From cbf331cd09409b58d51506c18e0874aaac747c46 Mon Sep 17 00:00:00 2001
From: Jamie Rees <Jamie.rees@moneybarn.com>
Date: Mon, 2 Jul 2018 08:06:43 +0100
Subject: [PATCH] Revert "Fixed Plex OAuth, should no longer show Insecure
 warning"

This reverts commit c55fc32c63bfc9947c3afb2cb6bac71d6beb7a2d.
---
 src/Ombi.Api.Plex/PlexApi.cs                  |  2 +-
 .../Authentication/PlexOAuthManager.cs        | 13 +++++++
 .../ClientApp/app/login/login.component.ts    | 34 +++++--------------
 src/Ombi/Controllers/TokenController.cs       |  4 +--
 4 files changed, 24 insertions(+), 29 deletions(-)

diff --git a/src/Ombi.Api.Plex/PlexApi.cs b/src/Ombi.Api.Plex/PlexApi.cs
index 95c1c9d49..a16dee9ec 100644
--- a/src/Ombi.Api.Plex/PlexApi.cs
+++ b/src/Ombi.Api.Plex/PlexApi.cs
@@ -214,7 +214,7 @@ namespace Ombi.Api.Plex
                 ? new Request($"Wizard/OAuth/{pinId}", applicationUrl, HttpMethod.Get) 
                 : new Request($"Login/OAuth/{pinId}", applicationUrl, HttpMethod.Get);
 
-            //request.AddQueryString("forwardUrl", forwardUrl.FullUri.ToString());
+            request.AddQueryString("forwardUrl", forwardUrl.FullUri.ToString());
             request.AddQueryString("pinID", pinId.ToString());
             request.AddQueryString("code", code);
             request.AddQueryString("context[device][product]", "Ombi");
diff --git a/src/Ombi.Core/Authentication/PlexOAuthManager.cs b/src/Ombi.Core/Authentication/PlexOAuthManager.cs
index 887245579..37ed7d2f7 100644
--- a/src/Ombi.Core/Authentication/PlexOAuthManager.cs
+++ b/src/Ombi.Core/Authentication/PlexOAuthManager.cs
@@ -34,6 +34,19 @@ namespace Ombi.Core.Authentication
                 return string.Empty;
             }
 
+            if (pin.authToken.IsNullOrEmpty())
+            {
+                // Looks like we do not have a pin yet, we should retry a few times.
+                var retryCount = 0;
+                var retryMax = 5;
+                var retryWaitMs = 1000;
+                while (pin.authToken.IsNullOrEmpty() && retryCount < retryMax)
+                {
+                    retryCount++;
+                    await Task.Delay(retryWaitMs);
+                    pin = await _api.GetPin(pinId);
+                }
+            }
             return pin.authToken;
         }
 
diff --git a/src/Ombi/ClientApp/app/login/login.component.ts b/src/Ombi/ClientApp/app/login/login.component.ts
index e6386b8ce..3447f84c3 100644
--- a/src/Ombi/ClientApp/app/login/login.component.ts
+++ b/src/Ombi/ClientApp/app/login/login.component.ts
@@ -40,7 +40,6 @@ export class LoginComponent implements OnDestroy, OnInit {
     }
 
     private timer: any;
-    private pinTimer: any;
     
     private errorBody: string;
     private errorValidation: string;
@@ -125,35 +124,18 @@ export class LoginComponent implements OnDestroy, OnInit {
 
     public oauth() {
         this.authService.login({usePlexOAuth: true, password:"",rememberMe:true,username:""}).subscribe(x => {
-                window.open(x.url, "_blank");      
-                this.pinTimer = setInterval(() => {
-                    this.getPinResult(x.pinId);
-                }, 10000);
-            });
-
-    }
-
-    public getPinResult(pinId: number) {
-        this.authService.oAuth(pinId).subscribe(x => {
-            if(x.access_token) {
-              localStorage.setItem("id_token", x.access_token);
-  
-              if (this.authService.loggedIn()) {
-                  this.router.navigate(["search"]);
-                  return;
-              } 
-          }
-  
-          }, err => {
-              this.notify.error(err.statusText);
-              
-              this.router.navigate(["login"]);
-          });
+            if (window.frameElement) {
+                // in frame
+                window.open(x.url, "_blank");
+              } else {
+                // not in frame
+                window.location.href = x.url;
+              }
+        });
     }
 
     public ngOnDestroy() {
         clearInterval(this.timer);
-        clearInterval(this.pinTimer);
     }
 
     private cycleBackground() {
diff --git a/src/Ombi/Controllers/TokenController.cs b/src/Ombi/Controllers/TokenController.cs
index 3d810d1d2..b45752af4 100644
--- a/src/Ombi/Controllers/TokenController.cs
+++ b/src/Ombi/Controllers/TokenController.cs
@@ -82,7 +82,7 @@ namespace Ombi.Controllers
                 // Redirect them to Plex
                 // We need a PIN first
                 var pin = await _plexOAuthManager.RequestPin();
-                
+
                 var websiteAddress = $"{this.Request.Scheme}://{this.Request.Host}{this.Request.PathBase}";
                 //https://app.plex.tv/auth#?forwardUrl=http://google.com/&clientID=Ombi-Test&context%5Bdevice%5D%5Bproduct%5D=Ombi%20SSO&pinID=798798&code=4lgfd
                 var url = await _plexOAuthManager.GetOAuthUrl(pin.id, pin.code, websiteAddress);
@@ -93,7 +93,7 @@ namespace Ombi.Controllers
                         error = "Application URL has not been set"
                     });
                 }
-                return new JsonResult(new { url = url.ToString(), pinId = pin.id });
+                return new JsonResult(new { url = url.ToString() });
             }
 
             return new UnauthorizedResult();