Merge branch 'master' into TVFix

author: cvium <clausvium@gmail.com> 2021-11-08 10:38:08 +0100
committer: cvium <clausvium@gmail.com> 2021-11-08 10:38:08 +0100
commit: f03e77a4d5fa0ca81ecb11f0ffc4c14706a6dd7d (patch)
tree: 06ae22d6e13ac26ab9dcb97e54591ad55654d3e1 /Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
parent: 153e9202397f236a4a415bd033c3b398b6e6573c (diff)
parent: 83859a1e6d96cbb60a3b43f7537c0ab0fbdff510 (diff)
1 files changed, 12 insertions, 2 deletions
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index f19e87aba..e853609d6 100644
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -7,6 +7,7 @@ using System.Net.Sockets;
 using System.Reflection;
 using Emby.Server.Implementations;
 using Jellyfin.Api.Auth;
+using Jellyfin.Api.Auth.AnonymousLanAccessPolicy;
 using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
 using Jellyfin.Api.Auth.DownloadPolicy;
 using Jellyfin.Api.Auth.FirstTimeOrIgnoreParentalControlSetupPolicy;
@@ -61,6 +62,7 @@ namespace Jellyfin.Server.Extensions
             serviceCollection.AddSingleton<IAuthorizationHandler, IgnoreParentalControlHandler>();
             serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeOrIgnoreParentalControlSetupHandler>();
             serviceCollection.AddSingleton<IAuthorizationHandler, LocalAccessHandler>();
+            serviceCollection.AddSingleton<IAuthorizationHandler, AnonymousLanAccessHandler>();
             serviceCollection.AddSingleton<IAuthorizationHandler, LocalAccessOrRequiresElevationHandler>();
             serviceCollection.AddSingleton<IAuthorizationHandler, RequiresElevationHandler>();
             serviceCollection.AddSingleton<IAuthorizationHandler, SyncPlayAccessHandler>();
@@ -157,6 +159,13 @@ namespace Jellyfin.Server.Extensions
                         policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
                         policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccessRequirementType.IsInGroup));
                     });
+                options.AddPolicy(
+                    Policies.AnonymousLanAccessPolicy,
+                    policy =>
+                    {
+                        policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
+                        policy.AddRequirements(new AnonymousLanAccessRequirement());
+                    });
             });
         }
 
@@ -188,7 +197,8 @@ namespace Jellyfin.Server.Extensions
                     // https://github.com/dotnet/aspnetcore/blob/master/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs
                     // Enable debug logging on Microsoft.AspNetCore.HttpOverrides.ForwardedHeadersMiddleware to help investigate issues.
 
-                    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+                    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedHost;
+
                     if (config.KnownProxies.Length == 0)
                     {
                         options.KnownNetworks.Clear();
@@ -278,7 +288,7 @@ namespace Jellyfin.Server.Extensions
                 {
                     Type = SecuritySchemeType.ApiKey,
                     In = ParameterLocation.Header,
-                    Name = "X-Emby-Authorization",
+                    Name = "Authorization",
                     Description = "API key header parameter"
                 });
author	cvium <clausvium@gmail.com>	2021-11-08 10:38:08 +0100
committer	cvium <clausvium@gmail.com>	2021-11-08 10:38:08 +0100
commit	f03e77a4d5fa0ca81ecb11f0ffc4c14706a6dd7d (patch)
tree	06ae22d6e13ac26ab9dcb97e54591ad55654d3e1 /Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
parent	153e9202397f236a4a415bd033c3b398b6e6573c (diff)
parent	83859a1e6d96cbb60a3b43f7537c0ab0fbdff510 (diff)