jellyfin/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs

using System;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using MediaBrowser.Controller.Authentication;
using MediaBrowser.Controller.Entities;
using MediaBrowser.Model.Cryptography;

namespace Emby.Server.Implementations.Library
{
    public class DefaultAuthenticationProvider : IAuthenticationProvider, IRequiresResolvedUser
    {
        private readonly ICryptoProvider _cryptographyProvider;
        public DefaultAuthenticationProvider(ICryptoProvider cryptographyProvider)
        {
            _cryptographyProvider = cryptographyProvider;
        }

        public string Name => "Default";

        public bool IsEnabled => true;

        // This is dumb and an artifact of the backwards way auth providers were designed.
        // This version of authenticate was never meant to be called, but needs to be here for interface compat
        // Only the providers that don't provide local user support use this
        public Task<ProviderAuthenticationResult> Authenticate(string username, string password)
        {
            throw new NotImplementedException();
        }

        // This is the version that we need to use for local users. Because reasons.
        public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser)
        {
            bool success = false;
            if (resolvedUser == null)
            {
                throw new ArgumentNullException(nameof(resolvedUser));
            }

            // As long as jellyfin supports passwordless users, we need this little block here to accommodate
            if (!HasPassword(resolvedUser) && string.IsNullOrEmpty(password))
            {
                return Task.FromResult(new ProviderAuthenticationResult
                {
                    Username = username
                });
            }

            ConvertPasswordFormat(resolvedUser);
            byte[] passwordbytes = Encoding.UTF8.GetBytes(password);

            PasswordHash readyHash = new PasswordHash(resolvedUser.Password);
            if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id)
                || _cryptographyProvider.DefaultHashMethod == readyHash.Id)
            {
                byte[] calculatedHash = _cryptographyProvider.ComputeHash(readyHash.Id, passwordbytes, readyHash.Salt);

                if (calculatedHash.SequenceEqual(readyHash.Hash))
                {
                    success = true;
                }
            }
            else
            {
                throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}");
            }

            if (!success)
            {
                throw new AuthenticationException("Invalid username or password");
            }

            return Task.FromResult(new ProviderAuthenticationResult
            {
                Username = username
            });
        }

        // This allows us to move passwords forward to the newformat without breaking. They are still insecure, unsalted, and dumb before a password change
        // but at least they are in the new format.
        private void ConvertPasswordFormat(User user)
        {
            if (string.IsNullOrEmpty(user.Password))
            {
                return;
            }

            if (user.Password.IndexOf('$') == -1)
            {
                string hash = user.Password;
                user.Password = string.Format("$SHA1${0}", hash);
            }

            if (user.EasyPassword != null
                && user.EasyPassword.IndexOf('$') == -1)
            {
                string hash = user.EasyPassword;
                user.EasyPassword = string.Format("$SHA1${0}", hash);
            }
        }

        public bool HasPassword(User user)
            => !string.IsNullOrEmpty(user.Password);

        public Task ChangePassword(User user, string newPassword)
        {
            ConvertPasswordFormat(user);

            // This is needed to support changing a no password user to a password user
            if (string.IsNullOrEmpty(user.Password))
            {
                PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
                newPasswordHash.Salt = _cryptographyProvider.GenerateSalt();
                newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;
                newPasswordHash.Hash = GetHashedChangeAuth(newPassword, newPasswordHash);
                user.Password = newPasswordHash.ToString();
                return Task.CompletedTask;
            }

            PasswordHash passwordHash = new PasswordHash(user.Password);
            if (passwordHash.Id == "SHA1"
                && passwordHash.Salt.Length == 0)
            {
                passwordHash.Salt = _cryptographyProvider.GenerateSalt();
                passwordHash.Id = _cryptographyProvider.DefaultHashMethod;
                passwordHash.Hash = GetHashedChangeAuth(newPassword, passwordHash);
            }
            else if (newPassword != null)
            {
                passwordHash.Hash = GetHashed(user, newPassword);
            }

            user.Password = passwordHash.ToString();

