2020-04-19 19:24:32 +02:00
|
|
|
using System;
|
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
using System.IO;
|
|
|
|
|
using System.Linq;
|
2020-05-08 16:40:37 +02:00
|
|
|
using System.Reflection;
|
2019-11-24 15:27:58 +01:00
|
|
|
using Jellyfin.Api;
|
2019-11-23 19:43:30 +01:00
|
|
|
using Jellyfin.Api.Auth;
|
2020-06-15 20:49:54 +02:00
|
|
|
using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
|
2020-06-19 21:10:10 +02:00
|
|
|
using Jellyfin.Api.Auth.DownloadPolicy;
|
2020-08-07 01:59:48 +02:00
|
|
|
using Jellyfin.Api.Auth.FirstTimeOrIgnoreParentalControlSetupPolicy;
|
2020-08-06 16:17:45 +02:00
|
|
|
using Jellyfin.Api.Auth.FirstTimeSetupOrDefaultPolicy;
|
2019-11-23 19:43:30 +01:00
|
|
|
using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
|
2020-08-06 16:17:45 +02:00
|
|
|
using Jellyfin.Api.Auth.IgnoreParentalControlPolicy;
|
|
|
|
|
using Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy;
|
2020-06-15 20:49:54 +02:00
|
|
|
using Jellyfin.Api.Auth.LocalAccessPolicy;
|
2019-11-23 19:43:30 +01:00
|
|
|
using Jellyfin.Api.Auth.RequiresElevationPolicy;
|
2019-11-24 19:25:46 +01:00
|
|
|
using Jellyfin.Api.Constants;
|
2019-11-23 19:43:30 +01:00
|
|
|
using Jellyfin.Api.Controllers;
|
2020-04-20 02:10:59 +02:00
|
|
|
using Jellyfin.Server.Formatters;
|
2020-06-01 19:03:08 +02:00
|
|
|
using Jellyfin.Server.Models;
|
2020-05-21 16:44:15 +02:00
|
|
|
using MediaBrowser.Common.Json;
|
2020-06-02 19:47:00 +02:00
|
|
|
using MediaBrowser.Model.Entities;
|
2019-11-23 19:43:30 +01:00
|
|
|
using Microsoft.AspNetCore.Authentication;
|
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2020-06-17 16:05:30 +02:00
|
|
|
using Microsoft.AspNetCore.Builder;
|
|
|
|
|
using Microsoft.AspNetCore.HttpOverrides;
|
2019-11-23 19:43:30 +01:00
|
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
|
|
|
using Microsoft.OpenApi.Models;
|
2020-05-08 16:40:37 +02:00
|
|
|
using Swashbuckle.AspNetCore.SwaggerGen;
|
2019-11-23 19:43:30 +01:00
|
|
|
|
2019-11-24 15:27:58 +01:00
|
|
|
namespace Jellyfin.Server.Extensions
|
2019-11-23 19:43:30 +01:00
|
|
|
{
|
2019-11-23 20:31:17 +01:00
|
|
|
/// <summary>
|
|
|
|
|
/// API specific extensions for the service collection.
|
|
|
|
|
/// </summary>
|
2019-11-23 19:43:30 +01:00
|
|
|
public static class ApiServiceCollectionExtensions
|
|
|
|
|
{
|
2019-11-23 20:31:17 +01:00
|
|
|
/// <summary>
|
|
|
|
|
/// Adds jellyfin API authorization policies to the DI container.
