Merge pull request #4330 from crobibero/api-key-auth

Fix ApiKey authentication
author: Claus Vium <cvium@users.noreply.github.com> 2020-11-08 08:20:50 +0100
committer: GitHub <noreply@github.com> 2020-11-08 08:20:50 +0100
commit: c17f84ae484b9018953bfc2904819f30222b9c32 (patch)
tree: 405b770e78681b04eabb091f476c85c06635a17e /Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
parent: 1bd5f780250993b01e551699f54f703032a0d1dd (diff)
parent: 8b83e4e972243db618972e33705b959bf98ca9f4 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
index d732b6bc6..7d68aecf9 100644
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@@ -50,6 +50,13 @@ namespace Jellyfin.Api.Auth
             bool localAccessOnly = false,
             bool requiredDownloadPermission = false)
         {
+            // ApiKey is currently global admin, always allow.
+            var isApiKey = ClaimHelpers.GetIsApiKey(claimsPrincipal);
+            if (isApiKey)
+            {
+                return true;
+            }
+
             // Ensure claim has userId.
             var userId = ClaimHelpers.GetUserId(claimsPrincipal);
             if (!userId.HasValue)
author	Claus Vium <cvium@users.noreply.github.com>	2020-11-08 08:20:50 +0100
committer	GitHub <noreply@github.com>	2020-11-08 08:20:50 +0100
commit	c17f84ae484b9018953bfc2904819f30222b9c32 (patch)
tree	405b770e78681b04eabb091f476c85c06635a17e /Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
parent	1bd5f780250993b01e551699f54f703032a0d1dd (diff)
parent	8b83e4e972243db618972e33705b959bf98ca9f4 (diff)