Kezdőlap Felfedezés Súgó
Bejelentkezés
mirrors
/
jellyfin
tükrözi: https://github.com/jellyfin/jellyfin
2
0
Másolás 0
Fájlok Problémák 0 Wiki
Fa: c2e75e99f4
Branch-ok Tag-ek
jellyfin
/
MediaBrowser.Api
/
PinLoginService.cs

PinLoginService.cs 7.7 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243 
  1. using System;
    2. 

  2. using System.Collections.Concurrent;
    3. 

  3. using System.Globalization;
    4. 

  4. using System.Threading.Tasks;
    5. 

  5. using MediaBrowser.Common.Extensions;
    6. 

  6. using MediaBrowser.Controller.Library;
    7. 

  7. using MediaBrowser.Controller.Net;
    8. 

  8. using MediaBrowser.Controller.Session;
    9. 

  9. using MediaBrowser.Model.Connect;
    10. 

  10. using MediaBrowser.Model.Dto;
    11. 

  11. using MediaBrowser.Model.Session;
    12. 

  12. using ServiceStack;
    13. 

  13. 

  14. namespace MediaBrowser.Api
    15. 

  15. {
    16. 

  16.     [Route("/Auth/Pin", "POST", Summary = "Creates a pin request")]
    17. 

  17.     public class CreatePinRequest : IReturn<PinCreationResult>
    18. 

  18.     {
    19. 

  19.         [ApiMember(Name = "DeviceId", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
    20. 

  20.         public string DeviceId { get; set; }
    21. 

  21.         [ApiMember(Name = "AppName", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
    22. 

  22.         public string AppName { get; set; }
    23. 

  23.     }
    24. 

  24. 

  25.     [Route("/Auth/Pin", "GET", Summary = "Gets pin status")]
    26. 

  26.     public class GetPinStatusRequest : IReturn<PinStatusResult>
    27. 

  27.     {
    28. 

  28.         [ApiMember(Name = "DeviceId", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "GET")]
    29. 

  29.         public string DeviceId { get; set; }
    30. 

  30.         [ApiMember(Name = "Pin", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "GET")]
    31. 

  31.         public string Pin { get; set; }
    32. 

  32.     }
    33. 

  33. 

  34.     [Route("/Auth/Pin/Exchange", "POST", Summary = "Exchanges a pin")]
    35. 

  35.     public class ExchangePinRequest : IReturn<PinExchangeResult>
    36. 

  36.     {
    37. 

  37.         [ApiMember(Name = "DeviceId", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
    38. 

  38.         public string DeviceId { get; set; }
    39. 

  39.         [ApiMember(Name = "Pin", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
    40. 

  40.         public string Pin { get; set; }
    41. 

  41.     }
    42. 

  42. 

  43.     [Route("/Auth/Pin/Validate", "POST", Summary = "Validates a pin")]
    44. 

  44.     [Authenticated]
    45. 

  45.     public class ValidatePinRequest : IReturn<SessionInfoDto>
    46. 

  46.     {
    47. 

  47.         [ApiMember(Name = "Pin", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "POST")]
    48. 

  48.         public string Pin { get; set; }
    49. 

  49.     }
    50. 

  50. 

  51.     public class PinLoginService : BaseApiService
    52. 

  52.     {
    53. 

  53.         private static readonly ConcurrentDictionary<string, MyPinStatus> _activeRequests = new ConcurrentDictionary<string, MyPinStatus>(StringComparer.OrdinalIgnoreCase);
    54. 

  54.         private readonly ISessionManager _sessionManager;
    55. 

  55.         private readonly IUserManager _userManager;
    56. 

  56. 

  57.         public PinLoginService(ISessionManager sessionManager, IUserManager userManager)
    58. 

  58.         {
    59. 

  59.             _sessionManager = sessionManager;
    60. 

  60.             _userManager = userManager;
    61. 

  61.         }
    62. 

  62. 

  63.         public object Post(CreatePinRequest request)
    64. 

