From e5d57bd82f9a089b7c19ea357efd2b8b34fd418b Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Tue, 2 Jul 2019 12:21:54 +0200
Subject: [PATCH 01/12] Move StartupWizard to ASP.NET Web Api

---
 .../ApplicationHost.cs                        |  15 +-
 .../Emby.Server.Implementations.csproj        |   2 +
 Emby.Server.Implementations/MvcRoutePrefix.cs |  48 +++++++
 Jellyfin.Api/Controllers/StartupController.cs |  88 ++++++++++++
 Jellyfin.Api/Jellyfin.Api.csproj              |  18 +++
 .../Models/Startup/StartupConfiguration.cs    |   9 ++
 Jellyfin.Api/Models/Startup/StartupUser.cs    |   8 ++
 MediaBrowser.Api/StartupWizardService.cs      | 135 ------------------
 MediaBrowser.sln                              |  11 +-
 9 files changed, 192 insertions(+), 142 deletions(-)
 create mode 100644 Emby.Server.Implementations/MvcRoutePrefix.cs
 create mode 100644 Jellyfin.Api/Controllers/StartupController.cs
 create mode 100644 Jellyfin.Api/Jellyfin.Api.csproj
 create mode 100644 Jellyfin.Api/Models/Startup/StartupConfiguration.cs
 create mode 100644 Jellyfin.Api/Models/Startup/StartupUser.cs

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index fef461b9ac..a9c4e1fdc9 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -108,6 +108,7 @@ using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Extensions;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
@@ -611,8 +612,6 @@ namespace Emby.Server.Implementations
 
             await RegisterResources(serviceCollection).ConfigureAwait(false);
 
-            FindParts();
-
             string contentRoot = ServerConfigurationManager.Configuration.DashboardSourcePath;
             if (string.IsNullOrEmpty(contentRoot))
             {
@@ -657,6 +656,14 @@ namespace Emby.Server.Implementations
                 {
                     services.AddResponseCompression();
                     services.AddHttpContextAccessor();
+                    services.AddMvc(opts =>
+                        {
+                            opts.UseGeneralRoutePrefix("emby", "emby/emby", "api/v{version:apiVersion}");
+                        })
+                        .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
+                        .AddApplicationPart(Assembly.Load("Jellyfin.Api"));
+                    services.AddApiVersioning(opt => opt.ReportApiVersions = true);
+                    services.TryAdd(serviceCollection);
                 })
                 .Configure(app =>
                 {
@@ -666,10 +673,14 @@ namespace Emby.Server.Implementations
 
                     // TODO app.UseMiddleware<WebSocketMiddleware>();
                     app.Use(ExecuteWebsocketHandlerAsync);
+                    app.UseMvc();
                     app.Use(ExecuteHttpHandlerAsync);
                 })
                 .Build();
 
+            _serviceProvider = host.Services;
+            FindParts();
+
             try
             {
                 await host.StartAsync().ConfigureAwait(false);
diff --git a/Emby.Server.Implementations/Emby.Server.Implementations.csproj b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
index 45607dc098..23e35f77e1 100644
--- a/Emby.Server.Implementations/Emby.Server.Implementations.csproj
+++ b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
@@ -3,6 +3,7 @@
   <ItemGroup>
     <ProjectReference Include="..\Emby.Naming\Emby.Naming.csproj" />
     <ProjectReference Include="..\Emby.Notifications\Emby.Notifications.csproj" />
+    <ProjectReference Include="..\Jellyfin.Api\Jellyfin.Api.csproj" />
     <ProjectReference Include="..\MediaBrowser.Model\MediaBrowser.Model.csproj" />
     <ProjectReference Include="..\MediaBrowser.Common\MediaBrowser.Common.csproj" />
     <ProjectReference Include="..\MediaBrowser.Controller\MediaBrowser.Controller.csproj" />
@@ -25,6 +26,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Server.Abstractions" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Http" Version="2.2.2" />
     <PackageReference Include="Microsoft.AspNetCore.Http.Extensions" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.ResponseCompression" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.WebSockets" Version="2.2.1" />
diff --git a/Emby.Server.Implementations/MvcRoutePrefix.cs b/Emby.Server.Implementations/MvcRoutePrefix.cs
new file mode 100644
index 0000000000..fb26ae09da
--- /dev/null
+++ b/Emby.Server.Implementations/MvcRoutePrefix.cs
@@ -0,0 +1,48 @@
+using System.Collections.Generic;
+using System.Linq;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.ApplicationModels;
+
+namespace Emby.Server.Implementations
+{
+    public static class MvcRoutePrefix
+    {
+        public static void UseGeneralRoutePrefix(this MvcOptions opts, params string[] prefixes)
+        {
+            opts.Conventions.Insert(0, new RoutePrefixConvention(prefixes));
+        }
+
+        internal class RoutePrefixConvention : IApplicationModelConvention
+        {
+            private readonly AttributeRouteModel[] _routePrefixes;
+
+            public RoutePrefixConvention(IEnumerable<string> prefixes)
+            {
+                _routePrefixes = prefixes.Select(p => new AttributeRouteModel(new RouteAttribute(p))).ToArray();
+            }
+
+            public void Apply(ApplicationModel application)
+            {
+                foreach (var controller in application.Controllers)
+                {
+                    if (controller.Selectors == null)
+                    {
+                        continue;
+                    }
+
+                    var newSelectors = new List<SelectorModel>();
+                    foreach (var selector in controller.Selectors)
+                    {
+                        newSelectors.AddRange(_routePrefixes.Select(routePrefix => new SelectorModel(selector)
+                        {
+                            AttributeRouteModel = AttributeRouteModel.CombineAttributeRouteModel(routePrefix, selector.AttributeRouteModel)
+                        }));
+                    }
+
+                    controller.Selectors.Clear();
+                    newSelectors.ForEach(selector => controller.Selectors.Add(selector));
+                }
+            }
+        }
+    }
+}
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
new file mode 100644
index 0000000000..c17b534ebf
--- /dev/null
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -0,0 +1,88 @@
+using System.Linq;
+using System.Threading.Tasks;
+using Jellyfin.Api.Models.Startup;
+using MediaBrowser.Controller.Configuration;
+using MediaBrowser.Controller.Library;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Jellyfin.Api.Controllers
+{
+    [ApiVersion("1")]
+    [Route("[controller]")]
+    public class StartupController : ControllerBase
+    {
+        private readonly IServerConfigurationManager _config;
+        private readonly IUserManager _userManager;
+
+        public StartupController(IServerConfigurationManager config, IUserManager userManager)
+        {
+            _config = config;
+            _userManager = userManager;
+        }
+
+        [HttpPost("Complete")]
+        public void Post()
+        {
+            _config.Configuration.IsStartupWizardCompleted = true;
+            _config.SetOptimalValues();
+            _config.SaveConfiguration();
+        }
+
+        [HttpGet("Configuration")]
+        public StartupConfiguration Get()
+        {
+            var result = new StartupConfiguration
+            {
+                UICulture = _config.Configuration.UICulture,
+                MetadataCountryCode = _config.Configuration.MetadataCountryCode,
+                PreferredMetadataLanguage = _config.Configuration.PreferredMetadataLanguage
+            };
+
+            return result;
+        }
+
+        [HttpPost("Configuration")]
+        public void UpdateInitial([FromForm] string uiCulture, [FromForm] string metadataCountryCode, [FromForm] string preferredMetadataLanguage)
+        {
+            _config.Configuration.UICulture = uiCulture;
+            _config.Configuration.MetadataCountryCode = metadataCountryCode;
+            _config.Configuration.PreferredMetadataLanguage = preferredMetadataLanguage;
+            _config.SaveConfiguration();
+        }
+
+        [HttpPost("RemoteAccess")]
+        public void Post([FromForm] bool enableRemoteAccess, [FromForm] bool enableAutomaticPortMapping)
+        {
+            _config.Configuration.EnableRemoteAccess = enableRemoteAccess;
+            _config.Configuration.EnableUPnP = enableAutomaticPortMapping;
+            _config.SaveConfiguration();
+        }
+
+        [HttpGet("User")]
+        public StartupUser GetUser()
+        {
+            var user = _userManager.Users.First();
+
+            return new StartupUser
+            {
+                Name = user.Name,
+                Password = user.Password
+            };
+        }
+
+        [HttpPost("User")]
+        public async Task Post([FromForm] StartupUser startupUser)
+        {
+            var user = _userManager.Users.First();
+
+            user.Name = startupUser.Name;
+
+            _userManager.UpdateUser(user);
+
+            if (!string.IsNullOrEmpty(startupUser.Password))
+            {
+                await _userManager.ChangePassword(user, startupUser.Password).ConfigureAwait(false);
+            }
+        }
+    }
+}
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
new file mode 100644
index 0000000000..7a7e49e302
--- /dev/null
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -0,0 +1,18 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>netstandard2.0</TargetFramework>
+    <OutputType>Library</OutputType>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.Versioning" Version="3.1.3" />
+    <PackageReference Include="NETStandard.Library" Version="2.0.3" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\MediaBrowser.Controller\MediaBrowser.Controller.csproj" />
+  </ItemGroup>
+
+</Project>
diff --git a/Jellyfin.Api/Models/Startup/StartupConfiguration.cs b/Jellyfin.Api/Models/Startup/StartupConfiguration.cs
new file mode 100644
index 0000000000..08dd59a177
--- /dev/null
+++ b/Jellyfin.Api/Models/Startup/StartupConfiguration.cs
@@ -0,0 +1,9 @@
+namespace Jellyfin.Api.Models.Startup
+{
+    public class StartupConfiguration
+    {
+        public string UICulture { get; set; }
+        public string MetadataCountryCode { get; set; }
+        public string PreferredMetadataLanguage { get; set; }
+    }
+}
diff --git a/Jellyfin.Api/Models/Startup/StartupUser.cs b/Jellyfin.Api/Models/Startup/StartupUser.cs
new file mode 100644
index 0000000000..93a09e865b
--- /dev/null
+++ b/Jellyfin.Api/Models/Startup/StartupUser.cs
@@ -0,0 +1,8 @@
+namespace Jellyfin.Api.Models.Startup
+{
+    public class StartupUser
+    {
+        public string Name { get; set; }
+        public string Password { get; set; }
+    }
+}
diff --git a/MediaBrowser.Api/StartupWizardService.cs b/MediaBrowser.Api/StartupWizardService.cs
index 3a9eb7a55e..e69de29bb2 100644
--- a/MediaBrowser.Api/StartupWizardService.cs
+++ b/MediaBrowser.Api/StartupWizardService.cs
@@ -1,135 +0,0 @@
-using System.Linq;
-using System.Threading.Tasks;
-using MediaBrowser.Common.Net;
-using MediaBrowser.Controller;
-using MediaBrowser.Controller.Configuration;
-using MediaBrowser.Controller.Library;
-using MediaBrowser.Controller.MediaEncoding;
-using MediaBrowser.Controller.Net;
-using MediaBrowser.Model.Services;
-
-namespace MediaBrowser.Api
-{
-    [Route("/Startup/Complete", "POST", Summary = "Reports that the startup wizard has been completed", IsHidden = true)]
-    public class ReportStartupWizardComplete : IReturnVoid
-    {
-    }
-
-    [Route("/Startup/Configuration", "GET", Summary = "Gets initial server configuration", IsHidden = true)]
-    public class GetStartupConfiguration : IReturn<StartupConfiguration>
-    {
-    }
-
-    [Route("/Startup/Configuration", "POST", Summary = "Updates initial server configuration", IsHidden = true)]
-    public class UpdateStartupConfiguration : StartupConfiguration, IReturnVoid
-    {
-    }
-
-    [Route("/Startup/RemoteAccess", "POST", Summary = "Updates initial server configuration", IsHidden = true)]
-    public class UpdateRemoteAccessConfiguration : IReturnVoid
-    {
-        public bool EnableRemoteAccess { get; set; }
-        public bool EnableAutomaticPortMapping { get; set; }
-    }
-
-    [Route("/Startup/User", "GET", Summary = "Gets initial user info", IsHidden = true)]
-    public class GetStartupUser : IReturn<StartupUser>
-    {
-    }
-
-    [Route("/Startup/User", "POST", Summary = "Updates initial user info", IsHidden = true)]
-    public class UpdateStartupUser : StartupUser
-    {
-    }
-
-    [Authenticated(AllowBeforeStartupWizard = true, Roles = "Admin")]
-    public class StartupWizardService : BaseApiService
-    {
-        private readonly IServerConfigurationManager _config;
-        private readonly IServerApplicationHost _appHost;
-        private readonly IUserManager _userManager;
-        private readonly IMediaEncoder _mediaEncoder;
-        private readonly IHttpClient _httpClient;
-
-        public StartupWizardService(IServerConfigurationManager config, IHttpClient httpClient, IServerApplicationHost appHost, IUserManager userManager, IMediaEncoder mediaEncoder)
-        {
-            _config = config;
-            _appHost = appHost;
-            _userManager = userManager;
-            _mediaEncoder = mediaEncoder;
-            _httpClient = httpClient;
-        }
-
-        public void Post(ReportStartupWizardComplete request)
-        {
-            _config.Configuration.IsStartupWizardCompleted = true;
-            _config.SetOptimalValues();
-            _config.SaveConfiguration();
-        }
-
-        public object Get(GetStartupConfiguration request)
-        {
-            var result = new StartupConfiguration
-            {
-                UICulture = _config.Configuration.UICulture,
-                MetadataCountryCode = _config.Configuration.MetadataCountryCode,
-                PreferredMetadataLanguage = _config.Configuration.PreferredMetadataLanguage
-            };
-
-            return result;
-        }
-
-        public void Post(UpdateStartupConfiguration request)
-        {
-            _config.Configuration.UICulture = request.UICulture;
-            _config.Configuration.MetadataCountryCode = request.MetadataCountryCode;
-            _config.Configuration.PreferredMetadataLanguage = request.PreferredMetadataLanguage;
-            _config.SaveConfiguration();
-        }
-
-        public void Post(UpdateRemoteAccessConfiguration request)
-        {
-            _config.Configuration.EnableRemoteAccess = request.EnableRemoteAccess;
-            _config.Configuration.EnableUPnP = request.EnableAutomaticPortMapping;
-            _config.SaveConfiguration();
-        }
-
-        public object Get(GetStartupUser request)
-        {
-            var user = _userManager.Users.First();
-
-            return new StartupUser
-            {
-                Name = user.Name,
-                Password = user.Password
-            };
-        }
-
-        public async Task Post(UpdateStartupUser request)
-        {
-            var user = _userManager.Users.First();
-
-            user.Name = request.Name;
-
-            _userManager.UpdateUser(user);
-
-            if (!string.IsNullOrEmpty(request.Password))
-            {
-                await _userManager.ChangePassword(user, request.Password).ConfigureAwait(false);
-            }
-        }
-    }
-
-    public class StartupConfiguration
-    {
-        public string UICulture { get; set; }
-        public string MetadataCountryCode { get; set; }
-        public string PreferredMetadataLanguage { get; set; }
-    }
-
-    public class StartupUser
-    {
-        public string Name { get; set; }
-        public string Password { get; set; }
-    }
-}
diff --git a/MediaBrowser.sln b/MediaBrowser.sln
index 27c8c1668f..58bfb55f6f 100644
--- a/MediaBrowser.sln
+++ b/MediaBrowser.sln
@@ -1,4 +1,3 @@
-
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
 VisualStudioVersion = 15.0.26730.3
@@ -51,6 +50,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Jellyfin.Drawing.Skia", "Jellyfin.Drawing.Skia\Jellyfin.Drawing.Skia.csproj", "{154872D9-6C12-4007-96E3-8F70A58386CE}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Jellyfin.Api", "Jellyfin.Api\Jellyfin.Api.csproj", "{DFBEFB4C-DA19-4143-98B7-27320C7F7163}"
+EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "tests", "tests", "{FBBB5129-006E-4AD7-BAD5-8B7CA1D10ED6}"
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Jellyfin.Common.Tests", "tests\Jellyfin.Common.Tests\Jellyfin.Common.Tests.csproj", "{DF194677-DFD3-42AF-9F75-D44D5A416478}"
@@ -89,10 +90,6 @@ Global
 		{442B5058-DCAF-4263-BB6A-F21E31120A1B}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{442B5058-DCAF-4263-BB6A-F21E31120A1B}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{442B5058-DCAF-4263-BB6A-F21E31120A1B}.Release|Any CPU.Build.0 = Release|Any CPU
-		{4A4402D4-E910-443B-B8FC-2C18286A2CA0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{4A4402D4-E910-443B-B8FC-2C18286A2CA0}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{4A4402D4-E910-443B-B8FC-2C18286A2CA0}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{4A4402D4-E910-443B-B8FC-2C18286A2CA0}.Release|Any CPU.Build.0 = Release|Any CPU
 		{23499896-B135-4527-8574-C26E926EA99E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{23499896-B135-4527-8574-C26E926EA99E}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{23499896-B135-4527-8574-C26E926EA99E}.Release|Any CPU.ActiveCfg = Release|Any CPU
@@ -153,6 +150,10 @@ Global
 		{154872D9-6C12-4007-96E3-8F70A58386CE}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{154872D9-6C12-4007-96E3-8F70A58386CE}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{154872D9-6C12-4007-96E3-8F70A58386CE}.Release|Any CPU.Build.0 = Release|Any CPU
+		{DFBEFB4C-DA19-4143-98B7-27320C7F7163}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{DFBEFB4C-DA19-4143-98B7-27320C7F7163}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{DFBEFB4C-DA19-4143-98B7-27320C7F7163}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{DFBEFB4C-DA19-4143-98B7-27320C7F7163}.Release|Any CPU.Build.0 = Release|Any CPU
 		{DF194677-DFD3-42AF-9F75-D44D5A416478}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{DF194677-DFD3-42AF-9F75-D44D5A416478}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{DF194677-DFD3-42AF-9F75-D44D5A416478}.Release|Any CPU.ActiveCfg = Release|Any CPU

