From 36f3e933a23d802d154c16fd304a82c3fe3f453d Mon Sep 17 00:00:00 2001
From: ConfusedPolarBear <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Wed, 15 Apr 2020 14:28:42 -0500
Subject: Add quick connect

---
 .../QuickConnect/IQuickConnect.cs                  | 91 ++++++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 MediaBrowser.Controller/QuickConnect/IQuickConnect.cs

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
new file mode 100644
index 000000000..e4a790ffe
--- /dev/null
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -0,0 +1,91 @@
+using System;
+using System.Collections.Generic;
+using MediaBrowser.Model.QuickConnect;
+using MediaBrowser.Model.Services;
+
+namespace MediaBrowser.Controller.QuickConnect
+{
+    /// <summary>
+    /// Quick connect standard interface.
+    /// </summary>
+    public interface IQuickConnect
+    {
+        /// <summary>
+        /// Gets or sets the length of user facing codes.
+        /// </summary>
+        public int CodeLength { get; set; }
+
+        /// <summary>
+        /// Gets or sets the string to prefix internal access tokens with.
+        /// </summary>
+        public string TokenNamePrefix { get; set; }
+
+        /// <summary>
+        /// Gets the current state of quick connect.
+        /// </summary>
+        public QuickConnectState State { get; }
+
+        /// <summary>
+        /// Gets or sets the time (in minutes) before a pending request will expire.
+        /// </summary>
+        public int RequestExpiry { get; set; }
+
+        /// <summary>
+        /// Assert that quick connect is currently active and throws an exception if it is not.
+        /// </summary>
+        void AssertActive();
+
+        /// <summary>
+        /// Changes the status of quick connect.
+        /// </summary>
+        /// <param name="newState">New state to change to</param>
+        void SetEnabled(QuickConnectState newState);
+
+        /// <summary>
+        /// Initiates a new quick connect request.
+        /// </summary>
+        /// <param name="friendlyName">Friendly device name to display in the request UI.</param>
+        /// <returns>A quick connect result with tokens to proceed or a descriptive error message otherwise.</returns>
+        QuickConnectResult TryConnect(string friendlyName);
+
+        /// <summary>
+        /// Checks the status of an individual request.
+        /// </summary>
+        /// <param name="secret">Unique secret identifier of the request.</param>
+        /// <returns>Quick connect result.</returns>
+        QuickConnectResult CheckRequestStatus(string secret);
+
+        /// <summary>
+        /// Returns all current quick connect requests as DTOs. Does not include sensitive information.
+        /// </summary>
+        /// <returns>List of all quick connect results.</returns>
+        List<QuickConnectResultDto> GetCurrentRequests();
+
+        /// <summary>
+        /// Returns all current quick connect requests (including sensitive information).
+        /// </summary>
+        /// <returns>List of all quick connect results.</returns>
+        List<QuickConnectResult> GetCurrentRequestsInternal();
+
+        /// <summary>
+        /// Authorizes a quick connect request to connect as the calling user.
+        /// </summary>
+        /// <param name="request">HTTP request object.</param>
+        /// <param name="lookup">Public request lookup value.</param>
+        /// <returns>A boolean indicating if the authorization completed successfully.</returns>
+        bool AuthorizeRequest(IRequest request, string lookup);
+
+        /// <summary>
+        /// Deletes all quick connect access tokens for the provided user.
+        /// </summary>
+        /// <param name="user">Guid of the user to delete tokens for.</param>
+        /// <returns>A count of the deleted tokens.</returns>
+        int DeleteAllDevices(Guid user);
+
+        /// <summary>
+        /// Generates a short code to display to the user to uniquely identify this request.
+        /// </summary>
+        /// <returns>A short, unique alphanumeric string.</returns>
+        string GenerateCode();
+    }
+}
-- 
cgit v1.2.3


From 387a07c6dd4792ea1e77d333e178f9b4e9c56678 Mon Sep 17 00:00:00 2001
From: ConfusedPolarBear <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Sun, 19 Apr 2020 01:33:09 -0500
Subject: Add persistent setting configuration and temporary activation

---
 .../QuickConnect/ConfigurationExtension.cs         | 30 +++++++++
 .../QuickConnect/QuickConnectConfiguration.cs      | 13 ++++
 .../QuickConnect/QuickConnectManager.cs            | 72 +++++++++++++++++++---
 .../QuickConnect/QuickConnectService.cs            | 40 ++++++++++--
 .../QuickConnect/IQuickConnect.cs                  |  8 ++-
 5 files changed, 149 insertions(+), 14 deletions(-)
 create mode 100644 Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs
 create mode 100644 Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs b/Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs
new file mode 100644
index 000000000..0e35ba80a
--- /dev/null
+++ b/Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs
@@ -0,0 +1,30 @@
+#pragma warning disable CS1591
+
+using System.Collections.Generic;
+using MediaBrowser.Common.Configuration;
+
+namespace Emby.Server.Implementations.QuickConnect
+{
+    public static class ConfigurationExtension
+    {
+        public static QuickConnectConfiguration GetQuickConnectConfiguration(this IConfigurationManager manager)
+        {
+            return manager.GetConfiguration<QuickConnectConfiguration>("quickconnect");
+        }
+    }
+
+    public class QuickConnectConfigurationFactory : IConfigurationFactory
+    {
+        public IEnumerable<ConfigurationStore> GetConfigurations()
+        {
+            return new ConfigurationStore[]
+            {
+                new ConfigurationStore
+                {
+                    Key = "quickconnect",
+                    ConfigurationType = typeof(QuickConnectConfiguration)
+                }
+            };
+        }
+    }
+}
diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs
new file mode 100644
index 000000000..befc46379
--- /dev/null
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs
@@ -0,0 +1,13 @@
+using MediaBrowser.Model.QuickConnect;
+
+namespace Emby.Server.Implementations.QuickConnect
+{
+    public class QuickConnectConfiguration
+    {
+        public QuickConnectConfiguration()
+        {
+        }
+
+        public QuickConnectState State { get; set; }
+    }
+}
diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
index 30418097c..671ddc2b9 100644
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
@@ -3,7 +3,9 @@ using System.Collections.Generic;
 using System.Globalization;
 using System.Linq;
 using System.Security.Cryptography;
+using MediaBrowser.Common.Configuration;
 using MediaBrowser.Controller;
+using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
 using MediaBrowser.Controller.Net;
 using MediaBrowser.Controller.QuickConnect;
@@ -12,6 +14,7 @@ using MediaBrowser.Model.Globalization;
 using MediaBrowser.Model.QuickConnect;
 using MediaBrowser.Model.Serialization;
 using MediaBrowser.Model.Services;
+using MediaBrowser.Model.Tasks;
 using Microsoft.Extensions.Logging;
 
 namespace Emby.Server.Implementations.QuickConnect
@@ -24,6 +27,7 @@ namespace Emby.Server.Implementations.QuickConnect
         private readonly RNGCryptoServiceProvider _rng = new RNGCryptoServiceProvider();
         private Dictionary<string, QuickConnectResult> _currentRequests = new Dictionary<string, QuickConnectResult>();
 
+        private IServerConfigurationManager _config;
         private ILogger _logger;
         private IUserManager _userManager;
         private ILocalizationManager _localizationManager;
@@ -31,11 +35,13 @@ namespace Emby.Server.Implementations.QuickConnect
         private IAuthenticationRepository _authenticationRepository;
         private IAuthorizationContext _authContext;
         private IServerApplicationHost _appHost;
+        private ITaskManager _taskManager;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="QuickConnectManager"/> class.
         /// Should only be called at server startup when a singleton is created.
         /// </summary>
+        /// <param name="config">Configuration.</param>
         /// <param name="loggerFactory">Logger.</param>
         /// <param name="userManager">User manager.</param>
         /// <param name="localization">Localization.</param>
@@ -43,15 +49,19 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <param name="appHost">Application host.</param>
         /// <param name="authContext">Authentication context.</param>
         /// <param name="authenticationRepository">Authentication repository.</param>
+        /// <param name="taskManager">Task scheduler.</param>
         public QuickConnectManager(
+            IServerConfigurationManager config,
             ILoggerFactory loggerFactory,
             IUserManager userManager,
             ILocalizationManager localization,
             IJsonSerializer jsonSerializer,
             IServerApplicationHost appHost,
             IAuthorizationContext authContext,
-            IAuthenticationRepository authenticationRepository)
+            IAuthenticationRepository authenticationRepository,
+            ITaskManager taskManager)
         {
+            _config = config;
             _logger = loggerFactory.CreateLogger(nameof(QuickConnectManager));
             _userManager = userManager;
             _localizationManager = localization;
@@ -59,6 +69,16 @@ namespace Emby.Server.Implementations.QuickConnect
             _appHost = appHost;
             _authContext = authContext;
             _authenticationRepository = authenticationRepository;
+            _taskManager = taskManager;
+
+            ReloadConfiguration();
+        }
+
+        private void ReloadConfiguration()
+        {
+            var config = _config.GetQuickConnectConfiguration();
+
+            State = config.State;
         }
 
         /// <inheritdoc/>
@@ -73,6 +93,10 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <inheritdoc/>
         public int RequestExpiry { get; set; } = 30;
 
+        private bool TemporaryActivation { get; set; } = false;
+
+        private DateTime DateActivated { get; set; }
+
         /// <inheritdoc/>
         public void AssertActive()
         {
@@ -82,17 +106,37 @@ namespace Emby.Server.Implementations.QuickConnect
             }
         }
 
+        /// <inheritdoc/>
+        public QuickConnectResult Activate()
+        {
+            // This should not call SetEnabled since that would persist the "temporary" activation to the configuration file
+            State = QuickConnectState.Active;
+            DateActivated = DateTime.Now;
+            TemporaryActivation = true;
+
+            return new QuickConnectResult();
+        }
+
         /// <inheritdoc/>
         public void SetEnabled(QuickConnectState newState)
         {
             _logger.LogDebug("Changed quick connect state from {0} to {1}", State, newState);
 
             State = newState;
+
+            _config.SaveConfiguration("quickconnect", new QuickConnectConfiguration()
+            {
+                State = State
+            });
+
+            _logger.LogDebug("Configuration saved");
         }
 
