cotugno/jellyfin
2
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2024-11-15 18:08:53 -07:00
Code Issues Packages Projects Releases Wiki Activity

Return NoResult only when request doesn't have a token.

Browse Source
This commit is contained in:
crobibero 2020-12-01 14:47:42 -07:00
parent 38b3b4f867
commit cd459c51f3
4 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Emby.Server.Implementations/HttpServer/Security/AuthService.cs
View File

@ -1,5 +1,6 @@
#pragma warning disable CS1591 #pragma warning disable CS1591
using System;
using Jellyfin.Data.Enums; using Jellyfin.Data.Enums;
using MediaBrowser.Controller.Authentication; using MediaBrowser.Controller.Authentication;
using MediaBrowser.Controller.Net; using MediaBrowser.Controller.Net;
@ -20,9 +21,15 @@ namespace Emby.Server.Implementations.HttpServer.Security
public AuthorizationInfo Authenticate(HttpRequest request) public AuthorizationInfo Authenticate(HttpRequest request)
{ {
var auth = _authorizationContext.GetAuthorizationInfo(request); var auth = _authorizationContext.GetAuthorizationInfo(request);
if (!auth.HasToken)
{
throw new AuthenticationException("Request does not contain a token.");
}
if (!auth.IsAuthenticated) if (!auth.IsAuthenticated)
{ {
throw new AuthenticationException("Invalid token."); throw new SecurityException("Invalid token.");
} }
if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false) if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)

4
Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
View File

@ -102,7 +102,8 @@ namespace Emby.Server.Implementations.HttpServer.Security
DeviceId = deviceId, DeviceId = deviceId,
Version = version, Version = version,
Token = token, Token = token,
IsAuthenticated = false IsAuthenticated = false,
HasToken = false
}; };
if (string.IsNullOrWhiteSpace(token)) if (string.IsNullOrWhiteSpace(token))
@ -111,6 +112,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
return authInfo; return authInfo;
} }
authInfo.HasToken = true;
var result = _authRepo.Get(new AuthenticationInfoQuery var result = _authRepo.Get(new AuthenticationInfoQuery
{ {
AccessToken = token AccessToken = token

5
Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
View File

@ -1,5 +1,4 @@
using System.Globalization; using System.Globalization;
using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Text.Encodings.Web; using System.Text.Encodings.Web;
using System.Threading.Tasks; using System.Threading.Tasks;
@ -8,7 +7,6 @@ using Jellyfin.Data.Enums;
using MediaBrowser.Controller.Authentication; using MediaBrowser.Controller.Authentication;
using MediaBrowser.Controller.Net; using MediaBrowser.Controller.Net;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
@ -79,8 +77,7 @@ namespace Jellyfin.Api.Auth
} }
catch (SecurityException ex) catch (SecurityException ex)
{ {
_logger.LogDebug(ex, "Error authenticating with {Handler}", nameof(CustomAuthenticationHandler)); return Task.FromResult(AuthenticateResult.Fail(ex));
return Task.FromResult(AuthenticateResult.NoResult());
} }
} }
} }

5
MediaBrowser.Controller/Net/AuthorizationInfo.cs
View File

@ -58,5 +58,10 @@ namespace MediaBrowser.Controller.Net
/// Gets or sets a value indicating whether the token is authenticated. /// Gets or sets a value indicating whether the token is authenticated.
/// </summary> /// </summary>
public bool IsAuthenticated { get; set; } public bool IsAuthenticated { get; set; }
/// <summary>
/// Gets or sets a value indicating whether the request has a token.
/// </summary>
public bool HasToken { get; set; }
} }
} }