From 47a4f2f387825d9c249c53b3796a43e3eac52b58 Mon Sep 17 00:00:00 2001 From: Claus Vium Date: Sun, 24 Nov 2019 19:25:46 +0100 Subject: [PATCH] Fix more review comments --- .../ApplicationHost.cs | 21 +++++++++++++------ .../Auth/CustomAuthenticationHandler.cs | 2 +- .../FirstTimeSetupOrElevatedHandler.cs | 2 +- .../RequiresElevationHandler.cs | 2 +- .../Constants/AuthenticationSchemes.cs | 13 ++++++++++++ Jellyfin.Api/Constants/Policies.cs | 18 ++++++++++++++++ .../Constants/{UserRole.cs => UserRoles.cs} | 2 +- Jellyfin.Api/Controllers/StartupController.cs | 3 ++- Jellyfin.Api/Jellyfin.Api.csproj | 6 +++--- .../ApiServiceCollectionExtensions.cs | 13 ++++++------ 10 files changed, 62 insertions(+), 20 deletions(-) create mode 100644 Jellyfin.Api/Constants/AuthenticationSchemes.cs create mode 100644 Jellyfin.Api/Constants/Policies.cs rename Jellyfin.Api/Constants/{UserRole.cs => UserRoles.cs} (94%) diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs index 4fd08258a..c5f8b58c4 100644 --- a/Emby.Server.Implementations/ApplicationHost.cs +++ b/Emby.Server.Implementations/ApplicationHost.cs @@ -236,6 +236,21 @@ namespace Emby.Server.Implementations /// public IServiceProvider ServiceProvider { get; set; } + /// + /// Gets the http port for the webhost. + /// + public int HttpPort { get; private set; } + + /// + /// Gets the https port for the webhost. + /// + public int HttpsPort { get; private set; } + + /// + /// Gets the content root for the webhost. + /// + public string ContentRoot { get; private set; } + /// /// Gets the server configuration manager. /// @@ -1604,12 +1619,6 @@ namespace Emby.Server.Implementations ? Environment.MachineName : ServerConfigurationManager.Configuration.ServerName; - public int HttpPort { get; private set; } - - public int HttpsPort { get; private set; } - - public string ContentRoot { get; private set; } - /// /// Shuts down. /// diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs index 6ca992c61..26f7d9d2d 100644 --- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs +++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs @@ -51,7 +51,7 @@ namespace Jellyfin.Api.Auth new Claim(ClaimTypes.Name, user.Name), new Claim( ClaimTypes.Role, - value: user.Policy.IsAdministrator ? UserRole.Administrator : UserRole.User) + value: user.Policy.IsAdministrator ? UserRoles.Administrator : UserRoles.User) }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs index 2450e7bc7..34aa5d12c 100644 --- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs +++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs @@ -28,7 +28,7 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy { context.Succeed(firstTimeSetupOrElevatedRequirement); } - else if (context.User.IsInRole(UserRole.Administrator)) + else if (context.User.IsInRole(UserRoles.Administrator)) { context.Succeed(firstTimeSetupOrElevatedRequirement); } diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs index 108c29a2c..2d3bb1aa4 100644 --- a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs +++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs @@ -12,7 +12,7 @@ namespace Jellyfin.Api.Auth.RequiresElevationPolicy /// protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RequiresElevationRequirement requirement) { - if (context.User.IsInRole(UserRole.Administrator)) + if (context.User.IsInRole(UserRoles.Administrator)) { context.Succeed(requirement); } diff --git a/Jellyfin.Api/Constants/AuthenticationSchemes.cs b/Jellyfin.Api/Constants/AuthenticationSchemes.cs new file mode 100644 index 000000000..bac3379e7 --- /dev/null +++ b/Jellyfin.Api/Constants/AuthenticationSchemes.cs @@ -0,0 +1,13 @@ +namespace Jellyfin.Api.Constants +{ + /// + /// Authentication schemes for user authentication in the API. + /// + public