lgladsden/jellyfin-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #3286 from Ullmie02/api-apikey

Browse Source 
Move ApiKeyService to Jellyfin.Api
This commit is contained in:
Cody Robibero 2020-06-10 09:22:59 -06:00 committed by GitHub
commit c61efba0c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 97 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
Jellyfin.Api/Controllers/ApiKeyController.cs Normal file
View File

@ -0,0 +1,97 @@
using System;
using System.ComponentModel.DataAnnotations;
using System.Globalization;
using Jellyfin.Api.Constants;
using MediaBrowser.Controller;
using MediaBrowser.Controller.Security;
using MediaBrowser.Controller.Session;
using MediaBrowser.Model.Querying;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
namespace Jellyfin.Api.Controllers
{
/// <summary>
/// Authentication controller.
/// </summary>
[Route("/Auth")]
public class ApiKeyController : BaseJellyfinApiController
{
private readonly ISessionManager _sessionManager;
private readonly IServerApplicationHost _appHost;
private readonly IAuthenticationRepository _authRepo;
/// <summary>
/// Initializes a new instance of the <see cref="ApiKeyController"/> class.
/// </summary>
/// <param name="sessionManager">Instance of <see cref="ISessionManager"/> interface.</param>
/// <param name="appHost">Instance of <see cref="IServerApplicationHost"/> interface.</param>
/// <param name="authRepo">Instance of <see cref="IAuthenticationRepository"/> interface.</param>
public ApiKeyController(
ISessionManager sessionManager,
IServerApplicationHost appHost,
IAuthenticationRepository authRepo)
{
_sessionManager = sessionManager;
_appHost = appHost;
_authRepo = authRepo;
}
/// <summary>
/// Get all keys.
/// </summary>
/// <response code="200">Api keys retrieved.</response>
/// <returns>A <see cref="QueryResult{AuthenticationInfo}"/> with all keys.</returns>
[HttpGet("Keys")]
[Authorize(Policy = Policies.RequiresElevation)]
[ProducesResponseType(StatusCodes.Status200OK)]
public ActionResult<QueryResult<AuthenticationInfo>> GetKeys()
{
var result = _authRepo.Get(new AuthenticationInfoQuery
{
HasUser = false
});
return result;
}
/// <summary>
/// Create a new api key.
/// </summary>
/// <param name="app">Name of the app using the authentication key.</param>
/// <response code="204">Api key created.</response>
/// <returns>A <see cref="NoContentResult"/>.</returns>
[HttpPost("Keys")]
[Authorize(Policy = Policies.RequiresElevation)]
[ProducesResponseType(StatusCodes.Status204NoContent)]
public ActionResult CreateKey([FromQuery, Required] string app)
{
_authRepo.Create(new AuthenticationInfo
{
AppName = app,
AccessToken = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture),
DateCreated = DateTime.UtcNow,
DeviceId = _appHost.SystemId,
DeviceName = _appHost.FriendlyName,
AppVersion = _appHost.ApplicationVersionString
});
return NoContent();
}
/// <summary>
/// Remove an api key.
/// </summary>
/// <param name="key">The access token to delete.</param>
/// <response code="204">Api key deleted.</response>
/// <returns>A <see cref="NoContentResult"/>.</returns>
[HttpDelete("Keys/{key}")]
[Authorize(Policy = Policies.RequiresElevation)]
[ProducesResponseType(StatusCodes.Status204NoContent)]
public ActionResult RevokeKey([FromRoute] string key)
{
_sessionManager.RevokeToken(key);
return NoContent();
}
}
}

85
MediaBrowser.Api/Sessions/ApiKeyService.cs
View File

@ -1,85 +0,0 @@
using System;
using System.Globalization;
using MediaBrowser.Controller;
using MediaBrowser.Controller.Configuration;
using MediaBrowser.Controller.Net;
using MediaBrowser.Controller.Security;
using MediaBrowser.Controller.Session;
using MediaBrowser.Model.Services;
using Microsoft.Extensions.Logging;
namespace MediaBrowser.Api.Sessions
{
[Route("/Auth/Keys", "GET")]
[Authenticated(Roles = "Admin")]
public class GetKeys
{
}
[Route("/Auth/Keys/{Key}", "DELETE")]
[Authenticated(Roles = "Admin")]
public class RevokeKey
{
[ApiMember(Name = "Key", Description = "Authentication key", IsRequired = true, DataType = "string", ParameterType = "path", Verb = "DELETE")]
public string Key { get; set; }
}
[Route("/Auth/Keys", "POST")]
[Authenticated(Roles = "Admin")]
public class CreateKey
{
[ApiMember(Name = "App", Description = "Name of the app using the authentication key", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
public string App { get; set; }
}
public class ApiKeyService : BaseApiService
{
private readonly ISessionManager _sessionManager;
private readonly IAuthenticationRepository _authRepo;
private readonly IServerApplicationHost _appHost;
public ApiKeyService(
ILogger<ApiKeyService> logger,
IServerConfigurationManager serverConfigurationManager,
IHttpResultFactory httpResultFactory,
ISessionManager sessionManager,
IServerApplicationHost appHost,
IAuthenticationRepository authRepo)
: base(logger, serverConfigurationManager, httpResultFactory)
{
_sessionManager = sessionManager;
_authRepo = authRepo;
_appHost = appHost;
}
public void Delete(RevokeKey request)
{
_sessionManager.RevokeToken(request.Key);
}
public void Post(CreateKey request)
{
_authRepo.Create(new AuthenticationInfo
{
AppName = request.App,
AccessToken = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture),
DateCreated = DateTime.UtcNow,
DeviceId = _appHost.SystemId,
DeviceName = _appHost.FriendlyName,
AppVersion = _appHost.ApplicationVersionString
});
}
public object Get(GetKeys request)
{
var result = _authRepo.Get(new AuthenticationInfoQuery
{
HasUser = false
});
return result;
}
}
}