Merge branch 'master' into NetworkPR2

author: BaronGreenback <jimcartlidge@yahoo.co.uk> 2020-11-16 16:27:37 +0000
committer: GitHub <noreply@github.com> 2020-11-16 16:27:37 +0000
commit: d66f88672cdc21376b5ff5105e7d18b25d549879 (patch)
tree: 1d6459225931fa03b9e299eb46fe765ffacf7839 /Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
parent: e2769671a79dfd73ec2796bcc0cbe97584ee4023 (diff)
parent: dc0e353b968e80b9532638f5a752f89572566d82 (diff)
1 files changed, 7 insertions, 8 deletions
diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index 733c6959e..27a1f61be 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -1,10 +1,10 @@
 using System.Globalization;
-using System.Security.Authentication;
 using System.Security.Claims;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
 using Jellyfin.Api.Constants;
 using Jellyfin.Data.Enums;
+using MediaBrowser.Controller.Authentication;
 using MediaBrowser.Controller.Net;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.Logging;
@@ -43,24 +43,23 @@ namespace Jellyfin.Api.Auth
             try
             {
                 var authorizationInfo = _authService.Authenticate(Request);
-                if (authorizationInfo == null)
+                var role = UserRoles.User;
+                if (authorizationInfo.IsApiKey || authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
                 {
-                    return Task.FromResult(AuthenticateResult.NoResult());
-                    // TODO return when legacy API is removed.
-                    // Don't spam the log with "Invalid User"
-                    // return Task.FromResult(AuthenticateResult.Fail("Invalid user"));
+                    role = UserRoles.Administrator;
                 }
 
                 var claims = new[]
                 {
-                    new Claim(ClaimTypes.Name, authorizationInfo.User.Username),
-                    new Claim(ClaimTypes.Role, authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator) ? UserRoles.Administrator : UserRoles.User),
+                    new Claim(ClaimTypes.Name, authorizationInfo.User?.Username ?? string.Empty),
+                    new Claim(ClaimTypes.Role, role),
                     new Claim(InternalClaimTypes.UserId, authorizationInfo.UserId.ToString("N", CultureInfo.InvariantCulture)),
                     new Claim(InternalClaimTypes.DeviceId, authorizationInfo.DeviceId),
                     new Claim(InternalClaimTypes.Device, authorizationInfo.Device),
                     new Claim(InternalClaimTypes.Client, authorizationInfo.Client),
                     new Claim(InternalClaimTypes.Version, authorizationInfo.Version),
                     new Claim(InternalClaimTypes.Token, authorizationInfo.Token),
+                    new Claim(InternalClaimTypes.IsApiKey, authorizationInfo.IsApiKey.ToString(CultureInfo.InvariantCulture))
                 };
 
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
author	BaronGreenback <jimcartlidge@yahoo.co.uk>	2020-11-16 16:27:37 +0000
committer	GitHub <noreply@github.com>	2020-11-16 16:27:37 +0000
commit	d66f88672cdc21376b5ff5105e7d18b25d549879 (patch)
tree	1d6459225931fa03b9e299eb46fe765ffacf7839 /Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
parent	e2769671a79dfd73ec2796bcc0cbe97584ee4023 (diff)
parent	dc0e353b968e80b9532638f5a752f89572566d82 (diff)