         /// <inheritdoc/>
         public QuickConnectResult TryConnect(string friendlyName)
         {
+            ExpireRequests(true);
+
             if (State != QuickConnectState.Active)
             {
                 _logger.LogDebug("Refusing quick connect initiation request, current state is {0}", State);
@@ -122,13 +166,11 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <inheritdoc/>
         public QuickConnectResult CheckRequestStatus(string secret)
         {
-            AssertActive();
             ExpireRequests();
+            AssertActive();
 
             string lookup = _currentRequests.Where(x => x.Value.Secret == secret).Select(x => x.Value.Lookup).DefaultIfEmpty(string.Empty).First();
 
-            _logger.LogDebug("Transformed private identifier {0} into public lookup {1}", secret, lookup);
-
             if (!_currentRequests.ContainsKey(lookup))
             {
                 throw new KeyNotFoundException("Unable to find request with provided identifier");
@@ -146,8 +188,8 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <inheritdoc/>
         public List<QuickConnectResult> GetCurrentRequestsInternal()
         {
-            AssertActive();
             ExpireRequests();
+            AssertActive();
             return _currentRequests.Values.ToList();
         }
 
@@ -174,12 +216,11 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <inheritdoc/>
         public bool AuthorizeRequest(IRequest request, string lookup)
         {
+            ExpireRequests();
             AssertActive();
 
             var auth = _authContext.GetAuthorizationInfo(request);
 
-            ExpireRequests();
-
             if (!_currentRequests.ContainsKey(lookup))
             {
                 throw new KeyNotFoundException("Unable to find request");
@@ -208,6 +249,8 @@ namespace Emby.Server.Implementations.QuickConnect
                 UserId = auth.UserId
             });
 
+            _logger.LogInformation("Allowing device {0} to login as user {1} with quick connect code {2}", result.FriendlyName, auth.User.Name, result.Code);
+
             return true;
         }
 
@@ -239,8 +282,21 @@ namespace Emby.Server.Implementations.QuickConnect
             return string.Join(string.Empty, bytes.Select(x => x.ToString("x2", CultureInfo.InvariantCulture)));
         }
 
-        private void ExpireRequests()
+        private void ExpireRequests(bool onlyCheckTime = false)
         {
+            // check if quick connect should be deactivated
+            if (TemporaryActivation && DateTime.Now > DateActivated.AddMinutes(10) && State == QuickConnectState.Active)
+            {
+                _logger.LogDebug("Quick connect time expired, deactivating");
+                SetEnabled(QuickConnectState.Available);
+            }
+
+            if (onlyCheckTime)
+            {
+                return;
+            }
+
+            // expire stale connection requests
             var delete = new List<string>();
             var values = _currentRequests.Values.ToList();
 
diff --git a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
index 889a78839..60d6ac414 100644
--- a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
+++ b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
@@ -98,6 +98,11 @@ namespace MediaBrowser.Api.QuickConnect
 
         public object Get(QuickConnectList request)
         {
+            if(_quickConnect.State != QuickConnectState.Active)
+            {
+                return Array.Empty<QuickConnectResultDto>();
+            }
+
             return _quickConnect.GetCurrentRequests();
         }
 
@@ -124,15 +129,40 @@ namespace MediaBrowser.Api.QuickConnect
 
         public object Post(Activate request)
         {
-            if (_quickConnect.State == QuickConnectState.Available)
+            string name = _authContext.GetAuthorizationInfo(Request).User.Name;
+
+            if(_quickConnect.State == QuickConnectState.Unavailable)
+            {
+                return new QuickConnectResult()
+                {
+                    Error = "Quick connect is not enabled on this server"
+                };
+            }
+
+            else if(_quickConnect.State == QuickConnectState.Available)
             {
-                _quickConnect.SetEnabled(QuickConnectState.Active);
+                var result = _quickConnect.Activate();
 
-                string name = _authContext.GetAuthorizationInfo(Request).User.Name;
-                Logger.LogInformation("{name} enabled quick connect", name);
+                if (string.IsNullOrEmpty(result.Error))
+                {
+                    Logger.LogInformation("{name} temporarily activated quick connect", name);
+                }
+
+                return result;
             }
 
-            return _quickConnect.State;
+            else if(_quickConnect.State == QuickConnectState.Active)
+            {
+                return new QuickConnectResult()
+                {
+                    Error = ""
+                };
+            }
+
+            return new QuickConnectResult()
+            {
+                Error = "Unknown current state"
+            };
         }
 
         public object Post(Available request)
diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index e4a790ffe..d44765e11 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -35,10 +35,16 @@ namespace MediaBrowser.Controller.QuickConnect
         /// </summary>
         void AssertActive();
 
+        /// <summary>
+        /// Temporarily activates quick connect for a short amount of time.
+        /// </summary>
+        /// <returns>A quick connect result object indicating success.</returns>
+        QuickConnectResult Activate();
+
         /// <summary>
         /// Changes the status of quick connect.
         /// </summary>
-        /// <param name="newState">New state to change to</param>
+        /// <param name="newState">New state to change to.</param>
         void SetEnabled(QuickConnectState newState);
 
         /// <summary>
-- 
cgit v1.2.3


From 4be476ec5312387f87134915d0fd132b2ad5fa3f Mon Sep 17 00:00:00 2001
From: ConfusedPolarBear <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Thu, 18 Jun 2020 01:29:47 -0500
Subject: Move all settings into the main server configuration

Decreased the timeout from 30 minutes to 5.
Public lookup values have been replaced with the short code.
---
 .../QuickConnect/ConfigurationExtension.cs         | 20 -------
 .../QuickConnect/QuickConnectConfiguration.cs      | 15 -----
 .../QuickConnectConfigurationFactory.cs            | 27 ---------
 .../QuickConnect/QuickConnectManager.cs            | 66 ++++++++++------------
 .../QuickConnect/IQuickConnect.cs                  |  8 +--
 .../Configuration/ServerConfiguration.cs           |  6 ++
 .../QuickConnect/QuickConnectResult.cs             |  5 --
 .../QuickConnect/QuickConnectResultDto.cs          | 14 +----
 8 files changed, 41 insertions(+), 120 deletions(-)
 delete mode 100644 Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs
 delete mode 100644 Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs
 delete mode 100644 Emby.Server.Implementations/QuickConnect/QuickConnectConfigurationFactory.cs

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs b/Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs
deleted file mode 100644
index 2a19fc36c..000000000
--- a/Emby.Server.Implementations/QuickConnect/ConfigurationExtension.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-using MediaBrowser.Common.Configuration;
-
-namespace Emby.Server.Implementations.QuickConnect
-{
-    /// <summary>
-    /// Configuration extension to support persistent quick connect configuration.
-    /// </summary>
-    public static class ConfigurationExtension
-    {
-        /// <summary>
-        /// Return the current quick connect configuration.
-        /// </summary>
-        /// <param name="manager">Configuration manager.</param>
-        /// <returns>Current quick connect configuration.</returns>
-        public static QuickConnectConfiguration GetQuickConnectConfiguration(this IConfigurationManager manager)
-        {
-            return manager.GetConfiguration<QuickConnectConfiguration>("quickconnect");
-        }
-    }
-}
diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs
deleted file mode 100644
index 2302ddbc3..000000000
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectConfiguration.cs
+++ /dev/null
@@ -1,15 +0,0 @@
-using MediaBrowser.Model.QuickConnect;
-
-namespace Emby.Server.Implementations.QuickConnect
-{
-    /// <summary>
-    /// Persistent quick connect configuration.
-    /// </summary>
-    public class QuickConnectConfiguration
-    {
-        /// <summary>
-        /// Gets or sets persistent quick connect availability state.
-        /// </summary>
-        public QuickConnectState State { get; set; }
-    }
-}
diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectConfigurationFactory.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectConfigurationFactory.cs
deleted file mode 100644
index d7bc84c5e..000000000
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectConfigurationFactory.cs
+++ /dev/null
@@ -1,27 +0,0 @@
-using System.Collections.Generic;
-using MediaBrowser.Common.Configuration;
-
-namespace Emby.Server.Implementations.QuickConnect
-{
-    /// <summary>
-    /// Configuration factory for quick connect.
-    /// </summary>
-    public class QuickConnectConfigurationFactory : IConfigurationFactory
-    {
-        /// <summary>
-        /// Returns the current quick connect configuration.
-        /// </summary>
-        /// <returns>Current quick connect configuration.</returns>
-        public IEnumerable<ConfigurationStore> GetConfigurations()
-        {
-            return new[]
-            {
-                new ConfigurationStore
-                {
-                    Key = "quickconnect",
-                    ConfigurationType = typeof(QuickConnectConfiguration)
-                }
-            };
-        }
-    }
-}
diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
index 7a584c7cd..8d704f32b 100644
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
@@ -11,7 +11,9 @@ using MediaBrowser.Controller.QuickConnect;
 using MediaBrowser.Controller.Security;
 using MediaBrowser.Model.QuickConnect;
 using MediaBrowser.Model.Services;
+using MediaBrowser.Common;
 using Microsoft.Extensions.Logging;
+using MediaBrowser.Common.Extensions;
 
 namespace Emby.Server.Implementations.QuickConnect
 {
@@ -64,9 +66,7 @@ namespace Emby.Server.Implementations.QuickConnect
         public QuickConnectState State { get; private set; } = QuickConnectState.Unavailable;
 
         /// <inheritdoc/>
-        public int RequestExpiry { get; set; } = 30;
-
-        private bool TemporaryActivation { get; set; } = false;
+        public int Timeout { get; set; } = 5;
 
         private DateTime DateActivated { get; set; }
 
@@ -82,10 +82,9 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <inheritdoc/>
         public QuickConnectResult Activate()
         {
-            // This should not call SetEnabled since that would persist the "temporary" activation to the configuration file
-            State = QuickConnectState.Active;
+            SetEnabled(QuickConnectState.Active);
+
             DateActivated = DateTime.Now;
-            TemporaryActivation = true;
 
             return new QuickConnectResult();
         }
@@ -96,12 +95,10 @@ namespace Emby.Server.Implementations.QuickConnect
             _logger.LogDebug("Changed quick connect state from {0} to {1}", State, newState);
 