From c011fa2ea80a5f7f994649e6257bccf572f299e1 Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Tue, 2 Jul 2019 18:26:23 +0200
Subject: [PATCH 02/12] Remove old instantiation of serviceProvider in app host

---
 Emby.Server.Implementations/ApplicationHost.cs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index a9c4e1fdc9..11ee6d2d20 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -663,6 +663,7 @@ namespace Emby.Server.Implementations
                         .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
                         .AddApplicationPart(Assembly.Load("Jellyfin.Api"));
                     services.AddApiVersioning(opt => opt.ReportApiVersions = true);
+                    // Merge the external ServiceCollection into ASP.NET DI
                     services.TryAdd(serviceCollection);
                 })
                 .Configure(app =>
@@ -929,8 +930,6 @@ namespace Emby.Server.Implementations
             ((UserDataManager)UserDataManager).Repository = userDataRepo;
             ItemRepository.Initialize(userDataRepo, UserManager);
             ((LibraryManager)LibraryManager).ItemRepository = ItemRepository;
-
-            _serviceProvider = serviceCollection.BuildServiceProvider();
         }
 
         public static void LogEnvironmentInfo(ILogger logger, IApplicationPaths appPaths)

From 05b7e2280843f25e48c2300b135f171aee0a54ea Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Tue, 2 Jul 2019 20:17:00 +0200
Subject: [PATCH 03/12] Add SwaggerUI

---
 .../ApplicationHost.cs                        | 27 +++++++++++++++++++
 .../Emby.Server.Implementations.csproj        |  4 ++-
 Jellyfin.Api/Controllers/StartupController.cs |  5 ++--
 3 files changed, 32 insertions(+), 4 deletions(-)

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 11ee6d2d20..3d2d61225e 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -113,7 +113,9 @@ using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Logging;
+using Microsoft.OpenApi.Models;
 using ServiceStack;
+using Swashbuckle.AspNetCore.SwaggerGen;
 using OperatingSystem = MediaBrowser.Common.System.OperatingSystem;
 
 namespace Emby.Server.Implementations
@@ -663,11 +665,36 @@ namespace Emby.Server.Implementations
                         .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
                         .AddApplicationPart(Assembly.Load("Jellyfin.Api"));
                     services.AddApiVersioning(opt => opt.ReportApiVersions = true);
+                    services.AddSwaggerGen(c =>
+                    {
+                        c.SwaggerDoc("v1", new OpenApiInfo { Title = "Jellyfin API", Version = "v1" });
+                        c.DocInclusionPredicate((docName, apiDesc) =>
+                        {
+                            if (!apiDesc.TryGetMethodInfo(out var methodInfo))
+                            {
+                                return false;
+                            }
+
+                            // A bit of a hack to make Swagger pick the versioned endpoints instead of the legacy emby endpoints
+                            return methodInfo.DeclaringType?.BaseType == typeof(ControllerBase) &&
+                                   apiDesc.RelativePath.Contains("api/v");
+                        });
+                    });
+
                     // Merge the external ServiceCollection into ASP.NET DI
                     services.TryAdd(serviceCollection);
                 })
                 .Configure(app =>
                 {
+                    app.UseSwagger();
+
+                    // Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.),
+                    // specifying the Swagger JSON endpoint.
+                    app.UseSwaggerUI(c =>
+                    {
+                        c.SwaggerEndpoint("/swagger/v1/swagger.json", "Jellyfin API V1");
+                    });
+
                     app.UseWebSockets();
 
                     app.UseResponseCompression();
diff --git a/Emby.Server.Implementations/Emby.Server.Implementations.csproj b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
index 23e35f77e1..26301b379e 100644
--- a/Emby.Server.Implementations/Emby.Server.Implementations.csproj
+++ b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <ItemGroup>
     <ProjectReference Include="..\Emby.Naming\Emby.Naming.csproj" />
@@ -21,6 +21,7 @@
 
   <ItemGroup>
     <PackageReference Include="IPNetwork2" Version="2.4.0.126" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Server.Abstractions" Version="2.2.0" />
@@ -37,6 +38,7 @@
     <PackageReference Include="ServiceStack.Text.Core" Version="5.6.0" />
     <PackageReference Include="sharpcompress" Version="0.24.0" />
     <PackageReference Include="SQLitePCL.pretty.netstandard" Version="2.0.1" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc2" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index c17b534ebf..45e4cd5ac8 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -8,7 +8,6 @@ using Microsoft.AspNetCore.Mvc;
 namespace Jellyfin.Api.Controllers
 {
     [ApiVersion("1")]
-    [Route("[controller]")]
     public class StartupController : ControllerBase
     {
         private readonly IServerConfigurationManager _config;
@@ -21,7 +20,7 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpPost("Complete")]
-        public void Post()
+        public void CompleteWizard()
         {
             _config.Configuration.IsStartupWizardCompleted = true;
             _config.SetOptimalValues();
@@ -71,7 +70,7 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpPost("User")]
-        public async Task Post([FromForm] StartupUser startupUser)
+        public async Task UpdateUser([FromForm] StartupUser startupUser)
         {
             var user = _userManager.Users.First();
 

From 3f651de24c76f9980fac690e51fa93b3d1163f72 Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sat, 23 Nov 2019 16:31:02 +0100
Subject: [PATCH 04/12] Add authentication and remove versioning

---
 .../ApplicationHost.cs                        | 58 ++++++++++++++-----
 .../Emby.Server.Implementations.csproj        |  5 +-
 .../HttpServer/Security/AuthService.cs        | 17 +++++-
 Emby.Server.Implementations/MvcRoutePrefix.cs |  2 +-
 .../Auth/CustomAuthenticationHandler.cs       | 53 +++++++++++++++++
 .../FirstTimeSetupOrElevatedHandler.cs        | 35 +++++++++++
 .../FirstTimeSetupOrElevatedRequirement.cs    |  8 +++
 .../RequiresElevationHandler.cs               | 18 ++++++
 .../RequiresElevationRequirement.cs           |  9 +++
 Jellyfin.Api/BaseJellyfinApiController.cs     | 11 ++++
 Jellyfin.Api/Controllers/StartupController.cs | 25 ++++----
 Jellyfin.Api/Jellyfin.Api.csproj              | 34 +++++------
 ...guration.cs => StartupConfigurationDto.cs} |  2 +-
 .../{StartupUser.cs => StartupUserDto.cs}     |  2 +-
 MediaBrowser.Controller/Net/IAuthService.cs   |  3 +
 15 files changed, 232 insertions(+), 50 deletions(-)
 create mode 100644 Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
 create mode 100644 Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
 create mode 100644 Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
 create mode 100644 Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
 create mode 100644 Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs
 create mode 100644 Jellyfin.Api/BaseJellyfinApiController.cs
 rename Jellyfin.Api/Models/Startup/{StartupConfiguration.cs => StartupConfigurationDto.cs} (84%)
 rename Jellyfin.Api/Models/Startup/{StartupUser.cs => StartupUserDto.cs} (81%)

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 3d2d61225e..9227ef61ba 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -47,6 +47,10 @@ using Emby.Server.Implementations.Session;
 using Emby.Server.Implementations.SocketSharp;
 using Emby.Server.Implementations.TV;
 using Emby.Server.Implementations.Updates;
+using Jellyfin.Api.Auth;
+using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
+using Jellyfin.Api.Auth.RequiresElevationPolicy;
+using Jellyfin.Api.Controllers;
 using MediaBrowser.Api;
 using MediaBrowser.Common;
 using MediaBrowser.Common.Configuration;
@@ -104,11 +108,14 @@ using MediaBrowser.Providers.Subtitles;
 using MediaBrowser.Providers.TV.TheTVDB;
 using MediaBrowser.WebDashboard.Api;
 using MediaBrowser.XbmcMetadata.Providers;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Extensions;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Authorization;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
@@ -660,25 +667,45 @@ namespace Emby.Server.Implementations
                     services.AddHttpContextAccessor();
                     services.AddMvc(opts =>
                         {
-                            opts.UseGeneralRoutePrefix("emby", "emby/emby", "api/v{version:apiVersion}");
+                            var policy = new AuthorizationPolicyBuilder()
+                                .RequireAuthenticatedUser()
+                                .Build();
+                            opts.Filters.Add(new AuthorizeFilter(policy));
+                            opts.EnableEndpointRouting = false;
+                            opts.UseGeneralRoutePrefix(ServerConfigurationManager.Configuration.BaseUrl.TrimStart('/'));
                         })
                         .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
-                        .AddApplicationPart(Assembly.Load("Jellyfin.Api"));
-                    services.AddApiVersioning(opt => opt.ReportApiVersions = true);
+                        .ConfigureApplicationPartManager(a => a.ApplicationParts.Clear()) // Clear app parts to avoid other assemblies being picked up
+                        .AddApplicationPart(typeof(StartupController).Assembly)
+                        .AddControllersAsServices();
                     services.AddSwaggerGen(c =>
                     {
                         c.SwaggerDoc("v1", new OpenApiInfo { Title = "Jellyfin API", Version = "v1" });
-                        c.DocInclusionPredicate((docName, apiDesc) =>
-                        {
-                            if (!apiDesc.TryGetMethodInfo(out var methodInfo))
-                            {
-                                return false;
-                            }
+                    });
+
+                    services.AddSingleton<IAuthorizationHandler, FirstTimeSetupOrElevatedHandler>();
+                    services.AddSingleton<IAuthorizationHandler, RequiresElevationHandler>();
 
-                            // A bit of a hack to make Swagger pick the versioned endpoints instead of the legacy emby endpoints
-                            return methodInfo.DeclaringType?.BaseType == typeof(ControllerBase) &&
-                                   apiDesc.RelativePath.Contains("api/v");
-                        });
+                    // configure custom legacy authentication
+                    services.AddAuthentication("CustomAuthentication")
+                        .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>("CustomAuthentication", null);
+
+                    services.AddAuthorizationCore(options =>
+                    {
+                        options.AddPolicy(
+                            "RequiresElevation",
+                            policy =>
+                            {
+                                policy.AddAuthenticationSchemes("CustomAuthentication");
+                                policy.AddRequirements(new RequiresElevationRequirement());
+                            });
+                        options.AddPolicy(
+                            "FirstTimeSetupOrElevated",
+                            policy =>
+                            {
+                                policy.AddAuthenticationSchemes("CustomAuthentication");
+                                policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement());
+                            });
                     });
 
