mirror of
https://github.com/jellyfin/jellyfin.git
synced 2024-11-15 18:08:53 -07:00
Merge pull request #2888 from ConfusedPolarBear/quickconnect
Add quick connect (login without typing password)
This commit is contained in:
commit
8ee042483a
@ -16,6 +16,7 @@
|
||||
- [bugfixin](https://github.com/bugfixin)
|
||||
- [chaosinnovator](https://github.com/chaosinnovator)
|
||||
- [ckcr4lyf](https://github.com/ckcr4lyf)
|
||||
- [ConfusedPolarBear](https://github.com/ConfusedPolarBear)
|
||||
- [crankdoofus](https://github.com/crankdoofus)
|
||||
- [crobibero](https://github.com/crobibero)
|
||||
- [cromefire](https://github.com/cromefire)
|
||||
|
@ -37,6 +37,7 @@ using Emby.Server.Implementations.LiveTv;
|
||||
using Emby.Server.Implementations.Localization;
|
||||
using Emby.Server.Implementations.Net;
|
||||
using Emby.Server.Implementations.Playlists;
|
||||
using Emby.Server.Implementations.QuickConnect;
|
||||
using Emby.Server.Implementations.ScheduledTasks;
|
||||
using Emby.Server.Implementations.Security;
|
||||
using Emby.Server.Implementations.Serialization;
|
||||
@ -71,6 +72,7 @@ using MediaBrowser.Controller.Persistence;
|
||||
using MediaBrowser.Controller.Playlists;
|
||||
using MediaBrowser.Controller.Plugins;
|
||||
using MediaBrowser.Controller.Providers;
|
||||
using MediaBrowser.Controller.QuickConnect;
|
||||
using MediaBrowser.Controller.Resolvers;
|
||||
using MediaBrowser.Controller.Security;
|
||||
using MediaBrowser.Controller.Session;
|
||||
@ -627,6 +629,7 @@ namespace Emby.Server.Implementations
|
||||
ServiceCollection.AddSingleton<ISessionContext, SessionContext>();
|
||||
|
||||
ServiceCollection.AddSingleton<IAuthService, AuthService>();
|
||||
ServiceCollection.AddSingleton<IQuickConnect, QuickConnectManager>();
|
||||
|
||||
ServiceCollection.AddSingleton<ISubtitleEncoder, MediaBrowser.MediaEncoding.Subtitles.SubtitleEncoder>();
|
||||
|
||||
|
285
Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
Normal file
285
Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
Normal file
@ -0,0 +1,285 @@
|
||||
using System;
|
||||
using System.Collections.Concurrent;
|
||||
using System.Globalization;
|
||||
using System.Linq;
|
||||
using System.Security.Cryptography;
|
||||
using MediaBrowser.Common;
|
||||
using MediaBrowser.Common.Extensions;
|
||||
using MediaBrowser.Controller;
|
||||
using MediaBrowser.Controller.Authentication;
|
||||
using MediaBrowser.Controller.Configuration;
|
||||
using MediaBrowser.Controller.Net;
|
||||
using MediaBrowser.Controller.QuickConnect;
|
||||
using MediaBrowser.Controller.Security;
|
||||
using MediaBrowser.Model.QuickConnect;
|
||||
using Microsoft.Extensions.Logging;
|
||||
|
||||
namespace Emby.Server.Implementations.QuickConnect
|
||||
{
|
||||
/// <summary>
|
||||
/// Quick connect implementation.
|
||||
/// </summary>
|
||||
public class QuickConnectManager : IQuickConnect, IDisposable
|
||||
{
|
||||
private readonly RNGCryptoServiceProvider _rng = new RNGCryptoServiceProvider();
|
||||
private readonly ConcurrentDictionary<string, QuickConnectResult> _currentRequests = new ConcurrentDictionary<string, QuickConnectResult>();
|
||||
|
||||
private readonly IServerConfigurationManager _config;
|
||||
private readonly ILogger<QuickConnectManager> _logger;
|
||||
private readonly IAuthenticationRepository _authenticationRepository;
|
||||
private readonly IAuthorizationContext _authContext;
|
||||
private readonly IServerApplicationHost _appHost;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="QuickConnectManager"/> class.
