diff options
| author | Andrew Rabert <6550543+nvllsvm@users.noreply.github.com> | 2019-01-22 18:13:47 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-22 18:13:47 -0500 |
| commit | 28483bdb54be96ae83e0fded097f534d7e26ba1e (patch) | |
| tree | e7f4b92326417ebf55eecdf68a01d2c3b9e660d7 /Emby.Server.Implementations/Security | |
| parent | 920c39454c05e979eabe81877269cd4517a03ccf (diff) | |
| parent | 8106c8393b711a7e1d40487e3caf2b014decbe28 (diff) | |
Merge pull request #651 from jellyfin/release-10.1.0
Release 10.1.0
Diffstat (limited to 'Emby.Server.Implementations/Security')
5 files changed, 26 insertions, 466 deletions
diff --git a/Emby.Server.Implementations/Security/AuthenticationRepository.cs b/Emby.Server.Implementations/Security/AuthenticationRepository.cs index 228d511ce..c81a93767 100644 --- a/Emby.Server.Implementations/Security/AuthenticationRepository.cs +++ b/Emby.Server.Implementations/Security/AuthenticationRepository.cs @@ -1,18 +1,15 @@ -using System; +using System; using System.Collections.Generic; using System.Globalization; using System.IO; using System.Linq; -using System.Threading; using Emby.Server.Implementations.Data; -using MediaBrowser.Controller; +using MediaBrowser.Controller.Configuration; using MediaBrowser.Controller.Security; -using Microsoft.Extensions.Logging; +using MediaBrowser.Model.Devices; using MediaBrowser.Model.Querying; +using Microsoft.Extensions.Logging; using SQLitePCL.pretty; -using MediaBrowser.Model.Extensions; -using MediaBrowser.Controller.Configuration; -using MediaBrowser.Model.Devices; namespace Emby.Server.Implementations.Security { @@ -21,8 +18,8 @@ namespace Emby.Server.Implementations.Security private readonly IServerConfigurationManager _config; private readonly CultureInfo _usCulture = new CultureInfo("en-US"); - public AuthenticationRepository(ILogger logger, IServerConfigurationManager config) - : base(logger) + public AuthenticationRepository(ILoggerFactory loggerFactory, IServerConfigurationManager config) + : base(loggerFactory.CreateLogger(nameof(AuthenticationRepository))) { _config = config; DbFilePath = Path.Combine(config.ApplicationPaths.DataPath, "authentication.db"); @@ -91,7 +88,7 @@ namespace Emby.Server.Implementations.Security { if (info == null) { - throw new ArgumentNullException("info"); + throw new ArgumentNullException(nameof(info)); } using (WriteLock.Write()) @@ -126,7 +123,7 @@ namespace Emby.Server.Implementations.Security { if (info == null) { - throw new ArgumentNullException("entry"); + throw new ArgumentNullException(nameof(info)); } using (WriteLock.Write()) @@ -161,7 +158,7 @@ namespace Emby.Server.Implementations.Security { if (info == null) { - throw new ArgumentNullException("entry"); + throw new ArgumentNullException(nameof(info)); } using (WriteLock.Write()) @@ -183,7 +180,7 @@ namespace Emby.Server.Implementations.Security private const string BaseSelectText = "select Tokens.Id, AccessToken, DeviceId, AppName, AppVersion, DeviceName, UserId, UserName, DateCreated, DateLastActivity, Devices.CustomName from Tokens left join Devices on Tokens.DeviceId=Devices.Id"; - private void BindAuthenticationQueryParams(AuthenticationInfoQuery query, IStatement statement) + private static void BindAuthenticationQueryParams(AuthenticationInfoQuery query, IStatement statement) { if (!string.IsNullOrEmpty(query.AccessToken)) { @@ -205,7 +202,7 @@ namespace Emby.Server.Implementations.Security { if (query == null) { - throw new ArgumentNullException("query"); + throw new ArgumentNullException(nameof(query)); } var commandText = BaseSelectText; @@ -306,7 +303,7 @@ namespace Emby.Server.Implementations.Security } } - private AuthenticationInfo Get(IReadOnlyList<IResultSetValue> reader) + private static AuthenticationInfo Get(IReadOnlyList<IResultSetValue> reader) { var info = new AuthenticationInfo { @@ -397,7 +394,7 @@ namespace Emby.Server.Implementations.Security { if (options == null) { - throw new ArgumentNullException("options"); + throw new ArgumentNullException(nameof(options)); } using (WriteLock.Write()) diff --git a/Emby.Server.Implementations/Security/EncryptionManager.cs b/Emby.Server.Implementations/Security/EncryptionManager.cs index 271b0bbdb..fa8872ccc 100644 --- a/Emby.Server.Implementations/Security/EncryptionManager.cs +++ b/Emby.Server.Implementations/Security/EncryptionManager.cs @@ -1,6 +1,6 @@ -using MediaBrowser.Controller.Security; using System; using System.Text; +using MediaBrowser.Controller.Security; namespace Emby.Server.Implementations.Security { @@ -11,10 +11,13 @@ namespace Emby.Server.Implementations.Security /// </summary> /// <param name="value">The value.