mirror of https://github.com/jellyfin/jellyfin.git
Merge pull request #4629 from crobibero/auth-handler
Provide NoResult instead of Fail in CustomAuthenticationHandler
This commit is contained in:
Claus Vium
GitHub
commit
79578521b8
|
|
@ -1,5 +1,6 @@
|
||||||
#pragma warning disable CS1591
|
#pragma warning disable CS1591
|
||||||
|
|
||||||
|
using System;
|
||||||
using Jellyfin.Data.Enums;
|
using Jellyfin.Data.Enums;
|
||||||
using MediaBrowser.Controller.Authentication;
|
using MediaBrowser.Controller.Authentication;
|
||||||
using MediaBrowser.Controller.Net;
|
using MediaBrowser.Controller.Net;
|
||||||
|
|
@ -20,9 +21,15 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
public AuthorizationInfo Authenticate(HttpRequest request)
|
public AuthorizationInfo Authenticate(HttpRequest request)
|
||||||
{
|
{
|
||||||
var auth = _authorizationContext.GetAuthorizationInfo(request);
|
var auth = _authorizationContext.GetAuthorizationInfo(request);
|
||||||
|
|
||||||
|
if (!auth.HasToken)
|
||||||
|
{
|
||||||
|
throw new AuthenticationException("Request does not contain a token.");
|
||||||
|
}
|
||||||
|
|
||||||
if (!auth.IsAuthenticated)
|
if (!auth.IsAuthenticated)
|
||||||
{
|
{
|
||||||
throw new AuthenticationException("Invalid token.");
|
throw new SecurityException("Invalid token.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
|
if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
|
||||||
|
|
|
||||||
|
|
@ -102,7 +102,8 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
DeviceId = deviceId,
|
DeviceId = deviceId,
|
||||||
Version = version,
|
Version = version,
|
||||||
Token = token,
|
Token = token,
|
||||||
IsAuthenticated = false
|
IsAuthenticated = false,
|
||||||
|
HasToken = false
|
||||||
};
|
};
|
||||||
|
|
||||||
if (string.IsNullOrWhiteSpace(token))
|
if (string.IsNullOrWhiteSpace(token))
|
||||||
|
|
@ -111,6 +112,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
|
||||||
return authInfo;
|
return authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
authInfo.HasToken = true;
|
||||||
var result = _authRepo.Get(new AuthenticationInfoQuery
|
var result = _authRepo.Get(new AuthenticationInfoQuery
|
||||||
{
|
{
|
||||||
AccessToken = token
|
AccessToken = token
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ namespace Jellyfin.Api.Auth
|
||||||
public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
|
||||||
{
|
{
|
||||||
private readonly IAuthService _authService;
|
private readonly IAuthService _authService;
|
||||||
|
private readonly ILogger<CustomAuthenticationHandler> _logger;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Initializes a new instance of the <see cref="CustomAuthenticationHandler" /> class.
|
/// Initializes a new instance of the <see cref="CustomAuthenticationHandler" /> class.
|
||||||
|
|
@ -35,6 +36,7 @@ namespace Jellyfin.Api.Auth
|
||||||
ISystemClock clock) : base(options, logger, encoder, clock)
|
ISystemClock clock) : base(options, logger, encoder, clock)
|
||||||
{
|
{
|
||||||
_authService = authService;
|
_authService = authService;
|
||||||
|
_logger = logger.CreateLogger<CustomAuthenticationHandler>();
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <inheritdoc />
|
/// <inheritdoc />
|
||||||
|
|
@ -70,7 +72,8 @@ namespace Jellyfin.Api.Auth
|
||||||
}
|
}
|
||||||
catch (AuthenticationException ex)
|
catch (AuthenticationException ex)
|
||||||
{
|
{
|
||||||
return Task.FromResult(AuthenticateResult.Fail(ex));
|
_logger.LogDebug(ex, "Error authenticating with {Handler}", nameof(CustomAuthenticationHandler));
|
||||||
|
return Task.FromResult(AuthenticateResult.NoResult());
|
||||||
}
|
}
|
||||||
catch (SecurityException ex)
|
catch (SecurityException ex)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -58,5 +58,10 @@ namespace MediaBrowser.Controller.Net
|
||||||
/// Gets or sets a value indicating whether the token is authenticated.
|
/// Gets or sets a value indicating whether the token is authenticated.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public bool IsAuthenticated { get; set; }
|
public bool IsAuthenticated { get; set; }
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Gets or sets a value indicating whether the request has a token.
|
||||||
|
/// </summary>
|
||||||
|
public bool HasToken { get; set; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -69,7 +69,7 @@ namespace Jellyfin.Api.Tests.Auth
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task HandleAuthenticateAsyncShouldFailOnAuthenticationException()
|
public async Task HandleAuthenticateAsyncShouldProvideNoResultOnAuthenticationException()
|
||||||
{
|
{
|
||||||
var errorMessage = _fixture.Create<string>();
|
var errorMessage = _fixture.Create<string>();
|
||||||
|
|
||||||
|
|
@ -81,7 +81,7 @@ namespace Jellyfin.Api.Tests.Auth
|
||||||
var authenticateResult = await _sut.AuthenticateAsync();
|
var authenticateResult = await _sut.AuthenticateAsync();
|
||||||
|
|
||||||
Assert.False(authenticateResult.Succeeded);
|
Assert.False(authenticateResult.Succeeded);
|
||||||
Assert.Equal(errorMessage, authenticateResult.Failure?.Message);
|
Assert.True(authenticateResult.None);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue