diff options
| author | cvium <clausvium@gmail.com> | 2023-02-09 14:56:53 +0100 |
|---|---|---|
| committer | cvium <clausvium@gmail.com> | 2023-02-09 14:56:53 +0100 |
| commit | cba9657aec3c24c6724b00671019bdc212c41a90 (patch) | |
| tree | 07a9b0d8c080cdc46583694e47b3d87d0306a060 /Jellyfin.Server/Filters | |
| parent | b5d56679656539b1b01f995c9cffffad81aa2a21 (diff) | |
fix openapi auth
Diffstat (limited to 'Jellyfin.Server/Filters')
| -rw-r--r-- | Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs | 67 |
1 files changed, 40 insertions, 27 deletions
diff --git a/Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs b/Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs index 4af670e9a..fb9f6d0a6 100644 --- a/Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs +++ b/Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs @@ -18,11 +18,17 @@ namespace Jellyfin.Server.Filters { var requiredScopes = new List<string>(); + var requiresAuth = false; // Add all method scopes. foreach (var attribute in context.MethodInfo.GetCustomAttributes(true)) { - if (attribute is AuthorizeAttribute authorizeAttribute - && authorizeAttribute.Policy is not null + if (attribute is not AuthorizeAttribute authorizeAttribute) + { + continue; + } + + requiresAuth = true; + if (authorizeAttribute.Policy is not null && !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal)) { requiredScopes.Add(authorizeAttribute.Policy); @@ -35,8 +41,13 @@ namespace Jellyfin.Server.Filters { foreach (var attribute in controllerAttributes) { - if (attribute is AuthorizeAttribute authorizeAttribute - && authorizeAttribute.Policy is not null + if (attribute is not AuthorizeAttribute authorizeAttribute) + { + continue; + } + + requiresAuth = true; + if (authorizeAttribute.Policy is not null && !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal)) { requiredScopes.Add(authorizeAttribute.Policy); @@ -44,35 +55,37 @@ namespace Jellyfin.Server.Filters } } - if (requiredScopes.Count != 0) + if (!requiresAuth) { - if (!operation.Responses.ContainsKey("401")) - { - operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" }); - } + return; + } - if (!operation.Responses.ContainsKey("403")) - { - operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" }); - } + if (!operation.Responses.ContainsKey("401")) + { + operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" }); + } - var scheme = new OpenApiSecurityScheme + if (!operation.Responses.ContainsKey("403")) + { + operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" }); + } + + var scheme = new OpenApiSecurityScheme + { + Reference = new OpenApiReference { - Reference = new OpenApiReference - { - Type = ReferenceType.SecurityScheme, - Id = AuthenticationSchemes.CustomAuthentication - } - }; + Type = ReferenceType.SecurityScheme, + Id = AuthenticationSchemes.CustomAuthentication + } + }; - operation.Security = new List<OpenApiSecurityRequirement> + operation.Security = new List<OpenApiSecurityRequirement> + { + new OpenApiSecurityRequirement { - new OpenApiSecurityRequirement - { - [scheme] = requiredScopes - } - }; - } + [scheme] = requiredScopes + } + }; } } } |