            return Task.CompletedTask;
        }

        public void ChangeEasyPassword(User user, string newPassword, string newPasswordHash)
        {
            ConvertPasswordFormat(user);

            if (newPassword != null)
            {
                newPasswordHash = string.Format("$SHA1${0}", GetHashedString(user, newPassword));
            }

            if (string.IsNullOrWhiteSpace(newPasswordHash))
            {
                throw new ArgumentNullException(nameof(newPasswordHash));
            }

            user.EasyPassword = newPasswordHash;
        }

        public string GetEasyPasswordHash(User user)
        {
            // This should be removed in the future. This was added to let user login after
            // Jellyfin 10.3.3 failed to save a well formatted PIN.
            ConvertPasswordFormat(user);

            return string.IsNullOrEmpty(user.EasyPassword)
                ? null
                : PasswordHash.ConvertToByteString(new PasswordHash(user.EasyPassword).Hash);
        }

        internal byte[] GetHashedChangeAuth(string newPassword, PasswordHash passwordHash)
        {
            passwordHash.Hash = Encoding.UTF8.GetBytes(newPassword);
            return _cryptographyProvider.ComputeHash(passwordHash);
        }

        /// <summary>
        /// Gets the hashed string.
        /// </summary>
        public string GetHashedString(User user, string str)
        {
            PasswordHash passwordHash;
            if (string.IsNullOrEmpty(user.Password))
            {
                passwordHash = new PasswordHash(_cryptographyProvider);
            }
            else
            {
                ConvertPasswordFormat(user);
                passwordHash = new PasswordHash(user.Password);
            }

            if (passwordHash.Salt != null)
            {
                // the password is modern format with PBKDF and we should take advantage of that
                passwordHash.Hash = Encoding.UTF8.GetBytes(str);
                return PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash));
            }
            else
            {
                // the password has no salt and should be called with the older method for safety
                return PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash.Id, Encoding.UTF8.GetBytes(str)));
            }
        }

        public byte[] GetHashed(User user, string str)
        {
            PasswordHash passwordHash;
            if (string.IsNullOrEmpty(user.Password))
            {
                passwordHash = new PasswordHash(_cryptographyProvider);
            }
            else
            {
                ConvertPasswordFormat(user);
                passwordHash = new PasswordHash(user.Password);
            }

            if (passwordHash.Salt != null)
            {
                // the password is modern format with PBKDF and we should take advantage of that
                passwordHash.Hash = Encoding.UTF8.GetBytes(str);
                return _cryptographyProvider.ComputeHash(passwordHash);
            }
            else
            {
                // the password has no salt and should be called with the older method for safety
                return _cryptographyProvider.ComputeHash(passwordHash.Id, Encoding.UTF8.GetBytes(str));
            }
        }
    }
}
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`using System;`
			`using System.Linq;`
			`using System.Text;`
			`using System.Threading.Tasks;`
			`using MediaBrowser.Controller.Authentication;`
			`using MediaBrowser.Controller.Entities;`
			`using MediaBrowser.Model.Cryptography;`

			`namespace Emby.Server.Implementations.Library`
			`{`
			`public class DefaultAuthenticationProvider : IAuthenticationProvider, IRequiresResolvedUser`
			`{`
			`private readonly ICryptoProvider _cryptographyProvider;`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`public DefaultAuthenticationProvider(ICryptoProvider cryptographyProvider)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`_cryptographyProvider = cryptographyProvider;`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`

			`public string Name => "Default";`

			`public bool IsEnabled => true;`
Fix pin bug introduced in 10.3.z. The issue is that the new easyPassword format prepends the hash function. This PR extract the hash from "$SHA1$_hash_". 2019-05-12 01:32:20 +02:00
minor style fixes 2019-03-05 08:58:25 +01:00			`// This is dumb and an artifact of the backwards way auth providers were designed.`
			`// This version of authenticate was never meant to be called, but needs to be here for interface compat`
			`// Only the providers that don't provide local user support use this`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`public Task<ProviderAuthenticationResult> Authenticate(string username, string password)`
			`{`
			`throw new NotImplementedException();`
			`}`
Fix pin bug introduced in 10.3.z. The issue is that the new easyPassword format prepends the hash function. This PR extract the hash from "$SHA1$_hash_". 2019-05-12 01:32:20 +02:00
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`// This is the version that we need to use for local users. Because reasons.`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser)`
			`{`
			`bool success = false;`
			`if (resolvedUser == null)`
			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`throw new ArgumentNullException(nameof(resolvedUser));`
added justaman notes, fixed new bug from emty has removals 2019-02-18 10:26:01 +01:00			`}`