|
||||
/// Should only be called at server startup when a singleton is created.
|
||||
/// </summary>
|
||||
/// <param name="config">Configuration.</param>
|
||||
/// <param name="logger">Logger.</param>
|
||||
/// <param name="appHost">Application host.</param>
|
||||
/// <param name="authContext">Authentication context.</param>
|
||||
/// <param name="authenticationRepository">Authentication repository.</param>
|
||||
public QuickConnectManager(
|
||||
IServerConfigurationManager config,
|
||||
ILogger<QuickConnectManager> logger,
|
||||
IServerApplicationHost appHost,
|
||||
IAuthorizationContext authContext,
|
||||
IAuthenticationRepository authenticationRepository)
|
||||
{
|
||||
_config = config;
|
||||
_logger = logger;
|
||||
_appHost = appHost;
|
||||
_authContext = authContext;
|
||||
_authenticationRepository = authenticationRepository;
|
||||
|
||||
ReloadConfiguration();
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public int CodeLength { get; set; } = 6;
|
||||
|
||||
/// <inheritdoc/>
|
||||
public string TokenName { get; set; } = "QuickConnect";
|
||||
|
||||
/// <inheritdoc/>
|
||||
public QuickConnectState State { get; private set; } = QuickConnectState.Unavailable;
|
||||
|
||||
/// <inheritdoc/>
|
||||
public int Timeout { get; set; } = 5;
|
||||
|
||||
private DateTime DateActivated { get; set; }
|
||||
|
||||
/// <inheritdoc/>
|
||||
public void AssertActive()
|
||||
{
|
||||
if (State != QuickConnectState.Active)
|
||||
{
|
||||
throw new ArgumentException("Quick connect is not active on this server");
|
||||
}
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public void Activate()
|
||||
{
|
||||
DateActivated = DateTime.UtcNow;
|
||||
SetState(QuickConnectState.Active);
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public void SetState(QuickConnectState newState)
|
||||
{
|
||||
_logger.LogDebug("Changed quick connect state from {State} to {newState}", State, newState);
|
||||
|
||||
ExpireRequests(true);
|
||||
|
||||
State = newState;
|
||||
_config.Configuration.QuickConnectAvailable = newState == QuickConnectState.Available || newState == QuickConnectState.Active;
|
||||
_config.SaveConfiguration();
|
||||
|
||||
_logger.LogDebug("Configuration saved");
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public QuickConnectResult TryConnect()
|
||||
{
|
||||
ExpireRequests();
|
||||
|
||||
if (State != QuickConnectState.Active)
|
||||
{
|
||||
_logger.LogDebug("Refusing quick connect initiation request, current state is {State}", State);
|
||||
throw new AuthenticationException("Quick connect is not active on this server");
|
||||
}
|
||||
|
||||
var code = GenerateCode();
|
||||
var result = new QuickConnectResult()
|
||||
{
|
||||
Secret = GenerateSecureRandom(),
|
||||
DateAdded = DateTime.UtcNow,
|
||||
Code = code
|
||||
};
|
||||
|
||||
_currentRequests[code] = result;
|
||||
return result;
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public QuickConnectResult CheckRequestStatus(string secret)
|
||||
{
|
||||
ExpireRequests();
|
||||
AssertActive();
|
||||
|
||||
string code = _currentRequests.Where(x => x.Value.Secret == secret).Select(x => x.Value.Code).DefaultIfEmpty(string.Empty).First();
|
||||
|
||||
if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
|
||||
{
|
||||
throw new ResourceNotFoundException("Unable to find request with provided secret");
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public string GenerateCode()
|
||||
{
|
||||
Span<byte> raw = stackalloc byte[4];
|
||||
|
||||
int min = (int)Math.Pow(10, CodeLength - 1);
|
||||
int max = (int)Math.Pow(10, CodeLength);
|
||||
|
||||
uint scale = uint.MaxValue;
|
||||
while (scale == uint.MaxValue)
|
||||
{
|
||||
_rng.GetBytes(raw);
|
||||
scale = BitConverter.ToUInt32(raw);
|
||||
}
|
||||
|
||||
int code = (int)(min + ((max - min) * (scale / (double)uint.MaxValue)));
|
||||
return code.ToString(CultureInfo.InvariantCulture);
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public bool AuthorizeRequest(Guid userId, string code)
|
||||
{
|
||||
ExpireRequests();
|
||||
AssertActive();
|
||||
|
||||
if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
|
||||
{
|
||||
throw new ResourceNotFoundException("Unable to find request");
|
||||
}
|
||||
|
||||
if (result.Authenticated)
|
||||
{
|
||||
throw new InvalidOperationException("Request is already authorized");
|
||||
}
|
||||
|
||||
result.Authentication = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture);
|
||||
|
||||
// Change the time on the request so it expires one minute into the future. It can't expire immediately as otherwise some clients wouldn't ever see that they have been authenticated.
