Implement InvalidAuthProvider

Implements the InvalidAuthProvider, which acts as a fallback if a configured authentication provider, e.g. LDAP, is unavailable due to a load failure or removal. Until the user or the authentication plugin is corrected, this will cause users with the missing provider to be locked out, while throwing errors in the logs about the issue. Fixes #1445 part 2
author: Joshua M. Boniface <joshua@boniface.me> 2019-06-08 22:54:31 -0400
committer: Joshua M. Boniface <joshua@boniface.me> 2019-06-08 22:54:31 -0400
commit: d78a55adb4f66b8a82449216a11657da1388ab12 (patch)
tree: 5eb401dcebac84b6eed02b49579848201e5618bc
parent: 855911333a76999ede37fca5b720b85143e01d3c (diff)
2 files changed, 61 insertions, 5 deletions
diff --git a/Emby.Server.Implementations/Library/InvalidAuthProvider.cs b/Emby.Server.Implementations/Library/InvalidAuthProvider.cs
new file mode 100644
index 000000000..ee2569562
--- /dev/null
+++ b/Emby.Server.Implementations/Library/InvalidAuthProvider.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading.Tasks;
+using MediaBrowser.Controller.Authentication;
+using MediaBrowser.Controller.Entities;
+
+namespace Emby.Server.Implementations.Library
+{
+    public class InvalidAuthProvider : IAuthenticationProvider
+    {
+        public string Name => "InvalidorMissingAuthenticationProvider";
+
+        public bool IsEnabled => true;
+
+        public Task<ProviderAuthenticationResult> Authenticate(string username, string password)
+        {
+            throw new Exception("User Account cannot login with this provider. The Normal provider for this user cannot be found");
+        }
+
+        public Task<bool> HasPassword(User user)
+        {
+            return Task.FromResult(true);
+        }
+
+        public Task ChangePassword(User user, string newPassword)
+        {
+            return Task.FromResult(true);
+        }
+
+        public void ChangeEasyPassword(User user, string newPassword, string newPasswordHash)
+        {
+            // Nothing here   
+        }
+
+        public string GetPasswordHash(User user)
+        {
+            return "";
+        }
+
+        public string GetEasyPasswordHash(User user)
+        {
+            return "";
+        }
+    }
+}
diff --git a/Emby.Server.Implementations/Library/UserManager.cs b/Emby.Server.Implementations/Library/UserManager.cs
index a0b8d4ba4..ca43f7aaa 100644
--- a/Emby.Server.Implementations/Library/UserManager.cs
+++ b/Emby.Server.Implementations/Library/UserManager.cs
@@ -79,6 +79,8 @@ namespace Emby.Server.Implementations.Library
         private IAuthenticationProvider[] _authenticationProviders;
         private DefaultAuthenticationProvider _defaultAuthenticationProvider;
 
+        private InvalidAuthProvider _invalidAuthProvider;
+
         private IPasswordResetProvider[] _passwordResetProviders;
         private DefaultPasswordResetProvider _defaultPasswordResetProvider;
 
@@ -141,6 +143,8 @@ namespace Emby.Server.Implementations.Library
 
             _defaultAuthenticationProvider = _authenticationProviders.OfType<DefaultAuthenticationProvider>().First();
 
+            _invalidAuthProvider = _authenticationProviders.OfType<InvalidAuthProvider>().First();
+
             _passwordResetProviders = passwordResetProviders.ToArray();
 
             _defaultPasswordResetProvider = passwordResetProviders.OfType<DefaultPasswordResetProvider>().First();
@@ -307,11 +311,14 @@ namespace Emby.Server.Implementations.Library
                     user = Users
                         .FirstOrDefault(i => string.Equals(username, i.Name, StringComparison.OrdinalIgnoreCase));
 
-                    var hasNewUserPolicy = authenticationProvider as IHasNewUserPolicy;
-                    if (hasNewUserPolicy != null)
+                    if (authenticationProvider.GetType() != typeof(InvalidAuthProvider))
                     {
-                        var policy = hasNewUserPolicy.GetNewUserPolicy();
-                        UpdateUserPolicy(user, policy, true);
+                        var hasNewUserPolicy = authenticationProvider as IHasNewUserPolicy;
+                        if (hasNewUserPolicy != null)
+                        {
+                            var policy = hasNewUserPolicy.GetNewUserPolicy();
+                            UpdateUserPolicy(user, policy, true);
+                        }
                     }
                 }
             }
@@ -400,7 +407,10 @@ namespace Emby.Server.Implementations.Library
 
             if (providers.Length == 0)
             {
-                providers = new IAuthenticationProvider[] { _defaultAuthenticationProvider };
+                // this function used to assign any user without an auth provider to the default.
+                // we're going to have it use a new function now.
+                _logger.LogWarning($"The user {user.Name} was found but no Authentication Provider with ID: {user.Policy.AuthenticationProviderId} was found. Assigning user to InvalidAuthProvider temporarily");
+                providers = new IAuthenticationProvider[] { _invalidAuthProvider };
             }
 
             return providers;
author	Joshua M. Boniface <joshua@boniface.me>	2019-06-08 22:54:31 -0400
committer	Joshua M. Boniface <joshua@boniface.me>	2019-06-08 22:54:31 -0400
commit	d78a55adb4f66b8a82449216a11657da1388ab12 (patch)
tree	5eb401dcebac84b6eed02b49579848201e5618bc
parent	855911333a76999ede37fca5b720b85143e01d3c (diff)