Fix login 2019-08-28 14:45:46 +02:00			`// As long as jellyfin supports passwordless users, we need this little block here to accommodate`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (!HasPassword(resolvedUser) && string.IsNullOrEmpty(password))`
added justaman notes, fixed new bug from emty has removals 2019-02-18 10:26:01 +01:00			`{`
			`return Task.FromResult(new ProviderAuthenticationResult`
			`{`
			`Username = username`
			`});`
			`}`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00
			`ConvertPasswordFormat(resolvedUser);`
			`byte[] passwordbytes = Encoding.UTF8.GetBytes(password);`

			`PasswordHash readyHash = new PasswordHash(resolvedUser.Password);`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id)`
			`\|\| _cryptographyProvider.DefaultHashMethod == readyHash.Id)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`byte[] calculatedHash = _cryptographyProvider.ComputeHash(readyHash.Id, passwordbytes, readyHash.Salt);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (calculatedHash.SequenceEqual(readyHash.Hash))`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
			`success = true;`
			`}`
			`}`
			`else`
			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}");`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`

			`if (!success)`
			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`throw new AuthenticationException("Invalid username or password");`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`

			`return Task.FromResult(new ProviderAuthenticationResult`
			`{`
			`Username = username`
			`});`
			`}`

minor style fixes 2019-03-05 08:58:25 +01:00			`// This allows us to move passwords forward to the newformat without breaking. They are still insecure, unsalted, and dumb before a password change`
			`// but at least they are in the new format.`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`private void ConvertPasswordFormat(User user)`
			`{`
fixed logic flip in auth empty check and fixed crypto algo choice 2019-02-28 08:05:12 +01:00			`if (string.IsNullOrEmpty(user.Password))`
minor changes and return to netstandard 2019-02-20 09:00:26 +01:00			`{`
			`return;`
			`}`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (user.Password.IndexOf('$') == -1)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
			`string hash = user.Password;`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 11:41:44 +01:00			`user.Password = string.Format("$SHA1${0}", hash);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`
Fix pin bug introduced in 10.3.z. The issue is that the new easyPassword format prepends the hash function. This PR extract the hash from "$SHA1$_hash_". 2019-05-12 01:32:20 +02:00
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (user.EasyPassword != null`
			`&& user.EasyPassword.IndexOf('$') == -1)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
			`string hash = user.EasyPassword;`
			`user.EasyPassword = string.Format("$SHA1${0}", hash);`
			`}`
			`}`

Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`public bool HasPassword(User user)`
			`=> !string.IsNullOrEmpty(user.Password);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00
			`public Task ChangePassword(User user, string newPassword)`
			`{`
added justaman notes, fixed new bug from emty has removals 2019-02-18 10:26:01 +01:00			`ConvertPasswordFormat(user);`
Fix login 2019-08-28 14:45:46 +02:00
minor style fixes 2019-03-05 08:58:25 +01:00			`// This is needed to support changing a no password user to a password user`
added justaman notes, fixed new bug from emty has removals 2019-02-18 10:26:01 +01:00			`if (string.IsNullOrEmpty(user.Password))`
			`{`
			`PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`newPasswordHash.Salt = _cryptographyProvider.GenerateSalt();`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`newPasswordHash.Hash = GetHashedChangeAuth(newPassword, newPasswordHash);`
added justaman notes, fixed new bug from emty has removals 2019-02-18 10:26:01 +01:00			`user.Password = newPasswordHash.ToString();`
			`return Task.CompletedTask;`
			`}`

made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`PasswordHash passwordHash = new PasswordHash(user.Password);`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (passwordHash.Id == "SHA1"`
			`&& passwordHash.Salt.Length == 0)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`passwordHash.Salt = _cryptographyProvider.GenerateSalt();`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`passwordHash.Id = _cryptographyProvider.DefaultHashMethod;`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`passwordHash.Hash = GetHashedChangeAuth(newPassword, passwordHash);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`
			`else if (newPassword != null)`
			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`passwordHash.Hash = GetHashed(user, newPassword);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`

