Merge pull request #1442 from jellyfin/release-10.3.z

Backmerge for Release 10.3.4 and 10.3.5

CONTRIBUTORS.md

@@ -24,6 +24,7 @@
  - [Lynxy](https://github.com/Lynxy)
  - [fasheng](https://github.com/fasheng)
  - [ploughpuff](https://github.com/ploughpuff) 
+ - [pjeanjean](https://github.com/pjeanjean)
 
 # Emby Contributors
 

Dockerfile

@@ -21,7 +21,7 @@ RUN apt-get update \
 COPY --from=ffmpeg / /
 COPY --from=builder /jellyfin /jellyfin
 
-ARG JELLYFIN_WEB_VERSION=10.3.3
+ARG JELLYFIN_WEB_VERSION=10.3.5
 RUN curl -L https://github.com/jellyfin/jellyfin-web/archive/v${JELLYFIN_WEB_VERSION}.tar.gz | tar zxf - \
  && rm -rf /jellyfin/jellyfin-web \
  && mv jellyfin-web-${JELLYFIN_WEB_VERSION} /jellyfin/jellyfin-web

Dockerfile.arm

@@ -3,11 +3,6 @@
 ARG DOTNET_VERSION=3.0
 
 
-FROM multiarch/qemu-user-static:x86_64-arm as qemu
-FROM alpine as qemu_extract
-COPY --from=qemu /usr/bin qemu-arm-static.tar.gz
-RUN tar -xzvf qemu-arm-static.tar.gz
-
 FROM mcr.microsoft.com/dotnet/core/sdk:${DOTNET_VERSION} as builder
 WORKDIR /repo
 COPY . .
@@ -21,8 +16,9 @@ RUN bash -c "source deployment/common.build.sh && \
     build_jellyfin Jellyfin.Server Release linux-arm /jellyfin"
 
 
+FROM multiarch/qemu-user-static:x86_64-arm as qemu
 FROM mcr.microsoft.com/dotnet/core/runtime:${DOTNET_VERSION}-stretch-slim-arm32v7
-COPY --from=qemu_extract qemu-arm-static /usr/bin
+COPY --from=qemu /usr/bin/qemu-arm-static /usr/bin
 RUN apt-get update \
  && apt-get install --no-install-recommends --no-install-suggests -y ffmpeg \
  && rm -rf /var/lib/apt/lists/* \
@@ -30,7 +26,7 @@ RUN apt-get update \
  && chmod 777 /cache /config /media
 COPY --from=builder /jellyfin /jellyfin
 
-ARG JELLYFIN_WEB_VERSION=10.3.3
+ARG JELLYFIN_WEB_VERSION=10.3.5
 RUN curl -L https://github.com/jellyfin/jellyfin-web/archive/v${JELLYFIN_WEB_VERSION}.tar.gz | tar zxf - \
  && rm -rf /jellyfin/jellyfin-web \
  && mv jellyfin-web-${JELLYFIN_WEB_VERSION} /jellyfin/jellyfin-web

Dockerfile.arm64

@@ -3,12 +3,6 @@
 ARG DOTNET_VERSION=3.0
 
 
-FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu
-FROM alpine as qemu_extract
-COPY --from=qemu /usr/bin qemu-aarch64-static.tar.gz
-RUN tar -xzvf qemu-aarch64-static.tar.gz
-
-
 FROM mcr.microsoft.com/dotnet/core/sdk:${DOTNET_VERSION} as builder
 WORKDIR /repo
 COPY . .
@@ -22,8 +16,9 @@ RUN bash -c "source deployment/common.build.sh && \
     build_jellyfin Jellyfin.Server Release linux-arm64 /jellyfin"
 
 
+FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu
 FROM mcr.microsoft.com/dotnet/core/runtime:${DOTNET_VERSION}-stretch-slim-arm64v8
-COPY --from=qemu_extract qemu-aarch64-static /usr/bin
+COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin
 RUN apt-get update \
  && apt-get install --no-install-recommends --no-install-suggests -y ffmpeg \
  && rm -rf /var/lib/apt/lists/* \
@@ -31,7 +26,7 @@ RUN apt-get update \
  && chmod 777 /cache /config /media
 COPY --from=builder /jellyfin /jellyfin
 
