Merge pull request #2888 from ConfusedPolarBear/quickconnect

Add quick connect (login without typing password)

CONTRIBUTORS.md

@@ -16,6 +16,7 @@
  - [bugfixin](https://github.com/bugfixin)
  - [chaosinnovator](https://github.com/chaosinnovator)
  - [ckcr4lyf](https://github.com/ckcr4lyf)
+ - [ConfusedPolarBear](https://github.com/ConfusedPolarBear)
  - [crankdoofus](https://github.com/crankdoofus)
  - [crobibero](https://github.com/crobibero)
  - [cromefire](https://github.com/cromefire)

Emby.Server.Implementations/ApplicationHost.cs

@@ -37,6 +37,7 @@ using Emby.Server.Implementations.LiveTv;
 using Emby.Server.Implementations.Localization;
 using Emby.Server.Implementations.Net;
 using Emby.Server.Implementations.Playlists;
+using Emby.Server.Implementations.QuickConnect;
 using Emby.Server.Implementations.ScheduledTasks;
 using Emby.Server.Implementations.Security;
 using Emby.Server.Implementations.Serialization;
@@ -71,6 +72,7 @@ using MediaBrowser.Controller.Persistence;
 using MediaBrowser.Controller.Playlists;
 using MediaBrowser.Controller.Plugins;
 using MediaBrowser.Controller.Providers;
+using MediaBrowser.Controller.QuickConnect;
 using MediaBrowser.Controller.Resolvers;
 using MediaBrowser.Controller.Security;
 using MediaBrowser.Controller.Session;
@@ -627,6 +629,7 @@ namespace Emby.Server.Implementations
             ServiceCollection.AddSingleton<ISessionContext, SessionContext>();
 
             ServiceCollection.AddSingleton<IAuthService, AuthService>();
+            ServiceCollection.AddSingleton<IQuickConnect, QuickConnectManager>();
 
             ServiceCollection.AddSingleton<ISubtitleEncoder, MediaBrowser.MediaEncoding.Subtitles.SubtitleEncoder>();
 

Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs

@@ -0,0 +1,285 @@
+using System;
+using System.Collections.Concurrent;
+using System.Globalization;
+using System.Linq;
+using System.Security.Cryptography;
+using MediaBrowser.Common;
+using MediaBrowser.Common.Extensions;
+using MediaBrowser.Controller;
+using MediaBrowser.Controller.Authentication;
+using MediaBrowser.Controller.Configuration;
+using MediaBrowser.Controller.Net;
+using MediaBrowser.Controller.QuickConnect;
+using MediaBrowser.Controller.Security;
+using MediaBrowser.Model.QuickConnect;
+using Microsoft.Extensions.Logging;
+
+namespace Emby.Server.Implementations.QuickConnect
+{
+    /// <summary>
+    /// Quick connect implementation.
+    /// </summary>
+    public class QuickConnectManager : IQuickConnect, IDisposable
+    {
+        private readonly RNGCryptoServiceProvider _rng = new RNGCryptoServiceProvider();
+        private readonly ConcurrentDictionary<string, QuickConnectResult> _currentRequests = new ConcurrentDictionary<string, QuickConnectResult>();
+
+        private readonly IServerConfigurationManager _config;
+        private readonly ILogger<QuickConnectManager> _logger;
+        private readonly IAuthenticationRepository _authenticationRepository;
+        private readonly IAuthorizationContext _authContext;
+        private readonly IServerApplicationHost _appHost;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="QuickConnectManager"/> class.
+        /// Should only be called at server startup when a singleton is created.
+        /// </summary>
+        /// <param name="config">Configuration.</param>
+        /// <param name="logger">Logger.</param>
+        /// <param name="appHost">Application host.</param>
+        /// <param name="authContext">Authentication context.</param>
+        /// <param name="authenticationRepository">Authentication repository.</param>
+        public QuickConnectManager(
+            IServerConfigurationManager config,
+            ILogger<QuickConnectManager> logger,
+            IServerApplicationHost appHost,
+            IAuthorizationContext authContext,
+            IAuthenticationRepository authenticationRepository)
+        {
+            _config = config;
+            _logger = logger;
+            _appHost = appHost;
+            _authContext = authContext;
+            _authenticationRepository = authenticationRepository;
+
+            ReloadConfiguration();
+        }
+
+        /// <inheritdoc/>
+        public int CodeLength { get; set; } = 6;
+
+        /// <inheritdoc/>
+        public string TokenName { get; set; } = "QuickConnect";
+
+        /// <inheritdoc/>
+        public QuickConnectState State { get; private set; } = QuickConnectState.Unavailable;
+
+        /// <inheritdoc/>
+        public int Timeout { get; set; } = 5;
+
+        private DateTime DateActivated { get; set; }
+
+        /// <inheritdoc/>
+        public void AssertActive()
+        {
+            if (State != QuickConnectState.Active)
+            {
+                throw new ArgumentException("Quick connect is not active on this server");
+            }
+        }
+
+        /// <inheritdoc/>
+        public void Activate()
+        {
+            DateActivated = DateTime.UtcNow;
+            SetState(QuickConnectState.Active);
+        }
+
+        /// <inheritdoc/>
+        public void SetState(QuickConnectState newState)
+        {
+            _logger.LogDebug("Changed quick connect state from {State} to {newState}", State, newState);
+
+            ExpireRequests(true);
+
+            State = newState;
+            _config.Configuration.QuickConnectAvailable = newState == QuickConnectState.Available || newState == QuickConnectState.Active;
+            _config.SaveConfiguration();
+
+            _logger.LogDebug("Configuration saved");
+        }
+
+        /// <inheritdoc/>
+        public QuickConnectResult TryConnect()
+        {
+            ExpireRequests();
+
+            if (State != QuickConnectState.Active)
+            {
+                _logger.LogDebug("Refusing quick connect initiation request, current state is {State}", State);
+                throw new AuthenticationException("Quick connect is not active on this server");
+            }
+
+            var code = GenerateCode();
+            var result = new QuickConnectResult()
+            {
+                Secret = GenerateSecureRandom(),
+                DateAdded = DateTime.UtcNow,
+                Code = code
+            };
+
+            _currentRequests[code] = result;
+            return result;
+        }
+
+        /// <inheritdoc/>
+        public QuickConnectResult CheckRequestStatus(string secret)
+        {
+            ExpireRequests();
+            AssertActive();
+
+            string code = _currentRequests.Where(x => x.Value.Secret == secret).Select(x => x.Value.Code).DefaultIfEmpty(string.Empty).First();
+
+            if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
+            {
+                throw new ResourceNotFoundException("Unable to find request with provided secret");
