diff options
| author | crobibero <cody@robibe.ro> | 2020-12-01 14:47:42 -0700 |
|---|---|---|
| committer | crobibero <cody@robibe.ro> | 2020-12-01 14:47:42 -0700 |
| commit | cd459c51f3d8a6a46a802759df1620ec43e5d2ae (patch) | |
| tree | d43a8609b771876845f2a86daffd2ff11db1fa1e /Emby.Server.Implementations/HttpServer | |
| parent | 38b3b4f8672373c8e1ac2e509d759fe07d179146 (diff) | |
Return NoResult only when request doesn't have a token.
Diffstat (limited to 'Emby.Server.Implementations/HttpServer')
| -rw-r--r-- | Emby.Server.Implementations/HttpServer/Security/AuthService.cs | 9 | ||||
| -rw-r--r-- | Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs | 4 |
2 files changed, 11 insertions, 2 deletions
diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs index df7a034e8..4a0fc8239 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs @@ -1,5 +1,6 @@ #pragma warning disable CS1591 +using System; using Jellyfin.Data.Enums; using MediaBrowser.Controller.Authentication; using MediaBrowser.Controller.Net; @@ -20,9 +21,15 @@ namespace Emby.Server.Implementations.HttpServer.Security public AuthorizationInfo Authenticate(HttpRequest request) { var auth = _authorizationContext.GetAuthorizationInfo(request); + + if (!auth.HasToken) + { + throw new AuthenticationException("Request does not contain a token."); + } + if (!auth.IsAuthenticated) { - throw new AuthenticationException("Invalid token."); + throw new SecurityException("Invalid token."); } if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false) diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs index fdf2e3908..d62e2eefe 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs @@ -102,7 +102,8 @@ namespace Emby.Server.Implementations.HttpServer.Security DeviceId = deviceId, Version = version, Token = token, - IsAuthenticated = false + IsAuthenticated = false, + HasToken = false }; if (string.IsNullOrWhiteSpace(token)) @@ -111,6 +112,7 @@ namespace Emby.Server.Implementations.HttpServer.Security return authInfo; } + authInfo.HasToken = true; var result = _authRepo.Get(new AuthenticationInfoQuery { AccessToken = token |