Home Explore Help
Sign In
mirrors
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

update request classes

Luke Pulverenti 8 years ago
parent
2084678266
commit
504f56d841
12 changed files with 47 additions and 97 deletions
Split View Show Diff Stats
  1. 21 10
      Emby.Server.Implementations/HttpServer/Security/AuthService.cs
  2. 4 5
      Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
  3. 5 7
      Emby.Server.Implementations/HttpServer/Security/SessionContext.cs
  4. 3 4
      MediaBrowser.Api/System/SystemService.cs
  5. 0 2
      MediaBrowser.Controller/MediaBrowser.Controller.csproj
  6. 4 3
      MediaBrowser.Controller/Net/AuthenticatedAttribute.cs
  7. 3 3
      MediaBrowser.Controller/Net/IAuthService.cs
  8. 3 2
      MediaBrowser.Controller/Net/IAuthorizationContext.cs
  9. 0 14
      MediaBrowser.Controller/Net/IServiceRequest.cs
  10. 3 2
      MediaBrowser.Controller/Net/ISessionContext.cs
  11. 1 3
      MediaBrowser.Controller/Net/LoggedAttribute.cs
  12. 0 42
      MediaBrowser.Controller/Net/ServiceRequest.cs

+ 21 - 10
Emby.Server.Implementations/HttpServer/Security/AuthService.cs
View File 

@@ -8,6 +8,7 @@ using MediaBrowser.Controller.Security;
 
 using MediaBrowser.Controller.Session;
 
 using System;
 
 using System.Linq;
 
+using MediaBrowser.Model.Services;
 
 
 namespace Emby.Server.Implementations.HttpServer.Security
 
 {
 
@@ -37,19 +38,19 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
         /// </summary>
 
         public string HtmlRedirect { get; set; }
 
 
-        public void Authenticate(IServiceRequest request,
 
+        public void Authenticate(IRequest request,
 
             IAuthenticationAttributes authAttribtues)
 
         {
 
             ValidateUser(request, authAttribtues);
 
         }
 
 
-        private void ValidateUser(IServiceRequest request,
 
+        private void ValidateUser(IRequest request,
 
             IAuthenticationAttributes authAttribtues)
 
         {
 
             // This code is executed before the service
 
             var auth = AuthorizationContext.GetAuthorizationInfo(request);
 
 
-            if (!IsExemptFromAuthenticationToken(auth, authAttribtues))
 
+            if (!IsExemptFromAuthenticationToken(auth, authAttribtues, request))
 
             {
 
                 var valid = IsValidConnectKey(auth.Token);
 
 
@@ -75,7 +76,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
 
             var info = GetTokenInfo(request);
 
 
-            if (!IsExemptFromRoles(auth, authAttribtues, info))
 
+            if (!IsExemptFromRoles(auth, authAttribtues, request, info))
 
             {
 
                 var roles = authAttribtues.GetRoles();
 
 
@@ -95,7 +96,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
             }
 
         }
 
 
-        private void ValidateUserAccess(User user, IServiceRequest request,
 
+        private void ValidateUserAccess(User user, IRequest request,
 
             IAuthenticationAttributes authAttribtues,
 
             AuthorizationInfo auth)
 
         {
 
@@ -111,7 +112,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
                 !authAttribtues.EscapeParentalControl &&
 
                 !user.IsParentalScheduleAllowed())
 
             {
 
-                request.AddResponseHeader("X-Application-Error-Code", "ParentalControl");
 
+                request.Response.AddHeader("X-Application-Error-Code", "ParentalControl");
 
 
                 throw new SecurityException("This user account is not allowed access at this time.")
 
                 {
 
@@ -131,23 +132,33 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
             }
 
         }
 
 
-        private bool IsExemptFromAuthenticationToken(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues)
 
+        private bool IsExemptFromAuthenticationToken(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues, IRequest request)
 
         {
 
             if (!_config.Configuration.IsStartupWizardCompleted && authAttribtues.AllowBeforeStartupWizard)
 
             {
 
                 return true;
 
             }
 
 
+            if (authAttribtues.AllowLocal && request.IsLocal)
 
+            {
 
+                return true;
 
+            }
 
+
 
             return false;
 
         }
 
 
-        private bool IsExemptFromRoles(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues, AuthenticationInfo tokenInfo)
 
