diff --git a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs
similarity index 56%
rename from Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs
rename to Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs
index d691c5594c..b2b0e08a85 100644
--- a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs
+++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs
@@ -1,37 +1,38 @@
using System.Threading.Tasks;
using MediaBrowser.Common.Net;
-using MediaBrowser.Controller.Library;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
-namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy
+namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy
{
///
/// Local access handler.
///
- public class LocalNetworkAccessHandler : BaseAuthorizationHandler
+ public class AnonymousLanAccessHandler : AuthorizationHandler
{
+ private readonly INetworkManager _networkManager;
+ private readonly IHttpContextAccessor _httpContextAccessor;
+
///
- /// Initializes a new instance of the class.
+ /// Initializes a new instance of the class.
///
- /// Instance of the interface.
/// Instance of the interface.
/// Instance of the interface.
- public LocalNetworkAccessHandler(
- IUserManager userManager,
+ public AnonymousLanAccessHandler(
INetworkManager networkManager,
IHttpContextAccessor httpContextAccessor)
- : base(userManager, networkManager, httpContextAccessor)
{
+ _networkManager = networkManager;
+ _httpContextAccessor = httpContextAccessor;
}
///
- protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, LocalNetworkAccessRequirement requirement)
+ protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AnonymousLanAccessRequirement requirement)
{
- var ip = HttpContextAccessor.HttpContext?.Connection.RemoteIpAddress;
+ var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress;
// Loopback will be on LAN, so we can accept null.
- if (ip == null || NetworkManager.IsInLocalNetwork(ip))
+ if (ip == null || _networkManager.IsInLocalNetwork(ip))
{
context.Succeed(requirement);
}
diff --git a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs
similarity index 57%
rename from Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs
rename to Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs
index 29ca9c355c..269ecf2a4f 100644
--- a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs
+++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs
@@ -1,11 +1,11 @@
using Microsoft.AspNetCore.Authorization;
-namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy
+namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy
{
///
/// The local network authorization requirement.
///
- public class LocalNetworkAccessRequirement : IAuthorizationRequirement
+ public class AnonymousLanAccessRequirement : IAuthorizationRequirement
{
}
}
diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
index 62d590b184..13d3257dff 100644
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@@ -36,16 +36,6 @@ namespace Jellyfin.Api.Auth
_httpContextAccessor = httpContextAccessor;
}
- ///
- /// Gets a value indicating being used.
- ///
- protected INetworkManager NetworkManager => _networkManager;
-
- ///
- /// Gets a value indicating the being used.
- ///
- protected IHttpContextAccessor HttpContextAccessor => _httpContextAccessor;
-
///
/// Validate authenticated claims.
///
diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs
index b176bfa32c..a72eeea284 100644
--- a/Jellyfin.Api/Constants/Policies.cs
+++ b/Jellyfin.Api/Constants/Policies.cs
@@ -46,9 +46,9 @@ namespace Jellyfin.Api.Constants
public const string LocalAccessOrRequiresElevation = "LocalAccessOrRequiresElevation";
///
- /// Policy name for requiring local LAN access.
+ /// Policy name for requiring (anonymous) LAN access.
///
- public const string LocalNetworkAccessPolicy = "LocalNetworkAccessPolicy";
+ public const string AnonymousLanAccessPolicy = "AnonymousLanAccessPolicy";
///
/// Policy name for escaping schedule controls or requiring first time setup.
diff --git a/Jellyfin.Api/Controllers/DlnaServerController.cs b/Jellyfin.Api/Controllers/DlnaServerController.cs
index 694d16ad97..4e8c01577e 100644
--- a/Jellyfin.Api/Controllers/DlnaServerController.cs
+++ b/Jellyfin.Api/Controllers/DlnaServerController.cs
@@ -7,7 +7,9 @@ using System.Threading.Tasks;
using Emby.Dlna;
using Emby.Dlna.Main;
using Jellyfin.Api.Attributes;
+using Jellyfin.Api.Constants;
using MediaBrowser.Controller.Dlna;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
@@ -17,6 +19,7 @@ namespace Jellyfin.Api.Controllers
/// Dlna Server Controller.
///
[Route("Dlna")]
+ [Authorize(Policy = Policies.AnonymousLanAccessPolicy)]
public class DlnaServerController : BaseJellyfinApiController
{
private readonly IDlnaManager _dlnaManager;
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index 909f6b248a..b5444634b4 100644
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -7,6 +7,7 @@ using System.Net.Sockets;
using System.Reflection;
using Emby.Server.Implementations;
using Jellyfin.Api.Auth;
+using Jellyfin.Api.Auth.AnonymousLanAccessPolicy;
using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
using Jellyfin.Api.Auth.DownloadPolicy;
using Jellyfin.Api.Auth.FirstTimeOrIgnoreParentalControlSetupPolicy;
@@ -15,7 +16,6 @@ using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
using Jellyfin.Api.Auth.IgnoreParentalControlPolicy;
using Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy;
using Jellyfin.Api.Auth.LocalAccessPolicy;
-using Jellyfin.Api.Auth.LocalNetworkAccessPolicy;
using Jellyfin.Api.Auth.RequiresElevationPolicy;
using Jellyfin.Api.Auth.SyncPlayAccessPolicy;
using Jellyfin.Api.Constants;
@@ -62,7 +62,7 @@ namespace Jellyfin.Server.Extensions
serviceCollection.AddSingleton();
serviceCollection.AddSingleton();
serviceCollection.AddSingleton();
- serviceCollection.AddSingleton();
+ serviceCollection.AddSingleton();
serviceCollection.AddSingleton();
serviceCollection.AddSingleton();
serviceCollection.AddSingleton();
@@ -160,11 +160,11 @@ namespace Jellyfin.Server.Extensions
policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccessRequirementType.IsInGroup));
});
options.AddPolicy(
- Policies.LocalNetworkAccessPolicy,
+ Policies.AnonymousLanAccessPolicy,
policy =>
{
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
- policy.AddRequirements(new LocalNetworkAccessRequirement());
+ policy.AddRequirements(new AnonymousLanAccessRequirement());
});
});
}