From c55fc32c63bfc9947c3afb2cb6bac71d6beb7a2d Mon Sep 17 00:00:00 2001
From: Jamie Rees <Jamie.Rees@moneybarn.com>
Date: Sun, 1 Jul 2018 22:16:12 +0100
Subject: [PATCH] Fixed Plex OAuth, should no longer show Insecure warning

---
 src/Ombi.Api.Plex/PlexApi.cs                  |  2 +-
 .../Authentication/PlexOAuthManager.cs        | 13 -------
 .../ClientApp/app/login/login.component.ts    | 34 ++++++++++++++-----
 src/Ombi/Controllers/TokenController.cs       |  4 +--
 4 files changed, 29 insertions(+), 24 deletions(-)

diff --git a/src/Ombi.Api.Plex/PlexApi.cs b/src/Ombi.Api.Plex/PlexApi.cs
index a16dee9ec..95c1c9d49 100644
--- a/src/Ombi.Api.Plex/PlexApi.cs
+++ b/src/Ombi.Api.Plex/PlexApi.cs
@@ -214,7 +214,7 @@ namespace Ombi.Api.Plex
                 ? new Request($"Wizard/OAuth/{pinId}", applicationUrl, HttpMethod.Get) 
                 : new Request($"Login/OAuth/{pinId}", applicationUrl, HttpMethod.Get);
 
-            request.AddQueryString("forwardUrl", forwardUrl.FullUri.ToString());
+            //request.AddQueryString("forwardUrl", forwardUrl.FullUri.ToString());
             request.AddQueryString("pinID", pinId.ToString());
             request.AddQueryString("code", code);
             request.AddQueryString("context[device][product]", "Ombi");
diff --git a/src/Ombi.Core/Authentication/PlexOAuthManager.cs b/src/Ombi.Core/Authentication/PlexOAuthManager.cs
index 37ed7d2f7..887245579 100644
--- a/src/Ombi.Core/Authentication/PlexOAuthManager.cs
+++ b/src/Ombi.Core/Authentication/PlexOAuthManager.cs
@@ -34,19 +34,6 @@ namespace Ombi.Core.Authentication
                 return string.Empty;
             }
 
-            if (pin.authToken.IsNullOrEmpty())
-            {
-                // Looks like we do not have a pin yet, we should retry a few times.
-                var retryCount = 0;
-                var retryMax = 5;
-                var retryWaitMs = 1000;
-                while (pin.authToken.IsNullOrEmpty() && retryCount < retryMax)
-                {
-                    retryCount++;
-                    await Task.Delay(retryWaitMs);
-                    pin = await _api.GetPin(pinId);
-                }
-            }
             return pin.authToken;
         }
 
diff --git a/src/Ombi/ClientApp/app/login/login.component.ts b/src/Ombi/ClientApp/app/login/login.component.ts
index 3447f84c3..e6386b8ce 100644
--- a/src/Ombi/ClientApp/app/login/login.component.ts
+++ b/src/Ombi/ClientApp/app/login/login.component.ts
@@ -40,6 +40,7 @@ export class LoginComponent implements OnDestroy, OnInit {
     }
 
     private timer: any;
+    private pinTimer: any;
     
     private errorBody: string;
     private errorValidation: string;
@@ -124,18 +125,35 @@ export class LoginComponent implements OnDestroy, OnInit {
 
     public oauth() {
         this.authService.login({usePlexOAuth: true, password:"",rememberMe:true,username:""}).subscribe(x => {
-            if (window.frameElement) {
-                // in frame
-                window.open(x.url, "_blank");
-              } else {
-                // not in frame
-                window.location.href = x.url;
-              }
-        });
+                window.open(x.url, "_blank");      
+                this.pinTimer = setInterval(() => {
+                    this.getPinResult(x.pinId);
+                }, 10000);
+            });
+
+    }
+
+    public getPinResult(pinId: number) {
+        this.authService.oAuth(pinId).subscribe(x => {
+            if(x.access_token) {
+              localStorage.setItem("id_token", x.access_token);
+  
+              if (this.authService.loggedIn()) {
+                  this.router.navigate(["search"]);
+                  return;
+              } 
+          }
+  
+          }, err => {
+              this.notify.error(err.statusText);
+              
+              this.router.navigate(["login"]);
+          });
     }
 
     public ngOnDestroy() {
         clearInterval(this.timer);
+        clearInterval(this.pinTimer);
     }
 
     private cycleBackground() {
diff --git a/src/Ombi/Controllers/TokenController.cs b/src/Ombi/Controllers/TokenController.cs
index b45752af4..3d810d1d2 100644
--- a/src/Ombi/Controllers/TokenController.cs
+++ b/src/Ombi/Controllers/TokenController.cs
@@ -82,7 +82,7 @@ namespace Ombi.Controllers
                 // Redirect them to Plex
                 // We need a PIN first
                 var pin = await _plexOAuthManager.RequestPin();
-
+                
                 var websiteAddress = $"{this.Request.Scheme}://{this.Request.Host}{this.Request.PathBase}";
                 //https://app.plex.tv/auth#?forwardUrl=http://google.com/&clientID=Ombi-Test&context%5Bdevice%5D%5Bproduct%5D=Ombi%20SSO&pinID=798798&code=4lgfd
                 var url = await _plexOAuthManager.GetOAuthUrl(pin.id, pin.code, websiteAddress);
@@ -93,7 +93,7 @@ namespace Ombi.Controllers
                         error = "Application URL has not been set"
                     });
                 }
-                return new JsonResult(new { url = url.ToString() });
+                return new JsonResult(new { url = url.ToString(), pinId = pin.id });
             }
 
             return new UnauthorizedResult();