Remove OriginalAuthenticationInfo and add IsAuthenticated property
This commit is contained in:
parent
96dcd9c87e
commit
e78c63c4dc
|
@ -1,6 +1,7 @@
|
||||||
#pragma warning disable CS1591
|
#pragma warning disable CS1591
|
||||||
|
|
||||||
using Jellyfin.Data.Enums;
|
using Jellyfin.Data.Enums;
|
||||||
|
using MediaBrowser.Controller.Authentication;
|
||||||
using MediaBrowser.Controller.Net;
|
using MediaBrowser.Controller.Net;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
|
@ -19,9 +20,9 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
public AuthorizationInfo Authenticate(HttpRequest request)
|
public AuthorizationInfo Authenticate(HttpRequest request)
|
||||||
{
|
{
|
||||||
var auth = _authorizationContext.GetAuthorizationInfo(request);
|
var auth = _authorizationContext.GetAuthorizationInfo(request);
|
||||||
if (auth == null)
|
if (!auth.IsAuthenticated)
|
||||||
{
|
{
|
||||||
throw new SecurityException("Unauthenticated request.");
|
throw new AuthenticationException("Invalid token.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
|
if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
|
||||||
|
|
|
@ -36,8 +36,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
public AuthorizationInfo GetAuthorizationInfo(HttpRequest requestContext)
|
public AuthorizationInfo GetAuthorizationInfo(HttpRequest requestContext)
|
||||||
{
|
{
|
||||||
var auth = GetAuthorizationDictionary(requestContext);
|
var auth = GetAuthorizationDictionary(requestContext);
|
||||||
var (authInfo, _) =
|
var authInfo = GetAuthorizationInfoFromDictionary(auth, requestContext.Headers, requestContext.Query);
|
||||||
GetAuthorizationInfoFromDictionary(auth, requestContext.Headers, requestContext.Query);
|
|
||||||
return authInfo;
|
return authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -49,19 +48,13 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
private AuthorizationInfo GetAuthorization(HttpContext httpReq)
|
private AuthorizationInfo GetAuthorization(HttpContext httpReq)
|
||||||
{
|
{
|
||||||
var auth = GetAuthorizationDictionary(httpReq);
|
var auth = GetAuthorizationDictionary(httpReq);
|
||||||
var (authInfo, originalAuthInfo) =
|
var authInfo = GetAuthorizationInfoFromDictionary(auth, httpReq.Request.Headers, httpReq.Request.Query);
|
||||||
GetAuthorizationInfoFromDictionary(auth, httpReq.Request.Headers, httpReq.Request.Query);
|
|
||||||
|
|
||||||
if (originalAuthInfo != null)
|
|
||||||
{
|
|
||||||
httpReq.Request.HttpContext.Items["OriginalAuthenticationInfo"] = originalAuthInfo;
|
|
||||||
}
|
|
||||||
|
|
||||||
httpReq.Request.HttpContext.Items["AuthorizationInfo"] = authInfo;
|
httpReq.Request.HttpContext.Items["AuthorizationInfo"] = authInfo;
|
||||||
return authInfo;
|
return authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
private (AuthorizationInfo authInfo, AuthenticationInfo originalAuthenticationInfo) GetAuthorizationInfoFromDictionary(
|
private AuthorizationInfo GetAuthorizationInfoFromDictionary(
|
||||||
in Dictionary<string, string> auth,
|
in Dictionary<string, string> auth,
|
||||||
in IHeaderDictionary headers,
|
in IHeaderDictionary headers,
|
||||||
in IQueryCollection queryString)
|
in IQueryCollection queryString)
|
||||||
|
@ -108,13 +101,14 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
Device = device,
|
Device = device,
|
||||||
DeviceId = deviceId,
|
DeviceId = deviceId,
|
||||||
Version = version,
|
Version = version,
|
||||||
Token = token
|
Token = token,
|
||||||
|
IsAuthenticated = false
|
||||||
};
|
};
|
||||||
|
|
||||||
if (string.IsNullOrWhiteSpace(token))
|
if (string.IsNullOrWhiteSpace(token))
|
||||||
{
|
{
|
||||||
// Request doesn't contain a token.