             ExpireRequests(true);
-            State = newState;
 
-            _config.SaveConfiguration("quickconnect", new QuickConnectConfiguration()
-            {
-                State = State
-            });
+            State = newState;
+            _config.Configuration.QuickConnectAvailable = newState == QuickConnectState.Available || newState == QuickConnectState.Active;
+            _config.SaveConfiguration();
 
             _logger.LogDebug("Configuration saved");
         }
@@ -123,17 +120,16 @@ namespace Emby.Server.Implementations.QuickConnect
 
             _logger.LogDebug("Got new quick connect request from {friendlyName}", friendlyName);
 
-            var lookup = GenerateSecureRandom();
+            var code = GenerateCode();
             var result = new QuickConnectResult()
             {
-                Lookup = lookup,
                 Secret = GenerateSecureRandom(),
                 FriendlyName = friendlyName,
                 DateAdded = DateTime.Now,
-                Code = GenerateCode()
+                Code = code
             };
 
-            _currentRequests[lookup] = result;
+            _currentRequests[code] = result;
             return result;
         }
 
@@ -143,17 +139,16 @@ namespace Emby.Server.Implementations.QuickConnect
             ExpireRequests();
             AssertActive();
 
-            string lookup = _currentRequests.Where(x => x.Value.Secret == secret).Select(x => x.Value.Lookup).DefaultIfEmpty(string.Empty).First();
+            string code = _currentRequests.Where(x => x.Value.Secret == secret).Select(x => x.Value.Code).DefaultIfEmpty(string.Empty).First();
 
-            if (!_currentRequests.TryGetValue(lookup, out QuickConnectResult result))
+            if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
             {
-                throw new KeyNotFoundException("Unable to find request with provided identifier");
+                throw new ResourceNotFoundException("Unable to find request with provided secret");
             }
 
             return result;
         }
 
-        /// <inheritdoc/>
         public List<QuickConnectResultDto> GetCurrentRequests()
         {
             return GetCurrentRequestsInternal().Select(x => (QuickConnectResultDto)x).ToList();
@@ -186,16 +181,16 @@ namespace Emby.Server.Implementations.QuickConnect
         }
 
         /// <inheritdoc/>
-        public bool AuthorizeRequest(IRequest request, string lookup)
+        public bool AuthorizeRequest(IRequest request, string code)
         {
             ExpireRequests();
             AssertActive();
 
             var auth = _authContext.GetAuthorizationInfo(request);
 
-            if (!_currentRequests.TryGetValue(lookup, out QuickConnectResult result))
+            if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
             {
-                throw new KeyNotFoundException("Unable to find request");
+                throw new ResourceNotFoundException("Unable to find request");
             }
 
             if (result.Authenticated)
@@ -205,9 +200,9 @@ namespace Emby.Server.Implementations.QuickConnect
 
             result.Authentication = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture);
 
-            // Advance the time on the request so it expires sooner as the client will pick up the changes in a few seconds
-            var added = result.DateAdded ?? DateTime.Now.Subtract(new TimeSpan(0, RequestExpiry, 0));
-            result.DateAdded = added.Subtract(new TimeSpan(0, RequestExpiry - 1, 0));
+            // Change the time on the request so it expires one minute into the future. It can't expire immediately as otherwise some clients wouldn't ever see that they have been authenticated.
+            var added = result.DateAdded ?? DateTime.Now.Subtract(new TimeSpan(0, Timeout, 0));
+            result.DateAdded = added.Subtract(new TimeSpan(0, Timeout - 1, 0));
 
             _authenticationRepository.Create(new AuthenticationInfo
             {
@@ -271,7 +266,7 @@ namespace Emby.Server.Implementations.QuickConnect
             var bytes = new byte[length];
             _rng.GetBytes(bytes);
 
-            return string.Join(string.Empty, bytes.Select(x => x.ToString("x2", CultureInfo.InvariantCulture)));
+            return Hex.Encode(bytes);
         }
 
         /// <summary>
@@ -281,12 +276,11 @@ namespace Emby.Server.Implementations.QuickConnect
         private void ExpireRequests(bool expireAll = false)
         {
             // Check if quick connect should be deactivated
-            if (TemporaryActivation && DateTime.Now > DateActivated.AddMinutes(10) && State == QuickConnectState.Active && !expireAll)
+            if (State == QuickConnectState.Active && DateTime.Now > DateActivated.AddMinutes(Timeout) && !expireAll)
             {
                 _logger.LogDebug("Quick connect time expired, deactivating");
                 SetEnabled(QuickConnectState.Available);
                 expireAll = true;
-                TemporaryActivation = false;
             }
 
             // Expire stale connection requests
@@ -296,28 +290,28 @@ namespace Emby.Server.Implementations.QuickConnect
             for (int i = 0; i < values.Count; i++)
             {
                 var added = values[i].DateAdded ?? DateTime.UnixEpoch;
-                if (DateTime.Now > added.AddMinutes(RequestExpiry) || expireAll)
+                if (DateTime.Now > added.AddMinutes(Timeout) || expireAll)
                 {
-                    delete.Add(values[i].Lookup);
+                    delete.Add(values[i].Code);
                 }
             }
 
-            foreach (var lookup in delete)
+            foreach (var code in delete)
             {
-                _logger.LogDebug("Removing expired request {lookup}", lookup);
+                _logger.LogDebug("Removing expired request {code}", code);
 
-                if (!_currentRequests.TryRemove(lookup, out _))
+                if (!_currentRequests.TryRemove(code, out _))
                 {
-                    _logger.LogWarning("Request {lookup} already expired", lookup);
+                    _logger.LogWarning("Request {code} already expired", code);
                 }
             }
         }
 
         private void ReloadConfiguration()
         {
-            var config = _config.GetQuickConnectConfiguration();
+            var available = _config.Configuration.QuickConnectAvailable;
 
-            State = config.State;
+            State = available ? QuickConnectState.Available : QuickConnectState.Unavailable;
         }
     }
 }
diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index d44765e11..d31d0e509 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -26,9 +26,9 @@ namespace MediaBrowser.Controller.QuickConnect
         public QuickConnectState State { get; }
 
         /// <summary>
-        /// Gets or sets the time (in minutes) before a pending request will expire.
+        /// Gets or sets the time (in minutes) before quick connect will automatically deactivate.
         /// </summary>
-        public int RequestExpiry { get; set; }
+        public int Timeout { get; set; }
 
         /// <summary>
         /// Assert that quick connect is currently active and throws an exception if it is not.
@@ -77,9 +77,9 @@ namespace MediaBrowser.Controller.QuickConnect
         /// Authorizes a quick connect request to connect as the calling user.
         /// </summary>
         /// <param name="request">HTTP request object.</param>
-        /// <param name="lookup">Public request lookup value.</param>
+        /// <param name="lookup">Identifying code for the request..</param>
         /// <returns>A boolean indicating if the authorization completed successfully.</returns>
-        bool AuthorizeRequest(IRequest request, string lookup);
+        bool AuthorizeRequest(IRequest request, string code);
 
         /// <summary>
         /// Deletes all quick connect access tokens for the provided user.
diff --git a/MediaBrowser.Model/Configuration/ServerConfiguration.cs b/MediaBrowser.Model/Configuration/ServerConfiguration.cs
index afbe02dd3..76b290606 100644
--- a/MediaBrowser.Model/Configuration/ServerConfiguration.cs
+++ b/MediaBrowser.Model/Configuration/ServerConfiguration.cs
@@ -76,6 +76,11 @@ namespace MediaBrowser.Model.Configuration
         /// <value><c>true</c> if this instance is port authorized; otherwise, <c>false</c>.</value>
         public bool IsPortAuthorized { get; set; }
 
+        /// <summary>
+        /// Gets or sets if quick connect is available for use on this server.
+        /// </summary>
+        public bool QuickConnectAvailable { get; set; }
+
         public bool AutoRunWebApp { get; set; }
 
         public bool EnableRemoteAccess { get; set; }
@@ -281,6 +286,7 @@ namespace MediaBrowser.Model.Configuration
 
             AutoRunWebApp = true;
             EnableRemoteAccess = true;
+            QuickConnectAvailable = false;
 
             EnableUPnP = false;
             MinResumePct = 5;
diff --git a/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs b/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
index 32d7f6aba..a10d60d57 100644
--- a/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
+++ b/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
@@ -17,11 +17,6 @@ namespace MediaBrowser.Model.QuickConnect
         /// </summary>
         public string? Secret { get; set; }
 
-        /// <summary>
-        /// Gets or sets the public value used to uniquely identify this request. Can only be used to authorize the request.
-        /// </summary>
-        public string? Lookup { get; set; }
-
         /// <summary>
         /// Gets or sets the user facing code used so the user can quickly differentiate this request from others.
         /// </summary>
diff --git a/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs b/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs
index 19acc7cd8..26084caf1 100644
--- a/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs
+++ b/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs
@@ -17,25 +17,15 @@ namespace MediaBrowser.Model.QuickConnect
         /// </summary>
         public string? Code { get; private set; }
 
-        /// <summary>
-        /// Gets the public value used to uniquely identify this request. Can only be used to authorize the request.
-        /// </summary>
-        public string? Lookup { get; private set; }
-
         /// <summary>
         /// Gets the device friendly name.
         /// </summary>
         public string? FriendlyName { get; private set; }
 
-        /// <summary>
-        /// Gets the DateTime that this request was created.
-        /// </summary>
-        public DateTime? DateAdded { get; private set; }
-
         /// <summary>
         /// Cast an internal quick connect result to a DTO by removing all sensitive properties.
         /// </summary>
-        /// <param name="result">QuickConnectResult object to cast</param>
+        /// <param name="result">QuickConnectResult object to cast.</param>
         public static implicit operator QuickConnectResultDto(QuickConnectResult result)
         {
             QuickConnectResultDto resultDto = new QuickConnectResultDto
@@ -43,8 +33,6 @@ namespace MediaBrowser.Model.QuickConnect
                 Authenticated = result.Authenticated,
                 Code = result.Code,
                 FriendlyName = result.FriendlyName,
-                DateAdded = result.DateAdded,
-                Lookup = result.Lookup
             };
 
             return resultDto;
-- 
cgit v1.2.3


From 329980c727cf03587ff5f4011a3af3ef2fa5e4f1 Mon Sep 17 00:00:00 2001
From: ConfusedPolarBear <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Thu, 18 Jun 2020 01:58:58 -0500
Subject: API cleanup