                     // Merge the external ServiceCollection into ASP.NET DI
@@ -686,6 +713,7 @@ namespace Emby.Server.Implementations
                 })
                 .Configure(app =>
                 {
+                    app.UseDeveloperExceptionPage();
                     app.UseSwagger();
 
                     // Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.),
@@ -698,9 +726,9 @@ namespace Emby.Server.Implementations
                     app.UseWebSockets();
 
                     app.UseResponseCompression();
-
                     // TODO app.UseMiddleware<WebSocketMiddleware>();
                     app.Use(ExecuteWebsocketHandlerAsync);
+                    //app.UseAuthentication();
                     app.UseMvc();
                     app.Use(ExecuteHttpHandlerAsync);
                 })
@@ -938,7 +966,7 @@ namespace Emby.Server.Implementations
             serviceCollection.AddSingleton<IAuthorizationContext>(authContext);
             serviceCollection.AddSingleton<ISessionContext>(new SessionContext(UserManager, authContext, SessionManager));
 
-            AuthService = new AuthService(authContext, ServerConfigurationManager, SessionManager, NetworkManager);
+            AuthService = new AuthService(LoggerFactory, authContext, ServerConfigurationManager, SessionManager, NetworkManager);
             serviceCollection.AddSingleton(AuthService);
 
             SubtitleEncoder = new MediaBrowser.MediaEncoding.Subtitles.SubtitleEncoder(LibraryManager, LoggerFactory, ApplicationPaths, FileSystemManager, MediaEncoder, JsonSerializer, HttpClient, MediaSourceManager, ProcessFactory);
diff --git a/Emby.Server.Implementations/Emby.Server.Implementations.csproj b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
index 26301b379e..e7164342c3 100644
--- a/Emby.Server.Implementations/Emby.Server.Implementations.csproj
+++ b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
@@ -21,6 +21,9 @@
 
   <ItemGroup>
     <PackageReference Include="IPNetwork2" Version="2.4.0.126" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="3.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authorization.Policy" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.2.0" />
@@ -38,7 +41,7 @@
     <PackageReference Include="ServiceStack.Text.Core" Version="5.6.0" />
     <PackageReference Include="sharpcompress" Version="0.24.0" />
     <PackageReference Include="SQLitePCL.pretty.netstandard" Version="2.0.1" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc2" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc4" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
index 93a61fe67a..81dab83d5e 100644
--- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Linq;
+using Emby.Server.Implementations.SocketSharp;
 using MediaBrowser.Common.Net;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Entities;
@@ -7,22 +8,27 @@ using MediaBrowser.Controller.Net;
 using MediaBrowser.Controller.Security;
 using MediaBrowser.Controller.Session;
 using MediaBrowser.Model.Services;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
 
 namespace Emby.Server.Implementations.HttpServer.Security
 {
     public class AuthService : IAuthService
     {
+        private readonly ILogger<AuthService> _logger;
         private readonly IAuthorizationContext _authorizationContext;
         private readonly ISessionManager _sessionManager;
         private readonly IServerConfigurationManager _config;
         private readonly INetworkManager _networkManager;
 
         public AuthService(
+            ILoggerFactory loggerFactory,
             IAuthorizationContext authorizationContext,
             IServerConfigurationManager config,
             ISessionManager sessionManager,
             INetworkManager networkManager)
         {
+            _logger = loggerFactory.CreateLogger<AuthService>();
             _authorizationContext = authorizationContext;
             _config = config;
             _sessionManager = sessionManager;
@@ -34,7 +40,14 @@ namespace Emby.Server.Implementations.HttpServer.Security
             ValidateUser(request, authAttribtues);
         }
 
-        private void ValidateUser(IRequest request, IAuthenticationAttributes authAttribtues)
+        public User Authenticate(HttpRequest request, IAuthenticationAttributes authAttributes)
+        {
+            var req = new WebSocketSharpRequest(request, null, request.Path, _logger);
+            var user = ValidateUser(req, authAttributes);
+            return user;
+        }
+
+        private User ValidateUser(IRequest request, IAuthenticationAttributes authAttribtues)
         {
             // This code is executed before the service
             var auth = _authorizationContext.GetAuthorizationInfo(request);
@@ -81,6 +94,8 @@ namespace Emby.Server.Implementations.HttpServer.Security
                     request.RemoteIp,
                     user);
             }
+
+            return user;
         }
 
         private void ValidateUserAccess(
diff --git a/Emby.Server.Implementations/MvcRoutePrefix.cs b/Emby.Server.Implementations/MvcRoutePrefix.cs
index fb26ae09da..974a2a8852 100644
--- a/Emby.Server.Implementations/MvcRoutePrefix.cs
+++ b/Emby.Server.Implementations/MvcRoutePrefix.cs
@@ -12,7 +12,7 @@ namespace Emby.Server.Implementations
             opts.Conventions.Insert(0, new RoutePrefixConvention(prefixes));
         }
 
-        internal class RoutePrefixConvention : IApplicationModelConvention
+        private class RoutePrefixConvention : IApplicationModelConvention
         {
             private readonly AttributeRouteModel[] _routePrefixes;
 
diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
new file mode 100644
index 0000000000..bb6192b03d
--- /dev/null
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -0,0 +1,53 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Threading.Tasks;
+using MediaBrowser.Controller.Net;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace Jellyfin.Api.Auth
+{
+    public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
+    {
+        private readonly IAuthService _authService;
+
+        public CustomAuthenticationHandler(
+            IAuthService authService,
+            IOptionsMonitor<AuthenticationSchemeOptions> options,
+            ILoggerFactory logger,
+            UrlEncoder encoder,
+            ISystemClock clock) : base(options, logger, encoder, clock)
+        {
+            _authService = authService;
+        }
+
+        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
+        {
+            var authenticatedAttribute = new AuthenticatedAttribute();
+            try
+            {
+                var user = _authService.Authenticate(Request, authenticatedAttribute);
+                if (user == null)
+                {
+                    return Task.FromResult(AuthenticateResult.Fail("Invalid user"));
+                }
+
+                var claims = new[]
+                {
+                    new Claim(ClaimTypes.Name, user.Name),
+                    new Claim(ClaimTypes.Role, user.Policy.IsAdministrator ? "Administrator" : "User"),
+                };
+                var identity = new ClaimsIdentity(claims, Scheme.Name);
+                var principal = new ClaimsPrincipal(identity);
+                var ticket = new AuthenticationTicket(principal, Scheme.Name);
+
+                return Task.FromResult(AuthenticateResult.Success(ticket));
+            }
+            catch (SecurityException ex)
+            {
+                return Task.FromResult(AuthenticateResult.Fail(ex));
+            }
+        }
+    }
+}
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
new file mode 100644
index 0000000000..73925cd616
--- /dev/null
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
@@ -0,0 +1,35 @@
+using System.Threading.Tasks;
+using MediaBrowser.Common.Configuration;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
+{
+    public class FirstTimeSetupOrElevatedHandler : AuthorizationHandler<FirstTimeSetupOrElevatedRequirement>
+    {
+        private readonly IConfigurationManager _configurationManager;
+
+        public FirstTimeSetupOrElevatedHandler(IConfigurationManager configurationManager)
+        {
+            _configurationManager = configurationManager;
+        }
+
+        protected override  Task HandleRequirementAsync(AuthorizationHandlerContext context, FirstTimeSetupOrElevatedRequirement firstTimeSetupOrElevatedRequirement)
+        {
+            if (!_configurationManager.CommonConfiguration.IsStartupWizardCompleted)
+            {
+                context.Succeed(firstTimeSetupOrElevatedRequirement);
+            }
+            else if (context.User.IsInRole("Administrator"))
+            {
+                // TODO user role enum
+                context.Succeed(firstTimeSetupOrElevatedRequirement);
+            }
+            else
+            {
+                context.Fail();
+            }
+
+            return Task.CompletedTask;
+        }
+    }
+}
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
new file mode 100644
index 0000000000..42436c870d
--- /dev/null
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
@@ -0,0 +1,8 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
+{
+    public class FirstTimeSetupOrElevatedRequirement : IAuthorizationRequirement
+    {
+    }
+}
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
new file mode 100644
index 0000000000..6948274582
--- /dev/null
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
@@ -0,0 +1,18 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Jellyfin.Api.Auth.RequiresElevationPolicy
+{
+    public class RequiresElevationHandler : AuthorizationHandler<RequiresElevationRequirement>
+    {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RequiresElevationRequirement requirement)
+        {
+            if (context.User.IsInRole("Administrator"))
+            {
+                context.Succeed(requirement);
+            }
+
+            return Task.CompletedTask;
+        }
+    }
+}
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs
new file mode 100644
index 0000000000..dd51cd3c20
--- /dev/null
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs
@@ -0,0 +1,9 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace Jellyfin.Api.Auth.RequiresElevationPolicy
+{
+    public class RequiresElevationRequirement : IAuthorizationRequirement
+    {
+
+    }
+}
diff --git a/Jellyfin.Api/BaseJellyfinApiController.cs b/Jellyfin.Api/BaseJellyfinApiController.cs
new file mode 100644
index 0000000000..796a8039af
--- /dev/null
+++ b/Jellyfin.Api/BaseJellyfinApiController.cs
@@ -0,0 +1,11 @@
+using Microsoft.AspNetCore.Mvc;
+
+namespace Jellyfin.Api
+{
+    [ApiController]
+    [Route("[controller]")]
+    public class BaseJellyfinApiController : ControllerBase
+    {
+
+    }
+}
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index 45e4cd5ac8..fb61b8d0b3 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -3,12 +3,13 @@ using System.Threading.Tasks;
 using Jellyfin.Api.Models.Startup;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Jellyfin.Api.Controllers
 {
-    [ApiVersion("1")]
-    public class StartupController : ControllerBase
+    [Authorize(Policy = "FirstTimeSetupOrElevated")]
+    public class StartupController : BaseJellyfinApiController
     {
         private readonly IServerConfigurationManager _config;
         private readonly IUserManager _userManager;
@@ -28,9 +29,9 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpGet("Configuration")]
-        public StartupConfiguration Get()
+        public StartupConfigurationDto GetStartupConfiguration()
         {
-            var result = new StartupConfiguration
+            var result = new StartupConfigurationDto
             {
                 UICulture = _config.Configuration.UICulture,
                 MetadataCountryCode = _config.Configuration.MetadataCountryCode,
@@ -41,7 +42,7 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpPost("Configuration")]
-        public void UpdateInitial([FromForm] string uiCulture, [FromForm] string metadataCountryCode, [FromForm] string preferredMetadataLanguage)
+        public void UpdateInitialConfiguration([FromForm] string uiCulture, [FromForm] string metadataCountryCode, [FromForm] string preferredMetadataLanguage)
         {
             _config.Configuration.UICulture = uiCulture;
             _config.Configuration.MetadataCountryCode = metadataCountryCode;
@@ -50,7 +51,7 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpPost("RemoteAccess")]
-        public void Post([FromForm] bool enableRemoteAccess, [FromForm] bool enableAutomaticPortMapping)
+        public void SetRemoteAccess([FromForm] bool enableRemoteAccess, [FromForm] bool enableAutomaticPortMapping)
         {
             _config.Configuration.EnableRemoteAccess = enableRemoteAccess;
             _config.Configuration.EnableUPnP = enableAutomaticPortMapping;
@@ -58,11 +59,11 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpGet("User")]
-        public StartupUser GetUser()
+        public StartupUserDto GetUser()
         {
             var user = _userManager.Users.First();
 
-            return new StartupUser
+            return new StartupUserDto
             {
                 Name = user.Name,
                 Password = user.Password
@@ -70,17 +71,17 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpPost("User")]
-        public async Task UpdateUser([FromForm] StartupUser startupUser)
+        public async Task UpdateUser([FromForm] StartupUserDto startupUserDto)
         {
             var user = _userManager.Users.First();
 
-            user.Name = startupUser.Name;
+            user.Name = startupUserDto.Name;
 
             _userManager.UpdateUser(user);
 
