github/Ombi
1
0
Fork 0
mirror of https://github.com/Ombi-app/Ombi.git synced 2025-07-16 02:02:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Made an attempt at PlexOAuth !wip

Browse source
This commit is contained in:
Jamie Rees 2018-04-18 15:11:44 +01:00
parent a837868be5
commit 7bbcb9a626
3 changed files with 97 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

40
src/Ombi/Controllers/PlexOAuthController.cs Normal file
View file

@ -0,0 +1,40 @@
using System.Net;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Http.Internal;
using System.IO;
using System.Text;
namespace Ombi.Controllers
{
[ApiExplorerSettings(IgnoreApi = true)]
[ApiV1]
[AllowAnonymous]
public class PlexOAuthController : Controller
{
[HttpGet]
public IActionResult OAuthCallBack()
{
var bodyStr = "";
var req = Request;
// Allows using several time the stream in ASP.Net Core
req.EnableRewind();
// Arguments: Stream, Encoding, detect encoding, buffer size
// AND, the most important: keep stream opened
using (StreamReader reader
= new StreamReader(req.Body, Encoding.UTF8, true, 1024, true))
{
bodyStr = reader.ReadToEnd();
}
// Rewind, so the core is not lost when it looks the body for the request
req.Body.Position = 0;
// Do your work with bodyStr
return Ok();
}
}
}

95
src/Ombi/Controllers/TokenController.cs
View file

@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Net.Http;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
@ -9,6 +10,7 @@ using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using Ombi.Api;
using Ombi.Core.Authentication;
using Ombi.Helpers;
using Ombi.Models;
@ -62,50 +64,65 @@ namespace Ombi.Controllers
user.EmailLogin = true;
}
// Verify Password
if (await _userManager.CheckPasswordAsync(user, model.Password))
if (!model.UsePlexOAuth)
{
var roles = await _userManager.GetRolesAsync(user);
if (roles.Contains(OmbiRoles.Disabled))
// Verify Password
if (await _userManager.CheckPasswordAsync(user, model.Password))
{
return new UnauthorizedResult();
var roles = await _userManager.GetRolesAsync(user);
if (roles.Contains(OmbiRoles.Disabled))
{
return new UnauthorizedResult();
}
user.LastLoggedIn = DateTime.UtcNow;
await _userManager.UpdateAsync(user);
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(ClaimTypes.Name, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
claims.AddRange(roles.Select(role => new Claim("role", role)));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenAuthenticationOptions.SecretKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
claims: claims,
expires: model.RememberMe ? DateTime.UtcNow.AddDays(7) : DateTime.UtcNow.AddHours(5),
signingCredentials: creds,
audience: "Ombi", issuer: "Ombi"
);
var accessToken = new JwtSecurityTokenHandler().WriteToken(token);
if (model.RememberMe)
{
// Save the token so we can refresh it later
//await _token.CreateToken(new Tokens() {Token = accessToken, User = user});
}
return new JsonResult(new
{
access_token = accessToken,
expiration = token.ValidTo
});
}
}
else
{
// Plex OAuth
// Redirect them to Plex
user.LastLoggedIn = DateTime.UtcNow;
await _userManager.UpdateAsync(user);
var request = new Request("auth", "https://app.plex.tv", HttpMethod.Get);
request.AddQueryString("clientID", "OMBIv3");
request.AddQueryString("forwardUrl", "http://localhost:5000");
request.AddQueryString("context-device-product", "http://localhost:5000");
return new RedirectResult("https://app.plex.tv/auth#?forwardUrl=http://localhost:5000/api/v1/plexoauth&clientID=OMBIv3&context%5Bdevice%5D%5Bproduct%5D=Ombi%20SSO");
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(ClaimTypes.Name, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
claims.AddRange(roles.Select(role => new Claim("role", role)));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenAuthenticationOptions.SecretKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
claims: claims,
expires: model.RememberMe ? DateTime.UtcNow.AddDays(7) : DateTime.UtcNow.AddHours(5),
signingCredentials: creds,
audience: "Ombi", issuer:"Ombi"
);
var accessToken = new JwtSecurityTokenHandler().WriteToken(token);
if (model.RememberMe)
{
// Save the token so we can refresh it later
//await _token.CreateToken(new Tokens() {Token = accessToken, User = user});
}
return new JsonResult(new
{
access_token = accessToken,
expiration = token.ValidTo
});
}
return new UnauthorizedResult();

1
src/Ombi/Models/UserAuthModel.cs
View file

@ -6,5 +6,6 @@
public string Password { get; set; }
public bool RememberMe { get; set; }
public bool UsePlexAdminAccount { get; set; }
public bool UsePlexOAuth { get; set; }
}
}