Merge branch 'master' into video-resolver

author: BaronGreenback <jimcartlidge@yahoo.co.uk> 2020-10-17 09:26:14 +0100
committer: GitHub <noreply@github.com> 2020-10-17 09:26:14 +0100
commit: d42bb515ce3692abd9295008872c7f9d62b47652 (patch)
tree: 53743242f3b34aeeb24334572e50d67dc9f92727 /Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
parent: 75efb8f52d4234bfdefa2a0ac48f7261aa9ef58b (diff)
parent: 86090ab1f65c66958c897cacd04221c537053eb3 (diff)
1 files changed, 17 insertions, 8 deletions
diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index aab1141ee..733c6959e 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -1,8 +1,10 @@
+using System.Globalization;
 using System.Security.Authentication;
 using System.Security.Claims;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
 using Jellyfin.Api.Constants;
+using Jellyfin.Data.Enums;
 using MediaBrowser.Controller.Net;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.Logging;
@@ -38,22 +40,29 @@ namespace Jellyfin.Api.Auth
         /// <inheritdoc />
         protected override Task<AuthenticateResult> HandleAuthenticateAsync()
         {
-            var authenticatedAttribute = new AuthenticatedAttribute();
             try
             {
-                var user = _authService.Authenticate(Request, authenticatedAttribute);
-                if (user == null)
+                var authorizationInfo = _authService.Authenticate(Request);
+                if (authorizationInfo == null)
                 {
-                    return Task.FromResult(AuthenticateResult.Fail("Invalid user"));
+                    return Task.FromResult(AuthenticateResult.NoResult());
+                    // TODO return when legacy API is removed.
+                    // Don't spam the log with "Invalid User"
+                    // return Task.FromResult(AuthenticateResult.Fail("Invalid user"));
                 }
 
                 var claims = new[]
                 {
-                    new Claim(ClaimTypes.Name, user.Name),
-                    new Claim(
-                        ClaimTypes.Role,
-                        value: user.Policy.IsAdministrator ? UserRoles.Administrator : UserRoles.User)
+                    new Claim(ClaimTypes.Name, authorizationInfo.User.Username),
+                    new Claim(ClaimTypes.Role, authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator) ? UserRoles.Administrator : UserRoles.User),
+                    new Claim(InternalClaimTypes.UserId, authorizationInfo.UserId.ToString("N", CultureInfo.InvariantCulture)),
+                    new Claim(InternalClaimTypes.DeviceId, authorizationInfo.DeviceId),
+                    new Claim(InternalClaimTypes.Device, authorizationInfo.Device),
+                    new Claim(InternalClaimTypes.Client, authorizationInfo.Client),
+                    new Claim(InternalClaimTypes.Version, authorizationInfo.Version),
+                    new Claim(InternalClaimTypes.Token, authorizationInfo.Token),
                 };
+
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
                 var principal = new ClaimsPrincipal(identity);
                 var ticket = new AuthenticationTicket(principal, Scheme.Name);
author	BaronGreenback <jimcartlidge@yahoo.co.uk>	2020-10-17 09:26:14 +0100
committer	GitHub <noreply@github.com>	2020-10-17 09:26:14 +0100
commit	d42bb515ce3692abd9295008872c7f9d62b47652 (patch)
tree	53743242f3b34aeeb24334572e50d67dc9f92727 /Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
parent	75efb8f52d4234bfdefa2a0ac48f7261aa9ef58b (diff)
parent	86090ab1f65c66958c897cacd04221c537053eb3 (diff)