-            if (!string.IsNullOrEmpty(startupUser.Password))
+            if (!string.IsNullOrEmpty(startupUserDto.Password))
             {
-                await _userManager.ChangePassword(user, startupUser.Password).ConfigureAwait(false);
+                await _userManager.ChangePassword(user, startupUserDto.Password).ConfigureAwait(false);
             }
         }
     }
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
index 7a7e49e302..647004cb68 100644
--- a/Jellyfin.Api/Jellyfin.Api.csproj
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -1,18 +1,16 @@
-<Project Sdk="Microsoft.NET.Sdk">
-
-  <PropertyGroup>
-    <TargetFramework>netstandard2.0</TargetFramework>
-    <OutputType>Library</OutputType>
-  </PropertyGroup>
-
-  <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.Versioning" Version="3.1.3" />
-    <PackageReference Include="NETStandard.Library" Version="2.0.3" />
-  </ItemGroup>
-
-  <ItemGroup>
-    <ProjectReference Include="..\MediaBrowser.Controller\MediaBrowser.Controller.csproj" />
-  </ItemGroup>
-
-</Project>
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>netstandard2.1</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\MediaBrowser.Controller\MediaBrowser.Controller.csproj" />
+  </ItemGroup>
+
+</Project>
diff --git a/Jellyfin.Api/Models/Startup/StartupConfiguration.cs b/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
similarity index 84%
rename from Jellyfin.Api/Models/Startup/StartupConfiguration.cs
rename to Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
index 08dd59a177..769d2e1bb6 100644
--- a/Jellyfin.Api/Models/Startup/StartupConfiguration.cs
+++ b/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
@@ -1,6 +1,6 @@
 namespace Jellyfin.Api.Models.Startup
 {
-    public class StartupConfiguration
+    public class StartupConfigurationDto
     {
         public string UICulture { get; set; }
         public string MetadataCountryCode { get; set; }
diff --git a/Jellyfin.Api/Models/Startup/StartupUser.cs b/Jellyfin.Api/Models/Startup/StartupUserDto.cs
similarity index 81%
rename from Jellyfin.Api/Models/Startup/StartupUser.cs
rename to Jellyfin.Api/Models/Startup/StartupUserDto.cs
index 93a09e865b..c7c2e8cb04 100644
--- a/Jellyfin.Api/Models/Startup/StartupUser.cs
+++ b/Jellyfin.Api/Models/Startup/StartupUserDto.cs
@@ -1,6 +1,6 @@
 namespace Jellyfin.Api.Models.Startup
 {
-    public class StartupUser
+    public class StartupUserDto
     {
         public string Name { get; set; }
         public string Password { get; set; }
diff --git a/MediaBrowser.Controller/Net/IAuthService.cs b/MediaBrowser.Controller/Net/IAuthService.cs
index 142f1d91c3..4c9120e0c9 100644
--- a/MediaBrowser.Controller/Net/IAuthService.cs
+++ b/MediaBrowser.Controller/Net/IAuthService.cs
@@ -1,9 +1,12 @@
+using MediaBrowser.Controller.Entities;
 using MediaBrowser.Model.Services;
+using Microsoft.AspNetCore.Http;
 
 namespace MediaBrowser.Controller.Net
 {
     public interface IAuthService
     {
         void Authenticate(IRequest request, IAuthenticationAttributes authAttribtues);
+        User Authenticate(HttpRequest request, IAuthenticationAttributes authAttribtues);
     }
 }

From 706739dbe6c3f22584cf18115b161a9c1882093c Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sat, 23 Nov 2019 19:43:30 +0100
Subject: [PATCH 05/12] Move API stuff to the api project

---
 .../ApplicationHost.cs                        | 69 +++---------------
 .../Emby.Server.Implementations.csproj        |  5 --
 .../ApiApplicationBuilderExtensions.cs        | 19 +++++
 .../ApiServiceCollectionExtensions.cs         | 72 +++++++++++++++++++
 Jellyfin.Api/Jellyfin.Api.csproj              |  2 +
 .../MvcRoutePrefix.cs                         |  0
 6 files changed, 102 insertions(+), 65 deletions(-)
 create mode 100644 Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
 create mode 100644 Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
 rename {Emby.Server.Implementations => Jellyfin.Api}/MvcRoutePrefix.cs (100%)

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 9227ef61ba..c6cdd4786b 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -47,10 +47,7 @@ using Emby.Server.Implementations.Session;
 using Emby.Server.Implementations.SocketSharp;
 using Emby.Server.Implementations.TV;
 using Emby.Server.Implementations.Updates;
-using Jellyfin.Api.Auth;
-using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
-using Jellyfin.Api.Auth.RequiresElevationPolicy;
-using Jellyfin.Api.Controllers;
+using Jellyfin.Api.Extensions;
 using MediaBrowser.Api;
 using MediaBrowser.Common;
 using MediaBrowser.Common.Configuration;
@@ -92,7 +89,6 @@ using MediaBrowser.Model.Cryptography;
 using MediaBrowser.Model.Diagnostics;
 using MediaBrowser.Model.Dlna;
 using MediaBrowser.Model.Events;
-using MediaBrowser.Model.Extensions;
 using MediaBrowser.Model.Globalization;
 using MediaBrowser.Model.IO;
 using MediaBrowser.Model.MediaInfo;
@@ -108,21 +104,15 @@ using MediaBrowser.Providers.Subtitles;
 using MediaBrowser.Providers.TV.TheTVDB;
 using MediaBrowser.WebDashboard.Api;
 using MediaBrowser.XbmcMetadata.Providers;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Extensions;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.Authorization;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Logging;
 using Microsoft.OpenApi.Models;
-using ServiceStack;
-using Swashbuckle.AspNetCore.SwaggerGen;
 using OperatingSystem = MediaBrowser.Common.System.OperatingSystem;
 
 namespace Emby.Server.Implementations
@@ -665,70 +655,29 @@ namespace Emby.Server.Implementations
                 {
                     services.AddResponseCompression();
                     services.AddHttpContextAccessor();
-                    services.AddMvc(opts =>
-                        {
-                            var policy = new AuthorizationPolicyBuilder()
-                                .RequireAuthenticatedUser()
-                                .Build();
-                            opts.Filters.Add(new AuthorizeFilter(policy));
-                            opts.EnableEndpointRouting = false;
-                            opts.UseGeneralRoutePrefix(ServerConfigurationManager.Configuration.BaseUrl.TrimStart('/'));
-                        })
-                        .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
-                        .ConfigureApplicationPartManager(a => a.ApplicationParts.Clear()) // Clear app parts to avoid other assemblies being picked up
-                        .AddApplicationPart(typeof(StartupController).Assembly)
-                        .AddControllersAsServices();
-                    services.AddSwaggerGen(c =>
-                    {
-                        c.SwaggerDoc("v1", new OpenApiInfo { Title = "Jellyfin API", Version = "v1" });
-                    });
+                    services.AddJellyfinApi(ServerConfigurationManager.Configuration.BaseUrl.TrimStart('/'));
 
-                    services.AddSingleton<IAuthorizationHandler, FirstTimeSetupOrElevatedHandler>();
-                    services.AddSingleton<IAuthorizationHandler, RequiresElevationHandler>();
+                    services.AddJellyfinApiSwagger();
 
                     // configure custom legacy authentication
-                    services.AddAuthentication("CustomAuthentication")
-                        .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>("CustomAuthentication", null);
+                    services.AddCustomAuthentication();
 
-                    services.AddAuthorizationCore(options =>
-                    {
-                        options.AddPolicy(
-                            "RequiresElevation",
-                            policy =>
-                            {
-                                policy.AddAuthenticationSchemes("CustomAuthentication");
-                                policy.AddRequirements(new RequiresElevationRequirement());
-                            });
-                        options.AddPolicy(
-                            "FirstTimeSetupOrElevated",
-                            policy =>
-                            {
-                                policy.AddAuthenticationSchemes("CustomAuthentication");
-                                policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement());
-                            });
-                    });
+                    services.AddJellyfinApiAuthorization();
 
                     // Merge the external ServiceCollection into ASP.NET DI
                     services.TryAdd(serviceCollection);
                 })
                 .Configure(app =>
                 {
-                    app.UseDeveloperExceptionPage();
-                    app.UseSwagger();
-
-                    // Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.),
-                    // specifying the Swagger JSON endpoint.
-                    app.UseSwaggerUI(c =>
-                    {
-                        c.SwaggerEndpoint("/swagger/v1/swagger.json", "Jellyfin API V1");
-                    });
-
                     app.UseWebSockets();
 
                     app.UseResponseCompression();
+
                     // TODO app.UseMiddleware<WebSocketMiddleware>();
                     app.Use(ExecuteWebsocketHandlerAsync);
-                    //app.UseAuthentication();
+
+                    // TODO use when old API is removed: app.UseAuthentication();
+                    app.UseJellyfinApiSwagger();
                     app.UseMvc();
                     app.Use(ExecuteHttpHandlerAsync);
                 })
diff --git a/Emby.Server.Implementations/Emby.Server.Implementations.csproj b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
index e7164342c3..6fc48a2e19 100644
--- a/Emby.Server.Implementations/Emby.Server.Implementations.csproj
+++ b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
@@ -21,16 +21,12 @@
 
   <ItemGroup>
     <PackageReference Include="IPNetwork2" Version="2.4.0.126" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="3.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authorization.Policy" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Server.Abstractions" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Http" Version="2.2.2" />
     <PackageReference Include="Microsoft.AspNetCore.Http.Extensions" Version="2.2.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.ResponseCompression" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.WebSockets" Version="2.2.1" />
@@ -41,7 +37,6 @@
     <PackageReference Include="ServiceStack.Text.Core" Version="5.6.0" />
     <PackageReference Include="sharpcompress" Version="0.24.0" />
     <PackageReference Include="SQLitePCL.pretty.netstandard" Version="2.0.1" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc4" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs b/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
new file mode 100644
index 0000000000..18442bf272
--- /dev/null
+++ b/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
@@ -0,0 +1,19 @@
+using Microsoft.AspNetCore.Builder;
+
+namespace Jellyfin.Api.Extensions
+{
+    public static class ApiApplicationBuilderExtensions
+    {
+        public static IApplicationBuilder UseJellyfinApiSwagger(this IApplicationBuilder applicationBuilder)
+        {
+            applicationBuilder.UseSwagger();
+
+            // Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.),
+            // specifying the Swagger JSON endpoint.
+            return applicationBuilder.UseSwaggerUI(c =>
+            {
+                c.SwaggerEndpoint("/swagger/v1/swagger.json", "Jellyfin API V1");
+            });
+        }
+    }
+}
diff --git a/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
new file mode 100644
index 0000000000..1c682f8e43
--- /dev/null
+++ b/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
@@ -0,0 +1,72 @@
+using Emby.Server.Implementations;
+using Jellyfin.Api.Auth;
+using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
+using Jellyfin.Api.Auth.RequiresElevationPolicy;
+using Jellyfin.Api.Controllers;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Authorization;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.OpenApi.Models;
+
+namespace Jellyfin.Api.Extensions
+{
+    public static class ApiServiceCollectionExtensions
+    {
+        public static IServiceCollection AddJellyfinApiAuthorization(this IServiceCollection serviceCollection)
+        {
+            serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeSetupOrElevatedHandler>();
+            serviceCollection.AddSingleton<IAuthorizationHandler, RequiresElevationHandler>();
+            return serviceCollection.AddAuthorizationCore(options =>
+            {
+                options.AddPolicy(
+                    "RequiresElevation",
+                    policy =>
+                    {
+                        policy.AddAuthenticationSchemes("CustomAuthentication");
+                        policy.AddRequirements(new RequiresElevationRequirement());
+                    });
+                options.AddPolicy(
+                    "FirstTimeSetupOrElevated",
+                    policy =>
+                    {
+                        policy.AddAuthenticationSchemes("CustomAuthentication");
+                        policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement());
+                    });
+            });
+        }
+
+        public static AuthenticationBuilder AddCustomAuthentication(this IServiceCollection serviceCollection)
+        {
+            return serviceCollection.AddAuthentication("CustomAuthentication")
+                .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>("CustomAuthentication", null);
+        }
+
+        public static IMvcBuilder AddJellyfinApi(this IServiceCollection serviceCollection, string baseUrl)
+        {
+            return serviceCollection.AddMvc(opts =>
+                {
+                    var policy = new AuthorizationPolicyBuilder()
+                        .RequireAuthenticatedUser()
+                        .Build();
+                    opts.Filters.Add(new AuthorizeFilter(policy));
+                    opts.EnableEndpointRouting = false;
+                    opts.UseGeneralRoutePrefix(baseUrl);
+                })
+                .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
+                // Clear app parts to avoid other assemblies being picked up
+                .ConfigureApplicationPartManager(a => a.ApplicationParts.Clear())
+                .AddApplicationPart(typeof(StartupController).Assembly)
+                .AddControllersAsServices();
+        }
+
+        public static IServiceCollection AddJellyfinApiSwagger(this IServiceCollection serviceCollection)
+        {
+            return serviceCollection.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo { Title = "Jellyfin API", Version = "v1" });
+            });
+        }
+    }
+}
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
index 647004cb68..d77861cc4a 100644
--- a/Jellyfin.Api/Jellyfin.Api.csproj
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -6,7 +6,9 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="3.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.2.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc4" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/Emby.Server.Implementations/MvcRoutePrefix.cs b/Jellyfin.Api/MvcRoutePrefix.cs
similarity index 100%
rename from Emby.Server.Implementations/MvcRoutePrefix.cs
rename to Jellyfin.Api/MvcRoutePrefix.cs

From c9669a0d21f37fe06a8838c001a6f93505ba549b Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sat, 23 Nov 2019 19:59:45 +0100
Subject: [PATCH 06/12] Split a long line

---
 Jellyfin.Api/Controllers/StartupController.cs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index fb61b8d0b3..271745e057 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -42,7 +42,10 @@ namespace Jellyfin.Api.Controllers
         }
 
         [HttpPost("Configuration")]
-        public void UpdateInitialConfiguration([FromForm] string uiCulture, [FromForm] string metadataCountryCode, [FromForm] string preferredMetadataLanguage)
+        public void UpdateInitialConfiguration(
+            [FromForm] string uiCulture,
+            [FromForm] string metadataCountryCode,
+            [FromForm] string preferredMetadataLanguage)
         {
             _config.Configuration.UICulture = uiCulture;
             _config.Configuration.MetadataCountryCode = metadataCountryCode;

From c2cdbc909ba8371261bb88b5dd313262be755fa3 Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sat, 23 Nov 2019 20:31:17 +0100
Subject: [PATCH 07/12] Add style rules and fix it all

