From 0619717f38a26879b08d18029c86847e88b3df8d Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Mon, 30 May 2016 12:08:46 -0400 Subject: ignore socket error --- MediaBrowser.Server.Implementations/Session/SessionManager.cs | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'MediaBrowser.Server.Implementations/Session/SessionManager.cs') diff --git a/MediaBrowser.Server.Implementations/Session/SessionManager.cs b/MediaBrowser.Server.Implementations/Session/SessionManager.cs index 77843ef6b2..0dabcac4be 100644 --- a/MediaBrowser.Server.Implementations/Session/SessionManager.cs +++ b/MediaBrowser.Server.Implementations/Session/SessionManager.cs @@ -1748,6 +1748,11 @@ namespace MediaBrowser.Server.Implementations.Session public void ReportNowViewingItem(string sessionId, string itemId) { + if (string.IsNullOrWhiteSpace(itemId)) + { + throw new ArgumentNullException("itemId"); + } + var item = _libraryManager.GetItemById(new Guid(itemId)); var info = GetItemInfo(item, null, null); -- cgit v1.2.3 From ca100ff2d13b0bf885826e02e7c1ed6a4496694e Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Mon, 30 May 2016 12:22:31 -0400 Subject: add null checks on session & device creation --- MediaBrowser.Server.Implementations/Devices/DeviceManager.cs | 5 +++++ MediaBrowser.Server.Implementations/Session/SessionManager.cs | 4 ++++ 2 files changed, 9 insertions(+) (limited to 'MediaBrowser.Server.Implementations/Session/SessionManager.cs') diff --git a/MediaBrowser.Server.Implementations/Devices/DeviceManager.cs b/MediaBrowser.Server.Implementations/Devices/DeviceManager.cs index 6b1af8d2d9..c3db9140cf 100644 --- a/MediaBrowser.Server.Implementations/Devices/DeviceManager.cs +++ b/MediaBrowser.Server.Implementations/Devices/DeviceManager.cs @@ -51,6 +51,11 @@ namespace MediaBrowser.Server.Implementations.Devices public async Task RegisterDevice(string reportedId, string name, string appName, string appVersion, string usedByUserId) { + if (string.IsNullOrWhiteSpace(reportedId)) + { + throw new ArgumentNullException("reportedId"); + } + var device = GetDevice(reportedId) ?? new DeviceInfo { Id = reportedId diff --git a/MediaBrowser.Server.Implementations/Session/SessionManager.cs b/MediaBrowser.Server.Implementations/Session/SessionManager.cs index 0dabcac4be..4386b785ad 100644 --- a/MediaBrowser.Server.Implementations/Session/SessionManager.cs +++ b/MediaBrowser.Server.Implementations/Session/SessionManager.cs @@ -404,6 +404,10 @@ namespace MediaBrowser.Server.Implementations.Session /// SessionInfo. private async Task GetSessionInfo(string appName, string appVersion, string deviceId, string deviceName, string remoteEndPoint, User user) { + if (string.IsNullOrWhiteSpace(deviceId)) + { + throw new ArgumentNullException("deviceId"); + } var key = GetSessionKey(appName, deviceId); await _sessionLock.WaitAsync(CancellationToken.None).ConfigureAwait(false); -- cgit v1.2.3 From 9fc028b3d784a79fa7b4a7de8c28847e08f47167 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Sun, 5 Jun 2016 16:39:37 -0400 Subject: revoke access tokens on password change --- MediaBrowser.Api/UserService.cs | 9 +++++++-- MediaBrowser.Controller/Session/ISessionManager.cs | 3 +-- MediaBrowser.Server.Implementations/Session/SessionManager.cs | 7 +++++-- 3 files changed, 13 insertions(+), 6 deletions(-) (limited to 'MediaBrowser.Server.Implementations/Session/SessionManager.cs') diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs index 9b611c3971..07ff36c41f 100644 --- a/MediaBrowser.Api/UserService.cs +++ b/MediaBrowser.Api/UserService.cs @@ -385,7 +385,7 @@ namespace MediaBrowser.Api throw new ResourceNotFoundException("User not found"); } - await _sessionMananger.RevokeUserTokens(user.Id.ToString("N")).ConfigureAwait(false); + await _sessionMananger.RevokeUserTokens(user.Id.ToString("N"), null).ConfigureAwait(false); await _userManager.DeleteUser(user).ConfigureAwait(false); } @@ -465,6 +465,10 @@ namespace MediaBrowser.Api } await _userManager.ChangePassword(user, request.NewPassword).ConfigureAwait(false); + + var currentToken = AuthorizationContext.GetAuthorizationInfo(Request).Token; + + await _sessionMananger.RevokeUserTokens(user.Id.ToString("N"), currentToken).ConfigureAwait(false); } } @@ -602,7 +606,8 @@ namespace MediaBrowser.Api throw new ArgumentException("There must be at least one enabled user in the system."); } - await _sessionMananger.RevokeUserTokens(user.Id.ToString("N")).ConfigureAwait(false); + var currentToken = AuthorizationContext.GetAuthorizationInfo(Request).Token; + await _sessionMananger.RevokeUserTokens(user.Id.ToString("N"), currentToken).ConfigureAwait(false); } await _userManager.UpdateUserPolicy(request.Id, request).ConfigureAwait(false); diff --git a/MediaBrowser.Controller/Session/ISessionManager.cs b/MediaBrowser.Controller/Session/ISessionManager.cs index fa74c57499..6659d15530 100644 --- a/MediaBrowser.Controller/Session/ISessionManager.cs +++ b/MediaBrowser.Controller/Session/ISessionManager.cs @@ -315,9 +315,8 @@ namespace MediaBrowser.Controller.Session /// /// Revokes the user tokens. /// - /// The user identifier. /// Task. - Task RevokeUserTokens(string userId); + Task RevokeUserTokens(string userId, string currentAccessToken); /// /// Revokes the token. diff --git a/MediaBrowser.Server.Implementations/Session/SessionManager.cs b/MediaBrowser.Server.Implementations/Session/SessionManager.cs index 4386b785ad..098fe0b4d5 100644 --- a/MediaBrowser.Server.Implementations/Session/SessionManager.cs +++ b/MediaBrowser.Server.Implementations/Session/SessionManager.cs @@ -1451,7 +1451,7 @@ namespace MediaBrowser.Server.Implementations.Session } } - public async Task RevokeUserTokens(string userId) + public async Task RevokeUserTokens(string userId, string currentAccessToken) { var existing = _authRepo.Get(new AuthenticationInfoQuery { @@ -1461,7 +1461,10 @@ namespace MediaBrowser.Server.Implementations.Session foreach (var info in existing.Items) { - await Logout(info.AccessToken).ConfigureAwait(false); + if (!string.Equals(currentAccessToken, info.AccessToken, StringComparison.OrdinalIgnoreCase)) + { + await Logout(info.AccessToken).ConfigureAwait(false); + } } } -- cgit v1.2.3