mirror of
https://github.com/jellyfin/jellyfin.git
synced 2024-11-16 18:42:52 -07:00
Merge pull request #10336 from Bond-009/authorization
This commit is contained in:
commit
cf806ddcaa
@ -49,14 +49,13 @@ namespace Jellyfin.Server.Implementations.Security
|
||||
/// <summary>
|
||||
/// Gets the authorization.
|
||||
/// </summary>
|
||||
/// <param name="httpReq">The HTTP req.</param>
|
||||
/// <param name="httpContext">The HTTP context.</param>
|
||||
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
||||
private async Task<AuthorizationInfo> GetAuthorization(HttpContext httpReq)
|
||||
private async Task<AuthorizationInfo> GetAuthorization(HttpContext httpContext)
|
||||
{
|
||||
var auth = GetAuthorizationDictionary(httpReq);
|
||||
var authInfo = await GetAuthorizationInfoFromDictionary(auth, httpReq.Request.Headers, httpReq.Request.Query).ConfigureAwait(false);
|
||||
var authInfo = await GetAuthorizationInfo(httpContext.Request).ConfigureAwait(false);
|
||||
|
||||
httpReq.Request.HttpContext.Items["AuthorizationInfo"] = authInfo;
|
||||
httpContext.Request.HttpContext.Items["AuthorizationInfo"] = authInfo;
|
||||
return authInfo;
|
||||
}
|
||||
|
||||
@ -80,7 +79,6 @@ namespace Jellyfin.Server.Implementations.Security
|
||||
auth.TryGetValue("Token", out token);
|
||||
}
|
||||
|
||||
#pragma warning disable CA1508 // string.IsNullOrEmpty(token) is always false.
|
||||
if (string.IsNullOrEmpty(token))
|
||||
{
|
||||
token = headers["X-Emby-Token"];
|
||||
@ -118,7 +116,6 @@ namespace Jellyfin.Server.Implementations.Security
|
||||
// Request doesn't contain a token.
|
||||
return authInfo;
|
||||
}
|
||||
#pragma warning restore CA1508
|
||||
|
||||
authInfo.HasToken = true;
|
||||
var dbContext = await _jellyfinDbProvider.CreateDbContextAsync().ConfigureAwait(false);
|
||||
@ -219,24 +216,7 @@ namespace Jellyfin.Server.Implementations.Security
|
||||
/// <summary>
|
||||
/// Gets the auth.
|
||||
/// </summary>
|
||||
/// <param name="httpReq">The HTTP req.</param>
|
||||
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
||||
private static Dictionary<string, string>? GetAuthorizationDictionary(HttpContext httpReq)
|
||||
{
|
||||
var auth = httpReq.Request.Headers["X-Emby-Authorization"];
|
||||
|
||||
if (string.IsNullOrEmpty(auth))
|
||||
{
|
||||
auth = httpReq.Request.Headers[HeaderNames.Authorization];
|
||||
}
|
||||
|
||||
return auth.Count > 0 ? GetAuthorization(auth[0]) : null;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets the auth.
|
||||
/// </summary>
|
||||
/// <param name="httpReq">The HTTP req.</param>
|
||||
/// <param name="httpReq">The HTTP request.</param>
|
||||
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
||||
private static Dictionary<string, string>? GetAuthorizationDictionary(HttpRequest httpReq)
|
||||
{
|
||||
|
@ -15,8 +15,8 @@ namespace Jellyfin.Server.Integration.Tests
|
||||
{
|
||||
public static class AuthHelper
|
||||
{
|
||||
public const string AuthHeaderName = "X-Emby-Authorization";
|
||||
public const string DummyAuthHeader = "MediaBrowser Client=\"Jellyfin.Server Integration Tests\", DeviceId=\"69420\", Device=\"Apple II\", Version=\"10.8.0\"";
|
||||
public const string AuthHeaderName = "Authorization";
|
||||
public const string DummyAuthHeader = "MediaBrowser Client=\"Jellyfin.Server%20Integration%20Tests\", DeviceId=\"69420\", Device=\"Apple%20II\", Version=\"10.8.0\"";
|
||||
|
||||
public static async Task<string> CompleteStartupAsync(HttpClient client)
|
||||
{
|
||||
@ -27,16 +27,19 @@ namespace Jellyfin.Server.Integration.Tests
|
||||
using var completeResponse = await client.PostAsync("/Startup/Complete", new ByteArrayContent(Array.Empty<byte>()));
|
||||
Assert.Equal(HttpStatusCode.NoContent, completeResponse.StatusCode);
|
||||
|
||||
using var content = JsonContent.Create(
|
||||
using var httpRequest = new HttpRequestMessage(HttpMethod.Post, "/Users/AuthenticateByName");
|
||||
httpRequest.Headers.TryAddWithoutValidation(AuthHeaderName, DummyAuthHeader);
|
||||
httpRequest.Content = JsonContent.Create(
|
||||
new AuthenticateUserByName()
|
||||
{
|
||||
Username = user!.Name,
|
||||
Pw = user.Password,
|
||||
},
|
||||
options: jsonOptions);
|
||||
content.Headers.Add("X-Emby-Authorization", DummyAuthHeader);
|
||||
|
||||
using var authResponse = await client.PostAsync("/Users/AuthenticateByName", content);
|
||||
using var authResponse = await client.SendAsync(httpRequest);
|
||||
authResponse.EnsureSuccessStatusCode();
|
||||
|
||||
var auth = await JsonSerializer.DeserializeAsync<AuthenticationResultDto>(
|
||||
await authResponse.Content.ReadAsStreamAsync(),
|
||||
jsonOptions);
|
||||
|
Loading…
Reference in New Issue
Block a user