+        private bool IsExemptFromRoles(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues, IRequest request, AuthenticationInfo tokenInfo)
 
         {
 
             if (!_config.Configuration.IsStartupWizardCompleted && authAttribtues.AllowBeforeStartupWizard)
 
             {
 
                 return true;
 
             }
 
 
+            if (authAttribtues.AllowLocal && request.IsLocal)
 
+            {
 
+                return true;
 
+            }
 
+
 
             if (string.IsNullOrWhiteSpace(auth.Token))
 
             {
 
                 return true;
 
@@ -195,7 +206,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
             }
 
         }
 
 
-        private AuthenticationInfo GetTokenInfo(IServiceRequest request)
 
+        private AuthenticationInfo GetTokenInfo(IRequest request)
 
         {
 
             object info;
 
             request.Items.TryGetValue("OriginalAuthenticationInfo", out info);
 
@@ -212,7 +223,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
             return ConnectManager.IsAuthorizationTokenValid(token);
 
         }
 
 
-        private void ValidateSecurityToken(IServiceRequest request, string token)
 
+        private void ValidateSecurityToken(IRequest request, string token)
 
         {
 
             if (string.IsNullOrWhiteSpace(token))
 
             {

+ 4 - 5
Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
View File 

@@ -21,11 +21,10 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
 
         public AuthorizationInfo GetAuthorizationInfo(object requestContext)
 
         {
 
-            var req = new ServiceRequest((IRequest)requestContext);
 
-            return GetAuthorizationInfo(req);
 
+            return GetAuthorizationInfo((IRequest)requestContext);
 
         }
 
 
-        public AuthorizationInfo GetAuthorizationInfo(IServiceRequest requestContext)
 
+        public AuthorizationInfo GetAuthorizationInfo(IRequest requestContext)
 
         {
 
             object cached;
 
             if (requestContext.Items.TryGetValue("AuthorizationInfo", out cached))
 
@@ -41,7 +40,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
         /// </summary>
 
         /// <param name="httpReq">The HTTP req.</param>
 
         /// <returns>Dictionary{System.StringSystem.String}.</returns>
 
-        private AuthorizationInfo GetAuthorization(IServiceRequest httpReq)
 
+        private AuthorizationInfo GetAuthorization(IRequest httpReq)
 
         {
 
             var auth = GetAuthorizationDictionary(httpReq);
 
 
@@ -135,7 +134,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
         /// </summary>
 
         /// <param name="httpReq">The HTTP req.</param>
 
         /// <returns>Dictionary{System.StringSystem.String}.</returns>
 
-        private Dictionary<string, string> GetAuthorizationDictionary(IServiceRequest httpReq)
 
+        private Dictionary<string, string> GetAuthorizationDictionary(IRequest httpReq)
 
         {
 
             var auth = httpReq.Headers["X-Emby-Authorization"];

+ 5 - 7
Emby.Server.Implementations/HttpServer/Security/SessionContext.cs
View File 

@@ -21,7 +21,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
             _sessionManager = sessionManager;
 
         }
 
 
-        public Task<SessionInfo> GetSession(IServiceRequest requestContext)
 
+        public Task<SessionInfo> GetSession(IRequest requestContext)
 
         {
 
             var authorization = _authContext.GetAuthorizationInfo(requestContext);
 
 
@@ -38,7 +38,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
             return _sessionManager.LogSessionActivity(authorization.Client, authorization.Version, authorization.DeviceId, authorization.Device, requestContext.RemoteIp, user);
 
         }
 
 
-        private AuthenticationInfo GetTokenInfo(IServiceRequest request)
 
+        private AuthenticationInfo GetTokenInfo(IRequest request)
 
         {
 
             object info;
 
             request.Items.TryGetValue("OriginalAuthenticationInfo", out info);
 
@@ -47,11 +47,10 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
 
         public Task<SessionInfo> GetSession(object requestContext)
 
         {
 
-            var req = new ServiceRequest((IRequest)requestContext);
 
-            return GetSession(req);
 
+            return GetSession((IRequest)requestContext);
 
         }
 
 
-        public async Task<User> GetUser(IServiceRequest requestContext)
 
+        public async Task<User> GetUser(IRequest requestContext)
 
         {
 
             var session = await GetSession(requestContext).ConfigureAwait(false);
 
 
@@ -60,8 +59,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
 
 
         public Task<User> GetUser(object requestContext)
 