|
|
|
|
|
/// </summary>
|
|
|
|
|
/// <param name="serviceCollection">The service collection.</param>
|
|
|
|
|
/// <returns>The updated service collection.</returns>
|
2019-11-23 19:43:30 +01:00
|
|
|
public static IServiceCollection AddJellyfinApiAuthorization(this IServiceCollection serviceCollection)
|
|
|
|
|
{
|
2020-06-15 20:49:54 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, DefaultAuthorizationHandler>();
|
2020-06-19 21:10:10 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, DownloadHandler>();
|
2020-08-06 16:17:45 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeSetupOrDefaultHandler>();
|
2019-11-23 19:43:30 +01:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeSetupOrElevatedHandler>();
|
2020-08-06 16:17:45 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, IgnoreParentalControlHandler>();
|
2020-08-07 01:59:48 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, FirstTimeOrIgnoreParentalControlSetupHandler>();
|
2020-06-15 20:49:54 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, LocalAccessHandler>();
|
2020-08-06 16:17:45 +02:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, LocalAccessOrRequiresElevationHandler>();
|
2019-11-23 19:43:30 +01:00
|
|
|
serviceCollection.AddSingleton<IAuthorizationHandler, RequiresElevationHandler>();
|
|
|
|
|
return serviceCollection.AddAuthorizationCore(options =>
|
|
|
|
|
{
|
|
|
|
|
options.AddPolicy(
|
2020-06-15 20:49:54 +02:00
|
|
|
Policies.DefaultAuthorization,
|
2019-11-23 19:43:30 +01:00
|
|
|
policy =>
|
|
|
|
|
{
|
2019-11-24 19:25:46 +01:00
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
2020-06-15 20:49:54 +02:00
|
|
|
policy.AddRequirements(new DefaultAuthorizationRequirement());
|
2019-11-23 19:43:30 +01:00
|
|
|
});
|
2020-06-19 21:10:10 +02:00
|
|
|
options.AddPolicy(
|
|
|
|
|
Policies.Download,
|
|
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
|
|
|
|
policy.AddRequirements(new DownloadRequirement());
|
|
|
|
|
});
|
2020-08-06 16:17:45 +02:00
|
|
|
options.AddPolicy(
|
|
|
|
|
Policies.FirstTimeSetupOrDefault,
|
|
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
|
|
|
|
policy.AddRequirements(new FirstTimeSetupOrDefaultRequirement());
|
|
|
|
|
});
|
2019-11-23 19:43:30 +01:00
|
|
|
options.AddPolicy(
|
2019-11-24 19:25:46 +01:00
|
|
|
Policies.FirstTimeSetupOrElevated,
|
2019-11-23 19:43:30 +01:00
|
|
|
policy =>
|
|
|
|
|
{
|
2019-11-24 19:25:46 +01:00
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
2019-11-23 19:43:30 +01:00
|
|
|
policy.AddRequirements(new FirstTimeSetupOrElevatedRequirement());
|
|
|
|
|
});
|
2020-06-15 20:49:54 +02:00
|
|
|
options.AddPolicy(
|
2020-08-06 16:17:45 +02:00
|
|
|
Policies.IgnoreParentalControl,
|
2020-06-15 20:49:54 +02:00
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
2020-08-06 16:17:45 +02:00
|
|
|
policy.AddRequirements(new IgnoreParentalControlRequirement());
|
|
|
|
|
});
|
|
|
|
|
options.AddPolicy(
|
2020-08-07 01:59:48 +02:00
|
|
|
Policies.FirstTimeSetupOrIgnoreParentalControl,
|
2020-08-06 16:17:45 +02:00
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
2020-08-07 01:59:48 +02:00
|
|
|
policy.AddRequirements(new FirstTimeOrIgnoreParentalControlSetupRequirement());
|
2020-06-15 20:49:54 +02:00
|
|
|
});
|
|
|
|
|
options.AddPolicy(
|
|
|
|
|
Policies.LocalAccessOnly,
|
|
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
|
|
|
|
policy.AddRequirements(new LocalAccessRequirement());
|
|
|
|
|
});
|
2020-08-06 16:17:45 +02:00
|
|
|
options.AddPolicy(
|
|
|
|
|
Policies.LocalAccessOrRequiresElevation,
|
|
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
|
|
|
|
policy.AddRequirements(new LocalAccessOrRequiresElevationRequirement());
|
|
|
|
|
});
|
2020-06-15 20:49:54 +02:00
|
|
|
options.AddPolicy(
|
|
|
|
|
Policies.RequiresElevation,
|
|
|
|
|
policy =>
|
|
|
|
|
{
|
|
|
|
|
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
|
|
|
|
|
policy.AddRequirements(new RequiresElevationRequirement());
|
|
|
|
|
});
|
2019-11-23 19:43:30 +01:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-23 20:31:17 +01:00
|
|
|
/// <summary>
|
|
|
|
|
/// Adds custom legacy authentication to the service collection.