---
 .../Auth/CustomAuthenticationHandler.cs       | 17 ++++++++-
 .../FirstTimeSetupOrElevatedHandler.cs        | 14 +++++--
 .../FirstTimeSetupOrElevatedRequirement.cs    |  3 ++
 .../RequiresElevationHandler.cs               |  7 +++-
 .../RequiresElevationRequirement.cs           |  4 +-
 Jellyfin.Api/BaseJellyfinApiController.cs     |  4 +-
 Jellyfin.Api/Controllers/StartupController.cs | 37 ++++++++++++++++++-
 Jellyfin.Api/Enums/UserRole.cs                | 23 ++++++++++++
 .../ApiApplicationBuilderExtensions.cs        |  8 ++++
 .../ApiServiceCollectionExtensions.cs         | 26 ++++++++++++-
 Jellyfin.Api/Jellyfin.Api.csproj              | 14 +++++++
 .../Models/Startup/StartupConfigurationDto.cs | 14 +++++++
 Jellyfin.Api/Models/Startup/StartupUserDto.cs | 10 +++++
 Jellyfin.Api/MvcRoutePrefix.cs                | 10 ++++-
 14 files changed, 181 insertions(+), 10 deletions(-)
 create mode 100644 Jellyfin.Api/Enums/UserRole.cs

diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index bb6192b03d..a753d60838 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -1,6 +1,7 @@
 using System.Security.Claims;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
+using Jellyfin.Api.Enums;
 using MediaBrowser.Controller.Net;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.Logging;
@@ -8,10 +9,21 @@ using Microsoft.Extensions.Options;
 
 namespace Jellyfin.Api.Auth
 {
+    /// <summary>
+    /// Custom authentication handler wrapping the legacy authentication.
+    /// </summary>
     public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
     {
         private readonly IAuthService _authService;
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="CustomAuthenticationHandler" /> class.
+        /// </summary>
+        /// <param name="authService">The jellyfin authentication service.</param>
+        /// <param name="options">Options monitor.</param>
+        /// <param name="logger">The logger.</param>
+        /// <param name="encoder">The url encoder.</param>
+        /// <param name="clock">The system clock.</param>
         public CustomAuthenticationHandler(
             IAuthService authService,
             IOptionsMonitor<AuthenticationSchemeOptions> options,
@@ -22,6 +34,7 @@ namespace Jellyfin.Api.Auth
             _authService = authService;
         }
 
+        /// <inheritdoc />
         protected override Task<AuthenticateResult> HandleAuthenticateAsync()
         {
             var authenticatedAttribute = new AuthenticatedAttribute();
@@ -36,7 +49,9 @@ namespace Jellyfin.Api.Auth
                 var claims = new[]
                 {
                     new Claim(ClaimTypes.Name, user.Name),
-                    new Claim(ClaimTypes.Role, user.Policy.IsAdministrator ? "Administrator" : "User"),
+                    new Claim(
+                        ClaimTypes.Role,
+                        value: user.Policy.IsAdministrator ? UserRole.Administrator.ToString() : UserRole.User.ToString())
                 };
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
                 var principal = new ClaimsPrincipal(identity);
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
index 73925cd616..f07e568dea 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
@@ -1,27 +1,35 @@
 using System.Threading.Tasks;
+using Jellyfin.Api.Enums;
 using MediaBrowser.Common.Configuration;
 using Microsoft.AspNetCore.Authorization;
 
 namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
 {
+    /// <summary>
+    /// Authorization handler for requiring first time setup or elevated privileges.
+    /// </summary>
     public class FirstTimeSetupOrElevatedHandler : AuthorizationHandler<FirstTimeSetupOrElevatedRequirement>
     {
         private readonly IConfigurationManager _configurationManager;
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="FirstTimeSetupOrElevatedHandler" /> class.
+        /// </summary>
+        /// <param name="configurationManager">The jellyfin configuration manager.</param>
         public FirstTimeSetupOrElevatedHandler(IConfigurationManager configurationManager)
         {
             _configurationManager = configurationManager;
         }
 
-        protected override  Task HandleRequirementAsync(AuthorizationHandlerContext context, FirstTimeSetupOrElevatedRequirement firstTimeSetupOrElevatedRequirement)
+        /// <inheritdoc />
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, FirstTimeSetupOrElevatedRequirement firstTimeSetupOrElevatedRequirement)
         {
             if (!_configurationManager.CommonConfiguration.IsStartupWizardCompleted)
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
-            else if (context.User.IsInRole("Administrator"))
+            else if (context.User.IsInRole(UserRole.Administrator.ToString()))
             {
-                // TODO user role enum
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
             else
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
index 42436c870d..a590155420 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
@@ -2,6 +2,9 @@ using Microsoft.AspNetCore.Authorization;
 
 namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
 {
+    /// <summary>
+    /// The authorization requirement, requiring first time setup or elevated privileges, for the authorization handler.
+    /// </summary>
     public class FirstTimeSetupOrElevatedRequirement : IAuthorizationRequirement
     {
     }
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
index 6948274582..8674f3e262 100644
--- a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
@@ -1,13 +1,18 @@
 using System.Threading.Tasks;
+using Jellyfin.Api.Enums;
 using Microsoft.AspNetCore.Authorization;
 
 namespace Jellyfin.Api.Auth.RequiresElevationPolicy
 {
+    /// <summary>
+    /// Authorization handler for requiring elevated privileges.
+    /// </summary>
     public class RequiresElevationHandler : AuthorizationHandler<RequiresElevationRequirement>
     {
+        /// <inheritdoc />
         protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RequiresElevationRequirement requirement)
         {
-            if (context.User.IsInRole("Administrator"))
+            if (context.User.IsInRole(UserRole.Administrator.ToString()))
             {
                 context.Succeed(requirement);
             }
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs
index dd51cd3c20..cfff1cc0c5 100644
--- a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationRequirement.cs
@@ -2,8 +2,10 @@ using Microsoft.AspNetCore.Authorization;
 
 namespace Jellyfin.Api.Auth.RequiresElevationPolicy
 {
+    /// <summary>
+    /// The authorization requirement for requiring elevated privileges in the authorization handler.
+    /// </summary>
     public class RequiresElevationRequirement : IAuthorizationRequirement
     {
-
     }
 }
diff --git a/Jellyfin.Api/BaseJellyfinApiController.cs b/Jellyfin.Api/BaseJellyfinApiController.cs
index 796a8039af..1f4508e6cb 100644
--- a/Jellyfin.Api/BaseJellyfinApiController.cs
+++ b/Jellyfin.Api/BaseJellyfinApiController.cs
@@ -2,10 +2,12 @@ using Microsoft.AspNetCore.Mvc;
 
 namespace Jellyfin.Api
 {
+    /// <summary>
+    /// Base api controller for the API setting a default route.
+    /// </summary>
     [ApiController]
     [Route("[controller]")]
     public class BaseJellyfinApiController : ControllerBase
     {
-
     }
 }
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index 271745e057..0e7d17a27f 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -8,18 +8,29 @@ using Microsoft.AspNetCore.Mvc;
 
 namespace Jellyfin.Api.Controllers
 {
+    /// <summary>
+    /// The startup wizard controller.
+    /// </summary>
     [Authorize(Policy = "FirstTimeSetupOrElevated")]
     public class StartupController : BaseJellyfinApiController
     {
         private readonly IServerConfigurationManager _config;
         private readonly IUserManager _userManager;
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="StartupController" /> class.
+        /// </summary>
+        /// <param name="config">The server configuration manager.</param>
+        /// <param name="userManager">The user manager.</param>
         public StartupController(IServerConfigurationManager config, IUserManager userManager)
         {
             _config = config;
             _userManager = userManager;
         }
 
+        /// <summary>
+        /// Api endpoint for completing the startup wizard.
+        /// </summary>
         [HttpPost("Complete")]
         public void CompleteWizard()
         {
@@ -28,6 +39,10 @@ namespace Jellyfin.Api.Controllers
             _config.SaveConfiguration();
         }
 
+        /// <summary>
+        /// Endpoint for getting the initial startup wizard configuration.
+        /// </summary>
+        /// <returns>The initial startup wizard configuration.</returns>
         [HttpGet("Configuration")]
         public StartupConfigurationDto GetStartupConfiguration()
         {
@@ -41,6 +56,12 @@ namespace Jellyfin.Api.Controllers
             return result;
         }
 
+        /// <summary>
+        /// Endpoint for updating the initial startup wizard configuration.
+        /// </summary>
+        /// <param name="uiCulture">The UI language culture.</param>
+        /// <param name="metadataCountryCode">The metadata country code.</param>
+        /// <param name="preferredMetadataLanguage">The preferred language for metadata.</param>
         [HttpPost("Configuration")]
         public void UpdateInitialConfiguration(
             [FromForm] string uiCulture,
@@ -53,6 +74,11 @@ namespace Jellyfin.Api.Controllers
             _config.SaveConfiguration();
         }
 
+        /// <summary>
+        /// Endpoint for (dis)allowing remote access and UPnP.
+        /// </summary>
+        /// <param name="enableRemoteAccess">Enable remote access.</param>
+        /// <param name="enableAutomaticPortMapping">Enable UPnP.</param>
         [HttpPost("RemoteAccess")]
         public void SetRemoteAccess([FromForm] bool enableRemoteAccess, [FromForm] bool enableAutomaticPortMapping)
         {
@@ -61,8 +87,12 @@ namespace Jellyfin.Api.Controllers
             _config.SaveConfiguration();
         }
 
+        /// <summary>
+        /// Endpoint for returning the first user.
+        /// </summary>
+        /// <returns>The first user.</returns>
         [HttpGet("User")]
-        public StartupUserDto GetUser()
+        public StartupUserDto GetFirstUser()
         {
             var user = _userManager.Users.First();
 
@@ -73,6 +103,11 @@ namespace Jellyfin.Api.Controllers
             };
         }
 
+        /// <summary>
+        /// Endpoint for updating the user name and password.
+        /// </summary>
+        /// <param name="startupUserDto">The DTO containing username and password.</param>
+        /// <returns>The async task.</returns>
         [HttpPost("User")]
         public async Task UpdateUser([FromForm] StartupUserDto startupUserDto)
         {
diff --git a/Jellyfin.Api/Enums/UserRole.cs b/Jellyfin.Api/Enums/UserRole.cs
new file mode 100644
index 0000000000..05826d9f41
--- /dev/null
+++ b/Jellyfin.Api/Enums/UserRole.cs
@@ -0,0 +1,23 @@
+namespace Jellyfin.Api.Enums
+{
+    /// <summary>
+    /// Enum for user roles used in the authentication and authorization for the API.
+    /// </summary>
+    public enum UserRole
+    {
+        /// <summary>
+        /// Guest user.
+        /// </summary>
+        Guest = 0,
+
+        /// <summary>
+        /// Regular user with no special privileges.
+        /// </summary>
+        User = 1,
+
+        /// <summary>
+        /// Administrator user with elevated privileges.
+        /// </summary>
+        Administrator = 2
+    }
+}
diff --git a/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs b/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
index 18442bf272..f70466ebec 100644
--- a/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
+++ b/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
@@ -2,8 +2,16 @@ using Microsoft.AspNetCore.Builder;
 
 namespace Jellyfin.Api.Extensions
 {
+    /// <summary>
+    /// Extensions for adding API specific functionality to the application pipeline.
+    /// </summary>
     public static class ApiApplicationBuilderExtensions
     {
+        /// <summary>
+        /// Adds swagger and swagger UI to the application pipeline.
+        /// </summary>
+        /// <param name="applicationBuilder">The application builder.</param>
+        /// <returns>The updated application builder.</returns>
         public static IApplicationBuilder UseJellyfinApiSwagger(this IApplicationBuilder applicationBuilder)
         {
             applicationBuilder.UseSwagger();
diff --git a/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
index 1c682f8e43..38f5f6d390 100644
--- a/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
@@ -1,4 +1,3 @@
-using Emby.Server.Implementations;
 using Jellyfin.Api.Auth;
 using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
 using Jellyfin.Api.Auth.RequiresElevationPolicy;
@@ -12,8 +11,16 @@ using Microsoft.OpenApi.Models;
 
 namespace Jellyfin.Api.Extensions
 {
+    /// <summary>
+    /// API specific extensions for the service collection.
+    /// </summary>
     public static class ApiServiceCollectionExtensions
     {
+        /// <summary>
+        /// Adds jellyfin API authorization policies to the DI container.
+        /// </summary>
+        /// <param name="serviceCollection">The service collection.</param>
+        /// <returns>The updated service collection.</returns>
         public static IServiceCollection AddJellyfinApiAuthorization(this IServiceCollection serviceCollection)
         {
             serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeSetupOrElevatedHandler>();
@@ -37,12 +44,23 @@ namespace Jellyfin.Api.Extensions
             });
         }
 
+        /// <summary>
+        /// Adds custom legacy authentication to the service collection.
+        /// </summary>
+        /// <param name="serviceCollection">The service collection.</param>
+        /// <returns>The updated service collection.</returns>
         public static AuthenticationBuilder AddCustomAuthentication(this IServiceCollection serviceCollection)
         {
             return serviceCollection.AddAuthentication("CustomAuthentication")
                 .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>("CustomAuthentication", null);
         }
 
+        /// <summary>
+        /// Extension method for adding the jellyfin API to the service collection.
+        /// </summary>
+        /// <param name="serviceCollection">The service collection.</param>
+        /// <param name="baseUrl">The base url for the API.</param>
+        /// <returns>The MVC builder.</returns>
         public static IMvcBuilder AddJellyfinApi(this IServiceCollection serviceCollection, string baseUrl)
         {
             return serviceCollection.AddMvc(opts =>
@@ -55,12 +73,18 @@ namespace Jellyfin.Api.Extensions
                     opts.UseGeneralRoutePrefix(baseUrl);
                 })
                 .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
+
                 // Clear app parts to avoid other assemblies being picked up
                 .ConfigureApplicationPartManager(a => a.ApplicationParts.Clear())
                 .AddApplicationPart(typeof(StartupController).Assembly)
                 .AddControllersAsServices();
         }
 
+        /// <summary>
+        /// Adds Swagger to the service collection.
+        /// </summary>
+        /// <param name="serviceCollection">The service collection.</param>
+        /// <returns>The updated service collection.</returns>
         public static IServiceCollection AddJellyfinApiSwagger(this IServiceCollection serviceCollection)
         {
             return serviceCollection.AddSwaggerGen(c =>
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
index d77861cc4a..1cc23c07b4 100644
--- a/Jellyfin.Api/Jellyfin.Api.csproj
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -2,6 +2,8 @@
 
   <PropertyGroup>
     <TargetFramework>netstandard2.1</TargetFramework>
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
   </PropertyGroup>
 
