fix openapi auth
This commit is contained in:
cvium
parent
b5d5667965
commit
cba9657aec
|
|
@ -18,11 +18,17 @@ namespace Jellyfin.Server.Filters
|
||||||
{
|
{
|
||||||
var requiredScopes = new List<string>();
|
var requiredScopes = new List<string>();
|
||||||
|
|
||||||
|
var requiresAuth = false;
|
||||||
// Add all method scopes.
|
// Add all method scopes.
|
||||||
foreach (var attribute in context.MethodInfo.GetCustomAttributes(true))
|
foreach (var attribute in context.MethodInfo.GetCustomAttributes(true))
|
||||||
{
|
{
|
||||||
if (attribute is AuthorizeAttribute authorizeAttribute
|
if (attribute is not AuthorizeAttribute authorizeAttribute)
|
||||||
&& authorizeAttribute.Policy is not null
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
requiresAuth = true;
|
||||||
|
if (authorizeAttribute.Policy is not null
|
||||||
&& !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
|
&& !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
|
||||||
{
|
{
|
||||||
requiredScopes.Add(authorizeAttribute.Policy);
|
requiredScopes.Add(authorizeAttribute.Policy);
|
||||||
|
|
@ -35,8 +41,13 @@ namespace Jellyfin.Server.Filters
|
||||||
{
|
{
|
||||||
foreach (var attribute in controllerAttributes)
|
foreach (var attribute in controllerAttributes)
|
||||||
{
|
{
|
||||||
if (attribute is AuthorizeAttribute authorizeAttribute
|
if (attribute is not AuthorizeAttribute authorizeAttribute)
|
||||||
&& authorizeAttribute.Policy is not null
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
requiresAuth = true;
|
||||||
|
if (authorizeAttribute.Policy is not null
|
||||||
&& !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
|
&& !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
|
||||||
{
|
{
|
||||||
requiredScopes.Add(authorizeAttribute.Policy);
|
requiredScopes.Add(authorizeAttribute.Policy);
|
||||||
|
|
@ -44,35 +55,37 @@ namespace Jellyfin.Server.Filters
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (requiredScopes.Count != 0)
|
if (!requiresAuth)
|
||||||
{
|
{
|
||||||
if (!operation.Responses.ContainsKey("401"))
|
return;
|
||||||
{
|
|
||||||
operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" });
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!operation.Responses.ContainsKey("403"))
|
|
||||||
{
|
|
||||||
operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" });
|
|
||||||
}
|
|
||||||
|
|
||||||
var scheme = new OpenApiSecurityScheme
|
|
||||||
{
|
|
||||||
Reference = new OpenApiReference
|
|
||||||
{
|
|
||||||
Type = ReferenceType.SecurityScheme,
|
|
||||||
Id = AuthenticationSchemes.CustomAuthentication
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
operation.Security = new List<OpenApiSecurityRequirement>
|
|
||||||
{
|
|
||||||
new OpenApiSecurityRequirement
|
|
||||||
{
|
|
||||||
[scheme] = requiredScopes
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!operation.Responses.ContainsKey("401"))
|
||||||
|
{
|
||||||
|
operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!operation.Responses.ContainsKey("403"))
|
||||||
|
{
|
||||||
|
operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" });
|
||||||
|
}
|
||||||
|
|
||||||
|
var scheme = new OpenApiSecurityScheme
|
||||||
|
{
|
||||||
|
Reference = new OpenApiReference
|
||||||
|
{
|
||||||
|
Type = ReferenceType.SecurityScheme,
|
||||||
|
Id = AuthenticationSchemes.CustomAuthentication
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
operation.Security = new List<OpenApiSecurityRequirement>
|
||||||
|
{
|
||||||
|
new OpenApiSecurityRequirement
|
||||||
|
{
|
||||||
|
[scheme] = requiredScopes
|
||||||
|
}
|
||||||
|
};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user