|
||||
var added = result.DateAdded ?? DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(Timeout));
|
||||
result.DateAdded = added.Subtract(TimeSpan.FromMinutes(Timeout - 1));
|
||||
|
||||
_authenticationRepository.Create(new AuthenticationInfo
|
||||
{
|
||||
AppName = TokenName,
|
||||
AccessToken = result.Authentication,
|
||||
DateCreated = DateTime.UtcNow,
|
||||
DeviceId = _appHost.SystemId,
|
||||
DeviceName = _appHost.FriendlyName,
|
||||
AppVersion = _appHost.ApplicationVersionString,
|
||||
UserId = userId
|
||||
});
|
||||
|
||||
_logger.LogDebug("Authorizing device with code {Code} to login as user {userId}", code, userId);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public int DeleteAllDevices(Guid user)
|
||||
{
|
||||
var raw = _authenticationRepository.Get(new AuthenticationInfoQuery()
|
||||
{
|
||||
DeviceId = _appHost.SystemId,
|
||||
UserId = user
|
||||
});
|
||||
|
||||
var tokens = raw.Items.Where(x => x.AppName.StartsWith(TokenName, StringComparison.Ordinal));
|
||||
|
||||
var removed = 0;
|
||||
foreach (var token in tokens)
|
||||
{
|
||||
_authenticationRepository.Delete(token);
|
||||
_logger.LogDebug("Deleted token {AccessToken}", token.AccessToken);
|
||||
removed++;
|
||||
}
|
||||
|
||||
return removed;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Dispose.
|
||||
/// </summary>
|
||||
public void Dispose()
|
||||
{
|
||||
Dispose(true);
|
||||
GC.SuppressFinalize(this);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Dispose.
|
||||
/// </summary>
|
||||
/// <param name="disposing">Dispose unmanaged resources.</param>
|
||||
protected virtual void Dispose(bool disposing)
|
||||
{
|
||||
if (disposing)
|
||||
{
|
||||
_rng?.Dispose();
|
||||
}
|
||||
}
|
||||
|
||||
private string GenerateSecureRandom(int length = 32)
|
||||
{
|
||||
Span<byte> bytes = stackalloc byte[length];
|
||||
_rng.GetBytes(bytes);
|
||||
|
||||
return Hex.Encode(bytes);
|
||||
}
|
||||
|
||||
/// <inheritdoc/>
|
||||
public void ExpireRequests(bool expireAll = false)
|
||||
{
|
||||
// Check if quick connect should be deactivated
|
||||
if (State == QuickConnectState.Active && DateTime.UtcNow > DateActivated.AddMinutes(Timeout) && !expireAll)
|
||||
{
|
||||
_logger.LogDebug("Quick connect time expired, deactivating");
|
||||
SetState(QuickConnectState.Available);
|
||||
expireAll = true;
|
||||
}
|
||||
|
||||
// Expire stale connection requests
|
||||
var code = string.Empty;
|
||||
var values = _currentRequests.Values.ToList();
|
||||
|
||||
for (int i = 0; i < values.Count; i++)
|
||||
{
|
||||
var added = values[i].DateAdded ?? DateTime.UnixEpoch;
|
||||
if (DateTime.UtcNow > added.AddMinutes(Timeout) || expireAll)
|
||||
{
|
||||
code = values[i].Code;
|
||||
_logger.LogDebug("Removing expired request {code}", code);
|
||||
|
||||
if (!_currentRequests.TryRemove(code, out _))
|
||||
{
|
||||
_logger.LogWarning("Request {code} already expired", code);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void ReloadConfiguration()
|
||||
{
|
||||
State = _config.Configuration.QuickConnectAvailable ? QuickConnectState.Available : QuickConnectState.Unavailable;
|
||||
}
|
||||
}
|
||||
}
|
@ -1429,6 +1429,24 @@ namespace Emby.Server.Implementations.Session
|
||||
return AuthenticateNewSessionInternal(request, false);
|
||||
}
|
||||
|
||||
public Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token)
|
||||
{
|
||||
var result = _authRepo.Get(new AuthenticationInfoQuery()
|
||||
{
|
||||
AccessToken = token,
|
