pt
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1209 from joshuaboniface/hotfix-authprovider-create 

Override username with AuthenticationProvider
This commit is contained in:
Joshua M. Boniface 2019-04-10 00:18:08 -04:00 committed by GitHub
parent 007fe34363 1af9c047fb
commit 75a4f04cce
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
Emby.Server.Implementations/Library/UserManager.cs
View File

@ -277,24 +277,35 @@ namespace Emby.Server.Implementations.Library
.FirstOrDefault(i => string.Equals(username, i.Name, StringComparison.OrdinalIgnoreCase)); .FirstOrDefault(i => string.Equals(username, i.Name, StringComparison.OrdinalIgnoreCase));
var success = false; var success = false;
string updatedUsername = null;
IAuthenticationProvider authenticationProvider = null; IAuthenticationProvider authenticationProvider = null;
if (user != null) if (user != null)
{ {
var authResult = await AuthenticateLocalUser(username, password, hashedPassword, user, remoteEndPoint).ConfigureAwait(false); var authResult = await AuthenticateLocalUser(username, password, hashedPassword, user, remoteEndPoint).ConfigureAwait(false);
authenticationProvider = authResult.Item1; authenticationProvider = authResult.Item1;
success = authResult.Item2; updatedUsername = authResult.Item2;
success = authResult.Item3;
} }
else else
{ {
// user is null // user is null
var authResult = await AuthenticateLocalUser(username, password, hashedPassword, null, remoteEndPoint).ConfigureAwait(false); var authResult = await AuthenticateLocalUser(username, password, hashedPassword, null, remoteEndPoint).ConfigureAwait(false);
authenticationProvider = authResult.Item1; authenticationProvider = authResult.Item1;
success = authResult.Item2; updatedUsername = authResult.Item2;
success = authResult.Item3;
if (success && authenticationProvider != null && !(authenticationProvider is DefaultAuthenticationProvider)) if (success && authenticationProvider != null && !(authenticationProvider is DefaultAuthenticationProvider))
{ {
user = await CreateUser(username).ConfigureAwait(false); // We should trust the user that the authprovider says, not what was typed
if (updatedUsername != username)
{
username = updatedUsername;
}
// Search the database for the user again; the authprovider might have created it
user = Users
.FirstOrDefault(i => string.Equals(username, i.Name, StringComparison.OrdinalIgnoreCase));
var hasNewUserPolicy = authenticationProvider as IHasNewUserPolicy; var hasNewUserPolicy = authenticationProvider as IHasNewUserPolicy;
if (hasNewUserPolicy != null) if (hasNewUserPolicy != null)
@ -414,32 +425,40 @@ namespace Emby.Server.Implementations.Library
return providers; return providers;
} }
private async Task<bool> AuthenticateWithProvider(IAuthenticationProvider provider, string username, string password, User resolvedUser) private async Task<Tuple<string, bool>> AuthenticateWithProvider(IAuthenticationProvider provider, string username, string password, User resolvedUser)
{ {
try try
{ {
var requiresResolvedUser = provider as IRequiresResolvedUser; var requiresResolvedUser = provider as IRequiresResolvedUser;
ProviderAuthenticationResult authenticationResult = null;
if (requiresResolvedUser != null) if (requiresResolvedUser != null)
{ {
await requiresResolvedUser.Authenticate(username, password, resolvedUser).ConfigureAwait(false); authenticationResult = await requiresResolvedUser.Authenticate(username, password, resolvedUser).ConfigureAwait(false);
} }
else else
{ {
await provider.Authenticate(username, password).ConfigureAwait(false); authenticationResult = await provider.Authenticate(username, password).ConfigureAwait(false);
} }
return true; if(authenticationResult.Username != username)
{
_logger.LogDebug("Authentication provider provided updated username {1}", authenticationResult.Username);
username = authenticationResult.Username;
}
return new Tuple<string, bool>(username, true);
} }
catch (Exception ex) catch (Exception ex)
{ {
_logger.LogError(ex, "Error authenticating with provider {provider}", provider.Name); _logger.LogError(ex, "Error authenticating with provider {provider}", provider.Name);
return false; return new Tuple<string, bool>(username, false);
} }
} }
private async Task<Tuple<IAuthenticationProvider, bool>> AuthenticateLocalUser(string username, string password, string hashedPassword, User user, string remoteEndPoint) private async Task<Tuple<IAuthenticationProvider, string, bool>> AuthenticateLocalUser(string username, string password, string hashedPassword, User user, string remoteEndPoint)
{ {
string updatedUsername = null;
bool success = false; bool success = false;
IAuthenticationProvider authenticationProvider = null; IAuthenticationProvider authenticationProvider = null;
@ -458,11 +477,14 @@ namespace Emby.Server.Implementations.Library
{ {
foreach (var provider in GetAuthenticationProviders(user)) foreach (var provider in GetAuthenticationProviders(user))
{ {
success = await AuthenticateWithProvider(provider, username, password, user).ConfigureAwait(false); var providerAuthResult = await AuthenticateWithProvider(provider, username, password, user).ConfigureAwait(false);
updatedUsername = providerAuthResult.Item1;
success = providerAuthResult.Item2;
if (success) if (success)
{ {
authenticationProvider = provider; authenticationProvider = provider;
username = updatedUsername;
break; break;
} }
} }
@ -484,7 +506,7 @@ namespace Emby.Server.Implementations.Library
} }
} }
return new Tuple<IAuthenticationProvider, bool>(authenticationProvider, success); return new Tuple<IAuthenticationProvider, string, bool>(authenticationProvider, username, success);
} }
private void UpdateInvalidLoginAttemptCount(User user, int newValue) private void UpdateInvalidLoginAttemptCount(User user, int newValue)