From 3c0484cc9730c06892b996d0b884a05ecada07af Mon Sep 17 00:00:00 2001 From: crobibero Date: Sun, 30 Aug 2020 09:32:14 -0600 Subject: Allow for dynamic cors response --- Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs') diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 0fd599cfc..b2f861542 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -135,13 +135,17 @@ namespace Jellyfin.Server.Extensions /// /// The service collection. /// The base url for the API. + /// The configured cors hosts. /// The MVC builder. - public static IMvcBuilder AddJellyfinApi(this IServiceCollection serviceCollection, string baseUrl) + public static IMvcBuilder AddJellyfinApi( + this IServiceCollection serviceCollection, + string baseUrl, + string[] corsHosts) { return serviceCollection .AddCors(options => { - options.AddPolicy(ServerCorsPolicy.DefaultPolicyName, ServerCorsPolicy.DefaultPolicy); + options.AddPolicy(ServerCorsPolicy.DefaultPolicyName, new ServerCorsPolicy(corsHosts).Policy); }) .Configure(options => { -- cgit v1.2.3 From 2c05d53b06855eab76012ba70da00ec62af787c3 Mon Sep 17 00:00:00 2001 From: crobibero Date: Sat, 5 Sep 2020 09:10:05 -0600 Subject: Convert to ICorsPolicyProvider --- .../Extensions/ApiServiceCollectionExtensions.cs | 14 +++---- Jellyfin.Server/Middleware/CorsPolicyProvider.cs | 48 ++++++++++++++++++++-- Jellyfin.Server/Models/ServerCorsPolicy.cs | 47 --------------------- Jellyfin.Server/Startup.cs | 7 +--- 4 files changed, 53 insertions(+), 63 deletions(-) delete mode 100644 Jellyfin.Server/Models/ServerCorsPolicy.cs (limited to 'Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs') diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 8dcce93a4..65db33155 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -16,12 +16,13 @@ using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Constants; using Jellyfin.Api.Controllers; using Jellyfin.Server.Formatters; -using Jellyfin.Server.Models; +using Jellyfin.Server.Middleware; using MediaBrowser.Common.Json; using MediaBrowser.Model.Entities; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.Cors.Infrastructure; using Microsoft.AspNetCore.HttpOverrides; using Microsoft.Extensions.DependencyInjection; using Microsoft.OpenApi.Models; @@ -134,18 +135,15 @@ namespace Jellyfin.Server.Extensions /// /// The service collection. /// An IEnumerable containing all plugin assemblies with API controllers. - /// /// The configured cors hosts. + /// /// /// The MVC builder. public static IMvcBuilder AddJellyfinApi( this IServiceCollection serviceCollection, - IEnumerable pluginAssemblies, - string[] corsHosts) + IEnumerable pluginAssemblies) { IMvcBuilder mvcBuilder = serviceCollection - .AddCors(options => - { - options.AddPolicy(ServerCorsPolicy.DefaultPolicyName, new ServerCorsPolicy(corsHosts).Policy); - }) + .AddCors() + .AddTransient() .Configure(options => { options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto; diff --git a/Jellyfin.Server/Middleware/CorsPolicyProvider.cs b/Jellyfin.Server/Middleware/CorsPolicyProvider.cs index 7c2b28ed8..02178e29c 100644 --- a/Jellyfin.Server/Middleware/CorsPolicyProvider.cs +++ b/Jellyfin.Server/Middleware/CorsPolicyProvider.cs @@ -1,7 +1,49 @@ -namespace Jellyfin.Server.Middleware +using System; +using System.Threading.Tasks; +using MediaBrowser.Controller.Configuration; +using Microsoft.AspNetCore.Cors.Infrastructure; +using Microsoft.AspNetCore.Http; + +namespace Jellyfin.Server.Middleware { - public class CorsPolicyProvider + /// + /// Cors policy provider. + /// + public class CorsPolicyProvider : ICorsPolicyProvider { - + private readonly IServerConfigurationManager _serverConfigurationManager; + + /// + /// Initializes a new instance of the class. + /// + /// Instance of the interface. + public CorsPolicyProvider(IServerConfigurationManager serverConfigurationManager) + { + _serverConfigurationManager = serverConfigurationManager; + } + + /// + public Task GetPolicyAsync(HttpContext context, string policyName) + { + var corsHosts = _serverConfigurationManager.Configuration.CorsHosts; + var builder = new CorsPolicyBuilder() + .AllowAnyMethod() + .AllowAnyHeader(); + + // No hosts configured or only default configured. + if (corsHosts.Length == 0 + || (corsHosts.Length == 1 + && string.Equals(corsHosts[0], CorsConstants.AnyOrigin, StringComparison.Ordinal))) + { + builder.AllowAnyOrigin(); + } + else + { + builder.WithOrigins(corsHosts) + .AllowCredentials(); + } + + return Task.FromResult(builder.Build()); + } } } diff --git a/Jellyfin.Server/Models/ServerCorsPolicy.cs b/Jellyfin.Server/Models/ServerCorsPolicy.cs deleted file mode 100644 index 3a45db3b4..000000000 --- a/Jellyfin.Server/Models/ServerCorsPolicy.cs +++ /dev/null @@ -1,47 +0,0 @@ -using System; -using Microsoft.AspNetCore.Cors.Infrastructure; - -namespace Jellyfin.Server.Models -{ - /// - /// Server Cors Policy. - /// - public class ServerCorsPolicy - { - /// - /// Default policy name. - /// - public const string DefaultPolicyName = nameof(ServerCorsPolicy); - - /// - /// Initializes a new instance of the class. - /// - /// The configured cors hosts. - public ServerCorsPolicy(string[] corsHosts) - { - var builder = new CorsPolicyBuilder() - .AllowAnyMethod() - .AllowAnyHeader(); - - // No hosts configured or only default configured. - if (corsHosts.Length == 0 - || (corsHosts.Length == 1 - && string.Equals(corsHosts[0], "*", StringComparison.Ordinal))) - { - builder.AllowAnyOrigin(); - } - else - { - builder.WithOrigins(corsHosts) - .AllowCredentials(); - } - - Policy = builder.Build(); - } - - /// - /// Gets the cors policy. - /// - public CorsPolicy Policy { get; } - } -} diff --git a/Jellyfin.Server/Startup.cs b/Jellyfin.Server/Startup.cs index 5601915a3..16629b5d9 100644 --- a/Jellyfin.Server/Startup.cs +++ b/Jellyfin.Server/Startup.cs @@ -5,7 +5,6 @@ using Jellyfin.Api.TypeConverters; using Jellyfin.Server.Extensions; using Jellyfin.Server.Implementations; using Jellyfin.Server.Middleware; -using Jellyfin.Server.Models; using MediaBrowser.Common.Net; using MediaBrowser.Controller; using MediaBrowser.Controller.Configuration; @@ -53,9 +52,7 @@ namespace Jellyfin.Server { options.HttpsPort = _serverApplicationHost.HttpsPort; }); - services.AddJellyfinApi( - _serverApplicationHost.GetApiPluginAssemblies(), - _serverConfigurationManager.Configuration.CorsHosts); + services.AddJellyfinApi(_serverApplicationHost.GetApiPluginAssemblies()); services.AddJellyfinApiSwagger(); @@ -118,7 +115,7 @@ namespace Jellyfin.Server mainApp.UseResponseCompression(); - mainApp.UseCors(ServerCorsPolicy.DefaultPolicyName); + mainApp.UseCors(); if (_serverConfigurationManager.Configuration.RequireHttps && _serverApplicationHost.ListenWithHttps) -- cgit v1.2.3 From 527ffaa90c5f041474b24f68735ba7e24e1b8358 Mon Sep 17 00:00:00 2001 From: crobibero Date: Sat, 5 Sep 2020 09:12:50 -0600 Subject: clean docs --- Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs') diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 65db33155..ce9e24558 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -135,11 +135,8 @@ namespace Jellyfin.Server.Extensions /// /// The service collection. /// An IEnumerable containing all plugin assemblies with API controllers. - /// /// /// The MVC builder. - public static IMvcBuilder AddJellyfinApi( - this IServiceCollection serviceCollection, - IEnumerable pluginAssemblies) + public static IMvcBuilder AddJellyfinApi(this IServiceCollection serviceCollection, IEnumerable pluginAssemblies) { IMvcBuilder mvcBuilder = serviceCollection .AddCors() -- cgit v1.2.3 From 342de39d78431503a0429b76e0ba9d3501b746db Mon Sep 17 00:00:00 2001 From: crobibero Date: Sat, 5 Sep 2020 13:02:53 -0600 Subject: Move CorsPolicyProvider to Jellyfin.Server.Configuration --- .../Configuration/CorsPolicyProvider.cs | 49 ++++++++++++++++++++++ .../Extensions/ApiServiceCollectionExtensions.cs | 1 + Jellyfin.Server/Middleware/CorsPolicyProvider.cs | 49 ---------------------- 3 files changed, 50 insertions(+), 49 deletions(-) create mode 100644 Jellyfin.Server/Configuration/CorsPolicyProvider.cs delete mode 100644 Jellyfin.Server/Middleware/CorsPolicyProvider.cs (limited to 'Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs') diff --git a/Jellyfin.Server/Configuration/CorsPolicyProvider.cs b/Jellyfin.Server/Configuration/CorsPolicyProvider.cs new file mode 100644 index 000000000..0d04b6bb1 --- /dev/null +++ b/Jellyfin.Server/Configuration/CorsPolicyProvider.cs @@ -0,0 +1,49 @@ +using System; +using System.Threading.Tasks; +using MediaBrowser.Controller.Configuration; +using Microsoft.AspNetCore.Cors.Infrastructure; +using Microsoft.AspNetCore.Http; + +namespace Jellyfin.Server.Configuration +{ + /// + /// Cors policy provider. + /// + public class CorsPolicyProvider : ICorsPolicyProvider + { + private readonly IServerConfigurationManager _serverConfigurationManager; + + /// + /// Initializes a new instance of the class. + /// + /// Instance of the interface. + public CorsPolicyProvider(IServerConfigurationManager serverConfigurationManager) + { + _serverConfigurationManager = serverConfigurationManager; + } + + /// + public Task GetPolicyAsync(HttpContext context, string policyName) + { + var corsHosts = _serverConfigurationManager.Configuration.CorsHosts; + var builder = new CorsPolicyBuilder() + .AllowAnyMethod() + .AllowAnyHeader(); + + // No hosts configured or only default configured. + if (corsHosts.Length == 0 + || (corsHosts.Length == 1 + && string.Equals(corsHosts[0], CorsConstants.AnyOrigin, StringComparison.Ordinal))) + { + builder.AllowAnyOrigin(); + } + else + { + builder.WithOrigins(corsHosts) + .AllowCredentials(); + } + + return Task.FromResult(builder.Build()); + } + } +} diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index ce9e24558..9319b573a 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -15,6 +15,7 @@ using Jellyfin.Api.Auth.LocalAccessPolicy; using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Constants; using Jellyfin.Api.Controllers; +using Jellyfin.Server.Configuration; using Jellyfin.Server.Formatters; using Jellyfin.Server.Middleware; using MediaBrowser.Common.Json; diff --git a/Jellyfin.Server/Middleware/CorsPolicyProvider.cs b/Jellyfin.Server/Middleware/CorsPolicyProvider.cs deleted file mode 100644 index 02178e29c..000000000 --- a/Jellyfin.Server/Middleware/CorsPolicyProvider.cs +++ /dev/null @@ -1,49 +0,0 @@ -using System; -using System.Threading.Tasks; -using MediaBrowser.Controller.Configuration; -using Microsoft.AspNetCore.Cors.Infrastructure; -using Microsoft.AspNetCore.Http; - -namespace Jellyfin.Server.Middleware -{ - /// - /// Cors policy provider. - /// - public class CorsPolicyProvider : ICorsPolicyProvider - { - private readonly IServerConfigurationManager _serverConfigurationManager; - - /// - /// Initializes a new instance of the class. - /// - /// Instance of the interface. - public CorsPolicyProvider(IServerConfigurationManager serverConfigurationManager) - { - _serverConfigurationManager = serverConfigurationManager; - } - - /// - public Task GetPolicyAsync(HttpContext context, string policyName) - { - var corsHosts = _serverConfigurationManager.Configuration.CorsHosts; - var builder = new CorsPolicyBuilder() - .AllowAnyMethod() - .AllowAnyHeader(); - - // No hosts configured or only default configured. - if (corsHosts.Length == 0 - || (corsHosts.Length == 1 - && string.Equals(corsHosts[0], CorsConstants.AnyOrigin, StringComparison.Ordinal))) - { - builder.AllowAnyOrigin(); - } - else - { - builder.WithOrigins(corsHosts) - .AllowCredentials(); - } - - return Task.FromResult(builder.Build()); - } - } -} -- cgit v1.2.3