diff options
Diffstat (limited to 'Jellyfin.Server.Implementations/Security')
| -rw-r--r-- | Jellyfin.Server.Implementations/Security/AuthenticationManager.cs | 5 | ||||
| -rw-r--r-- | Jellyfin.Server.Implementations/Security/AuthorizationContext.cs | 48 |
2 files changed, 32 insertions, 21 deletions
diff --git a/Jellyfin.Server.Implementations/Security/AuthenticationManager.cs b/Jellyfin.Server.Implementations/Security/AuthenticationManager.cs index 07ac27e3c2..cf0293463f 100644 --- a/Jellyfin.Server.Implementations/Security/AuthenticationManager.cs +++ b/Jellyfin.Server.Implementations/Security/AuthenticationManager.cs @@ -1,7 +1,8 @@ -using System.Collections.Generic; +using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; -using Jellyfin.Data.Entities.Security; +using Jellyfin.Database.Implementations; +using Jellyfin.Database.Implementations.Entities.Security; using MediaBrowser.Controller.Security; using Microsoft.EntityFrameworkCore; diff --git a/Jellyfin.Server.Implementations/Security/AuthorizationContext.cs b/Jellyfin.Server.Implementations/Security/AuthorizationContext.cs index 6bda12c5b4..e3fe517c49 100644 --- a/Jellyfin.Server.Implementations/Security/AuthorizationContext.cs +++ b/Jellyfin.Server.Implementations/Security/AuthorizationContext.cs @@ -4,7 +4,12 @@ using System; using System.Collections.Generic; using System.Net; using System.Threading.Tasks; +using Jellyfin.Data.Queries; +using Jellyfin.Database.Implementations; +using Jellyfin.Extensions; using MediaBrowser.Controller; +using MediaBrowser.Controller.Configuration; +using MediaBrowser.Controller.Devices; using MediaBrowser.Controller.Library; using MediaBrowser.Controller.Net; using Microsoft.AspNetCore.Http; @@ -17,16 +22,22 @@ namespace Jellyfin.Server.Implementations.Security { private readonly IDbContextFactory<JellyfinDbContext> _jellyfinDbProvider; private readonly IUserManager _userManager; + private readonly IDeviceManager _deviceManager; private readonly IServerApplicationHost _serverApplicationHost; + private readonly IServerConfigurationManager _configurationManager; public AuthorizationContext( IDbContextFactory<JellyfinDbContext> jellyfinDb, IUserManager userManager, - IServerApplicationHost serverApplicationHost) + IDeviceManager deviceManager, + IServerApplicationHost serverApplicationHost, + IServerConfigurationManager configurationManager) { _jellyfinDbProvider = jellyfinDb; _userManager = userManager; + _deviceManager = deviceManager; _serverApplicationHost = serverApplicationHost; + _configurationManager = configurationManager; } public Task<AuthorizationInfo> GetAuthorizationInfo(HttpContext requestContext) @@ -79,12 +90,12 @@ namespace Jellyfin.Server.Implementations.Security auth.TryGetValue("Token", out token); } - if (string.IsNullOrEmpty(token)) + if (_configurationManager.Configuration.EnableLegacyAuthorization && string.IsNullOrEmpty(token)) { token = headers["X-Emby-Token"]; } - if (string.IsNullOrEmpty(token)) + if (_configurationManager.Configuration.EnableLegacyAuthorization && string.IsNullOrEmpty(token)) { token = headers["X-MediaBrowser-Token"]; } @@ -94,8 +105,7 @@ namespace Jellyfin.Server.Implementations.Security token = queryString["ApiKey"]; } - // TODO deprecate this query parameter. - if (string.IsNullOrEmpty(token)) + if (_configurationManager.Configuration.EnableLegacyAuthorization && string.IsNullOrEmpty(token)) { token = queryString["api_key"]; } @@ -107,21 +117,20 @@ namespace Jellyfin.Server.Implementations.Security DeviceId = deviceId, Version = version, Token = token, - IsAuthenticated = false, - HasToken = false + IsAuthenticated = false }; - if (string.IsNullOrWhiteSpace(token)) + if (!authInfo.HasToken) { // Request doesn't contain a token. return authInfo; } - authInfo.HasToken = true; var dbContext = await _jellyfinDbProvider.CreateDbContextAsync().ConfigureAwait(false); await using (dbContext.ConfigureAwait(false)) { - var device = await dbContext.Devices.FirstOrDefaultAsync(d => d.AccessToken == token).ConfigureAwait(false); + var device = _deviceManager.GetDevices( + new DeviceQuery { AccessToken = token }).Items.FirstOrDefault(); if (device is not null) { @@ -178,8 +187,7 @@ namespace Jellyfin.Server.Implementations.Security if (updateToken) { - dbContext.Devices.Update(device); - await dbContext.SaveChangesAsync().ConfigureAwait(false); + await _deviceManager.UpdateDevice(device).ConfigureAwait(false); } } else @@ -218,13 +226,13 @@ namespace Jellyfin.Server.Implementations.Security /// </summary> /// <param name="httpReq">The HTTP request.</param> /// <returns>Dictionary{System.StringSystem.String}.</returns> - private static Dictionary<string, string>? GetAuthorizationDictionary(HttpRequest httpReq) + private Dictionary<string, string>? GetAuthorizationDictionary(HttpRequest httpReq) { - var auth = httpReq.Headers["X-Emby-Authorization"]; + var auth = httpReq.Headers[HeaderNames.Authorization]; - if (string.IsNullOrEmpty(auth)) + if (_configurationManager.Configuration.EnableLegacyAuthorization && string.IsNullOrEmpty(auth)) { - auth = httpReq.Headers[HeaderNames.Authorization]; + auth = httpReq.Headers["X-Emby-Authorization"]; } return auth.Count > 0 ? GetAuthorization(auth[0]) : null; @@ -235,7 +243,7 @@ namespace Jellyfin.Server.Implementations.Security /// </summary> /// <param name="authorizationHeader">The authorization header.</param> /// <returns>Dictionary{System.StringSystem.String}.</returns> - private static Dictionary<string, string>? GetAuthorization(ReadOnlySpan<char> authorizationHeader) + private Dictionary<string, string>? GetAuthorization(ReadOnlySpan<char> authorizationHeader) { var firstSpace = authorizationHeader.IndexOf(' '); @@ -247,8 +255,10 @@ namespace Jellyfin.Server.Implementations.Security var name = authorizationHeader[..firstSpace]; - if (!name.Equals("MediaBrowser", StringComparison.OrdinalIgnoreCase) - && !name.Equals("Emby", StringComparison.OrdinalIgnoreCase)) + var validName = name.Equals("MediaBrowser", StringComparison.OrdinalIgnoreCase); + validName = validName || (_configurationManager.Configuration.EnableLegacyAuthorization && name.Equals("Emby", StringComparison.OrdinalIgnoreCase)); + + if (!validName) { return null; } |