   <ItemGroup>
@@ -15,4 +17,16 @@
     <ProjectReference Include="..\MediaBrowser.Controller\MediaBrowser.Controller.csproj" />
   </ItemGroup>
 
+  <!-- Code analysers-->
+  <ItemGroup Condition=" '$(Configuration)' == 'Debug' ">
+    <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.4" />
+    <PackageReference Include="SerilogAnalyzer" Version="0.15.0" />
+    <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" />
+    <PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" />
+  </ItemGroup>
+
+  <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
+    <CodeAnalysisRuleSet>../jellyfin.ruleset</CodeAnalysisRuleSet>
+  </PropertyGroup>
+
 </Project>
diff --git a/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs b/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
index 769d2e1bb6..dac15e412c 100644
--- a/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
+++ b/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
@@ -1,9 +1,23 @@
 namespace Jellyfin.Api.Models.Startup
 {
+    /// <summary>
+    /// The startup configuration DTO.
+    /// </summary>
     public class StartupConfigurationDto
     {
+        /// <summary>
+        /// Gets or sets UI language culture.
+        /// </summary>
         public string UICulture { get; set; }
+
+        /// <summary>
+        /// Gets or sets the metadata country code.
+        /// </summary>
         public string MetadataCountryCode { get; set; }
+
+        /// <summary>
+        /// Gets or sets the preferred language for the metadata.
+        /// </summary>
         public string PreferredMetadataLanguage { get; set; }
     }
 }
diff --git a/Jellyfin.Api/Models/Startup/StartupUserDto.cs b/Jellyfin.Api/Models/Startup/StartupUserDto.cs
index c7c2e8cb04..7e890d76a0 100644
--- a/Jellyfin.Api/Models/Startup/StartupUserDto.cs
+++ b/Jellyfin.Api/Models/Startup/StartupUserDto.cs
@@ -1,8 +1,18 @@
 namespace Jellyfin.Api.Models.Startup
 {
+    /// <summary>
+    /// The startup user DTO.
+    /// </summary>
     public class StartupUserDto
     {
+        /// <summary>
+        /// Gets or sets the username.
+        /// </summary>
         public string Name { get; set; }
+
+        /// <summary>
+        /// Gets or sets the user's password.
+        /// </summary>
         public string Password { get; set; }
     }
 }
diff --git a/Jellyfin.Api/MvcRoutePrefix.cs b/Jellyfin.Api/MvcRoutePrefix.cs
index 974a2a8852..e009730947 100644
--- a/Jellyfin.Api/MvcRoutePrefix.cs
+++ b/Jellyfin.Api/MvcRoutePrefix.cs
@@ -3,10 +3,18 @@ using System.Linq;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.ApplicationModels;
 
-namespace Emby.Server.Implementations
+namespace Jellyfin.Api
 {
+    /// <summary>
+    /// Route prefixing for ASP.NET MVC.
+    /// </summary>
     public static class MvcRoutePrefix
     {
+        /// <summary>
+        /// Adds route prefixes to the MVC conventions.
+        /// </summary>
+        /// <param name="opts">The MVC options.</param>
+        /// <param name="prefixes">The list of prefixes.</param>
         public static void UseGeneralRoutePrefix(this MvcOptions opts, params string[] prefixes)
         {
             opts.Conventions.Insert(0, new RoutePrefixConvention(prefixes));

From 111b46599a66e81a8449e777cccc516c06b7548d Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sat, 23 Nov 2019 20:46:01 +0100
Subject: [PATCH 08/12] Remove unused reference

---
 Emby.Server.Implementations/Emby.Server.Implementations.csproj | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Emby.Server.Implementations/Emby.Server.Implementations.csproj b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
index 6fc48a2e19..9f524a4afd 100644
--- a/Emby.Server.Implementations/Emby.Server.Implementations.csproj
+++ b/Emby.Server.Implementations/Emby.Server.Implementations.csproj
@@ -21,7 +21,6 @@
 
   <ItemGroup>
     <PackageReference Include="IPNetwork2" Version="2.4.0.126" />
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Server.Abstractions" Version="2.2.0" />

From 27e3cf15588f8ab8fe19aa611d79fa2ccd8ecda8 Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sun, 24 Nov 2019 15:27:58 +0100
Subject: [PATCH 09/12] Move appbuilder and service collection to
 Jellyfin.Server

---
 .../ApplicationHost.cs                        | 110 +++---------------
 .../HttpServer/HttpListenerHost.cs            |   3 +-
 .../Session/SessionWebSocketListener.cs       |   4 +-
 Jellyfin.Api/Controllers/StartupController.cs |   2 +-
 .../StartupConfigurationDto.cs                |   2 +-
 .../StartupUserDto.cs                         |   2 +-
 .../ApiApplicationBuilderExtensions.cs        |   2 +-
 .../ApiServiceCollectionExtensions.cs         |  11 +-
 Jellyfin.Server/Jellyfin.Server.csproj        |   4 +
 Jellyfin.Server/Program.cs                    |  70 ++++++++++-
 Jellyfin.Server/Startup.cs                    |  81 +++++++++++++
 .../IServerApplicationHost.cs                 |   5 +
 12 files changed, 184 insertions(+), 112 deletions(-)
 rename Jellyfin.Api/Models/{Startup => StartupDtos}/StartupConfigurationDto.cs (93%)
 rename Jellyfin.Api/Models/{Startup => StartupDtos}/StartupUserDto.cs (89%)
 rename {Jellyfin.Api => Jellyfin.Server}/Extensions/ApiApplicationBuilderExtensions.cs (96%)
 rename {Jellyfin.Api => Jellyfin.Server}/Extensions/ApiServiceCollectionExtensions.cs (89%)
 create mode 100644 Jellyfin.Server/Startup.cs

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index c6cdd4786b..3b9ea41219 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -47,7 +47,6 @@ using Emby.Server.Implementations.Session;
 using Emby.Server.Implementations.SocketSharp;
 using Emby.Server.Implementations.TV;
 using Emby.Server.Implementations.Updates;
-using Jellyfin.Api.Extensions;
 using MediaBrowser.Api;
 using MediaBrowser.Common;
 using MediaBrowser.Common.Configuration;
@@ -232,7 +231,7 @@ namespace Emby.Server.Implementations
             }
         }
 
-        protected IServiceProvider _serviceProvider;
+        public IServiceProvider ServiceProvider;
 
         /// <summary>
         /// Gets the server configuration manager.
@@ -461,7 +460,7 @@ namespace Emby.Server.Implementations
         /// <param name="type">The type.</param>
         /// <returns>System.Object.</returns>
         public object CreateInstance(Type type)
-            => ActivatorUtilities.CreateInstance(_serviceProvider, type);
+            => ActivatorUtilities.CreateInstance(ServiceProvider, type);
 
         /// <summary>
         /// Creates an instance of type and resolves all constructor dependencies
@@ -469,7 +468,7 @@ namespace Emby.Server.Implementations
         /// /// <typeparam name="T">The type.</typeparam>
         /// <returns>T.</returns>
         public T CreateInstance<T>()
-            => ActivatorUtilities.CreateInstance<T>(_serviceProvider);
+            => ActivatorUtilities.CreateInstance<T>(ServiceProvider);
 
         /// <summary>
         /// Creates the instance safe.
@@ -481,7 +480,7 @@ namespace Emby.Server.Implementations
             try
             {
                 Logger.LogDebug("Creating instance of {Type}", type);
-                return ActivatorUtilities.CreateInstance(_serviceProvider, type);
+                return ActivatorUtilities.CreateInstance(ServiceProvider, type);
             }
             catch (Exception ex)
             {
@@ -495,7 +494,7 @@ namespace Emby.Server.Implementations
         /// </summary>
         /// <typeparam name="T">The type</typeparam>
         /// <returns>``0.</returns>
-        public T Resolve<T>() => _serviceProvider.GetService<T>();
+        public T Resolve<T>() => ServiceProvider.GetService<T>();
 
         /// <summary>
         /// Gets the export types.
@@ -611,93 +610,14 @@ namespace Emby.Server.Implementations
 
             await RegisterResources(serviceCollection).ConfigureAwait(false);
 
-            string contentRoot = ServerConfigurationManager.Configuration.DashboardSourcePath;
-            if (string.IsNullOrEmpty(contentRoot))
+            ContentRoot = ServerConfigurationManager.Configuration.DashboardSourcePath;
+            if (string.IsNullOrEmpty(ContentRoot))
             {
-                contentRoot = ServerConfigurationManager.ApplicationPaths.WebPath;
-            }
-
-            var host = new WebHostBuilder()
-                .UseKestrel(options =>
-                {
-                    var addresses = ServerConfigurationManager
-                        .Configuration
-                        .LocalNetworkAddresses
-                        .Select(NormalizeConfiguredLocalAddress)
-                        .Where(i => i != null)
-                        .ToList();
-                    if (addresses.Any())
-                    {
-                        foreach (var address in addresses)
-                        {
-                            Logger.LogInformation("Kestrel listening on {ipaddr}", address);
-                            options.Listen(address, HttpPort);
-
-                            if (EnableHttps && Certificate != null)
-                            {
-                                options.Listen(address, HttpsPort, listenOptions => listenOptions.UseHttps(Certificate));
-                            }
-                        }
-                    }
-                    else
-                    {
-                        Logger.LogInformation("Kestrel listening on all interfaces");
-                        options.ListenAnyIP(HttpPort);
-
-                        if (EnableHttps && Certificate != null)
-                        {
-                            options.ListenAnyIP(HttpsPort, listenOptions => listenOptions.UseHttps(Certificate));
-                        }
-                    }
-                })
-                .UseContentRoot(contentRoot)
-                .ConfigureServices(services =>
-                {
-                    services.AddResponseCompression();
-                    services.AddHttpContextAccessor();
-                    services.AddJellyfinApi(ServerConfigurationManager.Configuration.BaseUrl.TrimStart('/'));
-
-                    services.AddJellyfinApiSwagger();
-
-                    // configure custom legacy authentication
-                    services.AddCustomAuthentication();
-
-                    services.AddJellyfinApiAuthorization();
-
-                    // Merge the external ServiceCollection into ASP.NET DI
-                    services.TryAdd(serviceCollection);
-                })
-                .Configure(app =>
-                {
-                    app.UseWebSockets();
-
-                    app.UseResponseCompression();
-
-                    // TODO app.UseMiddleware<WebSocketMiddleware>();
-                    app.Use(ExecuteWebsocketHandlerAsync);
-
-                    // TODO use when old API is removed: app.UseAuthentication();
-                    app.UseJellyfinApiSwagger();
-                    app.UseMvc();
-                    app.Use(ExecuteHttpHandlerAsync);
-                })
-                .Build();
-
-            _serviceProvider = host.Services;
-            FindParts();
-
-            try
-            {
-                await host.StartAsync().ConfigureAwait(false);
-            }
-            catch
-            {
-                Logger.LogError("Kestrel failed to start! This is most likely due to an invalid address or port bind - correct your bind configuration in system.xml and try again.");
-                throw;
+                ContentRoot = ServerConfigurationManager.ApplicationPaths.WebPath;
             }
         }
 
-        private async Task ExecuteWebsocketHandlerAsync(HttpContext context, Func<Task> next)
+        public async Task ExecuteWebsocketHandlerAsync(HttpContext context, Func<Task> next)
         {
             if (!context.WebSockets.IsWebSocketRequest)
             {
@@ -708,7 +628,7 @@ namespace Emby.Server.Implementations
             await HttpServer.ProcessWebSocketRequest(context).ConfigureAwait(false);
         }
 
-        private async Task ExecuteHttpHandlerAsync(HttpContext context, Func<Task> next)
+        public async Task ExecuteHttpHandlerAsync(HttpContext context, Func<Task> next)
         {
             if (context.WebSockets.IsWebSocketRequest)
             {
@@ -1090,9 +1010,9 @@ namespace Emby.Server.Implementations
         /// <summary>
         /// Finds the parts.
         /// </summary>
-        protected void FindParts()
+        public void FindParts()
         {
-            InstallationManager = _serviceProvider.GetService<IInstallationManager>();
+            InstallationManager = ServiceProvider.GetService<IInstallationManager>();
             InstallationManager.PluginInstalled += PluginInstalled;
 
             if (!ServerConfigurationManager.Configuration.IsPortAuthorized)
@@ -1221,7 +1141,7 @@ namespace Emby.Server.Implementations
 
         private CertificateInfo CertificateInfo { get; set; }
 
-        protected X509Certificate2 Certificate { get; private set; }
+        public X509Certificate2 Certificate { get; private set; }
 
         private IEnumerable<string> GetUrlPrefixes()
         {
@@ -1605,7 +1525,7 @@ namespace Emby.Server.Implementations
             return resultList;
         }
 
-        private IPAddress NormalizeConfiguredLocalAddress(string address)
+        public IPAddress NormalizeConfiguredLocalAddress(string address)
         {
             var index = address.Trim('/').IndexOf('/');
 