-ARG JELLYFIN_WEB_VERSION=10.3.3
+ARG JELLYFIN_WEB_VERSION=10.3.5
 RUN curl -L https://github.com/jellyfin/jellyfin-web/archive/v${JELLYFIN_WEB_VERSION}.tar.gz | tar zxf - \
  && rm -rf /jellyfin/jellyfin-web \
  && mv jellyfin-web-${JELLYFIN_WEB_VERSION} /jellyfin/jellyfin-web

Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs

@@ -165,6 +165,34 @@ namespace Emby.Server.Implementations.Library
             return user.Password;
         }
 
+        public void ChangeEasyPassword(User user, string newPassword, string newPasswordHash)
+        {
+            ConvertPasswordFormat(user);
+
+            if (newPassword != null)
+            {
+                newPasswordHash = string.Format("$SHA1${0}", GetHashedString(user, newPassword));
+            }
+
+            if (string.IsNullOrWhiteSpace(newPasswordHash))
+            {
+                throw new ArgumentNullException(nameof(newPasswordHash));
+            }
+
+            user.EasyPassword = newPasswordHash;
+        }
+
+        public string GetEasyPasswordHash(User user)
+        {
+            // This should be removed in the future. This was added to let user login after
+            // Jellyfin 10.3.3 failed to save a well formatted PIN.
+            ConvertPasswordFormat(user);
+
+            return string.IsNullOrEmpty(user.EasyPassword)
+                ? null
+                : (new PasswordHash(user.EasyPassword)).Hash;
+        }
+
         public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash)
         {
             passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword);

Emby.Server.Implementations/Library/InvalidAuthProvider.cs

@@ -0,0 +1,47 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading.Tasks;
+using MediaBrowser.Controller.Authentication;
+using MediaBrowser.Controller.Entities;
+using MediaBrowser.Controller.Net;
+
+namespace Emby.Server.Implementations.Library
+{
+    public class InvalidAuthProvider : IAuthenticationProvider
+    {
+        public string Name => "InvalidOrMissingAuthenticationProvider";
+
+        public bool IsEnabled => true;
+
+        public Task<ProviderAuthenticationResult> Authenticate(string username, string password)
+        {
+            throw new SecurityException("User Account cannot login with this provider. The Normal provider for this user cannot be found");
+        }
+
+        public Task<bool> HasPassword(User user)
+        {
+            return Task.FromResult(true);
+        }
+
+        public Task ChangePassword(User user, string newPassword)
+        {
+            return Task.CompletedTask;
+        }
+
+        public void ChangeEasyPassword(User user, string newPassword, string newPasswordHash)
+        {
+            // Nothing here   
+        }
+
+        public string GetPasswordHash(User user)
+        {
+            return string.Empty;
+        }
+
+        public string GetEasyPasswordHash(User user)
+        {
+            return string.Empty;
+        }
+    }
+}

Emby.Server.Implementations/Library/UserManager.cs

@@ -79,6 +79,8 @@ namespace Emby.Server.Implementations.Library
         private IAuthenticationProvider[] _authenticationProviders;
         private DefaultAuthenticationProvider _defaultAuthenticationProvider;
 
+        private InvalidAuthProvider _invalidAuthProvider;
+
         private IPasswordResetProvider[] _passwordResetProviders;
         private DefaultPasswordResetProvider _defaultPasswordResetProvider;
 
@@ -141,6 +143,8 @@ namespace Emby.Server.Implementations.Library
 
             _defaultAuthenticationProvider = _authenticationProviders.OfType<DefaultAuthenticationProvider>().First();
 
+            _invalidAuthProvider = _authenticationProviders.OfType<InvalidAuthProvider>().First();
+
             _passwordResetProviders = passwordResetProviders.ToArray();
 
             _defaultPasswordResetProvider = passwordResetProviders.OfType<DefaultPasswordResetProvider>().First();
@@ -307,8 +311,7 @@ namespace Emby.Server.Implementations.Library
                     user = Users
                         .FirstOrDefault(i => string.Equals(username, i.Name, StringComparison.OrdinalIgnoreCase));
 