---
 .../QuickConnect/QuickConnectManager.cs            | 35 +++--------
 .../QuickConnect/QuickConnectService.cs            | 67 ++++------------------
 .../QuickConnect/IQuickConnect.cs                  | 23 +++-----
 .../QuickConnect/QuickConnectResultDto.cs          | 41 -------------
 4 files changed, 27 insertions(+), 139 deletions(-)
 delete mode 100644 MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
index 8d704f32b..263556e9d 100644
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
@@ -75,18 +75,15 @@ namespace Emby.Server.Implementations.QuickConnect
         {
             if (State != QuickConnectState.Active)
             {
-                throw new InvalidOperationException("Quick connect is not active on this server");
+                throw new ArgumentException("Quick connect is not active on this server");
             }
         }
 
         /// <inheritdoc/>
-        public QuickConnectResult Activate()
+        public void Activate()
         {
-            SetEnabled(QuickConnectState.Active);
-
             DateActivated = DateTime.Now;
-
-            return new QuickConnectResult();
+            SetEnabled(QuickConnectState.Active);
         }
 
         /// <inheritdoc/>
@@ -149,19 +146,6 @@ namespace Emby.Server.Implementations.QuickConnect
             return result;
         }
 
-        public List<QuickConnectResultDto> GetCurrentRequests()
-        {
-            return GetCurrentRequestsInternal().Select(x => (QuickConnectResultDto)x).ToList();
-        }
-
-        /// <inheritdoc/>
-        public List<QuickConnectResult> GetCurrentRequestsInternal()
-        {
-            ExpireRequests();
-            AssertActive();
-            return _currentRequests.Values.ToList();
-        }
-
         /// <inheritdoc/>
         public string GenerateCode()
         {
@@ -215,7 +199,7 @@ namespace Emby.Server.Implementations.QuickConnect
                 UserId = auth.UserId
             });
 
-            _logger.LogInformation("Allowing device {0} to login as user {1} with quick connect code {2}", result.FriendlyName, auth.User.Name, result.Code);
+            _logger.LogInformation("Allowing device {0} to login as user {1} with quick connect code {2}", result.FriendlyName, auth.User.Username, result.Code);
 
             return true;
         }
@@ -269,11 +253,8 @@ namespace Emby.Server.Implementations.QuickConnect
             return Hex.Encode(bytes);
         }
 
-        /// <summary>
-        /// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
-        /// </summary>
-        /// <param name="expireAll">If true, all requests will be expired.</param>
-        private void ExpireRequests(bool expireAll = false)
+        /// <inheritdoc/>
+        public void ExpireRequests(bool expireAll = false)
         {
             // Check if quick connect should be deactivated
             if (State == QuickConnectState.Active && DateTime.Now > DateActivated.AddMinutes(Timeout) && !expireAll)
@@ -309,9 +290,7 @@ namespace Emby.Server.Implementations.QuickConnect
 
         private void ReloadConfiguration()
         {
-            var available = _config.Configuration.QuickConnectAvailable;
-
-            State = available ? QuickConnectState.Available : QuickConnectState.Unavailable;
+            State = _config.Configuration.QuickConnectAvailable ? QuickConnectState.Available : QuickConnectState.Unavailable;
         }
     }
 }
diff --git a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
index 60d6ac414..9047a1e95 100644
--- a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
+++ b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Collections.Generic;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
 using MediaBrowser.Controller.Net;
@@ -24,18 +23,12 @@ namespace MediaBrowser.Api.QuickConnect
         public string Secret { get; set; }
     }
 
-    [Route("/QuickConnect/List", "GET", Summary = "Lists all quick connect requests")]
-    [Authenticated]
-    public class QuickConnectList : IReturn<List<QuickConnectResultDto>>
-    {
-    }
-
     [Route("/QuickConnect/Authorize", "POST", Summary = "Authorizes a pending quick connect request")]
     [Authenticated]
-    public class Authorize : IReturn<QuickConnectResultDto>
+    public class Authorize : IReturn<bool>
     {
-        [ApiMember(Name = "Lookup", Description = "Quick connect public lookup", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "GET")]
-        public string Lookup { get; set; }
+        [ApiMember(Name = "Code", Description = "Quick connect identifying code", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "GET")]
+        public string Code { get; set; }
     }
 
     [Route("/QuickConnect/Deauthorize", "POST", Summary = "Deletes all quick connect authorization tokens for the current user")]
@@ -62,8 +55,9 @@ namespace MediaBrowser.Api.QuickConnect
 
     [Route("/QuickConnect/Activate", "POST", Summary = "Temporarily activates quick connect for the time period defined in the server configuration")]
     [Authenticated]
-    public class Activate : IReturn<QuickConnectState>
+    public class Activate : IReturn<bool>
     {
+
     }
 
     public class QuickConnectService : BaseApiService
@@ -96,18 +90,9 @@ namespace MediaBrowser.Api.QuickConnect
             return _quickConnect.CheckRequestStatus(request.Secret);
         }
 
-        public object Get(QuickConnectList request)
-        {
-            if(_quickConnect.State != QuickConnectState.Active)
-            {
-                return Array.Empty<QuickConnectResultDto>();
-            }
-
-            return _quickConnect.GetCurrentRequests();
-        }
-
         public object Get(QuickConnectStatus request)
         {
+            _quickConnect.ExpireRequests();
             return _quickConnect.State;
         }
 
@@ -120,55 +105,27 @@ namespace MediaBrowser.Api.QuickConnect
 
         public object Post(Authorize request)
         {
-            bool result = _quickConnect.AuthorizeRequest(Request, request.Lookup);
-
-            Logger.LogInformation("Result of authorizing quick connect {0}: {1}", request.Lookup[..10], result);
-
-            return result;
+            return _quickConnect.AuthorizeRequest(Request, request.Code);
         }
 
         public object Post(Activate request)
         {
-            string name = _authContext.GetAuthorizationInfo(Request).User.Name;
-
             if(_quickConnect.State == QuickConnectState.Unavailable)
             {
-                return new QuickConnectResult()
-                {
-                    Error = "Quick connect is not enabled on this server"
-                };
+                return false;
             }
 
-            else if(_quickConnect.State == QuickConnectState.Available)
-            {
-                var result = _quickConnect.Activate();
-
-                if (string.IsNullOrEmpty(result.Error))
-                {
-                    Logger.LogInformation("{name} temporarily activated quick connect", name);
-                }
+            string name = _authContext.GetAuthorizationInfo(Request).User.Username;
 
-                return result;
-            }
+            Logger.LogInformation("{name} temporarily activated quick connect", name);
+            _quickConnect.Activate();
 
-            else if(_quickConnect.State == QuickConnectState.Active)
-            {
-                return new QuickConnectResult()
-                {
-                    Error = ""
-                };
-            }
-
-            return new QuickConnectResult()
-            {
-                Error = "Unknown current state"
-            };
+            return true;
         }
 
         public object Post(Available request)
         {
             _quickConnect.SetEnabled(request.Status);
-
             return _quickConnect.State;
         }
     }
diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index d31d0e509..10ec9e6cb 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -38,8 +38,7 @@ namespace MediaBrowser.Controller.QuickConnect
         /// <summary>
         /// Temporarily activates quick connect for a short amount of time.
         /// </summary>
-        /// <returns>A quick connect result object indicating success.</returns>
-        QuickConnectResult Activate();
+        void Activate();
 
         /// <summary>
         /// Changes the status of quick connect.
@@ -61,26 +60,20 @@ namespace MediaBrowser.Controller.QuickConnect
         /// <returns>Quick connect result.</returns>
         QuickConnectResult CheckRequestStatus(string secret);
 
-        /// <summary>
-        /// Returns all current quick connect requests as DTOs. Does not include sensitive information.
-        /// </summary>
-        /// <returns>List of all quick connect results.</returns>
-        List<QuickConnectResultDto> GetCurrentRequests();
-
-        /// <summary>
-        /// Returns all current quick connect requests (including sensitive information).
-        /// </summary>
-        /// <returns>List of all quick connect results.</returns>
-        List<QuickConnectResult> GetCurrentRequestsInternal();
-
         /// <summary>
         /// Authorizes a quick connect request to connect as the calling user.
         /// </summary>
         /// <param name="request">HTTP request object.</param>
-        /// <param name="lookup">Identifying code for the request..</param>
+        /// <param name="code">Identifying code for the request.</param>
         /// <returns>A boolean indicating if the authorization completed successfully.</returns>
         bool AuthorizeRequest(IRequest request, string code);
 
+        /// <summary>
+        /// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
+        /// </summary>
+        /// <param name="expireAll">If true, all requests will be expired.</param>
+        public void ExpireRequests(bool expireAll = false);
+
         /// <summary>
         /// Deletes all quick connect access tokens for the provided user.
         /// </summary>
diff --git a/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs b/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs
deleted file mode 100644
index 26084caf1..000000000
--- a/MediaBrowser.Model/QuickConnect/QuickConnectResultDto.cs
+++ /dev/null
@@ -1,41 +0,0 @@
-using System;
-
-namespace MediaBrowser.Model.QuickConnect
-{
-    /// <summary>
-    /// Stores the non-sensitive results of an incoming quick connect request.
-    /// </summary>
-    public class QuickConnectResultDto
-    {
-        /// <summary>
-        /// Gets a value indicating whether this request is authorized.
-        /// </summary>
-        public bool Authenticated { get; private set; }
-
-        /// <summary>
-        /// Gets the user facing code used so the user can quickly differentiate this request from others.
-        /// </summary>
-        public string? Code { get; private set; }
-
-        /// <summary>
-        /// Gets the device friendly name.
-        /// </summary>
-        public string? FriendlyName { get; private set; }
-
-        /// <summary>
-        /// Cast an internal quick connect result to a DTO by removing all sensitive properties.
-        /// </summary>
-        /// <param name="result">QuickConnectResult object to cast.</param>
-        public static implicit operator QuickConnectResultDto(QuickConnectResult result)
-        {
-            QuickConnectResultDto resultDto = new QuickConnectResultDto
-            {
-                Authenticated = result.Authenticated,
-                Code = result.Code,
-                FriendlyName = result.FriendlyName,
-            };
-
-            return resultDto;
-        }
-    }
-}
-- 
cgit v1.2.3


