From 91ffff7771cb4ae9f89dbc2cb7a5cec70a3301c2 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Thu, 4 Sep 2014 23:48:53 -0400 Subject: added dlna music folders --- .../HttpServer/Security/AuthService.cs | 6 +----- .../HttpServer/Security/AuthorizationContext.cs | 18 +++++++++++------- 2 files changed, 12 insertions(+), 12 deletions(-) (limited to 'MediaBrowser.Server.Implementations/HttpServer') diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs index 2b9ae7d09..855b26034 100644 --- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs +++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs @@ -53,17 +53,13 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security ValidateUser(req, allowLocal); } - // TODO: Remove this when all clients have supported the new sescurity - private readonly List _updatedClients = new List() { "Dashboard", "Chromecast" }; - private void ValidateUser(IRequest req, bool allowLocal) { //This code is executed before the service var auth = AuthorizationContext.GetAuthorizationInfo(req); if (!string.IsNullOrWhiteSpace(auth.Token) - || _config.Configuration.EnableTokenAuthentication - || _updatedClients.Contains(auth.Client ?? string.Empty, StringComparer.OrdinalIgnoreCase)) + || _config.Configuration.SecureApps.Contains(auth.Client ?? string.Empty, StringComparer.OrdinalIgnoreCase)) { if (!allowLocal || !req.IsLocal) { diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs index 94be37e95..925eb6a86 100644 --- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs +++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs @@ -17,7 +17,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security /// /// The HTTP req. /// Dictionary{System.StringSystem.String}. - private static AuthorizationInfo GetAuthorization(IRequest httpReq) + private AuthorizationInfo GetAuthorization(IRequest httpReq) { var auth = GetAuthorizationDictionary(httpReq); @@ -59,7 +59,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security /// /// The HTTP req. /// Dictionary{System.StringSystem.String}. - private static Dictionary GetAuthorizationDictionary(IRequest httpReq) + private Dictionary GetAuthorizationDictionary(IRequest httpReq) { var auth = httpReq.Headers["Authorization"]; @@ -71,14 +71,14 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security /// /// The authorization header. /// Dictionary{System.StringSystem.String}. - private static Dictionary GetAuthorization(string authorizationHeader) + private Dictionary GetAuthorization(string authorizationHeader) { if (authorizationHeader == null) return null; - var parts = authorizationHeader.Split(' '); + var parts = authorizationHeader.Split(new[] { ' ' }, 2); // There should be at least to parts - if (parts.Length < 2) return null; + if (parts.Length != 2) return null; // It has to be a digest request if (!string.Equals(parts[0], "MediaBrowser", StringComparison.OrdinalIgnoreCase)) @@ -87,7 +87,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security } // Remove uptil the first space - authorizationHeader = authorizationHeader.Substring(authorizationHeader.IndexOf(' ')); + authorizationHeader = parts[1]; parts = authorizationHeader.Split(','); var result = new Dictionary(StringComparer.OrdinalIgnoreCase); @@ -95,7 +95,11 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security foreach (var item in parts) { var param = item.Trim().Split(new[] { '=' }, 2); - result.Add(param[0], param[1].Trim(new[] { '"' })); + + if (param.Length == 2) + { + result.Add(param[0], param[1].Trim(new[] { '"' })); + } } return result; -- cgit v1.2.3