Fixed the Plex OAuth warning

src/Ombi.Api.Plex/IPlexApi.cs

@@ -22,7 +22,6 @@ namespace Ombi.Api.Plex
         Task<PlexFriends> GetUsers(string authToken);
         Task<PlexAccount> GetAccount(string authToken);
         Task<PlexMetadata> GetRecentlyAdded(string authToken, string uri, string sectionId);
-        Task<OAuthPin> CreatePin();
         Task<OAuthPin> GetPin(int pinId);
         Task<Uri> GetOAuthUrl(int pinId, string code, string applicationUrl, bool wizard);
     }

src/Ombi.Api.Plex/PlexApi.cs

@@ -191,15 +191,6 @@ namespace Ombi.Api.Plex
             return await Api.Request<PlexMetadata>(request);
         }
 
-        public async Task<OAuthPin> CreatePin()
-        {
-            var request = new Request($"api/v2/pins", "https://plex.tv/", HttpMethod.Post);
-            request.AddQueryString("strong", "true");
-            await AddHeaders(request);
-
-            return await Api.Request<OAuthPin>(request);
-        }
-
         public async Task<OAuthPin> GetPin(int pinId)
         {
             var request = new Request($"api/v2/pins/{pinId}", "https://plex.tv/", HttpMethod.Get);
@@ -210,7 +201,7 @@ namespace Ombi.Api.Plex
 
         public async Task<Uri> GetOAuthUrl(int pinId, string code, string applicationUrl, bool wizard)
         {
-            var request = new Request("auth#!?", "https://app.plex.tv", HttpMethod.Get);
+            var request = new Request("auth#", "https://app.plex.tv", HttpMethod.Get);
             await AddHeaders(request);
             var forwardUrl = wizard
                 ? new Request($"Wizard/OAuth/{pinId}", applicationUrl, HttpMethod.Get)
@@ -219,11 +210,11 @@ namespace Ombi.Api.Plex
             request.AddQueryString("forwardUrl", forwardUrl.FullUri.ToString());
             request.AddQueryString("pinID", pinId.ToString());
             request.AddQueryString("code", code);
-            request.AddQueryString("context[device][product]", "Ombi");
+            request.AddQueryString("context[device][product]", ApplicationName);
             request.AddQueryString("context[device][environment]", "bundled");
             request.AddQueryString("context[device][layout]", "desktop");
             request.AddQueryString("context[device][platform]", "Web");
-            request.AddQueryString("context[device][devuce]", "Ombi (Web)");
+            request.AddQueryString("context[device][device]", "Ombi (Web)");
 
             var s = await GetSettings();
             await CheckInstallId(s);

src/Ombi.Core/Authentication/PlexOAuthManager.cs

@@ -20,12 +20,6 @@ namespace Ombi.Core.Authentication
         private readonly IPlexApi _api;
         private readonly ISettingsService<CustomizationSettings> _customizationSettingsService;
 
-        public async Task<OAuthPin> RequestPin()
-        {
-            var pin = await _api.CreatePin();
-            return pin;
-        }
-
         public async Task<string> GetAccessTokenFromPin(int pinId)
         {
             var pin = await _api.GetPin(pinId);

src/Ombi.Core/IPlexOAuthManager.cs

@@ -1,14 +1,12 @@
 using System;
 using System.Threading.Tasks;
 using Ombi.Api.Plex.Models;
-using Ombi.Api.Plex.Models.OAuth;
 
 namespace Ombi.Core.Authentication
 {
     public interface IPlexOAuthManager
     {
         Task<string> GetAccessTokenFromPin(int pinId);
-        Task<OAuthPin> RequestPin();
         Task<Uri> GetOAuthUrl(int pinId, string code, string websiteAddress = null);
         Task<Uri> GetWizardOAuthUrl(int pinId, string code, string websiteAddress);
         Task<PlexAccount> GetAccount(string accessToken);

src/Ombi/ClientApp/app/app.module.ts

@@ -36,7 +36,7 @@ import { ImageService } from "./services";
 import { LandingPageService } from "./services";
 import { NotificationService } from "./services";
 import { SettingsService } from "./services";
-import { IssuesService, JobService, StatusService } from "./services";
+import { IssuesService, JobService, PlexTvService, StatusService } from "./services";
 
 const routes: Routes = [
     { path: "*", component: PageNotFoundComponent },
@@ -133,6 +133,7 @@ export function HttpLoaderFactory(http: HttpClient, platformLocation: PlatformLo
         CookieService,
         JobService,
         IssuesService,
+        PlexTvService,
     ],
     bootstrap: [AppComponent],
 })