         {
 
-            var req = new ServiceRequest((IRequest)requestContext);
 
-            return GetUser(req);
 
+            return GetUser((IRequest)requestContext);
 
         }
 
     }
 
 }

+ 3 - 4
MediaBrowser.Api/System/SystemService.cs
View File 

@@ -43,7 +43,7 @@ namespace MediaBrowser.Api.System
 
     /// Class RestartApplication
 
     /// </summary>
 
     [Route("/System/Restart", "POST", Summary = "Restarts the application, if needed")]
 
-    [Authenticated(Roles = "Admin")]
 
+    [Authenticated(Roles = "Admin", AllowLocal = true)]
 
     public class RestartApplication
 
     {
 
     }
 
@@ -52,10 +52,9 @@ namespace MediaBrowser.Api.System
 
     /// This is currently not authenticated because the uninstaller needs to be able to shutdown the server.
 
     /// </summary>
 
     [Route("/System/Shutdown", "POST", Summary = "Shuts down the application")]
 
+    [Authenticated(Roles = "Admin", AllowLocal = true)]
 
     public class ShutdownApplication
 
     {
 
-        // TODO: This is not currently authenticated due to uninstaller
 
-        // Improve later
 
     }
 
 
     [Route("/System/Logs", "GET", Summary = "Gets a list of available server log files")]
 
@@ -126,7 +125,7 @@ namespace MediaBrowser.Api.System
 
             }
 
             catch (IOException)
 
             {
 
-                files = new FileSystemMetadata[]{};
 
+                files = new FileSystemMetadata[] { };
 
             }
 
 
             var result = files.Select(i => new LogFile

+ 0 - 2
MediaBrowser.Controller/MediaBrowser.Controller.csproj
View File 

@@ -183,14 +183,12 @@
 
     <Compile Include="Net\IHttpResultFactory.cs" />
 
     <Compile Include="Net\IHttpServer.cs" />
 
     <Compile Include="Net\IServerManager.cs" />
 
-    <Compile Include="Net\IServiceRequest.cs" />
 
     <Compile Include="Net\ISessionContext.cs" />
 
     <Compile Include="Net\IWebSocket.cs" />
 
     <Compile Include="Net\IWebSocketConnection.cs" />
 
     <Compile Include="Net\IWebSocketListener.cs" />
 
     <Compile Include="Net\LoggedAttribute.cs" />
 
     <Compile Include="Net\SecurityException.cs" />
 
-    <Compile Include="Net\ServiceRequest.cs" />
 
     <Compile Include="Net\StaticResultOptions.cs" />
 
     <Compile Include="Net\WebSocketConnectEventArgs.cs" />
 
     <Compile Include="Net\WebSocketMessageInfo.cs" />

+ 4 - 3
MediaBrowser.Controller/Net/AuthenticatedAttribute.cs
View File 

@@ -25,6 +25,8 @@ namespace MediaBrowser.Controller.Net
 
         /// <value><c>true</c> if [allow before startup wizard]; otherwise, <c>false</c>.</value>
 
         public bool AllowBeforeStartupWizard { get; set; }
 
 
+        public bool AllowLocal { get; set; }
 
+
 
         /// <summary>
 
         /// The request filter is executed before the service.
 
         /// </summary>
 
@@ -33,9 +35,7 @@ namespace MediaBrowser.Controller.Net
 
         /// <param name="requestDto">The request DTO</param>
 
         public void RequestFilter(IRequest request, IResponse response, object requestDto)
 
         {
 
-            var serviceRequest = new ServiceRequest(request);
 
-
 
-            AuthService.Authenticate(serviceRequest, this);
 
+            AuthService.Authenticate(request, this);
 
         }
 
 
         /// <summary>
 
@@ -59,6 +59,7 @@ namespace MediaBrowser.Controller.Net
 
     {
 
         bool EscapeParentalControl { get; }
 
         bool AllowBeforeStartupWizard { get; }
 
+        bool AllowLocal { get; }
 
 
         string[] GetRoles();
 
     }

+ 3 - 3
MediaBrowser.Controller/Net/IAuthService.cs
View File 

@@ -1,9 +1,9 @@
 
-
 
+using MediaBrowser.Model.Services;
 
+
 
 namespace MediaBrowser.Controller.Net
 
 {
 
     public interface IAuthService
 
     {
 
-        void Authenticate(IServiceRequest request,
 
-            IAuthenticationAttributes authAttribtues);
 
