Remove the dependency on BaseAuthorizationHandler

2021-09-10 11:44:50 +02:00 · 2021-09-10 11:44:50 +02:00 · 6637a3096a
parent 8496d7638a
commit 6637a3096a
6 changed files with 23 additions and 29 deletions
--- a/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs
+++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessHandler.cs
@ -1,37 +1,38 @@
 using System.Threading.Tasks;
 using MediaBrowser.Common.Net;
-using MediaBrowser.Controller.Library;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;

-namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy
+namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy
 {
    /// <summary>
    /// Local access handler.
    /// </summary>
-    public class LocalNetworkAccessHandler : BaseAuthorizationHandler<LocalNetworkAccessRequirement>
+    public class AnonymousLanAccessHandler : AuthorizationHandler<AnonymousLanAccessRequirement>
    {
+        private readonly INetworkManager _networkManager;
+        private readonly IHttpContextAccessor _httpContextAccessor;
+
        /// <summary>
-        /// Initializes a new instance of the <see cref="LocalNetworkAccessHandler"/> class.
+        /// Initializes a new instance of the <see cref="AnonymousLanAccessHandler"/> class.
        /// </summary>
-        /// <param name="userManager">Instance of the <see cref="IUserManager"/> interface.</param>
        /// <param name="networkManager">Instance of the <see cref="INetworkManager"/> interface.</param>
        /// <param name="httpContextAccessor">Instance of the <see cref="IHttpContextAccessor"/> interface.</param>
-        public LocalNetworkAccessHandler(
-            IUserManager userManager,
+        public AnonymousLanAccessHandler(
            INetworkManager networkManager,
            IHttpContextAccessor httpContextAccessor)
-            : base(userManager, networkManager, httpContextAccessor)
        {
+            _networkManager = networkManager;
+            _httpContextAccessor = httpContextAccessor;
        }

        /// <inheritdoc />
-        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, LocalNetworkAccessRequirement requirement)
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AnonymousLanAccessRequirement requirement)
        {
-            var ip = HttpContextAccessor.HttpContext?.Connection.RemoteIpAddress;
+            var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress;

            // Loopback will be on LAN, so we can accept null.
-            if (ip == null || NetworkManager.IsInLocalNetwork(ip))
+            if (ip == null || _networkManager.IsInLocalNetwork(ip))
            {
                context.Succeed(requirement);
            }
--- a/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs
+++ b/Jellyfin.Api/Auth/AnonymousLanAccessPolicy/AnonymousLanAccessRequirement.cs
@ -1,11 +1,11 @@
 using Microsoft.AspNetCore.Authorization;

-namespace Jellyfin.Api.Auth.LocalNetworkAccessPolicy
+namespace Jellyfin.Api.Auth.AnonymousLanAccessPolicy
 {
    /// <summary>
    /// The local network authorization requirement.
    /// </summary>
-    public class LocalNetworkAccessRequirement : IAuthorizationRequirement
+    public class AnonymousLanAccessRequirement : IAuthorizationRequirement
    {
    }
 }
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@ -36,16 +36,6 @@ namespace Jellyfin.Api.Auth
            _httpContextAccessor = httpContextAccessor;
        }

-        /// <summary>
-        /// Gets a value indicating <see cref="INetworkManager"/> being used.
-        /// </summary>
-        protected INetworkManager NetworkManager => _networkManager;
-
-        /// <summary>
-        /// Gets a value indicating the <see cref="HttpContextAccessor"/> being used.
-        /// </summary>
-        protected IHttpContextAccessor HttpContextAccessor => _httpContextAccessor;
-
        /// <summary>
        /// Validate authenticated claims.
        /// </summary>
--- a/Jellyfin.Api/Constants/Policies.cs
+++ b/Jellyfin.Api/Constants/Policies.cs
@ -46,9 +46,9 @@ namespace Jellyfin.Api.Constants
        public const string LocalAccessOrRequiresElevation = "LocalAccessOrRequiresElevation";

        /// <summary>
-        /// Policy name for requiring local LAN access.
+        /// Policy name for requiring (anonymous) LAN access.
        /// </summary>
-        public const string LocalNetworkAccessPolicy = "LocalNetworkAccessPolicy";
+        public const string AnonymousLanAccessPolicy = "AnonymousLanAccessPolicy";

        /// <summary>
        /// Policy name for escaping schedule controls or requiring first time setup.
--- a/Jellyfin.Api/Controllers/DlnaServerController.cs
+++ b/Jellyfin.Api/Controllers/DlnaServerController.cs
@ -7,7 +7,9 @@ using System.Threading.Tasks;
 using Emby.Dlna;
 using Emby.Dlna.Main;
 using Jellyfin.Api.Attributes;
+using Jellyfin.Api.Constants;
 using MediaBrowser.Controller.Dlna;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;

@ -17,6 +19,7 @@ namespace Jellyfin.Api.Controllers
    /// Dlna Server Controller.
    /// </summary>
    [Route("Dlna")]
+    [Authorize(Policy = Policies.AnonymousLanAccessPolicy)]
    public class DlnaServerController : BaseJellyfinApiController
    {
        private readonly IDlnaManager _dlnaManager;
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@ -7,6 +7,7 @@ using System.Net.Sockets;
 using System.Reflection;
 using Emby.Server.Implementations;
 using Jellyfin.Api.Auth;
+using Jellyfin.Api.Auth.AnonymousLanAccessPolicy;
 using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
 using Jellyfin.Api.Auth.DownloadPolicy;
 using Jellyfin.Api.Auth.FirstTimeOrIgnoreParentalControlSetupPolicy;
@ -15,7 +16,6 @@ using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
 using Jellyfin.Api.Auth.IgnoreParentalControlPolicy;
 using Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy;
 using Jellyfin.Api.Auth.LocalAccessPolicy;
-using Jellyfin.Api.Auth.LocalNetworkAccessPolicy;
 using Jellyfin.Api.Auth.RequiresElevationPolicy;
 using Jellyfin.Api.Auth.SyncPlayAccessPolicy;
 using Jellyfin.Api.Constants;
@ -62,7 +62,7 @@ namespace Jellyfin.Server.Extensions
            serviceCollection.AddSingleton<IAuthorizationHandler, IgnoreParentalControlHandler>();
            serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeOrIgnoreParentalControlSetupHandler>();
            serviceCollection.AddSingleton<IAuthorizationHandler, LocalAccessHandler>();
-            serviceCollection.AddSingleton<IAuthorizationHandler, LocalNetworkAccessHandler>();
+            serviceCollection.AddSingleton<IAuthorizationHandler, AnonymousLanAccessHandler>();
            serviceCollection.AddSingleton<IAuthorizationHandler, LocalAccessOrRequiresElevationHandler>();
            serviceCollection.AddSingleton<IAuthorizationHandler, RequiresElevationHandler>();
            serviceCollection.AddSingleton<IAuthorizationHandler, SyncPlayAccessHandler>();
@ -160,11 +160,11 @@ namespace Jellyfin.Server.Extensions
                        policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccessRequirementType.IsInGroup));
                    });
                options.AddPolicy(
-                    Policies.LocalNetworkAccessPolicy,
+                    Policies.AnonymousLanAccessPolicy,
                    policy =>
                    {
                        policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
-                        policy.AddRequirements(new LocalNetworkAccessRequirement());
+                        policy.AddRequirements(new AnonymousLanAccessRequirement());
                    });
            });
        }