||||
DeviceId = _appHost.SystemId,
|
||||
Limit = 1
|
||||
});
|
||||
|
||||
if (result.TotalRecordCount == 0)
|
||||
{
|
||||
throw new SecurityException("Unknown quick connect token");
|
||||
}
|
||||
|
||||
request.UserId = result.Items[0].UserId;
|
||||
return AuthenticateNewSessionInternal(request, false);
|
||||
}
|
||||
|
||||
private async Task<AuthenticationResult> AuthenticateNewSessionInternal(AuthenticationRequest request, bool enforcePassword)
|
||||
{
|
||||
CheckDisposed();
|
||||
|
154
Jellyfin.Api/Controllers/QuickConnectController.cs
Normal file
154
Jellyfin.Api/Controllers/QuickConnectController.cs
Normal file
@ -0,0 +1,154 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using Jellyfin.Api.Constants;
|
||||
using Jellyfin.Api.Helpers;
|
||||
using MediaBrowser.Common.Extensions;
|
||||
using MediaBrowser.Controller.QuickConnect;
|
||||
using MediaBrowser.Model.QuickConnect;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
namespace Jellyfin.Api.Controllers
|
||||
{
|
||||
/// <summary>
|
||||
/// Quick connect controller.
|
||||
/// </summary>
|
||||
public class QuickConnectController : BaseJellyfinApiController
|
||||
{
|
||||
private readonly IQuickConnect _quickConnect;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="QuickConnectController"/> class.
|
||||
/// </summary>
|
||||
/// <param name="quickConnect">Instance of the <see cref="IQuickConnect"/> interface.</param>
|
||||
public QuickConnectController(IQuickConnect quickConnect)
|
||||
{
|
||||
_quickConnect = quickConnect;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets the current quick connect state.
|
||||
/// </summary>
|
||||
/// <response code="200">Quick connect state returned.</response>
|
||||
/// <returns>The current <see cref="QuickConnectState"/>.</returns>
|
||||
[HttpGet("Status")]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
public ActionResult<QuickConnectState> GetStatus()
|
||||
{
|
||||
_quickConnect.ExpireRequests();
|
||||
return _quickConnect.State;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Initiate a new quick connect request.
|
||||
/// </summary>
|
||||
/// <response code="200">Quick connect request successfully created.</response>
|
||||
/// <response code="401">Quick connect is not active on this server.</response>
|
||||
/// <returns>A <see cref="QuickConnectResult"/> with a secret and code for future use or an error message.</returns>
|
||||
[HttpGet("Initiate")]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
public ActionResult<QuickConnectResult> Initiate()
|
||||
{
|
||||
return _quickConnect.TryConnect();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Attempts to retrieve authentication information.
|
||||
/// </summary>
|
||||
/// <param name="secret">Secret previously returned from the Initiate endpoint.</param>
|
||||
/// <response code="200">Quick connect result returned.</response>
|
||||
/// <response code="404">Unknown quick connect secret.</response>
|
||||
/// <returns>An updated <see cref="QuickConnectResult"/>.</returns>
|
||||
[HttpGet("Connect")]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
||||
public ActionResult<QuickConnectResult> Connect([FromQuery, Required] string secret)
|
||||
{
|
||||
try
|
||||
{
|
||||
return _quickConnect.CheckRequestStatus(secret);
|
||||
}
|
||||
catch (ResourceNotFoundException)
|
||||
{
|
||||
return NotFound("Unknown secret");
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Temporarily activates quick connect for five minutes.
