10 files changed, 62 insertions, 20 deletions

diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 4fd08258a..c5f8b58c4 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -237,6 +237,21 @@ namespace Emby.Server.Implementations
         public IServiceProvider ServiceProvider { get; set; }
 
         /// <summary>
+        /// Gets the http port for the webhost.
+        /// </summary>
+        public int HttpPort { get; private set; }
+
+        /// <summary>
+        /// Gets the https port for the webhost.
+        /// </summary>
+        public int HttpsPort { get; private set; }
+
+        /// <summary>
+        /// Gets the content root for the webhost.
+        /// </summary>
+        public string ContentRoot { get; private set; }
+
+        /// <summary>
         /// Gets the server configuration manager.
         /// </summary>
         /// <value>The server configuration manager.</value>
@@ -1604,12 +1619,6 @@ namespace Emby.Server.Implementations
                 ? Environment.MachineName
                 : ServerConfigurationManager.Configuration.ServerName;
 
-        public int HttpPort { get; private set; }
-
-        public int HttpsPort { get; private set; }
-
-        public string ContentRoot { get; private set; }
-
         /// <summary>
         /// Shuts down.
         /// </summary>
diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index 6ca992c61..26f7d9d2d 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -51,7 +51,7 @@ namespace Jellyfin.Api.Auth
                     new Claim(ClaimTypes.Name, user.Name),
                     new Claim(
                         ClaimTypes.Role,
-                        value: user.Policy.IsAdministrator ? UserRole.Administrator : UserRole.User)
+                        value: user.Policy.IsAdministrator ? UserRoles.Administrator : UserRoles.User)
                 };
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
                 var principal = new ClaimsPrincipal(identity);
diff --git a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
index 2450e7bc7..34aa5d12c 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandler.cs
@@ -28,7 +28,7 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
-            else if (context.User.IsInRole(UserRole.Administrator))
+            else if (context.User.IsInRole(UserRoles.Administrator))
             {
                 context.Succeed(firstTimeSetupOrElevatedRequirement);
             }
diff --git a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
index 108c29a2c..2d3bb1aa4 100644
--- a/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
+++ b/Jellyfin.Api/Auth/RequiresElevationPolicy/RequiresElevationHandler.cs
@@ -12,7 +12,7 @@ namespace Jellyfin.Api.Auth.RequiresElevationPolicy
         /// <inheritdoc />
         protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RequiresElevationRequirement requirement)
         {
-            if (context.User.IsInRole(UserRole.Administrator))
+            if (context.User.IsInRole(UserRoles.Administrator))
             {
                 context.Succeed(requirement);
             }
diff --git a/Jellyfin.Api/Constants/AuthenticationSchemes.cs b/Jellyfin.Api/Constants/AuthenticationSchemes.cs
new file mode 100644
index 000000000..bac3379e7
--- /dev/null
+++ b/Jellyfin.Api/Constants/AuthenticationSchemes.cs
@@ -0,0 +1,13 @@
+namespace Jellyfin.Api.Constants
+{
+    /// <summary>
+    /// Authentication schemes for user authentication in the API.
+    /// </summary>
+    public static class AuthenticationSchemes
+    {
+        /// <summary>
+        /// Scheme name for the custom legacy authentication.
+        /// </summary>
+        public const string CustomAuthentication = "CustomAuthentication";
+    }
+}
diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs
new file mode 100644
index 000000000..e2b383f75
--- /dev/null
+++ b/Jellyfin.Api/Constants/Policies.cs
@@ -0,0 +1,18 @@
+namespace Jellyfin.Api.Constants
+{
+    /// <summary>
+    /// Policies for the API authorization.
+    /// </summary>
+    public static class Policies
+    {
+        /// <summary>
+        /// Policy name for requiring first time setup or elevated privileges.
+        /// </summary>
+        public const string FirstTimeSetupOrElevated = "FirstTimeOrElevated";
+
+        /// <summary>
+        /// Policy name for requiring elevated privileges.
+        /// </summary>
+        public const string RequiresElevation = "RequiresElevation";
+    }
+}
diff --git a/Jellyfin.Api/Constants/UserRole.cs b/Jellyfin.Api/Constants/UserRoles.cs
index b1da61557..d9a536e7d 100644
--- a/Jellyfin.Api/Constants/UserRole.cs
+++ b/Jellyfin.Api/Constants/UserRoles.cs
@@ -3,7 +3,7 @@ namespace Jellyfin.Api.Constants
     /// <summary>
     /// Constants for user roles used in the authentication and authorization for the API.
     /// </summary>
-    public static class UserRole
+    public static class UserRoles
     {
         /// <summary>
         /// Guest user.
diff --git a/Jellyfin.Api/Controllers/StartupController.cs b/Jellyfin.Api/Controllers/StartupController.cs
index 50f3dc83c..1014c8c56 100644
--- a/Jellyfin.Api/Controllers/StartupController.cs
+++ b/Jellyfin.Api/Controllers/StartupController.cs
@@ -1,5 +1,6 @@
 using System.Linq;
 using System.Threading.Tasks;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Models.StartupDtos;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
@@ -11,7 +12,7 @@ namespace Jellyfin.Api.Controllers
     /// <summary>
     /// The startup wizard controller.
     /// </summary>
-    [Authorize(Policy = "FirstTimeSetupOrElevated")]
+    [Authorize(Policy = Policies.FirstTimeSetupOrElevated)]
     public class StartupController : BaseJellyfinApiController
     {
         private readonly IServerConfigurationManager _config;
diff --git a/Jellyfin.Api/Jellyfin.Api.csproj b/Jellyfin.Api/Jellyfin.Api.csproj
index 6ad97b60f..a2818b45d 100644
--- a/Jellyfin.Api/Jellyfin.Api.csproj
+++ b/Jellyfin.Api/Jellyfin.Api.csproj
@@ -20,9 +20,9 @@
   <!-- Code analysers-->
   <ItemGroup Condition=" '$(Configuration)' == 'Debug' ">
     <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.7" PrivateAssets="All" />
-    <PackageReference Include="SerilogAnalyzer" Version="0.15.0" />
-    <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" />
-    <PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" />
+    <PackageReference Include="SerilogAnalyzer" Version="0.15.0" PrivateAssets="All" />
+    <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" PrivateAssets="All" />
+    <PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" PrivateAssets="All" />
   </ItemGroup>
 