-                    var hasNewUserPolicy = authenticationProvider as IHasNewUserPolicy;
-                    if (hasNewUserPolicy != null)
+                    if (authenticationProvider is IHasNewUserPolicy hasNewUserPolicy)
                     {
                         var policy = hasNewUserPolicy.GetNewUserPolicy();
                         UpdateUserPolicy(user, policy, true);
@@ -400,7 +403,9 @@ namespace Emby.Server.Implementations.Library
 
             if (providers.Length == 0)
             {
-                providers = new IAuthenticationProvider[] { _defaultAuthenticationProvider };
+                // Assign the user to the InvalidAuthProvider since no configured auth provider was valid/found
+                _logger.LogWarning("User {UserName} was found with invalid/missing Authentication Provider {AuthenticationProviderId}. Assigning user to InvalidAuthProvider until this is corrected", user.Name, user.Policy.AuthenticationProviderId);
+                providers = new IAuthenticationProvider[] { _invalidAuthProvider };
             }
 
             return providers;
@@ -471,7 +476,7 @@ namespace Emby.Server.Implementations.Library
             if (password == null)
             {
                 // legacy
-                success = string.Equals(_defaultAuthenticationProvider.GetPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
+                success = string.Equals(GetAuthenticationProvider(user).GetPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
             }
             else
             {
@@ -497,11 +502,11 @@ namespace Emby.Server.Implementations.Library
                     if (password == null)
                     {
                         // legacy
-                        success = string.Equals(GetLocalPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
+                        success = string.Equals(GetAuthenticationProvider(user).GetEasyPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
                     }
                     else
                     {
-                        success = string.Equals(GetLocalPasswordHash(user), _defaultAuthenticationProvider.GetHashedString(user, password), StringComparison.OrdinalIgnoreCase);
+                        success = string.Equals(GetAuthenticationProvider(user).GetEasyPasswordHash(user), _defaultAuthenticationProvider.GetHashedString(user, password), StringComparison.OrdinalIgnoreCase);
                     }
                 }
             }
@@ -546,13 +551,6 @@ namespace Emby.Server.Implementations.Library
             }
         }
 
-        private string GetLocalPasswordHash(User user)
-        {
-            return string.IsNullOrEmpty(user.EasyPassword)
-                ? null
-                : (new PasswordHash(user.EasyPassword)).Hash;
-        }
-
         /// <summary>
         /// Loads the users from the repository
         /// </summary>
@@ -596,7 +594,7 @@ namespace Emby.Server.Implementations.Library
             }
 
             bool hasConfiguredPassword = GetAuthenticationProvider(user).HasPassword(user).Result;
-            bool hasConfiguredEasyPassword = !string.IsNullOrEmpty(GetLocalPasswordHash(user));
+            bool hasConfiguredEasyPassword = !string.IsNullOrEmpty(GetAuthenticationProvider(user).GetEasyPasswordHash(user));
 
             bool hasPassword = user.Configuration.EnableLocalPassword && !string.IsNullOrEmpty(remoteEndPoint) && _networkManager.IsInLocalNetwork(remoteEndPoint) ?
                 hasConfiguredEasyPassword :
@@ -884,17 +882,7 @@ namespace Emby.Server.Implementations.Library
                 throw new ArgumentNullException(nameof(user));
             }
 
-            if (newPassword != null)
-            {
-                newPasswordHash = _defaultAuthenticationProvider.GetHashedString(user, newPassword);
-            }
-
-            if (string.IsNullOrWhiteSpace(newPasswordHash))
-            {
-                throw new ArgumentNullException(nameof(newPasswordHash));
-            }
-
-            user.EasyPassword = newPasswordHash;
+            GetAuthenticationProvider(user).ChangeEasyPassword(user, newPassword, newPasswordHash);
 
             UpdateUser(user);
 

MediaBrowser.Api/UserLibrary/ItemsService.cs

@@ -224,7 +224,7 @@ namespace MediaBrowser.Api.UserLibrary
                 request.IncludeItemTypes = "Playlist";
             }
 
-            if (!user.Policy.EnableAllFolders && !user.Policy.EnabledFolders.Any(i => new Guid(i) == item.Id))
+            if (!(item is UserRootFolder) && !user.Policy.EnableAllFolders && !user.Policy.EnabledFolders.Any(i => new Guid(i) == item.Id))
             {
                 Logger.LogWarning("{UserName} is not permitted to access Library {ItemName}.", user.Name, item.Name);
                 return new QueryResult<BaseItem>