src/Ombi/ClientApp/app/auth/IUserLogin.ts

@@ -1,8 +1,11 @@
-export interface IUserLogin {
+import { IPlexPin } from "../interfaces";
+
+export interface IUserLogin {
     username: string;
     password: string;
     rememberMe: boolean;
     usePlexOAuth: boolean;
+    plexTvPin: IPlexPin;
 }
 
 export interface ILocalUser {

src/Ombi/ClientApp/app/interfaces/IPlex.ts

@@ -2,6 +2,16 @@
     user: IPlexUser;
 }
 
+export interface IPlexPin {
+    id: number;
+    code: string;
+}
+
+export interface IPlexOAuthViewModel {
+    wizard: boolean;
+    pin: IPlexPin;
+}
+
 export interface IPlexOAuthAccessToken {
     accessToken: string;
 }

src/Ombi/ClientApp/app/login/login.component.ts

@@ -6,7 +6,7 @@ import { TranslateService } from "@ngx-translate/core";
 import { PlatformLocation } from "@angular/common";
 import { AuthService } from "../auth/auth.service";
 import { IAuthenticationSettings, ICustomizationSettings } from "../interfaces";
-import { NotificationService } from "../services";
+import { NotificationService, PlexTvService } from "../services";
 import { SettingsService } from "../services";
 import { StatusService } from "../services";
 
@@ -40,13 +40,14 @@ export class LoginComponent implements OnDestroy, OnInit {
     }
 
     private timer: any;
+    private clientId: string;
     
     private errorBody: string;
     private errorValidation: string;
 
     constructor(private authService: AuthService, private router: Router, private notify: NotificationService, private status: StatusService,
                 private fb: FormBuilder, private settingsService: SettingsService, private images: ImageService, private sanitizer: DomSanitizer,
-                private route: ActivatedRoute, private location: PlatformLocation, private readonly translate: TranslateService) {
+                private route: ActivatedRoute, private location: PlatformLocation, private translate: TranslateService, private plexTv: PlexTvService) {
         this.route.params
             .subscribe((params: any) => {
                 this.landingFlag = params.landing;
@@ -78,6 +79,7 @@ export class LoginComponent implements OnDestroy, OnInit {
 
     public ngOnInit() {
         this.settingsService.getAuthentication().subscribe(x => this.authenticationSettings = x);
+        this.settingsService.getClientId().subscribe(x => this.clientId = x);
         this.settingsService.getCustomization().subscribe(x => this.customizationSettings = x);
         this.images.getRandomBackground().subscribe(x => {
             this.background = this.sanitizer.bypassSecurityTrustStyle("linear-gradient(-10deg, transparent 20%, rgba(0,0,0,0.7) 20.0%, rgba(0,0,0,0.7) 80.0%, transparent 80%),url(" + x.url + ")");
@@ -101,7 +103,7 @@ export class LoginComponent implements OnDestroy, OnInit {
             return;
         }
         const value = form.value;
-        const user = { password: value.password, username: value.username, rememberMe: value.rememberMe, usePlexOAuth: false };
+        const user = { password: value.password, username: value.username, rememberMe: value.rememberMe, usePlexOAuth: false, plexTvPin: { id: 0, code: ""} };
         this.authService.requiresPassword(user).subscribe(x => {
             if(x && this.authenticationSettings.allowNoPassword) {
                 // Looks like this user requires a password
@@ -123,7 +125,9 @@ export class LoginComponent implements OnDestroy, OnInit {
     }
 
     public oauth() {
-        this.authService.login({usePlexOAuth: true, password:"",rememberMe:true,username:""}).subscribe(x => {
+        this.plexTv.GetPin(this.clientId, this.appName).subscribe(pin => {
+
+            this.authService.login({usePlexOAuth: true, password:"",rememberMe:true,username:"", plexTvPin: pin}).subscribe(x => {
                 if (window.frameElement) {
                     // in frame
                     window.open(x.url, "_blank");
@@ -132,6 +136,7 @@ export class LoginComponent implements OnDestroy, OnInit {
                     window.location.href = x.url;
                 }
             });
+        });
     }
 
     public ngOnDestroy() {

src/Ombi/ClientApp/app/services/applications/index.ts

@@ -5,3 +5,4 @@ export * from "./radarr.service";
 export * from "./sonarr.service";
 export * from "./tester.service";
 export * from "./plexoauth.service";
+export * from "./plextv.service";

src/Ombi/ClientApp/app/services/applications/plex.service.ts

@@ -6,7 +6,7 @@ import { Observable } from "rxjs/Rx";
 
 import { ServiceHelpers } from "../service.helpers";
 
-import { IPlexAuthentication, IPlexLibResponse, IPlexServer, IPlexServerViewModel, IUsersModel } from "../../interfaces";
+import { IPlexAuthentication, IPlexLibResponse, IPlexOAuthViewModel,IPlexServer, IPlexServerViewModel, IUsersModel } from "../../interfaces";
 
