|
|
@@ -18,11 +18,17 @@ namespace Jellyfin.Server.Filters
|
|
|
{
|
|
|
var requiredScopes = new List<string>();
|
|
|
|
|
|
+ var requiresAuth = false;
|
|
|
// Add all method scopes.
|
|
|
foreach (var attribute in context.MethodInfo.GetCustomAttributes(true))
|
|
|
{
|
|
|
- if (attribute is AuthorizeAttribute authorizeAttribute
|
|
|
- && authorizeAttribute.Policy is not null
|
|
|
+ if (attribute is not AuthorizeAttribute authorizeAttribute)
|
|
|
+ {
|
|
|
+ continue;
|
|
|
+ }
|
|
|
+
|
|
|
+ requiresAuth = true;
|
|
|
+ if (authorizeAttribute.Policy is not null
|
|
|
&& !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
|
|
|
{
|
|
|
requiredScopes.Add(authorizeAttribute.Policy);
|
|
|
@@ -35,8 +41,13 @@ namespace Jellyfin.Server.Filters
|
|
|
{
|
|
|
foreach (var attribute in controllerAttributes)
|
|
|
{
|
|
|
- if (attribute is AuthorizeAttribute authorizeAttribute
|
|
|
- && authorizeAttribute.Policy is not null
|
|
|
+ if (attribute is not AuthorizeAttribute authorizeAttribute)
|
|
|
+ {
|
|
|
+ continue;
|
|
|
+ }
|
|
|
+
|
|
|
+ requiresAuth = true;
|
|
|
+ if (authorizeAttribute.Policy is not null
|
|
|
&& !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
|
|
|
{
|
|
|
requiredScopes.Add(authorizeAttribute.Policy);
|
|
|
@@ -44,35 +55,37 @@ namespace Jellyfin.Server.Filters
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- if (requiredScopes.Count != 0)
|
|
|
+ if (!requiresAuth)
|
|
|
{
|
|
|
- if (!operation.Responses.ContainsKey("401"))
|
|
|
- {
|
|
|
- operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" });
|
|
|
- }
|
|
|
+ return;
|
|
|
+ }
|
|
|
|
|
|
- if (!operation.Responses.ContainsKey("403"))
|
|
|
- {
|
|
|
- operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" });
|
|
|
- }
|
|
|
+ if (!operation.Responses.ContainsKey("401"))
|
|
|
+ {
|
|
|
+ operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" });
|
|
|
+ }
|
|
|
|
|
|
- var scheme = new OpenApiSecurityScheme
|
|
|
+ if (!operation.Responses.ContainsKey("403"))
|
|
|
+ {
|
|
|
+ operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" });
|
|
|
+ }
|
|
|
+
|
|
|
+ var scheme = new OpenApiSecurityScheme
|
|
|
+ {
|
|
|
+ Reference = new OpenApiReference
|
|
|
{
|
|
|
- Reference = new OpenApiReference
|
|
|
- {
|
|
|
- Type = ReferenceType.SecurityScheme,
|
|
|
- Id = AuthenticationSchemes.CustomAuthentication
|
|
|
- }
|
|
|
- };
|
|
|
+ Type = ReferenceType.SecurityScheme,
|
|
|
+ Id = AuthenticationSchemes.CustomAuthentication
|
|
|
+ }
|
|
|
+ };
|
|
|
|
|
|
- operation.Security = new List<OpenApiSecurityRequirement>
|
|
|
+ operation.Security = new List<OpenApiSecurityRequirement>
|
|
|
+ {
|
|
|
+ new OpenApiSecurityRequirement
|
|
|
{
|
|
|
- new OpenApiSecurityRequirement
|
|
|
- {
|
|
|
- [scheme] = requiredScopes
|
|
|
- }
|
|
|
- };
|
|
|
- }
|
|
|
+ [scheme] = requiredScopes
|
|
|
+ }
|
|
|
+ };
|
|
|
}
|
|
|
}
|
|
|
}
|
cvium