+            }
+
+            return result;
+        }
+
+        /// <inheritdoc/>
+        public string GenerateCode()
+        {
+            Span<byte> raw = stackalloc byte[4];
+
+            int min = (int)Math.Pow(10, CodeLength - 1);
+            int max = (int)Math.Pow(10, CodeLength);
+
+            uint scale = uint.MaxValue;
+            while (scale == uint.MaxValue)
+            {
+                _rng.GetBytes(raw);
+                scale = BitConverter.ToUInt32(raw);
+            }
+
+            int code = (int)(min + ((max - min) * (scale / (double)uint.MaxValue)));
+            return code.ToString(CultureInfo.InvariantCulture);
+        }
+
+        /// <inheritdoc/>
+        public bool AuthorizeRequest(Guid userId, string code)
+        {
+            ExpireRequests();
+            AssertActive();
+
+            if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
+            {
+                throw new ResourceNotFoundException("Unable to find request");
+            }
+
+            if (result.Authenticated)
+            {
+                throw new InvalidOperationException("Request is already authorized");
+            }
+
+            result.Authentication = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture);
+
+            // Change the time on the request so it expires one minute into the future. It can't expire immediately as otherwise some clients wouldn't ever see that they have been authenticated.
+            var added = result.DateAdded ?? DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(Timeout));
+            result.DateAdded = added.Subtract(TimeSpan.FromMinutes(Timeout - 1));
+
+            _authenticationRepository.Create(new AuthenticationInfo
+            {
+                AppName = TokenName,
+                AccessToken = result.Authentication,
+                DateCreated = DateTime.UtcNow,
+                DeviceId = _appHost.SystemId,
+                DeviceName = _appHost.FriendlyName,
+                AppVersion = _appHost.ApplicationVersionString,
+                UserId = userId
+            });
+
+            _logger.LogDebug("Authorizing device with code {Code} to login as user {userId}", code, userId);
+
+            return true;
+        }
+
+        /// <inheritdoc/>
+        public int DeleteAllDevices(Guid user)
+        {
+            var raw = _authenticationRepository.Get(new AuthenticationInfoQuery()
+            {
+                DeviceId = _appHost.SystemId,
+                UserId = user
+            });
+
+            var tokens = raw.Items.Where(x => x.AppName.StartsWith(TokenName, StringComparison.Ordinal));
+
+            var removed = 0;
+            foreach (var token in tokens)
+            {
+                _authenticationRepository.Delete(token);
+                _logger.LogDebug("Deleted token {AccessToken}", token.AccessToken);
+                removed++;
+            }
+
+            return removed;
+        }
+
+        /// <summary>
+        /// Dispose.
+        /// </summary>
+        public void Dispose()
+        {
+            Dispose(true);
+            GC.SuppressFinalize(this);
+        }
+
+        /// <summary>
+        /// Dispose.
+        /// </summary>
+        /// <param name="disposing">Dispose unmanaged resources.</param>
+        protected virtual void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                _rng?.Dispose();
+            }
+        }
+
+        private string GenerateSecureRandom(int length = 32)
+        {
+            Span<byte> bytes = stackalloc byte[length];
+            _rng.GetBytes(bytes);
+
+            return Hex.Encode(bytes);
+        }
+
+        /// <inheritdoc/>
+        public void ExpireRequests(bool expireAll = false)
+        {
+            // Check if quick connect should be deactivated
+            if (State == QuickConnectState.Active && DateTime.UtcNow > DateActivated.AddMinutes(Timeout) && !expireAll)
+            {
+                _logger.LogDebug("Quick connect time expired, deactivating");
+                SetState(QuickConnectState.Available);
+                expireAll = true;
+            }
+
+            // Expire stale connection requests
+            var code = string.Empty;
+            var values = _currentRequests.Values.ToList();
+
+            for (int i = 0; i < values.Count; i++)
+            {
+                var added = values[i].DateAdded ?? DateTime.UnixEpoch;
+                if (DateTime.UtcNow > added.AddMinutes(Timeout) || expireAll)
+                {
+                    code = values[i].Code;
+                    _logger.LogDebug("Removing expired request {code}", code);
+
+                    if (!_currentRequests.TryRemove(code, out _))
+                    {
+                        _logger.LogWarning("Request {code} already expired", code);
+                    }
+                }
+            }
+        }
+
+        private void ReloadConfiguration()
+        {
+            State = _config.Configuration.QuickConnectAvailable ? QuickConnectState.Available : QuickConnectState.Unavailable;
+        }
+    }
+}