@@ -1685,6 +1605,8 @@ namespace Emby.Server.Implementations
 
         public int HttpsPort { get; private set; }
 
+        public string ContentRoot { get; private set; }
+
         /// <summary>
         /// Shuts down.
         /// </summary>
diff --git a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs
index dc1a56e271..6dd016f8a2 100644
--- a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs
+++ b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs
@@ -18,7 +18,6 @@ using MediaBrowser.Model.Events;
 using MediaBrowser.Model.Serialization;
 using MediaBrowser.Model.Services;
 using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Http.Internal;
 using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Logging;
@@ -164,7 +163,7 @@ namespace Emby.Server.Implementations.HttpServer
             {
                 OnReceive = ProcessWebSocketMessageReceived,
                 Url = e.Url,
-                QueryString = e.QueryString ?? new QueryCollection()
+                QueryString = e.QueryString
             };
 
             connection.Closed += OnConnectionClosed;
diff --git a/Emby.Server.Implementations/Session/SessionWebSocketListener.cs b/Emby.Server.Implementations/Session/SessionWebSocketListener.cs
index 63ec757626..930f2d35d3 100644
--- a/Emby.Server.Implementations/Session/SessionWebSocketListener.cs
+++ b/Emby.Server.Implementations/Session/SessionWebSocketListener.cs
@@ -4,7 +4,6 @@ using MediaBrowser.Controller.Net;
 using MediaBrowser.Controller.Session;
 using MediaBrowser.Model.Events;
 using MediaBrowser.Model.Serialization;
-using MediaBrowser.Model.Services;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 
@@ -67,7 +66,7 @@ namespace Emby.Server.Implementations.Session
         {
             if (queryString == null)
             {
-                throw new ArgumentNullException(nameof(queryString));
+                return null;
             }
 
             var token = queryString["api_key"];
@@ -75,6 +74,7 @@ namespace Emby.Server.Implementations.Session
             {
                 return null;
             }
+
             var deviceId = queryString["deviceId"];
             return _sessionManager.GetSessionByAuthenticationToken(token, deviceId, remoteEndpoint);
         }
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index 0e7d17a27f..50f3dc83cf 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -1,6 +1,6 @@
 using System.Linq;
 using System.Threading.Tasks;
-using Jellyfin.Api.Models.Startup;
+using Jellyfin.Api.Models.StartupDtos;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
 using Microsoft.AspNetCore.Authorization;
diff --git a/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs b/Jellyfin.Api/Models/StartupDtos/StartupConfigurationDto.cs
similarity index 93%
rename from Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
rename to Jellyfin.Api/Models/StartupDtos/StartupConfigurationDto.cs
index dac15e412c..d048dad0a1 100644
--- a/Jellyfin.Api/Models/Startup/StartupConfigurationDto.cs
+++ b/Jellyfin.Api/Models/StartupDtos/StartupConfigurationDto.cs
@@ -1,4 +1,4 @@
-namespace Jellyfin.Api.Models.Startup
+namespace Jellyfin.Api.Models.StartupDtos
 {
     /// <summary>
     /// The startup configuration DTO.
diff --git a/Jellyfin.Api/Models/Startup/StartupUserDto.cs b/Jellyfin.Api/Models/StartupDtos/StartupUserDto.cs
similarity index 89%
rename from Jellyfin.Api/Models/Startup/StartupUserDto.cs
rename to Jellyfin.Api/Models/StartupDtos/StartupUserDto.cs
index 7e890d76a0..3a9348037a 100644
--- a/Jellyfin.Api/Models/Startup/StartupUserDto.cs
+++ b/Jellyfin.Api/Models/StartupDtos/StartupUserDto.cs
@@ -1,4 +1,4 @@
-namespace Jellyfin.Api.Models.Startup
+namespace Jellyfin.Api.Models.StartupDtos
 {
     /// <summary>
     /// The startup user DTO.
diff --git a/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs b/Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
similarity index 96%
rename from Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
rename to Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
index f70466ebec..db06eb4552 100644
--- a/Jellyfin.Api/Extensions/ApiApplicationBuilderExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
@@ -1,6 +1,6 @@
 using Microsoft.AspNetCore.Builder;
 
-namespace Jellyfin.Api.Extensions
+namespace Jellyfin.Server.Extensions
 {
     /// <summary>
     /// Extensions for adding API specific functionality to the application pipeline.
diff --git a/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
similarity index 89%
rename from Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
rename to Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index 38f5f6d390..e5a8937e87 100644
--- a/Jellyfin.Api/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -1,15 +1,14 @@
+using Jellyfin.Api;
 using Jellyfin.Api.Auth;
 using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
 using Jellyfin.Api.Auth.RequiresElevationPolicy;
 using Jellyfin.Api.Controllers;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.Authorization;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.OpenApi.Models;
 
-namespace Jellyfin.Api.Extensions
+namespace Jellyfin.Server.Extensions
 {
     /// <summary>
     /// API specific extensions for the service collection.
@@ -65,14 +64,8 @@ namespace Jellyfin.Api.Extensions
         {
             return serviceCollection.AddMvc(opts =>
                 {
-                    var policy = new AuthorizationPolicyBuilder()
-                        .RequireAuthenticatedUser()
-                        .Build();
-                    opts.Filters.Add(new AuthorizeFilter(policy));
-                    opts.EnableEndpointRouting = false;
                     opts.UseGeneralRoutePrefix(baseUrl);
                 })
-                .SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
 
                 // Clear app parts to avoid other assemblies being picked up
                 .ConfigureApplicationPartManager(a => a.ApplicationParts.Clear())
diff --git a/Jellyfin.Server/Jellyfin.Server.csproj b/Jellyfin.Server/Jellyfin.Server.csproj
index 4238d7fe3e..dc784becfb 100644
--- a/Jellyfin.Server/Jellyfin.Server.csproj
+++ b/Jellyfin.Server/Jellyfin.Server.csproj
@@ -20,6 +20,10 @@
     <EmbeddedResource Include="Resources/Configuration/*" />
   </ItemGroup>
 
+  <ItemGroup>
+    <FrameworkReference Include="Microsoft.AspNetCore.App" />
+  </ItemGroup>
+  
   <!-- Code analyzers-->
   <ItemGroup Condition=" '$(Configuration)' == 'Debug' ">
     <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.4" />
diff --git a/Jellyfin.Server/Program.cs b/Jellyfin.Server/Program.cs
index e8bd0cd309..998f1125f5 100644
--- a/Jellyfin.Server/Program.cs
+++ b/Jellyfin.Server/Program.cs
@@ -18,8 +18,10 @@ using Jellyfin.Drawing.Skia;
 using MediaBrowser.Common.Configuration;
 using MediaBrowser.Controller.Drawing;
 using MediaBrowser.Model.Globalization;
+using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Logging;
 using Serilog;
 using Serilog.Extensions.Logging;
@@ -164,7 +166,24 @@ namespace Jellyfin.Server
                 appConfig);
             try
             {
-                await appHost.InitAsync(new ServiceCollection()).ConfigureAwait(false);
+                ServiceCollection serviceCollection = new ServiceCollection();
+                await appHost.InitAsync(serviceCollection).ConfigureAwait(false);
+
+                var host = CreateWebHostBuilder(appHost, serviceCollection).Build();
+
+                // A bit hacky to re-use service provider since ASP.NET doesn't allow a custom service collection.
+                appHost.ServiceProvider = host.Services;
+                appHost.FindParts();
+
+                try
+                {
+                    await host.StartAsync().ConfigureAwait(false);
+                }
+                catch
+                {
+                    _logger.LogError("Kestrel failed to start! This is most likely due to an invalid address or port bind - correct your bind configuration in system.xml and try again.");
+                    throw;
+                }
 
                 appHost.ImageProcessor.ImageEncoder = GetImageEncoder(appPaths, appHost.LocalizationManager);
 
@@ -196,6 +215,55 @@ namespace Jellyfin.Server
             }
         }
 
+        private static IWebHostBuilder CreateWebHostBuilder(ApplicationHost appHost, IServiceCollection serviceCollection)
+        {
+            return new WebHostBuilder()
+                .UseKestrel(options =>
+                {
+                    var addresses = appHost.ServerConfigurationManager
+                        .Configuration
+                        .LocalNetworkAddresses
+                        .Select(appHost.NormalizeConfiguredLocalAddress)
+                        .Where(i => i != null)
+                        .ToList();
+                    if (addresses.Any())
+                    {
+                        foreach (var address in addresses)
+                        {
+                            _logger.LogInformation("Kestrel listening on {ipaddr}", address);
+                            options.Listen(address, appHost.HttpPort);
+
+                            if (appHost.EnableHttps && appHost.Certificate != null)
+                            {
+                                options.Listen(
+                                    address,
+                                    appHost.HttpsPort,
+                                    listenOptions => listenOptions.UseHttps(appHost.Certificate));
+                            }
+                        }
+                    }
+                    else
+                    {
+                        _logger.LogInformation("Kestrel listening on all interfaces");
+                        options.ListenAnyIP(appHost.HttpPort);
+
+                        if (appHost.EnableHttps && appHost.Certificate != null)
+                        {
+                            options.ListenAnyIP(
+                                appHost.HttpsPort,
+                                listenOptions => listenOptions.UseHttps(appHost.Certificate));
+                        }
+                    }
+                })
+                .UseContentRoot(appHost.ContentRoot)
+                .ConfigureServices(services =>
+                {
+                    // Merge the external ServiceCollection into ASP.NET DI
+                    services.TryAdd(serviceCollection);
+                })
+                .UseStartup<Startup>();
+        }
+
         /// <summary>
         /// Create the data, config and log paths from the variety of inputs(command line args,
         /// environment variables) or decide on what default to use. For Windows it's %AppPath%
diff --git a/Jellyfin.Server/Startup.cs b/Jellyfin.Server/Startup.cs
new file mode 100644
index 0000000000..3ee5fb8b50
--- /dev/null
+++ b/Jellyfin.Server/Startup.cs
@@ -0,0 +1,81 @@
+using Jellyfin.Server.Extensions;
+using MediaBrowser.Controller;
+using MediaBrowser.Controller.Configuration;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+
+namespace Jellyfin.Server
+{
+    /// <summary>
+    /// Startup configuration for the Kestrel webhost.
+    /// </summary>
+    public class Startup
+    {
+        private readonly IServerConfigurationManager _serverConfigurationManager;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="Startup" /> class.
+        /// </summary>
+        /// <param name="serverConfigurationManager">The server configuration manager.</param>
+        public Startup(IServerConfigurationManager serverConfigurationManager)
+        {
+            _serverConfigurationManager = serverConfigurationManager;
+        }
+
+        /// <summary>
+        /// Configures the service collection for the webhost.
+        /// </summary>
+        /// <param name="services">The service collection.</param>
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddResponseCompression();
+            services.AddHttpContextAccessor();
+            services.AddJellyfinApi(_serverConfigurationManager.Configuration.BaseUrl.TrimStart('/'));
+
+            services.AddJellyfinApiSwagger();
+
+            // configure custom legacy authentication
+            services.AddCustomAuthentication();
+
+            services.AddJellyfinApiAuthorization();
+        }
+
+        /// <summary>
+        /// Configures the app builder for the webhost.
+        /// </summary>
+        /// <param name="app">The application builder.</param>
+        /// <param name="env">The webhost environment.</param>
+        /// <param name="serverApplicationHost">The server application host.</param>
+        public void Configure(
+            IApplicationBuilder app,
+            IWebHostEnvironment env,
+            IServerApplicationHost serverApplicationHost)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+            }
+
+            app.UseWebSockets();
+
+            app.UseResponseCompression();
+
+            // TODO app.UseMiddleware<WebSocketMiddleware>();
+            app.Use(serverApplicationHost.ExecuteWebsocketHandlerAsync);
+
+            // TODO use when old API is removed: app.UseAuthentication();
+            app.UseJellyfinApiSwagger();
+            app.UseRouting();
+            app.UseAuthorization();
+            app.UseEndpoints(endpoints =>
+            {
+                endpoints.MapControllers();
+            });
+
+            app.Use(serverApplicationHost.ExecuteHttpHandlerAsync);
+        }
+    }
+}
diff --git a/MediaBrowser.Controller/IServerApplicationHost.cs b/MediaBrowser.Controller/IServerApplicationHost.cs
index 61b2c15ae2..b3c56bdd5f 100644
--- a/MediaBrowser.Controller/IServerApplicationHost.cs
+++ b/MediaBrowser.Controller/IServerApplicationHost.cs
@@ -5,6 +5,7 @@ using System.Threading;
 using System.Threading.Tasks;
 using MediaBrowser.Common;
 using MediaBrowser.Model.System;
+using Microsoft.AspNetCore.Http;
 
 namespace MediaBrowser.Controller
 {
@@ -87,5 +88,9 @@ namespace MediaBrowser.Controller
 
         string ExpandVirtualPath(string path);
         string ReverseVirtualPath(string path);
+
+        Task ExecuteHttpHandlerAsync(HttpContext context, Func<Task> next);
+
+        Task ExecuteWebsocketHandlerAsync(HttpContext context, Func<Task> next);
     }
 }

From 2af5922af06c865d676e817112ef76a92a23e1b6 Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sun, 24 Nov 2019 18:25:43 +0100
Subject: [PATCH 10/12] Fix review comments

---
 Emby.Server.Implementations/ApplicationHost.cs       |  7 +++++--
 .../HttpServer/Security/AuthService.cs               |  4 ++--
 Jellyfin.Api/Auth/CustomAuthenticationHandler.cs     |  4 ++--
 .../FirstTimeSetupOrElevatedHandler.cs               |  4 ++--
 .../RequiresElevationHandler.cs                      |  4 ++--
 Jellyfin.Api/{Enums => Constants}/UserRole.cs        | 12 ++++++------
 Jellyfin.Api/Jellyfin.Api.csproj                     |  2 +-
 7 files changed, 20 insertions(+), 17 deletions(-)
 rename Jellyfin.Api/{Enums => Constants}/UserRole.cs (51%)

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 3b9ea41219..4fd08258af 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -231,7 +231,10 @@ namespace Emby.Server.Implementations
             }
         }
 
-        public IServiceProvider ServiceProvider;
+        /// <summary>
+        /// Gets or sets the service provider.
+        /// </summary>
+        public IServiceProvider ServiceProvider { get; set; }
 
         /// <summary>
         /// Gets the server configuration manager.
@@ -835,7 +838,7 @@ namespace Emby.Server.Implementations
             serviceCollection.AddSingleton<IAuthorizationContext>(authContext);
             serviceCollection.AddSingleton<ISessionContext>(new SessionContext(UserManager, authContext, SessionManager));
 
-            AuthService = new AuthService(LoggerFactory, authContext, ServerConfigurationManager, SessionManager, NetworkManager);
+            AuthService = new AuthService(LoggerFactory.CreateLogger<AuthService>(), authContext, ServerConfigurationManager, SessionManager, NetworkManager);
             serviceCollection.AddSingleton(AuthService);
 