MediaBrowser.Controller/Authentication/IAuthenticationProvider.cs

@@ -11,6 +11,9 @@ namespace MediaBrowser.Controller.Authentication
         Task<ProviderAuthenticationResult> Authenticate(string username, string password);
         Task<bool> HasPassword(User user);
         Task ChangePassword(User user, string newPassword);
+        void ChangeEasyPassword(User user, string newPassword, string newPasswordHash);
+        string GetPasswordHash(User user);
+        string GetEasyPasswordHash(User user);
     }
 
     public interface IRequiresResolvedUser

MediaBrowser.Providers/TV/TheTVDB/TvDbClientManager.cs

@@ -33,7 +33,7 @@ namespace MediaBrowser.Providers.TV.TheTVDB
             get
             {
                 // Refresh if necessary
-                if (_tokenCreatedAt > DateTime.Now.Subtract(TimeSpan.FromHours(20)))
+                if (_tokenCreatedAt < DateTime.Now.Subtract(TimeSpan.FromHours(20)))
                 {
                     try
                     {

MediaBrowser.WebDashboard/jellyfin-web

@@ -1 +1 @@
-Subproject commit b0f7a9b67cc72de98dc357425e9d5c3894c7f377
+Subproject commit 37636dae5c6c0b0711dfc7612f843b864dd59469

SharedVersion.cs

@@ -1,4 +1,4 @@
 using System.Reflection;
 
-[assembly: AssemblyVersion("10.3.3")]
-[assembly: AssemblyFileVersion("10.3.3")]
+[assembly: AssemblyVersion("10.3.5")]
+[assembly: AssemblyFileVersion("10.3.5")]

build.yaml

@@ -1,7 +1,7 @@
 ---
 # We just wrap `build` so this is really it
 name: "jellyfin"
-version: "10.3.3"
+version: "10.3.5"
 packages:
   - debian-package-x64
   - debian-package-armhf

deployment/debian-package-x64/pkg-src/changelog

@@ -1,3 +1,15 @@
+jellyfin (10.3.5-1) unstable; urgency=medium
+
+  * New upstream version 10.3.5; release changelog at https://github.com/jellyfin/jellyfin/releases/tag/v10.3.5
+
+ -- Jellyfin Packaging Team <packaging@jellyfin.org>  Sun, 09 Jun 2019 21:47:35 -0400
+
+jellyfin (10.3.4-1) unstable; urgency=medium
+
+  * New upstream version 10.3.4; release changelog at https://github.com/jellyfin/jellyfin/releases/tag/v10.3.4
+
+ -- Jellyfin Packaging Team <packaging@jellyfin.org>  Thu, 06 Jun 2019 22:45:31 -0400
+
 jellyfin (10.3.3-1) unstable; urgency=medium
 
   * New upstream version 10.3.3; release changelog at https://github.com/jellyfin/jellyfin/releases/tag/v10.3.3

deployment/fedora-package-x64/pkg-src/jellyfin.spec

@@ -7,7 +7,7 @@
 %endif
 
 Name:           jellyfin
-Version:        10.3.3
+Version:        10.3.5
 Release:        1%{?dist}
 Summary:        The Free Software Media Browser
 License:        GPLv2
@@ -140,6 +140,10 @@ fi
 %systemd_postun_with_restart jellyfin.service
 
 %changelog
+* Sun Jun 09 2019 Jellyfin Packaging Team <packaging@jellyfin.org>
+- New upstream version 10.3.5; release changelog at https://github.com/jellyfin/jellyfin/releases/tag/v10.3.5
+* Thu Jun 06 2019 Jellyfin Packaging Team <packaging@jellyfin.org>
+- New upstream version 10.3.4; release changelog at https://github.com/jellyfin/jellyfin/releases/tag/v10.3.4
 * Fri May 17 2019 Jellyfin Packaging Team <packaging@jellyfin.org>
 - New upstream version 10.3.3; release changelog at https://github.com/jellyfin/jellyfin/releases/tag/v10.3.3
 * Tue Apr 30 2019 Jellyfin Packaging Team <packaging@jellyfin.org>