|
|
|
|
|
/// </summary>
|
|
|
|
|
/// <param name="serviceCollection">The service collection.</param>
|
|
|
|
|
/// <returns>The updated service collection.</returns>
|
2019-11-23 19:43:30 +01:00
|
|
|
public static AuthenticationBuilder AddCustomAuthentication(this IServiceCollection serviceCollection)
|
|
|
|
|
{
|
2019-11-24 19:25:46 +01:00
|
|
|
return serviceCollection.AddAuthentication(AuthenticationSchemes.CustomAuthentication)
|
|
|
|
|
.AddScheme<AuthenticationSchemeOptions, CustomAuthenticationHandler>(AuthenticationSchemes.CustomAuthentication, null);
|
2019-11-23 19:43:30 +01:00
|
|
|
}
|
|
|
|
|
|
2019-11-23 20:31:17 +01:00
|
|
|
/// <summary>
|
|
|
|
|
/// Extension method for adding the jellyfin API to the service collection.
|
|
|
|
|
/// </summary>
|
|
|
|
|
/// <param name="serviceCollection">The service collection.</param>
|
|
|
|
|
/// <param name="baseUrl">The base url for the API.</param>
|
|
|
|
|
/// <returns>The MVC builder.</returns>
|
2019-11-23 19:43:30 +01:00
|
|
|
public static IMvcBuilder AddJellyfinApi(this IServiceCollection serviceCollection, string baseUrl)
|
|
|
|
|
{
|
2020-06-01 19:03:08 +02:00
|
|
|
return serviceCollection
|
|
|
|
|
.AddCors(options =>
|
|
|
|
|
{
|
|
|
|
|
options.AddPolicy(ServerCorsPolicy.DefaultPolicyName, ServerCorsPolicy.DefaultPolicy);
|
|
|
|
|
})
|
2020-06-17 16:05:30 +02:00
|
|
|
.Configure<ForwardedHeadersOptions>(options =>
|
|
|
|
|
{
|
|
|
|
|
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
|
|
|
|
|
})
|
2020-06-01 19:03:08 +02:00
|
|
|
.AddMvc(opts =>
|
2019-11-23 19:43:30 +01:00
|
|
|
{
|
|
|
|
|
opts.UseGeneralRoutePrefix(baseUrl);
|
2020-04-20 02:10:59 +02:00
|
|
|
opts.OutputFormatters.Insert(0, new CamelCaseJsonProfileFormatter());
|
|
|
|
|
opts.OutputFormatters.Insert(0, new PascalCaseJsonProfileFormatter());
|
2020-06-07 00:51:21 +02:00
|
|
|
|
|
|
|
|
opts.OutputFormatters.Add(new CssOutputFormatter());
|
2020-08-15 18:39:24 +02:00
|
|
|
opts.OutputFormatters.Add(new XmlOutputFormatter());
|
2019-11-23 19:43:30 +01:00
|
|
|
})
|
2019-11-23 20:31:17 +01:00
|
|
|
|
2019-11-23 19:43:30 +01:00
|
|
|
// Clear app parts to avoid other assemblies being picked up
|
|
|
|
|
.ConfigureApplicationPartManager(a => a.ApplicationParts.Clear())
|
|
|
|
|
.AddApplicationPart(typeof(StartupController).Assembly)
|
2020-04-15 08:24:15 +02:00
|
|
|
.AddJsonOptions(options =>
|
2020-04-13 03:17:46 +02:00
|
|
|
{
|
2020-05-21 16:44:15 +02:00
|
|
|
// Update all properties that are set in JsonDefaults
|
2020-06-13 21:11:41 +02:00
|
|
|
