Merge pull request #7 from tidusjar/develop

Bringing develop up to date

src/Ombi.Api.Mattermost/Ombi.Api.Mattermost.csproj

@@ -9,7 +9,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
+    <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
   </ItemGroup>
 
   <ItemGroup>

src/Ombi.Api.Plex/IPlexApi.cs

@@ -1,6 +1,8 @@
-using System.Threading.Tasks;
+using System;
+using System.Threading.Tasks;
 using Ombi.Api.Plex.Models;
 using Ombi.Api.Plex.Models.Friends;
+using Ombi.Api.Plex.Models.OAuth;
 using Ombi.Api.Plex.Models.Server;
 using Ombi.Api.Plex.Models.Status;
 
@@ -20,5 +22,8 @@ public interface IPlexApi
         Task<PlexFriends> GetUsers(string authToken);
         Task<PlexAccount> GetAccount(string authToken);
         Task<PlexMetadata> GetRecentlyAdded(string authToken, string uri, string sectionId);
+        Task<OAuthPin> CreatePin();
+        Task<OAuthPin> GetPin(int pinId);
+        Uri GetOAuthUrl(int pinId, string code, string applicationUrl, bool wizard);
     }
 }

src/Ombi.Api.Plex/Models/OAuth/OAuthPin.cs

@@ -0,0 +1,27 @@
+using System;
+
+namespace Ombi.Api.Plex.Models.OAuth
+{
+    public class OAuthPin
+    {
+        public int id { get; set; }
+        public string code { get; set; }
+        public bool trusted { get; set; }
+        public string clientIdentifier { get; set; }
+        public Location location { get; set; }
+        public int expiresIn { get; set; }
+        public DateTime createdAt { get; set; }
+        public DateTime expiresAt { get; set; }
+        public string authToken { get; set; }
+    }
+
+    public class Location
+    {
+        public string code { get; set; }
+        public string country { get; set; }
+        public string city { get; set; }
+        public string subdivisions { get; set; }
+        public string coordinates { get; set; }
+    }
+
+}

src/Ombi.Api.Plex/PlexApi.cs

@@ -1,20 +1,53 @@
-using System.Net.Http;
+using System;
+using System.Net.Http;
+using System.Reflection;
 using System.Threading.Tasks;
 using Ombi.Api.Plex.Models;
 using Ombi.Api.Plex.Models.Friends;
+using Ombi.Api.Plex.Models.OAuth;
 using Ombi.Api.Plex.Models.Server;
 using Ombi.Api.Plex.Models.Status;
+using Ombi.Core.Settings;
+using Ombi.Core.Settings.Models.External;
+using Ombi.Helpers;
+using Ombi.Settings.Settings.Models;
 
 namespace Ombi.Api.Plex
 {
     public class PlexApi : IPlexApi
     {
-        public PlexApi(IApi api)
+        public PlexApi(IApi api, ISettingsService<CustomizationSettings> settings)
         {
             Api = api;
+            _custom = settings;
         }
 
         private IApi Api { get; }
+        private readonly ISettingsService<CustomizationSettings> _custom;
+
+        private string _app;
+        private string ApplicationName
+        {
+            get
+            {
+                if (string.IsNullOrEmpty(_app))
+                {
+                    var settings = _custom.GetSettings();
+                    if (settings.ApplicationName.IsNullOrEmpty())
+                    {
+                        _app = "Ombi";
+                    }
+                    else
+                    {
+                        _app = settings.ApplicationName;
+                    }
+
+                    return _app;
+                }
+
+                return _app;
+            }
+        }
 
         private const string SignInUri = "https://plex.tv/users/sign_in.json";
         private const string FriendsUri = "https://plex.tv/pms/friends/all";
@@ -156,6 +189,50 @@ public async Task<PlexMetadata> GetRecentlyAdded(string authToken, string uri, s
             return await Api.Request<PlexMetadata>(request);
         }
 