			`user.Password = passwordHash.ToString();`

			`return Task.CompletedTask;`
			`}`

Format correctly the PIN when updating it 2019-05-25 19:46:55 +02:00			`public void ChangeEasyPassword(User user, string newPassword, string newPasswordHash)`
			`{`
			`ConvertPasswordFormat(user);`

			`if (newPassword != null)`
			`{`
			`newPasswordHash = string.Format("$SHA1${0}", GetHashedString(user, newPassword));`
			`}`

			`if (string.IsNullOrWhiteSpace(newPasswordHash))`
			`{`
			`throw new ArgumentNullException(nameof(newPasswordHash));`
			`}`

			`user.EasyPassword = newPasswordHash;`
			`}`

			`public string GetEasyPasswordHash(User user)`
			`{`
			`// This should be removed in the future. This was added to let user login after`
			`// Jellyfin 10.3.3 failed to save a well formatted PIN.`
			`ConvertPasswordFormat(user);`

			`return string.IsNullOrEmpty(user.EasyPassword)`
			`? null`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`: PasswordHash.ConvertToByteString(new PasswordHash(user.EasyPassword).Hash);`
Format correctly the PIN when updating it 2019-05-25 19:46:55 +02:00			`}`

Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`internal byte[] GetHashedChangeAuth(string newPassword, PasswordHash passwordHash)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`passwordHash.Hash = Encoding.UTF8.GetBytes(newPassword);`
			`return _cryptographyProvider.ComputeHash(passwordHash);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`

			`/// <summary>`
			`/// Gets the hashed string.`
			`/// </summary>`
			`public string GetHashedString(User user, string str)`
			`{`
			`PasswordHash passwordHash;`
minor style fixes 2019-03-05 08:58:25 +01:00			`if (string.IsNullOrEmpty(user.Password))`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
			`passwordHash = new PasswordHash(_cryptographyProvider);`
			`}`
			`else`
			`{`
			`ConvertPasswordFormat(user);`
			`passwordHash = new PasswordHash(user.Password);`
			`}`

Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`if (passwordHash.Salt != null)`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`{`
minor style fixes 2019-03-05 08:58:25 +01:00			`// the password is modern format with PBKDF and we should take advantage of that`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00			`passwordHash.Hash = Encoding.UTF8.GetBytes(str);`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`return PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash));`
			`}`
			`else`
			`{`
minor style fixes 2019-03-05 08:58:25 +01:00			`// the password has no salt and should be called with the older method for safety`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`return PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash.Id, Encoding.UTF8.GetBytes(str)));`
			`}`
			`}`
Streamline authentication proccess 2019-05-21 19:28:34 +02:00
			`public byte[] GetHashed(User user, string str)`
			`{`
			`PasswordHash passwordHash;`
			`if (string.IsNullOrEmpty(user.Password))`
			`{`
			`passwordHash = new PasswordHash(_cryptographyProvider);`
			`}`
			`else`
			`{`
			`ConvertPasswordFormat(user);`
			`passwordHash = new PasswordHash(user.Password);`
			`}`

			`if (passwordHash.Salt != null)`
			`{`
			`// the password is modern format with PBKDF and we should take advantage of that`
			`passwordHash.Hash = Encoding.UTF8.GetBytes(str);`
			`return _cryptographyProvider.ComputeHash(passwordHash);`
			`}`
			`else`
			`{`
			`// the password has no salt and should be called with the older method for safety`
			`return _cryptographyProvider.ComputeHash(passwordHash.Id, Encoding.UTF8.GetBytes(str));`
			`}`
			`}`
made newlines into linux newlines 2019-02-20 10:17:30 +01:00			`}`
			`}`