在ASPNET MVC服务iCalendar文件与认证 [英] Serving an iCalendar file in ASPNET MVC with authentication

问题描述

我想成为iCalendar文件（的.ics）在我的MVC应用程序。

I'm trying to serve an iCalendar file (.ics) in my MVC application.

到目前为止，它的正常工作。我有一个iPhone订阅的URL日历，但现在我需要服务个性化日历给每个用户。

So far it's working fine. I have an iPhone subscribing to the URL for the calendar but now I need to serve a personalised calendar to each user.

当订阅的iPhone日历我可以输入用户名和密码，但我不知道如何在我的MVC应用程序访问这些。

When subscribing to the calendar on the iPhone I can enter a username and password, but I don't know how to access these in my MVC app.

在哪里可以找到如何验证工作，以及如何实现它的详细信息？

Where can I find details of how the authentication works, and how to implement it?

推荐答案

原来，基本身份验证是需要什么。我半有它的工作，但我的IIS配置的方式获得。所以，简单地返回401响应时，有没有授权头使客户端（如iPhone），要求用户名/密码订阅日历。

It turns out that Basic Authentication is what is required. I half had it working but my IIS configuration got in the way. So, simply returning a 401 response when there is no Authorization header causes the client (e.g. iPhone) to require a username/password to subscribe to the calendar.

在那里有一个授权请求头请求的授权，基本验证可以加工，检索从基地64 CS codeD字符串的用户名和密码。

On the authorization of the request where there is an Authorization request header, the basic authentication can be processed, retrieving the username and password from the base 64 encoded string.

下面是一些有用的code为MVC：

Here's some useful code for MVC:

public class BasicAuthorizeAttribute : AuthorizeAttribute
{
    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (filterContext == null)
        {
            throw new ArgumentNullException("filterContext");
        }

        var auth = filterContext.HttpContext.Request.Headers["Authorization"];

        if (!String.IsNullOrEmpty(auth))
        {
            var encodedDataAsBytes = Convert.FromBase64String(auth.Replace("Basic ", ""));
            var value = Encoding.ASCII.GetString(encodedDataAsBytes);
            var username = value.Substring(0, value.IndexOf(':'));
            var password = value.Substring(value.IndexOf(':') + 1);

            if (MembershipService.ValidateUser(username, password))
            {
                filterContext.HttpContext.User = new GenericPrincipal(new GenericIdentity(username), null);
            }
            else
            {
                filterContext.Result = new HttpStatusCodeResult(401);
            }
        }
        else
        {
            if (AuthorizeCore(filterContext.HttpContext))
            {
                var cachePolicy = filterContext.HttpContext.Response.Cache;
                cachePolicy.SetProxyMaxAge(new TimeSpan(0));
                cachePolicy.AddValidationCallback(CacheValidateHandler, null);
            }
            else
            {
                filterContext.HttpContext.Response.Clear();
                filterContext.HttpContext.Response.StatusDescription = "Unauthorized";
                filterContext.HttpContext.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Secure Calendar\"");
                filterContext.HttpContext.Response.Write("401, please authenticate");
                filterContext.HttpContext.Response.StatusCode = 401;
                filterContext.Result = new EmptyResult();
                filterContext.HttpContext.Response.End();
            }
        }
    }

    private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
    {
        validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
    }
}

然后，我的控制器操作是这样的：

Then, my controller action looks like this:

[BasicAuthorize]
public ActionResult Calendar()
{
    var userName = HttpContext.User.Identity.Name;
    var appointments = GetAppointments(userName);
    return new CalendarResult(appointments, "Appointments.ics");
}

这篇关于在ASPNET MVC服务iCalendar文件与认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！