Is the Calendar App accessible by OAUTH2 authorization?

Oleksandr · November 22, 2021, 4:26pm

Hello,

I’m using ownCLoud 10.8.0.4 Community edition. There is an activated Calendar application. And I just activated the OAuth2 application. I have done it hoping to access the calendar from my code through oauth2 instead of login/password.

I’ve checked the access to protected URL “https://domain.tld/ocs/v1.php/cloud/capabilities” by OAuth2 and it works.

If I read events from Calendar using HTTP request with authorization “Basic” by login/password.
I got all the expected data. My request looks like this:

REPORT http://domain.tld/remote.php/dav/calendars/USER_NAME/CALENDAR_NAME HTTP/1.1
User-Agent: Mozilla/5.0
Content-Type: application/xml; charset="utf-8"
Authorization: Basic ......

<?xml version='1.0' encoding='utf-8'?>
<C:calendar-query xmlns:D="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav">
    <D:prop>
        <C:calendar-data/>
    </D:prop>
    <C:filter>
        <C:comp-filter name="VCALENDAR"><C:comp-filter name="VEVENT"/>
        </C:comp-filter>
    </C:filter>
</C:calendar-query>

But when I tried to make the same request using authorization “Bearer” by Oauth2 token I’ve got something weird and unexpected:

HTTP/1.1 404 Not Found
Content-Type: application/xml; charset=utf-8

<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
  <s:exception>Sabre\DAV\Exception\NotFound</s:exception>
  <s:message>File not found: USER_NAME in 'principals'</s:message>
</d:error>

What is the reason? Something wrong with my request?
Thank you.

With regards,
Alex.

Oleksandr · November 23, 2021, 8:45pm

BTW I’ve tested the case with the official docker container owncloud/server and I got the same results. So it looks there is a bug in ownCloud Calendar Application related to OAuth2.

alfredb · November 24, 2021, 8:24pm

What does the owncloud.log say about this failure?

Oleksandr · November 24, 2021, 9:31pm

There 3 records related to the issue in the
owncloud.log (4.0 KB)

1

{
"reqId": "YZuBuqkKn29YeRuiHw5ZCAAAAEA",
"level": 0,
"time": "2021-11-22T12:40:42+01:00",
"remoteAddr": "xxx.xxx.xxx.xxx",
"user": "--",
"app": "OC\\Authentication\\Token\\DefaultTokenProvider::invalidateToken",
"method": "GET",
"url": "\/remote.php\/dav\/calendars\/USER_NAME\/CALENDAR_NAME\/?export",
"message": "invalidating token c764fe1fe4ab9e365010dd16531214d05e22099ff8b3a1f613e176d9667199310365b2eb4f9c4ab30970a27b9b83ad0e8e81042b6a9e537ec23d827b78f0c2c5"
}

2

{
"reqId": "YZuBuqkKn29YeRuiHw5ZCAAAAEA",
"level": 0,
"time": "2021-11-22T12:40:42+01:00",
"remoteAddr": "xxx.xxx.xxx.xxx",
"user": "--",
"app": "OC\\Authentication\\Token\\DefaultTokenProvider::generateToken",
"method": "GET",
"url": "\/remote.php\/dav\/calendars\/USER_NAME\/CALENDAR_NAME\/?export",
"message": "generating token c764fe1fe4ab9e365010dd16531214d05e22099ff8b3a1f613e176d9667199310365b2eb4f9c4ab30970a27b9b83ad0e8e81042b6a9e537ec23d827b78f0c2c5, uid USER_NAME, loginName USER_NAME, pwd empty, name python-requests\/2.26.0, type temporary"
}

3

{
"reqId": "YZuBuqkKn29YeRuiHw5ZCAAAAEA",
"level": 0,
"time": "2021-11-22T12:40:42+01:00",
"remoteAddr": "xxx.xxx.xxx.xxx",
"user": "USER_NAME",
"app": "webdav",
"method": "GET",
"url": "\/remote.php\/dav\/calendars\/USER_NAME\/CALENDAR_NAME\/?export",
"message": "Exception: HTTP\/1.1 404 File not found: USER_NAME in 'principals': {\"Exception\":\"Sabre\\\\DAV\\\\Exception\\\\NotFound\",\"Message\":\"File not found: USER_NAME in 'principals'\",\"Code\":0,\"Trace\":\"#0 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Tree.php(78): Sabre\\\\DAV\\\\SimpleCollection->getChild('USER_NAME')\\n#1 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/apps\\\/dav\\\/lib\\\/Tree.php(51): Sabre\\\\DAV\\\\Tree->getNodeForPath('principals\\\/USER...')\\n#2 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAVACL\\\/Plugin.php(335): OCA\\\\DAV\\\\Tree->getNodeForPath('principals\\\/USER...')\\n#3 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAVACL\\\/Plugin.php(388): Sabre\\\\DAVACL\\\\Plugin->getPrincipalMembership('principals\\\/USER...')\\n#4 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAVACL\\\/Plugin.php(641): Sabre\\\\DAVACL\\\\Plugin->principalMatchesPrincipal('principals\\\/user...')\\n#5 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAVACL\\\/Plugin.php(199): Sabre\\\\DAVACL\\\\Plugin->getCurrentUserPrivilegeSet(Object(OCA\\\\DAV\\\\CalDAV\\\\Calendar))\\n#6 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/apps\\\/dav\\\/lib\\\/Connector\\\/Sabre\\\/DavAclPlugin.php(51): Sabre\\\\DAVACL\\\\Plugin->checkPrivileges('calendars\\\/USER_...', Array, 1, false)\\n#7 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAVACL\\\/Plugin.php(846): OCA\\\\DAV\\\\Connector\\\\Sabre\\\\DavAclPlugin->checkPrivileges('calendars\\\/USER_...', '{DAV:}read')\\n#8 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/event\\\/lib\\\/WildcardEmitterTrait.php(89): Sabre\\\\DAVACL\\\\Plugin->beforeMethod(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#9 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(456): Sabre\\\\DAV\\\\Server->emit('beforeMethod:GE...', Array)\\n#10 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/Server.php(253): Sabre\\\\DAV\\\\Server->invokeMethod(Object(Sabre\\\\HTTP\\\\Request), Object(Sabre\\\\HTTP\\\\Response))\\n#11 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/apps\\\/dav\\\/lib\\\/Server.php(334): Sabre\\\\DAV\\\\Server->start()\\n#12 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/apps\\\/dav\\\/appinfo\\\/v2\\\/remote.php(31): OCA\\\\DAV\\\\Server->exec()\\n#13 \\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/remote.php(165): require_once('\\\/www\\\/htdocs\\\/w99...')\\n#14 {main}\",\"File\":\"\\\/www\\\/htdocs\\\/w999999e\\\/domain.tld\\\/lib\\\/composer\\\/sabre\\\/dav\\\/lib\\\/DAV\\\/SimpleCollection.php\",\"Line\":97}"
}