From 3c91aa0c3d4af3c3d11b4c732ea14c7e641ba662 Mon Sep 17 00:00:00 2001
From: Matt Montgomery <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Sun, 26 Jul 2020 23:13:14 -0500
Subject: Code cleanup

---
 .../QuickConnect/QuickConnectManager.cs            | 25 +++++++++++-----------
 .../QuickConnect/QuickConnectService.cs            |  2 +-
 .../QuickConnect/IQuickConnect.cs                  |  6 +++---
 3 files changed, 16 insertions(+), 17 deletions(-)

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
index a69ea2267..23e94afd7 100644
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
@@ -14,6 +14,7 @@ using MediaBrowser.Model.Services;
 using MediaBrowser.Common;
 using Microsoft.Extensions.Logging;
 using MediaBrowser.Common.Extensions;
+using MediaBrowser.Controller.Authentication;
 
 namespace Emby.Server.Implementations.QuickConnect
 {
@@ -83,13 +84,13 @@ namespace Emby.Server.Implementations.QuickConnect
         public void Activate()
         {
             DateActivated = DateTime.Now;
-            SetEnabled(QuickConnectState.Active);
+            SetState(QuickConnectState.Active);
         }
 
         /// <inheritdoc/>
-        public void SetEnabled(QuickConnectState newState)
+        public void SetState(QuickConnectState newState)
         {
-            _logger.LogDebug("Changed quick connect state from {0} to {1}", State, newState);
+            _logger.LogDebug("Changed quick connect state from {State} to {newState}", State, newState);
 
             ExpireRequests(true);
 
@@ -107,12 +108,8 @@ namespace Emby.Server.Implementations.QuickConnect
 
             if (State != QuickConnectState.Active)
             {
-                _logger.LogDebug("Refusing quick connect initiation request, current state is {0}", State);
-
-                return new QuickConnectResult()
-                {
-                    Error = "Quick connect is not active on this server"
-                };
+                _logger.LogDebug("Refusing quick connect initiation request, current state is {State}", State);
+                throw new AuthenticationException("Quick connect is not active on this server");
             }
 
             _logger.LogDebug("Got new quick connect request from {friendlyName}", friendlyName);
@@ -200,7 +197,7 @@ namespace Emby.Server.Implementations.QuickConnect
                 UserId = auth.UserId
             });
 
-            _logger.LogInformation("Allowing device {0} to login as user {1} with quick connect code {2}", result.FriendlyName, auth.User.Username, result.Code);
+            _logger.LogInformation("Allowing device {FriendlyName} to login as user {Username} with quick connect code {Code}", result.FriendlyName, auth.User.Username, result.Code);
 
             return true;
         }
@@ -216,13 +213,15 @@ namespace Emby.Server.Implementations.QuickConnect
 
             var tokens = raw.Items.Where(x => x.AppName.StartsWith(TokenNamePrefix, StringComparison.CurrentCulture));
 
+            var removed = 0;
             foreach (var token in tokens)
             {
                 _authenticationRepository.Delete(token);
-                _logger.LogDebug("Deleted token {0}", token.AccessToken);
+                _logger.LogDebug("Deleted token {AccessToken}", token.AccessToken);
+                removed++;
             }
 
-            return tokens.Count();
+            return removed;
         }
 
         /// <summary>
@@ -261,7 +260,7 @@ namespace Emby.Server.Implementations.QuickConnect
             if (State == QuickConnectState.Active && DateTime.Now > DateActivated.AddMinutes(Timeout) && !expireAll)
             {
                 _logger.LogDebug("Quick connect time expired, deactivating");
-                SetEnabled(QuickConnectState.Available);
+                SetState(QuickConnectState.Available);
                 expireAll = true;
             }
 
diff --git a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
index 6298f66e5..7093be990 100644
--- a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
+++ b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
@@ -125,7 +125,7 @@ namespace MediaBrowser.Api.QuickConnect
 
         public object Post(Available request)
         {
-            _quickConnect.SetEnabled(request.Status);
+            _quickConnect.SetState(request.Status);
             return _quickConnect.State;
         }
     }
diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index 10ec9e6cb..5518e0385 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -41,16 +41,16 @@ namespace MediaBrowser.Controller.QuickConnect
         void Activate();
 
         /// <summary>
-        /// Changes the status of quick connect.
+        /// Changes the state of quick connect.
         /// </summary>
         /// <param name="newState">New state to change to.</param>
-        void SetEnabled(QuickConnectState newState);
+        void SetState(QuickConnectState newState);
 
         /// <summary>
         /// Initiates a new quick connect request.
         /// </summary>
         /// <param name="friendlyName">Friendly device name to display in the request UI.</param>
-        /// <returns>A quick connect result with tokens to proceed or a descriptive error message otherwise.</returns>
+        /// <returns>A quick connect result with tokens to proceed or throws an exception if not active.</returns>
         QuickConnectResult TryConnect(string friendlyName);
 
         /// <summary>
-- 
cgit v1.2.3


From 31d3b1b83aa356221e8af2f316b58584579207fe Mon Sep 17 00:00:00 2001
From: Matt Montgomery <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Mon, 27 Jul 2020 15:40:14 -0500
Subject: Cleanup interfaces

---
 MediaBrowser.Controller/QuickConnect/IQuickConnect.cs | 10 +++++-----
 MediaBrowser.Controller/Session/ISessionManager.cs    |  7 ++++++-
 2 files changed, 11 insertions(+), 6 deletions(-)

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index 5518e0385..993637c8a 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -13,22 +13,22 @@ namespace MediaBrowser.Controller.QuickConnect
         /// <summary>
         /// Gets or sets the length of user facing codes.
         /// </summary>
-        public int CodeLength { get; set; }
+        int CodeLength { get; set; }
 
         /// <summary>
         /// Gets or sets the string to prefix internal access tokens with.
         /// </summary>
-        public string TokenNamePrefix { get; set; }
+        string TokenNamePrefix { get; set; }
 
         /// <summary>
         /// Gets the current state of quick connect.
         /// </summary>
-        public QuickConnectState State { get; }
+        QuickConnectState State { get; }
 
         /// <summary>
         /// Gets or sets the time (in minutes) before quick connect will automatically deactivate.
         /// </summary>
-        public int Timeout { get; set; }
+        int Timeout { get; set; }
 
         /// <summary>
         /// Assert that quick connect is currently active and throws an exception if it is not.
@@ -72,7 +72,7 @@ namespace MediaBrowser.Controller.QuickConnect
         /// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
         /// </summary>
         /// <param name="expireAll">If true, all requests will be expired.</param>
-        public void ExpireRequests(bool expireAll = false);
+        void ExpireRequests(bool expireAll = false);
 
         /// <summary>
         /// Deletes all quick connect access tokens for the provided user.
diff --git a/MediaBrowser.Controller/Session/ISessionManager.cs b/MediaBrowser.Controller/Session/ISessionManager.cs
index 23230e41e..ffa19fb69 100644
--- a/MediaBrowser.Controller/Session/ISessionManager.cs
+++ b/MediaBrowser.Controller/Session/ISessionManager.cs
@@ -264,7 +264,12 @@ namespace MediaBrowser.Controller.Session
         /// <returns>Task{SessionInfo}.</returns>
         Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request);
 
-        public Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token);
+        /// <summary>
+        /// Authenticates a new session with quick connect.
+        /// </summary>
+        /// <param name="request">The request.</param>
+        /// <returns>Task{SessionInfo}.</returns>
+        Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token);
 
         /// <summary>
         /// Creates the new session.
-- 
cgit v1.2.3


From 035d29fb357006c29ffb40e0a53c1e999237cdd1 Mon Sep 17 00:00:00 2001
From: Matt Montgomery <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Thu, 13 Aug 2020 15:35:04 -0500
Subject: Migrate to new API standard

---
 .../QuickConnect/QuickConnectManager.cs            |   5 +-
 Jellyfin.Api/Controllers/QuickConnectController.cs | 160 +++++++++++++++++++++
 Jellyfin.Api/Controllers/UserController.cs         |  41 ++++++
 Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs    |  13 ++
 .../QuickConnect/QuickConnectService.cs            | 132 -----------------
 .../QuickConnect/IQuickConnect.cs                  |   5 +-
 MediaBrowser.Controller/Session/ISessionManager.cs |   1 +
 7 files changed, 219 insertions(+), 138 deletions(-)
 create mode 100644 Jellyfin.Api/Controllers/QuickConnectController.cs
 create mode 100644 Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs
 delete mode 100644 MediaBrowser.Api/QuickConnect/QuickConnectService.cs

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
index 23e94afd7..949c3b505 100644
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
@@ -1,6 +1,5 @@
 using System;
 using System.Collections.Concurrent;
-using System.Collections.Generic;
 using System.Globalization;
 using System.Linq;
 using System.Security.Cryptography;
@@ -10,7 +9,7 @@ using MediaBrowser.Controller.Net;
 using MediaBrowser.Controller.QuickConnect;
 using MediaBrowser.Controller.Security;
 using MediaBrowser.Model.QuickConnect;
-using MediaBrowser.Model.Services;
+using Microsoft.AspNetCore.Http;
 using MediaBrowser.Common;
 using Microsoft.Extensions.Logging;
 using MediaBrowser.Common.Extensions;
@@ -163,7 +162,7 @@ namespace Emby.Server.Implementations.QuickConnect
         }
 