</param> /// <returns>System.String.</returns> - /// <exception cref="System.ArgumentNullException">value</exception> + /// <exception cref="ArgumentNullException">value</exception> public string EncryptString(string value) { - if (value == null) throw new ArgumentNullException("value"); + if (value == null) + { + throw new ArgumentNullException(nameof(value)); + } return EncryptStringUniversal(value); } @@ -24,15 +27,18 @@ namespace Emby.Server.Implementations.Security /// </summary> /// <param name="value">The value.</param> /// <returns>System.String.</returns> - /// <exception cref="System.ArgumentNullException">value</exception> + /// <exception cref="ArgumentNullException">value</exception> public string DecryptString(string value) { - if (value == null) throw new ArgumentNullException("value"); + if (value == null) + { + throw new ArgumentNullException(nameof(value)); + } return DecryptStringUniversal(value); } - private string EncryptStringUniversal(string value) + private static string EncryptStringUniversal(string value) { // Yes, this isn't good, but ProtectedData in mono is throwing exceptions, so use this for now @@ -40,7 +46,7 @@ namespace Emby.Server.Implementations.Security return Convert.ToBase64String(bytes); } - private string DecryptStringUniversal(string value) + private static string DecryptStringUniversal(string value) { // Yes, this isn't good, but ProtectedData in mono is throwing exceptions, so use this for now diff --git a/Emby.Server.Implementations/Security/MBLicenseFile.cs b/Emby.Server.Implementations/Security/MBLicenseFile.cs deleted file mode 100644 index 1810cbcd2..000000000 --- a/Emby.Server.Implementations/Security/MBLicenseFile.cs +++ /dev/null @@ -1,210 +0,0 @@ -using System; -using System.Collections.Concurrent; -using System.Collections.Generic; -using System.Globalization; -using System.IO; -using System.Linq; -using System.Text; -using MediaBrowser.Common.Configuration; -using MediaBrowser.Model.Cryptography; -using MediaBrowser.Model.IO; - -namespace Emby.Server.Implementations.Security -{ - internal class MBLicenseFile - { - private readonly IApplicationPaths _appPaths; - private readonly IFileSystem _fileSystem; - private readonly ICryptoProvider _cryptographyProvider; - - public string RegKey - { - get { return _regKey; } - set - { - _updateRecords.Clear(); - _regKey = value; - } - } - - private string Filename - { - get - { - return Path.Combine(_appPaths.ConfigurationDirectoryPath, "mb.lic"); - } - } - - private readonly ConcurrentDictionary<Guid, FeatureRegInfo> _updateRecords = new ConcurrentDictionary<Guid, FeatureRegInfo>(); - private readonly object _fileLock = new object(); - private string _regKey; - - public MBLicenseFile(IApplicationPaths appPaths, IFileSystem fileSystem, ICryptoProvider cryptographyProvider) - { - _appPaths = appPaths; - _fileSystem = fileSystem; - _cryptographyProvider = cryptographyProvider; - - Load(); - } - - private void SetUpdateRecord(Guid key, FeatureRegInfo value) - { - _updateRecords.AddOrUpdate(key, value, (k, v) => value); - } - - private Guid GetKey(string featureId) - { - return new Guid(_cryptographyProvider.ComputeMD5(Encoding.Unicode.GetBytes(featureId))); - } - - public void AddRegCheck(string featureId, DateTime expirationDate) - { - var key = GetKey(featureId); - var value = new FeatureRegInfo - { - ExpirationDate = expirationDate, - LastChecked = DateTime.UtcNow - }; - - SetUpdateRecord(key, value); - Save(); - } - - public void RemoveRegCheck(string featureId) - { - var key = GetKey(featureId); - FeatureRegInfo val; - - _updateRecords.TryRemove(key, out val); - - Save(); - } - - public FeatureRegInfo GetRegInfo(string featureId) - { - var key = GetKey(featureId); - FeatureRegInfo info = null; - _updateRecords.TryGetValue(key, out info); - - if (info == null) - { - return null; - } - - // guard agains people just putting a large number in the file - return info.LastChecked < DateTime.UtcNow ? info : null; - } - - private void Load() - { - string[] contents = null; - var licenseFile = Filename; - lock (_fileLock) - { - try - { - contents = _fileSystem.ReadAllLines(licenseFile); - } - catch (FileNotFoundException) - { - lock (_fileLock) - { - _fileSystem.WriteAllBytes(licenseFile, Array.Empty<byte>()); - } - } - catch (IOException) - { - lock (_fileLock) - { - _fileSystem.WriteAllBytes(licenseFile, Array.Empty<byte>()); - } - } - } - if (contents != null && contents.Length > 0) - { - //first line is reg key - RegKey = contents[0]; - - //next is legacy key - if (contents.Length > 1) - { - // Don't need this anymore - } - - //the rest of the lines should be pairs of features and timestamps - for (var i = 2; i < contents.Length; i = i + 2) - { - var line = contents[i]; - if (string.IsNullOrWhiteSpace(line)) - { - continue; - } - - Guid feat; - if (Guid.TryParse(line, out feat)) - { - var lineParts = contents[i + 1].Split(new[] { '|' }, StringSplitOptions.RemoveEmptyEntries); - - long ticks; - if (long.TryParse(lineParts[0], out ticks)) - { - var info = new FeatureRegInfo - { - LastChecked = new DateTime(ticks) - }; - - if (lineParts.Length > 1 && long.TryParse(lineParts[1], out ticks)) - { - info.ExpirationDate = new DateTime(ticks); - } - - SetUpdateRecord(feat, info); - } - } - } - } - } - - public void Save() - { - //build our array - var lines = new List<string> - { - RegKey, - - // Legacy key - string.Empty - }; - - foreach (var pair in _updateRecords - .ToList()) - { - lines.Add(pair.Key.ToString()); - - var dateLine = pair.Value.LastChecked.Ticks.ToString(CultureInfo.InvariantCulture) + "|" + - pair.Value.ExpirationDate.Ticks.ToString(CultureInfo.InvariantCulture); - - lines.Add(dateLine); - } - - var licenseFile = Filename; - _fileSystem.CreateDirectory(_fileSystem.GetDirectoryName(licenseFile)); - lock (_fileLock) - { - _fileSystem.WriteAllLines(licenseFile, lines); - } - } - } - - internal class FeatureRegInfo - { - public DateTime ExpirationDate { get; set; } - public DateTime LastChecked { get; set; } - - public FeatureRegInfo() - { - ExpirationDate = DateTime.MinValue; - } - } -} diff --git a/Emby.Server.Implementations/Security/PluginSecurityManager.cs b/Emby.Server.Implementations/Security/PluginSecurityManager.cs deleted file mode 100644 index 2b1494c39..000000000 --- a/Emby.Server.Implementations/Security/PluginSecurityManager.cs +++ /dev/null @@ -1,221 +0,0 @@ -using System; -using System.Collections.Generic; -using System.IO; -using System.Linq; -using System.Net; -using System.Threading; -using System.Threading.Tasks; -using MediaBrowser.Common.Configuration; -using MediaBrowser.Common.Net; -using MediaBrowser.Common.Security; -using MediaBrowser.Controller; -using MediaBrowser.Model.Cryptography; -using MediaBrowser.Model.Entities; -using MediaBrowser.Model.IO; -using Microsoft.Extensions.Logging; -using MediaBrowser.Model.Net; -using MediaBrowser.Model.Serialization; - -namespace Emby.Server.Implementations.Security -{ - /// <summary> - /// Class PluginSecurityManager - /// </summary> - public class PluginSecurityManager : ISecurityManager - { - private const string MBValidateUrl = "https://mb3admin.local/admin/service/registration/validate"; - private const string AppstoreRegUrl = /*MbAdmin.HttpsUrl*/ "https://mb3admin.local/admin/service/appstore/register"; - - public async Task<bool> IsSupporter() - { - var result = await GetRegistrationStatusInternal("MBSupporter", false, _appHost.ApplicationVersion.ToString(), CancellationToken.None).ConfigureAwait(false); - - return result.IsRegistered; - } - - private MBLicenseFile _licenseFile; - private MBLicenseFile LicenseFile - { - get { return _licenseFile ?? (_licenseFile = new MBLicenseFile(_appPaths, _fileSystem, _cryptographyProvider)); } - } - - private readonly IHttpClient _httpClient; - private readonly IJsonSerializer _jsonSerializer; - private readonly IServerApplicationHost _appHost; - private readonly ILogger _logger; - private readonly IApplicationPaths _appPaths; - private readonly IFileSystem _fileSystem; - private readonly ICryptoProvider _cryptographyProvider; - - /// <summary> - /// Initializes a new instance of the <see cref="PluginSecurityManager" /> class. - /// </summary> - public PluginSecurityManager(IServerApplicationHost appHost, IHttpClient httpClient, IJsonSerializer jsonSerializer, - IApplicationPaths appPaths, ILoggerFactory loggerFactory, IFileSystem fileSystem, ICryptoProvider cryptographyProvider) - { - if (httpClient == null) - { - throw new ArgumentNullException("httpClient"); - } - - _appHost = appHost; - _httpClient = httpClient; - _jsonSerializer = jsonSerializer; - _appPaths = appPaths; - _fileSystem = fileSystem; - _cryptographyProvider = cryptographyProvider; - _logger = loggerFactory.CreateLogger("SecurityManager"); - } - - /// <summary> - /// Gets the registration status. - /// This overload supports existing plug-ins. - /// </summary> - public Task<MBRegistrationRecord> GetRegistrationStatus(string feature) - { - return GetRegistrationStatusInternal(feature, false, null, CancellationToken.None); - } - - /// <summary> - /// Gets or sets the supporter key. - /// </summary> - /// <value>The supporter key.