   <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index e5a8937e8..dd4f9cd23 100644
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -2,6 +2,7 @@ using Jellyfin.Api;
 using Jellyfin.Api.Auth;
 using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
 using Jellyfin.Api.Auth.RequiresElevationPolicy;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Controllers;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
@@ -27,17 +28,17 @@ namespace Jellyfin.Server.Extensions
             return serviceCollection.AddAuthorizationCore(options =>
             {
                 options.AddPolicy(
-                    "RequiresElevation",
+                    Policies.RequiresElevation,
                     policy =>
                     {
-                        policy.AddAuthenticationSchemes("CustomAuthentication");
+                        policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
                         policy.AddRequirements(new RequiresElevationRequirement());
                     });
                 options.AddPolicy(
-                    "FirstTimeSetupOrElevated",
+                    Policies.FirstTimeSetupOrElevated,
                     policy =>
                     {
-                        policy.AddAuthenticationSchemes("CustomAuthentication");
+                        policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
                         policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement());
                     });
             });
@@ -50,8 +51,8 @@ namespace Jellyfin.Server.Extensions
         /// <returns>The updated service collection.</returns>
         public static AuthenticationBuilder AddCustomAuthentication(this IServiceCollection serviceCollection)
         {
-            return serviceCollection.AddAuthentication("CustomAuthentication")
-                .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>("CustomAuthentication", null);
+            return serviceCollection.AddAuthentication(AuthenticationSchemes.CustomAuthentication)
+                .AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>(AuthenticationSchemes.CustomAuthentication, null);
         }
 
         /// <summary>