Oleksandr · November 24, 2021, 9:43pm

The latest message has exception info:

{
"Exception": "Sabre\DAV\Exception\NotFound",
"Message": "File not found: USER_NAME in 'principals'",
"Code": 0,
"Trace": "......"
"File": "/www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAV/SimpleCollection.php",
"Line": 97
}

I’ve decoded and prettified the trace data a bit:

#0 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAV/Tree.php(78): Sabre\DAV\SimpleCollection->getChild('USER_NAME')
#1 /www/htdocs/w999999e/domain.tld/apps/dav/lib/Tree.php(51): Sabre\DAV\Tree->getNodeForPath('principals/USER...')
#2 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAVACL/Plugin.php(335): OCA\DAV\Tree->getNodeForPath('principals/USER...')
#3 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAVACL/Plugin.php(388): Sabre\DAVACL\Plugin->getPrincipalMembership('principals/USER...')
#4 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAVACL/Plugin.php(641): Sabre\DAVACL\Plugin->principalMatchesPrincipal('principals/user...')
#5 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAVACL/Plugin.php(199): Sabre\DAVACL\Plugin->getCurrentUserPrivilegeSet(Object(OCA\DAV\CalDAV\Calendar))
#6 /www/htdocs/w999999e/domain.tld/apps/dav/lib/Connector/Sabre/DavAclPlugin.php(51): Sabre\DAVACL\Plugin->checkPrivileges('calendars/USER_...', Array, 1, false)
#7 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAVACL/Plugin.php(846): OCA\DAV\Connector\Sabre\DavAclPlugin->checkPrivileges('calendars/USER_...', '{DAV:}read')
#8 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/event/lib/WildcardEmitterTrait.php(89): Sabre\DAVACL\Plugin->beforeMethod(Object(Sabre\HTTP\Request), Object(Sabre\HTTP\Response))
#9 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAV/Server.php(456): Sabre\DAV\Server->emit('beforeMethod:GE...', Array)
#10 /www/htdocs/w999999e/domain.tld/lib/composer/sabre/dav/lib/DAV/Server.php(253): Sabre\DAV\Server->invokeMethod(Object(Sabre\HTTP\Request), Object(Sabre\HTTP\Response))
#11 /www/htdocs/w999999e/domain.tld/apps/dav/lib/Server.php(334): Sabre\DAV\Server->start()
#12 /www/htdocs/w999999e/domain.tld/apps/dav/appinfo/v2/remote.php(31): OCA\DAV\Server->exec()
#13 /www/htdocs/w999999e/domain.tld/remote.php(165): require_once('/www/htdocs/w99...')
#14 {main}

What do you think about it?

alfredb · November 25, 2021, 10:50am

Currently, I only can confirm the issue. I got the same.

cdamken · November 25, 2021, 6:03pm

Continuing the discussion from Is the Calendar App accessible by OAUTH2 authorization?:

I can see that you are running the wrong url from the calendar (or the old one):

https://[SERVER]/remote.php/dav/calerdars/[USERNAME]/owncloud

Could you try this one?

alfredb · November 25, 2021, 6:53pm

Nothing wrong, IMHO.

This is precisely what I’m using, and doesn’t work.

https://{{server}}/remote.php/dav/calendars/{{user}}/{{calendar}}

Oleksandr · November 26, 2021, 8:47pm

If the “owncloud” in your URL is calendar name then this is exactly the URL that I’m running and that works with auth Basic and doesn’t work with auth Bearer.

Yes, this is it

Oleksandr · November 30, 2021, 6:57pm

Any other ideas to solve the issue or at least to get a workaround?

Oleksandr · December 10, 2021, 1:52pm

So is this a bug in Calendar App?
Should I add it to the Calendar App bugtracker

alfredb · December 10, 2021, 2:02pm

You can, if you want to. But open an issue at owncloud/core rather than owncloud/calendar. The latter is for the calendar app, which IMHO is not involved here.

Oleksandr · December 15, 2021, 8:56am

I created that one 5 days ago. Issue #39582
But it looks like messages (issues) that are not from contributors or members usually go unanswered there…

system · March 15, 2022, 8:56am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.