</value> - public string SupporterKey - { - get - { - return LicenseFile.RegKey; - } - set - { - throw new Exception("Please call UpdateSupporterKey"); - } - } - - public async Task UpdateSupporterKey(string newValue) - { - if (newValue != null) - { - newValue = newValue.Trim(); - } - - if (!string.Equals(newValue, LicenseFile.RegKey, StringComparison.Ordinal)) - { - LicenseFile.RegKey = newValue; - LicenseFile.Save(); - - // Reset this - await GetRegistrationStatusInternal("MBSupporter", true, _appHost.ApplicationVersion.ToString(), CancellationToken.None).ConfigureAwait(false); - } - } - - /// <summary> - /// Register an app store sale with our back-end. It will validate the transaction with the store - /// and then register the proper feature and then fill in the supporter key on success. - /// </summary> - /// <param name="parameters">Json parameters to send to admin server</param> - public async Task RegisterAppStoreSale(string parameters) - { - var options = new HttpRequestOptions() - { - Url = AppstoreRegUrl, - CancellationToken = CancellationToken.None, - BufferContent = false - }; - options.RequestHeaders.Add("X-Emby-Token", _appHost.SystemId); - options.RequestContent = parameters; - options.RequestContentType = "application/json"; - - try - { - using (var response = await _httpClient.Post(options).ConfigureAwait(false)) - { - var reg = await _jsonSerializer.DeserializeFromStreamAsync<RegRecord>(response.Content).ConfigureAwait(false); - - if (reg == null) - { - var msg = "Result from appstore registration was null."; - _logger.LogError(msg); - throw new ArgumentException(msg); - } - if (!String.IsNullOrEmpty(reg.key)) - { - await UpdateSupporterKey(reg.key).ConfigureAwait(false); - } - } - - } - catch (ArgumentException) - { - SaveAppStoreInfo(parameters); - throw; - } - catch (HttpException ex) - { - _logger.LogError(ex, "Error registering appstore purchase {parameters}", parameters ?? "NO PARMS SENT"); - - throw new Exception("Error registering store sale"); - } - catch (Exception ex) - { - _logger.LogError(ex, "Error registering appstore purchase {parameters}", parameters ?? "NO PARMS SENT"); - SaveAppStoreInfo(parameters); - //TODO - could create a re-try routine on start-up if this file is there. For now we can handle manually. - throw new Exception("Error registering store sale"); - } - - } - - private void SaveAppStoreInfo(string info) - { - // Save all transaction information to a file - - try - { - _fileSystem.WriteAllText(Path.Combine(_appPaths.ProgramDataPath, "apptrans-error.txt"), info); - } - catch (IOException) - { - - } - } - - private SemaphoreSlim _regCheckLock = new SemaphoreSlim(1, 1); - - private async Task<MBRegistrationRecord> GetRegistrationStatusInternal(string feature, bool forceCallToServer, string version, CancellationToken cancellationToken) - { - await _regCheckLock.WaitAsync(cancellationToken).ConfigureAwait(false); - - try - { - var record = new MBRegistrationRecord - { - IsRegistered = true, - RegChecked = true, - TrialVersion = false, - IsValid = true, - RegError = false - }; - - return record; - } - finally - { - _regCheckLock.Release(); - } - } - - private bool IsInTrial(DateTime expirationDate, bool regChecked, bool isRegistered) - { - //don't set this until we've successfully obtained exp date - if (!regChecked) - { - return false; - } - - var isInTrial = expirationDate > DateTime.UtcNow; - - return isInTrial && !isRegistered; - } - } -} diff --git a/Emby.Server.Implementations/Security/RegRecord.cs b/Emby.Server.Implementations/Security/RegRecord.cs deleted file mode 100644 index d484085d3..000000000 --- a/Emby.Server.Implementations/Security/RegRecord.cs +++ /dev/null @@ -1,12 +0,0 @@ -using System; - -namespace Emby.Server.Implementations.Security -{ - class RegRecord - { - public string featId { get; set; } - public bool registered { get; set; } - public DateTime expDate { get; set; } - public string key { get; set; } - } -}
\ No newline at end of file |