|
// Request doesn't contain a token.
|
||||||
return (null, null);
|
return authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
var result = _authRepo.Get(new AuthenticationInfoQuery
|
var result = _authRepo.Get(new AuthenticationInfoQuery
|
||||||
|
@ -122,6 +116,11 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
AccessToken = token
|
AccessToken = token
|
||||||
});
|
});
|
||||||
|
|
||||||
|
if (result.Items.Count > 0)
|
||||||
|
{
|
||||||
|
authInfo.IsAuthenticated = true;
|
||||||
|
}
|
||||||
|
|
||||||
var originalAuthenticationInfo = result.Items.Count > 0 ? result.Items[0] : null;
|
var originalAuthenticationInfo = result.Items.Count > 0 ? result.Items[0] : null;
|
||||||
|
|
||||||
if (originalAuthenticationInfo != null)
|
if (originalAuthenticationInfo != null)
|
||||||
|
@ -197,7 +196,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return (authInfo, originalAuthenticationInfo);
|
return authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
using System.Globalization;
|
using System.Globalization;
|
||||||
using System.Security.Authentication;
|
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Text.Encodings.Web;
|
using System.Text.Encodings.Web;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Jellyfin.Api.Constants;
|
using Jellyfin.Api.Constants;
|
||||||
using Jellyfin.Data.Enums;
|
using Jellyfin.Data.Enums;
|
||||||
|
using MediaBrowser.Controller.Authentication;
|
||||||
using MediaBrowser.Controller.Net;
|
using MediaBrowser.Controller.Net;
|
||||||
using Microsoft.AspNetCore.Authentication;
|
using Microsoft.AspNetCore.Authentication;
|
||||||
using Microsoft.Extensions.Logging;
|
using Microsoft.Extensions.Logging;
|
||||||
|
|
|
@ -53,5 +53,10 @@ namespace MediaBrowser.Controller.Net
|
||||||
/// Gets or sets the user making the request.
|
/// Gets or sets the user making the request.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public User User { get; set; }
|
public User User { get; set; }
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Gets or sets a value indicating whether the token is authenticated.
|
||||||
|
/// </summary>
|
||||||
|
public bool IsAuthenticated { get; set; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@ using Jellyfin.Api.Auth;
|
||||||
using Jellyfin.Api.Constants;
|
using Jellyfin.Api.Constants;
|
||||||
using Jellyfin.Data.Entities;
|
using Jellyfin.Data.Entities;
|
||||||
using Jellyfin.Data.Enums;
|
using Jellyfin.Data.Enums;
|
||||||
|
using MediaBrowser.Controller.Authentication;
|
||||||
using MediaBrowser.Controller.Net;
|
using MediaBrowser.Controller.Net;
|
||||||
using Microsoft.AspNetCore.Authentication;
|
using Microsoft.AspNetCore.Authentication;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
|
@ -68,14 +69,14 @@ namespace Jellyfin.Api.Tests.Auth
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task HandleAuthenticateAsyncShouldFailOnSecurityException()
|
public async Task HandleAuthenticateAsyncShouldFailOnAuthenticationException()
|
||||||
{
|
{
|
||||||
var errorMessage = _fixture.Create<string>();
|
var errorMessage = _fixture.Create<string>();
|
||||||
|
|
||||||
_jellyfinAuthServiceMock.Setup(
|
_jellyfinAuthServiceMock.Setup(
|
||||||
a => a.Authenticate(
|
a => a.Authenticate(
|
||||||
It.IsAny<HttpRequest>()))
|
It.IsAny<HttpRequest>()))
|
||||||
.Throws(new SecurityException(errorMessage));
|
.Throws(new AuthenticationException(errorMessage));
|
||||||
|
|
||||||
var authenticateResult = await _sut.AuthenticateAsync();
|
var authenticateResult = await _sut.AuthenticateAsync();
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user