Emby.Server.Implementations/Session/SessionManager.cs

@@ -1429,6 +1429,24 @@ namespace Emby.Server.Implementations.Session
             return AuthenticateNewSessionInternal(request, false);
         }
 
+        public Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token)
+        {
+            var result = _authRepo.Get(new AuthenticationInfoQuery()
+            {
+                AccessToken = token,
+                DeviceId = _appHost.SystemId,
+                Limit = 1
+            });
+
+            if (result.TotalRecordCount == 0)
+            {
+                throw new SecurityException("Unknown quick connect token");
+            }
+
+            request.UserId = result.Items[0].UserId;
+            return AuthenticateNewSessionInternal(request, false);
+        }
+
         private async Task<AuthenticationResult> AuthenticateNewSessionInternal(AuthenticationRequest request, bool enforcePassword)
         {
             CheckDisposed();

Jellyfin.Api/Controllers/QuickConnectController.cs

@@ -0,0 +1,154 @@
+using System.ComponentModel.DataAnnotations;
+using Jellyfin.Api.Constants;
+using Jellyfin.Api.Helpers;
+using MediaBrowser.Common.Extensions;
+using MediaBrowser.Controller.QuickConnect;
+using MediaBrowser.Model.QuickConnect;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Jellyfin.Api.Controllers
+{
+    /// <summary>
+    /// Quick connect controller.
+    /// </summary>
+    public class QuickConnectController : BaseJellyfinApiController
+    {
+        private readonly IQuickConnect _quickConnect;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="QuickConnectController"/> class.
+        /// </summary>
+        /// <param name="quickConnect">Instance of the <see cref="IQuickConnect"/> interface.</param>
+        public QuickConnectController(IQuickConnect quickConnect)
+        {
+            _quickConnect = quickConnect;
+        }
+
+        /// <summary>
+        /// Gets the current quick connect state.
+        /// </summary>
+        /// <response code="200">Quick connect state returned.</response>
+        /// <returns>The current <see cref="QuickConnectState"/>.</returns>
+        [HttpGet("Status")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<QuickConnectState> GetStatus()
+        {
+            _quickConnect.ExpireRequests();
+            return _quickConnect.State;
+        }
+
+        /// <summary>
+        /// Initiate a new quick connect request.
+        /// </summary>
+        /// <response code="200">Quick connect request successfully created.</response>
+        /// <response code="401">Quick connect is not active on this server.</response>
+        /// <returns>A <see cref="QuickConnectResult"/> with a secret and code for future use or an error message.</returns>
+        [HttpGet("Initiate")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<QuickConnectResult> Initiate()
+        {
+            return _quickConnect.TryConnect();
+        }
+
+        /// <summary>
+        /// Attempts to retrieve authentication information.
+        /// </summary>
+        /// <param name="secret">Secret previously returned from the Initiate endpoint.</param>
+        /// <response code="200">Quick connect result returned.</response>
+        /// <response code="404">Unknown quick connect secret.</response>
+        /// <returns>An updated <see cref="QuickConnectResult"/>.</returns>
+        [HttpGet("Connect")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status404NotFound)]
+        public ActionResult<QuickConnectResult> Connect([FromQuery, Required] string secret)
+        {
+            try
+            {
+                return _quickConnect.CheckRequestStatus(secret);
+            }
+            catch (ResourceNotFoundException)
+            {
+                return NotFound("Unknown secret");
+            }
+        }
+
+        /// <summary>
+        /// Temporarily activates quick connect for five minutes.
+        /// </summary>
+        /// <response code="204">Quick connect has been temporarily activated.</response>
+        /// <response code="403">Quick connect is unavailable on this server.</response>
+        /// <returns>An <see cref="NoContentResult"/> on success.</returns>
+        [HttpPost("Activate")]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
+        [ProducesResponseType(StatusCodes.Status204NoContent)]
+        [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        public ActionResult Activate()
+        {
+            if (_quickConnect.State == QuickConnectState.Unavailable)
+            {
+                return Forbid("Quick connect is unavailable");
+            }
+
+            _quickConnect.Activate();
+            return NoContent();
+        }
+
+        /// <summary>
+        /// Enables or disables quick connect.
+        /// </summary>
+        /// <param name="status">New <see cref="QuickConnectState"/>.</param>
+        /// <response code="204">Quick connect state set successfully.</response>
+        /// <returns>An <see cref="NoContentResult"/> on success.</returns>
+        [HttpPost("Available")]
+        [Authorize(Policy = Policies.RequiresElevation)]
+        [ProducesResponseType(StatusCodes.Status204NoContent)]
+        public ActionResult Available([FromQuery] QuickConnectState status = QuickConnectState.Available)
+        {
+            _quickConnect.SetState(status);
+            return NoContent();
+        }
+
+        /// <summary>
+        /// Authorizes a pending quick connect request.
+        /// </summary>
+        /// <param name="code">Quick connect code to authorize.</param>
+        /// <response code="200">Quick connect result authorized successfully.</response>
+        /// <response code="403">Unknown user id.</response>
+        /// <returns>Boolean indicating if the authorization was successful.</returns>
+        [HttpPost("Authorize")]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        public ActionResult<bool> Authorize([FromQuery, Required] string code)
+        {
+            var userId = ClaimHelpers.GetUserId(Request.HttpContext.User);
+            if (!userId.HasValue)
+            {
+                return Forbid("Unknown user id");
+            }
+
+            return _quickConnect.AuthorizeRequest(userId.Value, code);
+        }
+
+        /// <summary>
+        /// Deauthorize all quick connect devices for the current user.
+        /// </summary>
+        /// <response code="200">All quick connect devices were deleted.</response>
+        /// <returns>The number of devices that were deleted.</returns>
+        [HttpPost("Deauthorize")]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<int> Deauthorize()
+        {
+            var userId = ClaimHelpers.GetUserId(Request.HttpContext.User);
+            if (!userId.HasValue)
+            {
+                return 0;
+            }
+
+            return _quickConnect.DeleteAllDevices(userId.Value);
+        }
+    }
+}