var jsonOptions = JsonDefaults.GetPascalCaseOptions();
|
2020-05-21 16:44:15 +02:00
|
|
|
|
|
|
|
|
// From JsonDefaults
|
|
|
|
|
options.JsonSerializerOptions.ReadCommentHandling = jsonOptions.ReadCommentHandling;
|
|
|
|
|
options.JsonSerializerOptions.WriteIndented = jsonOptions.WriteIndented;
|
2020-08-23 15:48:12 +02:00
|
|
|
options.JsonSerializerOptions.IgnoreNullValues = jsonOptions.IgnoreNullValues;
|
|
|
|
|
|
2020-05-21 16:44:15 +02:00
|
|
|
options.JsonSerializerOptions.Converters.Clear();
|
|
|
|
|
foreach (var converter in jsonOptions.Converters)
|
|
|
|
|
{
|
|
|
|
|
options.JsonSerializerOptions.Converters.Add(converter);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// From JsonDefaults.PascalCase
|
|
|
|
|
options.JsonSerializerOptions.PropertyNamingPolicy = jsonOptions.PropertyNamingPolicy;
|
2020-04-13 03:17:46 +02:00
|
|
|
})
|
2019-11-23 19:43:30 +01:00
|
|
|
.AddControllersAsServices();
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-23 20:31:17 +01:00
|
|
|
/// <summary>
|
|
|
|
|
/// Adds Swagger to the service collection.
|
|
|
|
|
/// </summary>
|
|
|
|
|
/// <param name="serviceCollection">The service collection.</param>
|
|
|
|
|
/// <returns>The updated service collection.</returns>
|
2019-11-23 19:43:30 +01:00
|
|
|
public static IServiceCollection AddJellyfinApiSwagger(this IServiceCollection serviceCollection)
|
|
|
|
|
{
|
|
|
|
|
return serviceCollection.AddSwaggerGen(c =>
|
|
|
|
|
{
|
2020-06-12 22:37:55 +02:00
|
|
|
c.SwaggerDoc("api-docs", new OpenApiInfo { Title = "Jellyfin API", Version = "v1" });
|
2020-06-01 19:12:33 +02:00
|
|
|
c.AddSecurityDefinition(AuthenticationSchemes.CustomAuthentication, new OpenApiSecurityScheme
|
|
|
|
|
{
|
|
|
|
|
Type = SecuritySchemeType.ApiKey,
|
|
|
|
|
In = ParameterLocation.Header,
|
|
|
|
|
Name = "X-Emby-Token",
|
|
|
|
|
Description = "API key header parameter"
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
var securitySchemeRef = new OpenApiSecurityScheme
|
|
|
|
|
{
|
|
|
|
|
Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = AuthenticationSchemes.CustomAuthentication },
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// TODO: Apply this with an operation filter instead of globally
|
|
|
|
|
// https://github.com/domaindrivendev/Swashbuckle.AspNetCore#add-security-definitions-and-requirements
|
|
|
|
|
c.AddSecurityRequirement(new OpenApiSecurityRequirement
|
|
|
|
|
{
|
|
|
|
|
{ securitySchemeRef, Array.Empty<string>() }
|
|
|
|
|
});
|
2020-04-19 19:24:32 +02:00
|
|
|
|
|
|
|
|
// Add all xml doc files to swagger generator.
