supports access to team calendars via CalDav only using an Authorization header with Basic authentication: Authorization: Basic b64(<username>:<password>) But sending the Access Token as the password in Basic authentication is not supported

It would be great if CalDavSynchronizer could support Bearer authentication as an alternative to Basic authentication and then send Authorization headers like: Authorization: Bearer <Access Token>

(I could not find a way to select Bearer auth in the UI. And a search of the source code for "Bearer" only returned one match in the context of the special SwissCom implementation.)

Thanks a lot! Martin

[aluxnimm]

Thank you!

Did you try Use Preemptive Authentication instead of Force basic auth in your sync profile/advanced settings/network settings?

[martin-hauck]

I did, but no luck. Testing using curl and Postman showed that the only thing accepted by the server is a Authorization: Bearer <Token> header.

When no Authorization header is sent with the first request then the server returns 401 with a WWW-Authenticate: Basic realm="https%3A%2F%... header. The Basic actually seems to be incorrect when compared to the observed behaviour.

[aluxnimm]

And where does the access token come from in your example? Would you need a new config option in the UI where you can enter the token manually?

[martin-hauck]

That would be the idea. I am talking about the kind of API token that you manually generate on a server for a long validity like months or years. Ideally there would be a toggle to select between User/password (== Basic) and Token only (== Bearer) based authentication with corresponding input fields.