         /// <inheritdoc/>
-        public bool AuthorizeRequest(IRequest request, string code)
+        public bool AuthorizeRequest(HttpRequest request, string code)
         {
             ExpireRequests();
             AssertActive();
diff --git a/Jellyfin.Api/Controllers/QuickConnectController.cs b/Jellyfin.Api/Controllers/QuickConnectController.cs
new file mode 100644
index 000000000..d45ea058d
--- /dev/null
+++ b/Jellyfin.Api/Controllers/QuickConnectController.cs
@@ -0,0 +1,160 @@
+using System.ComponentModel.DataAnnotations;
+using Jellyfin.Api.Constants;
+using MediaBrowser.Common.Extensions;
+using MediaBrowser.Controller.Library;
+using MediaBrowser.Controller.Net;
+using MediaBrowser.Controller.QuickConnect;
+using MediaBrowser.Model.QuickConnect;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Jellyfin.Api.Controllers
+{
+    /// <summary>
+    /// Quick connect controller.
+    /// </summary>
+    public class QuickConnectController : BaseJellyfinApiController
+    {
+        private readonly IQuickConnect _quickConnect;
+        private readonly IUserManager _userManager;
+        private readonly IAuthorizationContext _authContext;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="QuickConnectController"/> class.
+        /// </summary>
+        /// <param name="quickConnect">Instance of the <see cref="IQuickConnect"/> interface.</param>
+        /// <param name="userManager">Instance of the <see cref="IUserManager"/> interface.</param>
+        /// <param name="authContext">Instance of the <see cref="IAuthorizationContext"/> interface.</param>
+        public QuickConnectController(
+            IQuickConnect quickConnect,
+            IUserManager userManager,
+            IAuthorizationContext authContext)
+        {
+            _quickConnect = quickConnect;
+            _userManager = userManager;
+            _authContext = authContext;
+        }
+
+        /// <summary>
+        /// Gets the current quick connect state.
+        /// </summary>
+        /// <response code="200">Quick connect state returned.</response>
+        /// <returns>The current <see cref="QuickConnectState"/>.</returns>
+        [HttpGet("Status")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<QuickConnectState> GetStatus()
+        {
+            _quickConnect.ExpireRequests();
+            return Ok(_quickConnect.State);
+        }
+
+        /// <summary>
+        /// Initiate a new quick connect request.
+        /// </summary>
+        /// <param name="friendlyName">Device friendly name.</param>
+        /// <response code="200">Quick connect request successfully created.</response>
+        /// <response code="401">Quick connect is not active on this server.</response>
+        /// <returns>A <see cref="QuickConnectResult"/> with a secret and code for future use or an error message.</returns>
+        [HttpGet("Initiate")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<QuickConnectResult> Initiate([FromQuery] string? friendlyName)
+        {
+            return Ok(_quickConnect.TryConnect(friendlyName));
+        }
+
+        /// <summary>
+        /// Attempts to retrieve authentication information.
+        /// </summary>
+        /// <param name="secret">Secret previously returned from the Initiate endpoint.</param>
+        /// <response code="200">Quick connect result returned.</response>
+        /// <response code="404">Unknown quick connect secret.</response>
+        /// <returns>An updated <see cref="QuickConnectResult"/>.</returns>
+        [HttpGet("Connect")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status404NotFound)]
+        public ActionResult<QuickConnectResult> Connect([FromQuery] string? secret)
+        {
+            try
+            {
+                var result = _quickConnect.CheckRequestStatus(secret);
+                return Ok(result);
+            }
+            catch (ResourceNotFoundException)
+            {
+                return NotFound("Unknown secret");
+            }
+        }
+
+        /// <summary>
+        /// Temporarily activates quick connect for five minutes.
+        /// </summary>
+        /// <response code="204">Quick connect has been temporarily activated.</response>
+        /// <response code="403">Quick connect is unavailable on this server.</response>
+        /// <returns>An <see cref="NoContentResult"/> on success.</returns>
+        [HttpPost("Activate")]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
+        [ProducesResponseType(StatusCodes.Status204NoContent)]
+        [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        public ActionResult Activate()
+        {
+            if (_quickConnect.State == QuickConnectState.Unavailable)
+            {
+                return Forbid("Quick connect is unavailable");
+            }
+
+            _quickConnect.Activate();
+            return NoContent();
+        }
+
+        /// <summary>
+        /// Enables or disables quick connect.
+        /// </summary>
+        /// <param name="status">New <see cref="QuickConnectState"/>.</param>
+        /// <response code="204">Quick connect state set successfully.</response>
+        /// <returns>An <see cref="NoContentResult"/> on success.</returns>
+        [HttpPost("Available")]
+        [Authorize(Policy = Policies.RequiresElevation)]
+        [ProducesResponseType(StatusCodes.Status204NoContent)]
+        public ActionResult Available([FromQuery] QuickConnectState? status)
+        {
+            _quickConnect.SetState(status ?? QuickConnectState.Available);
+            return NoContent();
+        }
+
+        /// <summary>
+        /// Authorizes a pending quick connect request.
+        /// </summary>
+        /// <param name="code">Quick connect code to authorize.</param>
+        /// <response code="200">Quick connect result authorized successfully.</response>
+        /// <response code="400">Missing quick connect code.</response>
+        /// <returns>Boolean indicating if the authorization was successful.</returns>
+        [HttpPost("Authorize")]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status400BadRequest)]
+        public ActionResult<bool> Authorize([FromQuery, Required] string? code)
+        {
+            if (code == null)
+            {
+                return BadRequest("Missing code");
+            }
+
+            return Ok(_quickConnect.AuthorizeRequest(Request, code));
+        }
+
+        /// <summary>
+        /// Deauthorize all quick connect devices for the current user.
+        /// </summary>
+        /// <response code="200">All quick connect devices were deleted.</response>
+        /// <returns>The number of devices that were deleted.</returns>
+        [HttpPost("Deauthorize")]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public ActionResult<int> Deauthorize()
+        {
+            var userId = _authContext.GetAuthorizationInfo(Request).UserId;
+            return _quickConnect.DeleteAllDevices(userId);
+        }
+    }
+}
diff --git a/Jellyfin.Api/Controllers/UserController.cs b/Jellyfin.Api/Controllers/UserController.cs
index 272312522..131fffb7a 100644
--- a/Jellyfin.Api/Controllers/UserController.cs
+++ b/Jellyfin.Api/Controllers/UserController.cs
@@ -216,6 +216,47 @@ namespace Jellyfin.Api.Controllers
             }
         }
 
+        /// <summary>
+        /// Authenticates a user with quick connect.
+        /// </summary>
+        /// <param name="request">The <see cref="QuickConnectDto"/> request.</param>
+        /// <response code="200">User authenticated.</response>
+        /// <response code="400">Missing token.</response>
+        /// <returns>A <see cref="Task"/> containing an <see cref="AuthenticationRequest"/> with information about the new session.</returns>
+        [HttpPost("AuthenticateWithQuickConnect")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public async Task<ActionResult<AuthenticationResult>> AuthenticateWithQuickConnect([FromBody, Required] QuickConnectDto request)
+        {
+            if (request.Token == null)
+            {
+                return BadRequest("Access token is required.");
+            }
+
+            var auth = _authContext.GetAuthorizationInfo(Request);
+
+            try
+            {
+                var authRequest = new AuthenticationRequest
+                {
+                    App = auth.Client,
+                    AppVersion = auth.Version,
+                    DeviceId = auth.DeviceId,
+                    DeviceName = auth.Device,
+                };
+
+                var result = await _sessionManager.AuthenticateQuickConnect(
+                    authRequest,
+                    request.Token).ConfigureAwait(false);
+
+                return result;
+            }
+            catch (SecurityException e)
+            {
+                // rethrow adding IP address to message
+                throw new SecurityException($"[{HttpContext.Connection.RemoteIpAddress}] {e.Message}", e);
+            }
+        }
+
         /// <summary>
         /// Updates a user's password.
         /// </summary>
diff --git a/Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs b/Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs
new file mode 100644
index 000000000..8f53d5f37
--- /dev/null
+++ b/Jellyfin.Api/Models/UserDtos/QuickConnectDto.cs
@@ -0,0 +1,13 @@
+namespace Jellyfin.Api.Models.UserDtos
+{
+    /// <summary>
+    /// The quick connect request body.
+    /// </summary>
+    public class QuickConnectDto
+    {
+        /// <summary>
+        /// Gets or sets the quick connect token.
+        /// </summary>
+        public string? Token { get; set; }
+    }
+}
diff --git a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs b/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
deleted file mode 100644
index 7093be990..000000000
--- a/MediaBrowser.Api/QuickConnect/QuickConnectService.cs
+++ /dev/null
@@ -1,132 +0,0 @@
-using System;
-using MediaBrowser.Controller.Configuration;
-using MediaBrowser.Controller.Library;
-using MediaBrowser.Controller.Net;
-using MediaBrowser.Controller.QuickConnect;
-using MediaBrowser.Model.QuickConnect;
-using MediaBrowser.Model.Services;
-using Microsoft.Extensions.Logging;
-
-namespace MediaBrowser.Api.QuickConnect
-{
-    [Route("/QuickConnect/Initiate", "GET", Summary = "Requests a new quick connect code")]
-    public class Initiate : IReturn<QuickConnectResult>
-    {
-        [ApiMember(Name = "FriendlyName", Description = "Device friendly name", IsRequired = false, DataType = "string", ParameterType = "query", Verb = "GET")]
-        public string FriendlyName { get; set; }
-    }
-
-    [Route("/QuickConnect/Connect", "GET", Summary = "Attempts to retrieve authentication information")]
-    public class Connect : IReturn<QuickConnectResult>
-    {
-        [ApiMember(Name = "Secret", Description = "Quick connect secret", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "GET")]
-        public string Secret { get; set; }
-    }
-
-    [Route("/QuickConnect/Authorize", "POST", Summary = "Authorizes a pending quick connect request")]
-    [Authenticated]
-    public class Authorize : IReturn<bool>
-    {
-        [ApiMember(Name = "Code", Description = "Quick connect identifying code", IsRequired = true, DataType = "string", ParameterType = "query", Verb = "GET")]
-        public string Code { get; set; }
-    }
-
-    [Route("/QuickConnect/Deauthorize", "POST", Summary = "Deletes all quick connect authorization tokens for the current user")]
-    [Authenticated]
-    public class Deauthorize : IReturn<int>
-    {
-        [ApiMember(Name = "UserId", Description = "User Id", IsRequired = false, DataType = "string", ParameterType = "query", Verb = "GET")]
-        public Guid UserId { get; set; }
-    }
-
-    [Route("/QuickConnect/Status", "GET", Summary = "Gets the current quick connect state")]
-    public class QuickConnectStatus : IReturn<QuickConnectResult>
-    {
-
-    }
-
-    [Route("/QuickConnect/Available", "POST", Summary = "Enables or disables quick connect")]
-    [Authenticated(Roles = "Admin")]
-    public class Available : IReturn<QuickConnectState>
-    {
-        [ApiMember(Name = "Status", Description = "New quick connect status", IsRequired = false, DataType = "QuickConnectState", ParameterType = "query", Verb = "GET")]
-        public QuickConnectState Status { get; set; }
-    }
-
-    [Route("/QuickConnect/Activate", "POST", Summary = "Temporarily activates quick connect for the time period defined in the server configuration")]
-    [Authenticated]
-    public class Activate : IReturn<bool>
-    {
-
-    }
-
-    public class QuickConnectService : BaseApiService
-    {
-        private IQuickConnect _quickConnect;
-        private IUserManager _userManager;
-        private IAuthorizationContext _authContext;
-
-        public QuickConnectService(
-            ILogger<QuickConnectService> logger,
-            IServerConfigurationManager serverConfigurationManager,
-            IHttpResultFactory httpResultFactory,
-            IUserManager userManager,
-            IAuthorizationContext authContext,
-            IQuickConnect quickConnect)
-            : base(logger, serverConfigurationManager, httpResultFactory)
-        {
-            _userManager = userManager;
-            _quickConnect = quickConnect;
-            _authContext = authContext;
-        }
-
-        public object Get(Initiate request)
-        {
-            return _quickConnect.TryConnect(request.FriendlyName);
-        }
-
-        public object Get(Connect request)
-        {
-            return _quickConnect.CheckRequestStatus(request.Secret);
-        }
-
-        public object Get(QuickConnectStatus request)
-        {
-            _quickConnect.ExpireRequests();
-            return _quickConnect.State;
-        }
-
-        public object Post(Deauthorize request)
-        {
-            AssertCanUpdateUser(_authContext, _userManager, request.UserId, true);
-
-            return _quickConnect.DeleteAllDevices(request.UserId);
-        }
-
-        public object Post(Authorize request)
-        {
-            return _quickConnect.AuthorizeRequest(Request, request.Code);
-        }
-
-        public object Post(Activate request)
-        {
-            if (_quickConnect.State == QuickConnectState.Unavailable)
-            {
-                return false;
-            }
-
-            string name = _authContext.GetAuthorizationInfo(Request).User.Username;
-
-            Logger.LogInformation("{name} temporarily activated quick connect", name);
-            _quickConnect.Activate();
-
-            return true;
-        }
-
-        public object Post(Available request)
-        {
-            _quickConnect.SetState(request.Status);
-            return _quickConnect.State;
-        }
-    }
-}
diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index 993637c8a..fd7e973f6 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -1,7 +1,6 @@
 using System;
-using System.Collections.Generic;
 using MediaBrowser.Model.QuickConnect;
-using MediaBrowser.Model.Services;
+using Microsoft.AspNetCore.Http;
 