static class AuthenticationSchemes + { + /// + /// Scheme name for the custom legacy authentication. + /// + public const string CustomAuthentication = "CustomAuthentication"; + } +} diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs new file mode 100644 index 000000000..e2b383f75 --- /dev/null +++ b/Jellyfin.Api/Constants/Policies.cs @@ -0,0 +1,18 @@ +namespace Jellyfin.Api.Constants +{ + /// + /// Policies for the API authorization. + /// + public static class Policies + { + /// + /// Policy name for requiring first time setup or elevated privileges. + /// + public const string FirstTimeSetupOrElevated = "FirstTimeOrElevated"; + + /// + /// Policy name for requiring elevated privileges. + /// + public const string RequiresElevation = "RequiresElevation"; + } +} diff --git a/Jellyfin.Api/Constants/UserRole.cs b/Jellyfin.Api/Constants/UserRoles.cs similarity index 94% rename from Jellyfin.Api/Constants/UserRole.cs rename to Jellyfin.Api/Constants/UserRoles.cs index b1da61557..d9a536e7d 100644 --- a/Jellyfin.Api/Constants/UserRole.cs +++ b/Jellyfin.Api/Constants/UserRoles.cs @@ -3,7 +3,7 @@ namespace Jellyfin.Api.Constants /// /// Constants for user roles used in the authentication and authorization for the API. /// - public static class UserRole + public static class UserRoles { /// /// Guest user. diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs index 50f3dc83c..1014c8c56 100644 --- a/Jellyfin.Api/Controllers/StartupController.cs +++ b/Jellyfin.Api/Controllers/StartupController.cs @@ -1,5 +1,6 @@ using System.Linq; using System.Threading.Tasks; +using Jellyfin.Api.Constants; using Jellyfin.Api.Models.StartupDtos; using MediaBrowser.Controller.Configuration; using MediaBrowser.Controller.Library; @@ -11,7 +12,7 @@ namespace Jellyfin.Api.Controllers /// /// The startup wizard controller. /// - [Authorize(Policy = "FirstTimeSetupOrElevated")] + [Authorize(Policy = Policies.FirstTimeSetupOrElevated)] public class StartupController : BaseJellyfinApiController { private readonly IServerConfigurationManager _config; diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj index 6ad97b60f..a2818b45d 100644 --- a/Jellyfin.Api/Jellyfin.Api.csproj +++ b/Jellyfin.Api/Jellyfin.Api.csproj @@ -20,9 +20,9 @@ - - - + + + diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index e5a8937e8..dd4f9cd23 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -2,6 +2,7 @@ using Jellyfin.Api; using Jellyfin.Api.Auth; using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy; using Jellyfin.Api.Auth.RequiresElevationPolicy; +using Jellyfin.Api.Constants; using Jellyfin.Api.Controllers; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; @@ -27,17 +28,17 @@ namespace Jellyfin.Server.Extensions return serviceCollection.AddAuthorizationCore(options => { options.AddPolicy( - "RequiresElevation", + Policies.RequiresElevation, policy => { - policy.AddAuthenticationSchemes("CustomAuthentication"); + policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); policy.AddRequirements(new RequiresElevationRequirement()); }); options.AddPolicy( - "FirstTimeSetupOrElevated", + Policies.FirstTimeSetupOrElevated, policy => { - policy.AddAuthenticationSchemes("CustomAuthentication"); + policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement()); }); }); @@ -50,8 +51,8 @@ namespace Jellyfin.Server.Extensions /// The updated service collection. public static AuthenticationBuilder AddCustomAuthentication(this IServiceCollection serviceCollection) { - return serviceCollection.AddAuthentication("CustomAuthentication") - .AddScheme("CustomAuthentication", null); + return serviceCollection.AddAuthentication(AuthenticationSchemes.CustomAuthentication) + .AddScheme(AuthenticationSchemes.CustomAuthentication, null); } ///