aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Emby.Server.Implementations/Cryptography/CryptographyProvider.cs5
-rw-r--r--Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs42
-rw-r--r--Emby.Server.Implementations/Library/UserManager.cs4
-rw-r--r--MediaBrowser.Model/Cryptography/PasswordHash.cs42
4 files changed, 59 insertions, 34 deletions
diff --git a/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs b/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
index 436443f06..c4f034631 100644
--- a/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
+++ b/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
+using System.Globalization;
using System.IO;
using System.Security.Cryptography;
using System.Text;
@@ -102,12 +103,12 @@ namespace Emby.Server.Implementations.Cryptography
}
else
{
- return PBKDF2(HashMethod, bytes, salt,defaultiterations);
+ return PBKDF2(HashMethod, bytes, salt, defaultiterations);
}
}
else
{
- throw new CryptographicException($"Requested hash method is not supported: {HashMethod}"));
+ throw new CryptographicException($"Requested hash method is not supported: {HashMethod}");
}
}
diff --git a/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs b/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
index 016de6db7..80026d97c 100644
--- a/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
+++ b/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
@@ -37,7 +37,17 @@ namespace Emby.Server.Implementations.Library
if (resolvedUser == null)
{
throw new Exception("Invalid username or password");
- }
+ }
+
+ //As long as jellyfin supports passwordless users, we need this little block here to accomodate
+ if (IsPasswordEmpty(resolvedUser, password))
+ {
+ return Task.FromResult(new ProviderAuthenticationResult
+ {
+ Username = username
+ });
+ }
+
ConvertPasswordFormat(resolvedUser);
byte[] passwordbytes = Encoding.UTF8.GetBytes(password);
@@ -106,15 +116,30 @@ namespace Emby.Server.Implementations.Library
return Task.FromResult(hasConfiguredPassword);
}
- private bool IsPasswordEmpty(User user, string passwordHash)
- {
- return string.IsNullOrEmpty(passwordHash);
+ private bool IsPasswordEmpty(User user, string password)
+ {
+ if (string.IsNullOrEmpty(user.Password))
+ {
+ return string.IsNullOrEmpty(password);
+ }
+ return false;
}
public Task ChangePassword(User user, string newPassword)
{
- //string newPasswordHash = null;
- ConvertPasswordFormat(user);
+ ConvertPasswordFormat(user);
+ //This is needed to support changing a no password user to a password user
+ if (string.IsNullOrEmpty(user.Password))
+ {
+ PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
+ newPasswordHash.SaltBytes = _cryptographyProvider.GenerateSalt();
+ newPasswordHash.Salt = PasswordHash.ConvertToByteString(newPasswordHash.SaltBytes);
+ newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;
+ newPasswordHash.Hash = GetHashedStringChangeAuth(newPassword, newPasswordHash);
+ user.Password = newPasswordHash.ToString();
+ return Task.CompletedTask;
+ }
+
PasswordHash passwordHash = new PasswordHash(user.Password);
if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt))
{
@@ -143,11 +168,6 @@ namespace Emby.Server.Implementations.Library
return user.Password;
}
- public string GetEmptyHashedString(User user)
- {
- return null;
- }
-
public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash)
{
passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword);
diff --git a/Emby.Server.Implementations/Library/UserManager.cs b/Emby.Server.Implementations/Library/UserManager.cs
index b8777a480..3daed0c08 100644
--- a/Emby.Server.Implementations/Library/UserManager.cs
+++ b/Emby.Server.Implementations/Library/UserManager.cs
@@ -475,13 +475,13 @@ namespace Emby.Server.Implementations.Library
private string GetLocalPasswordHash(User user)
{
return string.IsNullOrEmpty(user.EasyPassword)
- ? _defaultAuthenticationProvider.GetEmptyHashedString(user)
+ ? null
: user.EasyPassword;
}
private bool IsPasswordEmpty(User user, string passwordHash)
{
- return string.Equals(passwordHash, _defaultAuthenticationProvider.GetEmptyHashedString(user), StringComparison.OrdinalIgnoreCase);
+ return string.IsNullOrEmpty(passwordHash);
}
/// <summary>
diff --git a/MediaBrowser.Model/Cryptography/PasswordHash.cs b/MediaBrowser.Model/Cryptography/PasswordHash.cs
index cd61657c1..3a817543b 100644
--- a/MediaBrowser.Model/Cryptography/PasswordHash.cs
+++ b/MediaBrowser.Model/Cryptography/PasswordHash.cs
@@ -18,48 +18,52 @@ namespace MediaBrowser.Model.Cryptography
public byte[] HashBytes;
public PasswordHash(string storageString)
{
- string[] SplitStorageString = storageString.Split('$');
- Id = SplitStorageString[1];
- if (SplitStorageString[2].Contains("="))
+ string[] splitted = storageString.Split('$');
+ Id = splitted[1];
+ if (splitted[2].Contains("="))
{
- foreach (string paramset in (SplitStorageString[2].Split(',')))
+ foreach (string paramset in (splitted[2].Split(',')))
{
if (!String.IsNullOrEmpty(paramset))
{
string[] fields = paramset.Split('=');
- if(fields.Length == 2)
+ if (fields.Length == 2)
{
Parameters.Add(fields[0], fields[1]);
+ }
+ else
+ {
+ throw new Exception($"Malformed parameter in password hash string {paramset}");
}
}
}
- if (SplitStorageString.Length == 5)
+ if (splitted.Length == 5)
{
- Salt = SplitStorageString[3];
+ Salt = splitted[3];
SaltBytes = ConvertFromByteString(Salt);
- Hash = SplitStorageString[4];
+ Hash = splitted[4];
HashBytes = ConvertFromByteString(Hash);
}
else
{
Salt = string.Empty;
- Hash = SplitStorageString[3];
+ Hash = splitted[3];
HashBytes = ConvertFromByteString(Hash);
}
}
else
{
- if (SplitStorageString.Length == 4)
+ if (splitted.Length == 4)
{
- Salt = SplitStorageString[2];
+ Salt = splitted[2];
SaltBytes = ConvertFromByteString(Salt);
- Hash = SplitStorageString[3];
+ Hash = splitted[3];
HashBytes = ConvertFromByteString(Hash);
}
else
{
Salt = string.Empty;
- Hash = SplitStorageString[2];
+ Hash = splitted[2];
HashBytes = ConvertFromByteString(Hash);
}
@@ -83,6 +87,7 @@ namespace MediaBrowser.Model.Cryptography
}
return Bytes.ToArray();
}
+
public static string ConvertToByteString(byte[] bytes)
{
return BitConverter.ToString(bytes).Replace("-", "");
@@ -104,19 +109,18 @@ namespace MediaBrowser.Model.Cryptography
public override string ToString()
{
- string OutString = "$";
- OutString += Id;
+ string outString = "$" +Id;
string paramstring = SerializeParameters();
if (!string.IsNullOrEmpty(paramstring))
{
- OutString += $"${paramstring}";
+ outString += $"${paramstring}";
}
if (!string.IsNullOrEmpty(Salt))
{
- OutString += $"${Salt}";
+ outString += $"${Salt}";
}
- OutString += $"${Hash}";
- return OutString;
+ outString += $"${Hash}";
+ return outString;
}
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-06 15:38:17 +0000