 namespace MediaBrowser.Controller.QuickConnect
 {
@@ -66,7 +65,7 @@ namespace MediaBrowser.Controller.QuickConnect
         /// <param name="request">HTTP request object.</param>
         /// <param name="code">Identifying code for the request.</param>
         /// <returns>A boolean indicating if the authorization completed successfully.</returns>
-        bool AuthorizeRequest(IRequest request, string code);
+        bool AuthorizeRequest(HttpRequest request, string code);
 
         /// <summary>
         /// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
diff --git a/MediaBrowser.Controller/Session/ISessionManager.cs b/MediaBrowser.Controller/Session/ISessionManager.cs
index ffa19fb69..d44787b88 100644
--- a/MediaBrowser.Controller/Session/ISessionManager.cs
+++ b/MediaBrowser.Controller/Session/ISessionManager.cs
@@ -268,6 +268,7 @@ namespace MediaBrowser.Controller.Session
         /// Authenticates a new session with quick connect.
         /// </summary>
         /// <param name="request">The request.</param>
+        /// <param name="token">Quick connect access token.</param>
         /// <returns>Task{SessionInfo}.</returns>
         Task<AuthenticationResult> AuthenticateQuickConnect(AuthenticationRequest request, string token);
 
-- 
cgit v1.2.3


From 5f1a86324170387f12602d77dad7249faf30548f Mon Sep 17 00:00:00 2001
From: Matt Montgomery <33811686+ConfusedPolarBear@users.noreply.github.com>
Date: Mon, 17 Aug 2020 16:36:45 -0500
Subject: Apply suggestions from code review

---
 .../QuickConnect/QuickConnectManager.cs            | 38 +++++++++-------------
 .../Session/SessionManager.cs                      |  2 +-
 Jellyfin.Api/Controllers/QuickConnectController.cs | 34 +++++++++----------
 Jellyfin.Api/Controllers/UserController.cs         |  4 +--
 .../QuickConnect/IQuickConnect.cs                  | 12 +++----
 .../QuickConnect/QuickConnectResult.cs             |  5 ---
 6 files changed, 40 insertions(+), 55 deletions(-)

(limited to 'MediaBrowser.Controller/QuickConnect')

diff --git a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
index 949c3b505..52e934229 100644
--- a/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
+++ b/Emby.Server.Implementations/QuickConnect/QuickConnectManager.cs
@@ -3,17 +3,16 @@ using System.Collections.Concurrent;
 using System.Globalization;
 using System.Linq;
 using System.Security.Cryptography;
+using MediaBrowser.Common;
+using MediaBrowser.Common.Extensions;
 using MediaBrowser.Controller;
+using MediaBrowser.Controller.Authentication;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Net;
 using MediaBrowser.Controller.QuickConnect;
 using MediaBrowser.Controller.Security;
 using MediaBrowser.Model.QuickConnect;
-using Microsoft.AspNetCore.Http;
-using MediaBrowser.Common;
 using Microsoft.Extensions.Logging;
-using MediaBrowser.Common.Extensions;
-using MediaBrowser.Controller.Authentication;
 
 namespace Emby.Server.Implementations.QuickConnect
 {
@@ -60,7 +59,7 @@ namespace Emby.Server.Implementations.QuickConnect
         public int CodeLength { get; set; } = 6;
 
         /// <inheritdoc/>
-        public string TokenNamePrefix { get; set; } = "QuickConnect-";
+        public string TokenName { get; set; } = "QuickConnect";
 
         /// <inheritdoc/>
         public QuickConnectState State { get; private set; } = QuickConnectState.Unavailable;
@@ -82,7 +81,7 @@ namespace Emby.Server.Implementations.QuickConnect
         /// <inheritdoc/>
         public void Activate()
         {
-            DateActivated = DateTime.Now;
+            DateActivated = DateTime.UtcNow;
             SetState(QuickConnectState.Active);
         }
 
@@ -101,7 +100,7 @@ namespace Emby.Server.Implementations.QuickConnect
         }
 
         /// <inheritdoc/>
-        public QuickConnectResult TryConnect(string friendlyName)
+        public QuickConnectResult TryConnect()
         {
             ExpireRequests();
 
@@ -111,14 +110,11 @@ namespace Emby.Server.Implementations.QuickConnect
                 throw new AuthenticationException("Quick connect is not active on this server");
             }
 
-            _logger.LogDebug("Got new quick connect request from {friendlyName}", friendlyName);
-
             var code = GenerateCode();
             var result = new QuickConnectResult()
             {
                 Secret = GenerateSecureRandom(),
-                FriendlyName = friendlyName,
-                DateAdded = DateTime.Now,
+                DateAdded = DateTime.UtcNow,
                 Code = code
             };
 
@@ -162,13 +158,11 @@ namespace Emby.Server.Implementations.QuickConnect
         }
 
         /// <inheritdoc/>
-        public bool AuthorizeRequest(HttpRequest request, string code)
+        public bool AuthorizeRequest(Guid userId, string code)
         {
             ExpireRequests();
             AssertActive();
 
-            var auth = _authContext.GetAuthorizationInfo(request);
-
             if (!_currentRequests.TryGetValue(code, out QuickConnectResult result))
             {
                 throw new ResourceNotFoundException("Unable to find request");
@@ -182,21 +176,21 @@ namespace Emby.Server.Implementations.QuickConnect
             result.Authentication = Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture);
 
             // Change the time on the request so it expires one minute into the future. It can't expire immediately as otherwise some clients wouldn't ever see that they have been authenticated.
-            var added = result.DateAdded ?? DateTime.Now.Subtract(new TimeSpan(0, Timeout, 0));
-            result.DateAdded = added.Subtract(new TimeSpan(0, Timeout - 1, 0));
+            var added = result.DateAdded ?? DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(Timeout));
+            result.DateAdded = added.Subtract(TimeSpan.FromMinutes(Timeout - 1));
 
             _authenticationRepository.Create(new AuthenticationInfo
             {
-                AppName = TokenNamePrefix + result.FriendlyName,
+                AppName = TokenName,
                 AccessToken = result.Authentication,
                 DateCreated = DateTime.UtcNow,
                 DeviceId = _appHost.SystemId,
                 DeviceName = _appHost.FriendlyName,
                 AppVersion = _appHost.ApplicationVersionString,
-                UserId = auth.UserId
+                UserId = userId
             });
 
-            _logger.LogInformation("Allowing device {FriendlyName} to login as user {Username} with quick connect code {Code}", result.FriendlyName, auth.User.Username, result.Code);
+            _logger.LogDebug("Authorizing device with code {Code} to login as user {userId}", code, userId);
 
             return true;
         }
@@ -210,7 +204,7 @@ namespace Emby.Server.Implementations.QuickConnect
                 UserId = user
             });
 