+        public async Task<OAuthPin> CreatePin()
+        {
+            var request = new Request($"api/v2/pins", "https://plex.tv/", HttpMethod.Post);
+            request.AddQueryString("strong", "true");
+            AddHeaders(request);
+
+            return await Api.Request<OAuthPin>(request);
+        }
+
+        public async Task<OAuthPin> GetPin(int pinId)
+        {
+            var request = new Request($"api/v2/pins/{pinId}", "https://plex.tv/", HttpMethod.Get);
+            AddHeaders(request);
+
+            return await Api.Request<OAuthPin>(request);
+        }
+
+        public Uri GetOAuthUrl(int pinId, string code, string applicationUrl, bool wizard)
+        {
+            var request = new Request("auth#", "https://app.plex.tv", HttpMethod.Get);
+            AddHeaders(request);
+            var forwardUrl = wizard 
+                ? new Request($"Wizard/OAuth/{pinId}", applicationUrl, HttpMethod.Get) 
+                : new Request($"Login/OAuth/{pinId}", applicationUrl, HttpMethod.Get);
+
+            request.AddQueryString("forwardUrl", forwardUrl.FullUri.ToString());
+            request.AddQueryString("pinID", pinId.ToString());
+            request.AddQueryString("code", code);
+            request.AddQueryString("context[device][product]", "Ombi");
+            request.AddQueryString("context[device][environment]", "bundled");
+            request.AddQueryString("clientID", $"OmbiV3");
+
+            if (request.FullUri.Fragment.Equals("#"))
+            {
+                var uri = request.FullUri.ToString();
+                var withoutEnd = uri.Remove(uri.Length - 1, 1);
+                var startOfQueryLocation = withoutEnd.IndexOf('?');
+                var better = withoutEnd.Insert(startOfQueryLocation, "#");
+                request.FullUri = new Uri(better);
+            }
+
+            return request.FullUri;
+        }
+
         /// <summary>
         /// Adds the required headers and also the authorization header
         /// </summary>
@@ -174,7 +251,7 @@ private void AddHeaders(Request request, string authToken)
         private void AddHeaders(Request request)
         {
             request.AddHeader("X-Plex-Client-Identifier", $"OmbiV3");
-            request.AddHeader("X-Plex-Product", "Ombi");
+            request.AddHeader("X-Plex-Product", ApplicationName);
             request.AddHeader("X-Plex-Version", "3");
             request.AddContentHeader("Content-Type", request.ContentType == ContentType.Json ? "application/json" : "application/xml");
             request.AddHeader("Accept", "application/json");

src/Ombi.Api.Pushover/PushoverApi.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
 using Ombi.Api.Pushover.Models;
@@ -17,7 +18,7 @@ public PushoverApi(IApi api)
 
         public async Task<PushoverResponse> PushAsync(string accessToken, string message, string userToken)
         {
-            var request = new Request($"messages.json?token={accessToken}&user={userToken}&message={message}", PushoverEndpoint, HttpMethod.Post);
+            var request = new Request($"messages.json?token={accessToken}&user={userToken}&message={WebUtility.HtmlEncode(message)}", PushoverEndpoint, HttpMethod.Post);
 
             var result = await _api.Request<PushoverResponse>(request);
             return result;

src/Ombi.Api/Ombi.Api.csproj

@@ -10,7 +10,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="2.0.1" />
-    <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
+    <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
     <PackageReference Include="Polly" Version="5.8.0" />
     <PackageReference Include="System.Xml.XmlSerializer" Version="4.3.0" />
   </ItemGroup>

src/Ombi.Api/Request.cs

@@ -10,7 +10,7 @@ public class Request
     {
         public Request()
         {
-            
+
         }
 
         public Request(string endpoint, string baseUrl, HttpMethod http, ContentType contentType = ContentType.Json)
@@ -105,10 +105,10 @@ public void AddQueryString(string key, string value)
                 hasQuery = true;
                 startingTag = builder.Query.Contains("?") ? "&" : "?";
             }
-
             builder.Query = hasQuery
                 ? $"{builder.Query}{startingTag}{key}={value}"
                 : $"{startingTag}{key}={value}";
+
             _modified = builder.Uri;
         }
 