|
||||
/// </summary>
|
||||
/// <response code="204">Quick connect has been temporarily activated.</response>
|
||||
/// <response code="403">Quick connect is unavailable on this server.</response>
|
||||
/// <returns>An <see cref="NoContentResult"/> on success.</returns>
|
||||
[HttpPost("Activate")]
|
||||
[Authorize(Policy = Policies.DefaultAuthorization)]
|
||||
[ProducesResponseType(StatusCodes.Status204NoContent)]
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public ActionResult Activate()
|
||||
{
|
||||
if (_quickConnect.State == QuickConnectState.Unavailable)
|
||||
{
|
||||
return Forbid("Quick connect is unavailable");
|
||||
}
|
||||
|
||||
_quickConnect.Activate();
|
||||
return NoContent();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Enables or disables quick connect.
|
||||
/// </summary>
|
||||
/// <param name="status">New <see cref="QuickConnectState"/>.</param>
|
||||
/// <response code="204">Quick connect state set successfully.</response>
|
||||
/// <returns>An <see cref="NoContentResult"/> on success.</returns>
|
||||
[HttpPost("Available")]
|
||||
[Authorize(Policy = Policies.RequiresElevation)]
|
||||
[ProducesResponseType(StatusCodes.Status204NoContent)]
|
||||
public ActionResult Available([FromQuery] QuickConnectState status = QuickConnectState.Available)
|
||||
{
|
||||
_quickConnect.SetState(status);
|
||||
return NoContent();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Authorizes a pending quick connect request.
|
||||
/// </summary>
|
||||
/// <param name="code">Quick connect code to authorize.</param>
|
||||
/// <response code="200">Quick connect result authorized successfully.</response>
|
||||
/// <response code="403">Unknown user id.</response>
|
||||
/// <returns>Boolean indicating if the authorization was successful.</returns>
|
||||
[HttpPost("Authorize")]
|
||||
[Authorize(Policy = Policies.DefaultAuthorization)]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
||||
public ActionResult<bool> Authorize([FromQuery, Required] string code)
|
||||
{
|
||||
var userId = ClaimHelpers.GetUserId(Request.HttpContext.User);
|
||||
if (!userId.HasValue)
|
||||
{
|
||||
return Forbid("Unknown user id");
|
||||
}
|
||||
|
||||
return _quickConnect.AuthorizeRequest(userId.Value, code);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Deauthorize all quick connect devices for the current user.
|
||||
/// </summary>
|
||||
/// <response code="200">All quick connect devices were deleted.</response>
|
||||
/// <returns>The number of devices that were deleted.</returns>
|
||||
[HttpPost("Deauthorize")]
|
||||
[Authorize(Policy = Policies.DefaultAuthorization)]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
public ActionResult<int> Deauthorize()
|
||||
{
|
||||
var userId = ClaimHelpers.GetUserId(Request.HttpContext.User);
|
||||
if (!userId.HasValue)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
return _quickConnect.DeleteAllDevices(userId.Value);
|
||||
}
|
||||
}
|
||||
}
|
@ -216,6 +216,40 @@ namespace Jellyfin.Api.Controllers
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Authenticates a user with quick connect.
|
||||
/// </summary>
|
||||
/// <param name="request">The <see cref="QuickConnectDto"/> request.</param>
|
||||
/// <response code="200">User authenticated.</response>
|
||||
/// <response code="400">Missing token.</response>
|
||||
/// <returns>A <see cref="Task"/> containing an <see cref="AuthenticationRequest"/> with information about the new session.</returns>
|
||||
[HttpPost("AuthenticateWithQuickConnect")]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
public async Task<ActionResult<AuthenticationResult>> AuthenticateWithQuickConnect([FromBody, Required] QuickConnectDto request)
|
||||
{
|
||||
var auth = _authContext.GetAuthorizationInfo(Request);
|
||||
|
||||
try
|
||||
{
|
||||
var authRequest = new AuthenticationRequest
|
||||
{
|
||||
App = auth.Client,
|
||||
AppVersion = auth.Version,
|
||||
DeviceId = auth.DeviceId,
|
||||
DeviceName = auth.Device,
|
||||
};
|
||||
|
||||
return await _sessionManager.AuthenticateQuickConnect(
|
||||
authRequest,
|
||||
request.Token).ConfigureAwait(false);
|
||||
}
|
||||
catch (SecurityException e)
|
||||
{
|
||||
// rethrow adding IP address to message
|
||||
throw new SecurityException($"[{HttpContext.Connection.RemoteIpAddress}] {e.Message}", e);
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Updates a user's password.