Jellyfin.Api/Controllers/UserController.cs

@@ -216,6 +216,40 @@ namespace Jellyfin.Api.Controllers
             }
         }
 
+        /// <summary>
+        /// Authenticates a user with quick connect.
+        /// </summary>
+        /// <param name="request">The <see cref="QuickConnectDto"/> request.</param>
+        /// <response code="200">User authenticated.</response>
+        /// <response code="400">Missing token.</response>
+        /// <returns>A <see cref="Task"/> containing an <see cref="AuthenticationRequest"/> with information about the new session.</returns>
+        [HttpPost("AuthenticateWithQuickConnect")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public async Task<ActionResult<AuthenticationResult>> AuthenticateWithQuickConnect([FromBody, Required] QuickConnectDto request)
+        {
+            var auth = _authContext.GetAuthorizationInfo(Request);
+
+            try
+            {
+                var authRequest = new AuthenticationRequest
+                {
+                    App = auth.Client,
+                    AppVersion = auth.Version,
+                    DeviceId = auth.DeviceId,
+                    DeviceName = auth.Device,
+                };
+
+                return await _sessionManager.AuthenticateQuickConnect(
+                    authRequest,
+                    request.Token).ConfigureAwait(false);
+            }
+            catch (SecurityException e)
+            {
+                // rethrow adding IP address to message
+                throw new SecurityException($"[{HttpContext.Connection.RemoteIpAddress}] {e.Message}", e);
+            }
+        }
+
         /// <summary>
         /// Updates a user's password.
         /// </summary>

Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs

@@ -0,0 +1,16 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Jellyfin.Api.Models.UserDtos
+{
+    /// <summary>
+    /// The quick connect request body.
+    /// </summary>
+    public class QuickConnectDto
+    {
+        /// <summary>
+        /// Gets or sets the quick connect token.
+        /// </summary>
+        [Required]
+        public string? Token { get; set; }
+    }
+}

MediaBrowser.Controller/QuickConnect/IQuickConnect.cs

@@ -0,0 +1,87 @@
+using System;
+using MediaBrowser.Model.QuickConnect;
+
+namespace MediaBrowser.Controller.QuickConnect
+{
+    /// <summary>
+    /// Quick connect standard interface.
+    /// </summary>
+    public interface IQuickConnect
+    {
+        /// <summary>
+        /// Gets or sets the length of user facing codes.
+        /// </summary>
+        int CodeLength { get; set; }
+
+        /// <summary>
+        /// Gets or sets the name of internal access tokens.
+        /// </summary>
+        string TokenName { get; set; }
+
+        /// <summary>
+        /// Gets the current state of quick connect.
+        /// </summary>
+        QuickConnectState State { get; }
+
+        /// <summary>
+        /// Gets or sets the time (in minutes) before quick connect will automatically deactivate.
+        /// </summary>
+        int Timeout { get; set; }
+
+        /// <summary>
+        /// Assert that quick connect is currently active and throws an exception if it is not.
+        /// </summary>
+        void AssertActive();
+
+        /// <summary>
+        /// Temporarily activates quick connect for a short amount of time.
+        /// </summary>
+        void Activate();
+
+        /// <summary>
+        /// Changes the state of quick connect.
+        /// </summary>
+        /// <param name="newState">New state to change to.</param>
+        void SetState(QuickConnectState newState);
+
+        /// <summary>
+        /// Initiates a new quick connect request.
+        /// </summary>
+        /// <returns>A quick connect result with tokens to proceed or throws an exception if not active.</returns>
+        QuickConnectResult TryConnect();
+
+        /// <summary>
+        /// Checks the status of an individual request.
+        /// </summary>
+        /// <param name="secret">Unique secret identifier of the request.</param>
+        /// <returns>Quick connect result.</returns>
+        QuickConnectResult CheckRequestStatus(string secret);
+
+        /// <summary>
+        /// Authorizes a quick connect request to connect as the calling user.
+        /// </summary>
+        /// <param name="userId">User id.</param>
+        /// <param name="code">Identifying code for the request.</param>
+        /// <returns>A boolean indicating if the authorization completed successfully.</returns>
+        bool AuthorizeRequest(Guid userId, string code);
+
+        /// <summary>
+        /// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
+        /// </summary>
+        /// <param name="expireAll">If true, all requests will be expired.</param>
+        void ExpireRequests(bool expireAll = false);
+
+        /// <summary>
+        /// Deletes all quick connect access tokens for the provided user.
+        /// </summary>
+        /// <param name="user">Guid of the user to delete tokens for.</param>
+        /// <returns>A count of the deleted tokens.</returns>
+        int DeleteAllDevices(Guid user);
+
+        /// <summary>
+        /// Generates a short code to display to the user to uniquely identify this request.
+        /// </summary>
+        /// <returns>A short, unique alphanumeric string.</returns>
+        string GenerateCode();
+    }
+}