  64.         {
    65. 

  65.             if (string.IsNullOrWhiteSpace(request.DeviceId))
    66. 

  66.             {
    67. 

  67.                 throw new ArgumentNullException("DeviceId");
    68. 

  68.             }
    69. 

  69.             if (string.IsNullOrWhiteSpace(request.AppName))
    70. 

  70.             {
    71. 

  71.                 throw new ArgumentNullException("AppName");
    72. 

  72.             }
    73. 

  73. 

  74.             var pin = GetNewPin();
    75. 

  75. 

  76.             var value = new MyPinStatus
    77. 

  77.             {
    78. 

  78.                 CreationTimeUtc = DateTime.UtcNow,
    79. 

  79.                 IsConfirmed = false,
    80. 

  80.                 IsExpired = false,
    81. 

  81.                 Pin = pin,
    82. 

  82.                 DeviceId = request.DeviceId,
    83. 

  83.                 AppName = request.AppName
    84. 

  84.             };
    85. 

  85. 

  86.             _activeRequests.AddOrUpdate(pin, value, (k, v) => value);
    87. 

  87. 

  88.             return ToOptimizedResult(new PinCreationResult
    89. 

  89.             {
    90. 

  90.                 DeviceId = request.DeviceId,
    91. 

  91.                 IsConfirmed = false,
    92. 

  92.                 IsExpired = false,
    93. 

  93.                 Pin = pin
    94. 

  94.             });
    95. 

  95.         }
    96. 

  96. 

  97.         public object Get(GetPinStatusRequest request)
    98. 

  98.         {
    99. 

  99.             MyPinStatus status;
    100. 

  100. 

  101.             if (!_activeRequests.TryGetValue(request.Pin, out status))
    102. 

  102.             {
    103. 

  103.                 Logger.Debug("Pin {0} not found.", request.Pin);
    104. 

  104.                 throw new ResourceNotFoundException();
    105. 

  105.             }
    106. 

  106. 

  107.             EnsureValid(request.DeviceId, status);
    108. 

  108. 

  109.             return ToOptimizedResult(new PinStatusResult
    110. 

  110.             {
    111. 

  111.                 Pin = status.Pin,
    112. 

  112.                 IsConfirmed = status.IsConfirmed,
    113. 

  113.                 IsExpired = status.IsExpired
    114. 

  114.             });
    115. 

  115.         }
    116. 

  116. 

  117.         public async Task<object> Post(ExchangePinRequest request)
    118. 

  118.         {
    119. 

  119.             MyPinStatus status;
    120. 

  120. 

  121.             if (!_activeRequests.TryGetValue(request.Pin, out status))
    122. 

  122.             {
    123. 

  123.                 Logger.Debug("Pin {0} not found.", request.Pin);
    124. 

  124.                 throw new ResourceNotFoundException();
    125. 

  125.             }
    126. 

  126. 

  127.             EnsureValid(request.DeviceId, status);
    128. 

  128. 

  129.             if (!status.IsConfirmed)
    130. 

  130.             {
    131. 

  131.                 throw new ResourceNotFoundException();
    132. 

  132.             }
    133. 

  133. 

  134.             var auth = AuthorizationContext.GetAuthorizationInfo(Request);
    135. 

  135.             var user = _userManager.GetUserById(status.UserId);
    136. 

  136. 

  137.             var result = await _sessionManager.CreateNewSession(new AuthenticationRequest
    138. 

  138.             {
    139. 

  139.                 App = auth.Client,
    140. 

  140.                 AppVersion = auth.Version,
    141. 

  141.                 DeviceId = auth.DeviceId,
    142. 

  142.                 DeviceName = auth.Device,
    143. 

  143.                 RemoteEndPoint = Request.RemoteIp,
    144. 

  144.                 Username = user.Name
    145. 

  145. 

  146.             }).ConfigureAwait(false);
    147. 

  147. 

  148.             return ToOptimizedResult(result);
    149. 