|
||||
/// </summary>
|
||||
|
16
Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs
Normal file
16
Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs
Normal file
@ -0,0 +1,16 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
|
||||
namespace Jellyfin.Api.Models.UserDtos
|
||||
{
|
||||
/// <summary>
|
||||
/// The quick connect request body.
|
||||
/// </summary>
|
||||
public class QuickConnectDto
|
||||
{
|
||||
/// <summary>
|
||||
/// Gets or sets the quick connect token.
|
||||
/// </summary>
|
||||
[Required]
|
||||
public string? Token { get; set; }
|
||||
}
|
||||
}
|
87
MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
Normal file
87
MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
Normal file
@ -0,0 +1,87 @@
|
||||
using System;
|
||||
using MediaBrowser.Model.QuickConnect;
|
||||
|
||||
namespace MediaBrowser.Controller.QuickConnect
|
||||
{
|
||||
/// <summary>
|
||||
/// Quick connect standard interface.
|
||||
/// </summary>
|
||||
public interface IQuickConnect
|
||||
{
|
||||
/// <summary>
|
||||
/// Gets or sets the length of user facing codes.
|
||||
/// </summary>
|
||||
int CodeLength { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the name of internal access tokens.
|
||||
/// </summary>
|
||||
string TokenName { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets the current state of quick connect.
|
||||
/// </summary>
|
||||
QuickConnectState State { get; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the time (in minutes) before quick connect will automatically deactivate.
|
||||
/// </summary>
|
||||
int Timeout { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Assert that quick connect is currently active and throws an exception if it is not.
|
||||
/// </summary>
|
||||
void AssertActive();
|
||||
|
||||
/// <summary>
|
||||
/// Temporarily activates quick connect for a short amount of time.
|
||||
/// </summary>
|
||||
void Activate();
|
||||
|
||||
/// <summary>
|
||||
/// Changes the state of quick connect.
|
||||
/// </summary>
|
||||
/// <param name="newState">New state to change to.</param>
|
||||
void SetState(QuickConnectState newState);
|
||||
|
||||
/// <summary>
|
||||
/// Initiates a new quick connect request.
|
||||
/// </summary>
|
||||
/// <returns>A quick connect result with tokens to proceed or throws an exception if not active.</returns>
|
||||
QuickConnectResult TryConnect();
|
||||
|
||||
/// <summary>
|
||||
/// Checks the status of an individual request.
|
||||
/// </summary>
|
||||
/// <param name="secret">Unique secret identifier of the request.</param>
|
||||
/// <returns>Quick connect result.</returns>
|
||||
QuickConnectResult CheckRequestStatus(string secret);
|
||||
|
||||
/// <summary>
|
||||
/// Authorizes a quick connect request to connect as the calling user.
|
||||
/// </summary>
|
||||
/// <param name="userId">User id.</param>
|
||||
/// <param name="code">Identifying code for the request.</param>
|
||||
/// <returns>A boolean indicating if the authorization completed successfully.</returns>
|
||||
bool AuthorizeRequest(Guid userId, string code);
|
||||
|
||||
/// <summary>
|
||||
/// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
|
||||
/// </summary>
|
||||
/// <param name="expireAll">If true, all requests will be expired.</param>
|
||||
void ExpireRequests(bool expireAll = false);
|
||||
|
||||
/// <summary>
|
||||
/// Deletes all quick connect access tokens for the provided user.
