From f104be6dd117f214bf141655bae9d86f3fb16777 Mon Sep 17 00:00:00 2001
From: Mark McDowall <markus.mcd5@gmail.com>
Date: Mon, 21 Apr 2014 18:04:23 -0700
Subject: [PATCH] New: Support API Key via query string

---
 .../EnableStatelessAuthInNancy.cs             | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs b/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
index 1bcb8685e..a7aae870d 100644
--- a/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
+++ b/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
@@ -5,7 +5,6 @@ using Nancy.Bootstrapper;
 using NzbDrone.Api.Extensions;
 using NzbDrone.Api.Extensions.Pipelines;
 using NzbDrone.Common;
-using NzbDrone.Common.EnvironmentInfo;
 using NzbDrone.Core.Configuration;
 
 namespace NzbDrone.Api.Authentication
@@ -28,9 +27,7 @@ namespace NzbDrone.Api.Authentication
         {
             Response response = null;
 
-            var authorizationHeader = context.Request.Headers.Authorization;
-            var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
-            var apiKey = apiKeyHeader.IsNullOrWhiteSpace() ? authorizationHeader : apiKeyHeader;
+            var apiKey = GetApiKey(context);
 
             if (context.Request.IsApiRequest() && !ValidApiKey(apiKey))
             {
@@ -46,5 +43,23 @@ namespace NzbDrone.Api.Authentication
 
             return true;
         }
+
+        private string GetApiKey(NancyContext context)
+        {
+            var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
+            var apiKeyQueryString = context.Request.Query["ApiKey"];
+
+            if (!apiKeyHeader.IsNullOrWhiteSpace())
+            {
+                return apiKeyHeader;
+            }
+
+            if (apiKeyQueryString.HasValue)
+            {
+                return apiKeyQueryString.Value;
+            }
+
+            return context.Request.Headers.Authorization;
+        }
     }
 }
\ No newline at end of file