open-source-mirrors
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4629 from crobibero/auth-handler

Browse Source 
Provide NoResult instead of Fail in CustomAuthenticationHandler
pull/4638/head
Claus Vium 4 years ago committed by GitHub
parent 81823f9a3d cd459c51f3
commit 79578521b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File

9
Emby.Server.Implementations/HttpServer/Security/AuthService.cs
Unescape View File

@ -1,5 +1,6 @@
#pragma warning disable CS1591
using System;
using Jellyfin.Data.Enums;
using MediaBrowser.Controller.Authentication;
using MediaBrowser.Controller.Net;
@ -20,9 +21,15 @@ namespace Emby.Server.Implementations.HttpServer.Security
public AuthorizationInfo Authenticate(HttpRequest request)
{
var auth = _authorizationContext.GetAuthorizationInfo(request);
if (!auth.HasToken)
{
throw new AuthenticationException("Request does not contain a token.");
}
if (!auth.IsAuthenticated)
{
throw new AuthenticationException("Invalid token.");
throw new SecurityException("Invalid token.");
}
if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)

4
Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
Unescape View File

@ -102,7 +102,8 @@ namespace Emby.Server.Implementations.HttpServer.Security
DeviceId = deviceId,
Version = version,
Token = token,
IsAuthenticated = false
IsAuthenticated = false,
HasToken = false
};
if (string.IsNullOrWhiteSpace(token))
@ -111,6 +112,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
return authInfo;
}
authInfo.HasToken = true;
var result = _authRepo.Get(new AuthenticationInfoQuery
{
AccessToken = token

5
Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
Unescape View File

@ -18,6 +18,7 @@ namespace Jellyfin.Api.Auth
public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
{
private readonly IAuthService _authService;
private readonly ILogger<CustomAuthenticationHandler> _logger;
/// <summary>
/// Initializes a new instance of the <see cref="CustomAuthenticationHandler" /> class.
@ -35,6 +36,7 @@ namespace Jellyfin.Api.Auth
ISystemClock clock) : base(options, logger, encoder, clock)
{
_authService = authService;
_logger = logger.CreateLogger<CustomAuthenticationHandler>();
}
/// <inheritdoc />
@ -70,7 +72,8 @@ namespace Jellyfin.Api.Auth
}
catch (AuthenticationException ex)
{
return Task.FromResult(AuthenticateResult.Fail(ex));
_logger.LogDebug(ex, "Error authenticating with {Handler}", nameof(CustomAuthenticationHandler));
return Task.FromResult(AuthenticateResult.NoResult());
}
catch (SecurityException ex)
{

5
MediaBrowser.Controller/Net/AuthorizationInfo.cs
Unescape View File

@ -58,5 +58,10 @@ namespace MediaBrowser.Controller.Net
/// Gets or sets a value indicating whether the token is authenticated.
/// </summary>
public bool IsAuthenticated { get; set; }
/// <summary>
/// Gets or sets a value indicating whether the request has a token.
/// </summary>
public bool HasToken { get; set; }
}
}

4
tests/Jellyfin.Api.Tests/Auth/CustomAuthenticationHandlerTests.cs
Unescape View File

@ -69,7 +69,7 @@ namespace Jellyfin.Api.Tests.Auth
}
[Fact]
public async Task HandleAuthenticateAsyncShouldFailOnAuthenticationException()
public async Task HandleAuthenticateAsyncShouldProvideNoResultOnAuthenticationException()
{
var errorMessage = _fixture.Create<string>();
@ -81,7 +81,7 @@ namespace Jellyfin.Api.Tests.Auth
var authenticateResult = await _sut.AuthenticateAsync();
Assert.False(authenticateResult.Succeeded);
Assert.Equal(errorMessage, authenticateResult.Failure?.Message);
Assert.True(authenticateResult.None);
}
[Fact]

Write Preview
Loading…
Cancel
Save