diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs index df7a034e8f..4a0fc8239e 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs @@ -1,5 +1,6 @@ #pragma warning disable CS1591 +using System; using Jellyfin.Data.Enums; using MediaBrowser.Controller.Authentication; using MediaBrowser.Controller.Net; @@ -20,9 +21,15 @@ namespace Emby.Server.Implementations.HttpServer.Security public AuthorizationInfo Authenticate(HttpRequest request) { var auth = _authorizationContext.GetAuthorizationInfo(request); + + if (!auth.HasToken) + { + throw new AuthenticationException("Request does not contain a token."); + } + if (!auth.IsAuthenticated) { - throw new AuthenticationException("Invalid token."); + throw new SecurityException("Invalid token."); } if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false) diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs index fdf2e3908a..d62e2eefe4 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs @@ -102,7 +102,8 @@ namespace Emby.Server.Implementations.HttpServer.Security DeviceId = deviceId, Version = version, Token = token, - IsAuthenticated = false + IsAuthenticated = false, + HasToken = false }; if (string.IsNullOrWhiteSpace(token)) @@ -111,6 +112,7 @@ namespace Emby.Server.Implementations.HttpServer.Security return authInfo; } + authInfo.HasToken = true; var result = _authRepo.Get(new AuthenticationInfoQuery { AccessToken = token diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs index f98d5c11ae..c56233794a 100644 --- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs +++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs @@ -1,5 +1,4 @@ using System.Globalization; -using System.Linq; using System.Security.Claims; using System.Text.Encodings.Web; using System.Threading.Tasks; @@ -8,7 +7,6 @@ using Jellyfin.Data.Enums; using MediaBrowser.Controller.Authentication; using MediaBrowser.Controller.Net; using Microsoft.AspNetCore.Authentication; -using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; @@ -79,8 +77,7 @@ namespace Jellyfin.Api.Auth } catch (SecurityException ex) { - _logger.LogDebug(ex, "Error authenticating with {Handler}", nameof(CustomAuthenticationHandler)); - return Task.FromResult(AuthenticateResult.NoResult()); + return Task.FromResult(AuthenticateResult.Fail(ex)); } } } diff --git a/MediaBrowser.Controller/Net/AuthorizationInfo.cs b/MediaBrowser.Controller/Net/AuthorizationInfo.cs index 0194c596f1..93573e08e2 100644 --- a/MediaBrowser.Controller/Net/AuthorizationInfo.cs +++ b/MediaBrowser.Controller/Net/AuthorizationInfo.cs @@ -58,5 +58,10 @@ namespace MediaBrowser.Controller.Net /// Gets or sets a value indicating whether the token is authenticated. /// public bool IsAuthenticated { get; set; } + + /// + /// Gets or sets a value indicating whether the request has a token. + /// + public bool HasToken { get; set; } } }