MediaBrowser.Controller/Session/ISessionManager.cs

@@ -266,6 +266,14 @@ namespace MediaBrowser.Controller.Session
         /// <returns>Task{SessionInfo}.</returns>
         Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request);
 
+        /// <summary>
+        /// Authenticates a new session with quick connect.
+        /// </summary>
+        /// <param name="request">The request.</param>
+        /// <param name="token">Quick connect access token.</param>
+        /// <returns>Task{SessionInfo}.</returns>
+        Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token);
+
         /// <summary>
         /// Creates the new session.
         /// </summary>

MediaBrowser.Model/Configuration/ServerConfiguration.cs

@@ -78,6 +78,11 @@ namespace MediaBrowser.Model.Configuration
         /// <value><c>true</c> if this instance is port authorized; otherwise, <c>false</c>.</value>
         public bool IsPortAuthorized { get; set; }
 
+        /// <summary>
+        /// Gets or sets if quick connect is available for use on this server.
+        /// </summary>
+        public bool QuickConnectAvailable { get; set; }
+
         public bool AutoRunWebApp { get; set; }
 
         public bool EnableRemoteAccess { get; set; }
@@ -299,6 +304,7 @@ namespace MediaBrowser.Model.Configuration
 
             AutoRunWebApp = true;
             EnableRemoteAccess = true;
+            QuickConnectAvailable = false;
 
             EnableUPnP = false;
             MinResumePct = 5;

MediaBrowser.Model/QuickConnect/QuickConnectResult.cs

@@ -0,0 +1,40 @@
+using System;
+
+namespace MediaBrowser.Model.QuickConnect
+{
+    /// <summary>
+    /// Stores the result of an incoming quick connect request.
+    /// </summary>
+    public class QuickConnectResult
+    {
+        /// <summary>
+        /// Gets a value indicating whether this request is authorized.
+        /// </summary>
+        public bool Authenticated => !string.IsNullOrEmpty(Authentication);
+
+        /// <summary>
+        /// Gets or sets the secret value used to uniquely identify this request. Can be used to retrieve authentication information.
+        /// </summary>
+        public string? Secret { get; set; }
+
+        /// <summary>
+        /// Gets or sets the user facing code used so the user can quickly differentiate this request from others.
+        /// </summary>
+        public string? Code { get; set; }
+
+        /// <summary>
+        /// Gets or sets the private access token.
+        /// </summary>
+        public string? Authentication { get; set; }
+
+        /// <summary>
+        /// Gets or sets an error message.
+        /// </summary>
+        public string? Error { get; set; }
+
+        /// <summary>
+        /// Gets or sets the DateTime that this request was created.
+        /// </summary>
+        public DateTime? DateAdded { get; set; }
+    }
+}

MediaBrowser.Model/QuickConnect/QuickConnectState.cs

@@ -0,0 +1,23 @@
+namespace MediaBrowser.Model.QuickConnect
+{
+    /// <summary>
+    /// Quick connect state.
+    /// </summary>
+    public enum QuickConnectState
+    {
+        /// <summary>
+        /// This feature has not been opted into and is unavailable until the server administrator chooses to opt-in.
+        /// </summary>
+        Unavailable = 0,
+
+        /// <summary>
+        /// The feature is enabled for use on the server but is not currently accepting connection requests.
+        /// </summary>
+        Available = 1,
+
+        /// <summary>
+        /// The feature is actively accepting connection requests.
+        /// </summary>
+        Active = 2
+    }
+}