Fixed: Unable to login when instance name contained brackets

pull/5116/head
Mark McDowall 4 months ago committed by Bogdan
parent ccce4f5cc0
commit 3e5af06622

@ -1,5 +1,6 @@
using System; using System;
using System.Web; using System.Text.RegularExpressions;
using Diacritical;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
@ -10,6 +11,8 @@ namespace Lidarr.Http.Authentication
{ {
public static class AuthenticationBuilderExtensions public static class AuthenticationBuilderExtensions
{ {
private static readonly Regex CookieNameRegex = new Regex(@"[^a-z0-9]+", RegexOptions.Compiled | RegexOptions.IgnoreCase);
public static AuthenticationBuilder AddApiKey(this AuthenticationBuilder authenticationBuilder, string name, Action<ApiKeyAuthenticationOptions> options) public static AuthenticationBuilder AddApiKey(this AuthenticationBuilder authenticationBuilder, string name, Action<ApiKeyAuthenticationOptions> options)
{ {
return authenticationBuilder.AddScheme<ApiKeyAuthenticationOptions, ApiKeyAuthenticationHandler>(name, options); return authenticationBuilder.AddScheme<ApiKeyAuthenticationOptions, ApiKeyAuthenticationHandler>(name, options);
@ -35,8 +38,10 @@ namespace Lidarr.Http.Authentication
services.AddOptions<CookieAuthenticationOptions>(AuthenticationType.Forms.ToString()) services.AddOptions<CookieAuthenticationOptions>(AuthenticationType.Forms.ToString())
.Configure<IConfigFileProvider>((options, configFileProvider) => .Configure<IConfigFileProvider>((options, configFileProvider) =>
{ {
// Url Encode the cookie name to account for spaces or other invalid characters in the configured instance name // Replace diacritics and replace non-word characters to ensure cookie name doesn't contain any valid URL characters not allowed in cookie names
var instanceName = HttpUtility.UrlEncode(configFileProvider.InstanceName); var instanceName = configFileProvider.InstanceName;
instanceName = instanceName.RemoveDiacritics();
instanceName = CookieNameRegex.Replace(instanceName, string.Empty);
options.Cookie.Name = $"{instanceName}Auth"; options.Cookie.Name = $"{instanceName}Auth";
options.AccessDeniedPath = "/login?loginFailed=true"; options.AccessDeniedPath = "/login?loginFailed=true";

Loading…
Cancel
Save