 @Injectable()
 export class PlexService extends ServiceHelpers {
@@ -30,7 +30,7 @@ export class PlexService extends ServiceHelpers {
         return this.http.get<IUsersModel[]>(`${this.url}Friends`,  {headers: this.headers});
     }
 
-    public oAuth(wizard: boolean): Observable<any> {
+    public oAuth(wizard: IPlexOAuthViewModel): Observable<any> {
-        return this.http.get<any>(`${this.url}oauth/${wizard}`,  {headers: this.headers});
+        return this.http.post<any>(`${this.url}oauth`, JSON.stringify(wizard), {headers: this.headers});
     }
 }

src/Ombi/ClientApp/app/services/applications/plextv.service.ts

@@ -0,0 +1,28 @@
+import { PlatformLocation } from "@angular/common";
+import { HttpClient, HttpHeaders } from "@angular/common/http";
+import { Injectable } from "@angular/core";
+
+import { Observable } from "rxjs/Rx";
+
+import { IPlexPin } from "../../interfaces";
+
+@Injectable()
+export class PlexTvService {
+    
+    constructor(private http: HttpClient, public platformLocation: PlatformLocation) {
+      
+    }
+
+    public GetPin(clientId: string, applicationName: string): Observable<IPlexPin> {
+        const headers = new HttpHeaders({"Content-Type":"application/json",
+        "X-Plex-Client-Identifier": clientId,
+        "X-Plex-Product": applicationName,
+        "X-Plex-Version": "3",
+        "X-Plex-Device": "Ombi (Web)",
+        "X-Plex-Platform": "Web",
+        "Accept": "application/json",
+    });
+        return this.http.post<IPlexPin>("https://plex.tv/api/v2/pins?strong=true", null,  {headers});
+    }
+
+}

src/Ombi/ClientApp/app/services/settings.service.ts

@@ -95,6 +95,10 @@ export class SettingsService extends ServiceHelpers {
         return this.http.get<IAuthenticationSettings>(`${this.url}/Authentication`, {headers: this.headers});
     }
 
+    public getClientId(): Observable<string> {
+        return this.http.get<string>(`${this.url}/clientid`, {headers: this.headers});
+    }
+
     public saveAuthentication(settings: IAuthenticationSettings): Observable<boolean> {
         return this.http.post<boolean>(`${this.url}/Authentication`, JSON.stringify(settings), {headers: this.headers});
     }

src/Ombi/ClientApp/app/wizard/plex/plex.component.ts

@@ -1,20 +1,27 @@
-import { Component } from "@angular/core";
+import { Component, OnInit } from "@angular/core";
 import { Router } from "@angular/router";
 
-import { PlexService } from "../../services";
+import { PlexService, PlexTvService, SettingsService } from "../../services";
 import { IdentityService, NotificationService } from "../../services";
 
 @Component({
     templateUrl: "./plex.component.html",
 })
-export class PlexComponent {
+export class PlexComponent implements OnInit {
 
     public login: string;
     public password: string;
 
+    private clientId: string;
+
     constructor(private plexService: PlexService, private router: Router,
                 private notificationService: NotificationService,
-                private identityService: IdentityService) { }
+                private identityService: IdentityService, private plexTv: PlexTvService,
+                private settingsService: SettingsService) { }
+
+    public ngOnInit(): void {
+        this.settingsService.getClientId().subscribe(x => this.clientId = x);
+    }
 
     public requestAuthToken() {
         this.plexService.logIn(this.login, this.password).subscribe(x => {
@@ -40,10 +47,12 @@ export class PlexComponent {
     }
 
     public oauth() {
-        this.plexService.oAuth(true).subscribe(x => {
+        this.plexTv.GetPin(this.clientId, "Ombi").subscribe(pin => {
+            this.plexService.oAuth({wizard: true, pin}).subscribe(x => {
                 if(x.url) {
                     window.location.href = x.url;
                 }
             });
+        });
     }
 }

src/Ombi/Controllers/External/PlexController.cs

@@ -12,6 +12,7 @@ using Ombi.Core.Authentication;
 using Ombi.Core.Settings;
 using Ombi.Core.Settings.Models.External;
 using Ombi.Helpers;
+using Ombi.Models;
 using Ombi.Models.External;
 
 namespace Ombi.Controllers.External
@@ -177,25 +178,23 @@ namespace Ombi.Controllers.External
             return vm.DistinctBy(x => x.Id);
         }
 