src/Ombi.Core/Authentication/PlexOAuthManager.cs

@@ -0,0 +1,76 @@
+using System;
+using System.Threading.Tasks;
+using Ombi.Api.Plex;
+using Ombi.Api.Plex.Models;
+using Ombi.Api.Plex.Models.OAuth;
+using Ombi.Core.Settings;
+using Ombi.Helpers;
+using Ombi.Settings.Settings.Models;
+
+namespace Ombi.Core.Authentication
+{
+    public class PlexOAuthManager : IPlexOAuthManager
+    {
+        public PlexOAuthManager(IPlexApi api, ISettingsService<CustomizationSettings> settings)
+        {
+            _api = api;
+            _customizationSettingsService = settings;
+        }
+
+        private readonly IPlexApi _api;
+        private readonly ISettingsService<CustomizationSettings> _customizationSettingsService;
+
+        public async Task<OAuthPin> RequestPin()
+        {
+            var pin = await _api.CreatePin();
+            return pin;
+        }
+
+        public async Task<string> GetAccessTokenFromPin(int pinId)
+        {
+            var pin = await _api.GetPin(pinId);
+            if (pin.expiresAt < DateTime.UtcNow)
+            {
+                return string.Empty;
+            }
+
+            if (pin.authToken.IsNullOrEmpty())
+            {
+                // Looks like we do not have a pin yet, we should retry a few times.
+                var retryCount = 0;
+                var retryMax = 5;
+                var retryWaitMs = 1000;
+                while (pin.authToken.IsNullOrEmpty() && retryCount < retryMax)
+                {
+                    retryCount++;
+                    await Task.Delay(retryWaitMs);
+                    pin = await _api.GetPin(pinId);
+                }
+            }
+            return pin.authToken;
+        }
+
+        public async Task<PlexAccount> GetAccount(string accessToken)
+        {
+            return await _api.GetAccount(accessToken);
+        }
+
+        public async Task<Uri> GetOAuthUrl(int pinId, string code)
+        {
+            var settings = await _customizationSettingsService.GetSettingsAsync();
+            if (settings.ApplicationUrl.IsNullOrEmpty())
+            {
+                return null;
+            }
+
+            var url = _api.GetOAuthUrl(pinId, code, settings.ApplicationUrl, false);
+            return url;
+        }
+
+        public Uri GetWizardOAuthUrl(int pinId, string code, string websiteAddress)
+        {
+            var url = _api.GetOAuthUrl(pinId, code, websiteAddress, true);
+            return url;
+        }
+    }
+}

src/Ombi.Core/Engine/Interfaces/BaseEngine.cs

@@ -32,14 +32,7 @@ protected BaseEngine(IPrincipal user, OmbiUserManager um, IRuleEvaluator rules)
         private OmbiUser _user;
         protected async Task<OmbiUser> GetUser()
         {
-            if (IsApiUser)
-            {
-                return new OmbiUser
-                {
-                    UserName = Username,
-                };
-            }
-            return _user ?? (_user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName == Username));
+            return _user ?? (_user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(Username, StringComparison.CurrentCultureIgnoreCase)));
         }
 
         protected async Task<string> UserAlias()
@@ -49,10 +42,6 @@ protected async Task<string> UserAlias()
 
         protected async Task<bool> IsInRole(string roleName)
         {
-            if (IsApiUser && roleName != OmbiRoles.Disabled)
-            {
-                return true;
-            }
             return await UserManager.IsInRoleAsync(await GetUser(), roleName);
         }
 
@@ -72,7 +61,5 @@ public async Task<RuleResult> RunSpecificRule(object model, SpecificRules rule)
             var ruleResults = await Rules.StartSpecificRules(model, rule);
             return ruleResults;
         }
-
-        private bool IsApiUser => Username.Equals("Api", StringComparison.CurrentCultureIgnoreCase);
     }
 }