Merged authentication so they don't step on eachother

Fixed: iCal authentication with API Key
pull/6/head
Mark McDowall 11 years ago
parent dfe2746bc6
commit 412291a7c4

@ -1,6 +1,10 @@
using Nancy; using System;
using System.Linq;
using Nancy;
using Nancy.Authentication.Basic; using Nancy.Authentication.Basic;
using Nancy.Security; using Nancy.Security;
using NzbDrone.Api.Extensions;
using NzbDrone.Common;
using NzbDrone.Core.Configuration; using NzbDrone.Core.Configuration;
namespace NzbDrone.Api.Authentication namespace NzbDrone.Api.Authentication
@ -15,10 +19,12 @@ namespace NzbDrone.Api.Authentication
{ {
private readonly IConfigFileProvider _configFileProvider; private readonly IConfigFileProvider _configFileProvider;
private static readonly NzbDroneUser AnonymousUser = new NzbDroneUser { UserName = "Anonymous" }; private static readonly NzbDroneUser AnonymousUser = new NzbDroneUser { UserName = "Anonymous" };
private static String API_KEY;
public AuthenticationService(IConfigFileProvider configFileProvider) public AuthenticationService(IConfigFileProvider configFileProvider)
{ {
_configFileProvider = configFileProvider; _configFileProvider = configFileProvider;
API_KEY = configFileProvider.ApiKey;
} }
public IUserIdentity Validate(string username, string password) public IUserIdentity Validate(string username, string password)
@ -47,9 +53,71 @@ namespace NzbDrone.Api.Authentication
public bool IsAuthenticated(NancyContext context) public bool IsAuthenticated(NancyContext context)
{ {
if (context.CurrentUser == null && _configFileProvider.AuthenticationEnabled) return false; var apiKey = GetApiKey(context);
return true; if (context.Request.IsApiRequest())
{
return ValidApiKey(apiKey);
}
if (context.Request.IsFeedRequest())
{
if (!Enabled)
{
return true;
}
if (ValidUser(context) || ValidApiKey(apiKey))
{
return true;
}
return false;
}
if (!Enabled)
{
return true;
}
if (ValidUser(context))
{
return true;
}
return false;
}
private bool ValidUser(NancyContext context)
{
if (context.CurrentUser != null) return true;
return false;
}
private bool ValidApiKey(string apiKey)
{
if (API_KEY.Equals(apiKey)) return true;
return false;
}
private string GetApiKey(NancyContext context)
{
var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
var apiKeyQueryString = context.Request.Query["ApiKey"];
if (!apiKeyHeader.IsNullOrWhiteSpace())
{
return apiKeyHeader;
}
if (apiKeyQueryString.HasValue)
{
return apiKeyQueryString.Value;
}
return context.Request.Headers.Authorization;
} }
} }
} }

@ -1,16 +1,15 @@
using Nancy; using Nancy;
using Nancy.Authentication.Basic; using Nancy.Authentication.Basic;
using Nancy.Bootstrapper; using Nancy.Bootstrapper;
using NzbDrone.Api.Extensions;
using NzbDrone.Api.Extensions.Pipelines; using NzbDrone.Api.Extensions.Pipelines;
namespace NzbDrone.Api.Authentication namespace NzbDrone.Api.Authentication
{ {
public class EnableBasicAuthInNancy : IRegisterNancyPipeline public class EnableAuthInNancy : IRegisterNancyPipeline
{ {
private readonly IAuthenticationService _authenticationService; private readonly IAuthenticationService _authenticationService;
public EnableBasicAuthInNancy(IAuthenticationService authenticationService) public EnableAuthInNancy(IAuthenticationService authenticationService)
{ {
_authenticationService = authenticationService; _authenticationService = authenticationService;
} }
@ -25,7 +24,7 @@ namespace NzbDrone.Api.Authentication
{ {
Response response = null; Response response = null;
if (!context.Request.IsApiRequest() && !_authenticationService.IsAuthenticated(context)) if (!_authenticationService.IsAuthenticated(context))
{ {
response = new Response { StatusCode = HttpStatusCode.Unauthorized }; response = new Response { StatusCode = HttpStatusCode.Unauthorized };
} }

@ -1,65 +0,0 @@
using System;
using System.Linq;
using Nancy;
using Nancy.Bootstrapper;
using NzbDrone.Api.Extensions;
using NzbDrone.Api.Extensions.Pipelines;
using NzbDrone.Common;
using NzbDrone.Core.Configuration;
namespace NzbDrone.Api.Authentication
{
public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
{
private static String API_KEY;
public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider)
{
API_KEY = configFileProvider.ApiKey;
}
public void Register(IPipelines pipelines)
{
pipelines.BeforeRequest.AddItemToEndOfPipeline(ValidateApiKey);
}
public Response ValidateApiKey(NancyContext context)
{
Response response = null;
var apiKey = GetApiKey(context);
if ((context.Request.IsApiRequest() || context.Request.IsFeedRequest()) && !ValidApiKey(apiKey))
{
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
}
return response;
}
private bool ValidApiKey(string apiKey)
{
if (!API_KEY.Equals(apiKey)) return false;
return true;
}
private string GetApiKey(NancyContext context)
{
var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
var apiKeyQueryString = context.Request.Query["ApiKey"];
if (!apiKeyHeader.IsNullOrWhiteSpace())
{
return apiKeyHeader;
}
if (apiKeyQueryString.HasValue)
{
return apiKeyQueryString.Value;
}
return context.Request.Headers.Authorization;
}
}
}

@ -85,8 +85,7 @@
<Link>Properties\SharedAssemblyInfo.cs</Link> <Link>Properties\SharedAssemblyInfo.cs</Link>
</Compile> </Compile>
<Compile Include="Authentication\AuthenticationService.cs" /> <Compile Include="Authentication\AuthenticationService.cs" />
<Compile Include="Authentication\EnableStatelessAuthInNancy.cs" /> <Compile Include="Authentication\EnableAuthInNancy.cs" />
<Compile Include="Authentication\EnableBasicAuthInNancy.cs" />
<Compile Include="Authentication\NzbDroneUser.cs" /> <Compile Include="Authentication\NzbDroneUser.cs" />
<Compile Include="Blacklist\BlacklistModule.cs" /> <Compile Include="Blacklist\BlacklistModule.cs" />
<Compile Include="Blacklist\BlacklistResource.cs" /> <Compile Include="Blacklist\BlacklistResource.cs" />

Loading…
Cancel
Save