-        [HttpGet("oauth/{wizard:bool}")]
+        [HttpPost("oauth")]
         [AllowAnonymous]
-        public async Task<IActionResult> OAuth(bool wizard)
+        public async Task<IActionResult> OAuth([FromBody]PlexOAuthViewModel wizard)
         {
             //https://app.plex.tv/auth#?forwardUrl=http://google.com/&clientID=Ombi-Test&context%5Bdevice%5D%5Bproduct%5D=Ombi%20SSO&pinID=798798&code=4lgfd
             // Plex OAuth
             // Redirect them to Plex
-            // We need a PIN first
-            var pin = await _plexOAuthManager.RequestPin();
 
             Uri url;
-            if (!wizard)
+            if (!wizard.Wizard)
             {
-                url = await _plexOAuthManager.GetOAuthUrl(pin.id, pin.code);
+                url = await _plexOAuthManager.GetOAuthUrl(wizard.Pin.id, wizard.Pin.code);
             }
             else
             {
                 var websiteAddress =$"{this.Request.Scheme}://{this.Request.Host}{this.Request.PathBase}";
-                url = await _plexOAuthManager.GetWizardOAuthUrl(pin.id, pin.code, websiteAddress);
+                url = await _plexOAuthManager.GetWizardOAuthUrl(wizard.Pin.id, wizard.Pin.code, websiteAddress);
             }
 
             if (url == null)

src/Ombi/Controllers/SettingsController.cs

@@ -127,10 +127,23 @@ namespace Ombi.Controllers
         public async Task<PlexSettings> PlexSettings()
         {
             var s = await Get<PlexSettings>();
-
             return s;
         }
 
+        [HttpGet("clientid")]
+        [AllowAnonymous]
+        public async Task<string> GetClientId()
+        {
+            var s = await Get<PlexSettings>();
+            if (s.InstallId == Guid.Empty)
+            {
+                s.InstallId = Guid.NewGuid();
+                // Save it
+                await PlexSettings(s);
+            }
+            return s.InstallId.ToString("N");
+        }
+
         /// <summary>
         /// Save the Plex settings.
         /// </summary>

src/Ombi/Controllers/TokenController.cs

@@ -80,12 +80,10 @@ namespace Ombi.Controllers
             {
                 // Plex OAuth
                 // Redirect them to Plex
-                // We need a PIN first
-                var pin = await _plexOAuthManager.RequestPin();
                 
                 var websiteAddress = $"{this.Request.Scheme}://{this.Request.Host}{this.Request.PathBase}";
                 //https://app.plex.tv/auth#?forwardUrl=http://google.com/&clientID=Ombi-Test&context%5Bdevice%5D%5Bproduct%5D=Ombi%20SSO&pinID=798798&code=4lgfd
-                var url = await _plexOAuthManager.GetOAuthUrl(pin.id, pin.code, websiteAddress);
+                var url = await _plexOAuthManager.GetOAuthUrl(model.PlexTvPin.id, model.PlexTvPin.code, websiteAddress);
                 if (url == null)
                 {
                     return new JsonResult(new

src/Ombi/Models/PlexOAuthViewModel.cs

@@ -0,0 +1,10 @@
+using Ombi.Api.Plex.Models.OAuth;
+
+namespace Ombi.Models
+{
+    public class PlexOAuthViewModel
+    {
+        public bool Wizard { get; set; }
+        public OAuthPin Pin { get; set; }
+    }
+}

src/Ombi/Models/UserAuthModel.cs

@@ -1,4 +1,6 @@
-namespace Ombi.Models
+using Ombi.Api.Plex.Models.OAuth;
+
+namespace Ombi.Models
 {
     public class UserAuthModel
     {
@@ -7,5 +9,6 @@
         public bool RememberMe { get; set; }
         public bool UsePlexAdminAccount { get; set; }
         public bool UsePlexOAuth { get; set; }
+        public OAuthPin PlexTvPin { get; set; }
     }
 }

src/Ombi/Startup.cs

@@ -129,6 +129,12 @@ namespace Ombi
                 //x.UseConsole();
             });
 
+            services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
+            {
+                builder.AllowAnyOrigin()
+                    .AllowAnyMethod()
+                    .AllowAnyHeader();
+            }));
 
             // Build the intermediate service provider
             return services.BuildServiceProvider();
@@ -211,6 +217,7 @@ namespace Ombi
             app.UseMiddleware<ErrorHandlingMiddleware>();
             app.UseMiddleware<ApiKeyMiddlewear>();
 
+            app.UseCors("MyPolicy");
             //app.ApiKeyMiddlewear(app.ApplicationServices);
             app.UseSwagger();
             app.UseSwaggerUI(c =>
@@ -218,6 +225,8 @@ namespace Ombi
                 c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
             });
 
+
+
             app.UseMvc(routes =>
             {
                 routes.MapRoute(