public static IActionResult ConvertToResultFormat(Response response, SubsonicQueryParameters queryParameters)
{
if (response == null || queryParameters == null)
{
return(null);
}
var xmlString = response.SerializeToXml();
switch (queryParameters.Format)
{
case SubsonicReturnFormat.Json:
{
return(CreateContentResult(GetJsonResponse(xmlString), "application/json", Encoding.UTF8));
}
case SubsonicReturnFormat.Jsonp:
{
return(CreateContentResult($"{queryParameters.Callback}({GetJsonResponse(xmlString)});", "text/javascript", Encoding.UTF8));
}
case SubsonicReturnFormat.Xml:
{
return(CreateContentResult(xmlString, "text/xml", Encoding.UTF8));
}
default:
{
return(null);
}
}
}
public async Task <AuthorizationContext> AuthorizeRequestAsync(SubsonicQueryParameters parameters, CancellationToken cancellationToken)
{
var authorizationContext = new AuthorizationContext();
if (parameters == null || string.IsNullOrWhiteSpace(parameters.Username) || string.IsNullOrWhiteSpace(parameters.ClientName))
{
authorizationContext.IsAuthorized = false;
authorizationContext.ErrorCode = (int)ErrorCode.RequiredParameterMissing;
authorizationContext.Status = SubsonicConstants.RequiredParameterIsMissing;
return(authorizationContext);
}
var user = await _metadataRepository.GetUserAsync(parameters.Username, cancellationToken).ConfigureAwait(false);
if (user?.Enabled != true)
{
user?.Dispose();
authorizationContext.IsAuthorized = false;
authorizationContext.ErrorCode = (int)ErrorCode.WrongUsernameOrPassword;
authorizationContext.Status = SubsonicConstants.WrongUsernameOrPassword;
return(authorizationContext);
}
cancellationToken.ThrowIfCancellationRequested();
var authorizationSuccess = false;
if (parameters.Password != null)
{
authorizationSuccess = SubsonicControllerExtensions.ParsePassword(parameters.Password) == user.Password.DecryptToString(Constants.ResonanceKey);
}
else if (parameters.AuthenticationToken != null && parameters.Salt != null)
{
authorizationSuccess = parameters.AuthenticationToken == $"{user.Password.DecryptToString(Constants.ResonanceKey)}{parameters.Salt}".GetHash(HashType.MD5, Encoding.UTF8);
}
user.Password = null;
authorizationContext.User = user;
if (!authorizationSuccess)
{
authorizationContext.IsAuthorized = false;
authorizationContext.ErrorCode = (int)ErrorCode.WrongUsernameOrPassword;
authorizationContext.Status = SubsonicConstants.WrongUsernameOrPassword;
}
else
{
authorizationContext.IsAuthorized = true;
if (user.Roles?.Any() != true)
{
authorizationContext.Roles = await _metadataRepository.GetRolesForUserAsync(user.Id, cancellationToken).ConfigureAwait(false);
}
else
{
authorizationContext.Roles = user.Roles;
}
}
return(authorizationContext);
}
public static SubsonicQueryParameters GetSubsonicQueryParameters(this HttpRequest request)
{
return(request.HasFormContentType ? SubsonicQueryParameters.FromCollection(request.Form) : SubsonicQueryParameters.FromCollection(request.Query));
}
public static SubsonicQueryParameters FromCollection(IEnumerable <KeyValuePair <string, StringValues> > collection)
{
var subsonicQueryParameters = new SubsonicQueryParameters();
Parallel.ForEach(collection, new ParallelOptions {
MaxDegreeOfParallelism = Environment.ProcessorCount / 2
}, kvp =>
{
var value = kvp.Value.FirstOrDefault();
if (string.IsNullOrEmpty(value))
{
return;
}
switch (kvp.Key.ToLowerInvariant())
{
case "u":
subsonicQueryParameters.Username = value;
break;
case "p":
subsonicQueryParameters.Password = value;
break;
case "t":
subsonicQueryParameters.AuthenticationToken = value;
break;
case "s":
subsonicQueryParameters.Salt = value;
break;
case "v":
if (Version.TryParse(value, out var version))
{
subsonicQueryParameters.ProtocolVersion = version;
}
break;
case "c":
subsonicQueryParameters.ClientName = value;
break;
case "f":
if (Enum.TryParse(value, true, out SubsonicReturnFormat format))
{
subsonicQueryParameters.Format = format;
}
break;
case "callback":
subsonicQueryParameters.Callback = value;
break;
}
});
return(subsonicQueryParameters);
}