+        void Authenticate(IRequest request, IAuthenticationAttributes authAttribtues);
 
     }
 
 }

+ 3 - 2
MediaBrowser.Controller/Net/IAuthorizationContext.cs
View File 

@@ -1,4 +1,5 @@
 
-
 
+using MediaBrowser.Model.Services;
 
+
 
 namespace MediaBrowser.Controller.Net
 
 {
 
     public interface IAuthorizationContext
 
@@ -15,6 +16,6 @@ namespace MediaBrowser.Controller.Net
 
         /// </summary>
 
         /// <param name="requestContext">The request context.</param>
 
         /// <returns>AuthorizationInfo.</returns>
 
-        AuthorizationInfo GetAuthorizationInfo(IServiceRequest requestContext);
 
+        AuthorizationInfo GetAuthorizationInfo(IRequest requestContext);
 
     }
 
 }

+ 0 - 14
MediaBrowser.Controller/Net/IServiceRequest.cs
View File 

@@ -1,14 +0,0 @@
 
-using System.Collections.Generic;
 
-using MediaBrowser.Model.Services;
 
-
 
-namespace MediaBrowser.Controller.Net
 
-{
 
-    public interface IServiceRequest
 
-    {
 
-        string RemoteIp { get; }
 
-        QueryParamCollection Headers { get; }
 
-        QueryParamCollection QueryString { get; }
 
-        IDictionary<string,object> Items { get; }
 
-        void AddResponseHeader(string name, string value);
 
-    }
 
-}

+ 3 - 2
MediaBrowser.Controller/Net/ISessionContext.cs
View File 

@@ -1,6 +1,7 @@
 
 using MediaBrowser.Controller.Entities;
 
 using MediaBrowser.Controller.Session;
 
 using System.Threading.Tasks;
 
+using MediaBrowser.Model.Services;
 
 
 namespace MediaBrowser.Controller.Net
 
 {
 
@@ -9,7 +10,7 @@ namespace MediaBrowser.Controller.Net
 
         Task<SessionInfo> GetSession(object requestContext);
 
         Task<User> GetUser(object requestContext);
 
 
-        Task<SessionInfo> GetSession(IServiceRequest requestContext);
 
-        Task<User> GetUser(IServiceRequest requestContext);
 
+        Task<SessionInfo> GetSession(IRequest requestContext);
 
+        Task<User> GetUser(IRequest requestContext);
 
     }
 
 }

+ 1 - 3
MediaBrowser.Controller/Net/LoggedAttribute.cs
View File 

@@ -30,10 +30,8 @@ namespace MediaBrowser.Controller.Net
 
         /// <param name="requestDto">The request DTO</param>
 
         public void Filter(IRequest request, IResponse response, object requestDto)
 
         {
 
-            var serviceRequest = new ServiceRequest(request);
 
-            
             //This code is executed before the service
 
-            var auth = AuthorizationContext.GetAuthorizationInfo(serviceRequest);
 
+            var auth = AuthorizationContext.GetAuthorizationInfo(request);
 
 
             if (auth != null)
 
             {

+ 0 - 42
MediaBrowser.Controller/Net/ServiceRequest.cs
View File 

@@ -1,42 +0,0 @@
 
-using System;
 
-using System.Collections.Generic;
 
-using System.Collections.Specialized;
 
-using MediaBrowser.Model.Services;
 
-
 
-namespace MediaBrowser.Controller.Net
 
-{
 
-    public class ServiceRequest : IServiceRequest
 
-    {
 
-        private readonly IRequest _request;
 
-
 
-        public ServiceRequest(IRequest request)
 
-        {
 
-            _request = request;
 
-        }
 
-
 
-        public string RemoteIp
 
-        {
 
-            get { return _request.RemoteIp; }
 
-        }
 
-
 
-        public QueryParamCollection Headers
 
-        {
 
-            get { return _request.Headers; }
 
-        }
 
-
 
-        public QueryParamCollection QueryString
 
-        {
 
-            get { return _request.QueryString; }
 
-        }
 
-
 
-        public IDictionary<string, object> Items
 
-        {
 
-            get { return _request.Items; }
 
-        }
 
-
 
-        public void AddResponseHeader(string name, string value)
 
-        {
 
-            _request.Response.AddHeader(name, value);
 
-        }
 
-    }
 
-}