|
||||
/// </summary>
|
||||
/// <param name="user">Guid of the user to delete tokens for.</param>
|
||||
/// <returns>A count of the deleted tokens.</returns>
|
||||
int DeleteAllDevices(Guid user);
|
||||
|
||||
/// <summary>
|
||||
/// Generates a short code to display to the user to uniquely identify this request.
|
||||
/// </summary>
|
||||
/// <returns>A short, unique alphanumeric string.</returns>
|
||||
string GenerateCode();
|
||||
}
|
||||
}
|
@ -266,6 +266,14 @@ namespace MediaBrowser.Controller.Session
|
||||
/// <returns>Task{SessionInfo}.</returns>
|
||||
Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request);
|
||||
|
||||
/// <summary>
|
||||
/// Authenticates a new session with quick connect.
|
||||
/// </summary>
|
||||
/// <param name="request">The request.</param>
|
||||
/// <param name="token">Quick connect access token.</param>
|
||||
/// <returns>Task{SessionInfo}.</returns>
|
||||
Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token);
|
||||
|
||||
/// <summary>
|
||||
/// Creates the new session.
|
||||
/// </summary>
|
||||
|
@ -78,6 +78,11 @@ namespace MediaBrowser.Model.Configuration
|
||||
/// <value><c>true</c> if this instance is port authorized; otherwise, <c>false</c>.</value>
|
||||
public bool IsPortAuthorized { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets if quick connect is available for use on this server.
|
||||
/// </summary>
|
||||
public bool QuickConnectAvailable { get; set; }
|
||||
|
||||
public bool AutoRunWebApp { get; set; }
|
||||
|
||||
public bool EnableRemoteAccess { get; set; }
|
||||
@ -299,6 +304,7 @@ namespace MediaBrowser.Model.Configuration
|
||||
|
||||
AutoRunWebApp = true;
|
||||
EnableRemoteAccess = true;
|
||||
QuickConnectAvailable = false;
|
||||
|
||||
EnableUPnP = false;
|
||||
MinResumePct = 5;
|
||||
|
40
MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
Normal file
40
MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
Normal file
@ -0,0 +1,40 @@
|
||||
using System;
|
||||
|
||||
namespace MediaBrowser.Model.QuickConnect
|
||||
{
|
||||
/// <summary>
|
||||
/// Stores the result of an incoming quick connect request.
|
||||
/// </summary>
|
||||
public class QuickConnectResult
|
||||
{
|
||||
/// <summary>
|
||||
/// Gets a value indicating whether this request is authorized.
|
||||
/// </summary>
|
||||
public bool Authenticated => !string.IsNullOrEmpty(Authentication);
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the secret value used to uniquely identify this request. Can be used to retrieve authentication information.
|
||||
/// </summary>
|
||||
public string? Secret { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the user facing code used so the user can quickly differentiate this request from others.
|
||||
/// </summary>
|
||||
public string? Code { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the private access token.
|
||||
/// </summary>
|
||||
public string? Authentication { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets an error message.
|
||||
/// </summary>
|
||||
public string? Error { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the DateTime that this request was created.
|
||||
/// </summary>
|
||||
public DateTime? DateAdded { get; set; }
|
||||
}
|
||||
}
|
23
MediaBrowser.Model/QuickConnect/QuickConnectState.cs
Normal file
23
MediaBrowser.Model/QuickConnect/QuickConnectState.cs
Normal file
@ -0,0 +1,23 @@
|
||||
namespace MediaBrowser.Model.QuickConnect
|
||||
{
|
||||
/// <summary>
|
||||
/// Quick connect state.
|
||||
/// </summary>
|
||||
public enum QuickConnectState
|
||||
{
|
||||
/// <summary>
|
||||
/// This feature has not been opted into and is unavailable until the server administrator chooses to opt-in.
|
||||
/// </summary>
|
||||
Unavailable = 0,
|
||||
|
||||
/// <summary>
|
||||
/// The feature is enabled for use on the server but is not currently accepting connection requests.
|
||||
/// </summary>
|
||||
Available = 1,
|
||||
|
||||
/// <summary>
|
||||
/// The feature is actively accepting connection requests.
|
||||
/// </summary>
|
||||
Active = 2
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user