From 5fb7557763566ef4345aa563c4c1b6d81ce3ff57 Mon Sep 17 00:00:00 2001 From: BaronGreenback Date: Sat, 10 Apr 2021 12:03:52 +0100 Subject: [PATCH 1/7] Network Access Policy --- Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | 12 ++++- .../NetworkAccessHandler.cs | 48 +++++++++++++++++++ .../NetworkAccessRequirement.cs | 11 +++++ Jellyfin.Api/Constants/Policies.cs | 5 ++ .../ApiServiceCollectionExtensions.cs | 11 ++++- 5 files changed, 85 insertions(+), 2 deletions(-) create mode 100644 Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs create mode 100644 Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs index 7d68aecf99..456f45d97b 100644 --- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs +++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs @@ -1,4 +1,4 @@ -using System.Security.Claims; +using System.Security.Claims; using Jellyfin.Api.Helpers; using Jellyfin.Data.Enums; using MediaBrowser.Common.Extensions; @@ -36,6 +36,16 @@ namespace Jellyfin.Api.Auth _httpContextAccessor = httpContextAccessor; } + /// + /// Gets a value indicating being used. + /// + protected INetworkManager NetworkManager => _networkManager; + + /// + /// Gets a value indicating the being used. + /// + protected IHttpContextAccessor HttpContextAccessor => _httpContextAccessor; + /// /// Validate authenticated claims. /// diff --git a/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs b/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs new file mode 100644 index 0000000000..e6b33f5650 --- /dev/null +++ b/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs @@ -0,0 +1,48 @@ +using System.Threading.Tasks; +using Jellyfin.Api.Auth; +using MediaBrowser.Common.Extensions; +using MediaBrowser.Common.Net; +using MediaBrowser.Controller.Library; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; + +namespace Jellyfin.Api.Auth.NetworkAccessPolicy +{ + /// + /// Local access handler. + /// + public class NetworkAccessHandler : BaseAuthorizationHandler + { + /// + /// Initializes a new instance of the class. + /// + /// Instance of the interface. + /// Instance of the interface. + /// Instance of the interface. + public NetworkAccessHandler( + IUserManager userManager, + INetworkManager networkManager, + IHttpContextAccessor httpContextAccessor) + : base(userManager, networkManager, httpContextAccessor) + { + } + + /// + protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, NetworkAccessRequirement requirement) + { + var ip = HttpContextAccessor.HttpContext?.Connection.RemoteIpAddress; + + // Loopback will be on LAN, so we can accept null. + if (ip == null || NetworkManager.IsInLocalNetwork(ip)) + { + context.Succeed(requirement); + } + else + { + context.Fail(); + } + + return Task.CompletedTask; + } + } +} diff --git a/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs b/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs new file mode 100644 index 0000000000..b5431501b2 --- /dev/null +++ b/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs @@ -0,0 +1,11 @@ +using Microsoft.AspNetCore.Authorization; + +namespace Jellyfin.Api.Auth.NetworkAccessPolicy +{ + /// + /// The local network authorization requirement. + /// + public class NetworkAccessRequirement : IAuthorizationRequirement + { + } +} diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs index 632dedb3cd..d98debd0a1 100644 --- a/Jellyfin.Api/Constants/Policies.cs +++ b/Jellyfin.Api/Constants/Policies.cs @@ -45,6 +45,11 @@ namespace Jellyfin.Api.Constants /// public const string LocalAccessOrRequiresElevation = "LocalAccessOrRequiresElevation"; + /// + /// Policy name for requiring local LAN access. + /// + public const string NetworkAccessPolicy = "NetworkAccessPolicy"; + /// /// Policy name for escaping schedule controls or requiring first time setup. /// diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 2b34370a09..48afc2b8c1 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -15,6 +15,7 @@ using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy; using Jellyfin.Api.Auth.IgnoreParentalControlPolicy; using Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy; using Jellyfin.Api.Auth.LocalAccessPolicy; +using Jellyfin.Api.Auth.NetworkAccessPolicy; using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Auth.SyncPlayAccessPolicy; using Jellyfin.Api.Constants; @@ -61,6 +62,7 @@ namespace Jellyfin.Server.Extensions serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); + serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); @@ -113,7 +115,7 @@ namespace Jellyfin.Server.Extensions policy => { policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); - policy.AddRequirements(new LocalAccessRequirement()); + policy.AddRequirements(new NetworkAccessRequirement()); }); options.AddPolicy( Policies.LocalAccessOrRequiresElevation, @@ -157,6 +159,13 @@ namespace Jellyfin.Server.Extensions policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccessRequirementType.IsInGroup)); }); + options.AddPolicy( + Policies.NetworkAccessPolicy, + policy => + { + policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); + policy.AddRequirements(new NetworkAccessRequirement()); + }); }); } From cf3aff93f219ab274e0cdfc4a7edb435f85aacd4 Mon Sep 17 00:00:00 2001 From: BaronGreenback Date: Sat, 10 Apr 2021 12:09:24 +0100 Subject: [PATCH 2/7] revert change error --- Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 48afc2b8c1..8570a4a96c 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -115,7 +115,7 @@ namespace Jellyfin.Server.Extensions policy => { policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); - policy.AddRequirements(new NetworkAccessRequirement()); + policy.AddRequirements(new LocalAccessRequirement()); }); options.AddPolicy( Policies.LocalAccessOrRequiresElevation, From 0db5df86dffd78f95263af4413fab4e321c7d2a0 Mon Sep 17 00:00:00 2001 From: BaronGreenback Date: Sat, 10 Apr 2021 18:49:18 +0100 Subject: [PATCH 3/7] Update Jellyfin.Api/Constants/Policies.cs Co-authored-by: Cody Robibero --- Jellyfin.Api/Constants/Policies.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs index d98debd0a1..b176bfa32c 100644 --- a/Jellyfin.Api/Constants/Policies.cs +++ b/Jellyfin.Api/Constants/Policies.cs @@ -48,7 +48,7 @@ namespace Jellyfin.Api.Constants /// /// Policy name for requiring local LAN access. /// - public const string NetworkAccessPolicy = "NetworkAccessPolicy"; + public const string LocalNetworkAccessPolicy = "LocalNetworkAccessPolicy"; /// /// Policy name for escaping schedule controls or requiring first time setup. From af027b62835a64b439b2f66bf50205aea9b47da0 Mon Sep 17 00:00:00 2001 From: BaronGreenback Date: Sat, 10 Apr 2021 19:23:27 +0100 Subject: [PATCH 4/7] Fixed after accepting suggestion. --- Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 8570a4a96c..075a3ac15e 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -160,7 +160,7 @@ namespace Jellyfin.Server.Extensions policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccessRequirementType.IsInGroup)); }); options.AddPolicy( - Policies.NetworkAccessPolicy, + Policies.LocalNetworkAccessPolicy, policy => { policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); From fb7587dd84784afb7c64aadf1fc2d0bab5251814 Mon Sep 17 00:00:00 2001 From: BaronGreenback Date: Sun, 11 Apr 2021 17:17:05 +0100 Subject: [PATCH 5/7] Renamed --- .../LocalNetworkAccessHandler.cs} | 12 +++++------- .../LocalNetworkAccessRequirement.cs} | 4 ++-- .../Extensions/ApiServiceCollectionExtensions.cs | 6 +++--- 3 files changed, 10 insertions(+), 12 deletions(-) rename Jellyfin.Api/Auth/{NetworkAccessPolicy/NetworkAccessHandler.cs => LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs} (77%) rename Jellyfin.Api/Auth/{NetworkAccessPolicy/NetworkAccessRequirement.cs => LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs} (53%) diff --git a/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs b/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs similarity index 77% rename from Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs rename to Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs index e6b33f5650..d691c5594c 100644 --- a/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessHandler.cs +++ b/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs @@ -1,25 +1,23 @@ using System.Threading.Tasks; -using Jellyfin.Api.Auth; -using MediaBrowser.Common.Extensions; using MediaBrowser.Common.Net; using MediaBrowser.Controller.Library; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; -namespace Jellyfin.Api.Auth.NetworkAccessPolicy +namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy { /// /// Local access handler. /// - public class NetworkAccessHandler : BaseAuthorizationHandler + public class LocalNetworkAccessHandler : BaseAuthorizationHandler { /// - /// Initializes a new instance of the class. + /// Initializes a new instance of the class. /// /// Instance of the interface. /// Instance of the interface. /// Instance of the interface. - public NetworkAccessHandler( + public LocalNetworkAccessHandler( IUserManager userManager, INetworkManager networkManager, IHttpContextAccessor httpContextAccessor) @@ -28,7 +26,7 @@ namespace Jellyfin.Api.Auth.NetworkAccessPolicy } /// - protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, NetworkAccessRequirement requirement) + protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, LocalNetworkAccessRequirement requirement) { var ip = HttpContextAccessor.HttpContext?.Connection.RemoteIpAddress; diff --git a/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs b/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs similarity index 53% rename from Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs rename to Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs index b5431501b2..29ca9c355c 100644 --- a/Jellyfin.Api/Auth/NetworkAccessPolicy/NetworkAccessRequirement.cs +++ b/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs @@ -1,11 +1,11 @@ using Microsoft.AspNetCore.Authorization; -namespace Jellyfin.Api.Auth.NetworkAccessPolicy +namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy { /// /// The local network authorization requirement. /// - public class NetworkAccessRequirement : IAuthorizationRequirement + public class LocalNetworkAccessRequirement : IAuthorizationRequirement { } } diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 075a3ac15e..3a34c501df 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -15,7 +15,7 @@ using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy; using Jellyfin.Api.Auth.IgnoreParentalControlPolicy; using Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy; using Jellyfin.Api.Auth.LocalAccessPolicy; -using Jellyfin.Api.Auth.NetworkAccessPolicy; +using Jellyfin.Api.Auth.LocalNetworkAccessPolicy; using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Auth.SyncPlayAccessPolicy; using Jellyfin.Api.Constants; @@ -62,7 +62,7 @@ namespace Jellyfin.Server.Extensions serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); - serviceCollection.AddSingleton(); + serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); @@ -164,7 +164,7 @@ namespace Jellyfin.Server.Extensions policy => { policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); - policy.AddRequirements(new NetworkAccessRequirement()); + policy.AddRequirements(new LocalNetworkAccessRequirement()); }); }); } From 6637a3096a1256caf50377faa66a35d9c1af9115 Mon Sep 17 00:00:00 2001 From: cvium Date: Fri, 10 Sep 2021 11:44:50 +0200 Subject: [PATCH 6/7] Remove the dependency on BaseAuthorizationHandler --- .../AnonymousLanAccessHandler.cs} | 23 ++++++++++--------- .../AnonymousLanAccessRequirement.cs} | 4 ++-- Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | 10 -------- Jellyfin.Api/Constants/Policies.cs | 4 ++-- .../Controllers/DlnaServerController.cs | 3 +++ .../ApiServiceCollectionExtensions.cs | 8 +++---- 6 files changed, 23 insertions(+), 29 deletions(-) rename Jellyfin.Api/Auth/{LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs => AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs} (56%) rename Jellyfin.Api/Auth/{LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs => AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs} (57%) diff --git a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs similarity index 56% rename from Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs rename to Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs index d691c5594c..b2b0e08a85 100644 --- a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessHandler.cs +++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs @@ -1,37 +1,38 @@ using System.Threading.Tasks; using MediaBrowser.Common.Net; -using MediaBrowser.Controller.Library; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; -namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy +namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy { /// /// Local access handler. /// - public class LocalNetworkAccessHandler : BaseAuthorizationHandler + public class AnonymousLanAccessHandler : AuthorizationHandler { + private readonly INetworkManager _networkManager; + private readonly IHttpContextAccessor _httpContextAccessor; + /// - /// Initializes a new instance of the class. + /// Initializes a new instance of the class. /// - /// Instance of the interface. /// Instance of the interface. /// Instance of the interface. - public LocalNetworkAccessHandler( - IUserManager userManager, + public AnonymousLanAccessHandler( INetworkManager networkManager, IHttpContextAccessor httpContextAccessor) - : base(userManager, networkManager, httpContextAccessor) { + _networkManager = networkManager; + _httpContextAccessor = httpContextAccessor; } /// - protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, LocalNetworkAccessRequirement requirement) + protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AnonymousLanAccessRequirement requirement) { - var ip = HttpContextAccessor.HttpContext?.Connection.RemoteIpAddress; + var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress; // Loopback will be on LAN, so we can accept null. - if (ip == null || NetworkManager.IsInLocalNetwork(ip)) + if (ip == null || _networkManager.IsInLocalNetwork(ip)) { context.Succeed(requirement); } diff --git a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs similarity index 57% rename from Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs rename to Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs index 29ca9c355c..269ecf2a4f 100644 --- a/Jellyfin.Api/Auth/LocalNetworkAccessPolicy/LocalNetworkAccessRequirement.cs +++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs @@ -1,11 +1,11 @@ using Microsoft.AspNetCore.Authorization; -namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy +namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy { /// /// The local network authorization requirement. /// - public class LocalNetworkAccessRequirement : IAuthorizationRequirement + public class AnonymousLanAccessRequirement : IAuthorizationRequirement { } } diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs index 62d590b184..13d3257dff 100644 --- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs +++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs @@ -36,16 +36,6 @@ namespace Jellyfin.Api.Auth _httpContextAccessor = httpContextAccessor; } - /// - /// Gets a value indicating being used. - /// - protected INetworkManager NetworkManager => _networkManager; - - /// - /// Gets a value indicating the being used. - /// - protected IHttpContextAccessor HttpContextAccessor => _httpContextAccessor; - /// /// Validate authenticated claims. /// diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs index b176bfa32c..a72eeea284 100644 --- a/Jellyfin.Api/Constants/Policies.cs +++ b/Jellyfin.Api/Constants/Policies.cs @@ -46,9 +46,9 @@ namespace Jellyfin.Api.Constants public const string LocalAccessOrRequiresElevation = "LocalAccessOrRequiresElevation"; /// - /// Policy name for requiring local LAN access. + /// Policy name for requiring (anonymous) LAN access. /// - public const string LocalNetworkAccessPolicy = "LocalNetworkAccessPolicy"; + public const string AnonymousLanAccessPolicy = "AnonymousLanAccessPolicy"; /// /// Policy name for escaping schedule controls or requiring first time setup. diff --git a/Jellyfin.Api/Controllers/DlnaServerController.cs b/Jellyfin.Api/Controllers/DlnaServerController.cs index 694d16ad97..4e8c01577e 100644 --- a/Jellyfin.Api/Controllers/DlnaServerController.cs +++ b/Jellyfin.Api/Controllers/DlnaServerController.cs @@ -7,7 +7,9 @@ using System.Threading.Tasks; using Emby.Dlna; using Emby.Dlna.Main; using Jellyfin.Api.Attributes; +using Jellyfin.Api.Constants; using MediaBrowser.Controller.Dlna; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; @@ -17,6 +19,7 @@ namespace Jellyfin.Api.Controllers /// Dlna Server Controller. /// [Route("Dlna")] + [Authorize(Policy = Policies.AnonymousLanAccessPolicy)] public class DlnaServerController : BaseJellyfinApiController { private readonly IDlnaManager _dlnaManager; diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 909f6b248a..b5444634b4 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -7,6 +7,7 @@ using System.Net.Sockets; using System.Reflection; using Emby.Server.Implementations; using Jellyfin.Api.Auth; +using Jellyfin.Api.Auth.AnonymousLanAccessPolicy; using Jellyfin.Api.Auth.DefaultAuthorizationPolicy; using Jellyfin.Api.Auth.DownloadPolicy; using Jellyfin.Api.Auth.FirstTimeOrIgnoreParentalControlSetupPolicy; @@ -15,7 +16,6 @@ using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy; using Jellyfin.Api.Auth.IgnoreParentalControlPolicy; using Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy; using Jellyfin.Api.Auth.LocalAccessPolicy; -using Jellyfin.Api.Auth.LocalNetworkAccessPolicy; using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Auth.SyncPlayAccessPolicy; using Jellyfin.Api.Constants; @@ -62,7 +62,7 @@ namespace Jellyfin.Server.Extensions serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); - serviceCollection.AddSingleton(); + serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); serviceCollection.AddSingleton(); @@ -160,11 +160,11 @@ namespace Jellyfin.Server.Extensions policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccessRequirementType.IsInGroup)); }); options.AddPolicy( - Policies.LocalNetworkAccessPolicy, + Policies.AnonymousLanAccessPolicy, policy => { policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication); - policy.AddRequirements(new LocalNetworkAccessRequirement()); + policy.AddRequirements(new AnonymousLanAccessRequirement()); }); }); } From a60a1ab89b68d47d00fe4dc948b4ef1c036d42ec Mon Sep 17 00:00:00 2001 From: cvium Date: Fri, 10 Sep 2021 11:46:08 +0200 Subject: [PATCH 7/7] Fix xmldoc --- .../Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs | 2 +- .../AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs index b2b0e08a85..88af08dd33 100644 --- a/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs +++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs @@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Http; namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy { /// - /// Local access handler. + /// LAN access handler. Allows anonymous users. /// public class AnonymousLanAccessHandler : AuthorizationHandler { diff --git a/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs index 269ecf2a4f..49af24ff3b 100644 --- a/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs +++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs @@ -3,7 +3,7 @@ using Microsoft.AspNetCore.Authorization; namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy { /// - /// The local network authorization requirement. + /// The local network authorization requirement. Allows anonymous users. /// public class AnonymousLanAccessRequirement : IAuthorizationRequirement {