             SubtitleEncoder = new MediaBrowser.MediaEncoding.Subtitles.SubtitleEncoder(LibraryManager, LoggerFactory, ApplicationPaths, FileSystemManager, MediaEncoder, JsonSerializer, HttpClient, MediaSourceManager, ProcessFactory);
diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
index 81dab83d5e..594f464989 100644
--- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
@@ -22,13 +22,13 @@ namespace Emby.Server.Implementations.HttpServer.Security
         private readonly INetworkManager _networkManager;
 
         public AuthService(
-            ILoggerFactory loggerFactory,
+            ILogger<AuthService> logger,
             IAuthorizationContext authorizationContext,
             IServerConfigurationManager config,
             ISessionManager sessionManager,
             INetworkManager networkManager)
         {
-            _logger = loggerFactory.CreateLogger<AuthService>();
+            _logger = logger;
             _authorizationContext = authorizationContext;
             _config = config;
             _sessionManager = sessionManager;
diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index a753d60838..6ca992c61b 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -1,7 +1,7 @@
 using System.Security.Claims;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
-using Jellyfin.Api.Enums;
+using Jellyfin.Api.Constants;
 using MediaBrowser.Controller.Net;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.Logging;
@@ -51,7 +51,7 @@ namespace Jellyfin.Api.Auth
                     new Claim(ClaimTypes.Name, user.Name),
                     new Claim(
                         ClaimTypes.Role,
-                        value: user.Policy.IsAdministrator ? UserRole.Administrator.ToString() : UserRole.User.ToString())
+                        value: user.Policy.IsAdministrator ? UserRole.Administrator : UserRole.User)
                 };
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
                 var principal = new ClaimsPrincipal(identity);
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
index f07e568dea..2450e7bc73 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
@@ -1,5 +1,5 @@
 using System.Threading.Tasks;
-using Jellyfin.Api.Enums;
+using Jellyfin.Api.Constants;
 using MediaBrowser.Common.Configuration;
 using Microsoft.AspNetCore.Authorization;
 
@@ -28,7 +28,7 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
-            else if (context.User.IsInRole(UserRole.Administrator.ToString()))
+            else if (context.User.IsInRole(UserRole.Administrator))
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
index 8674f3e262..108c29a2cc 100644
--- a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
@@ -1,5 +1,5 @@
 using System.Threading.Tasks;
-using Jellyfin.Api.Enums;
+using Jellyfin.Api.Constants;
 using Microsoft.AspNetCore.Authorization;
 
 namespace Jellyfin.Api.Auth.RequiresElevationPolicy
@@ -12,7 +12,7 @@ namespace Jellyfin.Api.Auth.RequiresElevationPolicy
         /// <inheritdoc />
         protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RequiresElevationRequirement requirement)
         {
-            if (context.User.IsInRole(UserRole.Administrator.ToString()))
+            if (context.User.IsInRole(UserRole.Administrator))
             {
                 context.Succeed(requirement);
             }
diff --git a/Jellyfin.Api/Enums/UserRole.cs b/Jellyfin.Api/Constants/UserRole.cs
similarity index 51%
rename from Jellyfin.Api/Enums/UserRole.cs
rename to Jellyfin.Api/Constants/UserRole.cs
index 05826d9f41..b1da615575 100644
--- a/Jellyfin.Api/Enums/UserRole.cs
+++ b/Jellyfin.Api/Constants/UserRole.cs
@@ -1,23 +1,23 @@
-namespace Jellyfin.Api.Enums
+namespace Jellyfin.Api.Constants
 {
     /// <summary>
-    /// Enum for user roles used in the authentication and authorization for the API.
+    /// Constants for user roles used in the authentication and authorization for the API.
     /// </summary>
-    public enum UserRole
+    public static class UserRole
     {
         /// <summary>
         /// Guest user.
         /// </summary>
-        Guest = 0,
+        public const string Guest = "Guest";
 
         /// <summary>
         /// Regular user with no special privileges.
         /// </summary>
-        User = 1,
+        public const string User = "User";
 
         /// <summary>
         /// Administrator user with elevated privileges.
         /// </summary>
-        Administrator = 2
+        public const string Administrator = "Administrator";
     }
 }
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
index 1cc23c07b4..6ad97b60f3 100644
--- a/Jellyfin.Api/Jellyfin.Api.csproj
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -19,7 +19,7 @@
 
   <!-- Code analysers-->
   <ItemGroup Condition=" '$(Configuration)' == 'Debug' ">
-    <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.4" />
+    <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.7" PrivateAssets="All" />
     <PackageReference Include="SerilogAnalyzer" Version="0.15.0" />
     <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" />
     <PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" />

From 47a4f2f387825d9c249c53b3796a43e3eac52b58 Mon Sep 17 00:00:00 2001
From: Claus Vium <clausvium@gmail.com>
Date: Sun, 24 Nov 2019 19:25:46 +0100
Subject: [PATCH 11/12] Fix more review comments

---
 .../ApplicationHost.cs                        | 21 +++++++++++++------
 .../Auth/CustomAuthenticationHandler.cs       |  2 +-
 .../FirstTimeSetupOrElevatedHandler.cs        |  2 +-
 .../RequiresElevationHandler.cs               |  2 +-
 .../Constants/AuthenticationSchemes.cs        | 13 ++++++++++++
 Jellyfin.Api/Constants/Policies.cs            | 18 ++++++++++++++++
 .../Constants/{UserRole.cs => UserRoles.cs}   |  2 +-
 Jellyfin.Api/Controllers/StartupController.cs |  3 ++-
 Jellyfin.Api/Jellyfin.Api.csproj              |  6 +++---
 .../ApiServiceCollectionExtensions.cs         | 13 ++++++------
 10 files changed, 62 insertions(+), 20 deletions(-)
 create mode 100644 Jellyfin.Api/Constants/AuthenticationSchemes.cs
 create mode 100644 Jellyfin.Api/Constants/Policies.cs
 rename Jellyfin.Api/Constants/{UserRole.cs => UserRoles.cs} (94%)

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 4fd08258af..c5f8b58c44 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -236,6 +236,21 @@ namespace Emby.Server.Implementations
         /// </summary>
         public IServiceProvider ServiceProvider { get; set; }
 
+        /// <summary>
+        /// Gets the http port for the webhost.
+        /// </summary>
+        public int HttpPort { get; private set; }
+
+        /// <summary>
+        /// Gets the https port for the webhost.
+        /// </summary>
+        public int HttpsPort { get; private set; }
+
+        /// <summary>
+        /// Gets the content root for the webhost.
+        /// </summary>
+        public string ContentRoot { get; private set; }
+
         /// <summary>
         /// Gets the server configuration manager.
         /// </summary>
@@ -1604,12 +1619,6 @@ namespace Emby.Server.Implementations
                 ? Environment.MachineName
                 : ServerConfigurationManager.Configuration.ServerName;
 
-        public int HttpPort { get; private set; }
-
-        public int HttpsPort { get; private set; }
-
-        public string ContentRoot { get; private set; }
-
         /// <summary>
         /// Shuts down.
         /// </summary>
diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index 6ca992c61b..26f7d9d2dd 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -51,7 +51,7 @@ namespace Jellyfin.Api.Auth
                     new Claim(ClaimTypes.Name, user.Name),
                     new Claim(
                         ClaimTypes.Role,
-                        value: user.Policy.IsAdministrator ? UserRole.Administrator : UserRole.User)
+                        value: user.Policy.IsAdministrator ? UserRoles.Administrator : UserRoles.User)
                 };
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
                 var principal = new ClaimsPrincipal(identity);
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
index 2450e7bc73..34aa5d12c8 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
@@ -28,7 +28,7 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
-            else if (context.User.IsInRole(UserRole.Administrator))
+            else if (context.User.IsInRole(UserRoles.Administrator))
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
index 108c29a2cc..2d3bb1aa48 100644
--- a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
@@ -12,7 +12,7 @@ namespace Jellyfin.Api.Auth.RequiresElevationPolicy
         /// <inheritdoc />
         protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RequiresElevationRequirement requirement)
         {
-            if (context.User.IsInRole(UserRole.Administrator))
+            if (context.User.IsInRole(UserRoles.Administrator))
             {
                 context.Succeed(requirement);
             }
diff --git a/Jellyfin.Api/Constants/AuthenticationSchemes.cs b/Jellyfin.Api/Constants/AuthenticationSchemes.cs
new file mode 100644
index 0000000000..bac3379e71
--- /dev/null
+++ b/Jellyfin.Api/Constants/AuthenticationSchemes.cs
@@ -0,0 +1,13 @@
+namespace Jellyfin.Api.Constants
+{
+    /// <summary>
+    /// Authentication schemes for user authentication in the API.
+    /// </summary>
+    public static class AuthenticationSchemes
+    {
+        /// <summary>
+        /// Scheme name for the custom legacy authentication.
+        /// </summary>
+        public const string CustomAuthentication = "CustomAuthentication";
+    }
+}
diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs
new file mode 100644
index 0000000000..e2b383f75d
--- /dev/null
+++ b/Jellyfin.Api/Constants/Policies.cs
@@ -0,0 +1,18 @@
+namespace Jellyfin.Api.Constants
+{
+    /// <summary>
+    /// Policies for the API authorization.
+    /// </summary>
+    public static class Policies
+    {
+        /// <summary>
+        /// Policy name for requiring first time setup or elevated privileges.
+        /// </summary>
+        public const string FirstTimeSetupOrElevated = "FirstTimeOrElevated";
+
+        /// <summary>
+        /// Policy name for requiring elevated privileges.
+        /// </summary>
+        public const string RequiresElevation = "RequiresElevation";
+    }
+}
diff --git a/Jellyfin.Api/Constants/UserRole.cs b/Jellyfin.Api/Constants/UserRoles.cs
similarity index 94%
rename from Jellyfin.Api/Constants/UserRole.cs
rename to Jellyfin.Api/Constants/UserRoles.cs
index b1da615575..d9a536e7d7 100644
--- a/Jellyfin.Api/Constants/UserRole.cs
+++ b/Jellyfin.Api/Constants/UserRoles.cs
@@ -3,7 +3,7 @@ namespace Jellyfin.Api.Constants
     /// <summary>
     /// Constants for user roles used in the authentication and authorization for the API.
     /// </summary>
-    public static class UserRole
+    public static class UserRoles
     {
         /// <summary>
         /// Guest user.
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index 50f3dc83cf..1014c8c56b 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -1,5 +1,6 @@
 using System.Linq;
 using System.Threading.Tasks;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Models.StartupDtos;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
@@ -11,7 +12,7 @@ namespace Jellyfin.Api.Controllers
     /// <summary>
     /// The startup wizard controller.
     /// </summary>
-    [Authorize(Policy = "FirstTimeSetupOrElevated")]
+    [Authorize(Policy = Policies.FirstTimeSetupOrElevated)]
     public class StartupController : BaseJellyfinApiController
     {
         private readonly IServerConfigurationManager _config;
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
index 6ad97b60f3..a2818b45da 100644
--- a/Jellyfin.Api/Jellyfin.Api.csproj
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -20,9 +20,9 @@
   <!-- Code analysers-->
   <ItemGroup Condition=" '$(Configuration)' == 'Debug' ">
     <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.7" PrivateAssets="All" />
-    <PackageReference Include="SerilogAnalyzer" Version="0.15.0" />
-    <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" />
-    <PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" />
+    <PackageReference Include="SerilogAnalyzer" Version="0.15.0" PrivateAssets="All" />
+    <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" PrivateAssets="All" />
+    <PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" PrivateAssets="All" />
   </ItemGroup>
 
   <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index e5a8937e87..dd4f9cd238 100644
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -2,6 +2,7 @@ using Jellyfin.Api;
 using Jellyfin.Api.Auth;
 using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
 using Jellyfin.Api.Auth.RequiresElevationPolicy;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Controllers;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
@@ -27,17 +28,17 @@ namespace Jellyfin.Server.Extensions
             return serviceCollection.AddAuthorizationCore(options =>
             {
                 options.AddPolicy(
-                    "RequiresElevation",
+                    Policies.RequiresElevation,
                     policy =>
                     {
-                        policy.AddAuthenticationSchemes("CustomAuthentication");
+                        policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
                         policy.AddRequirements(new RequiresElevationRequirement());
                     });
                 options.AddPolicy(
-                    "FirstTimeSetupOrElevated",
+                    Policies.FirstTimeSetupOrElevated,
                     policy =>
                     {
-                        policy.AddAuthenticationSchemes("CustomAuthentication");
+                        policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
                         policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement());
                     });
             });
@@ -50,8 +51,8 @@ namespace Jellyfin.Server.Extensions
         /// <returns>The updated service collection.</returns>
         public static AuthenticationBuilder AddCustomAuthentication(this IServiceCollection serviceCollection)
         {
-            return serviceCollection.AddAuthentication("CustomAuthentication")
-                .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>("CustomAuthentication", null);
+            return serviceCollection.AddAuthentication(AuthenticationSchemes.CustomAuthentication)
+                .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>(AuthenticationSchemes.CustomAuthentication, null);
         }
 
         /// <summary>

From 080b1069914cdca8a4e342ce9fa0a58578248420 Mon Sep 17 00:00:00 2001
From: Claus Vium <cvium@users.noreply.github.com>
Date: Tue, 26 Nov 2019 10:20:45 +0100
Subject: [PATCH 12/12] Update
 Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs

Co-Authored-By: Vasily <JustAMan@users.noreply.github.com>
---
 .../FirstTimeSetupOrElevatedRequirement.cs                      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
index a590155420..51ba637b60 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedRequirement.cs
@@ -3,7 +3,7 @@ using Microsoft.AspNetCore.Authorization;
 namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
 {
     /// <summary>
-    /// The authorization requirement, requiring first time setup or elevated privileges, for the authorization handler.
+    /// The authorization requirement, requiring incomplete first time setup or elevated privileges, for the authorization handler.
     /// </summary>
     public class FirstTimeSetupOrElevatedRequirement : IAuthorizationRequirement
     {