Exemplo n.º 1
0
        public static IActionResult ConvertToResultFormat(Response response, SubsonicQueryParameters queryParameters)
        {
            if (response == null || queryParameters == null)
            {
                return(null);
            }

            var xmlString = response.SerializeToXml();

            switch (queryParameters.Format)
            {
            case SubsonicReturnFormat.Json:
            {
                return(CreateContentResult(GetJsonResponse(xmlString), "application/json", Encoding.UTF8));
            }

            case SubsonicReturnFormat.Jsonp:
            {
                return(CreateContentResult($"{queryParameters.Callback}({GetJsonResponse(xmlString)});", "text/javascript", Encoding.UTF8));
            }

            case SubsonicReturnFormat.Xml:
            {
                return(CreateContentResult(xmlString, "text/xml", Encoding.UTF8));
            }

            default:
            {
                return(null);
            }
            }
        }
Exemplo n.º 2
0
        public async Task <AuthorizationContext> AuthorizeRequestAsync(SubsonicQueryParameters parameters, CancellationToken cancellationToken)
        {
            var authorizationContext = new AuthorizationContext();

            if (parameters == null || string.IsNullOrWhiteSpace(parameters.Username) || string.IsNullOrWhiteSpace(parameters.ClientName))
            {
                authorizationContext.IsAuthorized = false;
                authorizationContext.ErrorCode    = (int)ErrorCode.RequiredParameterMissing;
                authorizationContext.Status       = SubsonicConstants.RequiredParameterIsMissing;

                return(authorizationContext);
            }

            var user = await _metadataRepository.GetUserAsync(parameters.Username, cancellationToken).ConfigureAwait(false);

            if (user?.Enabled != true)
            {
                user?.Dispose();

                authorizationContext.IsAuthorized = false;
                authorizationContext.ErrorCode    = (int)ErrorCode.WrongUsernameOrPassword;
                authorizationContext.Status       = SubsonicConstants.WrongUsernameOrPassword;

                return(authorizationContext);
            }

            cancellationToken.ThrowIfCancellationRequested();

            var authorizationSuccess = false;

            if (parameters.Password != null)
            {
                authorizationSuccess = SubsonicControllerExtensions.ParsePassword(parameters.Password) == user.Password.DecryptToString(Constants.ResonanceKey);
            }
            else if (parameters.AuthenticationToken != null && parameters.Salt != null)
            {
                authorizationSuccess = parameters.AuthenticationToken == $"{user.Password.DecryptToString(Constants.ResonanceKey)}{parameters.Salt}".GetHash(HashType.MD5, Encoding.UTF8);
            }

            user.Password = null;

            authorizationContext.User = user;

            if (!authorizationSuccess)
            {
                authorizationContext.IsAuthorized = false;
                authorizationContext.ErrorCode    = (int)ErrorCode.WrongUsernameOrPassword;
                authorizationContext.Status       = SubsonicConstants.WrongUsernameOrPassword;
            }
            else
            {
                authorizationContext.IsAuthorized = true;

                if (user.Roles?.Any() != true)
                {
                    authorizationContext.Roles = await _metadataRepository.GetRolesForUserAsync(user.Id, cancellationToken).ConfigureAwait(false);
                }
                else
                {
                    authorizationContext.Roles = user.Roles;
                }
            }

            return(authorizationContext);
        }
Exemplo n.º 3
0
 public static SubsonicQueryParameters GetSubsonicQueryParameters(this HttpRequest request)
 {
     return(request.HasFormContentType ? SubsonicQueryParameters.FromCollection(request.Form) : SubsonicQueryParameters.FromCollection(request.Query));
 }
        public static SubsonicQueryParameters FromCollection(IEnumerable <KeyValuePair <string, StringValues> > collection)
        {
            var subsonicQueryParameters = new SubsonicQueryParameters();

            Parallel.ForEach(collection, new ParallelOptions {
                MaxDegreeOfParallelism = Environment.ProcessorCount / 2
            }, kvp =>
            {
                var value = kvp.Value.FirstOrDefault();

                if (string.IsNullOrEmpty(value))
                {
                    return;
                }

                switch (kvp.Key.ToLowerInvariant())
                {
                case "u":
                    subsonicQueryParameters.Username = value;
                    break;

                case "p":
                    subsonicQueryParameters.Password = value;
                    break;

                case "t":
                    subsonicQueryParameters.AuthenticationToken = value;
                    break;

                case "s":
                    subsonicQueryParameters.Salt = value;
                    break;

                case "v":
                    if (Version.TryParse(value, out var version))
                    {
                        subsonicQueryParameters.ProtocolVersion = version;
                    }

                    break;

                case "c":
                    subsonicQueryParameters.ClientName = value;
                    break;

                case "f":
                    if (Enum.TryParse(value, true, out SubsonicReturnFormat format))
                    {
                        subsonicQueryParameters.Format = format;
                    }

                    break;

                case "callback":
                    subsonicQueryParameters.Callback = value;
                    break;
                }
            });

            return(subsonicQueryParameters);
        }