  149.         }
    150. 

  150. 

  151.         public object Post(ValidatePinRequest request)
    152. 

  152.         {
    153. 

  153.             MyPinStatus status;
    154. 

  154. 

  155.             if (!_activeRequests.TryGetValue(request.Pin, out status))
    156. 

  156.             {
    157. 

  157.                 throw new ResourceNotFoundException();
    158. 

  158.             }
    159. 

  159. 

  160.             EnsureValid(status);
    161. 

  161. 

  162.             status.IsConfirmed = true;
    163. 

  163.             status.UserId = AuthorizationContext.GetAuthorizationInfo(Request).UserId;
    164. 

  164. 

  165.             return ToOptimizedResult(new ValidatePinResult
    166. 

  166.             {
    167. 

  167.                 AppName = status.AppName
    168. 

  168.             });
    169. 

  169.         }
    170. 

  170. 

  171.         private void EnsureValid(string requestedDeviceId, MyPinStatus status)
    172. 

  172.         {
    173. 

  173.             if (!string.Equals(requestedDeviceId, status.DeviceId, StringComparison.OrdinalIgnoreCase))
    174. 

  174.             {
    175. 

  175.                 Logger.Debug("Pin device Id's do not match. requestedDeviceId: {0}, status.DeviceId: {1}", requestedDeviceId, status.DeviceId);
    176. 

  176.                 throw new ResourceNotFoundException();
    177. 

  177.             }
    178. 

  178. 

  179.             EnsureValid(status);
    180. 

  180.         }
    181. 

  181. 

  182.         private void EnsureValid(MyPinStatus status)
    183. 

  183.         {
    184. 

  184.             if ((DateTime.UtcNow - status.CreationTimeUtc).TotalMinutes > 10)
    185. 

  185.             {
    186. 

  186.                 status.IsExpired = true;
    187. 

  187.             }
    188. 

  188. 

  189.             if (status.IsExpired)
    190. 

  190.             {
    191. 

  191.                 Logger.Debug("Pin {0} is expired", status.Pin);
    192. 

  192.                 throw new ResourceNotFoundException();
    193. 

  193.             }
    194. 

  194.         }
    195. 

  195. 

  196.         private string GetNewPin()
    197. 

  197.         {
    198. 

  198.             var pin = GetNewPinInternal();
    199. 

  199. 

  200.             while (IsPinActive(pin))
    201. 

  201.             {
    202. 

  202.                 pin = GetNewPinInternal();
    203. 

  203.             }
    204. 

  204. 

  205.             return pin;
    206. 

  206.         }
    207. 

  207. 

  208.         private string GetNewPinInternal()
    209. 

  209.         {
    210. 

  210.             return new Random().Next(10000, 99999).ToString(CultureInfo.InvariantCulture);
    211. 

  211.         }
    212. 

  212. 

  213.         private bool IsPinActive(string pin)
    214. 

  214.         {
    215. 

  215.             MyPinStatus status;
    216. 

  216. 

  217.             if (!_activeRequests.TryGetValue(pin, out status))
    218. 

  218.             {
    219. 

  219.                 return false;
    220. 

  220.             }
    221. 

  221. 

  222.             if (status.IsExpired)
    223. 

  223.             {
    224. 

  224.                 return false;
    225. 

  225.             }
    226. 

  226. 

  227.             return true;
    228. 

  228.         }
    229. 

  229. 

  230.         public class MyPinStatus : PinStatusResult
    231. 

  231.         {
    232. 

  232.             public DateTime CreationTimeUtc { get; set; }
    233. 

  233.             public string DeviceId { get; set; }
    234. 

  234.             public string UserId { get; set; }
    235. 

  235.             public string AppName { get; set; }
    236. 

  236.         }
    237. 

  237.     }
    238. 

  238. 

  239.     public class ValidatePinResult
    240. 

  240.     {
    241. 

  241.         public string AppName { get; set; }
    242. 

  242.     }
    243. 

  243. }
    244.