|
|
|
|
|
var xmlFiles = Directory.GetFiles(
|
|
|
|
|
AppContext.BaseDirectory,
|
|
|
|
|
"*.xml",
|
|
|
|
|
SearchOption.TopDirectoryOnly);
|
|
|
|
|
|
|
|
|
|
foreach (var xmlFile in xmlFiles)
|
|
|
|
|
{
|
|
|
|
|
c.IncludeXmlComments(xmlFile);
|
|
|
|
|
}
|
2020-04-27 07:28:32 +02:00
|
|
|
|
|
|
|
|
// Order actions by route path, then by http method.
|
|
|
|
|
c.OrderActionsBy(description =>
|
2020-06-26 01:44:11 +02:00
|
|
|
$"{description.ActionDescriptor.RouteValues["controller"]}_{description.RelativePath}");
|
2020-05-08 16:40:37 +02:00
|
|
|
|
|
|
|
|
// Use method name as operationId
|
2020-08-03 22:38:51 +02:00
|
|
|
c.CustomOperationIds(
|
|
|
|
|
description =>
|
|
|
|
|
{
|
|
|
|
|
description.TryGetMethodInfo(out MethodInfo methodInfo);
|
|
|
|
|
// Attribute name, method name, none.
|
|
|
|
|
return description?.ActionDescriptor?.AttributeRouteInfo?.Name
|
|
|
|
|
?? methodInfo?.Name
|
|
|
|
|
?? null;
|
|
|
|
|
});
|
2020-06-02 19:47:00 +02:00
|
|
|
|
|
|
|
|
// TODO - remove when all types are supported in System.Text.Json
|
|
|
|
|
c.AddSwaggerTypeMappings();
|
2019-11-23 19:43:30 +01:00
|
|
|
});
|
|
|
|
|
}
|
2020-06-02 19:47:00 +02:00
|
|
|
|
|
|
|
|
private static void AddSwaggerTypeMappings(this SwaggerGenOptions options)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* TODO remove when System.Text.Json supports non-string keys.
|
|
|
|
|
* Used in Jellyfin.Api.Controller.GetChannels.
|
|
|
|
|
*/
|
|
|
|
|
options.MapType<Dictionary<ImageType, string>>(() =>
|
|
|
|
|
new OpenApiSchema
|
|
|
|
|
{
|
|
|
|
|
Type = "object",
|
|
|
|
|
Properties = typeof(ImageType).GetEnumNames().ToDictionary(
|
|
|
|
|
name => name,
|
|
|
|
|
name => new OpenApiSchema
|
|
|
|
|
{
|
|
|
|
|
Type = "string",
|
|
|
|
|
Format = "string"
|
|
|
|
|
})
|
|
|
|
|
});
|
2020-06-19 12:24:39 +02:00
|
|
|
|
2020-06-19 15:49:44 +02:00
|
|
|
/*
|
|
|
|
|
* Support BlurHash dictionary
|
|
|
|
|
*/
|
2020-06-19 12:24:39 +02:00
|
|
|
options.MapType<Dictionary<ImageType, Dictionary<string, string>>>(() =>
|
|
|
|
|
new OpenApiSchema
|
|
|
|
|
{
|
|
|
|
|
Type = "object",
|
|
|
|
|
Properties = typeof(ImageType).GetEnumNames().ToDictionary(
|
|
|
|
|
name => name,
|
|
|
|
|
name => new OpenApiSchema
|
|
|
|
|
{
|
2020-06-19 15:49:44 +02:00
|
|
|
Type = "object", Properties = new Dictionary<string, OpenApiSchema>
|
|
|
|
|
{
|
|
|
|
|
{
|
|
|
|
|
"string",
|
|
|
|
|
new OpenApiSchema
|
|
|
|
|
{
|
|
|
|
|
Type = "string",
|
|
|
|
|
Format = "string"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-06-19 12:24:39 +02:00
|
|
|
})
|
|
|
|
|
});
|
2020-06-02 19:47:00 +02:00
|
|
|
}
|
2019-11-23 19:43:30 +01:00
|
|
|
}
|
|
|
|
|
}
|