-            var tokens = raw.Items.Where(x => x.AppName.StartsWith(TokenNamePrefix, StringComparison.CurrentCulture));
+            var tokens = raw.Items.Where(x => x.AppName.StartsWith(TokenName, StringComparison.CurrentCulture));
 
             var removed = 0;
             foreach (var token in tokens)
@@ -256,7 +250,7 @@ namespace Emby.Server.Implementations.QuickConnect
         public void ExpireRequests(bool expireAll = false)
         {
             // Check if quick connect should be deactivated
-            if (State == QuickConnectState.Active && DateTime.Now > DateActivated.AddMinutes(Timeout) && !expireAll)
+            if (State == QuickConnectState.Active && DateTime.UtcNow > DateActivated.AddMinutes(Timeout) && !expireAll)
             {
                 _logger.LogDebug("Quick connect time expired, deactivating");
                 SetState(QuickConnectState.Available);
@@ -270,7 +264,7 @@ namespace Emby.Server.Implementations.QuickConnect
             for (int i = 0; i < values.Count; i++)
             {
                 var added = values[i].DateAdded ?? DateTime.UnixEpoch;
-                if (DateTime.Now > added.AddMinutes(Timeout) || expireAll)
+                if (DateTime.UtcNow > added.AddMinutes(Timeout) || expireAll)
                 {
                     code = values[i].Code;
                     _logger.LogDebug("Removing expired request {code}", code);
diff --git a/Emby.Server.Implementations/Session/SessionManager.cs b/Emby.Server.Implementations/Session/SessionManager.cs
index 8a8223ee7..fbe8e065c 100644
--- a/Emby.Server.Implementations/Session/SessionManager.cs
+++ b/Emby.Server.Implementations/Session/SessionManager.cs
@@ -1433,7 +1433,7 @@ namespace Emby.Server.Implementations.Session
                 Limit = 1
             });
 
-            if (result.TotalRecordCount < 1)
+            if (result.TotalRecordCount == 0)
             {
                 throw new SecurityException("Unknown quick connect token");
             }
diff --git a/Jellyfin.Api/Controllers/QuickConnectController.cs b/Jellyfin.Api/Controllers/QuickConnectController.cs
index 1625bcffe..b1ee2ff53 100644
--- a/Jellyfin.Api/Controllers/QuickConnectController.cs
+++ b/Jellyfin.Api/Controllers/QuickConnectController.cs
@@ -1,8 +1,8 @@
+using System;
 using System.ComponentModel.DataAnnotations;
 using Jellyfin.Api.Constants;
 using Jellyfin.Api.Helpers;
 using MediaBrowser.Common.Extensions;
-using MediaBrowser.Controller.Library;
 using MediaBrowser.Controller.Net;
 using MediaBrowser.Controller.QuickConnect;
 using MediaBrowser.Model.QuickConnect;
@@ -18,22 +18,18 @@ namespace Jellyfin.Api.Controllers
     public class QuickConnectController : BaseJellyfinApiController
     {
         private readonly IQuickConnect _quickConnect;
-        private readonly IUserManager _userManager;
         private readonly IAuthorizationContext _authContext;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="QuickConnectController"/> class.
         /// </summary>
         /// <param name="quickConnect">Instance of the <see cref="IQuickConnect"/> interface.</param>
-        /// <param name="userManager">Instance of the <see cref="IUserManager"/> interface.</param>
         /// <param name="authContext">Instance of the <see cref="IAuthorizationContext"/> interface.</param>
         public QuickConnectController(
             IQuickConnect quickConnect,
-            IUserManager userManager,
             IAuthorizationContext authContext)
         {
             _quickConnect = quickConnect;
-            _userManager = userManager;
             _authContext = authContext;
         }
 
@@ -53,15 +49,14 @@ namespace Jellyfin.Api.Controllers
         /// <summary>
         /// Initiate a new quick connect request.
         /// </summary>
-        /// <param name="friendlyName">Device friendly name.</param>
         /// <response code="200">Quick connect request successfully created.</response>
         /// <response code="401">Quick connect is not active on this server.</response>
         /// <returns>A <see cref="QuickConnectResult"/> with a secret and code for future use or an error message.</returns>
         [HttpGet("Initiate")]
         [ProducesResponseType(StatusCodes.Status200OK)]
-        public ActionResult<QuickConnectResult> Initiate([FromQuery] string? friendlyName)
+        public ActionResult<QuickConnectResult> Initiate()
         {
-            return _quickConnect.TryConnect(friendlyName);
+            return _quickConnect.TryConnect();
         }
 
         /// <summary>
@@ -74,12 +69,11 @@ namespace Jellyfin.Api.Controllers
         [HttpGet("Connect")]
         [ProducesResponseType(StatusCodes.Status200OK)]
         [ProducesResponseType(StatusCodes.Status404NotFound)]
-        public ActionResult<QuickConnectResult> Connect([FromQuery] string? secret)
+        public ActionResult<QuickConnectResult> Connect([FromQuery, Required] string secret)
         {
             try
             {
-                var result = _quickConnect.CheckRequestStatus(secret);
-                return result;
+                return _quickConnect.CheckRequestStatus(secret);
             }
             catch (ResourceNotFoundException)
             {
@@ -117,9 +111,9 @@ namespace Jellyfin.Api.Controllers
         [HttpPost("Available")]
         [Authorize(Policy = Policies.RequiresElevation)]
         [ProducesResponseType(StatusCodes.Status204NoContent)]
-        public ActionResult Available([FromQuery] QuickConnectState? status)
+        public ActionResult Available([FromQuery] QuickConnectState status = QuickConnectState.Available)
         {
-            _quickConnect.SetState(status ?? QuickConnectState.Available);
+            _quickConnect.SetState(status);
             return NoContent();
         }
 
@@ -127,16 +121,22 @@ namespace Jellyfin.Api.Controllers
         /// Authorizes a pending quick connect request.
         /// </summary>
         /// <param name="code">Quick connect code to authorize.</param>
+        /// <param name="userId">User id.</param>
         /// <response code="200">Quick connect result authorized successfully.</response>
-        /// <response code="400">Missing quick connect code.</response>
+        /// <response code="403">User is not allowed to authorize quick connect requests.</response>
         /// <returns>Boolean indicating if the authorization was successful.</returns>
         [HttpPost("Authorize")]
         [Authorize(Policy = Policies.DefaultAuthorization)]
         [ProducesResponseType(StatusCodes.Status200OK)]
-        [ProducesResponseType(StatusCodes.Status400BadRequest)]
-        public ActionResult<bool> Authorize([FromQuery, Required] string? code)
+        [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        public ActionResult<bool> Authorize([FromQuery, Required] string code, [FromQuery, Required] Guid userId)
         {
-            return _quickConnect.AuthorizeRequest(Request, code);
+            if (!RequestHelpers.AssertCanUpdateUser(_authContext, HttpContext.Request, userId, true))
+            {
+                return Forbid("User is not allowed to authorize quick connect requests.");
+            }
+
+            return _quickConnect.AuthorizeRequest(userId, code);
         }
 
         /// <summary>
diff --git a/Jellyfin.Api/Controllers/UserController.cs b/Jellyfin.Api/Controllers/UserController.cs
index 355816bd3..d67f82219 100644
--- a/Jellyfin.Api/Controllers/UserController.cs
+++ b/Jellyfin.Api/Controllers/UserController.cs
@@ -239,11 +239,9 @@ namespace Jellyfin.Api.Controllers
                     DeviceName = auth.Device,
                 };
 
-                var result = await _sessionManager.AuthenticateQuickConnect(
+                return await _sessionManager.AuthenticateQuickConnect(
                     authRequest,
                     request.Token).ConfigureAwait(false);
-
-                return result;
             }
             catch (SecurityException e)
             {
diff --git a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
index fd7e973f6..959a2d771 100644
--- a/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
+++ b/MediaBrowser.Controller/QuickConnect/IQuickConnect.cs
@@ -1,6 +1,5 @@
 using System;
 using MediaBrowser.Model.QuickConnect;
-using Microsoft.AspNetCore.Http;
 
 namespace MediaBrowser.Controller.QuickConnect
 {
@@ -15,9 +14,9 @@ namespace MediaBrowser.Controller.QuickConnect
         int CodeLength { get; set; }
 
         /// <summary>
-        /// Gets or sets the string to prefix internal access tokens with.
+        /// Gets or sets the name of internal access tokens.
         /// </summary>
-        string TokenNamePrefix { get; set; }
+        string TokenName { get; set; }
 
         /// <summary>
         /// Gets the current state of quick connect.
@@ -48,9 +47,8 @@ namespace MediaBrowser.Controller.QuickConnect
         /// <summary>
         /// Initiates a new quick connect request.
         /// </summary>
-        /// <param name="friendlyName">Friendly device name to display in the request UI.</param>
         /// <returns>A quick connect result with tokens to proceed or throws an exception if not active.</returns>
-        QuickConnectResult TryConnect(string friendlyName);
+        QuickConnectResult TryConnect();
 
         /// <summary>
         /// Checks the status of an individual request.
@@ -62,10 +60,10 @@ namespace MediaBrowser.Controller.QuickConnect
         /// <summary>
         /// Authorizes a quick connect request to connect as the calling user.
         /// </summary>
-        /// <param name="request">HTTP request object.</param>
+        /// <param name="userId">User id.</param>
         /// <param name="code">Identifying code for the request.</param>
         /// <returns>A boolean indicating if the authorization completed successfully.</returns>
-        bool AuthorizeRequest(HttpRequest request, string code);
+        bool AuthorizeRequest(Guid userId, string code);
 
         /// <summary>
         /// Expire quick connect requests that are over the time limit. If <paramref name="expireAll"/> is true, all requests are unconditionally expired.
diff --git a/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs b/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
index a10d60d57..0fa40b6a7 100644
--- a/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
+++ b/MediaBrowser.Model/QuickConnect/QuickConnectResult.cs
@@ -22,11 +22,6 @@ namespace MediaBrowser.Model.QuickConnect
         /// </summary>
         public string? Code { get; set; }
 
-        /// <summary>
-        /// Gets or sets the device friendly name.
-        /// </summary>
-        public string? FriendlyName { get; set; }
-
         /// <summary>
         /// Gets or sets the private access token.
         /// </summary>
-- 
cgit v1.2.3