public static IActionResult ConvertToResultFormat(Response response, SubsonicQueryParameters queryParameters) { if (response == null || queryParameters == null) { return(null); } var xmlString = response.SerializeToXml(); switch (queryParameters.Format) { case SubsonicReturnFormat.Json: { return(CreateContentResult(GetJsonResponse(xmlString), "application/json", Encoding.UTF8)); } case SubsonicReturnFormat.Jsonp: { return(CreateContentResult($"{queryParameters.Callback}({GetJsonResponse(xmlString)});", "text/javascript", Encoding.UTF8)); } case SubsonicReturnFormat.Xml: { return(CreateContentResult(xmlString, "text/xml", Encoding.UTF8)); } default: { return(null); } } }
public async Task <AuthorizationContext> AuthorizeRequestAsync(SubsonicQueryParameters parameters, CancellationToken cancellationToken) { var authorizationContext = new AuthorizationContext(); if (parameters == null || string.IsNullOrWhiteSpace(parameters.Username) || string.IsNullOrWhiteSpace(parameters.ClientName)) { authorizationContext.IsAuthorized = false; authorizationContext.ErrorCode = (int)ErrorCode.RequiredParameterMissing; authorizationContext.Status = SubsonicConstants.RequiredParameterIsMissing; return(authorizationContext); } var user = await _metadataRepository.GetUserAsync(parameters.Username, cancellationToken).ConfigureAwait(false); if (user?.Enabled != true) { user?.Dispose(); authorizationContext.IsAuthorized = false; authorizationContext.ErrorCode = (int)ErrorCode.WrongUsernameOrPassword; authorizationContext.Status = SubsonicConstants.WrongUsernameOrPassword; return(authorizationContext); } cancellationToken.ThrowIfCancellationRequested(); var authorizationSuccess = false; if (parameters.Password != null) { authorizationSuccess = SubsonicControllerExtensions.ParsePassword(parameters.Password) == user.Password.DecryptToString(Constants.ResonanceKey); } else if (parameters.AuthenticationToken != null && parameters.Salt != null) { authorizationSuccess = parameters.AuthenticationToken == $"{user.Password.DecryptToString(Constants.ResonanceKey)}{parameters.Salt}".GetHash(HashType.MD5, Encoding.UTF8); } user.Password = null; authorizationContext.User = user; if (!authorizationSuccess) { authorizationContext.IsAuthorized = false; authorizationContext.ErrorCode = (int)ErrorCode.WrongUsernameOrPassword; authorizationContext.Status = SubsonicConstants.WrongUsernameOrPassword; } else { authorizationContext.IsAuthorized = true; if (user.Roles?.Any() != true) { authorizationContext.Roles = await _metadataRepository.GetRolesForUserAsync(user.Id, cancellationToken).ConfigureAwait(false); } else { authorizationContext.Roles = user.Roles; } } return(authorizationContext); }
public static SubsonicQueryParameters GetSubsonicQueryParameters(this HttpRequest request) { return(request.HasFormContentType ? SubsonicQueryParameters.FromCollection(request.Form) : SubsonicQueryParameters.FromCollection(request.Query)); }
public static SubsonicQueryParameters FromCollection(IEnumerable <KeyValuePair <string, StringValues> > collection) { var subsonicQueryParameters = new SubsonicQueryParameters(); Parallel.ForEach(collection, new ParallelOptions { MaxDegreeOfParallelism = Environment.ProcessorCount / 2 }, kvp => { var value = kvp.Value.FirstOrDefault(); if (string.IsNullOrEmpty(value)) { return; } switch (kvp.Key.ToLowerInvariant()) { case "u": subsonicQueryParameters.Username = value; break; case "p": subsonicQueryParameters.Password = value; break; case "t": subsonicQueryParameters.AuthenticationToken = value; break; case "s": subsonicQueryParameters.Salt = value; break; case "v": if (Version.TryParse(value, out var version)) { subsonicQueryParameters.ProtocolVersion = version; } break; case "c": subsonicQueryParameters.ClientName = value; break; case "f": if (Enum.TryParse(value, true, out SubsonicReturnFormat format)) { subsonicQueryParameters.Format = format; } break; case "callback": subsonicQueryParameters.Callback = value; break; } }); return(subsonicQueryParameters); }